0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="027009006f786e6574302d232f70726f6300") 03:38:26 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1, 0x0, 0x0, 0x1000000000000}, 0x0) 03:38:26 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x84081, 0x0) ioctl$TIOCPKT(r2, 0x5420, &(0x7f0000000040)=0x4) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020300090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x0) 03:38:26 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000280)='\'usertrustedlo[\x00'}, 0x10) setsockopt$IPT_SO_SET_ADD_COUNTERS(r3, 0x0, 0x41, &(0x7f0000000300)={'nat\x00', 0x4, [{}, {}, {}, {}]}, 0x68) r4 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x80, 0x0) ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffff9c, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0x1, &(0x7f00000000c0)={0xffffffff}, 0x106, 0x100b}}, 0x20) write$RDMA_USER_CM_CMD_QUERY_ROUTE(r4, &(0x7f00000001c0)={0x5, 0x10, 0xfa00, {&(0x7f0000000500), r5, 0x3}}, 0x18) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, &(0x7f0000000040)="f2446eb960000000b800000100ba000000000f30c74424000f000000c7442402eeae5562c7442406000000000f011c248f4848ed0b6dc4e1fa109df8ffffff400fc79ef000000066b82e010f00d8260f412dfc8700000f01cac442fd21de", 0x5e}], 0x1, 0x0, &(0x7f00000002c0), 0x0) r6 = memfd_create(&(0x7f0000000140)='#em1#+\x00', 0x0) ioctl$KVM_GET_CPUID2(r6, 0xc008ae91, &(0x7f0000000240)={0x1, 0x0, [{}]}) write(r6, &(0x7f0000000040)="06", 0x1) sendfile(r6, r6, &(0x7f0000001000), 0xffff) mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x80000000004, 0x11, r6, 0x0) ioctl$KVM_GET_CPUID2(r2, 0xc008ae91, &(0x7f0000000100)=ANY=[@ANYBLOB="2119f530d076be71ca7939102006f62a02fe0000000000"]) 03:38:26 executing program 7: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cts(cbc(blowfish))\x00'}, 0x58) r1 = accept$alg(r0, 0x0, 0x0) recvmsg(r1, &(0x7f00000012c0)={&(0x7f0000f7ffa8)=@alg, 0x80, &(0x7f0000000140)=[{&(0x7f0000000200)=""/4096, 0x7ffff000}], 0x1, &(0x7f0000001240)=""/87, 0xfffffffffffffebc}, 0x0) 03:38:26 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020040006f786e6574302d232f70726f6300") 03:38:26 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1, 0x0, 0x0, 0xffffff7f00000000}, 0x0) 03:38:27 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) pipe2(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x7fffd) setsockopt$RDS_FREE_MR(r1, 0x114, 0x3, &(0x7f00000000c0)={{0x7fff, 0x1}}, 0x10) setsockopt$XDP_UMEM_FILL_RING(r2, 0x11b, 0x5, &(0x7f0000000080)=0x4000, 0x4) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x5, &(0x7f0000001000)=ANY=[@ANYBLOB="bf16000000000000b70700000100e0dd2800000000000000bf700000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48) 03:38:27 executing program 7: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) connect$inet(r0, &(0x7f0000ccb000)={0x2, 0x4e20, @empty=0x700000000000000}, 0x10) recvmsg(r0, &(0x7f00000027c0)={&(0x7f0000000080)=@in={0x0, 0x0, @multicast1}, 0x80, &(0x7f00000026c0)=[{&(0x7f00000016c0)=""/4096, 0x1000}], 0x1, &(0x7f0000002740)=""/88, 0x58}, 0x0) recvmsg(r0, &(0x7f0000000680)={&(0x7f0000000000)=@generic, 0x80, &(0x7f0000000100), 0x0, &(0x7f0000000580)=""/223, 0xdf}, 0x102) write$binfmt_aout(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="9ded5c5c44239a5f018ef88154561dccc75cee55964b15a3878d040a481a4fe3a5"], 0x1) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000080)="66b9500200000f32ba4200b000eef30f51b40a000f20d86635200000000f22d8c1117b0f01ca0f01ca0f01cad166320f20e06635000002000f22e0", 0x3b}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000003c0)=ANY=[@ANYBLOB="01000000000000070100000000000001feffff0800001b"]) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYRES32]) ioctl$KVM_RUN(r3, 0xae80, 0x0) connect$unix(r0, &(0x7f0000000140)=@file={0x0, './file0\x00'}, 0x6e) 03:38:27 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020048006f786e6574302d232f70726f6300") 03:38:27 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8915, &(0x7f0000000340)="7000000000000000000000d1bd1ccf106260ed59ee3a393fb0fe0921757c31ecc1f91c60300016bd4ad6d4d4b038a3962d4fd838e39a16e8704b7d2eaab80b61ea1e414b9d03351033ebc55645d697c952f92655a04f69eafee3ed487780fce780fe760e3874b8a5424f883ee7420e54c0ed7d8e2e207430a76d851433c64b7af46392b9a6a699273c69c2d3ae4b3fb7fdf67f5704a670ec82e0b82e8419bdb7ecb2b83017664172915c3a12ed12bcf69fe4dd56b6bd744e60f36361a900d12e06b8a7e5e109276d79dfeb7357af16903fd2a80aa3855ed42ac2c388cbaef2b0800378f6dabdd7a7852ba04487fd310e91285d1d7d3ac348577a1a6d7a4e7460edafe737e0b97dd3e73591f7d7590c685914") r1 = socket$unix(0x1, 0x1, 0x0) bind$unix(r1, &(0x7f0000000080)=@file={0x1, "e91f7189591e9233614b00"}, 0x6e) ioctl$sock_proto_private(r1, 0x89e0, &(0x7f0000000000)) 03:38:27 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vcs\x00', 0x18300, 0x0) ioctl$VHOST_GET_VRING_ENDIAN(r1, 0x4008af14, &(0x7f00000001c0)={0x2, 0x5}) ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r1, 0xc0045520, &(0x7f0000000140)=0x5) r2 = fcntl$dupfd(r1, 0x406, r0) write$P9_RLOPEN(r2, &(0x7f0000000000)={0x18, 0xd, 0x1, {{0x94, 0x1, 0x2}, 0xaf}}, 0x18) recvmmsg(r0, &(0x7f0000003f80)=[{{&(0x7f0000000080)=@can, 0x80, &(0x7f00000001c0)}}], 0x1, 0x0, &(0x7f0000004000)={0x77359400}) sendmsg$nl_route_sched(r0, &(0x7f0000005a00)={&(0x7f0000000180)={0x10}, 0xc, &(0x7f00000059c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="2400000026000102000000000000000000000000", @ANYBLOB="9265aa"], 0x2}, 0x1}, 0x0) 03:38:27 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) 03:38:27 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020300090c000000fffffffbffffffff02001300020000000000fcff91aa3a034bffff0000030006000000000002004e20e00000ffffff00000002000000000305000000000002004e20e00000a0ea863accd2ce5ea2000800000000000000"], 0x60}, 0x1}, 0x0) 03:38:27 executing program 6: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000740)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000013e95), 0x4) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000140)={0x0, @in6={{0x2, 0x0, 0x0, @mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f4], 0x1}}}}, 0x98) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000140)=0xd) close(r0) 03:38:27 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="02007a006f786e6574302d232f70726f6300") 03:38:27 executing program 2: r0 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, &(0x7f0000000000)) mq_timedreceive(r0, &(0x7f00000004c0)=""/240, 0xf0, 0x0, &(0x7f00000005c0)={0x0, 0x989680}) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000040)={0xffffffffffffffff}) setsockopt$IP_VS_SO_SET_EDIT(r1, 0x0, 0x483, &(0x7f0000000080)={0x88, @broadcast=0xffffffff, 0x4e24, 0x3, 'sh\x00', 0x1, 0x1, 0x17}, 0x2c) 03:38:27 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) setsockopt$inet_sctp_SCTP_INITMSG(r2, 0x84, 0x2, &(0x7f0000000040)={0x7, 0x1, 0x1, 0xffff000000000000}, 0x8) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020300090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x0) 03:38:27 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) 03:38:27 executing program 1: r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x9, 0x0) setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000140)='tls\x00', 0x4) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_MRT6_DEL_MFC(r1, 0x29, 0xca, &(0x7f0000000080)={{0xa, 0x0, 0x2, @ipv4={[], [0xff, 0xff], @broadcast=0xffffffff}}, {0xa, 0x0, 0x9, @mcast2={0xff, 0x2, [], 0x1}, 0x1}, 0x4, [0x0, 0x80, 0x0, 0x100, 0x1000000000000000]}, 0xffffffffffffffd5) 03:38:27 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer2\x00', 0x44000, 0x0) ioctl$GIO_FONTX(r1, 0x4b6b, &(0x7f0000000680)=""/4096) ioctl(r0, 0xed0, &(0x7f0000000100)="025cc83d6d345f8f762070") r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000640)='/dev/net/tun\x00', 0x0, 0x0) setsockopt$IP_VS_SO_SET_DELDEST(r1, 0x0, 0x488, &(0x7f0000000140)={{0x87, @remote={0xac, 0x14, 0x14, 0xbb}, 0x4e21, 0x0, 'fo\x00', 0x855ef4710e29d131, 0x100000001, 0x16}, {@remote={0xac, 0x14, 0x14, 0xbb}, 0x4e21, 0x0, 0x401, 0x3ff, 0x100}}, 0x44) r3 = fcntl$dupfd(r2, 0x406, r0) openat$cgroup_ro(r3, &(0x7f0000000000)='cpuacct.usage_percpu\x00', 0x0, 0x0) setsockopt$inet6_tcp_TCP_FASTOPEN_KEY(r3, 0x6, 0x21, &(0x7f0000000080)="62cbff1aedb4b5e892ca95295cd884f6", 0x10) setsockopt$IP_VS_SO_SET_DELDEST(r1, 0x0, 0x488, &(0x7f00000001c0)={{0x7c, @multicast1=0xe0000001, 0x4e24, 0x0, 'nq\x00', 0x20, 0x8, 0x1a}, {@remote={0xac, 0x14, 0x14, 0xbb}, 0x4e22, 0x0, 0x1, 0x4, 0x7}}, 0x44) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={"00ac720000000000ec973f820f7c4000", 0x102}) ioctl$TUNSETLINK(r2, 0x400454cd, 0xc) 03:38:27 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020500006f786e6574302d232f70726f6300") 03:38:27 executing program 1: bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x84, 0x3}, 0xffffffffffffffbe) bpf$PROG_LOAD(0x5, &(0x7f00000ba000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18}, [@alu={0x7}], {0x95}}, &(0x7f000031cff6)='syzkaller\x00', 0x5c6e, 0x220, &(0x7f00001a7f05)=""/251}, 0x48) r0 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x7, 0x40) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r0, 0x4008240b, &(0x7f0000000040)={0x0, 0x70, 0x1f, 0x3, 0x7ff, 0x6, 0x0, 0x3, 0x20, 0x2, 0x4c5, 0x6, 0x1f, 0x9, 0x4, 0x3, 0xb0b, 0x0, 0x7, 0xfffffffffffffff9, 0xffffffff7fffffff, 0x4, 0xffffffffffffffc0, 0x315b, 0x800, 0x7fffffff, 0x5, 0x10000, 0x100000000, 0x9, 0xfeb, 0x4, 0x4, 0x80, 0x2, 0x2, 0x5, 0x4, 0x0, 0x0, 0x7, @perf_config_ext={0x6, 0x1}, 0x20, 0x2, 0x800, 0x6, 0x3, 0x1, 0x80}) r1 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000100)={0x73, 0x79, 0x7a, 0x1}, 0x0, 0x0, 0xfffffffffffffff9) keyctl$describe(0x6, r1, &(0x7f0000000140)=""/25, 0x19) 03:38:27 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020300090c000000ffffffffff7be135b90dbd088a98e796ffffff02001300026862ac38f5f578adc343c9520000000000fcff0002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20"], 0x60}, 0x1}, 0x0) r2 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000)='/dev/uinput\x00', 0x141000, 0x0) ioctl$VHOST_SET_OWNER(r2, 0xaf01, 0x0) 03:38:28 executing program 7: r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt(r0, 0xff, 0x0, &(0x7f0000000040), 0x0) read(r0, &(0x7f0000000000)=""/116, 0x74) 03:38:28 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) recvmmsg(r0, &(0x7f0000003f80)=[{{&(0x7f0000000080)=@can, 0x80, &(0x7f00000001c0)}}], 0x1, 0x0, &(0x7f0000004000)={0x77359400}) r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x200000, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(r1, 0xc08c5335, &(0x7f00000001c0)={0x1, 0x1000, 0x9, 'queue0\x00', 0x3}) sendmsg$nl_route_sched(r0, &(0x7f0000005a00)={&(0x7f0000000180)={0x10}, 0xc, &(0x7f00000059c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="2400000026000102000000000000000000000000", @ANYBLOB="00000000bd"], 0x2}, 0x1}, 0x0) getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r1, 0x84, 0x1b, &(0x7f0000000280)={0x0, 0x1000, "c5d58e28dffd17b69a9a369c0026577ece2ae8bfb3294d826bd1c742c64c36b6308d798d8363f27bab9c73a2b4fb296a5004f4652d81d78d91fb45e08bf65916e3fe39750ee9d039a0e23508a59c2ee87bd3d1588dfd5412855b4d087fe1df21f6694c5efa886774bf561f345dcfd9db38ab104f849da4df987acfa3f704774017ba907768053352eacbe63dc84754143f4db7e185ebb3d182dcc6fd399a507e1fc902bd3be257b4cc70551d1402014ef9a391fcc6472ec6eb182441939dd9309ef043b075c87d79e11507694e57df1370a604ea57ed3fcc6eacc25f6e2f42c059b0f0e35bc60cf06774bdc4fdcda0927fa1e73f263abd08e867e997450ef9dbee218670ed2f12b987215086907cf738a65e5f16783706b914eed556a0392c59952ee453e7cc2e68bcf0dbb419ed9b0b89ea900d6aabb2d0f73bcba1e33a3ae17022483da8dc9a9fe74fca8ea0f256128f3d843d279db7cab18cc16e92c2be31ec2ebadffc99450592298f64b158216e8647431db7c4a775dd3ea8286c9651265407dc6b91b61b41ec5186f5f749740aa5c15de12bccf729559c3d5ca40404bbfbba7acdcdf100ac1c0619f36ae212cbad81036081a05f2bd3e003a46805b7423a3918f0356ee25535e71cc1725d7b4ead3406676fb0d6234a1b156b625a68f7ad19b2bda7a0611a21d8c1cf4f8865b224c752f5124e28204fd4ff1211406da707f9a5bfd412ea7bb6ba3491d00478d2c9d10aaca9d46d5beee75123cf79f993dad4b1c7dd6cc96d461ce98cfab2a34b1c6735b9a3a590e24352c7fd74b8b7c45d3ecbda489b3d5cb08081678dbf94cc759c48ab8459b5d243b25593190b251be71e66633b3f535265e729c294ea418c5cd5ee6e094a1cb0d6596c56b0e70e51fc00d4c680aa3f521151e05c249600a22b496d09ed6943ad3d313212eb515f5809df376bcafc06980c8ba5e2f8d3ec808fcd1307ca220385076a0e98d44a030834fadffee8e8151e81f315617442e0f0ee4a889c8eda4d7ad0048b14c6e99e92083eab6f6da303c1ee3059ddb2b76fa84564fb38a95b71e3f6e7d6fb6a9f06847b26858ed76902f490a5f11415128f674a99f66b0602d8d693dbfcc82eaa3516c20d817f75274e4e71f5509f7aaf8c6939debf08b41d393819087b57bc3c73fcfb0c4a907fb095f7560017c5cb154a3766447df21406a425c49917c776879a82edfb0c35db96123cf49439e50f1144cc794735de9a42f868403a3ec9fcc043d6bb4128d53a37b3d8a1b10d85434bf2983c8d0d3f71327a368eddf3c4975e7871c4738615e588082bfc07bfd3044164ef968d1d5e0982c6b724cdf937a5b704d9ae4aad10a10f2895af97cfbff0f5b98a4f771797c28f5df35c2a1b82f8c66935f8cab61a52aa1b3acc57f9835d3bf443546620d73c65cc585e2b8cfde1b7736b62c031c929a9078ee910da40dd7c6bb4057f86062f3794d6d5944a5a1acc55c9a0638a2cdae9580ebdb09d6e25a9f8e24bc975f1304c4a98698660b3fae3a73a83ec9c66a916375a11dbd8cbe021ee97c44d025cdea7d0e4cb5612280538bc52300b035104ff815be0f82ae8cbef596454f7a8b60a48f1002345b7085f08a41ea02b0e134b64af3f8429c7387b9f0b603ef0facc7acb19f62b69af823dfb1050d6076756daaf8f2ab7104581832c2bed0e0c1f0b6e9a5b4bdd519ad9df2a5d4b0dfcf0589e5dd42b9f4d908e22e74461ae9cb8b65abdc0feef1ced80a6ff47b58a243e984101e26f453d864018f868947f65d3a4839557586bfe69e5d5bd93fd238bd1ebd342fdd8e4030e85d0ce37023976c7fceb2c2f0ff9f7a8af8be1859faee57d6fee455516c9eaf6be9cfbbc4314290019062864291249c46358c33c0121f639e294330d39c9c363136a6a8bec9e7e2445c11afa2e42e7d6426be6a56abd4adbd9c6e19b608abc6a283b949f07ec27770a54ddd51537dcc0599200051c72d6771ede589663f674e432b7eb72ddfd6033c330849dc84800818375ee9c066c88817a7c0fc270f6432e7a978832769554fa7b5c7fd553c4ced7bc081eaf18e81a41fba180d74fe01637aaea23f6d79242db8b9b97c61566dd178c4e65beffa2d772f3ee0e9662b0fda131cc999783429863b0cabb38714d38011e9f916a2c08067bb92c8bc1535f2bd16e2739ac2a8a41eadb6e9afa22a6dd3bb33cd5a7e54de686690b14c2dfa7c8b699a4446bd416c57c40ff4c38b240e56cee840631b40dcb4352c3216230800ccd229e4c07906742ce7548618c6c6556c145cbddd6eeacd0474eefc9a9e43e1d28b4bfd69aabe944500a115bb870f5d41785f5915e406a765352f3aceb93c6d44be6038be351e6e7c7a76a28f100e95727df155e25f5ca99c7dcda67dfafa421cc61a4648661546fe560214df48ec6096c34b254da638299a5fe7bdedab54ceeb7a3ab6283031091d14c439381fa94971f97b38e429702a15527ef4ad64a3e2d16932c5ac5fcef9da4ecbe0804c2cc5f7fdf2cdce96d8aa9ef3e5f59e6ef8292ba854bca7e78382811e95387d79ea5fa04b0998485b9277a9a883942c69970366b5d9b80375582059de126cc13b1fb94485d98ebfaf6f9545ebe41e2bb7df0c72685e6ec9ab01ae170c7e81a79ce2eeaf2a3df32492b1b392da1b74539707073db921302e0106574cc337a1ed9a2dce6ccb3954476489067b43e4f6771815beb92b480b2d472696a8f597a57d6fedd8a38a4a93f8d05471fca5bda7861bac34d6b914aa14bc473eedf89f7d49521967b6437474ace44ab3048ac42bdad7e4b3131a7c8525bc68bf9a3fadc50f411920d484aa3b17ef5d987afafa4daf6786f79c9d782256c3ff7366585ab8d131f4bbfb18b81c9613285711721fc8178fa05fbd917675f537ec185254bbd34adaabe594fc2a3fae367937a23b26a2ad7b7b5dda4efd48f5c18fc0205351fff572d7787c3bac35980da2df4f98befbd2fc3ae9dc514f6306f3c8f5d04297a7a5309b6f1e6c5165119a3b6959a9c52a96ed9f9005819dc8b5cd36c06149b3cb267df4eab271867bae82df6ebddd8473dfe806a938070f701198c0e0da7b38b8819b267c7d917bab166e23eadbd537bdd88560baaadd7f0b0d0f447159512bc67e4c7118592366f2090f895bb3cce52a0b8d33ebf2f230ee2f5b888fc3a5a07fa2ea25262b626382793c53dde4c97a7c8e4bae6def34bd6870264dca02e19d896dbe0cf9659df36a81a36d9bf133fed8b3cb740172056ef082bb5a16ad1396ef1103e03712f8c6c42c2d5186784a02a98eaf99976fdfa2427fdf3f865c66746ec256b4fd474587d17265eb95229f57ff54a965b8d1aef1589557077d1e1b893f37ffb232e7cf2f0df9dfae67e9b6483606ad69b7077319094ca51cbc77fee242a4814d4feb1f19e6145834e068e4ede024bd716ba09c2989f106b3394cd04a55aeef914b2f0185cf1f813e16dcbe99647060a798d4dc004556181c4ae74a66ef4abb640fd4d8c093adbec2d74b74d58f6d8543aec17a5384f30f56d62eeb7ed2c4394ba0a72c568842a861f3d3b8ac1797b8a8de51637d80d9afc30cd37c6ef7dc7c1451f829c8b638c4a84a6fc09913a509e2d3b28a381816d8d25b9480a1382acd332a44f68a1be4cd6e5ea1613f71c6f5b703519f8dfc7084dcfbb6260f11eaa7d06e1c0a1aca31cd77ba8146b413d6494e419abf77de9571e941fd8d582921595550c199cb976bbdae18ef2dd390bee84f7fd46e451445e5f7f0cca5998300b292feb331b2b73fc5eccee7ae919fbe2fdf179ed8681fa794286543bad4d3630c35fd975cc1b18793d5f2c1fbdc2d51e9d96dac7e648cb2e8770e6964663ea50bcfc605263111df818165f4bc74fddcea5b799172a18660e47f24210f4ffbfd6270062047f60217c27e14a3b36f5ebacad273a7b6ac681113993c7f1c613da2be25167fcd1e93ff0d8aaed20b2a377d4d26cf2f6734d5b57d36019b8b97176016224bf7197c3127a034862879babcc56eb9262c85e4a9676d4d320441e0e25bec2be265b521f728d462c1b530928d6d8905bfa2d9728ae08f978aac1ed011c1d342b3ef8e29f971f30dda75ec560be4a55ad766209a4e42c5d45b3c760ce494af2f5268ab226131976c703adf4f2832aa59f2de558422967f4c39355c0d63e6731d266d16b9da8593394b049bba398cc8b5179c98a557189f00f41e4b3b141d142cc13ccb8c6e6c515050b4b19a7cec0ec2d7391e3f8dc6fc3df954d70f198f1a3a4698bb58c5eea5d4e8091eef74a97ece109249d1e708cb0bbae4fe191e4e5c1601753d85cbe94f3a65fb0870d19e4a5709f2701264bc0b4871e938ea74f2e14d0ba7f00ae29478548186611b04acb3c4e3b65aae7f407e766371a75c7ef6010f6042730e2741d96120eab059789af4ca7d45d345fb96fbd1364e24387ef971dafdd97b9fab5f98c9f75b4532752bb4a6f53e17a630d2544e926b272480d917dfafdde04c7f0bb12485cc6be7c3ea5ba270e1f697a2f61e9322a639e129c00318760ce91fb5e00e29dd8ff96fd3ad34c4a7e5d4e54f4c7ed526c85cb4db82e22976b168201114c6a7f021f1ebe9fc5c83f12f71dfc25464522cf65e349b2f7f0d7608ebc56f43a3bb15a7f676cd395e31c92ef0db006a070b1892dde24270ef7c657d640b698aeecdcdb6c11b6b0827b9c28fe9ba38a4605da3ca514715ed6e105c202391e1e63d713d2e6e36c76f5e5aee7e59866bc713ac8580c65d08671cb9e53bac5cb641be932a16d0f60739c884b726feeb2f4aeb15d03d4bee0c36c01b3a4a54774509219ab331786ba5bc20410a651e414528959a6582e25ca29b4df0ae0eba48cde116ea771c15e3e9ef923dfc25b289a3ec58e338d7ad4e43b0163e183603fdc08758d0486338c74eb2d5b2bb4f7f7400457798d5fc500b31b6ffe8a4360fce67425a495b131e68a980edb98fa74ba662e6f911d4763ee670991bbeecac51e31159c0e48cfc457667357971dbdb8d0e5bde9fecf061b55a6d3056849eefd8cb5093a3420fa44d177f1b25f718fe12cb13f88bd2dc18e1d5387f24e8e68e0c58269a04c1125564ce3314a035497a5fb158de1436c6143d77b5e1a994f3a9d71f65019bfba594603b0687353d5c2f1d9365814d7988183fff34635fda09e4acbad47e755100e8ae2d8c569dda0dba5cb92340419383ec2bfd5e97092bf8fa6ff0e5cd7d1710d69de6f9565031b6f8bd29994c577a5c1e6884d9faff02807f33e9db8d5d79cdf93125e9488a9383fb7c0f84bc589f1e7c9ba7c0c09dd39c26df2ac3991f7ee41b2ed536e65de526bbdc40a0bb90eca48237af41c1508d976fe3cab2140b7ede406e02c0dc4b9ca0e33404e93ffcf38ac6ed6f467a4def7eb4eb42fe6a087d6ce9d199079204fe6a63d51807cf78ca0a6c69289a5134aca8711e33dfeaa08c04cdf4dbd194f32618686dceac9afc21b76089fffda212164e253fcf050c9939decc8afab1141362b3e474d7796c1cb49e8386b2abf603aaaab03a871e444f0b2049339af75c1d1259e39ee55f34cc192b623fc40aea66f9fa314c4eaf50c18ec1e212f35cbcf1e7aa4270cbc7f97a0297d723a65e1600357d5345636b47df71913d047fcea27fa6297f5a6334b6932db719d73d5cb963c4dde862b108b6571bd086d84163f1119838aa78244359237501c667c16084e6fbf3d104aa21b7a60808ca66118ed40f4cb349e997a70af744468b9ea1b2e70a53c2b4d0f48c42004"}, &(0x7f0000000100)=0x1008) setsockopt$inet_sctp6_SCTP_RTOINFO(r1, 0x84, 0x0, &(0x7f0000000140)={r2, 0x0, 0x7, 0x5}, 0x10) 03:38:28 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1, 0x0, 0x0, 0x3f00}, 0x0) 03:38:28 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020a00006f786e6574302d232f70726f6300") 03:38:28 executing program 2: r0 = socket$inet6(0xa, 0xfffffffffffffffe, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'bond_slave_1\x00', 0x4000}) r1 = syz_open_dev$mice(&(0x7f0000000140)='/dev/input/mice\x00', 0x0, 0x0) recvfrom$llc(r1, &(0x7f0000000100)=""/37, 0x25, 0x10002, &(0x7f0000000240)={0x1a, 0x307, 0x3, 0x7fffffff, 0x4, 0x3, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}, 0x10) setsockopt$RDS_GET_MR_FOR_DEST(r1, 0x114, 0x7, &(0x7f00000002c0)={@ethernet={0x0, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}, {&(0x7f0000000180)=""/9, 0x9}, &(0x7f00000001c0), 0x24}, 0xa0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getsockopt$sock_int(r1, 0x1, 0x1e, &(0x7f00000003c0), &(0x7f0000000400)=0x4) r2 = syz_open_dev$admmidi(&(0x7f0000000040)='/dev/admmidi#\x00', 0x4d, 0x0) r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) write$P9_RSYMLINK(r2, &(0x7f0000000080)={0x14, 0x11, 0x2, {0x80, 0x1, 0x8}}, 0x14) syz_open_dev$dspn(&(0x7f0000000380)='/dev/dsp#\x00', 0x7fff, 0x20002) getsockopt$bt_BT_POWER(r3, 0x112, 0x4, &(0x7f00000000c0), &(0x7f0000000200)=0x1) 03:38:28 executing program 1: r0 = socket$kcm(0x29, 0x2, 0x0) recvmsg(r0, &(0x7f0000000b80)={&(0x7f0000000680)=@ipx, 0x80, &(0x7f0000000b00)}, 0x0) ioctl$sock_kcm_SIOCKCMUNATTACH(r0, 0x5452, &(0x7f0000000c40)) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0xaa3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000080)="a8", 0x1}], 0x1, &(0x7f00000001c0)}, 0x0) 03:38:28 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="0203ffffff020024000200000000000000006d02004e2001000000000000002402000100f898eb4edbc924dd25ef0000030005000000000002004e20e00000a0ea863accd2ce5ea20000000000000000000000"], 0x60}, 0x1}, 0x0) 03:38:28 executing program 6: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000740)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000013e95), 0x4) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000140)={0x0, @in6={{0x2, 0x0, 0x0, @mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf401000000000000], 0x1}}}}, 0x98) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000140)=0xd) close(r0) 03:38:28 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070") r1 = syz_open_dev$ndb(&(0x7f0000000100)='/dev/nbd#\x00', 0xffffffffffffffff, 0x0) ioctl$BLKPG(r1, 0x1269, &(0x7f0000000040)={0x1, 0x0, 0x11, &(0x7f0000000080)="0070c600100000ec2372070229363bd708"}) r2 = socket$can_bcm(0x1d, 0x2, 0x2) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000040)={'vcan0\x00', 0x0}) connect$can_bcm(r2, &(0x7f0000000080)={0x1d, r3}, 0x10) sendmsg(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000003f24)="050000003778d9f1ef73ada4753dd58b4d4b6e689d30d71c32fc0b98143e037dc1250278424e1b0368a82cc15eb4037dc12502000000b5e8", 0x38}], 0x1}, 0x0) r4 = socket$inet6(0xa, 0x1, 0x0) ioctl(r4, 0x4000008912, &(0x7f0000000240)="2957e1311f16f477671070") close(r2) 03:38:28 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="02001f006f786e6574302d232f70726f6300") 03:38:28 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1, 0x0, 0x0, 0x84dcdc353d}, 0x0) 03:38:28 executing program 5: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = getpgrp(0xffffffffffffffff) ioctl$sock_FIOSETOWN(r0, 0x8901, &(0x7f0000000000)=r1) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) r3 = socket$key(0xf, 0x3, 0x2) ioctl(r2, 0x8911, &(0x7f0000000100)="025cc83d6d345fe076207080129b64b629d3ba4653f1723b196f38970a7b67fd91dc383d39c3bee4e388067ef77038a78ff6b910ea06a5220b9a7fc9fc153ba43c5eaaf64bacf44f2c4becfb3cbf49fc9de6dc59a656422b47f921af1956ef80f2c75f78c1e8c1130482933b6ed96738d555cd5be1d3a85ee146e5971d021969a21753e6fa6c7897763c") r4 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r4, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020300090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x0) r5 = creat(&(0x7f0000000040)='./file0\x00', 0x180) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000080)={0x0, 0x0}, &(0x7f00000000c0)=0xc) getresgid(&(0x7f00000001c0)=0x0, &(0x7f0000000200), &(0x7f0000000240)) r8 = getuid() write$P9_RSTATu(r5, &(0x7f0000000280)={0x7c, 0x7d, 0x1, {{0x0, 0x60, 0x3f2, 0x80000000, {0x8, 0x3, 0x2}, 0x80000, 0x1, 0x1, 0x7, 0x0, "", 0x1c, '+vboxnet1)em0bdev/vboxnet0]/', 0x0, "", 0x11, 'vmnet1wlan0bdev)!'}, 0x7, "d92f70707031ed", r6, r7, r8}}, 0x7c) 03:38:28 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1, 0x0, 0x0, 0x34000}, 0x0) 03:38:28 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="02004c006f786e6574302d232f70726f6300") 03:38:28 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) r1 = syz_open_dev$adsp(&(0x7f00000001c0)='/dev/adsp#\x00', 0x1, 0x2) ioctl$PIO_CMAP(r1, 0x4b71, &(0x7f0000000200)={0x0, 0x5, 0x4, 0x400, 0xffffffffffff8000, 0x100}) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") clock_getres(0x5, &(0x7f0000000180)) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) fcntl$getownex(r0, 0x10, &(0x7f0000000040)={0x0, 0x0}) r4 = gettid() r5 = userfaultfd(0x800) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f00000000c0)=0x0) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffff9c, 0x0, 0x10, &(0x7f0000000640)={{{@in6=@loopback, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{}, 0x0, @in=@broadcast}}, &(0x7f0000000100)=0xe8) r8 = getegid() sendmsg$netlink(r2, &(0x7f0000000140)={&(0x7f0000000000)=@kern={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000080)=[{&(0x7f00000002c0)={0x348, 0x28, 0x100, 0x70bd2c, 0x25dfdbff, "", [@typed={0x8, 0x1d, @pid=r3}, @typed={0x8, 0x0, @pid=r4}, @typed={0x14, 0x60, @ipv6=@local={0xfe, 0x80, [], 0xaa}}, @typed={0x8, 0x65, @u32=0x6}, @typed={0x8, 0x73, @u32=0x1}, @nested={0x10c, 0x2, [@generic="5fc350cbcd78ab13f43f84654c381b9c20d927b294c3a54209af72ba165975922f1aa7f23688ab89b7e06ffc4afd59152aeb601cc92c0e7c37d2f19b5c8d6ebe430de2a6a69231927f842c84fa", @generic="888f2550234ad8a752e9d8fa3be68f4d4e3f0c35b0aa8cafb888bbccdecde97900f9011190e2b439552bf41e684c9c4dcaf2c1d2359512440185b75e2d4216f4e2cc5dc5e8f54835272dd470ef144a76238ded685c1edb940a3dfe70d76741ca38927e8d78abee8e3822ea2eea53b31059fd87837680c4009055c7a8d73c9592f85232053591e5f24bdcfc0b8a65b1bb33832edaedbf41aabf8f3d9c432f1a01d03e661006bf9e115d07f1bc946fc21f433efff6dab9005a0e5e6c"]}, @generic="4b66b34d21ed77bdd05ea95e39919116425efe92d1892bb721f32db2b3f4068cb9e30a3d181a8273e75d09d04432eaa748caeea2cf7887023d2c5f463331a4b54b51a10da30d000d3ab65556098f6d68852bd607d82271cda5a9ee61d83aec53ec98ca28b833153a467f6afeeb265b5ece780098cc2d55eaf8a379175039dbeb3498194af9f7f8fba1a5c744b89f6309b520efc1908c834830c10334f625e3416ac98bfdceb8b93d43b91560010c3d5a2ca2b3f2db054810", @typed={0xc, 0x76, @u64=0x80000000}, @nested={0x114, 0x1e, [@typed={0x8, 0x44, @fd=r0}, @typed={0x8, 0x92, @u32=0x3}, @generic="27275bd25ff540a0b97f63ab9a4116b1e0d06cc952b037771ebd612e31f75d3fd889234f2ab87fe2c5eef0e203c315479cad2a2b4ab19f73b4f6e842c4b02f250d5808c9be0cb98add601d21f70ead691252a198ebf382b21f8fcd0509ae726c6802ab15f2d97086ac202ef5d9bc55c78904a605feb96ce6170fae58601bee9362e51bb3721beebcc1c3fd5fd9fa3624b574f86361b4955a646730756bb3adc64aaa77a5fbf1a089298e212af4c9b28ae8c43eb01512b3d65bef82abdb2e320c738eb90997337f6345ecfb42d12ddfd927d42d9bb5036ce8fc4a7bfd8a702d10b9195cf5be82a378448313e5ee96e577937ecb4f00cdeb5295b3c0eba167"]}, @typed={0x20, 0x2a, @binary="dc5842806581aef640f160ed50ec6deb8e47b78696c82c6964f02a"}]}, 0x348}], 0x1, &(0x7f0000000740)=ANY=[@ANYBLOB="28000000000000000100000001000000", @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYBLOB="0000000018000000000000000100000001000000", @ANYRES32=r5, @ANYBLOB="0000000020000000000000000100000002000000", @ANYRES32=r6, @ANYRES32=r7, @ANYRES32=r8, @ANYBLOB="000000006b09e70238d787e524080a3d600c54217b4c45f058cc8c9d62a31ecdcea4357e1160dd094b5ae6f80ce5dd6d7f629b32d93b989791c776a89d5762129c4b854809f2aec3e0e3773385361b0f149b45883783817b05dde383151a85f90b59e1c1cb49baaac457fa2df8883da8a0d4c567e25956e0a0c4924ec34b19445232a7eeb67a9f19e94b579e8df9ee2cb36e8cdf8c50348257b6f4e2c74abfcb2bbe786427f3f85e966da38272bf0823e2"], 0x60, 0x40}, 0x8c0) 03:38:28 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$netlink(r0, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c40)=[{&(0x7f0000000940)={0x10, 0x24, 0x327}, 0x10}], 0x1}, 0x0) open_by_handle_at(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="a800000000003471770e4e42612472c641b4111cdaa134b87dedc887d32be722250ffbc088c5e431e76298c4e3197ce54b5af2f56310ad2b6e480741458f23db57870d742f1c4dc7da5f5e2c5e71a2e41778b58a16a0910dbe4b189995de33e9b7befbff6be50644e0c5bd2832f76d755167191387e52167828762f8d54e5ac3984246ca384b1d2be6425c5e17d322a06f445523c1f04ecdcf6f95119117072038d157555261acdd5a392373524bb2a0e97d07f9b557ca108e66cb9df2d67aad7fac2b3481684405e379663ced51e7f8ff705f89349c8d5b63a9b88109db651f82d4c8ddbc73a6a53d218d9fe85dbedb67a240b650311cc1ced04cf6e3d50296a99aba784da9d43ab33b742489e67d831dbd8c61066c06ec21b4baac11837011c47ccc663debd0bf06e10cb98845d6e1db5e0d42b308689241669c226f791ae5f037385ab5d31163325ff86238960089f6dd546da518c57546c7f7966fe71d860a2d2ed959668d2f1956e3454659772c3eb3b6ae349496f98cb7995723b06d313411b788a8299224341da4e469a040ea9c528472a0cf954cd66be44bfe6945f9d502af959fa549ac2aa3493256ae12a61206f699866b297c8a99692e51669195a33932e98b07f797ff5411e57a48b13a592d1bba79c75718859f47e0d520be0e2e6f3ef6fb89"], 0x101000) 03:38:29 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000003fe8)={0xaa}) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r2, 0x84, 0x8, &(0x7f0000013e95), 0x4) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x6, &(0x7f0000000040), 0x0) close(r2) close(r1) r3 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r3, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r4 = socket$inet(0x10, 0xfffffffffffffffb, 0x1101) sendmsg(r4, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000010407031dfffd946fa2830020200a0009000100021d85680c1baba20400ff7e28000000110affffba010000000009b356da5a80d18be34c8546c8243929db2406b20cd37ed01cc0", 0x4c}], 0x1}, 0x0) 03:38:29 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) recvmmsg(r0, &(0x7f0000003f80)=[{{&(0x7f0000000080)=@can, 0x80, &(0x7f00000001c0)}}], 0x1, 0x0, &(0x7f0000004000)={0x77359400}) lseek(r0, 0x0, 0x7) sendmsg$nl_route_sched(r0, &(0x7f0000005a00)={&(0x7f0000000180)={0x10}, 0xc, &(0x7f00000059c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="20fdffff25000102000000020000000000000000", @ANYBLOB="00000000bd"], 0x2}, 0x1}, 0x0) ioctl$VT_GETMODE(r0, 0x5601, &(0x7f0000000000)) 03:38:29 executing program 7: r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/sequencer\x00', 0x0, 0x0) preadv(r0, &(0x7f00000000c0)=[{&(0x7f0000000140)=""/1, 0x1}], 0x1, 0x0) 03:38:29 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1, 0x0, 0x0, 0x4}, 0x0) 03:38:29 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020400006f786e6574302d232f70726f6300") 03:38:29 executing program 2: r0 = socket$inet(0x2, 0x2, 0x0) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000180)=0x8000000000004, 0x4) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000ff5ffc)={0x0, 0x3}, 0x4) r2 = socket$inet(0x2, 0x2, 0x0) pipe(&(0x7f0000000000)={0xffffffffffffffff}) setsockopt$inet_sctp6_SCTP_INITMSG(r3, 0x84, 0x2, &(0x7f0000000040)={0x800, 0x9, 0x0, 0x3f000000000}, 0x8) r4 = socket$packet(0x11, 0x2, 0x300) getsockopt$inet_IP_XFRM_POLICY(r3, 0x0, 0x11, &(0x7f00000001c0)={{{@in6=@ipv4={[], [], @loopback}, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@local}, 0x0, @in6}}, &(0x7f0000000080)=0xe8) setsockopt$packet_drop_memb(r3, 0x107, 0x2, &(0x7f00000000c0)={r5, 0x1, 0x6, @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xf}}, 0x10) setsockopt$packet_fanout(r4, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x3}, 0x4) sendto$inet(r2, &(0x7f0000865000), 0xebce, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20, @loopback=0x7f000001}, 0x10) sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20, @rand_addr}, 0x10) 03:38:29 executing program 6: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000740)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000013e95), 0x4) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000140)={0x0, @in6={{0x2, 0x0, 0x0, @mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60000000], 0x1}}}}, 0x98) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000140)=0xd) close(r0) 03:38:29 executing program 1: 03:38:29 executing program 7: 03:38:29 executing program 1: [ 816.679023] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. 03:38:29 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="024c00006f786e6574302d232f70726f6300") [ 816.722462] IPv4: Oversized IP packet from 127.0.0.1 03:38:30 executing program 7: 03:38:30 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1, 0x0, 0x0, 0x3f00000000000000}, 0x0) 03:38:30 executing program 1: [ 816.762694] IPv4: Oversized IP packet from 127.0.0.1 03:38:30 executing program 7: exit(0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000003, 0x8031, 0xffffffffffffffff, 0x0) openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x0, 0x0) mbind(&(0x7f0000012000/0xc00000)=nil, 0xc00000, 0x0, &(0x7f00009ecff8), 0x2, 0x3) msync(&(0x7f00009c7000/0x2000)=nil, 0x2000, 0x0) 03:38:30 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="026800006f786e6574302d232f70726f6300") 03:38:30 executing program 5: 03:38:30 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) recvmmsg(r0, &(0x7f0000003f80)=[{{&(0x7f0000000080)=@can, 0x80, &(0x7f00000001c0)}}], 0x1, 0x0, &(0x7f0000004000)={0x77359400}) sendmsg$nl_route_sched(r0, &(0x7f0000005a00)={&(0x7f0000000180)={0x10}, 0xc, &(0x7f00000059c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="2400000026000102000000000000000000000000", @ANYBLOB="00000000bd"], 0x2}, 0x1}, 0x0) r1 = openat(r0, &(0x7f0000000000)='./file0\x00', 0x301001, 0x24) ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x0, 0xfffffffffffffffa}) getsockname$inet6(r1, &(0x7f0000000140)={0x0, 0x0, 0x0, @remote}, &(0x7f00000001c0)=0x1c) ioctl$ASHMEM_SET_PROT_MASK(r1, 0x40087705, &(0x7f0000000100)={0x6, 0x6}) 03:38:30 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x0) 03:38:30 executing program 2: r0 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r0, &(0x7f00000000c0)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @rand_addr}, 0x4, 0x1}}, 0x2e) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x0, 0x32, 0xffffffffffffffff, 0x0) ioctl$PPPIOCGL2TPSTATS(r0, 0x40047459, &(0x7f0000000180)) 03:38:30 executing program 1: r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/sequencer\x00', 0x200000000082002, 0x0) setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f0000000200)=@filter={'filter\x00', 0xe, 0x4, 0x130, [0x0, 0x200004c0, 0x200004f0, 0x20000eb8], 0x0, &(0x7f0000000100), &(0x7f00000004c0)=[{}, {}, {0x0, '\x00', 0x2, 0x0, 0x1, [{{{0x0, 0x0, 0x0, 'ip6gre0\x00', 'veth1_to_bond\x00', 'vlan0\x00', 'yam0\x00', @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, [], @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, [], 0x70, 0x70, 0xa0}}, @common=@redirect={'redirect\x00', 0x8}}]}]}, 0x1a8) write$binfmt_aout(r0, &(0x7f0000000000), 0xff8f) read(r0, &(0x7f0000000040)=""/95, 0x5f) 03:38:30 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020003006f786e6574302d232f70726f6300") 03:38:30 executing program 5: 03:38:30 executing program 6: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000740)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000013e95), 0x4) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000140)={0x0, @in6={{0x2, 0x0, 0x0, @mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x300], 0x1}}}}, 0x98) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000140)=0xd) close(r0) 03:38:30 executing program 5: 03:38:31 executing program 2: 03:38:31 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x0) 03:38:31 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020005006f786e6574302d232f70726f6300") 03:38:31 executing program 2: 03:38:31 executing program 5: 03:38:31 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x0) 03:38:31 executing program 2: 03:38:31 executing program 5: 03:38:32 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) recvmmsg(r0, &(0x7f0000003f80)=[{{&(0x7f0000000080)=@can, 0x80, &(0x7f00000001c0)}}], 0x1, 0x0, &(0x7f0000004000)={0x77359400}) sendmsg$nl_route_sched(r0, &(0x7f0000005a00)={&(0x7f0000000180)={0x10}, 0xc, &(0x7f00000059c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="240000002600010200000000000000000000000007b95bd4ef8802e150ac16de5a42907a1b5fd56542dea1aece86915ca0658db41ea0883a31dbabe20413dee1c9f1204ff33b3e1a0dd6c23a4f030d66d29bb8963adc333065629425e0ae48da2cb7940d6d2e91bcd1affd0e3ca44c74d0374635", @ANYBLOB="a3d93435c649af6aaf4a8c16799c13c48d31e8c798ac62a2ed1aa17a41665376393fa83717f3aa186015a59daf80c7436d86d2d0a92a8ab5df1c070444bafbd6117b0c69de4a10a9de670100000000000000de68fcbf733b524f484c53d77a187fa4d7a8e4f3ec465b0d4d12eb1e27b5efcafefc9201e190c8497f4d6e988923c099ddcb16500bae2f7fb4ecd4614c826d3fa05a22437bed9952637dac550367541a089f4cb067f24bf15510a300b6c2d6b835692b2ed0e3205b61256838d1d1e8a2ff6030627b4b794e3e"], 0x2}, 0x1}, 0x0) 03:38:32 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020020006f786e6574302d232f70726f6300") 03:38:32 executing program 7: r0 = socket$l2tp(0x18, 0x1, 0x1) socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(0xffffffffffffffff, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast2=0xe0000002}}}, 0x2e) connect$l2tp(r0, &(0x7f00000000c0)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @rand_addr}, 0x4, 0x1}}, 0x2e) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x2, 0x32, 0xffffffffffffffff, 0x0) ioctl$PPPIOCGL2TPSTATS(r0, 0x40047459, &(0x7f0000000180)) 03:38:32 executing program 1: socketpair(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) setsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000340)={{{@in6=@loopback={0x0, 0x1}, @in=@remote={0xac, 0x14, 0x14, 0xbb}}}, {{}, 0x0, @in=@dev={0xac, 0x14, 0x14}}}, 0xe8) 03:38:32 executing program 2: setsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000001000)={0x10000, 0x4, 0x100, 0x400}, 0x6) r0 = socket(0x11, 0x80002, 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) setsockopt(r0, 0x107, 0x5, &(0x7f0000001000), 0xc5) close(r0) 03:38:32 executing program 5: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff}, 0x0) close(r0) socket$unix(0x1, 0x1, 0x0) setsockopt$inet6_group_source_req(r0, 0x29, 0x0, &(0x7f00000001c0)={0x0, {{0xa, 0x0, 0x0, @dev={0xfe, 0x80}}}, {{0xa, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xbb}}}}, 0x108) 03:38:32 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x0) 03:38:32 executing program 6: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000740)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000013e95), 0x4) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000140)={0x0, @in6={{0x2, 0x0, 0x0, @mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x1}}}}, 0x98) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000140)=0xd) close(r0) 03:38:32 executing program 5: syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @link_local={0x1, 0x80, 0xc2}, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, {[], @tcp={{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, &(0x7f00000002c0)) 03:38:32 executing program 1: r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/sequencer\x00', 0x200000000082002, 0x0) setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f0000000200)=@filter={'filter\x00', 0xe, 0x4, 0xce0, [0x0, 0x200004c0, 0x200004f0, 0x20000eb8], 0x0, &(0x7f0000000100), &(0x7f00000004c0)=[{}, {0x0, '\x00', 0x0, 0x0, 0x2, [{{{0x0, 0x0, 0x0, 'bond_slave_1\x00', 'ip6gre0\x00', 'sit0\x00', 'nr0\x00', @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, [], @empty, [], 0x888, 0x888, 0x8b8, [@u32={'u32\x00', 0x7c0, {{[{}, {[{0x0, 0x2}, {0x0, 0x1}, {0x4}, {0xfffffffffffffffb, 0x3}, {0x7fff, 0x1}, {0x4}, {0x6, 0x3}, {0x5, 0x3}, {0x5}, {0x3, 0x3}, {0x0, 0x3}], [{0x3, 0xffffffffffff5e1c}, {0x4b, 0x3}, {0x1, 0x4}, {0x9ae, 0x80000001}, {0x6, 0x146}, {0x1, 0x4}, {0x3}]}, {[{}, {}, {0x47f, 0x1}, {0x2, 0x3}, {0x67c}, {0x400000000, 0x2}, {0x6d59, 0x2}, {0x6, 0x1}, {0x0, 0x2}, {0x4, 0x3}, {0x800, 0x2}], [{0x3, 0x800}, {0x436, 0x1}, {0x0, 0x100}, {0x5, 0x80000000}, {0x1, 0x5}, {0x8, 0x400}, {0x844, 0x1}, {0x100000001, 0x7}, {0x3, 0x7}, {0x7, 0xffffffffffff8001}, {0x5, 0x1}], 0xa, 0x7}, {[{0x2, 0x3}, {0x87e2}, {0x9, 0x1}, {0x200, 0x1}, {0x40}, {0x81, 0x1}, {0x3ff, 0x3}, {0xffffffff, 0x3e4045fd873438c9}, {0x1, 0x3}, {0x4, 0x3}, {0xfffffffffffffffe, 0x3}], [{0x81}, {0xd8f, 0x20}, {0x9, 0x1}, {0xcb0, 0x1ff}, {0x800, 0x3f}, {0x4, 0x4}, {0x100, 0x1}, {0x8, 0x5}, {0xdb, 0xff}, {0x101, 0x9}, {0xbe, 0x1}], 0x9, 0x8}, {[{0x389e9b4f, 0x3}, {0x4, 0x3}, {0x4}, {0x4}, {0x5, 0x1}, {0x7, 0x2}, {0xcd44}, {0x4, 0x3}, {0x7}, {0x4, 0x3}, {0x4, 0x1}], [{0x7ff, 0x7}, {0x5, 0x1}, {0x0, 0x2}, {0x49f, 0x8}, {0x81, 0x7ff}, {0x4, 0x9}, {0x10000, 0x4}, {0x3, 0x6}, {0x6, 0x80000000}, {0x2, 0x4}, {0x1000, 0x6800000000000000}], 0x2, 0x9}, {[{0x30}, {0x8, 0x3}, {}, {0x3ff}, {0x2, 0x1}, {0x4, 0x2}, {0xfffffffffffffff9, 0x3}, {0x8f37}, {0x405, 0x2}, {0x6, 0x3}, {0x4, 0x3}], [{0x1000}, {0x81, 0x7f}, {0xf5, 0x5}, {0x5, 0x11}, {0x9, 0x800}, {0x2e, 0x10001}, {0x1ff, 0xfffffffffffffffa}, {0x3ff, 0x1}, {0x74e, 0x8}, {0x7fffffff, 0x12}, {0x6, 0x4}], 0x9, 0x7}, {[{0x10001, 0x2}, {0x8, 0x1}, {0x8, 0x2}, {0x3f, 0x3}, {0x8, 0x3}, {0x4, 0x3}, {}, {0x9, 0x3}, {0xa21c, 0x1}, {0x7, 0x3}, {0x2, 0x2}], [{0x2, 0x7fffffff}, {0x7fffffff, 0x2}, {0x401, 0x7e7ec1a2}, {0x4, 0x5}, {0xdf0f, 0x20}, {0x7d680000, 0x8}, {0x5, 0x2}, {0x7, 0x2}, {0x9105, 0x66b7}, {0x800, 0x2}, {0x0, 0x8}], 0x7, 0x4}, {[{0x5, 0x3}, {0xeed, 0x3}, {0x1, 0x2}, {0x94d4}, {0xc71, 0x2}, {0x8e2b, 0x1}, {0x2}, {0x5, 0x2}, {0x100000000, 0x1}, {0x1, 0x1}, {0xfffffffffffffffe, 0x1}], [{0x2, 0xee5}, {0x401, 0x1f}, {0x20, 0x3f}, {0x100000000, 0x3ff}, {0x1, 0x80000001}, {0xffffffffffffff00, 0x5}, {0xfffffffffffffe01, 0x1a8}, {0x41fb1cdd, 0x100000001}, {0xb02b, 0x9}, {0x100000001, 0x59ba}, {0xc9, 0x5d5}], 0xa, 0x9}, {[{0x100000000, 0x2}, {0x10001, 0x2}, {0x1, 0x3}, {0x6, 0x2}, {0x223f, 0x2}, {0x0, 0x3}, {0x4, 0x3}, {0x9, 0x3}, {0x94}, {0x1, 0x1}, {0x1ff, 0x1}], [{0x0, 0x4}, {0x5, 0x80}, {0x5, 0x4}, {0xffff, 0x7}, {0x2, 0x1a48}, {0x0, 0x5000000000000000}, {0x4, 0xffffffff}, {0x4, 0x7f}, {0x3, 0xffffffffffffffff}, {0xc8a, 0x13}, {0x100000000, 0x100000001}], 0x5, 0x562}, {[{0x8, 0x2}, {0x5, 0x2}, {0x5}, {0x401, 0x3}, {0x3f, 0x1}, {0x4}, {0x7f, 0x2}, {0x9, 0x3}, {0x2, 0x1}, {0x1, 0x3}, {0x80000001, 0x3}], [{0x1, 0x800}, {0x1000, 0x8001}, {0x6, 0x8001}, {0x0, 0x1f}, {0x0, 0x46}, {0xf427, 0x7f}, {0x2, 0x3}, {0x2, 0x8000}, {0xfff, 0x4}, {0x20, 0x80}, {0x33e8, 0x9}], 0x4, 0xb}, {[{0x7}, {}, {0x101}, {0x1}, {0x3}, {0x6, 0x3}, {0x3, 0x2}, {0x2e58, 0x2}, {0x1, 0x3}, {0x7, 0x2}, {0x7fff, 0x1}], [{0x0, 0x8}, {0x7fff, 0x34}, {0x5, 0xfffffffff45fc97c}, {0x3ff}, {0x0, 0x7}, {0x0, 0x5ed58814}, {0x7fff, 0x5}, {0x25cb2442, 0x3}, {0x9, 0x1}, {0x8, 0x81}, {0xffffffffffffffff, 0x97}], 0x4, 0xffffffffffffff24}], 0x5}}}, @state={'state\x00', 0x8, {{0x7f}}}]}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8, {{0x1}}}}, {{{0x7, 0x8, 0xe8ff, 'ipddp0\x00', 'veth0_to_bridge\x00', 'yam0\x00', 'ipddp0\x00', @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, [0xff, 0x0, 0xff, 0x0, 0xff, 0xff], @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, [0xff, 0xff, 0xff, 0xff, 0xff, 0xff], 0xb0, 0xb0, 0xe0, [@statistic={'statistic\x00', 0x18, {{0x0, 0x0, 0x2, 0x8, 0x9, 0x3}}}]}}, @common=@STANDARD={'\x00', 0x8, {0xffffffffffffffff}}}]}, {0x0, '\x00', 0x2, 0xffffffffffffffff, 0x2, [{{{0xab37ea203e655031, 0x32, 0x88fb, 'dummy0\x00', 'sit0\x00', 'bond0\x00', 'vlan0\x00', @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0x17}, [0xff, 0x0, 0x0, 0xff, 0x0, 0xff], @empty, [0xff, 0x0, 0x0, 0xff, 0xff, 0xff], 0x118, 0x148, 0x180, [@m802_3={'802_3\x00', 0x8, {{0xfe, 0x6, 0x1, 0x3}}}, @ip6={'ip6\x00', 0x50, {{@mcast1={0xff, 0x1, [], 0x1}, @loopback={0x0, 0x1}, [0xffffffff, 0xff, 0xffffff00, 0xff], [0xffffffff, 0xffffffff, 0xffffffff, 0xffffff00], 0x3, 0x89, 0x3, 0x1, 0x4e23, 0x4e20, 0x4e24, 0x4e23}}}]}, [@common=@redirect={'redirect\x00', 0x8, {{0xfffffffffffffffc}}}]}, @common=@mark={'mark\x00', 0x10, {{0xfffffff0, 0xfffffffffffffffe}}}}, {{{0x11, 0x60, 0xfbff, 'ip6gre0\x00', 'veth1_to_bond\x00', 'vlan0\x00', 'yam0\x00', @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, [0xff], @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, [0xff, 0xff, 0x0, 0xff, 0xff, 0xff], 0xd0, 0x108, 0x138, [@cgroup0={'cgroup\x00', 0x8, {{0x0, 0x1}}}, @cpu={'cpu\x00', 0x8, {{0x5}}}]}, [@common=@mark={'mark\x00', 0x10, {{0xfffffff0, 0xfffffffffffffffc}}}]}, @common=@redirect={'redirect\x00', 0x8, {{0xffffffffffffffff}}}}]}]}, 0xd58) write$binfmt_aout(r0, &(0x7f0000000000), 0xff8f) 03:38:32 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020300006f786e6574302d232f70726f6300") 03:38:32 executing program 7: syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010a0200027400f801", 0x17}], 0x0, &(0x7f00000001c0)={[{@fat=@check_relaxed='check=relaxed', 0x2c}]}) 03:38:32 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x0) 03:38:32 executing program 2: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0x10, 0x3, 0x0) getsockopt$sock_buf(r0, 0x1, 0x37, &(0x7f0000000200)=""/191, &(0x7f0000000080)=0xbf) sendmsg(r0, &(0x7f0000002fc8)={&(0x7f0000000000)=@nl=@kern={0x10}, 0x80, &(0x7f0000002000)=[{&(0x7f00000000c0)="5500000018007f5300fe01b2a4a280930a06000000a84306910000003900070035000c00060000001900150006000000000000dc1338d54400009b84136ef75afb83de448daa7227c43ab8220000060cec4fab91d4", 0x55}], 0x1, &(0x7f0000000400)}, 0x0) getsockopt$inet6_mtu(r0, 0x29, 0x17, &(0x7f0000000140), &(0x7f00000002c0)=0x4) 03:38:32 executing program 5: r0 = open(&(0x7f0000000080)='./file0\x00', 0x40, 0x0) fcntl$dupfd(r0, 0x406, r0) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$int_out(r1, 0x5460, &(0x7f0000000040)) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r2 = creat(&(0x7f0000000000)='./file0\x00', 0x0) write$binfmt_script(r2, &(0x7f00000000c0)=ANY=[@ANYBLOB="23c711cb950f69a4b563dfbf21202e2f66696c65300a"], 0xb) close(r2) [ 818.946462] FAT-fs (loop7): Directory bread(block 2563) failed [ 818.958334] FAT-fs (loop7): Directory bread(block 2564) failed [ 818.982304] FAT-fs (loop7): Directory bread(block 2565) failed [ 818.991328] IPv6: Can't replace route, no match found [ 818.998383] FAT-fs (loop7): Directory bread(block 2566) failed [ 819.008584] FAT-fs (loop7): Directory bread(block 2567) failed [ 819.015925] IPv6: Can't replace route, no match found 03:38:32 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x0) [ 819.043388] FAT-fs (loop7): Directory bread(block 2568) failed [ 819.050924] FAT-fs (loop7): Directory bread(block 2569) failed [ 819.068800] FAT-fs (loop7): Directory bread(block 2570) failed [ 819.079506] FAT-fs (loop7): Directory bread(block 2571) failed [ 819.091401] FAT-fs (loop7): Directory bread(block 2572) failed 03:38:33 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) get_mempolicy(&(0x7f0000000000), &(0x7f0000000100), 0xb77e, &(0x7f0000ffc000/0x4000)=nil, 0x2) recvmmsg(r0, &(0x7f0000003f80)=[{{&(0x7f0000000080)=@can, 0x80, &(0x7f00000001c0)}}], 0x1, 0x0, &(0x7f0000004000)={0x77359400}) sendmsg$nl_route_sched(r0, &(0x7f0000005a00)={&(0x7f0000000180)={0x10}, 0xc, &(0x7f00000059c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="2400000026000102000000000000000000000000", @ANYBLOB="00000000bd"], 0x2}, 0x1}, 0x0) 03:38:33 executing program 2: r0 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r0, &(0x7f000000bfc8)={&(0x7f0000000000)=@nl=@kern={0x10}, 0x80, &(0x7f0000002000)=[{&(0x7f0000000080)="5500000018007fafb7a41cb22da280000206000000a843096c37234a39000900310008004b00ca8a9848a3090000006b7b31afdc1338d54400009b84136ef75afb83de440700d42c44e82afc5349fddd4ab94e7162", 0x55}], 0x1, &(0x7f0000000100)}, 0x0) syz_mount_image$ceph(&(0x7f0000000100)='ceph\x00', &(0x7f0000000140)='./file0\x00', 0x4, 0x2, &(0x7f0000000280)=[{&(0x7f0000000180)="f5631c3db1a1033679fd3dbdbe11153045fb8a95c4bcf82e988f3fa32d3b1440205118e2b26b63839e9363ac23050292", 0x30, 0x7}, {&(0x7f0000000300)="3456abe48a38e55ad83ed0624be6dc517d5a55353e32c88c5e677a796aa011585bac5c7cac4ceadd80431c52a2ead64ca70e586532132069712799db8c863f4c9748ebc77202bada782b48fd069f0ce6883375a95bfd14b01230209293c97417024dbeb888940c49cb9fa9f269c5983851a111a0c889cf5514ccdc9ebfac42f9e26d7188", 0xfd89, 0x1}], 0x1200000, &(0x7f00000002c0)='\x00') r1 = syz_open_dev$mice(&(0x7f00000001c0)='/dev/input/mice\x00', 0x0, 0x8001) ioctl$EVIOCGBITSND(r1, 0x80404532, &(0x7f00000003c0)=""/130) 03:38:33 executing program 5: r0 = socket(0x10, 0x2, 0xc) ioctl(r0, 0x7b, &(0x7f0000000100)="d033ed02e457e8e80cb6f38d2fd605fadbcc16610db53b036c98fa86f1fdce5ecddd204cc408930ad9bc6d01111cc4fdc6e9a29b0436670254c468f5003a0ea2a08a6723bde6e804e61044c4745ee0b49ede85f996e68797502c947b0b567ca8139a2c88c1a88c3669f34ec69aa5c19cc08b0ffffe21aa2b3ef2e8e51346285c11025fa0e171d7361e5ca3754febd84c8863ba4e7dced34f8e837899172e7acfca4bcaa362dbde2884408b98ae9f8a34bdf5a197a5123f6fdb2c69f891babe4f65372021e02684570be29ac6bb77fa15ee47b05c0222e6b96dcf1b40a2711e2d4bf9622188875dd1854b97512b451f7d7f943efaad735c13cce07228c2c1eb3d4aada7a541f226559b966352b27a115df095a933cadbed57cf293cfeba5eaf5e6169fc30d9f55ad489f4ee8739051b51f8063c6ad0ae25bef01cfd316c9972a8430d431ac743ea1eb18958feef8df2a7f9c43bd554f2f79f8c8e39d6e9a97c8498087ec5e432390c09f0fb2ac8e2c161f41103718297ab3bcb08989772c5490acf173a21a51027a1c4c45d11629ddf928b6368f03684aa0a20aa649a0c4f3fe93103ab6c88d6fbee09084acfb19dcdc2b0a06c89b2914a1c1e80caa3f480c2236d42454396a61cb0f07d3acca7878fd35c1f219288b7bcac5df3d622f54f7e53f4d7a5fc5a89d3adbe60420c99e49c819a3181d65c70564d2c0138670b130c304914a3a79f63d63cd3f03679ab9d029978ed0ab06c0c9c02835a65b9980dbc4789dc86079db7e27f873f0ca73adbf0217bab10a72f9d38f162728cf13f1a634015d8cfbe90aa204f5e077b8cbcb281e7b9e8c53f760bf9535f765f7ea2a666c2dbe6c61f2c3cda04567f1b69adeea35751af698c7a2036a5a40476ec2896408f3f145ec87a15a185f8390aaab337c30ff471b23e580d137c652cba5e4b703f7f1cf28626d61e89911a646ed9f9ec04dec8b7fd4252106e4b1a9e8456262e46e05cdc282e313fc8b30f6c466549b51c83ae7d41446440d25ba2d8634d12d0e4a0d6bbbf03035feddb090168260dce9b06b6af2522cb2ed8623036fa5a3a14b367cd64d4e4b23a98da8eb89ae7079648ca26eaac49baded3b1683ce8c7346aec68d1990eead7f063a8e51e2021309223ab8f393889298370504ea27fae1959093c1bdecd992f8c6fbe3cf9c4b7375e98e2d454d37d31edbeed2fd02f3d4da7efcc94608d06319d6095e9c2c911f8b4045758841a91fa1a94aa2e937dd5c85c4c04c14de04381d5f5c09a928bb0f243e838957b7f2f779fd492a1f66a764425df071c378c7a82432bc506be2ba9ec3d18384357c7da19cebe161f543a578275719de6477ce1748c1d773c16c94c38e78f3af2604eaac5dc7b93bca804b92a92c0ec9ae99fe7548ce1962000eac5eaf2626f033facf588ae690d856d9b75754db8cc0a621baef9c71ce26a7b06abf708d6630739ed8775fd56b65b595b8e67c9b9b60d6c2e42f0d78fc32fa308904fc43d4987f22b96a1949dc09cbc411670afe6188335369313fd302fb190ae1993b6daa36d9cb5290985da9cbf7561cfcb448fe1f778fb72e0082991dd664adbdb504168ba9f11fa13cd9fe4ef4f7b611fb5fb8d33df8bb748dd991be93b3bb8b1b97ec8b0d1f50fe0bac758332784caca5584fe11643a0fd998ef32991c822628c50d98efe27602857b968a3b653ccd505200f31f0a77f417f3d314953abee84626cdc24d50d3f702ab32c27bb303f2e37876ce4f5128c9c0666173ccc652b7f0eda2b45d4d28f7f4680947c3da5e36362a717f628a668213113f8471f44795627a2b818307a46dbf67133780eed12cda3ee933402f681fc63db16623a1bea444834d68334fb09283c232329b92f01b603465140546f62ef68f6fa7c204e34ee50bb69dc7a85701c1eb5f6165abebe92e461da70842806764a2606854595c6966130eb5cca4c2b651b3b992cdc62d7f45c8b81201c989e9ea767685021071acf442618bc76c68b53ab92ee7be69ea5411baf599a67e6b249b50780351f7dfbb2963385952e5e16bfd97851e03c95ad0ce1892a2f97ce9a79fe611804c0577358154a95877399b710eac9d02a713108644932b8e102d9355ccf76bcc540763f536ccb10b4ace809f6894f9026a373d96ddd0f4bfebeac8aa3a202d1005ee844b734e62b5d72a657f51d2285ed8ac4cc90ad31712c800e819fadcdf4f4d4a3b0a136a78db938fd92dfc41d16e0f275be837046fe852d236051f655952328558da0dc3a36953b13c7edc609cf5145d7a599c9dd8c0ffe25751c8decdcadc6b57e2f105aa24e1f6c9f665bb59bbc1afe8c3321fc91c22fae6b28de076e935d6567d43831140042c602b7d883712424327e15cda5ae4c0fd007bb26be8df786d837d0beb5e62355ca774aa75ec3879b3c7aaffb8442fd14e58c173262863844ea435200f804c410a76fc753fca01cfc86797eb7de2dd3703f1e44fa7c8873de2ccc140c35bdc60063c740f944f9ef3d9d22e4bbacac37084de5a3757c6921fed5e665cea68e4a162ed4e26d1aa697641bcd59d744182c04f1e7c7224e6be99969492f0d89664629cf8ebc42c9e5b03503c1e838a38c72dbb5899945db59e3461df4bd6dab8cd357aca2b6d29ac1c2d91bb8e047f4306f3b93450901ce50de95cf2ddd3c81f5cc7a45017b9dc154eb9ae983120da38eb544916903417217c5d80542c478088fc6bd28d6a74c013127b25f1b7b1a8971787fa5a57baed2ff91725920ced1277228d18ffc26712cc4e8a6357b1c4289366a4b6c40b160ade4092d51c2dbd0e6e10d49404a9752db8f629b2cee9fed9218115cbf46172ebc5cc1140755bda4c08a949a0b82c9e7d8f86f02837dd7c355c025acb2bd8c48897a196d294fb9183131da852f0dbf2bc76ca5b7abd2c7fee8d62608a098d343751f76eee773d2947ccb9bc5cc02d290f278dd1a91dd9251c67a791f6f1c5e22ff8f362664672ea34968396ad5bc12e8d6020d572f8bd1ccb99a4b8fe24054b9a39b10bb1dc2fdc67351b3058388522b87bbeba3525fdb0eadae75db0bd4af3992c6398f4b8ab9b99b6cb7a2d7712d2068530a3b8688c31b768dacfa1d7accfcd134598d300ff7a5511eac9c37937b757e24457917e2faac6d27705e46ac8a035dca9b9e14648b66e4d745d6eac29c76fc5a0f07a984f4d872a910abb46928aec16eecd8030116c0f1a26ae76f771eaa9fe07103822d1353531c9a74a1b6a97865d08f473a542c9da98925e0240d54eb1c011555d7d94b4d5b3e56b001464011a20fa1800b0de3cff3bce6cd7867ecdfe3821c0d58562ba0c2403bcad4010d5f19665709d6b5d9c81f8c7adce6b015932ceeccd3494922cb5f8060774089219f420800d33d854a884af3b06a54c4ad6f603b0f2c7867aa31eeaf56a4fd5aaaa087614554fc816d6474f3d83559b827792f42fb4d4133b35d461e386d3c70c7088a4b99283033f66e9859d5499cd44d67bea40d75461057ebe5c05a4fd1409549d65cca0496e52f7c922991c56fc23a4b684955851136723ee5aa1bd73fee140e8ec222045a7e0cfd68395639725bb529dff9214be38e2ba0427a12108cdb15f1aa3152da3450fe3ad57bee2a60c837c64d4e86c4b25696b5c413c48220e57df2cf252e6728a3aa223e6877970aa8991ba114aade6e9aeb85e8151996139f96a92cb4a6235305faec3b56ea375dade8e6478878da77be893f9845393d8a63089f1d364be613025153fd2a058f74ffa4f8fbf7cfacb60574335e710c60f32808227ee719e6a05b0c170d7a6512b7dfebad29648be7228ee323defe034751a7eb26f865795fa46fd70cb57f791e194f599d0a87a2c8a401f0a008e3d9c799e19df0f2df6f2b3843e6db4d98d5ddc8337c2cf5b1f01c6471f3cd1b1804ad9a1efbcd01a1c8910fdae00dabad5cf3585d1e7c51990db89d1d89738b052373b44f48965e3976514beb337cceff0659b408509415efaa7abd2efd5b5255da34c6fadb9590d8ecab394dcd8b8d19faaf54cd5c7a5cde3cd7fc1d8c1ccb4f142bf023576a8a9decbddf856bed28530c790d224a26899db8284076694df8d5db8bfdf7165ec6d6cfb32e944c22b8be255d4aef4e14a0228c13cf6e5fbc9253da16c5c51156f8ad77caaa99d577f0354e74c8eff7eba49af4723ccc0bce6739454923b52ef513706e62ad0c56f2b059cae9f7673b0805b538b2a8c73b368d25e6c9974adeaba51b6ae05dfe8a4b93b94e2e8c47510e2bf1fbe792e285c58a943dd33872e4039e3b06ecadd1d678b0f34d5e55b1882b1ffcef19d4c338261be40a89641f5598c7fac13dec838c21cd605ec04801a7074a6baebc71a3c7194d293ee7aa594226e0eff4416fdc9b9f84f41b39f7013643def65e0dd1ab8cb335a8e12a9d68cbeb3c8ee28745f91ae45621889687b54d2753bbd9d03bfb35be574a7389442323e457ec67fc894ea14ec9e6f04c5435cd63ad4d9b8209c55a10468d305632b8e21d49ce89b4c769808e1519ead4cf6ee0c26ba37be665862fbd9d09db52145f9924904abe577837b84725417092f71cab668d9c4ad611264bef37e987555cf006583e51ab5bc4fa2b385092b56bb93c43da9364c810e5c221d8bc901a41569469cff545d89c32af09834fffb6e5a314200d681a12397b80f5a566c43aaf0640d87080895c9389abdffd9594f223d8cdbc60206ab3654fed3385059727f8a1e5f2a9d6a996e700688f04a21307072b167637d8d10c68b363a9b6a78991b548f2de47f597876de8b1b92850829c4987abe52d744a377fa4df6c95f989953cd5d04bab60ca1d25bb6f7804ad6d942791a4c749d40267251b869a03a4941bc7373fcb6e4c89e8d4cfd750d72a313c95138f233eeb76a685c253865bdd2945eb0816c96b6058515b7bc16348109982e8845e8622c25872fecde175a11d00dd7e9a1d6b624d4d4f797a6d58f49d6d36c2349b14a67aca756aba14a6cd8c3ab97b20da934c781b3f72babb4a121dfb14e3215e700e6ae9b815684e7d60cc8538daaac219437dd67cbf45c273a60f31be22064148ee35c94bf56ab4d26d138c5e997eb779518b8b4b0153ca38c73e43c5a43ff2e41e9bd28139c9862e09a8dfe63f8a0f1a0472efcdaa3a99ec6aa9e4e7f776d11dee44d4b15c3110e7d50c6b1c0058ed44ad184578240320f129f65849ed3e8cd786170f869ed98278c52dec454e70e3cba829c843c701b7162f07bfce12c87d839a549a87ca704c8a96801b6bca0ddf6a6fcdce0dfc7eed37ec8d55bfcd90554e1d273a388d56b18fca928422d71ba842ee0f3a44fc3d7f303f981d4d21a4677108afe8df594ec47d9f71ddb3798b16a85e75047f4cd44aa2cbe7771f78ea01acfeeff4019508da78e72bf95d3942ca7310491941304d1085a2a23d283fe7462896dfb8bc8dd581b1bb9f96970b120c99873fe11510ff95ed330fd8f817d5b2921cb6439c30d385a2f56748851c3899c2e954747ec3d8d3097df96fc58953aa0c822e9519392b304f533ed483fe385f51ae77a1783b08111e7d6a0e8ef4de055d6507dbaab81146a5f6c12e40fbd32126be3fade686f758972ad824f36054e72ba4892620f73abb6dbdb8a9751705a6c57931ec08707c3974db191c54f375e30ceeaa054da2cbeb8331662292959debf0aee7346ff3fcdeb62d2826abc47bd2e216e0665f6072d782d4d3b3d484516fc5bd8298bd9f30afaba7d0be72c6f8be5593c51b8a41905aa67ff52d5") write(r0, &(0x7f00000000c0)="1f0000000104a4e998ff00fd4354c007110000f305010008000100010423dcffdf00", 0xffffffffffffffcf) write(r0, &(0x7f0000000000)="1f0000000104fffffd3b54c007110000f30501000b000600000010d10200cf", 0x1f) 03:38:33 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="026c00006f786e6574302d232f70726f6300") 03:38:33 executing program 1: openat$full(0xffffffffffffff9c, &(0x7f0000000040)='/dev/full\x00', 0x40000, 0x0) r0 = memfd_create(&(0x7f00000000c0)='eth1\x00', 0x2) getsockopt$XDP_STATISTICS(r0, 0x11b, 0x7, &(0x7f0000000100), &(0x7f00000001c0)=0xfffffffffffffd13) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x400002, 0x0) 03:38:33 executing program 7: syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010a0200027400f801", 0x17}], 0x0, &(0x7f00000001c0)={[{@fat=@check_relaxed='check=relaxed', 0x2c}]}) 03:38:33 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x0) 03:38:33 executing program 6: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000740)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000013e95), 0x4) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000140)={0x0, @in6={{0x2, 0x0, 0x0, @mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x300000000000000], 0x1}}}}, 0x98) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000140)=0xd) close(r0) 03:38:33 executing program 1: r0 = socket(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000000)=@broute={'broute\x00\x00\x00\x00`\x00', 0x4000, 0x2, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20001040], 0x0, &(0x7f0000000080), &(0x7f0000001040)=[{}, {0x0, '\x00', 0x1}, {0x0, '\x00', 0x2}]}, 0x108) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/net/pfkey\x00', 0x101000, 0x0) ioctl$KDADDIO(r1, 0x4b34, 0x7) [ 819.885562] FAT-fs (loop7): Directory bread(block 2563) failed [ 819.892067] netlink: 'syz-executor5': attribute type 6 has an invalid length. [ 819.893797] FAT-fs (loop7): Directory bread(block 2564) failed [ 819.917353] FAT-fs (loop7): Directory bread(block 2565) failed [ 819.924265] FAT-fs (loop7): Directory bread(block 2566) failed 03:38:33 executing program 2: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) capset(&(0x7f00000000c0)={0x20071026}, &(0x7f0000000100)) setsockopt$bt_hci_HCI_FILTER(r0, 0x0, 0x2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x2}, 0x10) 03:38:33 executing program 5: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x4000) ftruncate(r0, 0x1) write$P9_RLCREATE(r0, &(0x7f0000000000)={0x18, 0xf, 0x2, {{0x5, 0x2, 0x8}, 0x7}}, 0x18) epoll_create1(0x80000) write$cgroup_int(r0, &(0x7f0000000200)=ANY=[], 0x3ffe00) 03:38:33 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x0) [ 819.945649] FAT-fs (loop7): Directory bread(block 2567) failed [ 819.953314] FAT-fs (loop7): Directory bread(block 2568) failed [ 819.953911] kernel msg: ebtables bug: please report to author: No valid hooks specified [ 819.959644] FAT-fs (loop7): Directory bread(block 2569) failed [ 819.975949] kernel msg: ebtables bug: please report to author: No valid hooks specified [ 819.988220] FAT-fs (loop7): Directory bread(block 2570) failed 03:38:33 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020007006f786e6574302d232f70726f6300") 03:38:33 executing program 1: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x9, &(0x7f0000000480)=ANY=[@ANYRES32=0x0, @ANYBLOB="900000004a34c260b9f5528fbb1b66353800666fea12a29f9b4471caf49071925de387975a6945ecd60365a02ae4073e037bf4a56a376cb8665aad049851c3bcb15b30560bc80771831da91b97cc7f1b26652c0b061fa4fb4aa6bb7f61a78f7281b9a9ba7205945a71b6a665ca2f0f9ed3861c83b4435a8910516371c447b9cf0f8dc9bae8f15cf83137cf19047a2739d60f9de0"], &(0x7f0000000000)=0x98) 03:38:33 executing program 2: r0 = syz_open_dev$adsp(&(0x7f00000003c0)='/dev/adsp#\x00', 0x62b, 0x40) getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000580)={{{@in, @in=@broadcast}}, {{@in=@multicast1}, 0x0, @in=@loopback}}, &(0x7f0000000680)=0xe8) r1 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000300)={0x53, 0xffffffffffffffff, 0xac, 0x0, @buffer={0x0, 0xe9, &(0x7f0000000080)=""/233}, &(0x7f0000000180)="320f4241388a3d038411b247c4576c27f64db0ecbb2214deb201e986a83d9acdc9a666f522f59e0700000000000000f487b106003dae8c1fd28d1ead2ac593aff244ff4a62d61bc63635351ed11641cf9e45d8869ba999b46bd75d54eee3ec44f8cc04d64b7edd9a58b19594a577de4375c5277dfa9e07052a82b1395189aa276c5ef1ba5e8a068a8f2f624bdb81c71f522f61cf39ca004aeb1da6c3cb808f0c710f558770f701aa91ad1caa", &(0x7f0000000240)=""/126, 0x0, 0x0, 0x0, &(0x7f00000002c0)}) r2 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/sequencer\x00', 0x802, 0x0) getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000000400)={{{@in6=@dev, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast2}, 0x0, @in6=@ipv4={[], [], @broadcast}}}, &(0x7f0000000500)=0xe8) bind$bt_hci(r2, &(0x7f0000000540)={0x1f, r3, 0x1}, 0xc) write$binfmt_elf64(r1, &(0x7f0000000300)=ANY=[], 0xffffffffffffff09) read(r1, &(0x7f0000000000)=""/42, 0x2a) [ 820.013443] FAT-fs (loop7): Directory bread(block 2571) failed [ 820.034366] FAT-fs (loop7): Directory bread(block 2572) failed 03:38:33 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x0) 03:38:34 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) recvmmsg(r0, &(0x7f0000003f80)=[{{&(0x7f0000000080)=@can, 0x80, &(0x7f00000001c0)}}], 0x1, 0x0, &(0x7f0000004000)={0x77359400}) sendmsg$nl_route_sched(r0, &(0x7f0000005a00)={&(0x7f0000000180)={0x10}, 0xc, &(0x7f00000059c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="2400000026000102000000000000000000000000", @ANYBLOB="00000000bd"], 0x2}, 0x1}, 0x0) r1 = dup(r0) ioctl$KVM_PPC_ALLOCATE_HTAB(r1, 0xc004aea7, &(0x7f0000000100)) 03:38:34 executing program 5: r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='map_files\x00') fchdir(r0) setsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r0, 0x84, 0x1e, &(0x7f0000000080), 0x4) syz_fuse_mount(&(0x7f0000000040)='./f-0e0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x8002, 0x0) 03:38:34 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x800, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = memfd_create(&(0x7f0000000000)='@\x00', 0x1) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000040)={0x27, 0x550e, 0x8002, 0x3ff, 0x20, 0xfffffffffffffffa, 0x840, 0x6, 0x0}, &(0x7f0000000080)=0x20) getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r2, 0x84, 0x6, &(0x7f0000000140)={r3, @in={{0x2, 0x4e22, @multicast2=0xe0000002}}}, &(0x7f00000000c0)=0x84) r4 = userfaultfd(0x0) ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r5 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r5, 0x0, 0x2000000000000004, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr}, 0xc) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r5, 0x6, 0x1d, &(0x7f0000000100), 0x14) close(r0) dup3(r1, r4, 0x0) 03:38:34 executing program 7: syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010a0200027400f801", 0x17}], 0x0, &(0x7f00000001c0)={[{@fat=@check_relaxed='check=relaxed', 0x2c}]}) 03:38:34 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020200006f786e6574302d232f70726f6300") 03:38:34 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x0) 03:38:34 executing program 6: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000740)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000013e95), 0x4) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000140)={0x0, @in6={{0x2, 0x0, 0x0, @mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1800000000000000], 0x1}}}}, 0x98) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000140)=0xd) close(r0) [ 820.849896] FAT-fs (loop7): Directory bread(block 2563) failed [ 820.870595] FAT-fs (loop7): Directory bread(block 2564) failed [ 820.887818] FAT-fs (loop7): Directory bread(block 2565) failed 03:38:34 executing program 5: socket$inet6(0xa, 0x8080e, 0x9) pipe2(&(0x7f0000000040)={0xffffffffffffffff}, 0x84800) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/autofs\x00', 0x4002, 0x0) syz_kvm_setup_cpu$x86(r0, r1, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000200)=[@text16={0x10, &(0x7f0000000180)="0fc71e00000f20c06635200000000f22c0260f00990e0066b9800000c00f326635004000000f306766f20f01c866b9800000c00f326635001000000f302636f2aff3f2362e0fbeb498970f01ca0f30", 0x4f}], 0x1, 0x10, &(0x7f0000000240), 0x0) ioctl$KDGKBMETA(r1, 0x4b62, &(0x7f00000002c0)) ioctl(r1, 0x4, &(0x7f0000000400)="025c98abf216514c3ba4db57e80edd8e137145cd6f797f8d6032b6221a67403cd43152929d0bd5a75d51be818a6d9087d788cd48678ed2d8e0af1e08db04e541d1c8c83c094354f753ccfa30b0ab1a0a446ff88108316934bafc047b8278bf12a339d8ffb9bd06a54dc369ed93b39d20cbbc62e406a9fd1788fc529fab33e3f9800deea4a9779b3d6a7ca9be3023923a1b594f4ca822da07c190cedca03d3dc0432002000000000000000000000000") r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) pipe2(&(0x7f0000000240), 0x800) write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000000)={0xffffffff}, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_BIND_IP(r2, &(0x7f00000000c0)={0x2, 0x28, 0xfa00, {0x0, {0xa}, r3}}, 0x30) 03:38:34 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="027a00006f786e6574302d232f70726f6300") 03:38:34 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x0) [ 820.900599] FAT-fs (loop7): Directory bread(block 2566) failed [ 820.911928] FAT-fs (loop7): Directory bread(block 2567) failed [ 820.936828] FAT-fs (loop7): Directory bread(block 2568) failed 03:38:34 executing program 5: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x4, 0x4, 0x4, 0x9}, 0x1c) r1 = syz_open_dev$amidi(&(0x7f0000000040)='/dev/amidi#\x00', 0x3, 0x20000) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x2, &(0x7f00000000c0)={0xffffffff}, 0x106, 0x6}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(r1, &(0x7f0000000140)={0xe, 0x18, 0xfa00, @id_resuseaddr={&(0x7f0000000080)=0x1, r2, 0x0, 0x1, 0x4}}, 0x20) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000028000)={r0, &(0x7f00004e5fff), &(0x7f00003a3fff)="16"}, 0x20) set_robust_list(&(0x7f00000002c0)={&(0x7f0000000200)={&(0x7f00000001c0)}, 0x2, &(0x7f0000000280)={&(0x7f0000000240)}}, 0x18) setsockopt$sock_linger(r1, 0x1, 0xd, &(0x7f0000000180)={0x0, 0x100000000}, 0x8) 03:38:34 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020600006f786e6574302d232f70726f6300") [ 820.948052] FAT-fs (loop7): Directory bread(block 2569) failed [ 820.963431] FAT-fs (loop7): Directory bread(block 2570) failed [ 820.970495] FAT-fs (loop7): Directory bread(block 2571) failed [ 820.983134] FAT-fs (loop7): Directory bread(block 2572) failed 03:38:34 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x0) 03:38:34 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") mlockall(0x1) r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x40000, 0x0) getpeername$netlink(r1, &(0x7f0000000040), &(0x7f0000000080)=0xc) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0) 03:38:34 executing program 2: r0 = socket$inet6(0xa, 0x3, 0x3a) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x4200, 0x0) ioctl$SG_GET_LOW_DMA(r1, 0x227a, &(0x7f00000000c0)) setsockopt$inet6_MRT6_ADD_MFC(r0, 0x29, 0xcc, &(0x7f0000000040)={{0xa, 0x0, 0x0, @mcast1={0xff, 0x1, [0xa4ffffff00000000], 0x1}}, {0xa, 0x0, 0x0, @mcast1={0xff, 0x1, [], 0x1}}}, 0x5c) 03:38:34 executing program 7: syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010a0200027400f801", 0x17}], 0x0, &(0x7f00000001c0)={[{@fat=@check_relaxed='check=relaxed', 0x2c}]}) [ 821.125375] FAT-fs (loop7): Directory bread(block 2563) failed [ 821.146331] FAT-fs (loop7): Directory bread(block 2564) failed [ 821.152746] FAT-fs (loop7): Directory bread(block 2565) failed [ 821.159629] FAT-fs (loop7): Directory bread(block 2566) failed [ 821.165860] FAT-fs (loop7): Directory bread(block 2567) failed [ 821.172103] FAT-fs (loop7): Directory bread(block 2568) failed [ 821.178572] FAT-fs (loop7): Directory bread(block 2569) failed [ 821.184738] FAT-fs (loop7): Directory bread(block 2570) failed [ 821.190937] FAT-fs (loop7): Directory bread(block 2571) failed [ 821.197101] FAT-fs (loop7): Directory bread(block 2572) failed 03:38:35 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) recvmmsg(r0, &(0x7f0000003f80)=[{{&(0x7f0000000080)=@can, 0x80, &(0x7f00000001c0), 0x100000000000016d}}], 0x1, 0x0, &(0x7f0000004000)={0x77359400}) sendmsg$nl_route_sched(r0, &(0x7f0000005a00)={&(0x7f0000000180)={0x10}, 0xc, &(0x7f00000059c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="2400000026000102dfe470110000000000000000", @ANYBLOB="00000000bd"], 0x2}, 0x1}, 0x0) 03:38:35 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020006006f786e6574302d232f70726f6300") 03:38:35 executing program 1: r0 = socket$inet(0x2, 0x1, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000356ffc)=0xffffffffffffff40, 0x4) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @multicast2=0xe0000002}, 0x10) listen(r0, 0x0) getsockopt$ARPT_SO_GET_INFO(r0, 0x0, 0x60, &(0x7f0000000080)={'filter\x00'}, &(0x7f0000000100)=0x44) 03:38:35 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x0) 03:38:35 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000480)='/dev/ptmx\x00', 0x1, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000040)) r1 = syz_open_pts(r0, 0x200044) r2 = accept4$bt_l2cap(0xffffffffffffff9c, &(0x7f00000000c0), &(0x7f0000000100)=0xe, 0x80800) setsockopt$bt_BT_SNDMTU(r2, 0x112, 0xc, &(0x7f0000000140)=0x5, 0x2) write(r0, &(0x7f0000c34fff), 0xffffff0b) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$TCSETS(r1, 0x5402, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x4782}) 03:38:35 executing program 7: syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010a0200027400f801", 0x17}], 0x0, &(0x7f00000001c0)={[{@fat=@check_relaxed='check=relaxed', 0x2c}]}) 03:38:35 executing program 5: syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000100)='./file0\x00', 0xe000, 0x1, &(0x7f0000000040)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020401000200027000f801", 0x17}], 0x0, &(0x7f0000000080)=ANY=[]) r0 = open(&(0x7f00000000c0)='./file0/file0\x00', 0x3fffe, 0x0) fallocate(r0, 0x0, 0x0, 0x8004) fcntl$setstatus(r0, 0x4, 0x800) sendfile(r0, r0, 0x0, 0xffffffff) 03:38:35 executing program 6: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000740)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000013e95), 0x4) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000140)={0x0, @in6={{0x2, 0x0, 0x0, @mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6000000000000000], 0x1}}}}, 0x98) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000140)=0xd) close(r0) 03:38:35 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020074006f786e6574302d232f70726f6300") [ 821.976613] FAT-fs (loop7): bogus number of reserved sectors [ 821.982700] FAT-fs (loop7): Can't find a valid FAT filesystem 03:38:35 executing program 1: r0 = memfd_create(&(0x7f0000000180)='^GPLeth1\x00', 0x1) ioctl$KVM_SET_CLOCK(r0, 0x4030ae7b, &(0x7f00000001c0)={0x2, 0x2}) r1 = socket$inet6_dccp(0xa, 0x6, 0x0) r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x200080, 0x0) ioctl$sock_bt_hidp_HIDPGETCONNINFO(r2, 0x800448d3, &(0x7f00000000c0)={{0x1, 0x49a8, 0x80000001, 0x6, 0x27, 0x5}, 0x3, 0x3ff, 0x401, 0xffffffffffff13c4, 0x100000001, "c5e7d0ac8b97bc2fc1ccab398246980ed9ec5343b950034b66a420575c5880c1f31a27b39c9d07d50202053958f7cb8f00a98d9d40d589494ab8ff4dc3b29cc9f166bb95814e584e90d88e86cca5ad291b5d076e4a7ee0821f0f8d2ea01d440b76dc8f64271a373fda433674bc1574ae579aeb45b63f20d3adbd0815367f08a0"}) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast1={0xff, 0x1, [], 0x1}, 0xc61c}, 0x1c) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xbb}, 0x3f}, 0x1c) 03:38:35 executing program 5: r0 = msgget$private(0x0, 0x100) msgsnd(r0, &(0x7f0000000000)={0x1, "2a92e3ae8c1eb3137c2e6321a072ffaeddd7c94955dfe6d6a4b8aaa41fba4529d5501dfd46dab3a8d8a5d390f72604b026bbc7f427ce95fc4e590ffd8d1ac2f3eaa1c3365e1dc8464d610c8f3c875ea61f04980fa3b834d66395cfe40751b15abd10a3118d92cdc50d630294b67c0db903045c4239bbb67d44176e7b9f9c408442a4e6456d2e3fb2f1039abb07b441d4bac515ac1f41dfc6334f18fa25be45eeef3e5d761f90c58e88999180e5a931f6594a1c0ac12fa8cf70f076ddfb738bb64f6579d365f394f8c11d9ecc472063b14e485c28f274708698d55725e9e56b59d91f4d502ffa07da6d7070bac8426881db7ce2effacffc1e01be71738e2596eeea1cd48f4e7f40b29eb67b762f639d694d9220b5866cced21b57324963723ac7ebe61a1d41a8abe0075564c4af642a3e74de82873201d7b8235a1d92a29a5fddafdf78ce997491ffeae20dac1d58d724d8f04bc14de7191be5f894ef88bc954d4ac87b334d0d35de9593b8621e22ab00a666327d184f239ba1aea04054fa9c106f85cbb0ae2cfb510a0853e35e5e024931381aefaa61b0c3b2d73dcfd88a3f3831f8103646f5a7636ec135efc5a348bd2aa78daeac0e4c5d0da49f4f9b5bd624da0b1b2e772108f01f9bee6c9bda8351e1e170ebdd4f5d8d2c4b421df1eb5a94da76f560ad69f89ad2b6f0d1f1dbea47c7ebd48c3a8623c9ce42e753efe3175ab8c5187598bf2aeaf8f9035f130dedebb030a2455783421f2b82ab1a4cd18fe329ef60e61e39e1c07f4ac327d1239f68feeacada8040bf3442e48f92bceb7138a7e44af0509adf7ac256ac6ef73ef3dfa669879abd8d91be0dd08a9ac0b95d02b6bb9fd7df01fa9549491a3562876b72241312d11333e4da973f38d81d644b8051c4647958ccf7fb41743e986659aac2cc377af37f43294aab1905e1fe2051edebf46e790c72a8fd24bf667a5737305e3cca08b4ef7bcc0bf93ea53c4176fe06ceceb81b417ad359c10f3956cba815d928374e55ea2e9f4c078d168d09dc5ec6f5c826dd191d024e90c60749d233bf145af02215a18d2f2ce9eab1159037cad9852462f41d0015ab635fc2ccfc21da71a5d4cfd9a4418f9adb6ed6ffd39ec43c502a040738eb7b043cca4ff33baf83de2c8518525b8fbf7a95d76fac0c3d7d79884b3bfad5881a2da5b39e58d5246c4cb589d344bf4db8e03833ca3a938e2dddfc7af9d519fd4030748947b9fe5d23aa94d7712544add315ed7b927da79d4f56593e31537abe14ec2ffb04e73d48a2c05ed34c967a2f841b565e07e133c63759a2450514671043142db8c6233ad5452ade36b5bc60268e8df6b9afef36ec847a27b8fe55c12559619fb2a1c45fec77a46c004cd16a6415750762508e5068b9855ff4e8fc82e57fa9555b7175eb0b2590ff10b8d03fc9e0b525ce95dfd3116bf10d6a26680a49f19eed1fda76b8d9f4f48113d30e02695e225002ae5d28d345b47dc10347faad31ae35c9db72d957f0a61ec015e2579578a7507ee741de95445d5421e6c6bb5429923085a96188f68444645cd87681f952e86f8c068e3ced7f2412cdfe6c03ea37b1d93c92dd47817ade0e9ebf50595c1d6bb320a4938a8e414c9af4bd905e266e535fb0a363a147054d412419b29339f357d0bf8ec0d2ae804aa5a8c49c3159a9467102cdfe2026a5ddc229dfc3a1f9ce50e4b75386dd97d7fce67d0e95bd5abbd7d610ef1177a25ea88e3a891188a6fff1a1d88bbe29ab6cc869d079a49d616056ea46fab6e8fa2a85bcd9e76740ab302bc35b3d6f963df810846e89c543e7c605748c48ec170470a8bc151f15e4d755ebdc935c1becb6dfc2c33a2e1489d6c21f328a597a063eac6eeccb16ed759afa393c4c56e44e371ee66e449e2fff59e4096e57c7b9749eaa9e4d77368853ea80137ce19a399852d00a69c751f57696a4b547325903af165e24f9e1a6a3ad92841320b03b667c0cbecb0812a5f83cd46059360214df430e6c6dd1b247191f1ea0042acf5cafa11ec08e997c1eee3aad66980a6e1864e53ffb35d378ec84e9e93ae2793c3d618d4d04a158bbfff9c1e12943d92b7151e400416cd457a253439170a953698d97aec6f8b8e7bf8e03d09d922feca5bfc806cb6bca9bb667f4d3227cb6b5f1282e7c1f54cdcac2ed4f7783c05ee4897e7744dc67d6473a2beaebd175bcbf247b7fd99b7e9861ba6ae13a3d38f49d7e58bb07635b4cc30f0b98799e4bca818218aae2c0c30c62d4c899d3f5434f94adc242f074c71ef62715def8df0f09d704379bcbe08fb70973e041d145886e33565853128d47511d3dd6545ed5b9f5b8f69081d6f5cbdbe5fc29a151df41badcfb2214bd6cb2dc8c1ef4fd8db57cb0d81e44f275886bc18eb778026d49b0d189d331e5a6256325eb72f29fe78d96d62411fd545164630d02d2e5f06e219b141f0c1a84e2072b1340170c5855de4ddd647ebffcdf254cdc6191e80179b1e4d059f6cd2edfb4143add0071213dc3f462ee7b669277871510726052984e7d69eeb982f0485522fc17f7aa858f4846d4a41637105b0e1cd84d5355d0e945a7a94ccdae35f22138430dd2eaccf3873a2ed9cc283c8166742cc51c3db3a9fad9f535117c3900a50d457fe54a3b0845042006aad11d5980e8854c8c80ec58c5bfe584961ff04e9f3c884bcc2889c418273065028f724409f24f0a8c4b515f2a21f4ec7f127096bf8364b8a6fcea9e3b4b187d0633e0714cdc5220202a4df45671beea08a0d7b8902026b938c540cceded5d2db3240cc937762fcced3c6769368c43dd087d15ac6baf895cefa9769282f234bbc45b739790a0d33426e50f482db53884e0785d030a4c931e8ea8ab08201ab50ea0b6a66e4c9f42adb6fbeeaccfa45cfed106df4cd272bce9895fe43c828960e22bf6e37d965ac355d3f6a346717289aed08788f45b5088aca5f6a8137ab650fdb55a45e4b91af02acc60ee9c901a691b7f8cf0434dd23ec77b833187cb7790ab263aaab620f9da1042d399b38b0562048f29496135e7bfcc87b76bd72a3b7ca4a8119ecae91ed4ea063709c302511ccee35b4a79a8643e131997e4cafe76eb766f97bc5357838fc78c6e95be937e9bad2bc976d0e514fa4947360846d4667b96ee403ca39820d7302c19071212765c90840b781f567ec84c09c390c63ef081fcd398ffeba2378a6e59184ac772c4ad11b7e7703003437d5f521be29dfda96610a2246ad38b750d21d607ab1851d0ec3fe1d19b4c94afc52d1fa99bd53a657a8010ce5b31b13580bfbb6f4f535e1d9d7fef457bc685c26d036cdf4ff824bf4fee2c9083681aa82ce93e8df722c55e86aaf483892498cd54cd2b3e822c60847d5797e61f68ca63e3b128ce1c7f043466492e178200d81d10d2bac763e1f960a9783c9f85577d0e35132257a0b07ed4884953de04c0022d2ba7d4d22a91fd302ae9f620dcb1edd42a5b50cd40dea4f3abfdf2a89861609d027511c776dac2b485467f4822f6b96b6086ca348ece05b9ea11b5df8edbdf216ba458b6dd203942dc5e20f6508112a68854985b22bbe733dc010e442fbf6f06ef316a43b785128a42b4449758bc0d56639e8a9f0f390fbb946fb17adcfbf3b12e46e716d39905affea064ee9bd2c2c37cb2698712d2627d4382fe257bc7e03a9270693101d24693d962da62dc0b6758f794e97c277cae5d432f668a938db4adc6bb91e995173c7a6d27609af1d6c4da7a0ac919ea52d0bc834e5e7732f1da874c6d110d0a9e086517913f1194195a9c72e4c95d0ed454830e7affc494e0a705bbda09ca6b1b66cfd13ea499c2bddaf358f808c36fbbab674caa75e7632a842c9ca5df81540c56349fd2379d5eb85b3bad4549aa7a02df25b9156fc8aa57dd7838e73e350bb80a825e922354a978fab40b72db6279df715510c0b96a70f9e651b9a2ec7c252031d3a94b99cb978642fecd7b9fff014a04ad376d7dba673ed007a0abd493e5e39f8a5182afed1d751bcbe25b5fee28e50f613f82abdc0ef1518b108676fa4d51c2e47a161afe111efe6ba8ec89b3f97497f3a490494b93e04ee4b749afcc1a2526156ee554d15d1e03c1cf9cc23d02e7e828b94ef8fce685868a079ab365ef24b84a3d931dbaa8e3275b4708dc616069bba6e506d7bad81adcc8a0dfc318563393a4713a0a832dae89d4effa6800ec307aed79c6c12dbe5a8a2fc083368aefcf3f28bee390954f2d8d67dec473fb015940bc7dcde9ba9d37d56c0d670dac8b7462899df5b5f41f2865138b5a3fdfe58a8c92cbb1702714aba5265be04406f377109c3e07e0961c5ecd10ac096f2c5bca14ddd09cf4312df8234574de4316dac4ff8af3b6b69fb121aa318e6ae06262eb9d8a9c07623dc9fd96876f3a113c0e6128ebc05f79fc5d2097d9dfa9e198b535859fe5895b49be8024ee9c132f40390bfed9a7e927a207a037b28242e9bf0629e1ba841f5f30cc51d03107b6b396d60796e6c81e3d93cfa949023d7121c63752a2fbcc3cb99981881eb9cbb03ade33a6fc9508bf69b3c63f72d35c895beb950590d6d4d7c49e10e15c4f8f80e4fd1729aae715da60b304833405398a9d21ddc08cc3771d5ac3872ab5dad4efd17e990abf574dbddf7ed3f7d44750d6c51b80e0f770049dba49d5c72e21ee9425aafb4c595ed0704a33e5ef9efe1e63a4b3c19fde5c46b4ef44c1a08a69b58c8bc438b1feb3af083953ea8933d08bbd88be19b9e9b89f637e61f78f99e219cda0eb1b6c6dfb1dbf5c0bb6c4b1a2f94b9d8b1c7fb739ab7acae9f54472517ccc2607b9e7082fea7e54f2d0017ff26a3b13318b3eb9364624a48fe1d8a8d85e56d5cfa3a6b3323d330d7ca5e81db28d66a5db7ce569d66974fa4b8520355a89b36c6e17fa361c12e73acbb780f3c6a554633352cb99a125520afd9415232a1c0c567610bb1bfebb28a822bc13a32bec51bde6e4005264360dd647398a0d3c9fedef8d46960ac95795d802a7ae85fce3b15032e755b0a45e2577b799b0bf742614ef1c4f148568ab0e20e7f85e9b1d1b569512da753ad224929e098d701e5f8255ee948301c79d40d74a3e714f08692e29878c1e796d7b8199c2d68ac0f54138986a14327c4387ad55579e895da2243c58ac8675a8ff39ad8ee671b75cea0c833e5190032c1cf6418c11e747c3551e5aecf881d1cdc4d9cbdfb082eaf346f4d1ad52edf68ac8adecfdc455b08b0936423eb937bb4130503a9f71d77a3c708ded9fa3b33da5d12a36e271586c1dfa15036a4c22a39c991ba56d31f94cdc6f8fdad5959d3f50a4408b4df5129eccc8a56c06cc5c9ff1769f1e1b5875738c45aae29fe893ed7be61b8273a1a6f1828c4badc1b427dfe991d706102f5a8bc56851ac1e8f84d8e4eab964c8d83ef60c831cfe82008421e0eb59406fac31c955ad2b9eff53ac3b855c4fac8545a28cc17558ea2077cb540fc43fbb9a9bd1692729dd5800a72097ddd1bb39601896ce5e074618feb4ebf529ed4725689f2d65b77e90b96203a8d2cf07d0a9f8c1cc61565a087027f2132fe28962ab30d0d288d22d0babe6b13133d08174e104329b0b1ec4d1b25a6b6ba6df4268106b5ebbe44a6d2204e32ad4a3283d4e0f97aa279b2bdf6ad88a2bbf33f4de7da401cc679cde6e77e12a720509accb849afa6001facccfd9cbed0720dbf886eb6530ddd6eb46a427fc41d670035324b3d32b98fe5e903fd311877a647957514f907dbe27c726dd15ff192fcb221506a4be41dbe7da7f8c0ea510"}, 0x1008, 0x800) r1 = timerfd_create(0x0, 0x800) sync_file_range(r1, 0x900, 0x3, 0x4) r2 = syz_open_dev$mouse(&(0x7f0000001040)='/dev/input/mouse#\x00', 0x2, 0x4040) bind$bt_rfcomm(r2, &(0x7f0000001080)={0x1f, {0x7, 0x0, 0x3, 0x1e, 0x0, 0xc440}, 0x8}, 0xa) r3 = socket$inet6(0xa, 0x807, 0x4) sync_file_range(r2, 0xb0d, 0x4, 0x4) getsockopt$inet_sctp6_SCTP_CONTEXT(r2, 0x84, 0x11, &(0x7f00000010c0)={0x0, 0xff}, &(0x7f0000001100)=0x8) setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r2, 0x84, 0x22, &(0x7f0000001140)={0xffff, 0xb, 0x6, 0x0, r4}, 0x10) ioctl$SCSI_IOCTL_TEST_UNIT_READY(r2, 0x2) syz_open_dev$binder(&(0x7f0000001180)='/dev/binder#\x00', 0x0, 0x800) ioctl$TIOCLINUX5(r2, 0x541c, &(0x7f00000011c0)={0x5, 0xfff, 0x6, 0x9, 0x506}) epoll_ctl$EPOLL_CTL_DEL(r2, 0x2, r3) ioctl$KVM_CREATE_DEVICE(r2, 0xc00caee0, &(0x7f0000001200)={0x4, r2, 0x1}) getsockopt$inet_sctp_SCTP_RECVRCVINFO(r2, 0x84, 0x20, &(0x7f0000001240), &(0x7f0000001280)=0x4) r5 = syz_open_dev$sndpcmc(&(0x7f00000012c0)='/dev/snd/pcmC#D#c\x00', 0x80000001, 0x800) r6 = shmget$private(0x0, 0x3000, 0x420, &(0x7f0000ffb000/0x3000)=nil) shmctl$SHM_STAT(r6, 0xd, &(0x7f0000001300)=""/211) ioctl$LOOP_SET_STATUS(r5, 0x4c02, &(0x7f0000001400)={0x0, 0x0, 0x0, 0x0, 0x0, 0xf, 0x11, 0xc, "ef0dbdc9aad1b15b8b3ce3ead3d307027718ed392c73993bfbb063795c4eb1a7ea8d10b1d8a0fdd52a1085d8363c63d5c6d8694b6e945cdc530aad7c5d856326", "634778fb1e0764c8d5318c585c956e9f9818280c7f593c6f84730ce39dc269b8", [0xde2, 0xfff]}) r7 = request_key(&(0x7f00000014c0)='cifs.idmap\x00', &(0x7f0000001500)={0x73, 0x79, 0x7a, 0x2}, &(0x7f0000001540)="2b76626f786e657431ed00", 0xfffffffffffffffc) keyctl$describe(0x6, r7, &(0x7f0000001580)=""/238, 0xee) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r5, 0x84, 0x6c, &(0x7f0000001680)={r4, 0x8, "b3381c0bf3504580"}, &(0x7f00000016c0)=0x10) ioctl$sock_inet_tcp_SIOCINQ(r2, 0x541b, &(0x7f0000001700)) ioctl$VT_DISALLOCATE(r2, 0x5608) syz_open_dev$sg(&(0x7f0000001740)='/dev/sg#\x00', 0x2, 0x0) clock_gettime(0x0, &(0x7f00000017c0)={0x0, 0x0}) utimes(&(0x7f0000001780)='./file0\x00', &(0x7f0000001800)={{0x0, 0x2710}, {r8, r9/1000+10000}}) getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r5, 0x84, 0x13, &(0x7f0000001840)={r4, 0x1}, &(0x7f0000001880)=0x8) getpeername$netlink(r5, &(0x7f00000018c0), &(0x7f0000001900)=0xc) 03:38:35 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) recvmmsg(r0, &(0x7f0000000080)=[{{&(0x7f00000001c0)=@can, 0x80, &(0x7f00000001c0)}}], 0x1, 0x0, &(0x7f0000000100)={0x77359400}) sendmsg$nl_route_sched(r0, &(0x7f0000005a00)={&(0x7f0000000180)={0x10}, 0xc, &(0x7f00000059c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="0102000000000000000000000000", @ANYBLOB="00000000bd"], 0x2}, 0x1, 0x0, 0x0, 0x8004}, 0x0) 03:38:35 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x0) 03:38:35 executing program 7: syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x0, &(0x7f0000000200), 0x0, &(0x7f00000001c0)={[{@fat=@check_relaxed='check=relaxed', 0x2c}]}) 03:38:35 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020068006f786e6574302d232f70726f6300") 03:38:35 executing program 1: r0 = socket$inet6(0xa, 0x2, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r1, 0x6, 0x10000000013, &(0x7f0000d06000)=0x1, 0x4) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000040)={0x0}, &(0x7f0000000080)=0xc) fcntl$setown(r0, 0x8, r2) setsockopt$inet_tcp_int(r1, 0x6, 0x14, &(0x7f0000000000)=0x2, 0x4) getsockopt$inet_tcp_int(r1, 0x6, 0x15, &(0x7f00000015c0), &(0x7f00000000c0)=0x2) 03:38:35 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x0) [ 822.180635] FAT-fs (loop7): bogus number of reserved sectors [ 822.186775] FAT-fs (loop7): Can't find a valid FAT filesystem 03:38:35 executing program 7: syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)}], 0x0, &(0x7f00000001c0)={[{@fat=@check_relaxed='check=relaxed', 0x2c}]}) 03:38:35 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="027400006f786e6574302d232f70726f6300") 03:38:35 executing program 1: r0 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f000044f000)={0xa, 0x4e20}, 0x1c) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x80, 0x0) ioctl$TIOCNXCL(r1, 0x540d) listen(r0, 0x0) getsockopt$inet_sctp_SCTP_RTOINFO(r1, 0x84, 0x0, &(0x7f0000000040)={0x0, 0x1, 0x5, 0x8}, &(0x7f0000000080)=0x10) ioctl$FIDEDUPERANGE(r1, 0xc0189436, &(0x7f0000000300)={0xffff, 0x9a4, 0x8, 0x0, 0x0, [{r1, 0x0, 0x7}, {r1, 0x0, 0x1f}, {r1, 0x0, 0x9}, {r1, 0x0, 0x101}, {r1, 0x0, 0x1}, {r0}, {r0, 0x0, 0xff}, {r0, 0x0, 0x80}]}) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f0000000180)={r2, 0x78, "344ad7bf00e38db47cd6405ccc91f770cf2f17ffd5e51a3b4f825aadd660ac5ba0e821d7c8af160d4a454a740ac21dbd6193f1243683da2da08edc8804cd3ea0e3ace998bec048c79cb9e8f64f9b7778e0ec98f88b27de4b2a9b5abfbc5318ca1036e1b0739d1f1f0eae77b377f8e8030fabb12c2ce36548"}, &(0x7f0000000200)=0x80) setsockopt$inet6_int(r0, 0x29, 0xd1, &(0x7f00000000c0)=0x1, 0x4) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, &(0x7f00000002c0)) [ 822.275050] FAT-fs (loop7): bogus number of reserved sectors [ 822.281275] FAT-fs (loop7): Can't find a valid FAT filesystem 03:38:36 executing program 7: syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e66617400", 0xc}], 0x0, &(0x7f00000001c0)={[{@fat=@check_relaxed='check=relaxed', 0x2c}]}) 03:38:36 executing program 5: r0 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x40}, 0x0, 0x0, 0xffffffffffffffff, 0x0) vmsplice(r0, &(0x7f0000000100)=[{&(0x7f0000000040)="846dd3a9cf7f73a83e4d0bb9d27f2616270dc71e7aab938c6f5ff40bd0011746c78d58fc3d8e6bca522fac3d357ad88138ef91a27f152207de5a6d86d2a8f4216f7532ff77805d764910b0d554e4ecfee96ebbec0645105142913eec8bc01daa0222b331da22e4b78060574f0c78534289c9b67d8e6a91716a45dec81fe72efef247799332333108bf1cd95ea9fe5ff023767ce120d2cc60bf9708d2dd72129364057d9cf6b737231206cca51723bee676b434abf92eea062c302cc7", 0xbc}, {&(0x7f0000000200)="c8396128c5a9715e0d16e89086bbf52c6c148cb462d0dd256bd2b5ad8e153bbfef6ab221c04f3000da2ee0d459aae55c30af13b8fcda208e0d31702e0ace10d623615ee79810c8d7436e8255c054301c9e62469bd00c0ec052283be8ba11b8fc3d27d00db99e197c383a80a53f210fbe2a202e075c831a6b99de2b5415a5f72588964ae2c043fd0b5106f2b22e758949c1e15a9be9cb3a7230c1efa55f627d3f72fcb0c10fb8c13155962a79cda2c2519986f570b70f0d2e2d9133dde5ba76462270a5d042b29c", 0xc7}], 0x2, 0x8) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000fafff7)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0xffffffffffffffff, 0x200000) ioctl$sock_SIOCBRADDBR(r3, 0x89a0, &(0x7f0000000300)='erspan0\x00') ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) 03:38:36 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x0) 03:38:36 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020970006f786e6574302d232f70726f6300") 03:38:36 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000003fe8)={0xaa}) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r2, 0x84, 0x8, &(0x7f0000013e95), 0x4) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r2, 0x84, 0x6, &(0x7f0000000200), 0x8) close(r2) r3 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x45c840, 0x0) ioctl$SNDRV_RAWMIDI_IOCTL_DROP(r3, 0x40045730, &(0x7f0000000040)=0xcf1d) close(r1) 03:38:36 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x11, &(0x7f00000000c0)=0x100000001, 0x4) connect$inet6(r0, &(0x7f0000000140)={0xa}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000040)='tls\x00', 0x4) r1 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x200000, 0x0) ioctl$SG_GET_SCSI_ID(r1, 0x2276, &(0x7f0000000080)) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x0, 0x5c832, 0xffffffffffffffff, 0x0) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000100)={0x303, 0x33}, 0x28) 03:38:36 executing program 6: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000740)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000013e95), 0x4) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000140)={0x0, @in6={{0x2, 0x0, 0x0, @mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3000000], 0x1}}}}, 0x98) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000140)=0xd) close(r0) [ 822.962018] FAT-fs (loop7): bogus number of reserved sectors [ 822.967967] FAT-fs (loop7): Can't find a valid FAT filesystem 03:38:36 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) recvmmsg(r0, &(0x7f0000003f80)=[{{&(0x7f0000000080)=@can, 0x80, &(0x7f00000001c0)}}], 0x1, 0x0, &(0x7f0000004000)={0x77359400}) sendmsg$nl_route_sched(r0, &(0x7f0000005a00)={&(0x7f0000000180)={0x10}, 0xc, &(0x7f00000059c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="2400000026000102000000000000000000000000", @ANYBLOB="00000000bd"], 0x2}, 0x1}, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$XDP_MMAP_OFFSETS(r1, 0x11b, 0x1, &(0x7f0000000100), &(0x7f0000000000)=0x60) setsockopt$inet6_MRT6_ADD_MFC_PROXY(r2, 0x29, 0xd2, &(0x7f0000000200)={{0xa, 0x4e23, 0x3cd7, @dev={0xfe, 0x80, [], 0xf}, 0xffffffff}, {0xa, 0x4e22, 0x3, @mcast2={0xff, 0x2, [], 0x1}, 0x5}, 0x8000, [0x6, 0x4000000, 0x6, 0x421, 0x2, 0x1ff, 0x1ac, 0xc7]}, 0x5c) 03:38:36 executing program 7: syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010a0200", 0x12}], 0x0, &(0x7f00000001c0)={[{@fat=@check_relaxed='check=relaxed', 0x2c}]}) 03:38:36 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x0) 03:38:36 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="02003f006f786e6574302d232f70726f6300") 03:38:36 executing program 2: syz_emit_ethernet(0x6a, &(0x7f00000000c0)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x5c, 0x0, 0x0, 0x0, 0x1, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}, @dev={0xac, 0x14, 0x14, 0x11}}, @icmp=@parameter_prob={0x5, 0x4, 0x0, 0x0, 0x0, 0x0, {0x10, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x402f, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, @dev={0xac, 0x14, 0x14}, {[@timestamp={0x8, 0x2c, 0x0, 0x0, 0x0, [{}, {}, {[@loopback=0x7f000001]}, {[@broadcast=0xffffffff]}, {[@multicast1=0xe0000001]}, {[@dev={0xac, 0x14, 0x14}]}]}]}}}}}}}, &(0x7f0000000000)) syz_emit_ethernet(0x73, &(0x7f0000000040)={@remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0x11}, [{[{0x9100, 0x7, 0x8, 0x3}], {0x8100, 0x0, 0x3, 0x4}}], {@mpls_mc={0x8848, {[{0x5, 0x1, 0x7, 0x8}, {0x3, 0x2, 0x9}, {0xffffffffffffe5fd, 0x7, 0x87, 0x6}], @generic="e0aed1a77660f669c466bfadcd000694fcff6273947bd309e5477d624f14cbfeb8d4296653e9aa24abdd5466d1c1f645784ebbcfb9a68b0107528d67ae2caa2218a6fe5ab4923aaddb11ef40ebef83992e"}}}}, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0x181800, 0x0) write$P9_RRENAMEAT(r0, &(0x7f0000000180)={0x7, 0x4b, 0x2}, 0x7) 03:38:36 executing program 5: r0 = socket$inet6(0xa, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") mmap(&(0x7f0000013000/0x4000)=nil, 0x4000, 0x7, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000100)={0xaa, 0x4}) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r2, 0x84, 0x8, &(0x7f0000013e95), 0x4) ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000040)={'ip6tnl0\x00', &(0x7f0000000000)=@ethtool_cmd={0x3}}) close(r2) ioctl$sock_SIOCOUTQ(r2, 0x5411, &(0x7f0000000080)) close(r1) 03:38:36 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="025cc83d6d345f8f762070") r1 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_generic(r1, &(0x7f0000005000)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000016ff0)={&(0x7f0000000040)={0xfffffe65, 0x55, 0x3ef, 0x0, 0x0, {0x7}, [@nested={0xc, 0xd, [@typed={0x8, 0x67, @fd=r1}]}]}, 0x20}, 0x1}, 0x0) 03:38:36 executing program 7: syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010a0200027400", 0x15}], 0x0, &(0x7f00000001c0)={[{@fat=@check_relaxed='check=relaxed', 0x2c}]}) [ 823.147590] FAT-fs (loop7): invalid media value (0x00) [ 823.153006] FAT-fs (loop7): Can't find a valid FAT filesystem 03:38:36 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x0) 03:38:36 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="02006c006f786e6574302d232f70726f6300") 03:38:36 executing program 2: r0 = socket$kcm(0x2, 0x5, 0x0) r1 = open(&(0x7f0000000380)='./file0\x00', 0x200101800, 0x800) ioctl$PPPOEIOCDFWD(r1, 0xb101, 0x0) getdents64(r1, &(0x7f00000003c0)=""/34, 0x22) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=ANY=[], &(0x7f0000000200)="47501a00f9d3c471b4a5430b11691d81fb4b9c49106ab3a01eaa6e1494e10112f6e527a746961b2da661bc0517d1fed124f6efb4292dc4c6df52a2c0623cdc1a18767d961c26d3aa8c633a234967dfe047b15997efc5a3bb522cb0393846dcc3f6e76a288635697c642b3cc7b3b36b3d1354dd508712a1f15e3b542d8a0c0c9a73d19d952bcef7d7d5cb703b44c4f17e5f76e7a2f9c44e076fb1000000000000000000000000000000", 0x5d5, 0xfb, &(0x7f0000000080)=""/251}, 0x48) r3 = syz_open_dev$audion(&(0x7f00000001c0)='/dev/audio#\x00', 0xfffffffffffffffb, 0x40000) r4 = syz_open_procfs(0x0, &(0x7f0000004ffb)='task\x00') getdents64(r4, &(0x7f0000271fb8)=""/72, 0x48) getdents64(r4, &(0x7f0000000000), 0x0) setsockopt$inet6_MCAST_JOIN_GROUP(r3, 0x29, 0x2a, &(0x7f00000002c0)={0x7, {{0xa, 0x4e21, 0x0, @remote={0xfe, 0x80, [], 0xbb}, 0x401}}}, 0x88) setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000180)=r2, 0x4) sendmsg(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)=@nfc={0x27, 0x0, 0x2}, 0xd0b7a20e2b82d5d5, &(0x7f00000019c0)}, 0x0) semget(0x1, 0x3, 0x2) ioctl$sock_kcm_SIOCKCMUNATTACH(r0, 0x890b, &(0x7f0000000400)) ioctl$sock_kcm_SIOCKCMUNATTACH(r0, 0x890c, &(0x7f0000000000)) 03:38:36 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="02000a006f786e6574302d232f70726f6300") [ 823.249650] FAT-fs (loop7): invalid media value (0x00) [ 823.255216] FAT-fs (loop7): Can't find a valid FAT filesystem 03:38:36 executing program 7: syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010a0200027400f8", 0x16}], 0x0, &(0x7f00000001c0)={[{@fat=@check_relaxed='check=relaxed', 0x2c}]}) [ 823.347674] FAT-fs (loop7): count of clusters too big (4294966676) [ 823.355053] FAT-fs (loop7): Can't find a valid FAT filesystem 03:38:36 executing program 2: r0 = syz_open_dev$sndctrl(&(0x7f0000006000)='/dev/snd/controlC#\x00', 0x0, 0x0) r1 = open(&(0x7f0000000080)='./file0\x00', 0x10000, 0x40) accept$inet6(r1, 0x0, &(0x7f0000000100)) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000000)) r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140)='/dev/audio\x00', 0x0, 0x0) pipe2(&(0x7f0000000040), 0x0) r3 = syz_open_dev$sndpcmc(&(0x7f00000000c0)='/dev/snd/pcmC#D#c\x00', 0x0, 0x40400) dup2(r0, r2) mmap$binder(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1000001, 0x4012, r3, 0x0) 03:38:36 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x0) 03:38:37 executing program 6: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000740)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000013e95), 0x4) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000140)={0x0, @in6={{0x2, 0x0, 0x0, @mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18000000], 0x1}}}}, 0x98) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000140)=0xd) close(r0) 03:38:37 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) recvmmsg(r0, &(0x7f0000003f80)=[{{&(0x7f0000000080)=@can, 0x80, &(0x7f00000001c0)}}], 0x1, 0x0, &(0x7f0000004000)={0x77359400}) r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000100)='/dev/audio\x00', 0x4080, 0x0) write$P9_RRENAME(r1, &(0x7f0000000140)={0x7, 0x15, 0x2}, 0x7) r2 = gettid() ptrace$poke(0x4, r2, &(0x7f0000000000), 0x2) sendmsg$nl_route_sched(r0, &(0x7f0000005a00)={&(0x7f0000000180)={0x10}, 0xc, &(0x7f00000059c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="2400000026000102000000000000000000000000", @ANYBLOB="1f00803d00"], 0x2}, 0x1}, 0x0) fcntl$setownex(r1, 0xf, &(0x7f00000001c0)={0x2, r2}) 03:38:37 executing program 7: syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010a0200027400f801", 0x17}], 0x0, &(0x7f00000001c0)) 03:38:37 executing program 1: r0 = openat$vcs(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/vcs\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000300)={0xffffffff}, 0x117, 0xb}}, 0x20) write$RDMA_USER_CM_CMD_LISTEN(r0, &(0x7f0000000380)={0x7, 0x8, 0xfa00, {r1, 0x9}}, 0x10) getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f00000003c0)={0x0, 0x10000}, &(0x7f0000000400)=0x8) getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000440)={r2, 0x7}, &(0x7f0000000480)=0x8) r3 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r3, 0x800000000008912, &(0x7f00000004c0)="025cc83d6d345f8f762070") getpeername(r3, &(0x7f0000000080)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @broadcast}}}, &(0x7f0000000100)=0x80) getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r3, 0x84, 0x13, &(0x7f0000000140)={0x0, 0x100}, &(0x7f0000000180)=0x8) getsockopt$inet_sctp_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f00000001c0)=@assoc_value={r4, 0x5}, &(0x7f0000000200)=0x8) perf_event_open$cgroup(&(0x7f0000000000)={0x0, 0xffffffffffffff37, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000240)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb}, 0xffffffffffffff9c, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x1, 0xffffffff00000001, 0x8, 0x4}, 0x2f) 03:38:37 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020074006f786e6574302d232f70726f6300") 03:38:37 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000de2ff4)={0x10}, 0xc, &(0x7f0000000080)={&(0x7f0000000940)=ANY=[@ANYBLOB="1400000000000000028421224a3c4ea57da38111f0ffd97d42a309c69d6c096f97c67e59d01f97151397f3c3751b96bb84b8e0b7ee9006837f6031d52a757fe842c8bb0355f43a9e5d2874f5c484d86de0c6ced388f48b5deed7b25bb14f1623c62dc62cdbd0fef9ddc5693790f116a255d6f53fb0f9c6c7a6f5b7dc290e64b4fc13f1050000000000000047a1e6f238e2dee313c36a481e4a6e34458e0aba07bab62396610757ba7c32b934e3282f81e7270ea08f705ba0073c9b17d2"], 0x9}, 0x1}, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000000)={0x2000000000000119, &(0x7f0000000040)=[{0x11}]}, 0xffffff61) ioctl$sock_SIOCETHTOOL(r1, 0x89f0, &(0x7f0000000380)={'bridge0\x00', &(0x7f0000000040)=ANY=[]}) pipe2(&(0x7f0000000340)={0xffffffffffffffff}, 0x800) ioctl$SIOCSIFMTU(r2, 0x8922, &(0x7f0000000900)={'teql0\x00', 0xdd80000000000000}) getsockopt$inet_buf(r1, 0x0, 0x3b, &(0x7f0000000100)=""/186, &(0x7f00000002c0)=0xba) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x8, &(0x7f0000000840)=[{&(0x7f00000003c0)="8a1b33a432137872d69e8ae4ebd0b5a5809a6f05a39815b5a4048963e9b46e2348628afd5ef0e5552a13651a9d14ec813f41b6f869fffedfcd04797a2f48112410f2f292207eef8059ef6df6023842c95ee9b25cb921fb4e0d5156c99551420b3bcafd4e8153240c80135225e7e880d5b0ae3a1dcb54b7b55983d85da3fc09a5ed8a36981478d363a6e7607a5ff56d36eb93e09252ff7b8ab0f354ffae5bc58b6c3db75192fb90a2fd4baabe3e1fa008211dcc13b91f0526b08415bdff2e30cd5cb9477b94d294d1aaf56cc109cda539", 0xd0, 0x6}, {&(0x7f00000004c0)="ee8ece93b544c272684112632dd23ec77d1b8ae429c0b2fda1c9ba9e15aa27ee681971eb01637bb321932c2448c4707f7841be125ffef8b678a0ff9dfdb31dd0ba75504c321cca350dc88e3018876f2692805a3de470395bdae11792a1efccd5f4b292b47a7666eed9b8e94d45efcdd403e5bc05ee1cbb04bc872b43beb7aea966ab8f3dceaf24dfdcec40a633159a781f64f0e52cbce18a859b65898402a76991163bd6fb4ae0b68495af289b19d0269ad1518e4d8ab9907456505fc0d4d2b16f95c7c195a03b1e6afd3f67170baf8f65536d3d153908b17738549ba1cdcf5c4462bf34e48537ab67b8ebfd85dc5a63f1daf8a0fe31646750", 0xf9, 0x7}, {&(0x7f00000005c0)="b6b2ed763c44d9e42f08b9c6b62278061f56e5ab45bd7ee16f04bf769a05523abf2adde63756dd0fd970ecee57f73e468a392e8061ea28fe4c107767133e47505de2f14a310761a67ad7dd3a0cd14d7d00c1f9c4c44cae3e92f9b526a7c75403825fe8436cc337efeb6f7a9c0d2755ab0935f0730a41aafecb3ef5410ac9b3a90b03a9b576232d2eddd447a35fe8f1ca261c3c491a22ba80d9855d87afacd7adb02ec3687948157150adcdfd", 0xac, 0x9}, {&(0x7f0000000680)="bb2aa0f1995ecd38c4d665200418cf0567d6cb097cd2cab4844843f2e152c132c88535b797d97de7c9e7f2c4d02cabde73a5c406aa8a4abdb30352e92220f469c575125acb6db7801867251a503011184b5dd1fea12e6e0d3dce340c2304801a59d4d7b7a4cf5266f34ca748747781a906d800456bd9a7fa71fc2eeb974dca62282890f594fcb0e19109bb6bb05e4bb1e9b2951eea572e1a6d31ae8ed319e42e8ce6b6f2112e4bb4cd6c3c6cee476c8f908c79090e21a7d30c19537a061b", 0xbe, 0x7}, {&(0x7f0000000300)="753490b42a19b2b84f441423a7db746dbc5e205f6b1a89cf3a33224cc2bb14751ce3a77dd4e5a11205c2859b", 0x2c, 0xb85c}, {&(0x7f0000000340), 0x0, 0x100}, {&(0x7f0000000740)='L', 0x1, 0x7ff}, {&(0x7f0000000780)="e053b8e73f5170a4175788378521111c55edd91cb4c16dc4e7c4818f52e0c807fba08ab86dc20653e4db77b66a27701b085e494c10ce59d180e83510e5223c8754918cb20aa49c705c3a81f24d3041033eeb76cae369daab5cb732a3c55d9c8f09ded57315e21a6a77f2c3394fa65b63b2f804ddd51744ed394e1d51e04f0c9efcbbf3922c225c0c162c3f6469cc8e8f97c5144f26a98ab1c78352a77218", 0x9e, 0x6}], 0x0, &(0x7f00000001c0)="020000006f786e6574302d232f70726f6300") [ 824.119495] FAT-fs (loop7): Directory bread(block 2563) failed [ 824.155000] FAT-fs (loop7): Directory bread(block 2564) failed [ 824.169244] FAT-fs (loop7): Directory bread(block 2565) failed [ 824.177367] FAT-fs (loop7): Directory bread(block 2566) failed [ 824.183785] FAT-fs (loop7): Directory bread(block 2567) failed [ 824.190096] FAT-fs (loop7): Directory bread(block 2568) failed [ 824.196213] FAT-fs (loop7): Directory bread(block 2569) failed [ 824.202274] FAT-fs (loop7): Directory bread(block 2570) failed [ 824.208352] FAT-fs (loop7): Directory bread(block 2571) failed [ 824.214410] FAT-fs (loop7): Directory bread(block 2572) failed 03:38:39 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x80, 0x0) sendmsg$nl_generic(r1, &(0x7f00000000c0)={&(0x7f0000000040)={0x10}, 0xc, &(0x7f0000000080)={&(0x7f00000002c0)={0x184, 0x3d, 0x300, 0x70bd2b, 0x25dfdbfb, {0x11}, [@generic="05e9ae09da3498a4c4b9c0d7297d2e1e22a4d5deed23069ff27ea4dfa0dbe8189b6029fa87d3b524ec3d001ae816d89c636a641f67b08bb4b5e6ed69d7cac98308eb0ff606464f2d44b94aae1a6f0ffb5e31e1a3559a0a78e0896455bdc4f51f849ea3da9860134e6df59e79f87fc1e01b1b344ec85a5f3772c1c7be9daeb4b422a3e019d6c544c909e7057001b8b13d087ca1e96a51878a9d254c8daf606f145eb81aca10e61c9e93884f95b916abcfa37ae08f4134f25707b59a31f41a0dd20106f23c2525e8820ddcc36b043be3decaed7b1852ed21aca6cbec3ab353afc350b18a263796fd9b873483", @typed={0x4, 0x55}, @generic="b08343c817168714d122a5f6044c14dd9a4374c01ca6fa151b1e66e8fb74a1df2baade2abc345d64c449a044c6ee237e7e0e80b041c380bc5aa99b8bb2fe0dcb0e4b5945e26a74418780c69723c47dbd31d7592089d73808ad584ce21f3953799dd65657ca0c172e1fca25a8c316f9059c903d6a3540945ccefac66770d2"]}, 0x184}, 0x1, 0x0, 0x0, 0x40}, 0x20000000) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r2 = socket$vsock_stream(0x28, 0x1, 0x0) unshare(0x400) setsockopt$SO_VM_SOCKETS_BUFFER_SIZE(r2, 0x28, 0x6, &(0x7f0000000200), 0x35e) 03:38:39 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x0) 03:38:39 executing program 1: ioctl$TIOCGSID(0xffffffffffffff9c, 0x5429, &(0x7f0000000040)=0x0) r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x88100, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r1, 0xc0145401, &(0x7f0000000280)={0xffffffffffffffff, 0x1, 0x385, 0x0, 0x1}) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000a8eff8)={0xffffffffffffffff, 0xffffffffffffffff}) read(r3, &(0x7f0000000100)=""/121, 0x79) sendmmsg$unix(r2, &(0x7f00000bd000), 0x4924924924927ac, 0x0) connect$unix(r3, &(0x7f00002ffff6)=@file={0x0, './file0\x00'}, 0xa) r4 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cuse\x00', 0x40000, 0x0) ioctl$KVM_KVMCLOCK_CTRL(r4, 0xaead) r5 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f00000001c0)={0x73, 0x79, 0x7a, 0x0}, 0x0, 0x0, 0xfffffffffffffffa) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000300)={0x0, 0x18, 0xfa00, {0x4, &(0x7f00000002c0)={0xffffffff}, 0x113, 0x7}}, 0x20) write$RDMA_USER_CM_CMD_ACCEPT(r4, &(0x7f0000000340)={0x8, 0x120, 0xfa00, {0x2, {0x0, 0x3, "685c08be8c95354b6dd5648c9753df646ebb5c9de7578dff803bec18aea4dae103333cd349d6d42ec4cedc31cd6bbf4267f6aeb031acb3aaca49c78072436f0c7d8a855dc75bd8028c64b205b418ec885b29929663d5e2919d9eb8b4e110ae46d620c349964713a94054eb0b571af6c7c9ba5d4757b75b03c6b81cc08d03df0bf769f378ee480b623c4e96c97196dd2c4750bad1d9f8f718cc4d712905515f65675d4bd00de8f4dcc0dfc63562a1638a6f0b5aa8e8454453447ef1a2138f92042b002436daa5f2c19d107e27c006a89a2dc9b949fef2c3523aa8df049161541a6c6ca844c681da3f2b8736afe988ea70cfbea66aa3e31ff533e131bbd80a0cab", 0x4b, 0x86e6, 0x4, 0x5, 0x5, 0x9, 0x3, 0x1}, r6}}, 0x128) add_key$keyring(&(0x7f0000000200)='keyring\x00', &(0x7f0000000240)={0x73, 0x79, 0x7a, 0x0}, 0x0, 0x0, r5) 03:38:39 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020070096f786e6574302d232f70726f6300") 03:38:39 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000002c80)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000180)={0xfffffffffffffffc}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd7000/0x18000)=nil, &(0x7f0000002b40)=[@text64={0x40, &(0x7f0000002ac0)="66b839010f00d8460f0666baa000ec470ff5b671000000c421f913b24ea5f4b80f32f240dff066410f744de2400f01f848b801000000000000000f23c80f21f835000020000f23f8", 0x48}], 0x1, 0x0, &(0x7f0000002b80), 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000000)) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f00000000c0)="266464f2f0806ead000f08c744240007000000c744240200980000c7442406000000000f011c24d0f0c4e1fc5a685866baa000ed66baf80cb8b14cb385ef66bafc0cb033ee0f20c035040000000f22c064f4c4e1781726", 0x57}], 0x1, 0x63, &(0x7f0000000180), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000fc9000)='/dev/sequencer2\x00', 0x0, 0x0) openat$random(0xffffffffffffff9c, &(0x7f0000000000)='/dev/urandom\x00', 0x200, 0x0) ioctl$KDGKBLED(r3, 0xc004510e, &(0x7f0000000140)) 03:38:39 executing program 7: syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010a0200027400f801", 0x17}], 0x0, &(0x7f00000001c0)) 03:38:39 executing program 6: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000740)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000013e95), 0x4) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000140)={0x0, @in6={{0x2, 0x0, 0x0, @mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6000], 0x1}}}}, 0x98) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000140)=0xd) close(r0) 03:38:39 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) recvmmsg(r0, &(0x7f0000003f80)=[{{&(0x7f0000000080)=@can, 0x80, &(0x7f00000001c0)}}], 0x1, 0x0, &(0x7f0000004000)={0x77359400}) r1 = memfd_create(&(0x7f0000000200)='/dev/autofs\x00', 0x2) ioctl$KVM_ASSIGN_SET_MSIX_ENTRY(r1, 0x4010ae74, &(0x7f00000002c0)={0x5, 0x2b1, 0x81}) sendmsg$nl_route_sched(r0, &(0x7f0000005a00)={&(0x7f0000000180)={0x10}, 0xc, &(0x7f00000059c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="2400000026000102000000000000000000000000", @ANYBLOB="00000000bd"], 0x2}, 0x1}, 0x0) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x20000, 0x0) getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffffff, 0x84, 0x13, &(0x7f0000000100)={0x0, 0x4a}, &(0x7f0000000140)=0x8) setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r2, 0x84, 0x75, &(0x7f0000000400)={r3, 0x9}, 0x8) setsockopt$inet_sctp_SCTP_RTOINFO(r2, 0x84, 0x0, &(0x7f00000001c0)={r3, 0x8, 0x9, 0xfffffffffffffffb}, 0x10) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000300)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000280)={0xffffffff}, 0x111, 0x1001}}, 0x20) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000440)) write$RDMA_USER_CM_CMD_JOIN_MCAST(r2, &(0x7f0000000340)={0x16, 0x98, 0xfa00, {&(0x7f0000000240), 0x1, r4, 0x3c, 0x1, @ib={0x1b, 0x7, 0xbad, {"afbd9d4dca890f9f0fcd43cd298de51e"}, 0x9, 0xffffffffffffff01, 0x86d}}}, 0xa0) [ 826.192858] FAT-fs (loop7): Directory bread(block 2563) failed [ 826.218698] FAT-fs (loop7): Directory bread(block 2564) failed [ 826.226026] FAT-fs (loop7): Directory bread(block 2565) failed [ 826.232641] FAT-fs (loop7): Directory bread(block 2566) failed 03:38:39 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x0) 03:38:39 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020000056f786e6574302d232f70726f6300") 03:38:39 executing program 5: msgrcv(0x0, &(0x7f0000000100)={0x0, ""/192}, 0xc8, 0x2, 0x1000) r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x10000001fd, 0x0) getsockopt$bt_sco_SCO_CONNINFO(r0, 0x11, 0x2, &(0x7f0000000040)=""/54, &(0x7f0000000080)=0x36) msgsnd(0x0, &(0x7f00000000c0)={0x1}, 0x2000, 0x0) [ 826.244409] FAT-fs (loop7): Directory bread(block 2567) failed [ 826.257517] FAT-fs (loop7): Directory bread(block 2568) failed [ 826.276996] FAT-fs (loop7): Directory bread(block 2569) failed [ 826.297058] FAT-fs (loop7): Directory bread(block 2570) failed [ 826.320797] FAT-fs (loop7): Directory bread(block 2571) failed 03:38:39 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020000076f786e6574302d232f70726f6300") 03:38:39 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x0) 03:38:39 executing program 2: r0 = socket$inet6(0xa, 0x7, 0x4) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000110007031dfffd946fa2830020200a0007000000001d85680c1ba3a20400ff7e280000001100ffffba16a0aa1c0009b3ebea8653b1cc7e63975c0ac47b6268e3966cf055d90f15a3", 0x4c}], 0x1}, 0x0) r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000080)='/dev/null\x00', 0x0, 0x0) setsockopt$RDS_RECVERR(r2, 0x114, 0x5, &(0x7f00000000c0)=0x1, 0x4) [ 826.352220] FAT-fs (loop7): Directory bread(block 2572) failed 03:38:39 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020000406f786e6574302d232f70726f6300") 03:38:39 executing program 7: syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010a0200027400f801", 0x17}], 0x0, &(0x7f00000001c0)) 03:38:39 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x0) 03:38:39 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="0200004c6f786e6574302d232f70726f6300") [ 826.461320] netlink: 8 bytes leftover after parsing attributes in process `syz-executor2'. [ 826.475124] FAT-fs (loop7): Directory bread(block 2563) failed [ 826.489365] FAT-fs (loop7): Directory bread(block 2564) failed [ 826.496025] FAT-fs (loop7): Directory bread(block 2565) failed [ 826.502425] FAT-fs (loop7): Directory bread(block 2566) failed [ 826.514844] netlink: 8 bytes leftover after parsing attributes in process `syz-executor2'. [ 826.519192] FAT-fs (loop7): Directory bread(block 2567) failed [ 826.538169] FAT-fs (loop7): Directory bread(block 2568) failed [ 826.547260] FAT-fs (loop7): Directory bread(block 2569) failed [ 826.553472] FAT-fs (loop7): Directory bread(block 2570) failed [ 826.559736] FAT-fs (loop7): Directory bread(block 2571) failed [ 826.567790] FAT-fs (loop7): Directory bread(block 2572) failed 03:38:40 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x0) 03:38:40 executing program 2: r0 = socket$inet6(0xa, 0x10000000003, 0x6) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000180)={{{@in6=@local={0xfe, 0x80, [], 0xaa}, @in6=@remote={0xfe, 0x80, [], 0xbb}, 0x0, 0x0, 0x0, 0x0, 0xa}}, {{@in=@loopback=0x7f000001, 0x0, 0x2b}, 0x0, @in6=@local={0xfe, 0x80, [], 0xaa}}}, 0xe8) r1 = socket$inet6(0xa, 0x1040000000002, 0xffffffffffffffff) setsockopt$inet_sctp6_SCTP_EVENTS(r1, 0x84, 0xb, &(0x7f0000000040)={0x3ff, 0x100, 0x2f64, 0x1, 0x9, 0x1000, 0x3, 0x6fc23203, 0x101, 0x3, 0x80000000}, 0xb) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_emit_ethernet(0x4a, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86ddb6bc81d056cb60d8652b00140600fe8000000000000000000000000000aafe8000000000000000000000040000aa0000000040eb4fe1736e3d9f7e1ca7a9bed4c7f0159b30fbaa86ab4bcb93140dc943effcad7907dbd27352a17e7d2bb4b1aa4c5c33cdd57ffd406bf6874dcfb901f41290f15a7531f0bed431945693bb97752f55fcc516f6b2d69e7134f1a501ab039c0e3cbe09af49b6b5d66b6b25ddbd15db6bc60d7fa9bfb3d44ed0e955", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5000000090780000"], &(0x7f00000002c0)) ioctl(r0, 0xfffffffffffffff7, &(0x7f0000000000)="e904c6a1fa4de6d4a4664b89f1f44ca536fc95130bda3ae34b1d53f55c1c355c0fbc3c47f5e12239b869210a") 03:38:40 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="02000a006f786e6574302d232f70726f6300") 03:38:40 executing program 7 (fault-call:0 fault-nth:0): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010a0200027400f801", 0x17}], 0x0, &(0x7f00000001c0)) 03:38:40 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x0, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000280110011772afefffff600611870"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0xce, &(0x7f0000000180)=""/206}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xd, 0x5, &(0x7f0000000040)=@framed={{0x18}, [@jmp={0x5}], {0x95}}, &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0x228, &(0x7f0000000300)=""/187}, 0x48) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/ignore_tunneled\x00', 0x2, 0x0) accept4$packet(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, &(0x7f0000000100)=0x14, 0x800) [ 827.090586] FAULT_INJECTION: forcing a failure. [ 827.090586] name failslab, interval 1, probability 0, space 0, times 0 [ 827.102640] CPU: 1 PID: 13356 Comm: syz-executor7 Not tainted 4.18.0-rc3-next-20180709+ #2 [ 827.111094] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 827.120474] Call Trace: [ 827.123090] dump_stack+0x1c9/0x2b4 [ 827.126726] ? dump_stack_print_info.cold.2+0x52/0x52 [ 827.131932] ? get_pid_task+0xd8/0x1a0 [ 827.135834] should_fail.cold.4+0xa/0x11 [ 827.139887] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 827.145427] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 827.150520] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 827.155372] ? lock_downgrade+0x8f0/0x8f0 [ 827.159512] ? proc_fail_nth_write+0x9e/0x210 [ 827.164008] ? proc_cwd_link+0x1d0/0x1d0 [ 827.168061] ? lock_acquire+0x1e4/0x540 [ 827.172032] ? lock_acquire+0x1e4/0x540 [ 827.176001] ? fs_reclaim_acquire+0x20/0x20 [ 827.180311] ? lock_downgrade+0x8f0/0x8f0 [ 827.184623] ? check_same_owner+0x340/0x340 [ 827.188933] ? rcu_note_context_switch+0x730/0x730 [ 827.193872] __should_failslab+0x124/0x180 [ 827.198102] should_failslab+0x9/0x14 [ 827.202184] __kmalloc+0x2c8/0x760 [ 827.205715] ? strncpy_from_user+0x510/0x510 [ 827.210111] ? fput+0x130/0x1a0 [ 827.213486] ? __x64_sys_memfd_create+0x142/0x4f0 [ 827.218418] __x64_sys_memfd_create+0x142/0x4f0 [ 827.223075] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 827.228605] ? memfd_fcntl+0x1e80/0x1e80 [ 827.232659] do_syscall_64+0x1b9/0x820 [ 827.236557] ? finish_task_switch+0x1d3/0x870 [ 827.241142] ? syscall_return_slowpath+0x5e0/0x5e0 [ 827.246059] ? syscall_return_slowpath+0x31d/0x5e0 [ 827.250976] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 827.255994] ? prepare_exit_to_usermode+0x291/0x3b0 [ 827.261006] ? perf_trace_sys_enter+0xb10/0xb10 [ 827.265676] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 827.270596] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 827.275771] RIP: 0033:0x455e29 [ 827.278954] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 827.298171] RSP: 002b:00007f413f26ea88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 827.305871] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000455e29 [ 827.313128] RDX: 0000000020000218 RSI: 0000000000000000 RDI: 00000000004baa70 [ 827.320469] RBP: 000000000072bea0 R08: 0000000020000218 R09: 00000000fbad8001 [ 827.327724] R10: fe03f80fe03f80ff R11: 0000000000000246 R12: 0000000000000013 [ 827.334993] R13: 00000000004c2675 R14: 00000000004d3f40 R15: 0000000000000000 03:38:40 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) recvmmsg(r0, &(0x7f0000003f80)=[{{&(0x7f0000000080)=@can, 0x80, &(0x7f00000001c0)}}], 0x1, 0x0, &(0x7f0000004000)={0x77359400}) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/lblcr_expiration\x00', 0x2, 0x0) getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffff9c, 0x84, 0xa, &(0x7f0000000040)={0x0, 0x80, 0x8007, 0xbd, 0x9, 0x8000, 0x4, 0x400, 0x0}, &(0x7f0000000140)=0x20) setsockopt$inet_sctp_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f00000001c0)=@assoc_value={r2, 0x1}, 0x8) getsockopt$packet_buf(r1, 0x107, 0x0, &(0x7f0000001700)=""/101, &(0x7f0000000100)=0x65) sendmsg$nl_route_sched(r0, &(0x7f0000005a00)={&(0x7f0000000180)={0x10}, 0xfffffcc6, &(0x7f00000059c0)={&(0x7f0000001680)=ANY=[@ANYRES16=r0, @ANYBLOB="00000000bdec71fa07000000408ea07058214ba2cd749ad9b9aaf39d01a646657fbede3b875621b32314f7c8b438bf722a34438e782abfa9baa8c9d9b66def2a82e81fbd7cca00266178"], 0x2}, 0x1, 0x0, 0x0, 0x800}, 0x0) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000200)=0x0) process_vm_readv(r3, &(0x7f0000000280)=[{&(0x7f0000000240)=""/39, 0x27}], 0x1, &(0x7f0000001600)=[{&(0x7f00000002c0)=""/132, 0x84}, {&(0x7f0000000380)=""/11, 0xb}, {&(0x7f00000003c0)=""/4096, 0x1000}, {&(0x7f00000013c0)=""/200, 0xc8}, {&(0x7f00000014c0)}, {&(0x7f0000001500)=""/116, 0x74}, {&(0x7f0000001580)=""/110, 0x6e}], 0x7, 0x0) setpgid(r3, r3) 03:38:40 executing program 6: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000740)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000013e95), 0x4) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000140)={0x0, @in6={{0x2, 0x0, 0x0, @mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf401], 0x1}}}}, 0x98) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000140)=0xd) close(r0) 03:38:40 executing program 2: setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f0000000140)=@nat={'nat\x00', 0x19, 0x4, 0x0, [0x20000500, 0x0, 0x0, 0x20000628, 0x20000910], 0x0, &(0x7f00000004c0), &(0x7f0000002080)=ANY=[]}, 0x78) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) ioctl$sock_netdev_private(r0, 0x89f6, &(0x7f0000000380)="f8f89c63814f89ab6ded045ada7de8ecf63de6bd05bce8da83d4b36b79780b050ba3b7dc09e7172d31b6684cc5a2d67fd0738fd760cd5718bbe04ab8956d2478b2bfd63b1dd55dc62bb9d19bfa97be") sendto$inet6(0xffffffffffffffff, &(0x7f0000000000)="5fb88c750196077aa3214bebc13f7d74ad4d9320611cf5a33f2a3f09e1c926359dcfe20001c781cb67f79cb0c6f5f4bf8ed60dce2176c22a20b22b9b24172b5569ec67906e7df93b05b19ba5360f2eab62812070fc181a2483366595113b240804d882a7dcd7ac4ba53e06d02558968b978122716d1823dcc7d40155c1bc1e8433f5ba15f5ee48c0ca941fce872e497d1377e2a5bde956f003caaf58c7520f82d7346c266e8ea70dab3bb7af6d78602a31ab8d232b07f6e3ef524b552ed88a1b1c02bc89f4f671855d40a2c1c173d4bb121bc86270c32d39c4c0d09a29b8983169914d8df86417a802b772bb638f72ccdcbb46267b5751816c77b6739f484292d5ca5e1bc4efee06f4e07e6a795faee2af27a8f21298055806494ee0e961cd5bd077bd7756f9e39dd3abdbe5c598cc5cbd44c5c319af923fbc4731545ff134749c2f42ee8454bf33ef309a6323dc847676d5be2fcb9abc717fc1e29396943ec0e264a80d64ca66ef2c42a57112a8a146097d9f4256ef6e6fd73be26e9a5f79b21dae42066d9cf4441021d64a2d6fd61c7ea709948d4be380e0fa4b76dff6aeef45", 0x1a1, 0x0, &(0x7f0000001000)={0xa, 0x0, 0x0, @mcast2={0xff, 0x2, [], 0x1}}, 0x1c) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000340)='/dev/ppp\x00', 0x4007, 0x0) setsockopt$IP_VS_SO_SET_DELDEST(r1, 0x0, 0x488, &(0x7f0000000280)={{0x3a, @rand_addr=0x8, 0x4e22, 0x0, 'lblc\x00', 0x8, 0x3, 0x37}, {@rand_addr=0x5, 0x4e20, 0x2004, 0x6, 0x5, 0x7}}, 0x44) r2 = socket$inet6_sctp(0xa, 0x5, 0x84) ioctl$sock_ifreq(r2, 0x8916, &(0x7f0000000240)={"02eb3b26e7f69abda400", @ifru_data=&(0x7f0000000180)="d61a072afa6a2e6e9105a65cf0b08be4d57565e1a85eff283ee23d954743a2e3"}) 03:38:40 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={&(0x7f0000000040)={0x10, 0x34000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x14, 0x26, 0x829, 0x0, 0x0, {0x4}}, 0x14}, 0x1}, 0x0) r1 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x722, 0x402000) ioctl$UFFDIO_UNREGISTER(r1, 0x8010aa01, &(0x7f0000000140)={&(0x7f0000ffc000/0x4000)=nil, 0x4000}) 03:38:40 executing program 7 (fault-call:0 fault-nth:1): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010a0200027400f801", 0x17}], 0x0, &(0x7f00000001c0)) 03:38:40 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020005006f786e6574302d232f70726f6300") 03:38:40 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x0) 03:38:40 executing program 1: r0 = socket(0xa, 0x6, 0xfffffffffffffffd) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x10200, 0x0) ioctl$sock_inet_SIOCDELRT(r0, 0x890c, &(0x7f0000000100)={0x0, {0x2, 0x4e24, @remote={0xac, 0x14, 0x14, 0xbb}}, {0x2, 0xfffffffffffffffc, @broadcast=0xffffffff}, {0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x1f}}, 0x0, 0x0, 0x0, 0x7, 0x9, &(0x7f0000000040)="766574681d5f746f5f626f6e640000b7", 0x0, 0xfffffffffffffffe, 0xfffffffffffffffc}) 03:38:40 executing program 2: r0 = socket$inet6(0xa, 0x200000003, 0x8) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x10, 0x3, 0xc) getsockname$inet(r1, &(0x7f0000000000)={0x0, 0x0, @broadcast}, &(0x7f0000000040)=0x10) socket$inet_dccp(0x2, 0x6, 0x0) r2 = syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x9000000000000000, 0xa000) ioctl$BLKROGET(r2, 0x125e, &(0x7f00000000c0)) syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x6001) keyctl$session_to_parent(0x12) sendmsg(r1, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000100)="24000000040607031dfffd946fa2830020200a0009000100061d85680c1baba20400ff7e", 0x24}], 0x1}, 0x4000) 03:38:40 executing program 2: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x3, 0x24, &(0x7f0000000280)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000080000003d030100000000009500000000000000712600000000000035060000ff000000bf25000000000000070500000e0000000f65000000000000bf5400000000000007040000040000003d4301000000000095000000000000006154000000000000bf250000000000000f65000000000000070500000e000000bf5400000000000007040000040000003d4301000000000095000000000000006154000000000000bf25000000000000070500000e0000000f6500000000000007050000040000000f65000000000000bf5400000000000007040000040000003d3201000000000095000000000000004d54000000000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x48) fsetxattr(r0, &(0x7f0000000080)=@random={'trusted.', 'trusteduservmnet0user'}, &(0x7f00000000c0)='GPL\x00', 0x15f, 0x3) [ 827.533043] FAULT_INJECTION: forcing a failure. [ 827.533043] name failslab, interval 1, probability 0, space 0, times 0 [ 827.538750] netlink: 'syz-executor2': attribute type 1 has an invalid length. [ 827.544359] CPU: 0 PID: 13389 Comm: syz-executor7 Not tainted 4.18.0-rc3-next-20180709+ #2 [ 827.544373] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 827.569468] Call Trace: [ 827.572087] dump_stack+0x1c9/0x2b4 [ 827.575757] ? dump_stack_print_info.cold.2+0x52/0x52 [ 827.580967] should_fail.cold.4+0xa/0x11 [ 827.585037] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 827.590152] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 827.595170] ? bpf_prog_kallsyms_find+0xde/0x4c0 [ 827.599919] ? lock_acquire+0x1e4/0x540 [ 827.603914] ? perf_trace_lock_acquire+0xeb/0x9a0 [ 827.608773] ? lock_acquire+0x1e4/0x540 [ 827.612734] ? fs_reclaim_acquire+0x20/0x20 [ 827.617087] ? lock_downgrade+0x8f0/0x8f0 [ 827.621324] ? check_same_owner+0x340/0x340 [ 827.625821] ? rcu_note_context_switch+0x730/0x730 [ 827.630772] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 827.635808] __should_failslab+0x124/0x180 [ 827.640046] should_failslab+0x9/0x14 [ 827.643842] kmem_cache_alloc+0x2af/0x760 [ 827.648009] ? lock_acquire+0x1e4/0x540 [ 827.651987] __d_alloc+0xc8/0xd50 [ 827.655432] ? shrink_dcache_for_umount+0x2b0/0x2b0 [ 827.660435] ? do_raw_spin_unlock+0xa7/0x2f0 [ 827.664842] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 827.669443] ? kasan_check_write+0x14/0x20 [ 827.673688] ? do_raw_spin_lock+0xc1/0x200 [ 827.677923] ? _raw_spin_unlock+0x22/0x30 [ 827.682072] ? __alloc_fd+0x34e/0x710 [ 827.685880] ? exit_files+0xb0/0xb0 [ 827.689503] d_alloc_pseudo+0x1d/0x30 [ 827.693305] __shmem_file_setup+0x1f3/0x700 [ 827.697614] ? shmem_fill_super+0xa50/0xa50 [ 827.701933] ? get_unused_fd_flags+0x122/0x1a0 [ 827.706506] ? __alloc_fd+0x710/0x710 [ 827.710297] shmem_file_setup+0x2f/0x40 [ 827.714278] __x64_sys_memfd_create+0x2af/0x4f0 [ 827.718936] ? memfd_fcntl+0x1e80/0x1e80 [ 827.722999] do_syscall_64+0x1b9/0x820 [ 827.726880] ? finish_task_switch+0x1d3/0x870 [ 827.731376] ? syscall_return_slowpath+0x5e0/0x5e0 [ 827.736309] ? syscall_return_slowpath+0x31d/0x5e0 [ 827.741233] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 827.746380] ? prepare_exit_to_usermode+0x291/0x3b0 [ 827.751392] ? perf_trace_sys_enter+0xb10/0xb10 [ 827.756058] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 827.760922] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 827.766113] RIP: 0033:0x455e29 03:38:41 executing program 1: socket$inet6(0xa, 0x0, 0x0) r0 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x7ff, 0x80080) ioctl$SNDRV_RAWMIDI_IOCTL_INFO(r0, 0x810c5701, &(0x7f0000000100)) ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000280)) r1 = add_key$keyring(&(0x7f0000000300)='keyring\x00', &(0x7f0000000340)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) add_key(&(0x7f0000000240)='dns_resolver\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, &(0x7f0000000840)="277ae62a36421cffaba153a3cb2ad384c9668c3280d4646f8ad44c2aed71f3de8018dda5098e1485fe175392422b368b81fd6c099baba2a2be137707d2f5c6500520b2176fe4dc6666239ffc04ec22b291235ac5da0caa6699862e2076b7289348b465c70b15f34bfd3c9678a25c1d3820642fadb1f2b114e3342be0071ae331f520199c5fb317add4ca23910ad445be0287d50bb9a03de1a049271cd1ce6a16367d06ddd537f8d6731b78dfdfca0e6de1a087272583473ef87971be7f0dad6dfd9d5223979ed859178e92cfb1a3e8fe9ff25023b029c5cefbc3e28d4b6fca0393006460337e401e4a74449263060769d54c55d31f351fc8cfce14a22bc6a35e29458c22d7c5808b7bbe03c8b37f5b2718eb0d39aa402eee5dae6b67a70453804afe2fd06222000c5b99d53fe97c44f066cdfe920c5c6a1a3c3b0424335e5987dea4b223836cd75532ef0f271bf50543472368cd8ddc555f30cc6b8626945e5488b8e7780b062594c1b840d9947270a1891dbfb8721bb0aaa284f0aa5c0839a73c835e00595e3401d2096ecfaa9804ed19b26c33413a22119d465241c0e399285323d2c1d44af58c77d503bf2333e72bf510269cc6bcb88cc02c038eed08c735fdffab73c8f51183e3b8c35ffb802b1321dddd57a0276c7b681f6a5b65a749a189657f2f32d0cfac876da5da0e4b41eb89d2895f33329d701c6b598c2d44787b945e86d8b07f82fb949b738d2168379b7349627840a77f9073bdc5de11a887f8bbdf6b52376dc4d2c7d5539b04ff0a525b463c2c7648c4223fcd62e4dfd853235bdd63fb909f21c885219a94a0fff188eecf3d549209cfb50403af5b7ed81d7f2a7259abe98d88f6b3d3979659ab5ec5e0ba39bbdc7b91fae1eba6b1cc72f2897e2f264eccf819c7fe34c71be1e88a3613461f0aa2fb1d4778dadc6496fa9e241dcbcadb171da089343c43572ee3962a4baee9adce7fb08e12a6f679774cc630df5ad732b1ba07b6c957a5a5ea0a40e8992cac5d657a0af4b70e98ca7adfb621333a7a3c0bb8d441458cb0742faa654b295f7038d06fb26ff6af8977a97962776990af5e972b09118c944b39563bb15a1c1c85ac5c16bd7b74055af29bced53138c66cfa171900971f068d7782faa726eb0c031b7cfd3cc096aa629e0bce029e52bfa66faab7660f96845fc6eae642296fb1b08231af68f0979ac4c55a445d1bce7af2151a13944b7407cc63dadaff356b37ac04eb177be5a41f3b3e9bad2ba9c3108b9cdedd87ed94b62a8f2e116358567dc133aa371356030358fa793a6f68dbc669a37779504f9499f4550557c012165bd808c9fdb84de5a05102ce6b763bbefaf18fd0745c51704e175c8dfcd021da7dd9bfbb669d9af9d1a23f31ccbdb16a4718ce58d9814918ae9e8e0536f2cee0c6060e12ac02d751b59f821448589d4102871eee6b9293ec0eacb11f584db8d1fbd31877a1735e467ccc3447bcac9b41ef00", 0x423, r2) [ 827.769313] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 827.789297] RSP: 002b:00007f413f26ea88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 827.797001] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000455e29 [ 827.804376] RDX: 0000000020000218 RSI: 0000000000000000 RDI: 00000000004baa70 [ 827.811633] RBP: 000000000072bea0 R08: 0000000020000218 R09: 00000000fbad8001 [ 827.818906] R10: fe03f80fe03f80ff R11: 0000000000000246 R12: 0000000000000013 [ 827.826163] R13: 00000000004c2675 R14: 00000000004d3f40 R15: 0000000000000001 03:38:41 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x8d4, 0x10}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f00000ba000)={0x1, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="184563000000000000000000000000dd00691800000000000000000000000000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0xfb, &(0x7f00001a7f05)=""/251}, 0x14) 03:38:41 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="0200000a6f786e6574302d232f70726f6300") 03:38:41 executing program 5: r0 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) socketpair$unix(0x1, 0x7, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) setresuid(r2, 0x0, 0x0) ioprio_set$uid(0x3, r2, 0x10000) write$binfmt_script(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="2321f215944526aaf11478aecde7fad1202e2f66696c653020402d243a75736572265d73656c696e75782076657468305f746f5f7465616d00202b2062646576e2776c616e315e2076657468305f746f5f7465616d00202673656c696e75782f62646576766d6e6574302d637075736574706f7369785f61636c5f61636365737347504c5b2e0ad9a4e38d1369cf39a2f3e84a5da6e6dff174a541ecbd42812911aef092f31fa7b413661af95fdb5afba2136555c4c94d19affde8ce0eacbe68895d5f1f77f6d161e91840f0d982ea40910e4f85393f0d906aebbcce77893bb0c3"], 0xe1) syz_open_procfs(r1, &(0x7f0000000180)='smaps\x00') ioctl$TIOCNXCL(r3, 0x540d) ioctl$sock_inet_SIOCGIFDSTADDR(r0, 0x8917, &(0x7f0000000000)={'veth0_to_team\x00', {0x2, 0x4e21, @broadcast=0xffffffff}}) socket$inet_dccp(0x2, 0x6, 0x0) 03:38:41 executing program 7 (fault-call:0 fault-nth:2): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010a0200027400f801", 0x17}], 0x0, &(0x7f00000001c0)) 03:38:41 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0xffffff7f) [ 827.937774] Option ' Ÿüì"²‘#ZÅÚ ªf™†. v·(“H´eÇ óKý<–x¢\8 d/­±ò±ã4+àã1õ œ_³­ÔÊ#‘ [ 827.937774] ÔE¾‡Õ ¹ =á I'ÑÎj6}ÝÕ7øÖsxßßÊmá ‡'%ƒG>øyq¾ ­mýR#—žØYŽ’ϱ£èþŸòP#°)ÅÎûÃâKo [ 827.945751] FAULT_INJECTION: forcing a failure. [ 827.945751] name failslab, interval 1, probability 0, space 0, times 0 [ 828.040788] CPU: 0 PID: 13426 Comm: syz-executor7 Not tainted 4.18.0-rc3-next-20180709+ #2 [ 828.049201] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 828.058572] Call Trace: [ 828.061171] dump_stack+0x1c9/0x2b4 [ 828.064811] ? dump_stack_print_info.cold.2+0x52/0x52 [ 828.070120] ? is_bpf_text_address+0xd7/0x170 [ 828.074748] should_fail.cold.4+0xa/0x11 [ 828.078850] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 828.084059] ? save_stack+0xa9/0xd0 [ 828.087724] ? save_stack+0x43/0xd0 [ 828.091363] ? kasan_kmalloc+0xc4/0xe0 [ 828.095253] ? kasan_slab_alloc+0x12/0x20 [ 828.099401] ? kmem_cache_alloc+0x12e/0x760 [ 828.103722] ? __d_alloc+0xc8/0xd50 [ 828.107354] ? d_alloc_pseudo+0x1d/0x30 [ 828.111339] ? __shmem_file_setup+0x1f3/0x700 [ 828.115821] ? __x64_sys_memfd_create+0x2af/0x4f0 [ 828.120655] ? do_syscall_64+0x1b9/0x820 [ 828.124727] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 828.130089] ? lock_acquire+0x1e4/0x540 [ 828.134050] ? lock_acquire+0x1e4/0x540 [ 828.138013] ? fs_reclaim_acquire+0x20/0x20 [ 828.142330] ? lock_downgrade+0x8f0/0x8f0 [ 828.146464] ? check_same_owner+0x340/0x340 [ 828.150784] ? rcu_note_context_switch+0x730/0x730 [ 828.155734] __should_failslab+0x124/0x180 [ 828.159991] should_failslab+0x9/0x14 [ 828.163786] kmem_cache_alloc+0x2af/0x760 [ 828.167919] ? kasan_slab_alloc+0x12/0x20 [ 828.172067] ? kmem_cache_alloc+0x2fc/0x760 [ 828.176380] ? shmem_destroy_callback+0xc0/0xc0 [ 828.181134] shmem_alloc_inode+0x1b/0x40 [ 828.185625] alloc_inode+0x63/0x190 [ 828.189248] new_inode_pseudo+0x71/0x1a0 [ 828.193315] ? prune_icache_sb+0x1b0/0x1b0 [ 828.197892] ? shrink_dcache_for_umount+0x2b0/0x2b0 [ 828.202908] new_inode+0x1c/0x40 [ 828.206281] shmem_get_inode+0xf1/0x910 [ 828.210340] ? do_raw_spin_lock+0xc1/0x200 [ 828.214577] ? shmem_encode_fh+0x340/0x340 [ 828.218818] ? _raw_spin_unlock+0x22/0x30 [ 828.222961] ? __alloc_fd+0x34e/0x710 [ 828.226762] ? exit_files+0xb0/0xb0 [ 828.230408] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 828.235974] __shmem_file_setup+0x259/0x700 [ 828.240302] ? shmem_fill_super+0xa50/0xa50 [ 828.244630] ? get_unused_fd_flags+0x122/0x1a0 [ 828.249219] ? __alloc_fd+0x710/0x710 [ 828.253023] shmem_file_setup+0x2f/0x40 [ 828.256998] __x64_sys_memfd_create+0x2af/0x4f0 [ 828.261671] ? memfd_fcntl+0x1e80/0x1e80 [ 828.265736] do_syscall_64+0x1b9/0x820 [ 828.269625] ? finish_task_switch+0x1d3/0x870 [ 828.274118] ? syscall_return_slowpath+0x5e0/0x5e0 [ 828.279050] ? syscall_return_slowpath+0x31d/0x5e0 [ 828.283988] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 828.289006] ? prepare_exit_to_usermode+0x291/0x3b0 [ 828.294017] ? perf_trace_sys_enter+0xb10/0xb10 [ 828.298686] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 828.303548] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 828.308727] RIP: 0033:0x455e29 [ 828.311924] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 828.338360] RSP: 002b:00007f413f26ea88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 828.346068] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000455e29 [ 828.353424] RDX: 0000000020000218 RSI: 0000000000000000 RDI: 00000000004baa70 [ 828.360686] RBP: 000000000072bea0 R08: 0000000020000218 R09: 00000000fbad8001 [ 828.367972] R10: fe03f80fe03f80ff R11: 0000000000000246 R12: 0000000000000013 [ 828.375235] R13: 00000000004c2675 R14: 00000000004d3f40 R15: 0000000000000002 03:38:41 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) recvmmsg(r0, &(0x7f0000003f80)=[{{&(0x7f0000000080)=@can, 0x80, &(0x7f00000001c0)}}], 0x1, 0x0, &(0x7f0000004000)={0x77359400}) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x4000, 0x0) setsockopt$inet6_tcp_TLS_RX(r1, 0x6, 0x2, &(0x7f0000000100)={0x303, 0x33}, 0x4) sendmsg$nl_route_sched(r0, &(0x7f0000005a00)={&(0x7f0000000180)={0x10}, 0xc, &(0x7f00000059c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="2400000026000102000000000000000000000000", @ANYBLOB="00000000bd"], 0x2}, 0x1}, 0x0) 03:38:41 executing program 6: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000740)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000013e95), 0x4) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000140)={0x0, @in6={{0x2, 0x0, 0x0, @mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18], 0x1}}}}, 0x98) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000140)=0xd) close(r0) 03:38:41 executing program 1: r0 = creat(&(0x7f0000000040)='./file0\x00', 0x4) connect$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast2=0xe0000002}, 0x10) r1 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f00000000c0)=@nat={'nat\x00', 0x19, 0x2, 0x2d0, [0x200002c0, 0x0, 0x0, 0x200002f0, 0x20000320], 0x0, &(0x7f0000000000), &(0x7f00000002c0)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x5, 0x0, 0x0, 'bridge0\x00', 'rose0\x00', 'veth0_to_bridge\x00', 'vlan0\x00', @link_local={0x1, 0x80, 0xc2}, [], @link_local={0x1, 0x80, 0xc2}, [], 0x70, 0x70, 0xa0}}, @common=@redirect={'redirect\x00', 0x8, {{0xfffffffffffffffe}}}}, {{{0x11, 0x0, 0x0, 'yam0\x00', 'veth0_to_team\x00', 'teql0\x00', 'gretap0\x00', @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, [], @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, [], 0xb0, 0x138, 0x170, [@statistic={'statistic\x00', 0x18, {{0x7}}}]}, [@common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x0, 'syz1\x00'}}}, @snat={'snat\x00', 0x10, {{@remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}}}}]}, @snat={'snat\x00', 0x10, {{@broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}}}}]}]}, 0x348) getsockopt$sock_linger(r1, 0x1, 0xd, &(0x7f0000000140), &(0x7f0000000180)=0x8) 03:38:41 executing program 2: r0 = socket$inet6(0xa, 0x6, 0x0) ioctl(r0, 0x1, &(0x7f00000000c0)="025cc83d6d345f8f762070") pipe2(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4000) ioctl$KDGKBLED(r1, 0x4b64, &(0x7f0000000080)) r2 = socket$inet6(0xa, 0x2000000802, 0x0) connect$inet6(r2, &(0x7f000000cfe4)={0xa}, 0x1c) sendmmsg(r2, &(0x7f0000000000)=[{{0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000500)=[{0x18, 0x29, 0x37, "01"}], 0x18}}], 0x1, 0x0) inotify_init1(0x800) 03:38:41 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="02004c006f786e6574302d232f70726f6300") 03:38:41 executing program 5: setsockopt$inet6_MRT6_DEL_MFC_PROXY(0xffffffffffffffff, 0x29, 0xd3, &(0x7f0000002000)={{0xa, 0x0, 0x80000001}, {0xa, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xbb}}}, 0x5c) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000a80)={&(0x7f0000000080)=@proc={0x10}, 0xc, &(0x7f00000004c0)=[{&(0x7f0000000100)=ANY=[@ANYBLOB="10000000040040bbc7000000fddbdf25be2189ec2088a26149cbec6548b826d48246c0a9d7444451d14f39f33828f5687bd6d2a73d37bc8697b3bec039e62629b92aac8272b26f05938c70c39ab0fe0317eba2d7e7fb40ca6a97f9607dc7cbfd0b"], 0x10}], 0x1, &(0x7f00000009c0)}, 0x0) r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x100, 0x0) getsockopt$inet_sctp_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f0000000040), &(0x7f00000000c0)=0x8) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_int(r1, 0x29, 0x40, &(0x7f0000001fde), 0x4) 03:38:41 executing program 7 (fault-call:0 fault-nth:3): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010a0200027400f801", 0x17}], 0x0, &(0x7f00000001c0)) 03:38:41 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x34000) 03:38:41 executing program 1: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) r1 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/mixer\x00', 0x5a200, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_REM(r1, 0x84, 0x65, &(0x7f0000000140)=[@in6={0xa, 0x4e20, 0x1, @loopback={0x0, 0x1}, 0x8}, @in={0x2, 0x4e24, @multicast2=0xe0000002}, @in6={0xa, 0x4e24, 0x1, @local={0xfe, 0x80, [], 0xaa}, 0x7}, @in6={0xa, 0x4e24, 0x200000000, @remote={0xfe, 0x80, [], 0xbb}, 0xf42e}, @in6={0xa, 0x4e24, 0x7, @dev={0xfe, 0x80, [], 0x12}, 0x40}, @in={0x2, 0x4e22, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e22, @local={0xac, 0x14, 0x14, 0xaa}}, @in6={0xa, 0x4e23, 0x9, @loopback={0x0, 0x1}, 0x7}, @in6={0xa, 0x4e20, 0x2, @ipv4={[], [0xff, 0xff], @broadcast=0xffffffff}, 0x5}], 0xd8) r2 = epoll_create(0x3) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000100)) r3 = dup(r0) r4 = syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x3f, 0x210000) ioctl$KDGKBMETA(r3, 0x4b62, &(0x7f00000000c0)) ioctl$TIOCCONS(r4, 0x541d) ioctl$TIOCSBRK(r3, 0x40044591) 03:38:41 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="02006c006f786e6574302d232f70726f6300") 03:38:41 executing program 5: r0 = socket(0xa, 0x1, 0x0) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) fcntl$dupfd(r1, 0x406, r0) ioctl(r0, 0x8912, &(0x7f0000000200)="025cc83d6d345f8f762070") getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000000)={0x0, 0x8}, &(0x7f0000000080)=0x8) r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/hwrng\x00', 0x8100, 0x0) mount$9p_fd(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)='9p\x00', 0x0, &(0x7f00000002c0)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_fscache='cache=fscache', 0x2c}, {@cache_loose='cache=loose', 0x2c}, {@posixacl='posixacl', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}, {@mmap='mmap', 0x2c}, {@version_9p2000='version=9p2000', 0x2c}, {@afid={'afid', 0x3d, 0x1f}, 0x2c}, {@cache_fscache='cache=fscache', 0x2c}, {@access_any='access=any', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}]}}) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f00000000c0)={r2, 0x7}, 0x8) setsockopt$nfc_llcp_NFC_LLCP_MIUX(r0, 0x118, 0x1, &(0x7f0000000100)=0x800000000000, 0x4) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f00000004c0)=@broute={'broute\x00\x00d\x00', 0x20, 0x1, 0x3b8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20001200], 0x0, &(0x7f0000000040), &(0x7f0000001200)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff010000000300000000000000000073797a5f74756e000000000000000000626a004700000000000000000000000076657468305f746f5f7465616d000000766574683000000000000000000000000180c20000000000000000000000000000000000000000000000d8020000d802000028030000627066000000000000000000000000000000000200000000000000000000000110020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006367726f757000000000000000000000000000000000000000000000000000000800000001000000000000000000000049444c4554494d4552000000000000000000000000000000000000000000000028000000000000000000000073797a31000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000001000000ffffffff00000000"]}, 0x430) [ 828.506598] FAULT_INJECTION: forcing a failure. [ 828.506598] name failslab, interval 1, probability 0, space 0, times 0 [ 828.518039] CPU: 1 PID: 13472 Comm: syz-executor7 Not tainted 4.18.0-rc3-next-20180709+ #2 [ 828.526474] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 828.535833] Call Trace: [ 828.538966] dump_stack+0x1c9/0x2b4 [ 828.542643] ? dump_stack_print_info.cold.2+0x52/0x52 [ 828.547859] ? save_stack+0xa9/0xd0 [ 828.551533] should_fail.cold.4+0xa/0x11 [ 828.555620] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 828.560770] ? __put_user_ns+0x60/0x60 [ 828.564673] ? current_time+0x72/0x1b0 [ 828.568561] ? lock_downgrade+0x8f0/0x8f0 [ 828.572816] ? kasan_check_write+0x14/0x20 [ 828.577405] ? __lockdep_init_map+0x105/0x590 [ 828.581902] ? lock_acquire+0x1e4/0x540 [ 828.585873] ? fs_reclaim_acquire+0x20/0x20 [ 828.590202] ? lock_downgrade+0x8f0/0x8f0 [ 828.594536] ? check_same_owner+0x340/0x340 [ 828.598862] ? rcu_note_context_switch+0x730/0x730 [ 828.603803] ? kasan_check_read+0x11/0x20 [ 828.607943] __should_failslab+0x124/0x180 [ 828.612182] should_failslab+0x9/0x14 [ 828.615974] kmem_cache_alloc+0x2af/0x760 [ 828.620112] ? _raw_spin_unlock+0x22/0x30 [ 828.624260] ? __d_instantiate+0x522/0x750 [ 828.628512] __get_empty_filp+0x11b/0x620 [ 828.632648] ? d_instantiate+0x79/0xa0 [ 828.636526] ? proc_nr_files+0x60/0x60 [ 828.640677] ? do_raw_spin_lock+0xc1/0x200 [ 828.644905] ? kasan_check_read+0x11/0x20 [ 828.649043] ? do_raw_spin_unlock+0xa7/0x2f0 [ 828.653451] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 828.658025] ? kasan_check_write+0x14/0x20 [ 828.662262] ? do_raw_spin_lock+0xc1/0x200 [ 828.666488] alloc_file+0x29/0x3e0 [ 828.670134] ? clear_nlink.part.10+0x65/0x80 [ 828.674550] __shmem_file_setup+0x313/0x700 [ 828.678863] ? check_same_owner+0x340/0x340 [ 828.683179] ? shmem_fill_super+0xa50/0xa50 [ 828.687491] ? get_unused_fd_flags+0x122/0x1a0 [ 828.692583] ? __alloc_fd+0x710/0x710 [ 828.696377] shmem_file_setup+0x2f/0x40 [ 828.700352] __x64_sys_memfd_create+0x2af/0x4f0 [ 828.705010] ? memfd_fcntl+0x1e80/0x1e80 [ 828.709070] do_syscall_64+0x1b9/0x820 [ 828.713033] ? finish_task_switch+0x1d3/0x870 [ 828.717518] ? syscall_return_slowpath+0x5e0/0x5e0 [ 828.722460] ? syscall_return_slowpath+0x31d/0x5e0 [ 828.727405] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 828.732413] ? prepare_exit_to_usermode+0x291/0x3b0 [ 828.737443] ? perf_trace_sys_enter+0xb10/0xb10 [ 828.742118] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 828.746967] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 828.752143] RIP: 0033:0x455e29 [ 828.755317] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 828.774873] RSP: 002b:00007f413f26ea88 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 828.782659] RAX: ffffffffffffffda RBX: 0000000020000200 RCX: 0000000000455e29 [ 828.789937] RDX: 0000000020000218 RSI: 0000000000000000 RDI: 00000000004baa70 [ 828.797281] RBP: 000000000072bea0 R08: 0000000020000218 R09: 00000000fbad8001 03:38:41 executing program 2: r0 = socket(0x0, 0x7, 0x0) accept4$inet6(r0, &(0x7f0000000080)={0x0, 0x0, 0x0, @mcast2}, &(0x7f00000000c0)=0x1c, 0x800) bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x4}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x7, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000007110a8000000f01e00000000004b954fc254d22cc2e5b96b00000000000000000000009fa44e567c5b6cda50ae2f0ad7a9532017ba67077e8f7ce953187d146191e3e88d427f2ca22245c07310f33059730a7637c0e4963fba738aec810e47ad1e77e31b611711a1b1ea7f4b"], &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) 03:38:42 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000000c0)="025cc83d6d345f8f762070") getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000100)={{{@in6, @in=@multicast2}}, {{@in=@local}, 0x0, @in6=@ipv4={[], [], @rand_addr}}}, &(0x7f0000000000)=0xe8) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000640)={&(0x7f0000000040)={0x10}, 0xc, &(0x7f0000000600)={&(0x7f0000000700)=@acquire={0x178, 0x17, 0x1, 0x0, 0x0, {{@in6=@remote={0xfe, 0x80, [], 0xbb}}, @in=@dev={0xac, 0x14, 0x14}, {@in=@local={0xac, 0x14, 0x14, 0xaa}, @in=@remote={0xac, 0x14, 0x14, 0xbb}}, {{@in=@loopback=0x7f000001, @in6=@loopback={0x0, 0x1}, 0x0, 0x0, 0x0, 0x0, 0xa}}}, [@tmpl={0x44, 0x5, [{{@in6=@remote={0xfe, 0x80, [], 0xbb}, 0x0, 0x32}, 0x0, @in6}]}, @mark={0xc, 0x15}]}, 0x178}, 0x1}, 0x0) r2 = getpgid(0xffffffffffffffff) sched_getscheduler(r2) [ 828.804554] R10: fe03f80fe03f80ff R11: 0000000000000246 R12: 0000000000000013 [ 828.811814] R13: 00000000004c2675 R14: 00000000004d3f40 R15: 0000000000000003 [ 828.838428] xt_bpf: check failed: parse error 03:38:42 executing program 5: getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, &(0x7f0000000000)={0x80000001, 0x5, 0x820c, 0xa1f, 0x88b2, 0x953, 0x5, 0x5, 0x0}, &(0x7f0000000080)=0x20) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f00000005c0)=ANY=[@ANYRES32=r0, @ANYBLOB="72000000e5b9c9ed310fab91230399cc40767aca3b24a43ef1b70ec4dcca8de3c4fcf1f563c5cbbdbca7d6e5a3824ceca653d084faee71d5a1930a003f5395e9bd638c8503c167ceb48de2f254296374871f1564fa6f0eea03490710ef2656fd86703a6e9650cf08edada5a0ae4042fd7f8370dabc459b92dcad31ae33d3929decc5802fd8e63ee3026bbc15d6f1c3dc5076bbe37adbfd210c2c617aa78caca36279bdcfb1667b74ee24cd1dad9ae41ae05ee2521a51b2fbbd35bd2c7e0e4feebdf874ce1ed3854693f71059756aaf2e756c845e481636c32a3550aa45bd0466e5f35e628cf5f56212941eaa5dc03f90aca24cfa2f865fbaf4f69b8909f6e624f981f7720a3386e38a3114358d8eb4cb0acb1ca72f491214460395da97bafcb7f885e08cea4d4d8b0a4a6a5cb0afb69dacf1e676c15d3867ba9cf7083d32fe0f42dc81901a8e5339192794db9520d93de799d9d636ab7955abbd0342b76e649c01539baf202e426942c97bc57a7cf677f4dce072709b67e77cc4663ea44a5e56c91fc4db3a2f538b079fadc088e377204cb7ea73b06943474d7716c08223f706659c1d426dec1e5a65025e8af75dc18b7976dcd0de8dd986790ebf81e4c8845a2e8d9f3cebecba11fc2efcf7d823c144e2b32293c20fc150392c1b6fe620b9602d6cf9a077573946fbffffffffffffffc3f26fb78575aaaf6e01136b5433994a917f6addf4951103195e891fa60e73df8b452f7dec5f9852c7b0238a1bf6a0dcff49daa5ac751858016f9d40a63099de92ff4f4b79f320979e87ba3ea6e4f09e2ac29af2a3f6c798d29d774a3d5bae1e0094165565c46523d13849630ea040b8491e210ceb6cb392fc57ed067ea0bb0f7e58fdc1af2bd0be61a5474e703769b4d29ea1b0e790e9c21dda6d5ace74480304dca98b59e5319522acabe8c08c652059c590cde46586a5e69508c63d965c03e5316c8e874d41e868358607ab8ff06b3cf763f8aea1b159ff3ff0afcca0bcb2e146dc1b8094f01a173f394a075bf134"], &(0x7f0000000140)=0x7a) setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000001c0)={{{@in6=@ipv4={[], [0xff, 0xff], @rand_addr}, @in=@multicast1=0xe0000001, 0x0, 0x0, 0x0, 0x0, 0xa, 0x3, 0x20}, {}, {}, 0x0, 0x0, 0x40000000001}, {{@in=@loopback=0x7f000001, 0x0, 0x2b}}}, 0xe8) connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c) 03:38:42 executing program 7 (fault-call:0 fault-nth:4): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010a0200027400f801", 0x17}], 0x0, &(0x7f00000001c0)) 03:38:42 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x100000000000000) [ 828.951586] FAULT_INJECTION: forcing a failure. [ 828.951586] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 828.963578] CPU: 1 PID: 13509 Comm: syz-executor7 Not tainted 4.18.0-rc3-next-20180709+ #2 [ 828.972388] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 828.981789] Call Trace: [ 828.984438] dump_stack+0x1c9/0x2b4 [ 828.988104] ? dump_stack_print_info.cold.2+0x52/0x52 [ 828.993316] ? unwind_get_return_address+0x61/0xa0 [ 828.998275] ? __save_stack_trace+0x8d/0xf0 [ 829.002610] should_fail.cold.4+0xa/0x11 [ 829.006688] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 829.011820] ? lock_acquire+0x1e4/0x540 [ 829.016273] ? find_get_entry+0xa6d/0x1120 [ 829.020522] ? lock_downgrade+0x8f0/0x8f0 [ 829.024667] ? trace_hardirqs_on+0x10/0x10 [ 829.029092] ? lock_release+0xa30/0xa30 [ 829.033083] ? do_filp_open+0x255/0x380 [ 829.037079] ? trace_hardirqs_on+0x10/0x10 [ 829.041314] ? percpu_ref_put_many+0x119/0x240 [ 829.045941] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 829.051509] ? lock_acquire+0x1e4/0x540 [ 829.055570] ? fs_reclaim_acquire+0x20/0x20 [ 829.059904] ? lock_downgrade+0x8f0/0x8f0 [ 829.064167] ? check_same_owner+0x340/0x340 [ 829.068494] ? rcu_note_context_switch+0x730/0x730 [ 829.073442] __alloc_pages_nodemask+0x36e/0xdb0 [ 829.078371] ? kasan_check_read+0x11/0x20 [ 829.082529] ? rcu_is_watching+0x8c/0x150 [ 829.086687] ? __alloc_pages_slowpath+0x2d00/0x2d00 [ 829.091714] ? trace_hardirqs_on+0x10/0x10 [ 829.095958] ? is_bpf_text_address+0xd7/0x170 [ 829.100446] ? kernel_text_address+0x79/0xf0 [ 829.104854] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 829.109875] ? percpu_counter_add_batch+0xf2/0x150 [ 829.114815] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 829.119830] ? __vm_enough_memory+0x590/0x980 [ 829.124324] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 829.129849] alloc_pages_vma+0xdd/0x540 [ 829.133825] shmem_alloc_page+0xa8/0x190 [ 829.137878] ? shmem_swapin+0x230/0x230 [ 829.141855] shmem_alloc_and_acct_page+0x1f1/0x820 [ 829.146770] ? shmem_getattr+0x2c0/0x2c0 [ 829.150823] ? mem_cgroup_id_get_many+0x160/0x160 [ 829.155669] ? lock_release+0xa30/0xa30 [ 829.159641] ? __wake_up_common_lock+0x1d0/0x330 [ 829.164389] shmem_getpage_gfp+0x6ea/0x3ec0 [ 829.168704] ? shmem_writepage+0x13a0/0x13a0 [ 829.173115] ? __unlock_page_memcg+0x72/0x100 [ 829.177605] ? unlock_page_memcg+0x2c/0x40 [ 829.181828] ? page_add_new_anon_rmap+0x870/0x870 [ 829.186675] ? trace_hardirqs_on+0x10/0x10 [ 829.191531] ? trace_hardirqs_on+0x10/0x10 [ 829.195765] ? trace_hardirqs_on+0x10/0x10 [ 829.199998] ? trace_hardirqs_on+0x10/0x10 [ 829.204216] ? lock_acquire+0x1e4/0x540 [ 829.208187] ? alloc_set_pte+0x1133/0x1790 [ 829.212421] ? trace_hardirqs_on+0x10/0x10 [ 829.216642] ? lock_release+0xa30/0xa30 [ 829.220604] ? xas_descend+0x20c/0x5f0 [ 829.224477] ? trace_hardirqs_on+0x10/0x10 [ 829.228709] ? trace_hardirqs_on+0x10/0x10 [ 829.232933] ? trace_hardirqs_on+0x10/0x10 [ 829.237184] ? trace_hardirqs_on+0x10/0x10 [ 829.241421] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 829.246426] ? bpf_prog_kallsyms_find+0xde/0x4c0 [ 829.251187] ? trace_hardirqs_on+0x10/0x10 [ 829.255418] ? lock_acquire+0x1e4/0x540 [ 829.259387] ? is_bpf_text_address+0xae/0x170 [ 829.263870] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 829.268874] ? bpf_prog_kallsyms_find+0xde/0x4c0 [ 829.273628] ? trace_hardirqs_on+0x10/0x10 [ 829.277848] ? lock_downgrade+0x8f0/0x8f0 [ 829.281983] ? trace_hardirqs_on+0x10/0x10 [ 829.286227] ? lock_acquire+0x1e4/0x540 [ 829.290201] ? simple_xattr_get+0x106/0x180 [ 829.294508] ? current_time+0x72/0x1b0 [ 829.298385] ? lock_downgrade+0x8f0/0x8f0 [ 829.302783] ? kasan_check_read+0x11/0x20 [ 829.306917] ? lock_release+0xa30/0xa30 [ 829.310984] ? kasan_check_write+0x14/0x20 [ 829.315300] ? do_raw_spin_lock+0xc1/0x200 [ 829.319523] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 829.325063] ? iov_iter_fault_in_readable+0x23d/0x460 [ 829.330238] ? copy_page_from_iter+0x890/0x890 [ 829.334834] ? __sanitizer_cov_trace_switch+0x3b/0x90 [ 829.340015] ? ktime_get_coarse_real_ts64+0x243/0x3a0 [ 829.345192] shmem_write_begin+0x10a/0x1e0 [ 829.349417] generic_perform_write+0x3ae/0x6c0 [ 829.353988] ? add_page_wait_queue+0x2c0/0x2c0 [ 829.358565] ? file_update_time+0xe4/0x640 [ 829.362785] ? current_time+0x1b0/0x1b0 [ 829.366807] ? down_write+0x8f/0x130 [ 829.370508] __generic_file_write_iter+0x26e/0x630 [ 829.375426] generic_file_write_iter+0x438/0x870 [ 829.380171] ? __generic_file_write_iter+0x630/0x630 [ 829.385435] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 829.391143] ? iov_iter_init+0xc9/0x1f0 [ 829.395113] __vfs_write+0x6c6/0x9f0 [ 829.398826] ? kernel_read+0x120/0x120 [ 829.402711] ? lock_release+0xa30/0xa30 [ 829.406672] ? check_same_owner+0x340/0x340 [ 829.410976] ? __fget_light+0x2f7/0x440 [ 829.414944] ? fget_raw+0x20/0x20 [ 829.418402] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 829.423927] ? __sb_start_write+0x17f/0x300 [ 829.428235] vfs_write+0x1fc/0x560 [ 829.431762] ksys_pwrite64+0x181/0x1b0 [ 829.435646] ? __ia32_sys_pread64+0xf0/0xf0 [ 829.439959] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 829.445667] ? fput+0x130/0x1a0 [ 829.448945] ? do_sys_ftruncate+0x44e/0x560 [ 829.453253] __x64_sys_pwrite64+0x97/0xf0 [ 829.457490] do_syscall_64+0x1b9/0x820 [ 829.461372] ? finish_task_switch+0x1d3/0x870 [ 829.465868] ? syscall_return_slowpath+0x5e0/0x5e0 [ 829.470785] ? syscall_return_slowpath+0x31d/0x5e0 [ 829.475813] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 829.480816] ? prepare_exit_to_usermode+0x291/0x3b0 [ 829.485905] ? perf_trace_sys_enter+0xb10/0xb10 [ 829.490572] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 829.495404] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 829.500668] RIP: 0033:0x4100e7 [ 829.503850] Code: 12 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 51 17 00 00 c3 48 83 ec 08 e8 27 fa ff ff 48 89 04 24 49 89 ca b8 12 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 6d fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 829.523215] RSP: 002b:00007f413f26ea80 EFLAGS: 00000293 ORIG_RAX: 0000000000000012 [ 829.530999] RAX: ffffffffffffffda RBX: 0000000020000210 RCX: 00000000004100e7 [ 829.538271] RDX: 0000000000000017 RSI: 0000000020000040 RDI: 0000000000000014 [ 829.545533] RBP: 0000000000000000 R08: 0000000020000218 R09: 00000000fbad8001 [ 829.552796] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000014 [ 829.560065] R13: 0000000000000001 R14: 00000000004d3f40 R15: 0000000000000004 [ 829.572245] FAT-fs (loop7): bogus number of reserved sectors [ 829.578345] FAT-fs (loop7): Can't find a valid FAT filesystem 03:38:42 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000100)=@random={'user.', "2ec073656c696e757800"}, &(0x7f00000001c0)=""/4096, 0x1000) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vga_arbiter\x00', 0x2000, 0x0) ioctl$VT_GETSTATE(r1, 0x5603, &(0x7f00000011c0)={0x100000000, 0xc7, 0xffffffffffffff7f}) recvmmsg(r0, &(0x7f0000003f80)=[{{&(0x7f0000000080)=@can, 0x80, &(0x7f00000001c0)}}], 0x1, 0x0, &(0x7f0000004000)={0x77359400}) sendmsg$nl_route_sched(r0, &(0x7f0000005a00)={&(0x7f0000000180)={0x10}, 0xc, &(0x7f00000059c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="2400000026000102000000000000000000000000", @ANYBLOB="00000000bd"], 0x2}, 0x1}, 0x0) 03:38:42 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020006006f786e6574302d232f70726f6300") 03:38:42 executing program 1: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = socket$kcm(0x11, 0x3, 0x300) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f00000005c0)={{{@in6=@ipv4={[], [], @rand_addr}, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@local}, 0x0, @in=@local}}, &(0x7f0000000280)=0xe8) bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0xf, 0xd, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x81}, [@call={0x85, 0x0, 0x0, 0x27}, @exit={0x95}, @generic={0x0, 0x1f, 0xffffffffffff7fff, 0x4}, @jmp={0x5, 0x1f80000000000000, 0x7, 0x4, 0xf, 0xfffffffe, 0xffffffffffffffff}, @call={0x85, 0x0, 0x0, 0x4c}], {0x95}}, &(0x7f00000000c0)='syzkaller\x00', 0xffff, 0x82, &(0x7f00000001c0)=""/130, 0x41f00, 0x1, [], r2, 0x9}, 0x48) recvmsg(r1, &(0x7f0000000300)={&(0x7f0000000040)=@hci={0x0, 0x0}, 0x80, &(0x7f00000002c0)}, 0x0) r4 = socket$kcm(0x2, 0x5, 0x0) sendmsg$kcm(r4, &(0x7f0000001d40)={&(0x7f0000000740)=@in={0x2, 0x0, @dev={0xac, 0x14, 0x14}}, 0x80, &(0x7f0000001c00)=[{&(0x7f0000001bc0)="01", 0x1}], 0x1, &(0x7f0000001c80)}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x3, 0x3, &(0x7f0000000340)=@framed={{0x18}, [], {0x95}}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0xd4, &(0x7f0000000440)=""/212, 0x0, 0x0, [], r3}, 0x48) 03:38:42 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x8, &(0x7f0000001000)=ANY=[@ANYBLOB="7a0af8ff75000000bfa100000000000007010000f8ffffffb702000008000000bf130000000000008500000006000000b7000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48) 03:38:42 executing program 7 (fault-call:0 fault-nth:5): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010a0200027400f801", 0x17}], 0x0, &(0x7f00000001c0)) 03:38:42 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0xffffffffffffffff, 0x32, 0xffffffffffffffff, 0x0) r1 = openat$cgroup_subtree(0xffffffffffffffff, &(0x7f00000000c0)='cgroup.subtree_control\x00', 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000031c0)=[{{&(0x7f0000002d40)=@rc, 0x80, &(0x7f00000030c0), 0x0, &(0x7f0000003140)=""/79, 0x41}}], 0x1, 0x0, &(0x7f00000032c0)={0x77359400}) pwritev(r1, &(0x7f0000000200), 0x10000000000003b0, 0x0) getsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r0, 0x84, 0x8, &(0x7f0000000180), &(0x7f00000001c0)=0x4) r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x484800, 0x0) io_setup(0x6, &(0x7f0000000200)=0x0) r4 = syz_fuseblk_mount(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)='./file0\x00', 0xf000, 0xee01, 0xee00, 0x1f, 0x1, 0x800000) io_submit(r3, 0x4, &(0x7f0000001700)=[&(0x7f0000000380)={0x0, 0x0, 0x0, 0x1, 0x8, r2, &(0x7f0000000240)="cbdcbb6cf1be2b98f2ca4344", 0xc, 0xd282, 0x0, 0x1, r2}, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x1, 0x8, r4, &(0x7f0000000440)="2cfb284763a842f1e962b2d94e40dbb6fae2c0b404a473d41c7df803c7fca4c22846726b38b0b215d8861ad2fb2a2019f0675941f9ad3ec5566305514bb6711047b0fc8f50d5809109a6e8a8b101025b8d39b511c29ea14953b3061b1886a3aa334d8a977b2a1eaa1c0f863624123d7c682a8414b0d87eca9f0029d048ed6aa76d9e9bfa6644e020be37d3d0cd411db2eca7b2cbf23592977f3df75f72a9d3bfbd81af90328eaa3937d7b4dcd7d27806009afe3e8d7af3be0e71b3556e233f159e81dd06685d0730", 0xc8, 0x10001, 0x0, 0x1, r2}, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x3, 0x3, r1, &(0x7f0000000580)="160e32d79395245b5b05197274a88a133fd0e98cdbedbfdc0d32671fd23a443d83f14127f2573e996e22e944b58f4ee137bedb3d7b30eeb0d2bf9e882540e0a6c6b89c8f8eeb342070ae3960075702776a259fc5072819a84998fc0bc871539b5e2945a12aaa1cc690279ee0ee1c18c32c8f23e0d5490dc05d0e3a28af7c240ce4bf36cc09451e4fd26de23df5b9d9b33d7a1f412024db62c6903e1aed2e91ae0e411b95c7c516d0d6d233ee731108c7f8a831ae4767cba40e5f89d61548360c16ab4871a207eb4f4cf22718d06a0a438f9139f5f1c82fdd4e81b7171c1544c0b99a7011e5782ec62cde9852b227f11226c72ec8b949bf", 0xf7, 0xf16, 0x0, 0x1, r2}, &(0x7f00000016c0)={0x0, 0x0, 0x0, 0x7, 0x9, r0, &(0x7f00000006c0)="0a8dd888826adcb368486020786d41a4ab466f19fd43db3e2c03691ce30c6b37f9b92f14331ac163df56628cd1f8426da7444e2b1d9147c35accd536be7513a26789dfc5d74d9b58420034341bd3194b978467c9c6e8fa8a99d803356c6dd5ec6feb8fbc22c72752c45bb415f2d6ba248ae97757f0fbdcb42197e0003d2ecfd142c312fbb455a82d698bc8160139131b4efc7bb6f8985ce6dbcf7464a420e7137b87e11e832f7ec3e78858024f1a57f869cdff9c993fe7d7e7d756695f4f8cbb8e8efa8040b1b04c9428eeaca1c02b15db6d59b7ab3c2ccdedc38b599b9ae22e65986e997d344c186bd233e5fe0198868addda950d2eb8c0c8f21f38b2ff0dd0dfc2c34d5dd0a4b463b8b7833d9e99d2528294d82381a86a2d5c066f922cc3b0c8ea5c0e9bdb4a439c33339d11b0ce4523f7ec41f0dad1d47349a9e43d45519b497ad2cd54b936a4bb70da070d510b38fdc28ef9384cf5256b82d11ec0f6c1d927a4b6cee999233fc81dca455d5ec41486de0d7900d8567634fb198f526d07a9d45ca815df153cbd5ae7507c90cb1a04f1b3724b5bbbadaba5d4b167db09622dc4979478c2c10ab0823af9ba05cecb03da0bae7ffe714b968713177ce3246464b8c6db3ac448bc0be3cb968c356895ab0a60fcdcbd356b8affd1a30eeec1e40778a1fe98d1986abd7cfb04a6ef635ff9fe3c6ba187f04654e0647a64934569632a993c646c2277eecdde9e68aa5506f8202bb5ea662d3aaef8f24af0782e67c9afa1034cf04096ed2be7f7778177a4f177f4c8f4604d023b56c3fa6265caf98d6dcd5e672dbe6e315d2cbeb0929b7a409fda56f3e0d68e432207d6c4c408d115c6d64b116414ff5d6ecca3498b029b6c1f97beb312c5d84f42313aad51c896becdb5f24194c23b35cd9688eb8895daaeed2387c5a726d9968a301e0ef2a46d818dd1794a99f613f0acda08cd3bf554fab12b615b61bc4ba48885706527dbbb3aee69c8d14626c410f23c2909539d48ee4e2f1ecc36a1fcdda3c4ccd3ba0539d76f1c5cb0326663d516c7e8a54802dd3303f458f6312d7f468df160a9c7d676da80e05aeed106b42ddd3866c97feb3dd2302a36d6a453fa5ec62348fdb7371095871aacf59b167aced7e69febb1a44442360958ae881d0d84b0b641921163a6098ae58d4629ac656e0e8aa8f964fe51846b48636c95e67e36237c6571af9f6c59036227b3c3858bf1fcda8a14635dda23985aae6f930d7e2dba753b35754fb364567ba6598f5d09748376cf4b5d1f0db9b6baf6e31c6596ae7f767bc530da312429c0f0dc7fddcb940764382b5ffddc6b441ccbb1968e1c7f737df8c9c4fcce7c9f68fa4bf484fc13c252cacdc4ecf04118fce3c9a99d9cf80b0bcb7c765a471d4af645fee1735f57c5f4415c9fd40a2b8ae168b76cdf1109a9c82fc3aeaa30a2ca986c1ab73bdd018186ab657892d950e62f60585f1c9d3b41f4b54aeee350f6990c65fb1e615fdd295db07e654de31bf683f7692b07a179a07bf58ead95abbde435a22947f3db8a80b55d31f5705ca546f5871536700145d288ef3c3fcd617c1ea7adcf8e0cd54b15c1e410c6b6978c85b94c8de1fd3383e446cb0343cb278ac49ba69faf29fbaa15b1ecbcac19402a581f7006a691995f387ed8351657ad7b87142124a18a97f4db3e270d61ab1bd0fe80b3d1b20d21ee9bde29fc343013a241902e30c596ec8a4b16c684cc5f68ee145d1b0d10cdd43e45fc001b965aabbdf70b3d778be4d36a8f93f7541251093440d1bced25ba09e987e30234000d5698fd032b01ae80d0bde3b2956ab903a5e2cd2cf4ced703e06687f2ecd34133cdc7baaf01a77e232c8f776afe08e836d19e25b7d89c9c1b3f03a2f5316a849f245238523429cf8fdcb84189203d908ac9afb13c2cd356c639687be05e25076c4bdd85a0e3581ceb9dde7e39526e277da092a6557e5223896b9c6e5dbe9c47d74b1fa731aee8a45bcc0b6a83317ca8870e5d931d4a2ebcbcaeac605743fd205323cb10e6669ab30cffa7eae0773c3367dc18c4ea80b70a1fc0ba7041afd6accd051f32263376563dfe1ec826f28d5a0f54abfdf0ffc13d44c4a6ff874b3cd37fc3bf6abab6aa6a194257b514475e3ba3146178eeee59dc229353e00a59282f437632f431ad3ccbf04f114ebf0f6231dd799bb4c9b4c290caff433bdb7c5966877f444ac877e953d316a2b951c0b1c03175e6c39d79aa441b1c389b43e775622f541c946bb5ba0ffb7304f7e352d13f8ecbae33a00aa009e1988680704ccfe8c12d93481d56e40f34c8bbef2746d7b8e1bc320de5f94375b926dfd3338340527773399e0c509cb3836794f91edc24e92bf242a29e9bdaef46d56d865f11df125344f2933546912297462e61be88396e7df869c098fb9c0ab552d230d91cb70a94e3fbc071ba0fc4e06ad57b5551768c445a8ad87fb315748ac1e2649329355881991946a48faeea39eed957eb44f85614aa1cdfdbc05d3c03797ad68d495eb6e81f9c7699128fe374166e910718bad34a1474b2a8026049ecdeeaef77bc43924580ba2be2f97a597d554a59015f48b9cf7693a166d587b627125b9eba6c560b6bef6cf20114048f1885abcc9298f9c66b6395ed5158db7519e5fae8f91753de9626c9b25fa2b820da9f7b3915db05d28da3fac03cec2ee7ef9a4faedcfa880a86a977e10e8c7767a2489e49d23c6b77231599f176a9ecb8f286098a2b8960c40e7d2a95d7c86b69ccfe16f6a69da269db03f62ec0099d585c00c20fc0e48fa5b95a7d0aa4f11788a893d10b82474434aa278a503ec4dd982f7cd9333af2994dd86302bc8767587141952c66960fd1bd66df2d3691d34c6b99e54f319be9644b7adfba024575746a3caa635b4eca7dc59201e386f6511dafa42e87b040dec488d869479be61f599e480ba610e1051752e7f07dab2aa337bf1d2355d2a53e32c77d8fe04d58103fa1f87fc770e618a7fa20cc675ae05bf127226b66b625bac73d3d9e58c69b8d24cbc42a33baf75b49315731da9367223382201dda57b56e428d51d1eec337253f02fe9254a16e8dbab9806c6d145ab9d19383dbe4e231479f9acb3faa04a731b9e82bf77dedddfcc9ee90bdb1cb9f77d24d01527e8743758564976f4b1385a418d12117f0e956979c7162eb686303e766d1af8867058fc399bca7e4c597a0db7760ffc476f80f5edcc4401b06a15861579e47ae1b8b78752225025973627d23f5e4b2c8470eb9d457e144e3a052fee28029bc0eda3c7805d512a88ec255410616fe1a7aaadd01b66b09e36242c64ffc93e35f2b6f3a3a175d98ec0037223ad98e71aef77b41169d944772996ebc0eb64d421b725555ba44cf9019bc42016d703e653e91fd6dcee08e1151b25101c9fcd710aaae1aab773aee8eb1125dbd8ce17bb0d86b76dcb6fd271103e5735498bfdb67145a300e0ec49926a9ec5e6e285f48ea182fa7777a2a0e0bfe612dfb5d82a6d2ce26df770431db60155a6f116e5798acec7c8b946349471307922f8700b48c086c71c6cce4dea2221ad9cd77f07a4f091a4dd13941fa3abdd141d53c408d946ae7094fa1826f23ea426ab0dd6ac3ca239c5da5c2291bdffd28f888336c1a7c51e474d808f24979113cc2ee4443166a29bd8d1a5d84bc397f3933de01191f9e457af3aee4cf9b04446de61fc92da76ed4798b92064a0bd4c4781937c8f587442756fd28162a7be90e262c9cb331832089ed7fcda41f37096292fc4339528b20e393c5413d4c9369667b984d3820229a1f1b51bffbb08e8dd57f2fbd8761c4a098d42d3d1c1ae9c5a4a0e433cc65d861d3e7dbcb1727b6beb9f311473fc91a876a557ee5cd3141674ba95727c989814d6afd01e1d7d24e623391f0edd633a1dab8cac7d34102a5d699e5f65567ad3fb68b9ac11234599f98228f87ed2830c10ed3e5fe2f0381e09506fd7c467c6df975c06164f62d9e4c5eb3a8f4364f553c11cc761be5e838ae7f766d740c0dd785ec9d69d45e2ea08fbadcfda525f12caae719b12492aa201e78e163ffca7edc90809e0af0ecbe43ac60445f7487772a8446b58395170a7c6c31d71eeb7cb4ecea6bf6f09d0ce2eb825d2df2c77f9a96b2acdd98c8bc45a9f449b2f05451843f69893a5e3da343f4b79d4dc9bd5f9c34b406fa4b8b8bf9130e2779d6b651f861ef354f904f6e53b9af30373e0fa04183b21a7c463c30855bf646d8763612b5b0087fc5fb52ecb4aebf52b9fdfb58f0c56092f81817ad5812c1dd1445eead79b8ae52b22341a48a3e2ab7da7e584aed2688a7cae5cbcf20f9f2c5410feef5168878ab26028c75a92d90ec94672b78a3ff13cc44e641dbfa5e79ac730d1805a4a7eee9fe4802af483280c187089cfc0cc2648d590f2fa1420c42b2d4b5ca1c156c7cb40167835ed4a55bdb4a22393b0a0c71fb67a75a916e2e6697a2af1051f13bf5a8e213295740265c6a5acfa61ee8ce683b506bc8a6fe2c659399efe00cc3b000db696bb3254002e37482e5ce556ba4deae032d0c2272def9fb0a33e9868c44a2887f86de92d505e8d39f930d7f4780a5178c4cb96698cea3bd5764dac3d2c4a43c08fc14e150bc6558d9d4b96f6540d0eb138b3c9038481726ce524b3379136080ae49d8135ee79f975c4403760e3e594726df605dbf7404cf57bfb125afc6875c8ea6b0e2f6d6b8acb852572dbf300fe301a5e85aa7ea95dc96ec8ff401254d7ec945c818ae49c0ac3e63faee384681a6b3c51c43b2ed081aa67d5e04a94c78ef281a2163fbe1a465415ca2f34cd77a4f99ff9686e0b53a62d9c668b6a90482315ccb9d872fba8c193f96e55fa72e4cc11efef91190efa6d2d7cedbb4f66ebb06a425c9f6468ee641903f15d2386e981a8d8efe5d465e7ac4d881af4d32fb247db9f41aca651f3e3d5b7ebb60b1118a580c149de90e4236bff18a0fc16b31eb9c072a599b521b2bd0b01ee47559847181d5d0b85a8a450517482d263eafcec90a4a512e7f85f0e565ef8bb1e7672d1a5acc3ad5d1266d0e196d1396fcd8fe74a8d8764eb4166ea53b0e675ff3a962e004a3cbd7363eec1d9022ee650cddc7b0d5de54929d08663d4fd9914580ba62b84596e0f3212a6f27d4f22d1174a7e79833caf46aa782dca4e398ffc74c2a31f342d5f4e9425deea7e6743051b97bc583a151267440b470a1cfca043f0cb5bdd0c6189ea798e5a9660027579c8a0695184a0a21ad414411b12ddb74cae8765afb1515d3c60c038840bbf65b5b2b3eb5229a8110edd202a23ac5e711bdba59a4f78b24148688f8cbb6e1ec6bd0ad9ca7b96d6c356cde0f6aac908e98a9f890d46d3b08d0d058c7b7aec5c0912aa7265a60daed88f6f85c6eba88fd178391e28e7dcd385673a15e7eebf098d8123e2b0ab69ae0aaccaad60e40adac7a93dd7c7d1600f591dde783b92cfca0e82a32b84d9fe900b7ac27f2a344f665dc5eca4cadb3c3601be5cbe5208d0ba225c4be931ae2668e6ef35208ca068418f6a31fb3012fbf132a51291b86acfca24a257712b28e81e985d7e018159a6039cb5d11ea8ba884463a811c2b4a4d37bb59f84131023b990ce0b655e2a656a5632246d4d0873ccc1027655f2f4c2b57ab3a787434ee4a242f3637c1eea7ee8218994ea802b804bc991896ce883d04138c50c767bedbd55357c29bb54385e5f678d1ca78dce968d76b6547fdcdb53d845f6a4d9f664cda1260d2c616e6aef83f04d6636316be74ed69ebe63d57d633920aad64b6", 0x1000, 0xfffffffffffffffc, 0x0, 0x1, r2}]) getdents(r2, &(0x7f00000002c0)=""/149, 0x95) write$P9_ROPEN(r2, &(0x7f0000000140)={0x18, 0x71, 0x2, {{0x40, 0x2, 0x7}, 0x3}}, 0x18) r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='em0\x00', 0xffffffffffffff9c}, 0x10) setsockopt$RDS_FREE_MR(r5, 0x114, 0x3, &(0x7f0000000100)={{0x3, 0x6}, 0x10}, 0x10) 03:38:42 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x3d35dcdc84000000) 03:38:42 executing program 6: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000740)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000013e95), 0x4) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000140)={0x0, @in6={{0x2, 0x0, 0x0, @mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60], 0x1}}}}, 0x98) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000140)=0xd) close(r0) [ 829.829276] [ 829.831136] ********************************************************** [ 829.837850] ** NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE ** [ 829.844644] ** ** [ 829.851349] ** trace_printk() being used. Allocating extra memory. ** [ 829.858178] ** ** [ 829.858736] FAULT_INJECTION: forcing a failure. [ 829.858736] name failslab, interval 1, probability 0, space 0, times 0 [ 829.864940] ** This means that this is a DEBUG kernel and it is ** [ 829.864945] ** unsafe for production use. ** [ 829.864950] ** ** [ 829.864954] ** If you see this message and you are not debugging ** [ 829.864958] ** the kernel, report this immediately to your vendor! ** [ 829.864963] ** ** [ 829.864967] ** NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE ** [ 829.864972] ********************************************************** [ 829.931428] CPU: 0 PID: 13527 Comm: syz-executor7 Not tainted 4.18.0-rc3-next-20180709+ #2 [ 829.939849] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 829.949303] Call Trace: [ 829.952165] dump_stack+0x1c9/0x2b4 [ 829.955831] ? dump_stack_print_info.cold.2+0x52/0x52 [ 829.961060] ? lock_downgrade+0x8f0/0x8f0 [ 829.965403] should_fail.cold.4+0xa/0x11 [ 829.969487] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 829.974596] ? up_write+0x7b/0x220 [ 829.978135] ? up_read+0x110/0x110 [ 829.981764] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 829.987323] ? __generic_file_write_iter+0x1bd/0x630 [ 829.992932] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 829.999648] ? generic_file_write_iter+0x4a3/0x870 [ 830.004604] ? lock_acquire+0x1e4/0x540 [ 830.008683] ? fs_reclaim_acquire+0x20/0x20 [ 830.013013] ? lock_downgrade+0x8f0/0x8f0 [ 830.017278] ? check_same_owner+0x340/0x340 [ 830.021615] ? fsnotify+0xbac/0x14e0 [ 830.025338] ? rcu_note_context_switch+0x730/0x730 [ 830.030265] ? lock_downgrade+0x8f0/0x8f0 [ 830.034415] __should_failslab+0x124/0x180 [ 830.038655] should_failslab+0x9/0x14 [ 830.042458] kmem_cache_alloc+0x2af/0x760 [ 830.046602] getname_flags+0xd0/0x5a0 [ 830.050411] getname+0x19/0x20 [ 830.053826] do_sys_open+0x3a2/0x720 [ 830.057553] ? filp_open+0x80/0x80 [ 830.061449] ? do_sys_ftruncate+0x44e/0x560 [ 830.065797] __x64_sys_open+0x7e/0xc0 [ 830.069696] do_syscall_64+0x1b9/0x820 [ 830.073600] ? finish_task_switch+0x1d3/0x870 [ 830.078106] ? syscall_return_slowpath+0x5e0/0x5e0 [ 830.083048] ? syscall_return_slowpath+0x31d/0x5e0 [ 830.088151] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 830.093178] ? prepare_exit_to_usermode+0x291/0x3b0 [ 830.098210] ? perf_trace_sys_enter+0xb10/0xb10 [ 830.102964] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 830.107812] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 830.112987] RIP: 0033:0x410081 03:38:43 executing program 7 (fault-call:0 fault-nth:6): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010a0200027400f801", 0x17}], 0x0, &(0x7f00000001c0)) [ 830.116601] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 b4 17 00 00 c3 48 83 ec 08 e8 8a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 d3 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 830.136355] RSP: 002b:00007f413f26ea80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 830.144162] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000410081 [ 830.151431] RDX: 00007f413f26eafa RSI: 0000000000000002 RDI: 00007f413f26eaf0 [ 830.158696] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 830.165966] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000014 [ 830.173327] R13: 0000000000000001 R14: 00000000004d3f40 R15: 0000000000000005 03:38:43 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x400000000000000) 03:38:43 executing program 2: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = gettid() r1 = syz_open_procfs(r0, &(0x7f0000000400)="01a1183958f5fe57bee8df8865742f6970365f7461626c65735f6d61746368657300") getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffff9c, 0x84, 0xe, &(0x7f0000000200)={0x0, 0x3, 0x2, 0x385, 0x7f, 0x6, 0x9, 0xfffffffffffffffb, {0x0, @in={{0x2, 0x4e24, @rand_addr=0xffffffff}}, 0x180000000, 0x0, 0x6fe, 0xfffffffffffffffa, 0xffffffff80000001}}, &(0x7f00000002c0)=0xb0) setsockopt$inet_sctp_SCTP_SET_PEER_PRIMARY_ADDR(r1, 0x84, 0x5, &(0x7f0000000300)={r2, @in6={{0xa, 0x4e22, 0x7, @remote={0xfe, 0x80, [], 0xbb}, 0x2}}}, 0x84) r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) getsockopt$bt_l2cap_L2CAP_CONNINFO(r3, 0x6, 0x3, &(0x7f0000000080), &(0x7f00000000c0)=0x6) r4 = syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x57dc, 0x1) ioctl$TCFLSH(r4, 0x540b, 0x3) syz_open_dev$vcsa(&(0x7f0000000100)='/dev/vcsa#\x00', 0x4, 0x80000) [ 830.221353] FAULT_INJECTION: forcing a failure. [ 830.221353] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 830.233222] CPU: 0 PID: 13541 Comm: syz-executor7 Not tainted 4.18.0-rc3-next-20180709+ #2 [ 830.242004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 830.251358] Call Trace: [ 830.253964] dump_stack+0x1c9/0x2b4 [ 830.257645] ? dump_stack_print_info.cold.2+0x52/0x52 [ 830.262858] ? __sched_text_start+0x8/0x8 [ 830.267029] should_fail.cold.4+0xa/0x11 [ 830.271188] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 830.276313] ? iov_iter_advance+0x2ec/0x14e0 [ 830.280721] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 830.285492] ? trace_hardirqs_on+0x10/0x10 [ 830.289720] ? check_same_owner+0x340/0x340 [ 830.294058] ? shmem_unused_huge_scan+0x180/0x180 [ 830.298992] ? shmem_unused_huge_scan+0x180/0x180 [ 830.303924] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 830.310320] ? generic_perform_write+0x305/0x6c0 [ 830.315073] ? generic_file_write_iter+0x447/0x870 [ 830.320112] ? perf_trace_lock_acquire+0xeb/0x9a0 [ 830.324950] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 830.330491] ? should_fail+0x246/0xd86 [ 830.334383] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 830.339481] __alloc_pages_nodemask+0x36e/0xdb0 [ 830.344401] ? up_write+0x7b/0x220 [ 830.347950] ? __alloc_pages_slowpath+0x2d00/0x2d00 [ 830.352963] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 830.358491] ? generic_file_write_iter+0x4a3/0x870 [ 830.363416] ? lock_acquire+0x1e4/0x540 [ 830.367380] ? fs_reclaim_acquire+0x20/0x20 [ 830.372128] ? lock_downgrade+0x8f0/0x8f0 [ 830.376269] ? lock_release+0xa30/0xa30 [ 830.380233] ? check_same_owner+0x340/0x340 [ 830.384548] cache_grow_begin+0x91/0x710 [ 830.388616] kmem_cache_alloc+0x689/0x760 [ 830.392765] getname_flags+0xd0/0x5a0 [ 830.396556] getname+0x19/0x20 [ 830.399755] do_sys_open+0x3a2/0x720 [ 830.403458] ? filp_open+0x80/0x80 [ 830.407002] ? do_sys_ftruncate+0x44e/0x560 [ 830.411327] __x64_sys_open+0x7e/0xc0 [ 830.415118] do_syscall_64+0x1b9/0x820 [ 830.419000] ? finish_task_switch+0x1d3/0x870 [ 830.423496] ? syscall_return_slowpath+0x5e0/0x5e0 [ 830.428424] ? syscall_return_slowpath+0x31d/0x5e0 [ 830.433345] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 830.438353] ? prepare_exit_to_usermode+0x291/0x3b0 [ 830.443377] ? perf_trace_sys_enter+0xb10/0xb10 [ 830.448040] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 830.452881] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 830.458260] RIP: 0033:0x410081 [ 830.461433] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 b4 17 00 00 c3 48 83 ec 08 e8 8a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 d3 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 830.480918] RSP: 002b:00007f413f26ea80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 830.488618] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000410081 [ 830.495877] RDX: 00007f413f26eafa RSI: 0000000000000002 RDI: 00007f413f26eaf0 [ 830.503137] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 830.510395] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000014 03:38:43 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000020, &(0x7f000023f000), 0xfa) ioctl$FICLONE(r0, 0x40049409, r0) r1 = syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x10000, 0x410100) ioctl$sock_bt_hidp_HIDPGETCONNLIST(r1, 0x800448d2, &(0x7f0000000640)={0xa, &(0x7f0000000040)=[{}, {}, {}, {}, {}, {}, {}, {}, {}, {}]}) [ 830.517653] R13: 0000000000000001 R14: 00000000004d3f40 R15: 0000000000000006 03:38:43 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020003006f786e6574302d232f70726f6300") 03:38:43 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x200000000000000) [ 830.545740] FAT-fs (loop7): Directory bread(block 2563) failed [ 830.555573] FAT-fs (loop7): Directory bread(block 2564) failed [ 830.570530] FAT-fs (loop7): Directory bread(block 2565) failed [ 830.579619] FAT-fs (loop7): Directory bread(block 2566) failed [ 830.585808] FAT-fs (loop7): Directory bread(block 2567) failed 03:38:43 executing program 2: socketpair(0x100000000000000b, 0x5, 0xc7a, &(0x7f0000000600)={0xffffffffffffffff}) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = syz_open_dev$sndctrl(&(0x7f0000000340)='/dev/snd/controlC#\x00', 0x1, 0x200) r4 = dup2(r3, 0xffffffffffffffff) ioctl$FIBMAP(r0, 0x1, &(0x7f00000005c0)=0xffffffffffffff59) syz_emit_ethernet(0x51, &(0x7f0000000640)={@link_local={0x1, 0x80, 0xc2}, @random="1febed9771fa", [], {@llc={0x4, {@snap={0x0, 0xab, "882f", "58baac", 0x22eb, "818711218e40254332f2b37199f25e32107b3aab31a335d54d4cc48b0d66f7da6107c6c750084566074b53d7b59de37968eeaded2eb32aca01c4"}}}}}, &(0x7f00000002c0)={0x0, 0x2, [0x1ae, 0x50f, 0xf44, 0x4e7]}) r5 = fcntl$getown(r1, 0x9) sched_setaffinity(r5, 0x8, &(0x7f00000006c0)=0x4) getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000140)={0x0, 0x13, "496222c3bd63a38e34f51c79dcb8e9f9e7aeba"}, &(0x7f0000000180)=0x1b) getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r4, 0x84, 0x6, &(0x7f00000001c0)={r6, @in={{0x2, 0x4e23, @multicast1=0xe0000001}}}, &(0x7f0000000280)=0x84) r7 = accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000040)=0xe, 0x0) setsockopt$bt_BT_CHANNEL_POLICY(r7, 0x112, 0xa, &(0x7f0000000100)=0xb622, 0x4) syz_emit_ethernet(0x66, &(0x7f0000000080)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaa0086dd6076605100303afffe80ff000000000000000000000000fff702000000000000000000000000000186009078200c000060c5961e00000000ff010000000000001803000000000001ff0200000000000000000000000000019a9d5ccbe1b5d3d37ca323eefba6f5e6b0"], 0x0) flock(r2, 0x3) r8 = add_key(&(0x7f0000000380)='asymmetric\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a, 0x2}, &(0x7f0000000400)="61c827100c8e7f6027aecfa8543d27b64fe92f94e92c5949c1449a5e77d6d83bd68e53729e86b2448791261de8cd718daa8288e807045a1cf5f20e95254626e3a5286b6b2f269a30d8e9f2e6fd1e9f8a6df77a7cb7ddbfd3e08e343f192b58841efcc618801b18ae8e03f5b4118da4dfef7821d0a9424352056da8e3ee0844d9b98a66095dab02a74ea54275", 0x8c, 0xfffffffffffffffc) keyctl$get_security(0x11, r8, &(0x7f00000004c0)=""/238, 0xee) 03:38:43 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$inet6(0xa, 0x7, 0x0) r3 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000200)='/dev/uinput\x00', 0x282202, 0x0) write$P9_ROPEN(r3, &(0x7f0000000240)={0x18, 0x71, 0x2, {{0x1, 0x4, 0x1}, 0x533f}}, 0x18) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r4, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, &(0x7f00000000c0)="c4c379146600006543a02d0000000000000064670f01cab8010000000f01d946d8f1e1b066ba400066edb9f60800000f32f2400f0964460f35", 0x39}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000100)) r5 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x100) ioctl$TUNSETSNDBUF(r5, 0x400454d4, &(0x7f00000001c0)=0xffff) ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000140)={[{0x0, 0x0, 0x401, 0xda1}]}) ioctl$KVM_RUN(r5, 0xae80, 0x0) [ 830.602141] FAT-fs (loop7): Directory bread(block 2568) failed [ 830.611039] FAT-fs (loop7): Directory bread(block 2569) failed [ 830.618673] FAT-fs (loop7): Directory bread(block 2570) failed [ 830.630035] FAT-fs (loop7): Directory bread(block 2571) failed [ 830.643277] FAT-fs (loop7): Directory bread(block 2572) failed 03:38:43 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) recvmmsg(r0, &(0x7f0000003f80)=[{{&(0x7f0000000080)=@can, 0x80, &(0x7f00000001c0)}}], 0x1, 0x0, &(0x7f0000004000)={0x77359400}) r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000)='/dev/uinput\x00', 0x101000, 0x0) ioctl$SG_GET_PACK_ID(r1, 0x227c, &(0x7f0000000100)) sendmsg$nl_route_sched(r0, &(0x7f0000005a00)={&(0x7f0000000180)={0x10}, 0xc, &(0x7f00000059c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="2400000026000102000000000000000000000000", @ANYBLOB="00000000bd"], 0x2}, 0x1}, 0x0) 03:38:43 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x4000000) 03:38:43 executing program 1: r0 = perf_event_open(&(0x7f0000000200)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f00000001c0), 0x8}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r0, 0x2405, &(0x7f0000000500)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000000, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}) 03:38:43 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020009706f786e6574302d232f70726f6300") 03:38:43 executing program 7 (fault-call:0 fault-nth:7): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010a0200027400f801", 0x17}], 0x0, &(0x7f00000001c0)) 03:38:43 executing program 2: r0 = syz_open_dev$vcsn(&(0x7f0000000100)='/dev/vcs#\x00', 0x3, 0x800) ioctl$VT_SETMODE(r0, 0x5602, &(0x7f0000000140)={0x2, 0x9, 0x4, 0x81, 0x6}) stat(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setgroups(0x4, &(0x7f0000000040)=[r1, r1, r1, r1]) r2 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cuse\x00', 0x200000, 0x0) ioctl$TUNGETVNETHDRSZ(r2, 0x800454d7, &(0x7f0000000080)) socketpair$inet(0x2, 0x4, 0x1, &(0x7f0000000280)) socketpair$inet(0x2, 0x0, 0x7c, &(0x7f0000000240)) statx(r2, &(0x7f00000000c0)='./file0\x00', 0x0, 0x40, &(0x7f00000002c0)) 03:38:43 executing program 6: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000740)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000013e95), 0x4) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000140)={0x0, @in6={{0x2, 0x0, 0x0, @mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf4010000], 0x1}}}}, 0x98) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000140)=0xd) close(r0) 03:38:43 executing program 5: bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x0, 0x7f, 0x0, 0x8000000}, 0x2c) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0x10000, 0x0) getsockopt$XDP_STATISTICS(r0, 0x11b, 0x7, &(0x7f0000000180), &(0x7f00000001c0)=0x18) bpf$MAP_LOOKUP_ELEM(0xa, &(0x7f0000000000)={0xffffffffffffffff, &(0x7f0000000180), &(0x7f0000000080)=""/140}, 0x48) 03:38:43 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x1000000) [ 830.886065] FAULT_INJECTION: forcing a failure. [ 830.886065] name failslab, interval 1, probability 0, space 0, times 0 [ 830.897835] CPU: 1 PID: 13611 Comm: syz-executor7 Not tainted 4.18.0-rc3-next-20180709+ #2 [ 830.907073] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 830.916654] Call Trace: [ 830.919289] dump_stack+0x1c9/0x2b4 [ 830.922954] ? dump_stack_print_info.cold.2+0x52/0x52 [ 830.928223] ? trace_hardirqs_on+0x10/0x10 [ 830.932589] should_fail.cold.4+0xa/0x11 [ 830.936961] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 830.936983] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 830.937002] ? shmem_parse_options.cold.52+0x49/0x49 [ 830.937026] ? __set_page_dirty_no_writeback+0x14a/0x290 [ 830.937044] ? do_writepages+0x1a0/0x1a0 [ 830.937078] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 830.937097] ? trace_hardirqs_on+0x10/0x10 [ 830.937113] ? do_writepages+0x1a0/0x1a0 [ 830.937131] ? lock_acquire+0x1e4/0x540 [ 830.937145] ? fs_reclaim_acquire+0x20/0x20 03:38:44 executing program 1: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='attr\x00') setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f0000000000)=0x80, 0x4) exit(0x0) getsockopt$inet_sctp_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000040)={0x0, 0x80000001, 0xa, [0x8000, 0x7ff, 0x1, 0x5, 0x5, 0xbf83, 0x3, 0x7b, 0x8, 0x8000]}, &(0x7f00000000c0)=0x1c) ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000280)=0x0) ptrace$PTRACE_SECCOMP_GET_FILTER(0x420c, r2, 0x800, &(0x7f00000002c0)=""/157) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f00000003c0)=[{0x3, 0x10001}, {0x8, 0x2}, {0x8, 0x4}], 0x3) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000240)={r0, &(0x7f0000000200)="dcf65182339bb114b06429d8d53c4d7dc43a6af04c3c0033403ea4e2"}, 0x10) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f0000000100)={r1, 0xa0, "1b157f1be642e8ab97b75646b833534bfcfe228a6aa6a7b10f790d96f18f17ac05979f5d9bd1b7e134d2c897f532f9e8a480791b326ef20421a0547816bf6d40b7d5dd48c66929448bbdb4a6662ee830e359bafd899fd522af98a1eae64f29aa555b46b8c8cba9bb49dc1946f5f8e99f5615bdadd4db9b167bd2e0cb7fff40aa32aff583cb622e0a734f9276db48a0985075ffbb9051ee88d38a0d3b538c9468"}, &(0x7f00000001c0)=0xa8) fstat(r0, &(0x7f0000003bc0)) ioctl$KVM_SET_XCRS(r0, 0x4188aea7, &(0x7f0000000380)={0x1, 0x6, [{0x8, 0x0, 0x7}]}) 03:38:44 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x0, 0x3, &(0x7f0000000480)=ANY=[@ANYBLOB="45965a5c4f0f0000000030e12924ad83aa300fc6228476120f3c18"], &(0x7f0000000000)="47504c00bc3047eb525f484f89fc96dd6ca64da40ff023122e66f6", 0x0, 0xce, &(0x7f0000000300)=""/206, 0x41000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000000c3257d13ab1eb5140a00fffffff6006118"], &(0x7f0000000080)='syzkalleP\x00', 0x0, 0xce, &(0x7f0000000180)=""/206}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x9, 0x5, &(0x7f0000000040)=@framed={{0x18}, [@jmp={0x5}], {0x95}}, &(0x7f0000000540)="73797a6b584e3e2f9afed6d0ee3d5d5de2f791e4545b69c564e359a02949ab535c1b25caa665b968d2f1a32e3febe4189befa5f044722bae83e5b6959e392e8d24e41b4ce153c97b5a23e135e38d3b1d14ad7a9eeb7069347fee053569544f1a0000000000000000", 0x80000001, 0x48d, &(0x7f0000000300)=""/187, 0x0, 0x0, [], 0x0, 0xc}, 0x48) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)={0xd, 0x1, 0x7, 0xce21, 0x28, 0xffffffffffffffff, 0x100000001}, 0x2c) bpf$MAP_CREATE(0x0, &(0x7f0000000400)={0x4, 0x800, 0x6, 0x20, 0x8, r0, 0x468}, 0x2c) r1 = syz_open_dev$dmmidi(&(0x7f0000000440)='/dev/dmmidi#\x00', 0x1, 0x1) ioctl$KDSETLED(r1, 0x4b32, 0x3) 03:38:44 executing program 5: r0 = socket$inet(0x2, 0x2, 0x0) sendto$inet(r0, &(0x7f0000000000), 0x0, 0x0, &(0x7f0000eea000)={0x2, 0x4e20}, 0x10) socketpair(0x3, 0x0, 0x2, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TCXONC(r1, 0x540a, 0x0) r2 = semget(0x1, 0x5, 0x40) openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x480000, 0x120) semctl$IPC_RMID(r2, 0x0, 0x0) [ 830.937160] ? lock_downgrade+0x8f0/0x8f0 [ 830.937176] ? bpf_prog_kallsyms_find+0xde/0x4c0 [ 830.937211] ? check_same_owner+0x340/0x340 [ 830.937230] ? unlock_page+0x1d1/0x2c0 [ 830.937247] ? rcu_note_context_switch+0x730/0x730 [ 830.937284] __should_failslab+0x124/0x180 [ 830.937303] should_failslab+0x9/0x14 [ 830.937316] kmem_cache_alloc+0x2af/0x760 [ 830.937332] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 830.937343] ? shmem_write_end+0x374/0x9a0 [ 830.937364] __get_empty_filp+0x11b/0x620 [ 831.035125] ? proc_nr_files+0x60/0x60 [ 831.039192] ? trace_hardirqs_on+0x10/0x10 [ 831.043476] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 831.048544] ? bpf_prog_kallsyms_find+0xde/0x4c0 [ 831.053590] ? lock_acquire+0x1e4/0x540 [ 831.057577] ? is_bpf_text_address+0xae/0x170 [ 831.062376] ? lock_downgrade+0x8f0/0x8f0 [ 831.066558] path_openat+0x13f/0x5620 [ 831.070381] ? kasan_check_read+0x11/0x20 [ 831.074668] ? rcu_is_watching+0x8c/0x150 [ 831.074686] ? rcu_cleanup_dead_rnp+0x200/0x200 03:38:44 executing program 5: clock_adjtime(0x1000000, &(0x7f0000001140)) r0 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x6, 0x90000) ioctl$SG_EMULATED_HOST(r0, 0x2203, &(0x7f0000000040)) [ 831.074705] ? is_bpf_text_address+0xd7/0x170 [ 831.074720] ? path_lookupat.isra.45+0xbf0/0xbf0 [ 831.074740] ? kernel_text_address+0x79/0xf0 [ 831.097225] ? __kernel_text_address+0xd/0x40 [ 831.101737] ? unwind_get_return_address+0x61/0xa0 [ 831.106773] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 831.111806] ? expand_files.part.8+0x571/0x9c0 [ 831.116496] ? iterate_fd+0x4b0/0x4b0 [ 831.120313] ? lock_acquire+0x1e4/0x540 [ 831.124910] ? __alloc_fd+0x34e/0x710 [ 831.128720] ? lock_downgrade+0x8f0/0x8f0 [ 831.132899] ? do_sys_open+0x3a2/0x720 03:38:44 executing program 5: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f00000007c0)='/dev/ppp\x00', 0x0, 0x0) preadv(r0, &(0x7f0000000340)=[{&(0x7f0000000000)=""/57, 0xfffffffffffffd91}], 0x1, 0x0) setsockopt$packet_int(r0, 0x107, 0x13, &(0x7f0000000040)=0x6, 0x4) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000000c0)={r0, 0x6, 0x1, 0x7, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0], 0x4}, 0x20) [ 831.136829] ? kasan_check_read+0x11/0x20 [ 831.140992] ? do_raw_spin_unlock+0xa7/0x2f0 [ 831.145468] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 831.150104] ? kasan_check_write+0x14/0x20 [ 831.154355] ? do_raw_spin_lock+0xc1/0x200 [ 831.158780] ? _raw_spin_unlock+0x22/0x30 [ 831.162948] ? __alloc_fd+0x34e/0x710 [ 831.167051] ? usercopy_warn+0x120/0x120 [ 831.171417] do_filp_open+0x255/0x380 [ 831.175233] ? may_open_dev+0x100/0x100 [ 831.179225] ? get_unused_fd_flags+0x122/0x1a0 03:38:44 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) utime(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0x100000000, 0x9}) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_GET_LAPIC(r1, 0x8400ae8e, &(0x7f0000000180)={"f6d15fa623e675355753c278e42c8fbb24768f4c750ef21327f6cb3386a1c46ec75fc9975d941015913f9793070e459d5ef5c36097fd804e51cd1251cf911fc343fcced868cbed337cf0525580cfc9e49b60385b733f0239aa051c67b26976ab3d16b6bdefe9515463a9690bdf5c4a685205c7f823610ebe63f54825c40a79037aab287019b85ebf380ea5fd66b2ddbd3f67f717288d6ca8d6b4ff27b186eb5583b1b8d41ffa854e7b59cccac567aec092e1b5ea47da868a08365144be3d208c558da8f7828a51eee80a7fa24961ebbbae1e106da40eee84ad7c64cbcf9a8cea6e8b63ba3d2f9a8cb10ffe6dd7fac04df2f147c467b4a0950789818b9091bcd70f6457c527a596c7a8b71ee9ac8be60ecb35466d4d88a4ab07e7db85c340c0b127998b13f5dd601aa94a9158a1229a32f837f6d2c3104087316f1ea39db1bc93497c2069512bbd86ffcc8f597e783f89a18bbc71dd2d23d38a51ca8df3c3e15b119f4ad8635e2f944dd9d9a9cecaf009681f226fb1f5e04db373a54e801a88fd63278376e3650c3b74d0cd9f033ed42a5b06a2af442a51d71fd47a836e6e9d5d95a48bae5e5a83ceae4afb07aac49b29888b8a0c18ecb672658cf5b2d82507db8d4f9030cf86663c51be89a906685fa1310eb9960e2540c4920bbddbce67d1fb4a0eb46a87029e943e24f7501f07e14af82c4d64ddfc197420e320d7ccffefdaf27fefa3df15bdff040634bd2659c310c3758bad47e9a334bf3ca596797c6d35293384d5e14d0926ef349689a3bb5eb4a4040f7bbb0cd73820e5e06e093a33a31492f098b235cfc0c47dac36f9679ded85a2a7b52b9aa587df754c3bf1d8ea355b0031e05752637a274ccaaeba827e06d1a1ebc0e75672578a190d5f4b9339b86832b78004c20a728d4a06ad5cc5b8e6f227871a7463b35d0987219c312302182629df0a7b315ecdc8712afa53385338bece00feed61932dd3cbb1ae70216fd83f3f487af56941191bce98d50f228e59e15547b392de44ca319ae34db3806bda4d597ed34e6de578d23808248dab2411624125ddf8f3ab74493d4ca9d60b5c64fbb1016c5f624b95ceecaee63f7bc082bba86a367e65a0c635564af3fb47e6189d6b6d0d3798d88b3e3edfeef865381b543aa029e4d0d2b7a253ff65242fa5cd4007bf4cab569989471e53b869ca8725945b57584c52cad74a46083cc8b63fac52dc68ce5bc1614d3efd5ff8c7d7e6b56ba26e7f68fcfe6a6103d28def7a34a6a05cb5e09d47701ca11c72ae82e6c632ef5f057b9045493ce2abeea45e195801621290d94631e9b32999e0a01570ada4a3e39abc389e05e91f92ff1dbe359364d709a7635d1df5e106ac758078612ad8f862affa6fd5b7f48dc11d18ef971ff28064cc2a189e1ab99aff3ae78c88aac6e0f008c3fda044044c4cbb77922b09ba"}) [ 831.184427] ? __alloc_fd+0x710/0x710 [ 831.188245] do_sys_open+0x584/0x720 [ 831.191970] ? filp_open+0x80/0x80 [ 831.195544] ? do_sys_ftruncate+0x44e/0x560 [ 831.199876] __x64_sys_open+0x7e/0xc0 [ 831.203714] do_syscall_64+0x1b9/0x820 [ 831.207635] ? syscall_return_slowpath+0x5e0/0x5e0 [ 831.212569] ? syscall_return_slowpath+0x31d/0x5e0 [ 831.217506] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 831.222519] ? prepare_exit_to_usermode+0x291/0x3b0 [ 831.227536] ? perf_trace_sys_enter+0xb10/0xb10 [ 831.232211] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 831.237063] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 831.242240] RIP: 0033:0x410081 [ 831.245413] Code: 75 14 b8 02 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 b4 17 00 00 c3 48 83 ec 08 e8 8a fa ff ff 48 89 04 24 b8 02 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 d3 fa ff ff 48 89 d0 48 83 c4 08 48 3d 01 [ 831.265322] RSP: 002b:00007f413f26ea80 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 831.273021] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000410081 [ 831.280285] RDX: 00007f413f26eafa RSI: 0000000000000002 RDI: 00007f413f26eaf0 [ 831.287627] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 831.294892] R10: 0000000000000075 R11: 0000000000000293 R12: 0000000000000014 [ 831.302149] R13: 0000000000000001 R14: 00000000004d3f40 R15: 0000000000000007 03:38:44 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0xfffffffb) 03:38:44 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) recvmmsg(r0, &(0x7f0000003f80)=[{{&(0x7f0000000080)=@can, 0xffffff9b, &(0x7f00000001c0)}}], 0x1, 0x0, &(0x7f0000004000)={0x77359400}) sendmsg$nl_route_sched(r0, &(0x7f0000005a00)={&(0x7f0000000180)={0x10}, 0xc, &(0x7f00000059c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="2400000026000102000000000000000000000000", @ANYBLOB], 0x2}, 0x1}, 0x0) 03:38:44 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020002006f786e6574302d232f70726f6300") 03:38:44 executing program 2: add_key$user(&(0x7f0000000040)='user\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a, 0x2}, &(0x7f00000002c0)="956252b49c7bdb0fabeb726b7858ff0892a5305de35ac81f6d6718068b9455033c2cea75f0d0fcdacd005667b4dcebed733c8a9013170dc64ff502a70e9337e1371eb1a36381c9f18ac59e8ebe060bc49213a2f03e5f915672e028ccde708f5699eaacf2b13f095fc981f462e8097eca80ea3b2f8fd70cc71d205024adc9a09e9d", 0x81, 0xfffffffffffffff9) request_key(&(0x7f00000000c0)='.request_key_auth\x00', &(0x7f0000000100)={0x73, 0x79, 0x7a, 0x0}, &(0x7f0000000180)=',\x00', 0x0) r0 = add_key$user(&(0x7f0000000380)='user\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a, 0x2}, &(0x7f0000000400)="ce362badaf35b2964b5561b3ff68c4d3535a74ceb8f56dbf7125017f8cb35b7079a944bba745e36c5a7b6a76013aec2751b3c6844b9d417b49d7f662532bff37492117b6377643f255afd367d569a7c7", 0x50, 0xfffffffffffffffa) r1 = add_key$user(&(0x7f0000000480)='user\x00', &(0x7f00000004c0)={0x73, 0x79, 0x7a, 0x2}, &(0x7f0000000500)="6abbd6f59711fcc226f97a708aa6810a821c1792119cfde540b1b05cf7b0fd79de4fda69996cf7adeba02e26b9bbefbb2978cf6b2adad8a4a4fbc6db91b0cf2ee77e99befc56d03312396b8cd19a98bd5f15f64a7dd25bac63afcacb9f094d7321a7b66344ac06f02ebc7e322355b281514990bd794e1c2564fcfc27b1d5a99f07d46617e84704532692189d6ce52217f4a2477969550823b1cde431f3d99d8b4b1aa8027310d76ed675d63d5089d1658c0e55b69a04c58ea3930565130e9248d701b1f1e360dee30596d633d6feea91f6116fa20939", 0xd6, 0xfffffffffffffffd) r2 = add_key(&(0x7f0000000600)='encrypted\x00', &(0x7f0000000640)={0x73, 0x79, 0x7a, 0x2}, &(0x7f0000000680)="608fcfc8fb85fb164759b2f893de66b93ba80607ed876647a149b6df85f0152d261ae96384ef71f71b1f8d4723e3e156494a11768d1b420e8e9205b09a66798775bb9f5fee663f2e409c785b44ea088d94ff52ed9b24326a1bed91c3983a0ea3b2504b24e698ca5b8d999a303ca46a51d15e9b422a57a2e0ab589c326fd788725bb63d0b82a6722a395c93a18f61b94d2ae64b2ae147d65586bda8ee3fed223ec9fd7d1889858af547a2", 0xaa, 0xfffffffffffffff8) keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r2, r1}, &(0x7f00000001c0)=""/190, 0xbe, &(0x7f0000000000)={&(0x7f0000000280)={"726d643136302d67656e65726963280a3df2f35a6d00"}, &(0x7f00000002c0), 0x22f}) 03:38:44 executing program 7 (fault-call:0 fault-nth:8): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010a0200027400f801", 0x17}], 0x0, &(0x7f00000001c0)) 03:38:44 executing program 5: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ashmem\x00', 0x3, 0x0) ioctl$ASHMEM_PURGE_ALL_CACHES(r0, 0x770a, 0x0) ioctl$FS_IOC_SETFSLABEL(r0, 0x41009432, &(0x7f00000001c0)="3c51ff93fb934847bb42aa933e77a2f2a232c9210cd892bedc8487f7c5fec79cf2ca0bbd7a07e51e7a13a63cb20e450050ca835d3569face7a74f3eb36b58a62375f0356c06c7baba09700e45d78a58d91e414fbfc80b3d2cdd78b0d5962f34488ec2229f086e03131a1177433ba273c510846a15992cd8631752317e6fb64dbc3c64cef632de6048b1aab337a4da5947edc22a8b75f5245295150ba5407d75c2fb0fb81cfdac7adb4f712f00a959883e12ffc8c76a3620a8634fc6c80c20347c1614b8fad967a82b23a49d78054f93d26924d2761cb17e1f5e1e5104a7b914ea653ff34c4506251daf82d3be22c5db42153c6cbbdff0c00") 03:38:44 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x2000000000000000) 03:38:44 executing program 6: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000740)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000013e95), 0x4) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000140)={0x0, @in6={{0x2, 0x0, 0x0, @mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1800], 0x1}}}}, 0x98) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000140)=0xd) close(r0) 03:38:45 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00009e3ff6)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00005befdc)) r1 = syz_open_pts(r0, 0x20201) fcntl$setstatus(r1, 0x4, 0x102800) ioctl$TCXONC(r1, 0x540a, 0x0) write(r1, &(0x7f0000000000)="d5", 0x1) ioctl$TCXONC(r1, 0x540a, 0x2) dup3(r1, r0, 0x0) 03:38:45 executing program 2: r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x80, 0x0) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000140)={0x0, 0x0}) write$P9_RGETLOCK(r0, &(0x7f0000000180)={0x26, 0x37, 0x1, {0x2, 0x1, 0x0, r1, 0x8, 'pagemap\x00'}}, 0x26) r2 = syz_open_procfs(0x0, &(0x7f0000000000)='pagemap\x00') pread64(r2, &(0x7f0000e3e000)=""/8, 0x8, 0x100800) signalfd4(r2, &(0x7f0000000040), 0x8, 0x80800) getsockopt$bt_rfcomm_RFCOMM_LM(r2, 0x12, 0x3, &(0x7f0000000080), &(0x7f00000000c0)=0x4) [ 831.879822] FAULT_INJECTION: forcing a failure. [ 831.879822] name failslab, interval 1, probability 0, space 0, times 0 [ 831.891319] CPU: 1 PID: 13685 Comm: syz-executor7 Not tainted 4.18.0-rc3-next-20180709+ #2 [ 831.899949] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 831.909748] Call Trace: [ 831.912360] dump_stack+0x1c9/0x2b4 [ 831.916014] ? dump_stack_print_info.cold.2+0x52/0x52 [ 831.921619] should_fail.cold.4+0xa/0x11 [ 831.925720] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 831.930880] ? run_rebalance_domains+0x4c0/0x4c0 [ 831.935676] ? __enqueue_entity+0x10d/0x1f0 [ 831.940370] ? trace_hardirqs_on+0x10/0x10 [ 831.944627] ? enqueue_entity+0x34b/0x2130 [ 831.948880] ? rcu_sched_qs+0xe/0x150 [ 831.952707] ? rcu_sched_qs+0x150/0x150 [ 831.956716] ? lock_acquire+0x1e4/0x540 [ 831.960747] ? fs_reclaim_acquire+0x20/0x20 [ 831.965128] ? lock_downgrade+0x8f0/0x8f0 [ 831.969302] ? check_same_owner+0x340/0x340 [ 831.973639] ? perf_trace_lock+0x920/0x920 [ 831.977896] ? rcu_note_context_switch+0x730/0x730 [ 831.982867] ? kasan_check_write+0x14/0x20 [ 831.987125] __should_failslab+0x124/0x180 [ 831.991470] should_failslab+0x9/0x14 [ 831.995315] kmem_cache_alloc+0x2af/0x760 [ 831.999510] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 832.004551] __kernfs_new_node+0xef/0x5a0 [ 832.008724] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 832.013496] ? bd_set_size+0x2c4/0x370 [ 832.017404] ? lock_downgrade+0x8f0/0x8f0 [ 832.021766] ? lock_release+0xa30/0xa30 [ 832.026040] ? lock_acquire+0x1e4/0x540 [ 832.030017] ? blk_queue_write_cache+0x1bc/0x467 [ 832.034766] ? lock_downgrade+0x8f0/0x8f0 [ 832.038910] kernfs_new_node+0x80/0xf0 [ 832.042788] kernfs_create_dir_ns+0x3d/0x140 [ 832.047214] internal_create_group+0x3c9/0x9e0 [ 832.051820] ? do_raw_spin_lock+0xc1/0x200 [ 832.056082] sysfs_create_group+0x1f/0x30 [ 832.060236] lo_ioctl+0x12bf/0x1d00 [ 832.063869] ? lo_rw_aio_complete+0x450/0x450 [ 832.068371] blkdev_ioctl+0x9cd/0x2030 [ 832.072279] ? lock_acquire+0x1e4/0x540 [ 832.076251] ? blkpg_ioctl+0xc40/0xc40 03:38:45 executing program 1: r0 = syz_open_dev$amidi(&(0x7f0000000040)='/dev/amidi#\x00', 0x6, 0x12000) getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(0xffffffffffffffff, 0x84, 0x70, &(0x7f0000000080)={0x0, @in6={{0xa, 0x4e23, 0xc97b, @mcast1={0xff, 0x1, [], 0x1}, 0x7ff}}, [0x0, 0x4, 0x6, 0x100, 0x6, 0x81, 0x415341ea, 0x8, 0x0, 0x800, 0x4, 0x8000, 0x6739, 0x14, 0xfffffffffffffff8]}, &(0x7f0000000180)=0x100) setsockopt$inet_sctp_SCTP_SET_PEER_PRIMARY_ADDR(r0, 0x84, 0x5, &(0x7f00000001c0)={r1, @in={{0x2, 0x4e24, @remote={0xac, 0x14, 0x14, 0xbb}}}}, 0x84) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000280)={'\x00', 0x800}) ioctl$KVM_SET_VAPIC_ADDR(r0, 0x4008ae93, &(0x7f0000000340)=0x10000) r2 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x0) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f00000002c0)={&(0x7f0000ffc000/0x2000)=nil, 0x2000}, &(0x7f0000000300)=0x10) ioctl$HDIO_GETGEO(r2, 0x301, &(0x7f0000001240)) 03:38:45 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) getsockname(r0, &(0x7f0000000100)=@ipx, &(0x7f0000000000)=0x80) recvmmsg(r0, &(0x7f0000003f80)=[{{&(0x7f0000000080)=@can, 0x80, &(0x7f00000001c0)}}], 0x1, 0x0, &(0x7f0000004000)={0x77359400}) sendmsg$nl_route_sched(r0, &(0x7f0000005a00)={&(0x7f0000000180)={0x10}, 0xc, &(0x7f00000059c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="2400000026000102000000000000000000000000", @ANYBLOB="000000bd00"], 0x2}, 0x1}, 0x0) 03:38:45 executing program 5: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x28000, 0x0) ioctl$EVIOCSKEYCODE_V2(r0, 0x40284504, &(0x7f00000000c0)={0x4, 0x11, 0x7f, 0x1, "65cbeeca1bcfedeca5a2439560eb336ddab7e71b32ba0e755d2d764322cdc44d"}) setsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000001000)={0x10000, 0x4, 0x100, 0x400}, 0x6) r1 = socket(0x11, 0x80002, 0x0) bind$packet(r1, &(0x7f0000000480)={0x11, 0x3, 0x0, 0x1, 0x0, 0x6, @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}}, 0x14) setsockopt(r1, 0x107, 0x5, &(0x7f0000001000), 0xc5) syz_emit_ethernet(0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="000000000000aaaaaaaaaaaa8100450081000000000000009078ac1414aaac14140000000000", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5000000090edf95b06bb2abc3f73b7a186780000"], &(0x7f00000003c0)) 03:38:45 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vsock\x00', 0x2, 0x0) ioctl$KDSIGACCEPT(r1, 0x4b4e, 0x1d) perf_event_open(&(0x7f000000a000)={0x3, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x9}, 0xa000003ff, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount(&(0x7f00008deff8)='./file0\x00', &(0x7f0000343ff8)='./file0\x00', &(0x7f000015bffc)='nfs\x00', 0x0, &(0x7f000000a000)) [ 832.080127] ? lock_release+0xa30/0xa30 [ 832.084109] ? save_stack+0xa9/0xd0 [ 832.087741] ? save_stack+0x43/0xd0 [ 832.091372] ? __fget+0x4d5/0x740 [ 832.094836] ? ksys_dup3+0x690/0x690 [ 832.098559] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 832.103158] ? kasan_check_write+0x14/0x20 [ 832.107432] ? do_raw_spin_lock+0xc1/0x200 [ 832.111678] block_ioctl+0xee/0x130 [ 832.115314] ? blkdev_fallocate+0x400/0x400 [ 832.119645] do_vfs_ioctl+0x1de/0x1720 [ 832.123544] ? ioctl_preallocate+0x300/0x300 03:38:45 executing program 1: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x12, 0x8, &(0x7f0000000140)=ANY=[@ANYBLOB="7a0af8ff00000016bf0000000000000007010000f8ffffffb702000008000000bd000006000000b7000000000000009500000000000000000000000000000000"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0xa}, 0x48) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup/syz1\x00', 0x200002, 0x0) bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000080)={r1, r0, 0xa}, 0x10) [ 832.127708] Unknown ioctl 19278 [ 832.127981] ? __fget_light+0x2f7/0x440 [ 832.127994] ? fget_raw+0x20/0x20 [ 832.128013] ? trace_hardirqs_on+0xd/0x10 [ 832.141114] xprt_adjust_timeout: rq_timeout = 0! [ 832.142831] ? kmem_cache_free+0x22e/0x2d0 [ 832.142849] ? putname+0xf7/0x130 [ 832.142864] ? do_sys_open+0x3cb/0x720 [ 832.142882] ? security_file_ioctl+0x94/0xc0 [ 832.142897] ksys_ioctl+0xa9/0xd0 [ 832.167070] __x64_sys_ioctl+0x73/0xb0 [ 832.170988] do_syscall_64+0x1b9/0x820 [ 832.173811] Unknown ioctl 19278 03:38:45 executing program 1: r0 = syz_open_dev$sndseq(&(0x7f0000ff0ff3)='/dev/snd/seq\x00', 0x0, 0x0) r1 = request_key(&(0x7f0000000000)='pkcs7_test\x00', &(0x7f0000000040)={0x73, 0x79, 0x7a, 0x3}, &(0x7f0000000080)='port0\x00', 0xfffffffffffffff9) keyctl$update(0x2, r1, &(0x7f00000000c0)="9d25a84129b989571933c3ca00f6a10ebea85e3dc3a04b306de97914ee038a08c234895b77c1b681fd0a5e2a983e55ce26f144744adecb964208f921066dcb9f629f2f092075b5091b29d22d78c588dd55f1c5547e79cabb4bdc6790cd3ffe276e9b6d982d80c8936f8ef5d07a5a89980466a45a8758fe62ac0ea186f2deef1961fd6c3819a3470bb72594717aa95d6f8355da1b8758fa637c5bff2b017efbd3539c8a4bb6cd0ec6a582a830170994d1ad173806a57a12eb1020401ff8401bd794f85dc0cf40aca8da76d8a65057e87f7220", 0xd2) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r0, 0x40a85321, &(0x7f0000000280)={{0x80}, 'port0\x00'}) fcntl$setpipe(r0, 0x407, 0x1) ioctl$SNDRV_SEQ_IOCTL_RUNNING_MODE(r0, 0xc0105303, &(0x7f00000001c0)={0x7fffffff, 0x7fff, 0x9}) 03:38:45 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000440)="025cc83d6d345f8f762070") r1 = syz_open_dev$binder(&(0x7f0000008ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ppp\x00', 0x20000, 0x0) r2 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000007000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000002000)}) r3 = dup2(r2, r1) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000180)={0x5c, 0x0, &(0x7f0000000100)=[@request_death={0x400c630e}, @transaction_sg={0x40486311, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000), &(0x7f0000000040)}}}], 0x0, 0x0, &(0x7f0000000080)}) ioctl$VHOST_SET_VRING_ENDIAN(r3, 0x4008af13, &(0x7f0000000000)={0x3, 0x3fa}) [ 832.174881] ? finish_task_switch+0x1d3/0x870 [ 832.174900] ? syscall_return_slowpath+0x5e0/0x5e0 [ 832.174915] ? syscall_return_slowpath+0x31d/0x5e0 [ 832.174936] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 832.181396] xprt_adjust_timeout: rq_timeout = 0! [ 832.182705] ? prepare_exit_to_usermode+0x291/0x3b0 [ 832.182721] ? perf_trace_sys_enter+0xb10/0xb10 [ 832.182738] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 832.182759] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 832.182776] RIP: 0033:0x455c97 [ 832.225241] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7d bb fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 832.239078] binder: 13724:13725 transaction failed 29189/-22, size 0-0 line 2852 [ 832.244530] RSP: 002b:00007f413f26ea88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 832.244547] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000455c97 [ 832.244555] RDX: 0000000000000014 RSI: 0000000000004c00 RDI: 0000000000000015 03:38:45 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSIFADDR(r3, 0x8916, &(0x7f0000000000)={'lo\x00', {0x2, 0x0, @rand_addr=0xffffffffd5064805}}) ioctl$sock_inet_SIOCSIFBRDADDR(r3, 0x891a, &(0x7f0000000080)={'lo\x00', {0x2, 0x0, @multicast1=0xe0000001}}) r4 = syz_genetlink_get_family_id$team(&(0x7f0000000100)='team\x00') getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000180)={{{@in6=@dev, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast2}, 0x0, @in6=@mcast1}}, &(0x7f00000002c0)=0xe8) getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000000300)={{{@in6=@local, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@loopback}, 0x0, @in6=@remote}}, &(0x7f0000000400)=0xe8) getsockopt$inet_IP_IPSEC_POLICY(r3, 0x0, 0x10, &(0x7f0000000440)={{{@in, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@broadcast}, 0x0, @in6}}, &(0x7f0000000540)=0xe8) getsockopt$inet_mreqn(r1, 0x0, 0x20, &(0x7f0000001e40)={@loopback, @remote, 0x0}, &(0x7f0000001e80)=0xc) getsockopt$inet6_mreq(r0, 0x29, 0x1c, &(0x7f0000003600)={@remote, 0x0}, &(0x7f0000003640)=0x14) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000003800)={'yam0\x00', 0x0}) getsockopt$inet6_mreq(r2, 0x29, 0x1b, &(0x7f0000003840)={@dev, 0x0}, &(0x7f0000003880)=0x14) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000040c0)={'vcan0\x00', 0x0}) getsockopt$inet6_mreq(r2, 0x29, 0x1f, &(0x7f0000004100)={@local, 0x0}, &(0x7f0000004140)=0x14) getsockopt$inet_IP_XFRM_POLICY(r3, 0x0, 0x11, &(0x7f0000005780)={{{@in=@remote, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@dev}, 0x0, @in6=@local}}, &(0x7f0000005880)=0xe8) getsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000005980)={{{@in=@broadcast, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{}, 0x0, @in6=@local}}, &(0x7f0000005a80)=0xe8) sendmsg$TEAM_CMD_OPTIONS_SET(r1, &(0x7f0000005f40)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000005f00)={&(0x7f0000005ac0)={0x414, r4, 0x308, 0x70bd2d, 0x25dfdbfc, {0x1}, [{{0x8, 0x1, r5}, {0x44, 0x2, [{0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x8, 0x3, 0xe}, {0x8, 0x4, 0x8}}, {0x8, 0x6, r6}}}]}}, {{0x8, 0x1, r7}, {0x16c, 0x2, [{0x40, 0x1, @queue_id={{{0x24, 0x1, 'queue_id\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x9}}, {0x8, 0x6, r8}}}, {0x40, 0x1, @queue_id={{{0x24, 0x1, 'queue_id\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x9}}, {0x8, 0x6, r9}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24, 0x1, 'lb_stats_refresh_interval\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x101}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, r10}}, {0x8, 0x7}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24, 0x1, 'lb_stats_refresh_interval\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x5}}}]}}, {{0x8, 0x1, r11}, {0x238, 0x2, [{0x38, 0x1, @lb_stats_refresh_interval={{0x24, 0x1, 'lb_stats_refresh_interval\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x7}}}, {0x3c, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x8, 0x3, 0x5}, {0xc, 0x4, 'random\x00'}}}, {0x3c, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x8, 0x3, 0x5}, {0xc, 0x4, 'random\x00'}}}, {0x40, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x8, 0x3, 0x5}, {0x10, 0x4, 'broadcast\x00'}}}, {0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, r12}}}, {0x54, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8, 0x3, 0xb}, {0x24, 0x4, [{0x2, 0x101, 0x0, 0x8}, {0x400, 0x80000000, 0xb79c, 0x6}, {0x7f, 0x7, 0xfffffffffffffff9, 0x6}, {0x2, 0x8, 0x8, 0x7}]}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, r13}}, {0x8, 0x7}}}, {0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, r14}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8, 0x3, 0xb}, {0x8, 0x4, 0x2b8}}, {0x8, 0x6, r15}}}]}}]}, 0x414}, 0x1, 0x0, 0x0, 0x8000}, 0x4000000) [ 832.244563] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 832.244572] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 [ 832.244579] R13: 0000000000000001 R14: 00000000004d3f40 R15: 0000000000000008 [ 832.258454] FAT-fs (loop7): Directory bread(block 2563) failed [ 832.285347] binder: 13724:13725 ioctl 4008af13 20000000 returned -22 [ 832.291348] FAT-fs (loop7): Directory bread(block 2564) failed [ 832.315638] FAT-fs (loop7): Directory bread(block 2565) failed [ 832.321739] FAT-fs (loop7): Directory bread(block 2566) failed 03:38:45 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="0200001f6f786e6574302d232f70726f6300") 03:38:45 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x1000000000000) [ 832.328353] FAT-fs (loop7): Directory bread(block 2567) failed [ 832.336866] FAT-fs (loop7): Directory bread(block 2568) failed [ 832.348506] binder: 13724:13732 tried to acquire reference to desc 0, got 1 instead [ 832.377027] FAT-fs (loop7): Directory bread(block 2569) failed [ 832.393989] binder: 13724:13738 BC_REQUEST_DEATH_NOTIFICATION invalid ref 0 [ 832.404389] FAT-fs (loop7): Directory bread(block 2570) failed [ 832.410719] binder: 13724:13738 transaction failed 29189/-22, size 0-0 line 2852 [ 832.411455] binder: undelivered TRANSACTION_ERROR: 29189 03:38:45 executing program 7 (fault-call:0 fault-nth:9): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010a0200027400f801", 0x17}], 0x0, &(0x7f00000001c0)) 03:38:45 executing program 5: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp_SCTP_PR_STREAM_STATUS(0xffffffffffffffff, 0x84, 0x74, &(0x7f0000000080)=""/26, &(0x7f00000000c0)=0x1a) shmget(0xffffffffffffffff, 0x3000, 0x1000, &(0x7f0000ffc000/0x3000)=nil) shmat(0x0, &(0x7f0000ffc000/0x2000)=nil, 0x6000) 03:38:45 executing program 2: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) perf_event_open(&(0x7f000000a000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x3, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, @perf_config_ext={0xfffffffeffffffff}, 0xa000003fe, 0x0, 0xfffffffffffffff8}, 0x0, 0x0, 0xffffffffffffffff, 0xfffffffffffffffe) mount(&(0x7f00008deff8)='./file0\x00', &(0x7f0000343ff8)='./file0\x00', &(0x7f000015bffc)='nfs\x00', 0x0, &(0x7f000000a000)) [ 832.424540] FAT-fs (loop7): Directory bread(block 2571) failed [ 832.436846] FAT-fs (loop7): Directory bread(block 2572) failed [ 832.453528] binder: undelivered TRANSACTION_ERROR: 29189 [ 832.541004] FAULT_INJECTION: forcing a failure. [ 832.541004] name failslab, interval 1, probability 0, space 0, times 0 [ 832.552444] CPU: 0 PID: 13761 Comm: syz-executor7 Not tainted 4.18.0-rc3-next-20180709+ #2 [ 832.560858] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 832.570222] Call Trace: [ 832.573093] dump_stack+0x1c9/0x2b4 [ 832.576753] ? dump_stack_print_info.cold.2+0x52/0x52 [ 832.582048] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 832.587604] ? __perf_event_task_sched_in+0x24f/0xbb0 [ 832.592814] should_fail.cold.4+0xa/0x11 [ 832.596919] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 832.602299] ? run_rebalance_domains+0x4c0/0x4c0 [ 832.607096] ? trace_hardirqs_on+0x10/0x10 [ 832.611348] ? kasan_check_read+0x11/0x20 [ 832.615513] ? do_raw_spin_unlock+0xa7/0x2f0 [ 832.619922] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 832.624493] ? compat_start_thread+0x80/0x80 [ 832.628900] ? lock_acquire+0x1e4/0x540 [ 832.632877] ? fs_reclaim_acquire+0x20/0x20 [ 832.637198] ? lock_downgrade+0x8f0/0x8f0 [ 832.641358] ? finish_task_switch+0x1d3/0x870 [ 832.645854] ? check_same_owner+0x340/0x340 [ 832.650175] ? rcu_note_context_switch+0x730/0x730 [ 832.655287] __should_failslab+0x124/0x180 [ 832.659545] should_failslab+0x9/0x14 [ 832.663341] kmem_cache_alloc+0x2af/0x760 [ 832.667583] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 832.672602] __kernfs_new_node+0xef/0x5a0 [ 832.676758] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 832.681520] ? bd_set_size+0x2c4/0x370 [ 832.685432] ? lock_downgrade+0x8f0/0x8f0 [ 832.689580] ? lock_release+0xa30/0xa30 [ 832.693551] ? check_same_owner+0x340/0x340 [ 832.697883] ? lock_acquire+0x1e4/0x540 [ 832.701864] ? lock_downgrade+0x8f0/0x8f0 [ 832.706051] kernfs_new_node+0x80/0xf0 [ 832.709965] kernfs_create_dir_ns+0x3d/0x140 [ 832.714406] internal_create_group+0x3c9/0x9e0 [ 832.718999] ? do_raw_spin_lock+0xc1/0x200 [ 832.723248] sysfs_create_group+0x1f/0x30 [ 832.727410] lo_ioctl+0x12bf/0x1d00 [ 832.731054] ? lo_rw_aio_complete+0x450/0x450 [ 832.735658] blkdev_ioctl+0x9cd/0x2030 03:38:45 executing program 6: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000740)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000013e95), 0x4) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000140)={0x0, @in6={{0x2, 0x0, 0x0, @mcast1={0xff, 0x1, [], 0x1400}}}}, 0x98) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000140)=0xd) close(r0) 03:38:45 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020000486f786e6574302d232f70726f6300") 03:38:45 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000680)='mountstats\x00') bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'rfc4106(gcm(aes))\x00'}, 0x58) r2 = accept4$alg(r0, 0x0, 0x0, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000000c0)="4cd4d394cb3c9f695ae515eff31cc50a53b945a51964f0df30e63409", 0x1c) sendfile(r2, r1, &(0x7f000025d000)=0x10, 0x734) getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f0000000080)={0x7ff, 0x8, 0x3, 0x9, 0x0}, &(0x7f0000000100)=0x10) clock_gettime(0x0, &(0x7f0000000340)={0x0, 0x0}) utimes(&(0x7f0000000300)='./file0\x00', &(0x7f0000000380)={{}, {r4, r5/1000+30000}}) setsockopt$inet_sctp_SCTP_RECVNXTINFO(r1, 0x84, 0x21, &(0x7f0000000200)=0x2, 0x4) ioctl$sock_netdev_private(r1, 0x89f2, &(0x7f0000000240)="6d777491dd7a70959f4bce01abd253aa4e8d056dc1e4d124cb3121be0d772a6cc4220a20a3458ebb74aa4c018f0319d6fdbc9c3d3bb47b1079e9b9eb8398751371a8fe908a9a0fa0304cdcfbf6f70dbc89bd0470aca57168f350ec5d22e6d7918dcd3e152d123d25a29707666cf9a23575313cab5cb86718f1de6dadcdc5b31ddc0e3c5ddd5f22567a67d209f8776cbbc2a8d2202c8bf1c6b308b383a46789ac3fe8c8ecd57870b2d6e3d739e81eba0da00eff36f10816c81cc346fbe1b4c9ee") getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r1, 0x84, 0x1a, &(0x7f0000000140)={r3, 0x6a, "da52562b25eafaa4cec13615202c1511589e7a50a7ee33b3ba457ed43b84dd1db10ae0968ba18b6746ea42cbbbd9dcbd2bcf1610e88c3997e947c060022250090e2c4d101936b3a7bfc8ca837cd7307c02a27cd3621f667a1aae264d208137d2a8aeccee0994c379191d"}, &(0x7f00000001c0)=0x72) 03:38:45 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x3f00000000000000) [ 832.739607] ? lock_acquire+0x1e4/0x540 [ 832.743596] ? blkpg_ioctl+0xc40/0xc40 [ 832.747593] ? lock_release+0xa30/0xa30 [ 832.751586] ? save_stack+0xa9/0xd0 [ 832.755665] ? save_stack+0x43/0xd0 [ 832.759310] ? __fget+0x4d5/0x740 [ 832.762860] ? ksys_dup3+0x690/0x690 [ 832.766601] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 832.771391] ? kasan_check_write+0x14/0x20 [ 832.775638] ? do_raw_spin_lock+0xc1/0x200 [ 832.779890] block_ioctl+0xee/0x130 [ 832.783520] ? blkdev_fallocate+0x400/0x400 [ 832.787937] do_vfs_ioctl+0x1de/0x1720 [ 832.791835] ? ioctl_preallocate+0x300/0x300 [ 832.796589] ? __fget_light+0x2f7/0x440 [ 832.800558] ? fget_raw+0x20/0x20 [ 832.804012] ? trace_hardirqs_on+0xd/0x10 [ 832.808166] ? kmem_cache_free+0x22e/0x2d0 [ 832.812477] ? putname+0xf7/0x130 [ 832.815935] ? do_sys_open+0x3cb/0x720 [ 832.819828] ? security_file_ioctl+0x94/0xc0 [ 832.824230] ksys_ioctl+0xa9/0xd0 [ 832.827706] __x64_sys_ioctl+0x73/0xb0 [ 832.831601] do_syscall_64+0x1b9/0x820 [ 832.835536] ? finish_task_switch+0x1d3/0x870 [ 832.840228] ? syscall_return_slowpath+0x5e0/0x5e0 [ 832.845146] ? syscall_return_slowpath+0x31d/0x5e0 [ 832.850259] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 832.855265] ? prepare_exit_to_usermode+0x291/0x3b0 [ 832.860270] ? perf_trace_sys_enter+0xb10/0xb10 [ 832.865042] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 832.869882] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 832.875075] RIP: 0033:0x455c97 [ 832.878251] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7d bb fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 832.898757] RSP: 002b:00007f413f26ea88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 832.906640] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000455c97 [ 832.915028] RDX: 0000000000000014 RSI: 0000000000004c00 RDI: 0000000000000015 [ 832.922305] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 832.929566] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 [ 832.936920] R13: 0000000000000001 R14: 00000000004d3f40 R15: 0000000000000009 [ 832.947431] FAT-fs (loop7): Directory bread(block 2563) failed [ 832.954152] FAT-fs (loop7): Directory bread(block 2564) failed [ 832.962634] FAT-fs (loop7): Directory bread(block 2565) failed [ 832.969064] FAT-fs (loop7): Directory bread(block 2566) failed [ 832.975531] FAT-fs (loop7): Directory bread(block 2567) failed [ 832.982595] FAT-fs (loop7): Directory bread(block 2568) failed [ 832.990636] FAT-fs (loop7): Directory bread(block 2569) failed [ 832.997099] FAT-fs (loop7): Directory bread(block 2570) failed [ 833.004253] FAT-fs (loop7): Directory bread(block 2571) failed [ 833.010658] FAT-fs (loop7): Directory bread(block 2572) failed 03:38:46 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) mkdir(&(0x7f0000000280)='./file0\x00', 0xa) recvmmsg(r0, &(0x7f0000003f80)=[{{&(0x7f0000000080)=@can, 0x80, &(0x7f00000001c0)}}], 0x1, 0x0, &(0x7f0000004000)={0x77359400}) sendmsg$nl_route_sched(r0, &(0x7f0000005a00)={&(0x7f0000000180)={0x10}, 0xc, &(0x7f00000059c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="2400000026000102000000000000000000000000", @ANYBLOB="00000000bd"], 0x2}, 0x1}, 0x0) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000000)='\x00', 0xffffffffffffff9c}, 0x10) ioctl$SNDRV_SEQ_IOCTL_GET_NAMED_QUEUE(r1, 0xc08c5336, &(0x7f00000001c0)={0xff, 0x6, 0x1, 'queue1\x00', 0x10000}) openat$full(0xffffffffffffff9c, &(0x7f0000000140)='/dev/full\x00', 0x10000, 0x0) 03:38:46 executing program 2: r0 = inotify_init1(0x0) fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000040)={0x0, 0x0}) ptrace$setopts(0x4206, r1, 0x0, 0x0) rt_sigqueueinfo(r1, 0x12, &(0x7f0000000000)={0x0, 0x0, 0xfffffffff7fffff5}) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") ptrace(0x18, r1) getpid() 03:38:46 executing program 1: syz_mount_image$vfat(&(0x7f0000000140)='vfat\x00', &(0x7f0000000100)='./file0\x00', 0x100000000000e000, 0x1, &(0x7f0000000040)=[{&(0x7f0000010000)="eb64c86d6b66732e66617400020441000500077008f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) r0 = open(&(0x7f0000000080)='./file0/file0\x00', 0x3fffa, 0x0) statx(r0, &(0x7f0000000000)='./file0\x00', 0x2000, 0x100, &(0x7f0000000180)) 03:38:46 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mixer\x00', 0x628000, 0x0) setsockopt$kcm_KCM_RECV_DISABLE(r1, 0x119, 0x1, &(0x7f00000000c0)=0x5, 0x4) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'lo\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f00000002c0)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000280)={&(0x7f00000001c0)=@dellink={0x20, 0x11, 0x5, 0x0, 0x0, {0x0, 0x0, 0x0, r2}}, 0x20}, 0x1}, 0x0) 03:38:46 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x2000000) 03:38:46 executing program 7 (fault-call:0 fault-nth:10): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010a0200027400f801", 0x17}], 0x0, &(0x7f00000001c0)) 03:38:46 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020000036f786e6574302d232f70726f6300") [ 833.122016] FAULT_INJECTION: forcing a failure. [ 833.122016] name failslab, interval 1, probability 0, space 0, times 0 [ 833.133959] CPU: 1 PID: 13792 Comm: syz-executor7 Not tainted 4.18.0-rc3-next-20180709+ #2 [ 833.142734] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 833.152101] Call Trace: [ 833.154728] dump_stack+0x1c9/0x2b4 [ 833.158378] ? dump_stack_print_info.cold.2+0x52/0x52 [ 833.163592] should_fail.cold.4+0xa/0x11 [ 833.167672] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 833.172764] ? __update_load_avg_blocked_se.isra.34+0x460/0x460 [ 833.178812] ? update_load_avg+0x2de/0x2590 [ 833.183118] ? update_load_avg+0x2de/0x2590 [ 833.187433] ? pvclock_read_flags+0x160/0x160 [ 833.191947] ? lock_acquire+0x1e4/0x540 [ 833.195917] ? cpuacct_charge+0x2eb/0x5d0 [ 833.200052] ? lock_downgrade+0x8f0/0x8f0 [ 833.204363] ? lock_release+0xa30/0xa30 [ 833.208336] ? rb_erase+0x3550/0x3550 [ 833.212125] ? lock_acquire+0x1e4/0x540 [ 833.216173] ? update_curr+0x4c8/0xc00 [ 833.220048] ? lock_downgrade+0x8f0/0x8f0 [ 833.224382] ? lock_release+0xa30/0xa30 [ 833.228362] __should_failslab+0x124/0x180 [ 833.233210] should_failslab+0x9/0x14 [ 833.237172] kmem_cache_alloc+0x47/0x760 [ 833.241232] ? lock_acquire+0x1e4/0x540 [ 833.245302] ? is_bpf_text_address+0xae/0x170 [ 833.249785] ? lock_downgrade+0x8f0/0x8f0 [ 833.253925] radix_tree_node_alloc.constprop.19+0x1e6/0x310 [ 833.259635] idr_get_free+0x887/0x10d0 [ 833.263516] ? radix_tree_iter_tag_clear+0xd0/0xd0 [ 833.268438] ? __kernel_text_address+0xd/0x40 [ 833.272932] ? unwind_get_return_address+0x61/0xa0 [ 833.277850] ? __save_stack_trace+0x8d/0xf0 [ 833.282167] ? save_stack+0xa9/0xd0 [ 833.285792] ? save_stack+0x43/0xd0 [ 833.289450] ? kasan_kmalloc+0xc4/0xe0 [ 833.293426] ? kasan_slab_alloc+0x12/0x20 [ 833.297572] ? kmem_cache_alloc+0x12e/0x760 [ 833.301888] ? __kernfs_new_node+0xef/0x5a0 [ 833.306192] ? kernfs_new_node+0x80/0xf0 [ 833.310237] ? kernfs_create_dir_ns+0x3d/0x140 [ 833.314805] ? internal_create_group+0x3c9/0x9e0 [ 833.319547] ? sysfs_create_group+0x1f/0x30 [ 833.323864] ? lo_ioctl+0x12bf/0x1d00 [ 833.327653] ? block_ioctl+0xee/0x130 [ 833.331453] ? do_vfs_ioctl+0x1de/0x1720 [ 833.335503] ? ksys_ioctl+0xa9/0xd0 [ 833.339124] ? __x64_sys_ioctl+0x73/0xb0 [ 833.343185] ? do_syscall_64+0x1b9/0x820 [ 833.347253] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 833.352633] ? rcu_note_context_switch+0x571/0x730 [ 833.357548] ? rcu_sched_qs+0x150/0x150 [ 833.361510] idr_alloc_u32+0x1d4/0x3a0 [ 833.365587] ? __fprop_inc_percpu_max+0x2d0/0x2d0 [ 833.370417] ? lock_acquire+0x1e4/0x540 [ 833.374376] ? __kernfs_new_node+0x116/0x5a0 [ 833.378772] idr_alloc_cyclic+0x173/0x360 [ 833.382905] ? idr_alloc+0x1b0/0x1b0 [ 833.386607] ? kasan_check_write+0x14/0x20 [ 833.390833] ? do_raw_spin_lock+0xc1/0x200 [ 833.395069] __kernfs_new_node+0x1ab/0x5a0 [ 833.399306] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 833.404057] ? bd_set_size+0x2c4/0x370 [ 833.407946] ? lock_downgrade+0x8f0/0x8f0 [ 833.412086] ? enqueue_entity+0x2130/0x2130 [ 833.416394] ? lock_release+0xa30/0xa30 [ 833.420356] ? check_same_owner+0x340/0x340 [ 833.424675] ? blk_queue_write_cache+0x1bc/0x467 [ 833.429428] ? lock_downgrade+0x8f0/0x8f0 [ 833.433586] kernfs_new_node+0x80/0xf0 [ 833.437459] kernfs_create_dir_ns+0x3d/0x140 [ 833.441856] internal_create_group+0x3c9/0x9e0 [ 833.446439] ? do_raw_spin_lock+0xc1/0x200 [ 833.450753] sysfs_create_group+0x1f/0x30 [ 833.454906] lo_ioctl+0x12bf/0x1d00 [ 833.458531] ? lo_rw_aio_complete+0x450/0x450 [ 833.463015] blkdev_ioctl+0x9cd/0x2030 [ 833.466893] ? lock_acquire+0x1e4/0x540 [ 833.470851] ? blkpg_ioctl+0xc40/0xc40 [ 833.474731] ? lock_release+0xa30/0xa30 [ 833.478707] ? save_stack+0xa9/0xd0 [ 833.482333] ? save_stack+0x43/0xd0 [ 833.485960] ? __fget+0x4d5/0x740 [ 833.489420] ? ksys_dup3+0x690/0x690 [ 833.493129] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 833.497699] ? kasan_check_write+0x14/0x20 [ 833.501929] ? do_raw_spin_lock+0xc1/0x200 [ 833.506164] block_ioctl+0xee/0x130 [ 833.509865] ? blkdev_fallocate+0x400/0x400 [ 833.514348] do_vfs_ioctl+0x1de/0x1720 [ 833.518236] ? ioctl_preallocate+0x300/0x300 [ 833.522640] ? __fget_light+0x2f7/0x440 [ 833.526777] ? fget_raw+0x20/0x20 [ 833.530218] ? trace_hardirqs_on+0xd/0x10 [ 833.534354] ? kmem_cache_free+0x22e/0x2d0 [ 833.538575] ? putname+0xf7/0x130 [ 833.542204] ? do_sys_open+0x3cb/0x720 [ 833.546168] ? security_file_ioctl+0x94/0xc0 [ 833.550660] ksys_ioctl+0xa9/0xd0 [ 833.554103] __x64_sys_ioctl+0x73/0xb0 [ 833.557980] do_syscall_64+0x1b9/0x820 [ 833.561864] ? finish_task_switch+0x1d3/0x870 [ 833.566358] ? syscall_return_slowpath+0x5e0/0x5e0 [ 833.571274] ? syscall_return_slowpath+0x31d/0x5e0 [ 833.576190] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 833.581191] ? prepare_exit_to_usermode+0x291/0x3b0 [ 833.586204] ? perf_trace_sys_enter+0xb10/0xb10 [ 833.590864] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 833.595705] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 833.601066] RIP: 0033:0x455c97 [ 833.604239] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7d bb fb ff c3 66 2e 0f 1f 84 00 00 00 00 03:38:46 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f00000002c0)={@multicast2=0xe0000002, @loopback=0x7f000001}, 0xc) setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000040)={@multicast2=0xe0000002, @loopback=0x7f000001, 0x1, 0x1, [@remote={0xac, 0x14, 0x14, 0xbb}]}, 0x14) setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f00000001c0)=ANY=[], 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) getsockopt$inet_tcp_buf(r0, 0x6, 0xd, &(0x7f0000000080)=""/101, &(0x7f0000000000)=0x65) r2 = openat$cgroup(0xffffffffffffff9c, &(0x7f0000000100)='syz1\x00', 0x200002, 0x0) openat$cgroup(r2, &(0x7f0000000140)='syz1\x00', 0x200002, 0x0) setsockopt$inet_mreqsrc(r1, 0x0, 0x27, &(0x7f00003fdff5)={@multicast2=0xe0000002, @loopback=0x7f000001, @rand_addr}, 0xc) 03:38:46 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000140)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c50400aeb995298992ea5400c2", 0x10) r2 = accept$alg(r1, 0x0, 0x0) write$binfmt_elf32(r2, &(0x7f0000000240)=ANY=[], 0x0) r3 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000340)='/dev/sequencer2\x00', 0x400108000, 0x0) accept4$unix(r3, &(0x7f0000000200), &(0x7f00000002c0)=0x6e, 0x80000) openat$null(0xffffffffffffff9c, &(0x7f0000000080)='/dev/null\x00', 0x1, 0x0) r4 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x80900, 0x0) pipe2(&(0x7f00000001c0), 0x80000) ioctl$BLKDISCARD(r4, 0x1277, &(0x7f0000000040)=0x6) recvmmsg(r2, &(0x7f0000003340)=[{{&(0x7f00000000c0)=@sco, 0x48, &(0x7f0000000100), 0x0, &(0x7f0000000540)=""/94, 0x5e}}, {{&(0x7f00000003c0)=@pptp={0x0, 0x0, {0x0, @dev}}, 0x20, &(0x7f0000003200)=[{&(0x7f0000003100)=""/226, 0xffffff4a}], 0x1, &(0x7f0000000440)=""/239, 0xef}}], 0x2, 0x0, 0x0) 03:38:46 executing program 2: mkdir(&(0x7f0000001c40)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000140)={0xffffff33, 0x4d}, 0x7) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000840)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) mount$9p_tcp(&(0x7f0000000000)='224.20.20.', &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='9p\x00', 0x1fffff, &(0x7f0000000340)={'trans=\x00', {}, 0x2c, {[], 0x3d}}) open(&(0x7f0000000240)='./file0/file0\x00', 0x8882, 0x0) [ 833.623620] RSP: 002b:00007f413f26ea88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 833.631334] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000455c97 [ 833.638620] RDX: 0000000000000014 RSI: 0000000000004c00 RDI: 0000000000000015 [ 833.645978] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 833.653232] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 [ 833.660488] R13: 0000000000000001 R14: 00000000004d3f40 R15: 000000000000000a 03:38:46 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x400300) [ 833.712385] FAT-fs (loop7): Directory bread(block 2563) failed [ 833.731662] FAT-fs (loop7): Directory bread(block 2564) failed 03:38:46 executing program 6: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000740)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000013e95), 0x4) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000140)={0x0, @in6={{0x2, 0x0, 0x0, @mcast1={0xff, 0x1, [], 0x1}, 0x1800000000000000}}}, 0x98) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000140)=0xd) close(r0) 03:38:46 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="0200007a6f786e6574302d232f70726f6300") 03:38:46 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c) ioctl$KVM_S390_VCPU_FAULT(r0, 0x4008ae52, &(0x7f0000000300)=0x10000) r1 = dup3(r0, 0xffffffffffffffff, 0x80000) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000280)={0x0, 0x100000000}, &(0x7f00000002c0)=0x8) getsockopt$inet_sctp6_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000040)={r2, 0x8, 0xc3a2, 0x409ed}, &(0x7f00000000c0)=0x172) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000100)={r3, @in6={{0xa, 0x4e23, 0x1f, @remote={0xfe, 0x80, [], 0xbb}, 0x8}}, 0xe, 0xc5, 0x101, 0x1000000, 0x4}, &(0x7f00000001c0)=0x98) ioctl$SNDRV_TIMER_IOCTL_TREAD(r1, 0x40045402, &(0x7f0000000200)=0x1) sendto$inet6(r0, &(0x7f0000000240)="04", 0x1, 0x40, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev={0xfe, 0x80}, 0x6}, 0x1c) [ 833.760982] FAT-fs (loop7): Directory bread(block 2565) failed 03:38:46 executing program 1: bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x6, 0x3, &(0x7f0000001fd8)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x0, 0x25}, [], {0x95}}, &(0x7f0000003ff6)='GPL\x00', 0x1, 0xc3, &(0x7f000000cf3d)=""/195}, 0x48) r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cuse\x00', 0x20001, 0x0) ioctl$EVIOCGEFFECTS(r0, 0x80044584, &(0x7f0000000040)=""/226) 03:38:46 executing program 2: r0 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r0, &(0x7f0000000000)={0x18, 0x0, {0x1, @link_local={0x1, 0x80, 0xc2}, 'vcan0\x00'}}, 0x71c05df107de7a3d) socketpair$inet6_sctp(0xa, 0x5, 0x84, &(0x7f0000000040)={0xffffffffffffffff}) sendmmsg(r0, &(0x7f0000003100)=[{{&(0x7f0000000780)=@can={0x1d}, 0x80, &(0x7f00000008c0), 0x100000000000001c, &(0x7f0000000900), 0x0, 0x80}}, {{&(0x7f0000000c40)=@can={0x1d}, 0x80, &(0x7f0000001e00), 0x68, &(0x7f0000001e40)}}], 0x2, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_INFO(r1, 0xc08c5334, &(0x7f0000000080)={0x5, 0x6ba, 0x5, 'queue1\x00', 0xffff}) [ 833.789817] FAT-fs (loop7): Directory bread(block 2566) failed [ 833.813925] FAT-fs (loop7): Directory bread(block 2567) failed [ 833.840038] FAT-fs (loop7): Directory bread(block 2568) failed [ 833.849298] FAT-fs (loop7): Directory bread(block 2569) failed [ 833.867722] FAT-fs (loop7): Directory bread(block 2570) failed [ 833.884132] FAT-fs (loop7): Directory bread(block 2571) failed [ 833.893505] FAT-fs (loop7): Directory bread(block 2572) failed 03:38:47 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) recvmmsg(r0, &(0x7f0000003f80)=[{{&(0x7f0000000080)=@can, 0x80, &(0x7f00000001c0)}}], 0x1, 0x0, &(0x7f0000004000)={0x77359400}) 03:38:47 executing program 5: r0 = socket$inet(0x10, 0x3, 0x0) sendmsg(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="230000002e0007031dfffd946fa2830020200a000900000006000000000000000400ff", 0x23}], 0x1}, 0x0) r1 = syz_open_dev$admmidi(&(0x7f0000000040)='/dev/admmidi#\x00', 0x0, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffff9c, 0x29, 0x22, &(0x7f0000001140)={{{@in6=@mcast1, @in6=@ipv4={[], [], @broadcast}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@rand_addr}, 0x0, @in=@multicast2}}, &(0x7f00000000c0)=0xe8) bind$can_raw(r1, &(0x7f0000001240)={0x1d, r2}, 0x10) 03:38:47 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x3f00) 03:38:47 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="02007a006f786e6574302d232f70726f6300") 03:38:47 executing program 1: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_FILTER(r0, 0x0, 0x2, &(0x7f0000000080), 0x10) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000280)='/dev/rfkill\x00', 0x2000, 0x0) ioctl$KVM_SET_LAPIC(r1, 0x4400ae8f, &(0x7f00000002c0)={"c9beb91478895031833bc370a33c97f15d603db5d1987115e17eaa1ec74359a71b81e526b5ac178eeccfac157b38aa06c66b557bb77f5eff46d7b3a8ec042d4bda3200887dab30dd2589abe65ea0e3b1abcd8a264bb81d8a39b0d57a243666690fe1bb73df37b2d9f090861469859975668aebf45093e968f22821d14b63fc10a3bf0cd6f2ae6fa1447cdb55d2659a5571a1d65442b647d15423604bd243a29829857e68c9cdb21a446367aaa30863c02901444f1febcd5082b6ee4760f29a957199cef8003e921e59067388832bb4e6c59b4d3783aced483aa2fe8d48cb0a6a1290246cac86adae6d861843d4d5f95125937148c09034b4f88b53b79a6ee4d8983ed0df341a1fadd275a029a7b4f85b9b4bc70751e847e4e2555b56b2348d2aa6ec4789f8874b7d94169d59446d67230e42d70ad151132d6368f9d4709fd18b892124e34d0a2550475ac4fa3c42a3ee9e4525749305be1d4acf24c83881711141e9e45968b696d75f2e000d06145d2760e878945acb140e0c18cd0020172b6ef7ebf052c426ddbca9c0ee10b2b79cd198035fa92fa04d1d44665ea2cb26a0ae6a03d6da6247cb231590b56686334a0f7c917f5ce533b7361e48f5bfd454d7458d2f8f5462147045afaf5479ac691d7b3d311708d538e3fa63cb6b3420e8484defa83ee2f8d48f3abb5c995227c4bee8bffff878cd4bb75b60ddbdebfe7dbc4bdfebf4a09f6182bfbbd88f0cdd0d87f56bba57cf7a50ca903ce2608b92bf93aadc7392a8de85e2dfd1bb0003318c77e239ba446b505c29aeb968f6e19db4200b7cf1dabf8e49087dc198d2a13ea6383a7eb11189c3fec6fc0135df9a7a35d56dad57599efee43741580d40c705d073ce727e9eb6f1d9cb77560a4dc85060bb79a9450f2d40725a00deb92d4839ca1df2da4d66a7d2232623935c68da14df037703988cdd545f7e73a6f04cbd43aed84b7bf42a229280d104d3ea0ad99ded9d5af037055e94970ca7c7a55d5f456dca3ecf7824e0e84b7d636ed181a0dca879c13b4a080ab745d928763e213d99ba3eb9efc6fc809840a5e35d1ba76c96ca5ce76e3e68c2467f66fbbfc78761f4613de64d243b138c6db20476aa20f0ff78a2f98f3ab2580d0c6e2396b06ae3b646a558462aab1655cccd1d81d04849ce3bf78a735d27f1f2fe0a9734d1accbb69705469eee3a9a50c2fd0008154f6c10227ed0784f9046a3e2ac9872a15f874e729070b9745faa8645c81a97b464f3fb93fb1abbba07973d3d57608df3639235b883cabb8050e17f54a0be69d78d9de80b56a714fe30b4b2f7736e7d5857a41db8cea2bd290d20e2127dc943cab9853eb4c01935604e92d828583133d4f711eefb14fd4368cc5f2aa8a619bf94a67d7671dcc229c0cbe907c50826235ce13457797911c59af337aa05621e8ed5e1ec633969a8"}) r2 = dup3(r0, r0, 0x80000) execveat(r2, &(0x7f0000000000)='./file0\x00', &(0x7f0000000140)=[&(0x7f0000000040)='em1em1-procvmnet0%\x00', &(0x7f00000000c0)='h\x00', &(0x7f0000000100)='\x00'], &(0x7f0000000240)=[&(0x7f0000000180)='-em0wlan1vmnet0[selinuxvmnet1^\'\\eth1\'\x00', &(0x7f00000001c0)='eth0\x00', &(0x7f0000000200)="2a0e6b657972696e6700"], 0x1000) r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82) ioctl$LOOP_CTL_ADD(r2, 0x4c80, r3) 03:38:47 executing program 2: r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/mixer\x00', 0x200, 0x0) ioctl$TUNSETNOCSUM(r0, 0x400454c8, 0x0) r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x29a, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) io_setup(0x8, &(0x7f0000000000)=0x0) io_submit(r2, 0x1, &(0x7f00000014c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000080)}]) 03:38:47 executing program 7 (fault-call:0 fault-nth:11): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010a0200027400f801", 0x17}], 0x0, &(0x7f00000001c0)) 03:38:47 executing program 6: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000740)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000013e95), 0x4) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000140)={0x0, @in6={{0x2, 0x0, 0x0, @mcast1={0xff, 0x1, [], 0x1}, 0x300}}}, 0x98) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000140)=0xd) close(r0) 03:38:47 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_GET_ONE_REG(r3, 0x4010aeab, &(0x7f0000000000)={0x6, 0xffffffffffffff81}) ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f0000000140)) ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f00000003c0)={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, 0x8005001f, 0x0, 0x0, 0x28, 0x0, 0x6500}) 03:38:47 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c) r2 = socket$inet_dccp(0x2, 0x6, 0x0) listen(r1, 0x6) tee(r1, r1, 0xfffffffffffffffd, 0x1) sendto$inet(r2, &(0x7f0000000080), 0x0, 0x0, 0x0, 0x0) connect$inet(r2, &(0x7f0000e5c000)={0x2, 0x4e20, @loopback=0x7f000001}, 0x10) r3 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x101000, 0x0) ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000080)={[{0x0, 0x5, 0x2, 0x1, 0x4, 0x80000000, 0xfffffffffffffffe, 0x97, 0x7e5, 0x80000001, 0x0, 0x1, 0x1}, {0x6, 0x7, 0x6, 0x5, 0x8001, 0x0, 0x20, 0x1f, 0x83fa, 0x4, 0x800, 0x577, 0xfffffffffffffff8}, {0xffffffff, 0x6, 0x3, 0x5, 0x1000, 0x2, 0xbfc5, 0x9, 0x1, 0x1000, 0x7, 0x80000000}], 0x2}) [ 834.775302] FAULT_INJECTION: forcing a failure. [ 834.775302] name failslab, interval 1, probability 0, space 0, times 0 [ 834.787015] CPU: 1 PID: 13869 Comm: syz-executor7 Not tainted 4.18.0-rc3-next-20180709+ #2 [ 834.795441] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 834.804805] Call Trace: [ 834.807543] dump_stack+0x1c9/0x2b4 [ 834.811206] ? dump_stack_print_info.cold.2+0x52/0x52 [ 834.816429] should_fail.cold.4+0xa/0x11 [ 834.820521] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 834.825743] ? kasan_check_write+0x14/0x20 [ 834.831181] ? __mutex_lock+0x6c4/0x1680 [ 834.835280] ? kernfs_activate+0x8e/0x2c0 [ 834.839486] ? mutex_trylock+0x2b0/0x2b0 [ 834.843576] ? kasan_check_write+0x14/0x20 [ 834.847839] ? __mutex_lock+0x6c4/0x1680 [ 834.851951] ? kernfs_add_one+0x4f/0x4d0 [ 834.856189] ? lock_acquire+0x1e4/0x540 [ 834.860272] ? fs_reclaim_acquire+0x20/0x20 [ 834.864609] ? lock_downgrade+0x8f0/0x8f0 [ 834.868780] ? check_same_owner+0x340/0x340 [ 834.873188] ? kernfs_add_one+0x2d4/0x4d0 [ 834.877339] ? rcu_note_context_switch+0x730/0x730 [ 834.882271] __should_failslab+0x124/0x180 [ 834.886512] should_failslab+0x9/0x14 [ 834.890488] kmem_cache_alloc+0x2af/0x760 [ 834.894640] ? wait_for_completion+0x8d0/0x8d0 [ 834.899226] ? kasan_check_read+0x11/0x20 [ 834.903389] ? do_raw_spin_unlock+0xa7/0x2f0 [ 834.907789] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 834.912883] __kernfs_new_node+0xef/0x5a0 [ 834.917032] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 834.921805] ? kasan_check_write+0x14/0x20 [ 834.926030] ? __kernfs_new_node+0x426/0x5a0 [ 834.930436] ? mutex_unlock+0xd/0x10 [ 834.934138] ? kernfs_activate+0x21a/0x2c0 [ 834.938451] kernfs_new_node+0x80/0xf0 [ 834.942326] __kernfs_create_file+0x4d/0x330 [ 834.947423] sysfs_add_file_mode_ns+0x21a/0x560 [ 834.952098] internal_create_group+0x26d/0x9e0 [ 834.956670] ? do_raw_spin_lock+0xc1/0x200 [ 834.960895] sysfs_create_group+0x1f/0x30 [ 834.965041] lo_ioctl+0x12bf/0x1d00 [ 834.968656] ? lo_rw_aio_complete+0x450/0x450 [ 834.973139] blkdev_ioctl+0x9cd/0x2030 [ 834.977014] ? lock_acquire+0x1e4/0x540 [ 834.980975] ? blkpg_ioctl+0xc40/0xc40 [ 834.984858] ? lock_release+0xa30/0xa30 [ 834.988825] ? save_stack+0xa9/0xd0 [ 834.992444] ? save_stack+0x43/0xd0 [ 834.996059] ? __fget+0x4d5/0x740 [ 834.999642] ? ksys_dup3+0x690/0x690 [ 835.003425] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 835.008011] ? kasan_check_write+0x14/0x20 [ 835.012244] ? do_raw_spin_lock+0xc1/0x200 [ 835.016479] block_ioctl+0xee/0x130 [ 835.020224] ? blkdev_fallocate+0x400/0x400 [ 835.024546] do_vfs_ioctl+0x1de/0x1720 [ 835.028443] ? ioctl_preallocate+0x300/0x300 [ 835.032842] ? __fget_light+0x2f7/0x440 [ 835.036908] ? fget_raw+0x20/0x20 [ 835.040352] ? trace_hardirqs_on+0xd/0x10 [ 835.044486] ? kmem_cache_free+0x22e/0x2d0 [ 835.048720] ? putname+0xf7/0x130 [ 835.052175] ? do_sys_open+0x3cb/0x720 [ 835.056063] ? security_file_ioctl+0x94/0xc0 [ 835.060568] ksys_ioctl+0xa9/0xd0 [ 835.064017] __x64_sys_ioctl+0x73/0xb0 [ 835.067897] do_syscall_64+0x1b9/0x820 [ 835.072221] ? finish_task_switch+0x1d3/0x870 [ 835.076705] ? syscall_return_slowpath+0x5e0/0x5e0 [ 835.081620] ? syscall_return_slowpath+0x31d/0x5e0 [ 835.086636] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 835.091649] ? prepare_exit_to_usermode+0x291/0x3b0 [ 835.096651] ? perf_trace_sys_enter+0xb10/0xb10 [ 835.101319] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 835.106150] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 835.111331] RIP: 0033:0x455c97 [ 835.114529] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7d bb fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 835.134358] RSP: 002b:00007f413f26ea88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 835.142068] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000455c97 [ 835.149682] RDX: 0000000000000014 RSI: 0000000000004c00 RDI: 0000000000000015 [ 835.157024] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 835.164466] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 [ 835.171734] R13: 0000000000000001 R14: 00000000004d3f40 R15: 000000000000000b 03:38:48 executing program 2: r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer\x00', 0x1, 0x0) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$sndseq(r0, &(0x7f00000000c0)=[{0x4, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x0, &(0x7f0000000080)}}], 0x1c) r2 = syz_open_dev$sndseq(&(0x7f0000000180)='/dev/snd/seq\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(r0, 0x84, 0x70, &(0x7f00000002c0)={0x0, @in={{0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}}, [0x2, 0x4, 0x6, 0x5f0, 0x2, 0x1, 0x1, 0x6, 0x81, 0x8, 0x8, 0x0, 0x2, 0xff, 0x8001]}, &(0x7f0000000000)=0x100) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f00000001c0)={r3, @in={{0x2, 0x4e23, @rand_addr=0x2}}, 0x7, 0x800, 0xadd, 0xffffffffffffffff, 0x44}, 0x98) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(r2, 0xc05c5340, &(0x7f0000dc5f98)) 03:38:48 executing program 5: rt_sigtimedwait(&(0x7f0000000040)={0x13c0}, 0x0, &(0x7f0000000080)={0x0, 0x1c9c380}, 0x8) r0 = syz_open_dev$mouse(&(0x7f0000000180)='/dev/input/mouse#\x00', 0x5, 0x10000) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000200)='IPVS\x00') sendmsg$IPVS_CMD_NEW_SERVICE(r0, &(0x7f0000000400)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000240)={&(0x7f00000002c0)={0xe4, r1, 0x200, 0x70bd25, 0x25dfdbff, {0x1}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x16}, @IPVS_CMD_ATTR_SERVICE={0x60, 0x1, [@IPVS_SVC_ATTR_AF={0x8, 0x1, 0x2}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_AF={0x8, 0x1, 0x2}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x2}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@dev={0xfe, 0x80, [], 0x1f}}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x7c}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x4}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_AF={0x8, 0x1, 0x2}, @IPVS_SVC_ATTR_AF={0x8, 0x1, 0xa}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x6}, @IPVS_CMD_ATTR_DEST={0x2c, 0x2, [@IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x36a}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x200}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x2}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x9}, @IPVS_CMD_ATTR_DAEMON={0x4, 0x3}, @IPVS_CMD_ATTR_SERVICE={0xc, 0x1, [@IPVS_SVC_ATTR_PROTOCOL={0x8, 0x2, 0x3a}]}, @IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x3f}]}]}, 0xe4}, 0x1, 0x0, 0x0, 0x10}, 0x10) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) r3 = add_key$keyring(&(0x7f0000001500)='keyring\x00', &(0x7f0000001540)={0x73, 0x79, 0x7a, 0x1}, 0x0, 0x0, 0xfffffffffffffffa) keyctl$clear(0x7, r3) mount(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000280)='proc\x00', 0x0, &(0x7f00000001c0)) r4 = open$dir(&(0x7f00000003c0)='./file0\x00', 0x0, 0x0) fcntl$setstatus(r0, 0x4, 0x6000) getdents64(r4, &(0x7f0000000440)=""/186, 0x760) getdents64(r4, &(0x7f0000000100)=""/81, 0x51) getdents(r4, &(0x7f0000000500)=""/4096, 0x1000) 03:38:48 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x84dcdc353d) 03:38:48 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020004006f786e6574302d232f70726f6300") [ 835.227592] FAT-fs (loop7): Directory bread(block 2563) failed 03:38:48 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000002c0)=[{&(0x7f0000000500)="eb3c906d5266732e6661a227fdb362b4ca23cd591cf3e074000204010002000270f7f8e58bccff949401840ca4eae40688791b23700d8c24b68a6bd5f43ca9596a74f2bdaa4873e2e432928ed9fcd282b9d997222d7a9718e98ad01e0a971d6de44b1c3e2f69249ad597b89580737634d5ff2558f466eb10c984d501465ec3ffbb963fde2a87d162573b78cc432046d4582688f3b278f474a45df2d2daf2267bf916c70b041a54d6d78492be55b2833298d4173f6ca4a0ae3b809c4871a974bd4252960cd284a985d2eddddf479464b60f90679d0c2de89c838c37f6145af07daa517748962978090fdb92249b3b85e59de6e832e0996837a47eec201b3d3bc9107e4c2ee5a47c2aa014ccca800a764339bd60e9a4602134356a0075d2de2e2a33b1f9cd6a197d10103f7e460bb8835a1705a5e590c763a42187ba3a6a7493f5f22e1b", 0x143}], 0x80001c, &(0x7f0000000200)=ANY=[]) r1 = creat(&(0x7f0000000240)='./file0/file0\x00', 0x0) syz_open_dev$midi(&(0x7f0000000040)='/dev/midi#\x00', 0x80000001, 0x2000) prctl$setname(0xf, &(0x7f0000000080)='/dev/midi#\x00') ftruncate(r1, 0xe00) 03:38:48 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020068006f786e6574302d232f70726f6300") [ 835.274672] FAT-fs (loop7): Directory bread(block 2564) failed [ 835.302732] proc: unrecognized mount option "" or missing value [ 835.308563] FAT-fs (loop7): Directory bread(block 2565) failed [ 835.333209] FAT-fs (loop7): Directory bread(block 2566) failed [ 835.341268] FAT-fs (loop7): Directory bread(block 2567) failed [ 835.348100] FAT-fs (loop7): Directory bread(block 2568) failed [ 835.354183] FAT-fs (loop7): Directory bread(block 2569) failed [ 835.360358] FAT-fs (loop7): Directory bread(block 2570) failed [ 835.366689] FAT-fs (loop7): Directory bread(block 2571) failed [ 835.373080] FAT-fs (loop7): Directory bread(block 2572) failed [ 835.373699] proc: unrecognized mount option "" or missing value 03:38:49 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x60000, 0x0) ioctl$PERF_EVENT_IOC_REFRESH(r1, 0x2402, 0xe8) r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000380)='/dev/rfkill\x00', 0x200000, 0x0) setsockopt$ALG_SET_AEAD_AUTHSIZE(r2, 0x117, 0x5, 0x0, 0xfffffffffffffff7) recvmmsg(r0, &(0x7f0000003f80)=[{{&(0x7f0000000080)=@can, 0x80, &(0x7f00000001c0)}}], 0x1, 0x0, &(0x7f0000004000)={0x77359400}) sendmsg$nl_route_sched(r0, &(0x7f0000005a00)={&(0x7f0000000180)={0x10}, 0xc, &(0x7f00000059c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="2400000026000102000000000000000000000000", @ANYBLOB="00000000bd"], 0x2}, 0x1}, 0x0) 03:38:49 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcs\x00', 0x80, 0x0) setsockopt$bt_BT_FLUSHABLE(r1, 0x112, 0x8, &(0x7f0000000080)=0x100, 0x4) setsockopt$bt_BT_FLUSHABLE(r1, 0x112, 0x8, &(0x7f00000000c0)=0x1, 0x4) sendmsg$nl_route(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)=ANY=[@ANYBLOB="380000002000010800000000000000000200000000000000000000001100010008000100ac1414bb08000f000000000008000b0005004d750000"], 0x38}, 0x1}, 0x0) close(r1) 03:38:49 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x40030000000000) 03:38:49 executing program 1: r0 = dup(0xffffffffffffffff) ioctl$TCXONC(r0, 0x540a, 0x5) r1 = socket$rds(0x15, 0x5, 0x0) bind$rds(r1, &(0x7f0000000000)={0x2, 0x0, @rand_addr=0x8, [0x0, 0x700]}, 0x10) recvmmsg(r1, &(0x7f0000005b80)=[{{&(0x7f0000000080)=@alg, 0x80, &(0x7f0000000440)=[{&(0x7f0000000100)=""/22, 0x16}, {&(0x7f0000000140)=""/229, 0xe5}, {&(0x7f0000000240)=""/68, 0x44}, {&(0x7f00000002c0)=""/99, 0x63}, {&(0x7f0000000340)=""/240, 0xf0}], 0x5, &(0x7f00000004c0)=""/77, 0x4d, 0xb3de}}, {{0x0, 0x0, &(0x7f0000000b80)=[{&(0x7f0000000540)=""/84, 0x54}, {&(0x7f00000005c0)=""/195, 0xc3}, {&(0x7f00000006c0)=""/46, 0x2e}, {&(0x7f0000000700)=""/159, 0x9f}, {&(0x7f00000007c0)=""/210, 0xd2}, {&(0x7f00000008c0)=""/245, 0xf5}, {&(0x7f00000009c0)=""/48, 0x30}, {&(0x7f0000000a00)=""/146, 0x92}, {&(0x7f0000000ac0)=""/22, 0x16}, {&(0x7f0000000b00)=""/114, 0x72}], 0xa, &(0x7f0000000c40)=""/92, 0x5c, 0x2}, 0x9}, {{0x0, 0x0, &(0x7f0000001380)=[{&(0x7f0000000cc0)}, {&(0x7f0000000d00)=""/156, 0x9c}, {&(0x7f0000000dc0)=""/244, 0xf4}, {&(0x7f0000000ec0)=""/49, 0x31}, {&(0x7f0000000f00)=""/175, 0xaf}, {&(0x7f0000000fc0)=""/252, 0xfc}, {&(0x7f00000010c0)=""/166, 0xa6}, {&(0x7f0000001180)=""/113, 0x71}, {&(0x7f0000001200)=""/90, 0x5a}, {&(0x7f0000001280)=""/242, 0xf2}], 0xa, &(0x7f0000001440)=""/200, 0xc8, 0x20}, 0x3434341c}, {{&(0x7f0000001540)=@nfc, 0x80, &(0x7f0000001640)=[{&(0x7f00000015c0)=""/27, 0x1b}, {&(0x7f0000001600)=""/58, 0x3a}], 0x2, &(0x7f0000001680)=""/221, 0xdd, 0x1}, 0xfffffffffffffffa}, {{&(0x7f0000001780)=@pppoe, 0x80, &(0x7f0000002c80)=[{&(0x7f0000001800)=""/34, 0x22}, {&(0x7f0000001840)=""/38, 0x26}, {&(0x7f0000001880)=""/203, 0xcb}, {&(0x7f0000001980)=""/4096, 0x1000}, {&(0x7f0000002980)=""/106, 0x6a}, {&(0x7f0000002a00)=""/121, 0x79}, {&(0x7f0000002a80)=""/228, 0xe4}, {&(0x7f0000002b80)=""/201, 0xc9}], 0x8, &(0x7f0000002d00)=""/91, 0x5b, 0x5}, 0x8}, {{&(0x7f0000002d80)=@pppoe={0x0, 0x0, {0x0, @random}}, 0x80, &(0x7f0000002ec0)=[{&(0x7f0000002e00)=""/73, 0x49}, {&(0x7f0000002e80)=""/59, 0x3b}], 0x2, &(0x7f0000002f00)=""/79, 0x4f, 0x6}, 0x8}, {{&(0x7f0000002f80)=@llc={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @local}, 0x80, &(0x7f00000035c0)=[{&(0x7f0000003000)=""/184, 0xb8}, {&(0x7f00000030c0)=""/11, 0xb}, {&(0x7f0000003100)=""/178, 0xb2}, {&(0x7f00000031c0)=""/111, 0x6f}, {&(0x7f0000003240)=""/129, 0x81}, {&(0x7f0000003300)=""/205, 0xcd}, {&(0x7f0000003400)=""/250, 0xfa}, {&(0x7f0000003500)=""/139, 0x8b}], 0x8, &(0x7f0000003640)=""/198, 0xc6, 0x6}, 0x401}, {{&(0x7f0000003740)=@un=@abs, 0x80, &(0x7f0000005b00)=[{&(0x7f00000037c0)=""/112, 0x70}, {&(0x7f0000003840)=""/4096, 0x1000}, {&(0x7f0000004840)=""/128, 0x80}, {&(0x7f00000048c0)=""/231, 0xe7}, {&(0x7f00000049c0)=""/4096, 0x1000}, {&(0x7f00000059c0)=""/86, 0x56}, {&(0x7f0000005a40)=""/133, 0x85}], 0x7, 0x0, 0x0, 0x9}, 0x1}], 0x8, 0x40000000, &(0x7f0000005d80)={0x77359400}) setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f0000000040), 0x4) accept$inet(r0, 0x0, &(0x7f0000000cc0)) 03:38:49 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020000686f786e6574302d232f70726f6300") 03:38:49 executing program 7 (fault-call:0 fault-nth:12): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010a0200027400f801", 0x17}], 0x0, &(0x7f00000001c0)) 03:38:49 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_emit_ethernet(0x3e, &(0x7f00000000c0)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [{[], {0x8100, 0x7fffffff, 0x8, 0x402}}], {@ipv4={0x800, {{0x6, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, @dev={0xac, 0x14, 0x14}, @remote={0xac, 0x14, 0x223, 0xbb}, {[@rr={0xffffff94, 0x3}]}}, @icmp=@timestamp_reply={0xe}}}}}, &(0x7f0000000140)) r1 = dup(r0) bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000080)={r1, 0x6, 0x1, 0x8854, &(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6}, 0x20) ioctl$ASHMEM_SET_NAME(r1, 0x41007701, &(0x7f0000000040)='\\%\x00') 03:38:49 executing program 6: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000740)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000013e95), 0x4) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000140)={0x0, @in6={{0x2, 0x0, 0x0, @mcast1={0xff, 0x1, [], 0x1}, 0x3}}}, 0x98) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000140)=0xd) close(r0) 03:38:49 executing program 5: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) sendmsg$inet_sctp(r0, &(0x7f0000000480)={&(0x7f0000000080)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10, &(0x7f0000000140)=[{&(0x7f0000000200)="c2", 0x1}], 0x1, &(0x7f00000003c0)=[@prinfo={0x18, 0x84, 0x5, {0x0, 0x3}}], 0x18, 0x90}, 0x800) [ 836.036299] RDS: rds_bind could not find a transport for 0.0.0.8, load rds_tcp or rds_rdma? [ 836.041625] FAULT_INJECTION: forcing a failure. [ 836.041625] name failslab, interval 1, probability 0, space 0, times 0 [ 836.056362] CPU: 1 PID: 13947 Comm: syz-executor7 Not tainted 4.18.0-rc3-next-20180709+ #2 [ 836.056377] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 836.065318] QAT: Invalid ioctl [ 836.074157] Call Trace: [ 836.074185] dump_stack+0x1c9/0x2b4 [ 836.074203] ? dump_stack_print_info.cold.2+0x52/0x52 [ 836.074221] ? rcu_note_context_switch+0x730/0x730 [ 836.074243] should_fail.cold.4+0xa/0x11 [ 836.074258] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 836.074269] ? kernfs_activate+0x8e/0x2c0 [ 836.074285] ? ___ratelimit.cold.2+0x6b/0x6b [ 836.074298] ? mutex_trylock+0x2b0/0x2b0 [ 836.074313] ? kasan_check_write+0x14/0x20 [ 836.074326] ? __radix_tree_replace+0x188/0x2f0 [ 836.074342] ? kernfs_add_one+0x4f/0x4d0 [ 836.128654] ? kernfs_activate+0x21a/0x2c0 03:38:49 executing program 5: r0 = syz_open_dev$mice(&(0x7f00000000c0)='/dev/input/mice\x00', 0x0, 0x10840) pipe(&(0x7f00000002c0)) sendmsg$key(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)={0x2, 0xe, 0x3, 0x0, 0x24, 0x0, 0x70bd2a, 0x25dfdbfd, [@sadb_x_kmaddress={0x8, 0x19, 0x0, @in6={0xa, 0x4e21, 0x80000000, @dev={0xfe, 0x80, [], 0xc}, 0x9c63}, @in6={0xa, 0x4e20, 0x0, @remote={0xfe, 0x80, [], 0xbb}, 0x6}}, @sadb_spirange={0x2, 0x10, 0x4d2, 0x4d6}, @sadb_key={0x10, 0x9, 0x3a0, 0x0, "fdb38fff2cdc7fdefc1f4de929c7a526e987fa73448988ca0709b6b9e644cf11890fde2581001a3518576e2f16473845e8fbe692ce3f0744d19ccb6ae1c1228906331ad0af991fb71f7a95f8a45dc200b8d29cae67d4c3e10b666131c9a7f058ca343b94bd5b10e2b8dfc209b3d79017314d9373"}, @sadb_x_nat_t_port={0x1, 0x17, 0x4e21}, @sadb_x_sa2={0x2, 0x13, 0xfff, 0x0, 0x0, 0x70bd28, 0x34ff}, @sadb_x_filter={0x5, 0x1a, @in=@local={0xac, 0x14, 0x14, 0xaa}, @in6=@mcast2={0xff, 0x2, [], 0x1}, 0x3, 0x6c8f419eb426aacf, 0x14}]}, 0x120}, 0x1}, 0x40) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts-cast6-avx\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="0a0775b005e381e5b3b60ced5c54dbfe0200bee3e781190e433b9b60b7295df0df", 0x21) r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000440)='/dev/rfkill\x00', 0x90280, 0x0) setsockopt$inet_mreqsrc(r2, 0x0, 0x28, &(0x7f0000000480)={@broadcast=0xffffffff, @multicast2=0xe0000002, @remote={0xac, 0x14, 0x14, 0xbb}}, 0xc) 03:38:49 executing program 2: r0 = creat(&(0x7f000002bff8)='./file0\x00', 0x0) r1 = syz_open_dev$loop(&(0x7f0000000400)='/dev/loop#\x00', 0x0, 0x82) r2 = memfd_create(&(0x7f00000002c0)='\x00', 0x0) ioctl$SG_GET_RESERVED_SIZE(r0, 0x2272, &(0x7f0000000080)) ioctl$IOC_PR_PREEMPT(r0, 0x401870cb, &(0x7f00000000c0)={0x8, 0x3ff, 0x5, 0xd24}) pwritev(r2, &(0x7f0000000340)=[{&(0x7f0000000040)='\'', 0x1}], 0x1, 0x81806) ioctl$sock_inet_SIOCSIFBRDADDR(r0, 0x891a, &(0x7f0000000100)={'veth0_to_team\x00', {0x2, 0x4e24, @rand_addr}}) ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r2) sendfile(r1, r1, &(0x7f0000000000), 0x2000005) ioctl$LOOP_CLR_FD(r0, 0x4c01) ioctl$LOOP_SET_FD(r1, 0x4c00, r2) [ 836.128670] ? lock_downgrade+0x8f0/0x8f0 [ 836.128687] ? lock_acquire+0x1e4/0x540 [ 836.128700] ? fs_reclaim_acquire+0x20/0x20 [ 836.128713] ? lock_downgrade+0x8f0/0x8f0 [ 836.128738] ? check_same_owner+0x340/0x340 [ 836.128754] ? kasan_check_write+0x14/0x20 [ 836.128770] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 836.128784] ? rcu_note_context_switch+0x730/0x730 [ 836.128798] __should_failslab+0x124/0x180 [ 836.128815] should_failslab+0x9/0x14 [ 836.128827] kmem_cache_alloc+0x2af/0x760 [ 836.128841] ? __mutex_unlock_slowpath+0x197/0x8c0 03:38:49 executing program 5: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0xa, 0x0, &(0x7f0000008000)=ANY=[], &(0x7f0000014ff5)='syzkaller\x00', 0x2, 0x1000, &(0x7f0000001400)=""/4096}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f000001b000)={r0, 0x0, 0x3a, 0x9d, &(0x7f0000000180)="e460019234060dc106621abc86dd6a00000000072feb3056603190b148f3e965ddf59ed18dc2f7561150825538008000000000d500002a01880b", &(0x7f00000000c0)=""/157}, 0x28) 03:38:49 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00009f3fa8)={0x26, 'skcipher\x00', 0x0, 0x0, 'pcbc(aes)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00003c1000)="0a0775b0d5e383e5b3b60ced5c54dbb7", 0x10) socket$kcm(0x29, 0x2, 0x0) r1 = accept$alg(r0, 0x0, 0x0) getegid() sendmmsg(r1, &(0x7f00000031c0)=[{{&(0x7f0000000140)=@can={0x1d}, 0x80, &(0x7f0000000780)=[{&(0x7f00000006c0)="1436430d48d97d3a32f6d8a3b38a641d2645315dde43a6bd599b18781b751695b1a8e759c119cf225c14fa707eba93bedb51b627eabdca612b078440427bed079dcfcc5fb24e11f19e50a4f3e3e2db8a3e9a1cebc4811c20f1e9425968cfa6a30aa224e202ee3bbea69d6a2611bad64f", 0x70}], 0x1, &(0x7f0000003640)=ANY=[]}}], 0x1, 0x0) readv(r1, &(0x7f00000005c0)=[{&(0x7f0000000440)=""/107, 0x6b}, {&(0x7f00000017c0)=""/4096, 0x1000}], 0x2) r2 = add_key$keyring(&(0x7f0000000080)='keyring\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a, 0x3}, 0x0, 0x0, 0x0) add_key$user(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={0x73, 0x79, 0x7a, 0x1}, &(0x7f00000007c0)="650b3950864eb81dbc8f9737c880d89958914c51586ac52b8c6ef6ba2d7bf857856c4cd000fa07a74b67685fe618b1dc05da03cb999e6b316a3921b29efb132b568a03119ff67afbada353158d62e86900255e6b8d77af1b3f4e7843104dba3426285a3740236aade45c49593ff91b44a50069c8aa86084ba670666e063c07999d3bc0c7a453ebd9ba8193422b115dc2fe90ff1465aa82c0bf3b7ae53ab31cb669e56998b4fb80823031427f052da6349357a258e77a5ee7d5e78897bab477577290e2720ef53e0106e61cf71e1bd1c3dbcba2b055bd732640f46d578dc5a7fcc9cc8eaaa2947bdcbd46052325a6958a1ac0dec9cbb911ad7c31c74c18d4f4df39bb9c75df5847189f1a94d584791edc39e5be54511a78c679bfa595a7f538427c89f7619961d5e50731809711a88a104a8e804b2e1f3e56a17656dba1fc829587bbb5bdef763a44e42038bbc60afd92aea1784f6d3559939b48a5326c8a8e67c59c8dfb7cc2802466454a5e8dcbd2353366ef42e3c7e06eed1bd5fa9c821f8863c293a9abb30ba86153f8159db40d31f4e549b93c0ef6d5257ac2bc8f9854fd89eec0a12535cd6748ca01e72daa75fb22375f3e529b2a5454c26ad13a08791ea224583390e66ecd9a2a884e26f19e83857f063a7ba4dd04d24445346bf9ae23380c864436f1f6d9a6d4da7f231e83f572fee3a568c8c08fd18fd779579c445115c31e20595f28bdb0b2f530309c7efa7230c8aa3ffcbdf24e8c7909e596bc68eb065293ad1cac20ec604946895fc59325b9d6bf64c376e219d88ce10c4389c335f62182eee4e852283344dc5d90ce91dc80a78fa5fc0a3c39ff192b3882b6639ee8f1ff9e26531623337f6db24524e6f811eee66642ee0c925c0078da852357a27f37f03deb6e2cd6557bbc134d5e2462668d2c4817e475e183059611b1df63bcf8f7e9b0b60aa3787990501f77015522e8594e18d5500cb6c10d1135e8df9b247c6f9f62bc480eb09e1caacb564d1f1e0cec02ba9832143e01988f8a2e8a3cbf4546aa8d667e978566877145c9bcacb43821ebeeb9b1b51521b9153240d5ecdadc9798a0e84af0c1140fdda6fdd0d7a8b71c059ab847fda43949afe5a8f3f08b54a3d6a07efec4d86a849824b65998348eb7a8512042ed155ab7d60c305c8e60b4637854df9f34281ffcb187a2cea48313bfec3c00916584f0805db1526f074d78f687e8ed14a957cdd59da4565eef495c3c431917ecccd5c9c82763ea88a06ff07388473c27f63d13f3122064966de623cb650f7c4210a22c311db895e3e6e017237da2835bc996193ecca10e448e053547651e0a4aa6ec1dabfddbaddfc7f1b0e3d61198f9b65200209add071e120213bf5367422b362a8699b82cebdfb0e1b1b698b5c54093673717364398607f2109ff83b9843ca4114822170999c6469a74d94720bc21fa801608e7bfa83bf724391ae933cb3d9fb22be549e6201c72fb01eaaceb0985e2272d8770a1832c796f928e1e7b7d82d0081e9eef92d2da91a5bad2ee9947fae9c1f0d9daf58f25cf8d435acc41146f71c40098534dcbf4e367a233184c64bd41177a20b0fa2f4ce23815233684a6e06236d0d6ba3361bf49f69cf0e95fc637d92d1e0f5186297eae5946b0d84bbe1e41cec9f40056a927cb6307a5ba49f8cf6b43e7098ead8727bf6687a7c979acbf95c8b045764e5772e276f734e58b71206dd96c8b5d42ff93d7d9e0964a18ffa58c135378fa20005fc0913903fd3fd66e018ba642ac068b1042166fdefeb09a3b22166dce28e723fb1c7719f2b03ac427b41da198418e0beee92ef4c3f11c71c8d7bb8e283dcf9e44607494d97ca57cd9ee3dcfd6b1a033403b7ee804a5441e1ec4e3c0bc119f2cbfebbfb63d1c85fa1408369090e3b94e7e8ec9c6a6c1a74bfd0f0a7b050c1aca7c00ab24dcfab48c053185d3de3f511da39c9a84a7ced19461627a612a0559ee20d836dbecc3b4826ab9ccba69fb718df9f3d8ad44410aa2b34d33e4f51b82e3b8de63bdbe04b7ebf34760cb7b7ca2244eabdf23f4e1bada5d535cc344bae01d8e74385c0e90b78d5617629e4deacdad47bb3eb33a4dfc773ef637a293ee48cb9f03c84c68de8640f6e39f0765995eb66e45e35d9f137a82e6112ebdc3fb42e971f05a3aec81810b64d23c553a6f372cb20151bf7e11bb856a14d1c99f74ee6dd2e09912cbd48a15281ad8db290545edb1467333e740bfd1b20474d687029c7fe322ed3581ba6a85b186fbfaf600a9ffabe1f4bf3af6a0c19e265158a79a7d7f941903a30dc77ec9457e251262c4b456c1a039c60d0fc6f22bb85c6b1dc45f6d909f9e853093d85676898f02d2cb898567906ac5fa6740365273d76aaafbcd4b1f9eaeab9cde89048b753d0dbfeaaba7b24522bd890019275db747f81ec9479707b64d133c4045781c75ce7c743eea2dffc7895b92923697f08de83958814b8df73e582f9c9a1434516b1546f31a18c67af9497824b49ca481c5ac9408bc438682d14c8817e80b49ed2af8384b718269a9d7770104662d41a02c8282cc89c7aa0e29f885a40983dbf344805c27e2738245abc1305ce3d42fa13c6d51d64906a4ae427f763126162ed23eaab6838e8dadc1fa91cb333154a6a8c8f4c923de24a51b23fae76f75bac776bcc8ea9a36a56c69c30ec7952a3946a1010c4d503263f8b636341342b38b9fe06987321dbdf7a0a80f87a22a75b1f61b59494c1471f748702647a7e17f62553f8904684e644a4cdae965546c4329871396f04219dab527a75e6afeb83e8c1e58e38a253770e7eb33a23af5e10dd4a7da97d6f882cd2c0b0536a3761f4614a150bc485134ca0f4581cfec9d70a63cc88184500a6276fdd0a4ddb6077ddc9f8fece2902810aae0913161f5406ad2c3699d49ee3cf22c8e11dee1348692bbf3845803cbd06c99360e654ddc32d3a181c1d22ae6134b6fad13850ef8290ee224ca124143d3ea340074e991a01f8aaba8fd3f00fb6eb2c578ff9d1b347e4cb53cb878e51d2e395a0ad6a76de279f82bfa25db4885675e89a4784d02d5d99b1f40616179dd35539620143f2a6a1c5302843da4543f0f35b93ddbc29544095c95fb637c1754404dbd71a22a65e5819e8141007b90e1ab02cce4df65de8c731cea0c6f0538a95307ce3077c8e124770d7e30b8d6b54fa8e997de778ad2276b89ba644b306a99a9c30b53949b70fb9dde607d67152827f34c02162ee42f7a887bf9aac83ebe910ff50e1db015c79b40079603fd4733dbaff15842e7477f743181b04adfde6bc6627bdd5a8ed8673dc719c853e312403d2451b7262d4dbe7c78cce8d5d22de771da2e6336270cce861ddeab87a68fbfd64b8f2dbb8246361ab70795f59627373847df342f21d7151d38e47af6dde5fb67e9b7000418ff9ff287827b06ed6a5ca5ad49d20be9240e3331bd6f4fe29dcfcab37f5a3ace57bfa19b426a30577b4e0bc39dc366ffd55461783ab13ba32b70e1771e71638cc6254c55f65949b7bd447a7ce1a7384da273a5219d5531ad711186fa866ac7e7adfdf4662b991e11215de76c65e1378687127552e03ab07fa47ab6ad1bba54c3bae217dc1d40b5bdf019907657964ef1174984e7cca580bd5f2f01abe9aa36c50e7fc5547f94b45ce0d159131fd84475898274563e56572476b5634830a8e860c47bde5d0e2e6aa3a05a9272ee60fda7fd395bec1f09b056577df2d3502c34db05c3d604fa7d3b738820e8e7f670beede43b778589cbff92e015742b736e450d030b9baff4d8ff4fe0b0cbd383ee0f6a65dcd2c528043dd8175070f01cf7e590f81d384113e13a6123e1a3b5e880cf2460f7de2b47eb68705777bdbd8815c2041a0ad2ad2e776ab488499f1ad229480bf9a99e4580f17e25ff43abd8058520864f774d4140ddb793274e47d990a77e061217194869b0d7c365616d1d25a3bcfa1ccc1bd1e7db9e2d96f8ba036b8c5d7e29a064b65e5e41314dd2c493423b75b4cfa3bda0d2d91586f6088208791a21fea732f7d3d3b04c8b112f7a42aafd50ce48b1edfe11a2a1888f105f2754833c83d0c019bcbd8b957fccc84ede74048fe1d777c2d6e6cad2ee15e98de7e26edc4aa2a104de9afe7a82a663cfd9403858066c596df935d4abdefea678ef09cdfd1e7541d2b57847bc11901ed41d8baa1c5c28e2559eadfdd76ac0882b9e54531ff25e7f3a16ed9a87c921fa2c33e2a302155a7baee6c13c818fa890be9df1b73799193843b727255450aff033571bd64248aaec3021c087dee981a4f0f4aa106f459483a80ab190bf5562f201c733ca75d5c5b3b25cb39907531271240be08ca2924e7d455583237fc99e7770d975cf1923a375f55b0fa716fe75c74fa63b7b88182775c55bf6038686987c0209724002cefc9c99236cf2c16de9f99bdf24e284d7e0bd03ce38c122460345bd7ae1a847f666e89d36fc724886985d3ea575c3f6a62b5b5e8e7c6788311e179476921834ebca67f583724f5a5b54ff77eeb184aee288e1b0ab508df9229362efa998f12dc19a539ee0e3e2eb5c6c2290c37e8852199684ce75a85e542ee8b25c7cca892e24b635833594280e10e909e123a3a190e751d10038b1c0cf62a51cbc310b37c53ba4b5e8378f267435007ac3b7452a41a8247cb25825fd60f639f1950deb90a06862cdc5bcecebf2e33606a7e94702eed6cca3defa471b0a5fcacf2eac21a290bd9d212b73ccedd708133d924202bdda13cd42ba764c8ecc164221a0542c5b01d88f75b60639ad97aed4df5592b0f14714e515e502d343b527ce5616c183e1dca0a3fc8feba9d6efb93fbd4928063f267097cb9efb953da496595cf080e1eb77c54ae8fc316791ed7e39a11f0d91b317db1dc13ac934bfda6b8bce4221eb0152f69375dfc14ef2158832f389432dd475fe82b30f5b6c7962b824ba0105c80d6a2990585ab53f7a4d6a17759a3eeaa7d3d0c6ba131d330faab474b9e3215bfba8fc40becb350c5c9ece081d0cc5ff09563a7c776a617f4b380553d5984f6162876a8a7a1b6056fc68207e6590ea600b83ffe79de3b25674b513dd63398a8d491849517b8aa036c9abb2ef886c2064583caaf5e0d85298213d87f84695ad19450584fffd637bfd2b774eba32164b649ca0965b377f6796f803f9a0d6a6895d26c60cc89872989cdb96c798f261f74e25742b1ee951130e29a08e31b096bef72063cae68c26ada2ab3b1a5ea8022bfc6a039f3b0f43f335ee1886fa3caa924e93821378b7e5a7bbf52cc36526ae67046fd933b497431883713818cdef6d6beb74cbdce61fea0bceb500fa16636077c9beb49585efe6d71cc7ac6b81abec2c571f929d38bc3e866c8e6affb4eba794a50add30def06a1bc2057f3230f8c7a4b72dcbf08e1a574e446ba8a428e49916d8b47b1eee59efc4beaa2b51d3dbe15b738e2f39356ad278db65849f1dbe86dc2c1d316a1b51b43b60062c50ceabba78582993e05fde1867790d563e01bcfedbd85bed2a01b15689795e21b140503f02dc0504036321f36b5388dc390048c0ed8c4bfc93b0a693bab4a63a6197c79f8299dee2114c495c1e00e531b3cbc4f2997bd233300da103733b6fc17d3cfffc2e87fd429314f2157ca0cc9cec6550ce5a8395a868295db9b8eb711cfb197be83148e1107d304482edef722a78d6161874aa12e562a7841a7f49734b595706e341634084fe7d82214e680a46e50ca1b97de06efab05f7385734646faf5cdf70d9396f80171a6be", 0x1000, r2) [ 836.128853] ? kasan_check_write+0x14/0x20 [ 836.128869] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 836.128885] __kernfs_new_node+0xef/0x5a0 [ 836.128900] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 836.128915] ? mutex_unlock+0xd/0x10 [ 836.128927] ? kernfs_activate+0x21a/0x2c0 [ 836.128940] ? kernfs_walk_and_get_ns+0x340/0x340 [ 836.128954] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 836.128964] ? kernfs_link_sibling+0x1d2/0x3b0 [ 836.128979] kernfs_new_node+0x80/0xf0 [ 836.128998] __kernfs_create_file+0x4d/0x330 [ 836.236155] sysfs_add_file_mode_ns+0x21a/0x560 [ 836.240934] internal_create_group+0x26d/0x9e0 [ 836.245541] ? do_raw_spin_lock+0xc1/0x200 [ 836.249804] sysfs_create_group+0x1f/0x30 [ 836.253971] lo_ioctl+0x12bf/0x1d00 [ 836.257621] ? lo_rw_aio_complete+0x450/0x450 [ 836.262127] blkdev_ioctl+0x9cd/0x2030 [ 836.266025] ? lock_acquire+0x1e4/0x540 [ 836.270009] ? blkpg_ioctl+0xc40/0xc40 [ 836.273909] ? lock_release+0xa30/0xa30 [ 836.277897] ? save_stack+0xa9/0xd0 [ 836.281530] ? save_stack+0x43/0xd0 03:38:49 executing program 2: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x5, &(0x7f0000000080)="295ee1311f16f477671070") mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r2, 0x0, 0x2000000000000004, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr}, 0xc) setsockopt$IP_VS_SO_SET_TIMEOUT(r2, 0x0, 0x2c, &(0x7f0000000000), 0xc) close(r2) r3 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040)='/dev/uinput\x00', 0x24041, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffff9c, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000100)={0xffffffff}, 0x2, 0xf}}, 0x20) write$RDMA_USER_CM_CMD_MIGRATE_ID(r3, &(0x7f0000000180)={0x12, 0x10, 0xfa00, {&(0x7f00000000c0), r4, r0}}, 0x18) dup3(r0, r1, 0x0) [ 836.285161] ? __fget+0x4d5/0x740 [ 836.288723] ? ksys_dup3+0x690/0x690 [ 836.292469] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 836.297068] ? kasan_check_write+0x14/0x20 [ 836.301368] ? do_raw_spin_lock+0xc1/0x200 [ 836.305618] block_ioctl+0xee/0x130 [ 836.309265] ? blkdev_fallocate+0x400/0x400 [ 836.313611] do_vfs_ioctl+0x1de/0x1720 [ 836.317548] ? ioctl_preallocate+0x300/0x300 [ 836.321964] ? __fget_light+0x2f7/0x440 [ 836.325946] ? fget_raw+0x20/0x20 [ 836.329509] ? trace_hardirqs_on+0xd/0x10 [ 836.340096] ? kmem_cache_free+0x22e/0x2d0 [ 836.344424] ? putname+0xf7/0x130 [ 836.347881] ? do_sys_open+0x3cb/0x720 [ 836.351940] ? security_file_ioctl+0x94/0xc0 [ 836.356360] ksys_ioctl+0xa9/0xd0 [ 836.359808] __x64_sys_ioctl+0x73/0xb0 [ 836.363687] do_syscall_64+0x1b9/0x820 [ 836.367578] ? finish_task_switch+0x1d3/0x870 [ 836.372063] ? syscall_return_slowpath+0x5e0/0x5e0 [ 836.376991] ? syscall_return_slowpath+0x31d/0x5e0 [ 836.381926] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 836.386945] ? prepare_exit_to_usermode+0x291/0x3b0 [ 836.391968] ? perf_trace_sys_enter+0xb10/0xb10 [ 836.396633] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 836.401480] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 836.406667] RIP: 0033:0x455c97 [ 836.409934] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7d bb fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 836.429165] RSP: 002b:00007f413f26ea88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 03:38:49 executing program 5: socket$inet6(0xa, 0x1000000000002, 0x0) r0 = syz_open_dev$mice(&(0x7f0000000200)='/dev/input/mice\x00', 0x0, 0x8000) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000240)={0xd01b, 0x7, 0x9000}, 0x4) r1 = socket$inet_udp(0x2, 0x2, 0x0) getsockopt$inet_opts(r1, 0x0, 0x9, &(0x7f0000000100)=""/60, &(0x7f0000000180)=0x3c) connect$inet(r1, &(0x7f0000000000)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) socket(0xa, 0x1, 0x0) setsockopt$inet_MCAST_JOIN_GROUP(r1, 0x0, 0x2a, &(0x7f0000000040)={0x3b6, {{0x2, 0x4e22, @multicast2=0xe0000002}}}, 0xfffffffffffffd22) setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x34, &(0x7f0000000140), 0x4) ioctl$sock_SIOCBRADDBR(r1, 0x89a0, &(0x7f00000001c0)='syzkaller1\x00') [ 836.436895] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000455c97 [ 836.444170] RDX: 0000000000000014 RSI: 0000000000004c00 RDI: 0000000000000015 [ 836.451436] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 836.458722] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 [ 836.465996] R13: 0000000000000001 R14: 00000000004d3f40 R15: 000000000000000c [ 836.477323] FAT-fs (loop7): Directory bread(block 2563) failed 03:38:49 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer2\x00', 0x0, 0x0) r2 = syz_open_pts(r1, 0x80400) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380)='/dev/ptmx\x00', 0x0, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6) ioctl$TIOCGPGRP(r3, 0x80045440, &(0x7f0000000280)) r4 = syz_open_dev$adsp(&(0x7f0000000000)='/dev/adsp#\x00', 0x6, 0x200) getsockname$netlink(r2, &(0x7f00000000c0), &(0x7f0000000140)=0xc) setsockopt$XDP_UMEM_REG(r4, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000040), 0x1000000, 0x1000, 0x7f}, 0x18) setsockopt$RDS_CONG_MONITOR(r4, 0x114, 0x6, &(0x7f0000000100), 0x4) [ 836.484880] FAT-fs (loop7): Directory bread(block 2564) failed [ 836.496312] FAT-fs (loop7): Directory bread(block 2565) failed [ 836.502482] FAT-fs (loop7): Directory bread(block 2566) failed [ 836.508735] FAT-fs (loop7): Directory bread(block 2567) failed [ 836.514906] FAT-fs (loop7): Directory bread(block 2568) failed [ 836.521113] FAT-fs (loop7): Directory bread(block 2569) failed [ 836.529069] FAT-fs (loop7): Directory bread(block 2570) failed [ 836.536193] FAT-fs (loop7): Directory bread(block 2571) failed [ 836.554768] FAT-fs (loop7): Directory bread(block 2572) failed [ 836.955086] RDS: rds_bind could not find a transport for 0.0.0.8, load rds_tcp or rds_rdma? [ 836.966373] QAT: Invalid ioctl 03:38:50 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) recvmmsg(r0, &(0x7f0000003f80)=[{{&(0x7f0000000080)=@can, 0x80, &(0x7f00000001c0)}}], 0x1, 0x0, &(0x7f0000004000)={0x77359400}) sendmsg$nl_route_sched(r0, &(0x7f0000005a00)={&(0x7f0000000180)={0x10}, 0xc, &(0x7f00000059c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="2400000100000102000000000000000000000000", @ANYBLOB="00000000bd"], 0x2}, 0x1}, 0x0) 03:38:50 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0xfbffffff) 03:38:50 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="0200003f6f786e6574302d232f70726f6300") 03:38:50 executing program 1: r0 = syz_open_dev$sndctrl(&(0x7f00000000c0)='/dev/snd/controlC#\x00', 0x40000000000000, 0x40040) perf_event_open(&(0x7f0000001000)={0x0, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8ce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000005000), 0x2}, 0x1000000000c}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f0000000040)=0x100000006) read(r0, &(0x7f0000000180)=""/143, 0x79) getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(0xffffffffffffff9c, 0x84, 0x73, &(0x7f000000d000), &(0x7f0000001000)=0xfea6) ioctl$SNDRV_CTL_IOCTL_PVERSION(r0, 0xc1105517, &(0x7f0000001000)) 03:38:50 executing program 7 (fault-call:0 fault-nth:13): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010a0200027400f801", 0x17}], 0x0, &(0x7f00000001c0)) 03:38:50 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4188aea7, &(0x7f0000000180)={"c00cd19c26a73310e02d9c4097b800ad801f709bc843d8ee8fec7aba88129afb5b0a4fae1a83e98c5921769e7f09eff795b56364483a36edded34a3811eb1180069fa2743af0985b77fe6a427cd33dfad9eb709d712e5c1cbfac5759319705f0bd8fa9b03bde324ea79dbb0bb7f0c64100fba5f0562a4dcab0cf46f94bec96435e7550825219b08bf5f04ccbcde7b6a92227a84adbf7219719bf8e48eca65b029a8d0b8e09641ea4834c9f2b7ff13f0a987b38190def43e71fcc329575bdc35d09c18ab922b75f7858dd9f4e95b189601940c4e8c068e1e64b85f8e8de4dff536fb54b73ff9d284a46192d8b3f5c2bed49b26a2b1ebeba90d1a0aea73a40204f52f31c1c154bf32a040c6dc55513cb4c711b7ccf8517cb82c230ff0bf6206d7191da63931fca617e482ee54fdc6c9e0cc342dcdd570bf058cb20fb544bc8df0b3f9582549504bd0bba93a6fa7f934102d84dc7f421097c9b1fe058dc08d98b063652e2dc08a551d2a8439b1ade94b7aa96aa659171b1fa48dcb15ef76b9c4c93457092af1280dee66454ac73b477e2ffb6aa671fa50c9cf4870fd1a8b4cb952071c0ac520454dfee704912f1bdb15d1c65f7d5d1a10385fa4f62e7b42f1c1e177d8fdd0380890e4cd37d3ba0e4b17061025e194621785598b328f0e89be20508254878d222a95e9877eaac7088a7e3344ddfcee5aca0590c90c1c8a92417d94bd34f3cf1780a12d27389f79b38a693ea5cd6c49dc81ceaadf6d45aebdef804cdb90eb6827ea4279db9111c484cc783ca396ebcb697c903170d0256e8d62d6d044a61d0fc450f3a28b13eea41b0626ea314def36a9f2db0a7729656223a5261020ea9eaee9c541a5cc8bc20f09508860c25a6edaa20e094e1bf22fe232d799012b5e55880145a3e5469524fde005a94e249a9d4dae9496ebdbaae8dbd5ec6f7e99f581fa2103d6713f2f2514e7cf2c56f0ce25e1e8161709f9bc7a34489c3a21bab0fa710afd3512c980a6e9fa5f65e1e12237f342ece53be1b1976878c7af4cfd752e16b5fd1044b88fff3bed0528c2730ce9253c94340775805339817e3a97ec2596dd749ca45dd592fed479a632171c60b684ae1bbf1329fa51e6c59fc039dabe790e7542795438a9622ef9c67581d0d7df676ea5f8b7222b2f9fa964b1af28085e2bb54c0134a303b8d9645021ab6b6b58ceebaffa00cc860e62481d0b2c09630fb09b69358b4b4df5cab36069ed31d8a796f0568d6dd8dc8c71710037917e6883a0c75815fdd0fa471da90cc85545591c2b08b05b3097464a79aa6e066d377ccfd6adfa755285060a80c51a0c8d036664d40ab8cd887f34bcf592707f8fcc1efbf66c4d23319e236e282d9416d38c511a019c2aa1b2edef602d93cf289a48fa5d292b50db4b712c78c2bfe6f7aab793e728678fcc58b5a5aa8a8896572fd"}) r3 = memfd_create(&(0x7f0000000000)='/dev/kvm\x00', 0x2) bind$bt_rfcomm(r3, &(0x7f0000000040)={0x1f, {0x5, 0xfffffffffffff000, 0x2, 0xffffffffffff8000, 0x3, 0x17}, 0x101}, 0xa) 03:38:50 executing program 6: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000740)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000013e95), 0x4) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000140)={0x0, @in6={{0x2, 0x0, 0x0, @mcast1={0xff, 0x1, [], 0x1}, 0x1f4}}}, 0x98) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000140)=0xd) close(r0) [ 837.142922] FAULT_INJECTION: forcing a failure. [ 837.142922] name failslab, interval 1, probability 0, space 0, times 0 [ 837.154320] CPU: 1 PID: 14014 Comm: syz-executor7 Not tainted 4.18.0-rc3-next-20180709+ #2 [ 837.162734] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 837.172074] Call Trace: [ 837.174659] dump_stack+0x1c9/0x2b4 [ 837.178303] ? dump_stack_print_info.cold.2+0x52/0x52 [ 837.183493] ? rcu_note_context_switch+0x730/0x730 [ 837.188422] should_fail.cold.4+0xa/0x11 [ 837.192559] ? kasan_check_write+0x14/0x20 [ 837.196795] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 837.201998] ? kernfs_activate+0x8e/0x2c0 [ 837.206140] ? ___ratelimit.cold.2+0x6b/0x6b [ 837.210548] ? mutex_trylock+0x2b0/0x2b0 [ 837.214597] ? kasan_check_write+0x14/0x20 [ 837.218817] ? __radix_tree_replace+0x188/0x2f0 [ 837.223469] ? kernfs_add_one+0x4f/0x4d0 [ 837.227529] ? kernfs_activate+0x21a/0x2c0 [ 837.231753] ? lock_downgrade+0x8f0/0x8f0 [ 837.235900] ? lock_acquire+0x1e4/0x540 [ 837.239859] ? fs_reclaim_acquire+0x20/0x20 [ 837.244165] ? lock_downgrade+0x8f0/0x8f0 [ 837.248301] ? check_same_owner+0x340/0x340 [ 837.252608] ? kasan_check_write+0x14/0x20 [ 837.256922] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 837.261849] ? rcu_note_context_switch+0x730/0x730 [ 837.266767] __should_failslab+0x124/0x180 [ 837.270991] should_failslab+0x9/0x14 [ 837.274778] kmem_cache_alloc+0x2af/0x760 [ 837.278916] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 837.283833] ? kasan_check_write+0x14/0x20 [ 837.288057] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 837.293067] __kernfs_new_node+0xef/0x5a0 [ 837.297204] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 837.301947] ? mutex_unlock+0xd/0x10 [ 837.305649] ? kernfs_activate+0x21a/0x2c0 [ 837.309871] ? kernfs_walk_and_get_ns+0x340/0x340 [ 837.314708] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 837.320230] ? kernfs_link_sibling+0x1d2/0x3b0 [ 837.324812] kernfs_new_node+0x80/0xf0 [ 837.328711] __kernfs_create_file+0x4d/0x330 [ 837.333278] sysfs_add_file_mode_ns+0x21a/0x560 [ 837.338198] internal_create_group+0x26d/0x9e0 [ 837.342770] ? do_raw_spin_lock+0xc1/0x200 [ 837.347007] sysfs_create_group+0x1f/0x30 [ 837.351144] lo_ioctl+0x12bf/0x1d00 [ 837.354756] ? lo_rw_aio_complete+0x450/0x450 [ 837.359249] blkdev_ioctl+0x9cd/0x2030 [ 837.363132] ? lock_acquire+0x1e4/0x540 [ 837.367176] ? blkpg_ioctl+0xc40/0xc40 [ 837.371092] ? lock_release+0xa30/0xa30 [ 837.375066] ? save_stack+0xa9/0xd0 [ 837.378677] ? save_stack+0x43/0xd0 [ 837.382303] ? __fget+0x4d5/0x740 [ 837.385740] ? ksys_dup3+0x690/0x690 [ 837.389455] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 837.394035] ? kasan_check_write+0x14/0x20 [ 837.398266] ? do_raw_spin_lock+0xc1/0x200 [ 837.402497] block_ioctl+0xee/0x130 [ 837.406120] ? blkdev_fallocate+0x400/0x400 [ 837.410426] do_vfs_ioctl+0x1de/0x1720 [ 837.414299] ? ioctl_preallocate+0x300/0x300 [ 837.418688] ? __fget_light+0x2f7/0x440 [ 837.422645] ? fget_raw+0x20/0x20 [ 837.426081] ? trace_hardirqs_on+0xd/0x10 [ 837.430211] ? kmem_cache_free+0x22e/0x2d0 [ 837.434443] ? putname+0xf7/0x130 [ 837.437880] ? do_sys_open+0x3cb/0x720 [ 837.441766] ? security_file_ioctl+0x94/0xc0 [ 837.446160] ksys_ioctl+0xa9/0xd0 [ 837.449599] __x64_sys_ioctl+0x73/0xb0 [ 837.453490] do_syscall_64+0x1b9/0x820 [ 837.457388] ? syscall_return_slowpath+0x5e0/0x5e0 [ 837.462308] ? syscall_return_slowpath+0x31d/0x5e0 [ 837.467228] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 837.472246] ? prepare_exit_to_usermode+0x291/0x3b0 [ 837.477275] ? perf_trace_sys_enter+0xb10/0xb10 [ 837.482458] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 837.487288] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 837.492460] RIP: 0033:0x455c97 [ 837.495628] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7d bb fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 837.514798] RSP: 002b:00007f413f26ea88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 837.522667] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000455c97 [ 837.529920] RDX: 0000000000000014 RSI: 0000000000004c00 RDI: 0000000000000015 [ 837.537174] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a 03:38:50 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020000066f786e6574302d232f70726f6300") 03:38:50 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x4) 03:38:50 executing program 2: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_int(r0, 0x29, 0xd1, &(0x7f0000000000)=0xe8, 0x4) r1 = openat$vsock(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vsock\x00', 0x200, 0x0) ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000100)={{0x2, 0x4e20, @multicast2=0xe0000002}, {0x6}, 0x20, {0x2, 0x4e22, @remote={0xac, 0x14, 0x14, 0xbb}}, 'bond0\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000080)={'veth1_to_bridge\x00'}) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$sock_SIOCADDDLCI(r0, 0x8980, &(0x7f0000000040)={'bridge0\x00', 0xffffffffffffffc1}) [ 837.544427] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 [ 837.551683] R13: 0000000000000001 R14: 00000000004d3f40 R15: 000000000000000d [ 837.565070] FAT-fs (loop7): Directory bread(block 2563) failed [ 837.586577] FAT-fs (loop7): Directory bread(block 2564) failed 03:38:50 executing program 1: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) write(r3, &(0x7f00000001c0), 0xfffffef3) unshare(0x400) ioctl$SNDRV_CTL_IOCTL_ELEM_REMOVE(r2, 0xc0405519, &(0x7f0000000000)={0x5, 0x2, 0xfff, 0x400, '\x00', 0xffff}) tee(r2, r1, 0x8, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000040)={0x0, 0x0}, &(0x7f0000000080)=0xc) lstat(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r6 = semget$private(0x0, 0x7, 0x1) semctl$GETZCNT(r6, 0x3, 0xf, &(0x7f00000001c0)=""/208) fchown(r3, r4, r5) [ 837.604411] FAT-fs (loop7): Directory bread(block 2565) failed [ 837.614578] FAT-fs (loop7): Directory bread(block 2566) failed [ 837.621031] FAT-fs (loop7): Directory bread(block 2567) failed [ 837.627473] Unknown ioctl 35156 [ 837.630550] FAT-fs (loop7): Directory bread(block 2568) failed [ 837.637107] FAT-fs (loop7): Directory bread(block 2569) failed [ 837.643325] FAT-fs (loop7): Directory bread(block 2570) failed 03:38:50 executing program 7 (fault-call:0 fault-nth:14): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010a0200027400f801", 0x17}], 0x0, &(0x7f00000001c0)) 03:38:50 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") clone(0x0, &(0x7f00000012c0), &(0x7f0000001080), &(0x7f00000022c0), &(0x7f0000001f00)) r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) ioctl$sock_ifreq(r1, 0x89f4, &(0x7f0000000040)={'eql\x00\x00\x00\x00\x00\b\x00\x00\x00\x00\x005\x00', @ifru_flags=0x100}) 03:38:50 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x2) [ 837.650842] FAT-fs (loop7): Directory bread(block 2571) failed [ 837.657213] FAT-fs (loop7): Directory bread(block 2572) failed [ 837.746767] FAULT_INJECTION: forcing a failure. [ 837.746767] name failslab, interval 1, probability 0, space 0, times 0 [ 837.758302] CPU: 0 PID: 14045 Comm: syz-executor7 Not tainted 4.18.0-rc3-next-20180709+ #2 [ 837.766831] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 837.776211] Call Trace: [ 837.778815] dump_stack+0x1c9/0x2b4 [ 837.782463] ? dump_stack_print_info.cold.2+0x52/0x52 [ 837.787668] ? rcu_note_context_switch+0x730/0x730 [ 837.793918] should_fail.cold.4+0xa/0x11 [ 837.798095] ? kasan_check_write+0x14/0x20 [ 837.802341] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 837.807639] ? kernfs_activate+0x8e/0x2c0 [ 837.811906] ? ___ratelimit.cold.2+0x6b/0x6b [ 837.816389] ? mutex_trylock+0x2b0/0x2b0 [ 837.820494] ? kasan_check_write+0x14/0x20 [ 837.824755] ? __radix_tree_replace+0x188/0x2f0 [ 837.829552] ? kernfs_add_one+0x4f/0x4d0 [ 837.833628] ? kernfs_activate+0x21a/0x2c0 [ 837.837874] ? lock_downgrade+0x8f0/0x8f0 [ 837.842040] ? lock_acquire+0x1e4/0x540 [ 837.846038] ? fs_reclaim_acquire+0x20/0x20 [ 837.850362] ? lock_downgrade+0x8f0/0x8f0 [ 837.854625] ? check_same_owner+0x340/0x340 [ 837.858956] ? kasan_check_write+0x14/0x20 [ 837.863283] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 837.864199] Unknown ioctl 35156 [ 837.868217] ? rcu_note_context_switch+0x730/0x730 [ 837.868236] __should_failslab+0x124/0x180 [ 837.868255] should_failslab+0x9/0x14 [ 837.868268] kmem_cache_alloc+0x2af/0x760 [ 837.868285] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 837.868298] ? kasan_check_write+0x14/0x20 [ 837.868313] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 837.868327] __kernfs_new_node+0xef/0x5a0 [ 837.868349] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 837.911854] ? mutex_unlock+0xd/0x10 [ 837.915573] ? kernfs_activate+0x21a/0x2c0 [ 837.919813] ? kernfs_walk_and_get_ns+0x340/0x340 [ 837.924651] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 837.930179] ? kernfs_link_sibling+0x1d2/0x3b0 [ 837.934786] kernfs_new_node+0x80/0xf0 [ 837.938702] __kernfs_create_file+0x4d/0x330 [ 837.943127] sysfs_add_file_mode_ns+0x21a/0x560 03:38:51 executing program 6: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000740)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000013e95), 0x4) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000140)={0x0, @in6={{0x2, 0x0, 0x0, @mcast1={0xff, 0x1, [], 0x1}, 0x18000000}}}, 0x98) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000140)=0xd) close(r0) [ 837.947838] internal_create_group+0x26d/0x9e0 [ 837.952519] ? do_raw_spin_lock+0xc1/0x200 [ 837.956757] sysfs_create_group+0x1f/0x30 [ 837.960907] lo_ioctl+0x12bf/0x1d00 [ 837.964538] ? lo_rw_aio_complete+0x450/0x450 [ 837.969309] blkdev_ioctl+0x9cd/0x2030 [ 837.973200] ? lock_acquire+0x1e4/0x540 [ 837.977186] ? blkpg_ioctl+0xc40/0xc40 [ 837.981100] ? lock_release+0xa30/0xa30 [ 837.985093] ? save_stack+0xa9/0xd0 [ 837.988837] ? save_stack+0x43/0xd0 [ 837.992484] ? __fget+0x4d5/0x740 [ 837.997164] ? ksys_dup3+0x690/0x690 [ 838.000871] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 838.005455] ? kasan_check_write+0x14/0x20 [ 838.009760] ? do_raw_spin_lock+0xc1/0x200 [ 838.014014] block_ioctl+0xee/0x130 [ 838.017631] ? blkdev_fallocate+0x400/0x400 [ 838.021951] do_vfs_ioctl+0x1de/0x1720 [ 838.025848] ? ioctl_preallocate+0x300/0x300 [ 838.030257] ? __fget_light+0x2f7/0x440 [ 838.034232] ? fget_raw+0x20/0x20 [ 838.037693] ? trace_hardirqs_on+0xd/0x10 [ 838.041858] ? kmem_cache_free+0x22e/0x2d0 [ 838.046096] ? putname+0xf7/0x130 [ 838.049545] ? do_sys_open+0x3cb/0x720 [ 838.053442] ? security_file_ioctl+0x94/0xc0 [ 838.058651] ksys_ioctl+0xa9/0xd0 [ 838.062136] __x64_sys_ioctl+0x73/0xb0 [ 838.066036] do_syscall_64+0x1b9/0x820 [ 838.069929] ? syscall_return_slowpath+0x5e0/0x5e0 [ 838.074872] ? syscall_return_slowpath+0x31d/0x5e0 [ 838.079816] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 838.084836] ? prepare_exit_to_usermode+0x291/0x3b0 [ 838.089853] ? perf_trace_sys_enter+0xb10/0xb10 03:38:51 executing program 3: r0 = memfd_create(&(0x7f0000000000)="657468307db027776c616e312a28757365726574683173656c6600", 0x1) getsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(r0, 0x84, 0x7, &(0x7f0000000100), &(0x7f0000000140)=0x4) r1 = socket$nl_route(0x10, 0x3, 0x0) recvmmsg(r1, &(0x7f0000003f80)=[{{&(0x7f0000000080)=@can={0x0, 0x0}, 0x80, &(0x7f00000001c0)}}], 0x1, 0x0, &(0x7f0000004000)={0x77359400}) sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={&(0x7f0000000180)={0x10}, 0xa, &(0x7f0000000240)={&(0x7f0000000280)=ANY=[@ANYRES32=r0, @ANYRESHEX=r0, @ANYRESOCT=r0, @ANYBLOB="b40179cd33dce5d042082404bf69ee66a135a9b6edeb8fa92e9556af858ff7a7244371e79da2275c5c84cee87546a60221e6d89f9b137269c9d3e782e03c3fca3e12df54ab9e63cfcdd529794f0f7f62e005c77aec9f0c27bb8c3ca7d351378060e5986982214ebdcf65", @ANYRES16=r0, @ANYRES32=r2, @ANYRESHEX, @ANYBLOB="8f9c7074dbbc606df8063157cd08ecde662ffa87a82e0497a3a4153a076b434608022a58609dce89d62ecb37aa87326bf63b9eafa07c04e26ef0f4c7d1c9ab8a16e87e8ca3af952754", @ANYPTR, @ANYBLOB="f3f82c3f7aab9a"]}, 0x1}, 0xfffffffffffffffc) [ 838.094624] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 838.099479] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 838.104668] RIP: 0033:0x455c97 [ 838.107848] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7d bb fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 838.127092] RSP: 002b:00007f413f26ea88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 838.134813] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000455c97 [ 838.142097] RDX: 0000000000000014 RSI: 0000000000004c00 RDI: 0000000000000015 [ 838.149382] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 838.156663] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 [ 838.163944] R13: 0000000000000001 R14: 00000000004d3f40 R15: 000000000000000e [ 838.172000] bridge0: port 2(bridge_slave_1) entered disabled state [ 838.180335] FAT-fs (loop7): Directory bread(block 2563) failed [ 838.187756] FAT-fs (loop7): Directory bread(block 2564) failed 03:38:51 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020007006f786e6574302d232f70726f6300") 03:38:51 executing program 2: r0 = socket$inet6(0xa, 0x802, 0x88) sendto$inet6(r0, &(0x7f0000000940)="dfe278d84f047e1808a3a992ddc389ae510e72c21d071d767c92f5a76aabd0152fcbd05c4db7f4e5e729497dfc375f1a021a5b1fd8ea7d7047775b8daf66303ddae94f4cc9d10f0e4bd21802c30927bf91de19baad5d68d29e6c0265b15278bc3a26defe99b129cae1e0377939e119e495cb84900b82d2c0689fd8d30bcd08437ed371f99c2b1cb8434a8ed7a106d463883ccdd36f76022dd29c59311fd01f26dc7cb7bb2578798d919b871cbb90dda4fccbca8d521c0c9c95c6278cad91c144f5079d7aa44b35c54465cb314586eae1b2afb0d94912bea757906d494c2e049598bae15d4a1b6892ed414e4ca5448a7e457350859333529825a60e93889fece46d4917cb7b429852148679694cbbb5d71bd8c81da130daf7387dc095c6ea85a19f5c62434a0b42723ae95420971a2edaa24f04e1c558283be5b08d1903dd2aa5b55ff876b7df8ad497a163fc1667bf677560acc9bdc58fd2190ceb7ee16969f2b7924651b5256b83fa8cee4a85b601371092d883db7c63cc060f80cc96a47d90dfc06ebf61665b68ab6c40e701325f2ad65b98bbc038fc1f70c5cec0ef6de84b30f331304e18333bf6018ab00b454771618a74cdcb90bae013843a586b8da3f26fc134faea8f02f500ccfc8d8e056bfe8154a816b1c836d2f0345fe72801be88a7bf12b5b70f3fca631f4f27ade17670201ca78090a2ce78f7660b62d6b1ae74b433a537ec8972cd75ed3aef141e6e274274ceed44bdcd0b8da06e8862dfb649d39a860042261fc9ab949991711eac9264633a7f15ff272779b3015c402e43e63fa3cbb3baaffe971b739673c5313ef74a7c2a480a7302734a607e1cd559189f4aee38fbcd3bde9776c29fc8426b18bb0029546358d39ce716f03359f656cb3103e1ef253bd0614af54f8d7d03f6bf80ab3ae047aadfd7a3e006f9f04e326f391426a8618dcf4747f189c892ca162d7a2949aedf8eb6ead2a7f8673c03830282983f880d7ff55b9bc04afd7439857238bef451407dbd506b94d8a0085a9649e9d2f24d4442ce81791d7f0b00eefc6547c57493812cb93d1166bd506ff8cd0852edd7d8ccf90a2f5f137e82c7f2b356ab3f7fc0f854f82608949d79e780d563642ee0ee73397a83117059d2b30f4dc169f98474d01200cd765918dde6c075b3444d46c0859a7d921469c7ffa6a1caac885a8f285fe70c48233d29061f13b216ac406247a68aa3c516fac4cacbd78a303377130cd92ba8331614365765b2c80cb717626c9f6e9b45d6d16b10ca7325316e8107c2b57d630b46fb8369905a2e9b75e0a3b0972634b46e44430310580e9ae49ac0f065261ca26053dc08aafb3308e40d709a6404fa39e45e9643edf205ba121470c36389e3c161ab41179418b71652f92cb4b3a6d925fcd7d5c0a13ab9c020446aae0e7d3eedf23fec3ffa6ed748953bf7a5e19960f43313f16e5bb43f3e6adc62a5a45db3ea43e44ed6ee5596a6c66c747aab8757ee26d5912a07edecd4e4b9d6f6a03c6f4d7445d041fab5cdd668280b392be052ca3095a8408ac836e6d361f5c7512768f6897b7529d658503f61bcffc714e95adabd1178191b3d82d959200e508c6358af53b7684d2cab8ed404cdfd134e004a71deaaaec8c9835e5a711b51e1829f96c2be8ad2c851f8b70c70114cbb7d647cfb26ba91f62ec29925e6f10aebbb0a28a7ffcfc360d86a70ade4d3d2bbbea005b41823f2a54b1513ee080e62d3f337a0e250d592ef3a43be37bef30496fe34eb2eb7b038bf1a8ad837c18cd9745e937d7c0503d1c50ed4a9f3d446eccc3cddc586df7c077e09119b5172dee9d6349783329c2c7a2d71dfb7c2d7aa656f2599b84fab8ee1c21073c7cf64babeb4f768d8c283ff7599849e36d5a7d7071b396fbde96af351d02ff61b159bddbb8d66e51d6431eee6173857d089d4ab3ac1c05b57c80a08fe3d1c89aefb7fe07df71b0d0f636e5b8a609af0a1e708390f828907e7691fad891c5d7a6cf7cd8842ce264ecdc1caf78795883e37a3a8b7dbd67cff31ab2c868a79691ca540660039aca28aada03950c0b00ae1d945654838b1765ed03fa2c3998e37639aa324f7dface766d31cc84e7a58571322cb066b7a01428e7d77b3bce65c6260742cb8c5b6b914623f31293a1ac91948264d17643d719b9247ecc14906e21e1c6e8e8d943652f3597f26dabc85b17a3d1a805fe2794eda2ed168913270671f7799c9d6486dc8f9095b19fbeda576dbc78919c8916e715bd08ed49a59bf17d43d5f561a11861598785cb02857324c3f063fb05092839d26c6da5177235c41cc78963b653651de1f73469aac58dfec92b22f7468f35a287f72fb3638ff85924d86c585a0df30afbef9545baef0ee83d12a50d520d9c26eae7819fe577337125dbe250b059d7e2dfde4f6bb26a2af60d2b95b07fc66c74e95fd646bb1b269dbee8cba32667499c514ce0d23f60a11c639c6379f71220a2eac32d7b1c6771643dcb66e94e6574cfda0d9513b0286843755196ce43e0580331e915d66ebbb31488cb36e0c3e2250f97cc43a46bc84a9df4c8ec952615f50f4f2f80d9849cc61d0c78e2b238fc1b66d857b11213d2321ababdeae57bddade6cfde43713ca34acbf01b3ff4ba6a205cd04d94d94d76b1ecdeb7d31339d07ddc2f25dfe3c2d2fd53c5dda58b18f3969b734a9f9767ef250ce20833a6de5caa57778d7c3f2288e1bef5f5981942f26a7519157357f35ae990931835b6c5da7fa6a1e7ce2bf4e00c11d7aed40ecb3dc662953cbdc4bec3d8a70692e47f9b73f5f3e8855ad00c324dfccea81b4dbe7795de35ba560d3c63c1203cc8f74c26c75f723ccfc372dd07f266e41a6be0528b4f0317c7af3a2a94e0c9e82135a174bc22ec8fcd2847ec28c00ed54fb5ad2e477b123becb3197b6ac6b3c2965f9d45577", 0x821, 0x0, &(0x7f0000089000)={0xa, 0x3, 0x0, @local={0xfe, 0x80, [], 0xaa}}, 0x1c) setsockopt$sock_int(r0, 0x1, 0x7, &(0x7f0000000040), 0x4) sendto$inet6(r0, &(0x7f0000161000), 0x0, 0x0, &(0x7f0000000000)={0xa, 0x2, 0x0, @mcast2={0xff, 0x2, [], 0x1}}, 0x1c) r1 = getpgid(0x0) fcntl$lock(r0, 0x6, &(0x7f0000000900)={0x0, 0x7, 0x7, 0x1, r1}) getrlimit(0x1, &(0x7f00000008c0)) fallocate(r0, 0x0, 0x90, 0xffffffff) 03:38:51 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0xffffff7f00000000) [ 838.210716] FAT-fs (loop7): Directory bread(block 2565) failed [ 838.237309] FAT-fs (loop7): Directory bread(block 2566) failed [ 838.249901] FAT-fs (loop7): Directory bread(block 2567) failed 03:38:51 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) r2 = syz_open_dev$audion(&(0x7f0000000040)='/dev/audio#\x00', 0xb8f, 0x101000) ioctl$TCSBRK(r2, 0x5409, 0x3f) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000003fe8)={0xaa}) r3 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0xcc, 0x48000) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000100)={{{@in6=@mcast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast2}, 0x0, @in=@local}}, &(0x7f0000000200)=0xe8) sendmsg$xdp(r3, &(0x7f0000000340)={&(0x7f0000000240)={0x2c, 0x4, r4, 0x13}, 0x10, &(0x7f0000000300)=[{&(0x7f00000002c0)="e08bfdd3ff9765076ebe7f5218f398439db5517d9b05fa5683f8d9cf0313b0cb2fc73852457800c1bd40f36f3e8c3e9362", 0x31}], 0x1, 0x0, 0x0, 0x4000000}, 0x4000080) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r5 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r5, 0x84, 0x8, &(0x7f0000013e95), 0x4) ioctl$LOOP_CTL_GET_FREE(r5, 0x4c82) close(r5) close(r1) 03:38:51 executing program 2: msgget$private(0x0, 0x2) r0 = msgget(0x0, 0x620) msgctl$IPC_RMID(r0, 0x3) [ 838.262407] FAT-fs (loop7): Directory bread(block 2568) failed [ 838.273708] FAT-fs (loop7): Directory bread(block 2569) failed 03:38:51 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020048006f786e6574302d232f70726f6300") 03:38:51 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0xfbffffff00000000) 03:38:51 executing program 7 (fault-call:0 fault-nth:15): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010a0200027400f801", 0x17}], 0x0, &(0x7f00000001c0)) 03:38:51 executing program 2: sendmsg(0xffffffffffffffff, &(0x7f0000004fc8)={0x0, 0x0, &(0x7f0000017000)=[{&(0x7f0000004000)="240000001d0003ffff3cc0023da2830101eee6cd7986c436271d8568b51ba3a2d188737e", 0x24}], 0x1}, 0x0) accept(0xffffffffffffffff, &(0x7f0000000000)=@xdp, &(0x7f0000000080)=0x80) [ 838.303717] FAT-fs (loop7): Directory bread(block 2570) failed [ 838.320372] FAT-fs (loop7): Directory bread(block 2571) failed [ 838.331942] FAT-fs (loop7): Directory bread(block 2572) failed 03:38:51 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020000206f786e6574302d232f70726f6300") [ 838.427935] FAULT_INJECTION: forcing a failure. [ 838.427935] name failslab, interval 1, probability 0, space 0, times 0 [ 838.439366] CPU: 1 PID: 14112 Comm: syz-executor7 Not tainted 4.18.0-rc3-next-20180709+ #2 [ 838.447790] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 838.457146] Call Trace: [ 838.459757] dump_stack+0x1c9/0x2b4 [ 838.463408] ? dump_stack_print_info.cold.2+0x52/0x52 [ 838.468608] ? rcu_note_context_switch+0x730/0x730 [ 838.473559] should_fail.cold.4+0xa/0x11 [ 838.477637] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 838.482752] ? kernfs_activate+0x8e/0x2c0 [ 838.486918] ? ___ratelimit.cold.2+0x6b/0x6b [ 838.491325] ? mutex_trylock+0x2b0/0x2b0 [ 838.498174] ? kasan_check_write+0x14/0x20 [ 838.502415] ? __radix_tree_replace+0x188/0x2f0 [ 838.507083] ? kernfs_add_one+0x4f/0x4d0 [ 838.511225] ? kernfs_activate+0x21a/0x2c0 [ 838.515631] ? lock_downgrade+0x8f0/0x8f0 [ 838.519784] ? lock_acquire+0x1e4/0x540 [ 838.523766] ? fs_reclaim_acquire+0x20/0x20 [ 838.528094] ? lock_downgrade+0x8f0/0x8f0 [ 838.532248] ? check_same_owner+0x340/0x340 [ 838.536621] ? kasan_check_write+0x14/0x20 [ 838.540849] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 838.545780] ? rcu_note_context_switch+0x730/0x730 [ 838.550807] __should_failslab+0x124/0x180 [ 838.555050] should_failslab+0x9/0x14 [ 838.558855] kmem_cache_alloc+0x2af/0x760 [ 838.563018] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 838.567974] ? kasan_check_write+0x14/0x20 [ 838.572214] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 838.577253] __kernfs_new_node+0xef/0x5a0 [ 838.581421] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 838.586188] ? mutex_unlock+0xd/0x10 [ 838.589911] ? kernfs_activate+0x21a/0x2c0 [ 838.594148] ? kernfs_walk_and_get_ns+0x340/0x340 [ 838.598994] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 838.604536] ? kernfs_link_sibling+0x1d2/0x3b0 [ 838.609115] kernfs_new_node+0x80/0xf0 [ 838.613017] __kernfs_create_file+0x4d/0x330 [ 838.617443] sysfs_add_file_mode_ns+0x21a/0x560 [ 838.622118] internal_create_group+0x26d/0x9e0 [ 838.626698] ? do_raw_spin_lock+0xc1/0x200 [ 838.630940] sysfs_create_group+0x1f/0x30 [ 838.635076] lo_ioctl+0x12bf/0x1d00 [ 838.638702] ? lo_rw_aio_complete+0x450/0x450 [ 838.643284] blkdev_ioctl+0x9cd/0x2030 [ 838.647282] ? lock_acquire+0x1e4/0x540 [ 838.651264] ? blkpg_ioctl+0xc40/0xc40 [ 838.655154] ? lock_release+0xa30/0xa30 [ 838.659142] ? save_stack+0xa9/0xd0 [ 838.662759] ? save_stack+0x43/0xd0 [ 838.667343] ? __fget+0x4d5/0x740 [ 838.670789] ? ksys_dup3+0x690/0x690 [ 838.674509] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 838.679103] ? kasan_check_write+0x14/0x20 [ 838.683335] ? do_raw_spin_lock+0xc1/0x200 [ 838.687581] block_ioctl+0xee/0x130 [ 838.691216] ? blkdev_fallocate+0x400/0x400 [ 838.695547] do_vfs_ioctl+0x1de/0x1720 [ 838.699467] ? ioctl_preallocate+0x300/0x300 [ 838.703882] ? __fget_light+0x2f7/0x440 [ 838.708413] ? fget_raw+0x20/0x20 [ 838.711965] ? trace_hardirqs_on+0xd/0x10 [ 838.716112] ? kmem_cache_free+0x22e/0x2d0 [ 838.720441] ? putname+0xf7/0x130 [ 838.723888] ? do_sys_open+0x3cb/0x720 [ 838.727795] ? security_file_ioctl+0x94/0xc0 [ 838.732213] ksys_ioctl+0xa9/0xd0 [ 838.735684] __x64_sys_ioctl+0x73/0xb0 [ 838.739580] do_syscall_64+0x1b9/0x820 [ 838.743482] ? finish_task_switch+0x1d3/0x870 [ 838.747984] ? syscall_return_slowpath+0x5e0/0x5e0 [ 838.752938] ? syscall_return_slowpath+0x31d/0x5e0 [ 838.757988] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 838.763011] ? prepare_exit_to_usermode+0x291/0x3b0 [ 838.768033] ? perf_trace_sys_enter+0xb10/0xb10 [ 838.772979] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 838.777843] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 838.783033] RIP: 0033:0x455c97 [ 838.786234] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7d bb fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 838.806004] RSP: 002b:00007f413f26ea88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 838.813894] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000455c97 [ 838.821176] RDX: 0000000000000014 RSI: 0000000000004c00 RDI: 0000000000000015 03:38:51 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001b00)={0x9, 0x1d, 0x6, 0xc, 0x2}, 0x2c) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000200)={r0, &(0x7f0000000100), &(0x7f0000000380)}, 0x20) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000040)={r0, &(0x7f0000000280)="eb", &(0x7f0000000400)}, 0x20) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000001c0)={r0, &(0x7f0000000100), &(0x7f0000000840)=""/4096}, 0x18) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000000)={r0, &(0x7f0000000200), &(0x7f0000001440)}, 0x20) r1 = syz_open_dev$usbmon(&(0x7f0000000080)='/dev/usbmon#\x00', 0xffffffffffffffff, 0x0) ioctl$VT_OPENQRY(r1, 0x5600, &(0x7f00000000c0)) 03:38:51 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x3f000000) 03:38:51 executing program 2: r0 = syz_open_dev$sndpcmp(&(0x7f0000000080)='/dev/snd/pcmC#D#p\x00', 0x8, 0x102) ioctl$TIOCSTI(r0, 0x5412, 0x4) syz_open_dev$vcsn(&(0x7f00000000c0)='/dev/vcs#\x00', 0x84, 0x4000) r1 = socket$inet6_udp(0xa, 0x2, 0x0) r2 = socket$l2tp(0x18, 0x1, 0x1) syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0x9, 0x40200) connect$l2tp(r2, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r1, {0x2, 0x0, @multicast2=0xe0000002}, 0x4}}, 0x2e) connect$l2tp(r2, &(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast1=0xe0000001}}}, 0x2e) 03:38:51 executing program 6: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000740)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000013e95), 0x4) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000140)={0x0, @in6={{0x2, 0x0, 0x0, @mcast1={0xff, 0x1, [], 0x1}, 0x6000000000000000}}}, 0x98) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000140)=0xd) close(r0) [ 838.829742] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 838.837154] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 [ 838.844438] R13: 0000000000000001 R14: 00000000004d3f40 R15: 000000000000000f [ 838.864332] FAT-fs (loop7): Directory bread(block 2563) failed 03:38:51 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020000746f786e6574302d232f70726f6300") [ 838.895716] FAT-fs (loop7): Directory bread(block 2564) failed [ 838.919024] FAT-fs (loop7): Directory bread(block 2565) failed [ 838.925858] FAT-fs (loop7): Directory bread(block 2566) failed [ 838.933115] FAT-fs (loop7): Directory bread(block 2567) failed [ 838.941587] FAT-fs (loop7): Directory bread(block 2568) failed [ 838.978387] FAT-fs (loop7): Directory bread(block 2569) failed [ 838.989161] FAT-fs (loop7): Directory bread(block 2570) failed [ 838.995680] FAT-fs (loop7): Directory bread(block 2571) failed [ 839.003832] FAT-fs (loop7): Directory bread(block 2572) failed 03:38:52 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="0200006c6f786e6574302d232f70726f6300") 03:38:52 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) recvmmsg(r0, &(0x7f0000000000)=[{{&(0x7f0000000080)=@can, 0xffffffffffffff17, &(0x7f00000001c0)}}], 0x1, 0x0, &(0x7f0000004000)={0x77359400}) sendmsg$nl_route_sched(r0, &(0x7f0000005a00)={&(0x7f0000000180)={0x10}, 0xc, &(0x7f00000059c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="2400000026000102000000000000000000000000", @ANYBLOB="00000000bd"], 0x2}, 0x1}, 0x0) 03:38:52 executing program 2: r0 = syz_open_dev$sndctrl(&(0x7f000000a000)='/dev/snd/controlC#\x00', 0x0, 0x0) r1 = perf_event_open(&(0x7f0000001000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8ce, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x4}, 0x1000000000c}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(0xffffffffffffff9c, 0x84, 0x73, &(0x7f000000d000), &(0x7f0000001000)=0xfea6) r2 = syz_open_dev$sndctrl(&(0x7f0000000080)='/dev/snd/controlC#\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r2, 0xc0045516, &(0x7f0000000000)=0xec35) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) ppoll(&(0x7f0000000040)=[{r2, 0x1}, {r1, 0x4044}], 0x2, &(0x7f0000000140)={r3, r4+10000000}, &(0x7f0000000180)={0x2}, 0x8) r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='net/ipv6_route\x00') ioctl$RTC_AIE_OFF(r5, 0x7002) ioctl$SNDRV_CTL_IOCTL_PVERSION(r0, 0xc1105517, &(0x7f0000001000)) 03:38:52 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x20000000) 03:38:52 executing program 7 (fault-call:0 fault-nth:16): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010a0200027400f801", 0x17}], 0x0, &(0x7f00000001c0)) 03:38:52 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) r1 = syz_open_dev$vcsn(&(0x7f0000000340)='/dev/vcs#\x00', 0xffff, 0x0) setsockopt$inet_tcp_TLS_TX(r1, 0x6, 0x1, &(0x7f0000000380)={0x303, 0x33}, 0x4) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) syz_open_dev$mouse(&(0x7f0000000240)='/dev/input/mouse#\x00', 0x3, 0x100) ioctl(r2, 0x8912, &(0x7f00000000c0)="025cc83d6d345f8f762070") inotify_add_watch(r1, &(0x7f0000000200)='./file0\x00', 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r3 = accept$alg(r0, 0x0, 0x0) write$binfmt_script(r3, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmsg(r3, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000500)=""/245, 0xf5}, {&(0x7f00000002c0)=""/22, 0x16}, {&(0x7f00000013c0)=""/4096, 0x1000}], 0x3, &(0x7f00000007c0)=""/16, 0x10}, 0x0) r4 = syz_open_dev$mouse(&(0x7f0000000100)='/dev/input/mouse#\x00', 0x3, 0x400) getpeername$packet(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, &(0x7f00000001c0)=0x14) sendmsg$nl_route_sched(r4, &(0x7f0000000300)={&(0x7f0000000140)={0x10}, 0xc, &(0x7f0000000280)={&(0x7f00000003c0)=ANY=[@ANYBLOB="4c000000290000042c1004df4b223e936e2dbdbf", @ANYRES32=r5, @ANYBLOB="08001c00ffff0500fffff3ff0800050009034f5eb989b643020338a50a55a4f10a45a929f176aa0004e326f70e04000800050dab0000000c00010064736d69726b00000c"], 0x4c}, 0x1, 0x0, 0x0, 0x4844}, 0x40) 03:38:52 executing program 5: epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000032ff4)={0xb0002000}) timer_create(0x7, &(0x7f0000000000)={0x0, 0x12, 0x4, @tid=0xffffffffffffffff}, &(0x7f0000000040)=0x0) timer_settime(r0, 0x1, &(0x7f0000000080), 0x0) mprotect(&(0x7f0000032000/0x1000)=nil, 0x1000, 0x5) setitimer(0x0, &(0x7f0000032fe0)={{}, {0x77359400}}, 0x0) r1 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/zero\x00', 0x200, 0x0) setsockopt$inet6_IPV6_ADDRFORM(r1, 0x29, 0x1, &(0x7f0000000100)=0x2, 0x4) [ 839.216104] FAULT_INJECTION: forcing a failure. [ 839.216104] name failslab, interval 1, probability 0, space 0, times 0 [ 839.227524] CPU: 1 PID: 14159 Comm: syz-executor7 Not tainted 4.18.0-rc3-next-20180709+ #2 [ 839.236063] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 839.245557] Call Trace: [ 839.248176] dump_stack+0x1c9/0x2b4 [ 839.251930] ? dump_stack_print_info.cold.2+0x52/0x52 [ 839.257595] ? rcu_note_context_switch+0x730/0x730 03:38:52 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x80000, 0xfffffffffffffffd) bind$inet(r1, &(0x7f0000000080)={0x2, 0x84e23, @multicast1=0xe0000001}, 0x10) sendto$inet(r1, &(0x7f0000000000), 0xa4, 0x200007fe, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10) setsockopt$sock_int(r1, 0x1, 0x2f, &(0x7f0000000100)=0x7, 0x4) sendto$inet(r1, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2}, 0x6) close(r1) 03:38:52 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) recvmmsg(r0, &(0x7f0000003f80)=[{{&(0x7f0000000080)=@can, 0x80, &(0x7f00000001c0)}}], 0x1, 0x0, &(0x7f0000004000)={0x77359400}) sendmsg$nl_route_sched(r0, &(0x7f0000005a00)={&(0x7f0000000180)={0x10}, 0xc, &(0x7f00000059c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="1b43000000006a9ac05b8610698ade4838fbaa77b05a0ba3e23c6ba2bd390fa4e513fee1d24328d078bae893574f74cb516b139cafd1eba5aaede7fc1770f17ae1f8fa9a06fc286270cf8aa67faa6ec1a2d90fd48d915d121e1c69f7cd612db580ca5b5c0000000000", @ANYBLOB="00000000bd"], 0x2}, 0x1}, 0x0) [ 839.262551] should_fail.cold.4+0xa/0x11 [ 839.266650] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 839.271786] ? kernfs_activate+0x8e/0x2c0 [ 839.275957] ? ___ratelimit.cold.2+0x6b/0x6b [ 839.280506] ? mutex_trylock+0x2b0/0x2b0 [ 839.285472] ? kasan_check_write+0x14/0x20 [ 839.289729] ? __radix_tree_replace+0x188/0x2f0 [ 839.294427] ? kernfs_add_one+0x4f/0x4d0 [ 839.298531] ? kernfs_activate+0x21a/0x2c0 [ 839.302787] ? lock_downgrade+0x8f0/0x8f0 [ 839.306978] ? lock_acquire+0x1e4/0x540 [ 839.310981] ? fs_reclaim_acquire+0x20/0x20 03:38:52 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") socketpair$inet(0x1e, 0x2, 0x0, &(0x7f0000000200)={0x0, 0x0}) getsockopt$inet6_mtu(r0, 0x29, 0x17, &(0x7f0000000000), &(0x7f0000000040)=0x4) 03:38:52 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text16={0x10, &(0x7f0000000080)="0f01780066b8010000000f01d9ba4100ecbaf80c66b86eee1a8066efbafc0cb80080ef36660f383151070f2226660f381d15d8c8652cbd66b8010000000f01c1", 0x40}], 0x1, 0x0, &(0x7f0000000040), 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x80000, 0x0) faccessat(r4, &(0x7f0000000040)='./file0\x00', 0x3, 0x200) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 839.315693] ? lock_downgrade+0x8f0/0x8f0 [ 839.319867] ? check_same_owner+0x340/0x340 [ 839.324234] ? kasan_check_write+0x14/0x20 [ 839.328602] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 839.333559] ? rcu_note_context_switch+0x730/0x730 [ 839.338553] __should_failslab+0x124/0x180 [ 839.342844] should_failslab+0x9/0x14 [ 839.346690] kmem_cache_alloc+0x2af/0x760 [ 839.350888] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 839.355844] ? kasan_check_write+0x14/0x20 [ 839.360559] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 839.365611] __kernfs_new_node+0xef/0x5a0 [ 839.369819] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 839.374610] ? mutex_unlock+0xd/0x10 [ 839.378346] ? kernfs_activate+0x21a/0x2c0 [ 839.382770] ? kernfs_walk_and_get_ns+0x340/0x340 [ 839.387627] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 839.393166] ? kernfs_link_sibling+0x1d2/0x3b0 [ 839.398030] kernfs_new_node+0x80/0xf0 [ 839.401940] __kernfs_create_file+0x4d/0x330 [ 839.406339] sysfs_add_file_mode_ns+0x21a/0x560 [ 839.411003] internal_create_group+0x26d/0x9e0 [ 839.415584] ? do_raw_spin_lock+0xc1/0x200 [ 839.419821] sysfs_create_group+0x1f/0x30 [ 839.423959] lo_ioctl+0x12bf/0x1d00 [ 839.427589] ? lo_rw_aio_complete+0x450/0x450 [ 839.432116] blkdev_ioctl+0x9cd/0x2030 [ 839.436084] ? lock_acquire+0x1e4/0x540 [ 839.440057] ? blkpg_ioctl+0xc40/0xc40 [ 839.443951] ? lock_release+0xa30/0xa30 [ 839.448351] ? save_stack+0xa9/0xd0 [ 839.451965] ? save_stack+0x43/0xd0 [ 839.455578] ? __fget+0x4d5/0x740 [ 839.459120] ? ksys_dup3+0x690/0x690 [ 839.462828] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 839.467397] ? kasan_check_write+0x14/0x20 [ 839.471640] ? do_raw_spin_lock+0xc1/0x200 [ 839.475953] block_ioctl+0xee/0x130 [ 839.479578] ? blkdev_fallocate+0x400/0x400 [ 839.483979] do_vfs_ioctl+0x1de/0x1720 [ 839.487869] ? ioctl_preallocate+0x300/0x300 [ 839.492278] ? __fget_light+0x2f7/0x440 [ 839.496240] ? fget_raw+0x20/0x20 [ 839.499698] ? trace_hardirqs_on+0xd/0x10 [ 839.503834] ? kmem_cache_free+0x22e/0x2d0 [ 839.508073] ? putname+0xf7/0x130 [ 839.511525] ? do_sys_open+0x3cb/0x720 [ 839.515415] ? security_file_ioctl+0x94/0xc0 [ 839.519813] ksys_ioctl+0xa9/0xd0 [ 839.523281] __x64_sys_ioctl+0x73/0xb0 [ 839.527161] do_syscall_64+0x1b9/0x820 [ 839.531062] ? finish_task_switch+0x1d3/0x870 [ 839.535544] ? syscall_return_slowpath+0x5e0/0x5e0 [ 839.540462] ? syscall_return_slowpath+0x31d/0x5e0 [ 839.545380] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 839.550397] ? prepare_exit_to_usermode+0x291/0x3b0 [ 839.555411] ? perf_trace_sys_enter+0xb10/0xb10 [ 839.560080] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 839.564927] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 839.570103] RIP: 0033:0x455c97 [ 839.573360] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7d bb fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 839.592566] RSP: 002b:00007f413f26ea88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 839.600388] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000455c97 [ 839.607769] RDX: 0000000000000014 RSI: 0000000000004c00 RDI: 0000000000000015 [ 839.615043] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 839.622399] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 [ 839.629663] R13: 0000000000000001 R14: 00000000004d3f40 R15: 0000000000000010 [ 839.645547] FAT-fs (loop7): Directory bread(block 2563) failed [ 839.651887] FAT-fs (loop7): Directory bread(block 2564) failed [ 839.659397] FAT-fs (loop7): Directory bread(block 2565) failed 03:38:52 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x2000) 03:38:52 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020000686f786e6574302d232f70726f6300") 03:38:52 executing program 7 (fault-call:0 fault-nth:17): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010a0200027400f801", 0x17}], 0x0, &(0x7f00000001c0)) [ 839.666036] FAT-fs (loop7): Directory bread(block 2566) failed [ 839.672283] FAT-fs (loop7): Directory bread(block 2567) failed [ 839.678639] FAT-fs (loop7): Directory bread(block 2568) failed [ 839.685082] FAT-fs (loop7): Directory bread(block 2569) failed [ 839.691450] FAT-fs (loop7): Directory bread(block 2570) failed [ 839.697715] FAT-fs (loop7): Directory bread(block 2571) failed [ 839.704197] FAT-fs (loop7): Directory bread(block 2572) failed 03:38:52 executing program 6: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000740)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000013e95), 0x4) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000140)={0x0, @in6={{0x2, 0x0, 0x0, @mcast1={0xff, 0x1, [], 0x1}, 0xf401000000000000}}}, 0x98) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000140)=0xd) close(r0) 03:38:52 executing program 0: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x0, 0x0) ioctl$BLKGETSIZE(r0, 0x1260, &(0x7f0000000040)) r1 = socket$inet6(0xa, 0x7, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r2 = socket$key(0xf, 0x3, 0x2) set_tid_address(&(0x7f0000000080)) sendmsg$key(r2, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x0) 03:38:52 executing program 5: r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='^@\x00', 0xffffffffffffff9c}, 0x10) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000080)={0x5, [0x0, 0x0, 0x0, 0x0, 0x0]}, &(0x7f00000000c0)=0x18) r1 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000100)={r2, @in6={{0xa}}, 0x0, 0x0, 0x1}, 0x98) [ 839.792879] FAULT_INJECTION: forcing a failure. [ 839.792879] name failslab, interval 1, probability 0, space 0, times 0 [ 839.804717] CPU: 1 PID: 14209 Comm: syz-executor7 Not tainted 4.18.0-rc3-next-20180709+ #2 [ 839.813138] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 839.822517] Call Trace: [ 839.825119] dump_stack+0x1c9/0x2b4 [ 839.828810] ? dump_stack_print_info.cold.2+0x52/0x52 [ 839.834231] ? radix_tree_iter_tag_clear+0x97/0xd0 03:38:52 executing program 5: ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") pipe(&(0x7f0000000000)={0xffffffffffffffff}) ioctl$SNDRV_SEQ_IOCTL_PVERSION(r0, 0x80045300, &(0x7f0000000040)) r1 = socket$inet6_udp(0xa, 0x2, 0x0) write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000540)={{0x7f, 0x45, 0x4c, 0x46, 0x4, 0x7f70, 0x1, 0x0, 0x2, 0x2, 0x3f, 0x80, 0x262, 0x40, 0xb3, 0x4, 0x3f, 0x38, 0x2, 0x5, 0xfff, 0x70c}, [{0x0, 0xffff, 0x9, 0x2, 0xfffffffffffffff9, 0x8, 0x8}, {0x0, 0x3, 0x100000000, 0x401, 0x200, 0x3, 0x4}], "09066cf014335208ed74bbf4c777c148fb9610e06d", [[], [], [], [], [], []]}, 0x6c5) setsockopt$inet6_int(r1, 0x29, 0x100000000000048, &(0x7f0000000500)=0x2, 0x4) pwrite64(r0, &(0x7f0000000080)="effa89cb5a277745af64afd64a3fa13b42f28a1f4f0d8445902555d5633a907a463e5a585864774b1b540cca0293e0de5a8535f6876c9c1a1bf3df97642a27ea217438b04575a6fc50b51eea93f9a6ad76d792491551641203e6ab40b9dd02616861e10e929dd77393bc9d213c099332e5c4c7cf8a95e5d66644acc7a150b0a307a6cfe9fa0b0dfd", 0x88, 0x0) [ 839.839345] ? radix_tree_iter_replace+0x49/0x60 [ 839.844128] should_fail.cold.4+0xa/0x11 [ 839.848219] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 839.853958] ? kasan_check_write+0x14/0x20 [ 839.858229] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 839.863266] ? lock_downgrade+0x8f0/0x8f0 [ 839.867635] ? wait_for_completion+0x8d0/0x8d0 [ 839.872246] ? kasan_check_read+0x11/0x20 [ 839.876448] ? do_raw_spin_unlock+0xa7/0x2f0 [ 839.880895] ? kasan_check_write+0x14/0x20 [ 839.885160] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 839.890111] ? kasan_check_write+0x14/0x20 [ 839.894371] ? wait_for_completion+0x8d0/0x8d0 [ 839.898985] ? kasan_check_write+0x14/0x20 [ 839.903245] ? __kernfs_new_node+0x426/0x5a0 [ 839.907705] ? lock_acquire+0x1e4/0x540 [ 839.911708] ? fs_reclaim_acquire+0x20/0x20 [ 839.916230] ? lock_downgrade+0x8f0/0x8f0 [ 839.920583] ? kernfs_walk_and_get_ns+0x340/0x340 [ 839.925449] ? check_same_owner+0x340/0x340 [ 839.929797] ? rcu_note_context_switch+0x730/0x730 [ 839.934743] __should_failslab+0x124/0x180 [ 839.939028] should_failslab+0x9/0x14 [ 839.942825] kmem_cache_alloc_trace+0x2cb/0x780 [ 839.947592] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 839.953243] ? sysfs_add_file_mode_ns+0x22c/0x560 [ 839.958171] ? sysfs_add_file_mode_ns+0x23c/0x560 [ 839.963048] ? device_create_file+0x1e0/0x1e0 [ 839.967559] kobject_uevent_env+0x20f/0x1110 [ 839.971987] ? internal_create_group+0x39a/0x9e0 [ 839.976753] ? do_raw_spin_lock+0xc1/0x200 [ 839.980992] kobject_uevent+0x1f/0x30 [ 839.984791] lo_ioctl+0x133d/0x1d00 [ 839.988422] ? lo_rw_aio_complete+0x450/0x450 [ 839.992915] blkdev_ioctl+0x9cd/0x2030 [ 839.996809] ? lock_acquire+0x1e4/0x540 [ 840.000787] ? blkpg_ioctl+0xc40/0xc40 [ 840.004672] ? lock_release+0xa30/0xa30 [ 840.008652] ? save_stack+0xa9/0xd0 [ 840.012270] ? save_stack+0x43/0xd0 [ 840.015902] ? __fget+0x4d5/0x740 [ 840.019376] ? ksys_dup3+0x690/0x690 [ 840.023108] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 840.027677] ? kasan_check_write+0x14/0x20 [ 840.031912] ? do_raw_spin_lock+0xc1/0x200 [ 840.036152] block_ioctl+0xee/0x130 [ 840.039781] ? blkdev_fallocate+0x400/0x400 03:38:53 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000080)='/dev/uinput\x00', 0x200, 0x0) connect$llc(r1, &(0x7f00000000c0)={0x1a, 0x324, 0x8, 0x78, 0x2, 0x8, @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}}, 0x10) r2 = socket$inet(0x10, 0x2, 0x0) sendmsg(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000140)="24000000150007031dfffd946f61830002200a00090000e7fe1c40000c1ba3a20400ff7e", 0x24}], 0x1}, 0x0) setsockopt$bt_hci_HCI_FILTER(r1, 0x0, 0x2, &(0x7f00000001c0)={0x8001, 0x2, 0x0, 0x4}, 0x10) accept4$llc(r1, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @link_local}, &(0x7f0000000180)=0x10, 0x800) 03:38:53 executing program 5: r0 = syz_open_dev$sndpcmc(&(0x7f0000001fee)='/dev/snd/pcmC#D#c\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000080)=ANY=[@ANYRES32=0x0, @ANYBLOB="0d00e30092102bc652a8ed00005223a889fbedc9dc42e4cc"], &(0x7f00000000c0)=0x15) preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000009f7c)=""/132, 0xfebd}, {&(0x7f0000012000)=""/252, 0xfc}, {&(0x7f0000012000)=""/155, 0xffffffffffffffba}, {&(0x7f0000009000)=""/11, 0xb}, {&(0x7f0000000000)=""/102, 0x66}], 0x5, 0x0) ioctl(r0, 0xc2604110, &(0x7f0000000000)) [ 840.044100] do_vfs_ioctl+0x1de/0x1720 [ 840.047992] ? ioctl_preallocate+0x300/0x300 [ 840.052412] ? __fget_light+0x2f7/0x440 [ 840.056400] ? fget_raw+0x20/0x20 [ 840.059877] ? trace_hardirqs_on+0xd/0x10 [ 840.064045] ? kmem_cache_free+0x22e/0x2d0 [ 840.068286] ? putname+0xf7/0x130 [ 840.071801] ? do_sys_open+0x3cb/0x720 [ 840.075725] ? security_file_ioctl+0x94/0xc0 [ 840.080144] ksys_ioctl+0xa9/0xd0 [ 840.083631] __x64_sys_ioctl+0x73/0xb0 [ 840.087525] do_syscall_64+0x1b9/0x820 [ 840.090947] netlink: 12 bytes leftover after parsing attributes in process `syz-executor2'. [ 840.091414] ? finish_task_switch+0x1d3/0x870 [ 840.091430] ? syscall_return_slowpath+0x5e0/0x5e0 [ 840.091448] ? syscall_return_slowpath+0x31d/0x5e0 [ 840.114398] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 840.118541] netlink: 12 bytes leftover after parsing attributes in process `syz-executor2'. [ 840.119431] ? prepare_exit_to_usermode+0x291/0x3b0 [ 840.119447] ? perf_trace_sys_enter+0xb10/0xb10 [ 840.119466] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 840.142597] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 840.142608] RIP: 0033:0x455c97 [ 840.142612] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7d bb fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 840.142826] RSP: 002b:00007f413f26ea88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 840.142839] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000455c97 [ 840.142847] RDX: 0000000000000014 RSI: 0000000000004c00 RDI: 0000000000000015 [ 840.142854] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 840.142862] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 [ 840.142870] R13: 0000000000000001 R14: 00000000004d3f40 R15: 0000000000000011 [ 840.150255] FAT-fs (loop7): Directory bread(block 2563) failed [ 840.150278] FAT-fs (loop7): Directory bread(block 2564) failed [ 840.150295] FAT-fs (loop7): Directory bread(block 2565) failed [ 840.150311] FAT-fs (loop7): Directory bread(block 2566) failed [ 840.150327] FAT-fs (loop7): Directory bread(block 2567) failed [ 840.150412] FAT-fs (loop7): Directory bread(block 2568) failed [ 840.150429] FAT-fs (loop7): Directory bread(block 2569) failed [ 840.150445] FAT-fs (loop7): Directory bread(block 2570) failed [ 840.150463] FAT-fs (loop7): Directory bread(block 2571) failed 03:38:53 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) truncate(&(0x7f0000000040)='./file0\x00', 0x3) sendmsg$nl_generic(r0, &(0x7f0000018000)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f000000e000)={&(0x7f00000016c0)={0x14, 0x1d, 0xffffffff0000000d, 0x0, 0x0, {0x7592da1f}}, 0x14}, 0x1}, 0x0) 03:38:53 executing program 5: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000fc7000)={0x5, 0x57, 0x4000000000080, 0x2}, 0x2c) r1 = socket$inet6(0xa, 0x806, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000fcb000)={r0, &(0x7f0000fcbfff)='X', &(0x7f0000172000)}, 0x20) bpf$MAP_UPDATE_ELEM(0x4, &(0x7f000051e000)={r0, &(0x7f0000000140)="725af6cb621af237558e4715c0fb8afe33f80019ce1d4e3772ef05b05b5b73b3a28586ba262b44ef9b45d2a7360193f5f865fb884cf16028c16a2246275fe1dcf29fe8f82a935a8df499618ab508c27d3d3861c6be5196ea59dabdfcc4dc8271275441152ba3cac6738a397aa4cea53e915fb43046903f52d3ee3019e5ac8b5c869e288b468691132ee7dbe2a5da094d8b471b7f67a85df0f91debd643ac900fd0f3fbf018cc173f4ffdbc10a46514deb5f035b31f03f5541f823777c0f898940bb29a190a164671293089f80a8304edddd92c4881f020b053d300bd3ea77c802a4d06dbd5bdc66c23b2e3bd4f949dd8bc5f39714e66476bff1d506077d71d5fe43deffbbea6ec8139b28d37ba0351fd43637a2d5712e3f4ca8bf9f792611e784034226ed54a2af01429435747dfc4c14e7906d5f3965ec1c49612c604eb7e51f197dd4c0c6d35bf8b52b3"}, 0x20) munlock(&(0x7f0000ff9000/0x4000)=nil, 0x4000) ioctl$KVM_GET_CPUID2(r0, 0xc008ae91, &(0x7f0000000000)={0x4, 0x0, [{}, {}, {}, {}]}) 03:38:53 executing program 2: r0 = socket$inet_smc(0x2b, 0x1, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000000)='attr/keycreate\x00') ioctl$TUNGETFILTER(r1, 0x801054db, &(0x7f0000000400)=""/237) write$P9_RREADDIR(r1, &(0x7f0000000240)={0xc5, 0x29, 0x1, {0x3, [{{0x31, 0x0, 0x1}, 0xfff, 0x800, 0x7, './file0'}, {{0x8, 0x4}, 0xd6, 0xddf, 0x7, './file0'}, {{0x80, 0x3, 0x4}, 0x9, 0x10001, 0x7, './file0'}, {{0x8, 0x2, 0x3}, 0xfff, 0x800000000000000, 0x7, './file0'}, {{0x29, 0x1, 0x2}, 0x0, 0x40, 0x7, './file0'}, {{0x20, 0x0, 0x7}, 0x80000001, 0x7, 0x7, './file0'}]}}, 0xc5) getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000080)={{{@in=@remote, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@dev}, 0x0, @in6=@mcast1}}, &(0x7f0000000180)=0xe8) clock_gettime(0x0, &(0x7f0000000380)={0x0, 0x0}) rt_sigtimedwait(&(0x7f0000000040)={0x3}, &(0x7f0000000340), &(0x7f00000003c0)={r3, r4+30000000}, 0x8) bind(r0, &(0x7f00000001c0)=@can={0x1d, r2}, 0x59) 03:38:53 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="0200000a6f786e6574302d232f70726f6300") [ 840.150537] FAT-fs (loop7): Directory bread(block 2572) failed 03:38:53 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000003f80)=[{{&(0x7f0000000080)=@can, 0x80, &(0x7f00000001c0)}}], 0x1, 0x0, &(0x7f0000004000)={0x77359400}) ioctl$sock_FIOGETOWN(0xffffffffffffff9c, 0x8903, &(0x7f0000000140)=0x0) ioprio_set$pid(0x3, r0, 0x200) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000005a00)={&(0x7f0000000180)={0x10}, 0xc, &(0x7f00000059c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="2400000026000102000000000000000000000000", @ANYBLOB="00000000bd"], 0x2}, 0x1}, 0x0) r1 = fcntl$dupfd(0xffffffffffffffff, 0x406, 0xffffffffffffffff) ioctl$KVM_INTERRUPT(r1, 0x4004ae86, &(0x7f0000000000)=0x5) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r1, 0xc0045540, &(0x7f0000000100)=0x8) 03:38:53 executing program 7 (fault-call:0 fault-nth:18): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010a0200027400f801", 0x17}], 0x0, &(0x7f00000001c0)) 03:38:53 executing program 0: r0 = creat(&(0x7f0000000140)='./file0\x00', 0x1c5) ioctl$PPPIOCSFLAGS(r0, 0x40047459, &(0x7f0000000100)=0x100000) socket$inet6(0xa, 0x1000000000002, 0x0) r1 = socket$key(0xf, 0x3, 0x2) ioctl(r1, 0x8912, &(0x7f00000000c0)="03000000b875e4d4d18ea56422") r2 = socket$key(0xf, 0x3, 0x2) r3 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x4, 0x100) bind$pptp(r3, &(0x7f0000000040)={0x18, 0x2, {0x3, @rand_addr}}, 0x1e) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYRESOCT=r2], 0x17}, 0x1}, 0x0) 03:38:53 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f0000000040), &(0x7f0000000080)=0x4) sendmsg$nl_route(r0, &(0x7f0000d1d000)={&(0x7f0000d89ff4)={0x10}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="3000000013000103000000000000000000000000", @ANYRES32=0x0, @ANYBLOB="000000000000000008001c00", @ANYRES32, @ANYBLOB="4855101f", @ANYRES32=0x0], 0x6}, 0x1}, 0x0) ioctl$RTC_RD_TIME(r2, 0x80247009, &(0x7f0000000140)) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r1, 0x10e, 0x1, &(0x7f0000000200)=0xf, 0x4) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000ffe000/0x2000)=nil, 0x2000}, 0x1}) write$cgroup_type(r1, &(0x7f0000000100)='threaded\x00', 0xffffffffffffff29) [ 840.369074] FAULT_INJECTION: forcing a failure. [ 840.369074] name failslab, interval 1, probability 0, space 0, times 0 [ 840.380713] CPU: 0 PID: 14261 Comm: syz-executor7 Not tainted 4.18.0-rc3-next-20180709+ #2 [ 840.389928] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 840.389933] Call Trace: [ 840.389956] dump_stack+0x1c9/0x2b4 [ 840.389978] ? dump_stack_print_info.cold.2+0x52/0x52 [ 840.410869] ? is_bpf_text_address+0xd7/0x170 03:38:53 executing program 5: r0 = socket$inet6(0xa, 0x400000000001, 0x0) socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="02f1cfe30e8c5a5cc83d6d3e5b8f400070e3ecb23c027333c4039460563a6dc2b76b466e27520f266185c9ce12489cb4a4687e0d5c4a33958dcaca2e194feb504516ee986ce0a7fdd044879e8beac33fa18bd05084fcfc7545d501d1fbeb52377bb9c10baf4ad8686dcea2e0251434fa5765f1558d27b105fe5a79c566b293684b406636d85a7002be4dd146a1a7f7b8889432df227400f7c0") ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={"626f6e3f68000100d619c55a989fe565"}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000001c0)={'bond0\x00', 0xfff}) 03:38:53 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) socketpair(0x1f, 0x1, 0x5, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffff9c, 0x84, 0x7c, &(0x7f0000000100)={0x0, 0xb0f5, 0x7}, &(0x7f0000000140)=0x8) getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r1, 0x84, 0x1b, &(0x7f00000001c0)={r3, 0xa9, "6205e165be9acbc80b4e7c01b80e712765c1edc2843223330726f6b74be72772157ba16fd11c875210b24a3d2d2accf01a59db45abc75ce28950a94bb606326e9d8329ee2a16c5d58a62f052ec844ca5862eb6aa1a301736ddc59ea12e313f4193d7df52f84fc8106a51ba3f344ac3c274efdd067f424cb36fdd11256c1f58ad4c697ab4cda5fb4cb8e9482d391c60bb732d9784cd38cb913cb2149e0bb9e9e262787d487656b76bd6"}, &(0x7f0000000280)=0xb1) recvmmsg(r0, &(0x7f0000003f80)=[{{&(0x7f0000000080)=@can, 0x80, &(0x7f00000001c0)}}], 0x1, 0x0, &(0x7f0000004000)={0x77359400}) write$P9_RRENAME(r2, &(0x7f00000002c0)={0x7, 0x15, 0x1}, 0x7) sendmsg$nl_route_sched(r0, &(0x7f0000005a00)={&(0x7f0000000180)={0x10}, 0xc, &(0x7f00000059c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="2400000026000102000000000000000000000000", @ANYBLOB="00000000bd"], 0x2}, 0x1}, 0x0) [ 840.415560] should_fail.cold.4+0xa/0x11 [ 840.419639] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 840.424779] ? save_stack+0xa9/0xd0 [ 840.428423] ? save_stack+0x43/0xd0 [ 840.432076] ? kasan_kmalloc+0xc4/0xe0 [ 840.436085] ? kmem_cache_alloc_trace+0x152/0x780 [ 840.436100] ? kobject_uevent_env+0x20f/0x1110 [ 840.436112] ? kobject_uevent+0x1f/0x30 [ 840.436128] ? lo_ioctl+0x133d/0x1d00 [ 840.436141] ? blkdev_ioctl+0x9cd/0x2030 [ 840.436152] ? block_ioctl+0xee/0x130 [ 840.436164] ? do_vfs_ioctl+0x1de/0x1720 [ 840.436174] ? ksys_ioctl+0xa9/0xd0 [ 840.436186] ? __x64_sys_ioctl+0x73/0xb0 [ 840.436200] ? do_syscall_64+0x1b9/0x820 [ 840.436214] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 840.436229] ? kasan_check_write+0x14/0x20 [ 840.436248] ? lock_acquire+0x1e4/0x540 [ 840.436262] ? fs_reclaim_acquire+0x20/0x20 [ 840.436276] ? lock_downgrade+0x8f0/0x8f0 [ 840.436293] ? check_same_owner+0x340/0x340 [ 840.436307] ? lock_release+0xa30/0xa30 [ 840.436319] ? rcu_note_context_switch+0x730/0x730 [ 840.436335] __should_failslab+0x124/0x180 [ 840.436349] should_failslab+0x9/0x14 [ 840.436360] __kmalloc+0x2c8/0x760 [ 840.436374] ? kobject_get_path+0xc2/0x1a0 [ 840.436388] kobject_get_path+0xc2/0x1a0 [ 840.436404] kobject_uevent_env+0x234/0x1110 [ 840.436418] ? internal_create_group+0x39a/0x9e0 [ 840.436431] ? do_raw_spin_lock+0xc1/0x200 [ 840.436448] kobject_uevent+0x1f/0x30 [ 840.436464] lo_ioctl+0x133d/0x1d00 [ 840.436482] ? lo_rw_aio_complete+0x450/0x450 [ 840.436495] blkdev_ioctl+0x9cd/0x2030 [ 840.436506] ? lock_acquire+0x1e4/0x540 [ 840.436521] ? blkpg_ioctl+0xc40/0xc40 [ 840.573175] ? lock_release+0xa30/0xa30 [ 840.577157] ? save_stack+0xa9/0xd0 [ 840.580799] ? save_stack+0x43/0xd0 [ 840.584416] ? __fget+0x4d5/0x740 [ 840.587875] ? ksys_dup3+0x690/0x690 [ 840.591581] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 840.596167] ? kasan_check_write+0x14/0x20 [ 840.600421] ? do_raw_spin_lock+0xc1/0x200 [ 840.604670] block_ioctl+0xee/0x130 [ 840.608314] ? blkdev_fallocate+0x400/0x400 [ 840.612644] do_vfs_ioctl+0x1de/0x1720 [ 840.616535] ? ioctl_preallocate+0x300/0x300 [ 840.620931] ? __fget_light+0x2f7/0x440 [ 840.624902] ? fget_raw+0x20/0x20 [ 840.628349] ? trace_hardirqs_on+0xd/0x10 [ 840.632495] ? kmem_cache_free+0x22e/0x2d0 [ 840.636736] ? putname+0xf7/0x130 [ 840.640179] ? do_sys_open+0x3cb/0x720 [ 840.644053] ? security_file_ioctl+0x94/0xc0 [ 840.648449] ksys_ioctl+0xa9/0xd0 [ 840.651908] __x64_sys_ioctl+0x73/0xb0 [ 840.655940] do_syscall_64+0x1b9/0x820 [ 840.659820] ? finish_task_switch+0x1d3/0x870 [ 840.664339] ? syscall_return_slowpath+0x5e0/0x5e0 [ 840.669341] ? syscall_return_slowpath+0x31d/0x5e0 [ 840.674271] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 840.679278] ? prepare_exit_to_usermode+0x291/0x3b0 [ 840.684380] ? perf_trace_sys_enter+0xb10/0xb10 [ 840.689133] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 840.693984] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 840.699194] RIP: 0033:0x455c97 [ 840.702366] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7d bb fb ff c3 66 2e 0f 1f 84 00 00 00 00 03:38:53 executing program 6: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000740)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000013e95), 0x4) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000140)={0x0, @in6={{0x2, 0x0, 0x0, @mcast1={0xff, 0x1, [], 0x1}, 0x3000000}}}, 0x98) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000140)=0xd) close(r0) 03:38:53 executing program 1: r0 = socket$inet6(0xa, 0x3, 0x8001000000002c) ioctl$RNDZAPENTCNT(r0, 0x5204, &(0x7f0000000000)=0xffffffffffffffa0) syz_emit_ethernet(0x2a, &(0x7f0000000040)={@random="2cd93b61946e", @empty, [], {@arp={0x806, @ether_ipv4={0x1, 0x800, 0x6, 0x4, 0x0, @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @empty, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], @dev={0xac, 0x14, 0x14}}}}}, &(0x7f0000000080)) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast1={0xff, 0x1, [], 0x1}, 0xffffffffffffffff}, 0x1c) sendmsg(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)=[{0x68, 0x13f, 0xffff, "80d8720e03539d302b4e3bd54c534ef3e05be978728babb31cb9d5aff6a18df2da8c855a6d107c37dcff4789a4aaec2887ab82627d7ff6d9e1437bac9ace75f0b84fc7004ccda2cf396ad64e5191bf11dd81"}], 0x68}, 0x0) 03:38:53 executing program 1: open(&(0x7f00000001c0)='./file0\x00', 0x101142, 0x0) pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) mount$9p_fd(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='9p\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB="2c6e6f6465766d61702c00883668b959845c382a366f4cc2f28a1c26d91bfa3e16c33174a6d30a8d65272282fe51fb8017768c0d4f67a90e6c9827b3d4ac5b"]) [ 840.721594] RSP: 002b:00007f413f26ea88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 840.729600] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000455c97 [ 840.736989] RDX: 0000000000000014 RSI: 0000000000004c00 RDI: 0000000000000015 [ 840.744353] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 840.751642] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 [ 840.759033] R13: 0000000000000001 R14: 00000000004d3f40 R15: 0000000000000012 03:38:53 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020000066f786e6574302d232f70726f6300") 03:38:53 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) r2 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000200)='/dev/cuse\x00', 0x600, 0x0) setsockopt$inet_tcp_buf(r2, 0x6, 0xd, &(0x7f0000000240)="abec4aab246af59a23963927e79fc3669255a3", 0x13) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000000000)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300900000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2830d6d78b65399fae655b32d7c6cff23083fd0cf3a6ec25dac2634c2b117"], 0x60}, 0x1}, 0x0) [ 840.769588] FAT-fs (loop7): Directory bread(block 2563) failed [ 840.775797] FAT-fs (loop7): Directory bread(block 2564) failed [ 840.782823] FAT-fs (loop7): Directory bread(block 2565) failed [ 840.809685] FAT-fs (loop7): Directory bread(block 2566) failed 03:38:53 executing program 1: r0 = socket(0xa, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@broute={'broute\x00', 0x20, 0x2, 0x288, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000480], 0x0, &(0x7f0000000000), &(0x7f0000000480)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff010000001100000000000000000065716c0000000000000000000000000079616d3000000000001c0000000000007465020000000000200000000008000076657468315f746f5f7465616d000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000b0000000b0000000e000000074696d650000000000000000000000000000000000000200000000000000000018000000000000000000000000000000000000002177010000000000000200004e465155455545000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000001000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000001000000ffffffff01000000050000000000000000007665746830000000000000000000000067726530000000000000000000000000626f6e645f736c6176655f300000000064756d6d793000000000000000000000221f1cf52862000000000000aaaaaaaaaa0000000000000000007000000070000000e80000006e666c6f670000000000000000000000000000000000000000000000000000005000000000000000000000000000000000000000c08e36751842cab380434dc086c938639570fbfa40dce636424fa87c9ad03f9063959cccf655bd32af6f9623f131fb264cb97297cd6b8dc712f5baf56e808e9c00000000"]}, 0x300) ioctl$sock_inet_SIOCGIFNETMASK(r0, 0x891b, &(0x7f00000000c0)={'team0\x00', {0x2, 0x4e20, @local={0xac, 0x14, 0x14, 0xaa}}}) 03:38:53 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020000026f786e6574302d232f70726f6300") [ 840.840317] FAT-fs (loop7): Directory bread(block 2567) failed [ 840.873829] FAT-fs (loop7): Directory bread(block 2568) failed 03:38:53 executing program 5: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zero\x00', 0x8000, 0x0) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00', r0}, 0x10) r1 = memfd_create(&(0x7f00000000c0)='dev ', 0x0) fallocate(r0, 0x1, 0xa61, 0x1) socket$nl_xfrm(0x10, 0x3, 0x6) fallocate(r1, 0x0, 0x7, 0x4) fallocate(r1, 0x0, 0xa7b3, 0x1) pwritev(r1, &(0x7f00000002c0)=[{&(0x7f00000001c0)='\a', 0x1}], 0x1, 0x0) lseek(r0, 0x0, 0x3) r2 = accept$inet6(r1, &(0x7f0000000100)={0x0, 0x0, 0x0, @local}, &(0x7f0000000140)=0x1c) ioctl$FIDEDUPERANGE(r0, 0xc0189436, &(0x7f0000000300)=ANY=[@ANYBLOB="7fffff0300000000000000c4d972d98d3f5f8583619fd1f073de8828dd1bba5d0255", @ANYRES32=r1, @ANYBLOB='\x00\x00\x00\x00\b\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00', @ANYRES32=r2, @ANYBLOB="00000000060000000000000000000000000000000000000000000000", @ANYRES32=r1, @ANYBLOB="00000000030000000000000000000000000000000000000000000000"]) syz_mount_image$btrfs(&(0x7f0000000240)='btrfs\x00', &(0x7f0000000280)='./file0\x00', 0x6, 0x6, &(0x7f0000000780)=[{&(0x7f00000003c0)="01b663b32982fe299f43ad02381f070fcae1f53b3b1283c61b08f17893b27b3e5b041750af96deb311d48b5cd3a1d04bd4f620c4ec4ca029f2925c38d430f25a5ccaaac8e4098cd6c73cceed346ea0a162ddeba93141208829c50f2c75b47d1f32a3f2bcfb", 0x65, 0x9c}, {&(0x7f0000000440)="a9ba61a884c0a28c8a19be72471b9496e4b02f78bf530598d4cf6dd4c2c4eac3d41af90378ba250d3cfc7d91928475f996e09cb6a0a31a9a608713f7b4b47a6a80efe8e3f5717a1c75555ee404577ebbdc515162bd6f383b741a1b13df9b44aaa5f4abb3aef751f9a8563a265eb7fab7fa16d01c940cd37df35bf533299a00fa61eb3d63d756cc6b21b98f3289847774bcb2b6afcdbf0c8adb63c46a66f213f8da95c65656448b652e8058a264a95f96a16b487601ba50ab3dd1d19761aa986f4c3afc973d5b95c5e175002711cc4b6de7c0a346c049573fa6", 0xd9, 0x200}, {&(0x7f0000000540)="d3e7f879e066c2212a7e913297a1e9d504c20b4b667551151c372d0513ecc9dfb3e4e03863974be14101febf804f4eb0df4faa1879b518e225729b36773decdf8847362fd870e020ada6d10a6f07166f4109bc8f7b2af16ec7ac11e85b8b21431c9da5e17a31e04ec6ebd467e1cc6a482c08ee8ad02edf3db6d683213aa323b6951bcdb42d5f0de36e8f51033d93af34ef5827253f55293f6abde07a544eaf5db4c5", 0xa2, 0x8}, {&(0x7f0000000600)="0529ae3e1c1733cd9722dc4f173731a69a7997fb617516881cfcf22205", 0x1d, 0x4d1}, {&(0x7f0000000640)="997b3b349746ca22138d0b9c130067ff0de8b0a30916e920e2d642e11cac0bc66ebe17a671bcaaac09cd76739bdc46e77a5346086656d5dfe6033e9478d7004a030608d49e5c2d09e8c04ac9c13e35d0c1", 0x51, 0x1}, {&(0x7f00000006c0)="a188d5db38401e7da79f441d0ee9f889122e299452d6891b54f11ffbb445cadc6502b80b1805f76f4b6ddf39e512e0f8bc7a6df675e3a0f8a376b710a3e7a738ac6c12f7f0712014d03f9e624f40979e752a02ee46b33bbcba7524aad58caf2c5db9f9fb291e9eb6d187d4e50ddb20b9c634dc51425215ee0067c92ef3d0e14a4d9126bdfc4f65", 0x87, 0x5}], 0x1008000, &(0x7f0000000840)={[{@compress_force_algo={'compress-force', 0x3d, 'lzo'}, 0x2c}]}) lseek(r1, 0x0, 0x4) accept4$bt_l2cap(r1, &(0x7f0000000180), &(0x7f0000000200)=0xe, 0x80800) [ 840.887708] FAT-fs (loop7): Directory bread(block 2569) failed [ 840.907984] FAT-fs (loop7): Directory bread(block 2570) failed [ 840.923162] FAT-fs (loop7): Directory bread(block 2571) failed [ 840.939873] xt_time: invalid argument - start or stop time greater than 23:59:59 [ 840.942460] FAT-fs (loop7): Directory bread(block 2572) failed [ 841.003204] xt_time: invalid argument - start or stop time greater than 23:59:59 03:38:54 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020000036f786e6574302d232f70726f6300") 03:38:54 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) getsockopt$inet6_buf(r0, 0x29, 0x2c, &(0x7f0000000000)=""/157, &(0x7f00000000c0)=0x9d) fcntl$dupfd(r1, 0x406, r1) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x0) 03:38:54 executing program 5: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f00000007c0)='/dev/ppp\x00', 0x101002, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000b94000)=""/246) ioctl$PPPIOCSFLAGS(r0, 0x40047459, &(0x7f0000000140)=0x64020d) pread64(r0, &(0x7f0000000000)=""/103, 0x67, 0x0) write$binfmt_elf64(r0, &(0x7f00000000c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x38}, [{}]}, 0x78) ioctl$SNDRV_SEQ_IOCTL_SYSTEM_INFO(r0, 0xc0305302, &(0x7f0000000080)={0x200, 0xd11, 0x4833, 0x0, 0xfffffffffffffff9, 0x3ff}) 03:38:54 executing program 2: syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x1, &(0x7f00000000c0)=[{&(0x7f0000010000)="000100000008000081000000c9030000f4000204000000000000000000000000482000000020000000010000000000016e5fbe5a0000ffff53ef", 0x3a, 0x400}], 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='w']) 03:38:54 executing program 7 (fault-call:0 fault-nth:19): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010a0200027400f801", 0x17}], 0x0, &(0x7f00000001c0)) 03:38:54 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f00000002c0)={0x26, 'hash\x00', 0x0, 0x0, 'sha224-ssse3\x00'}, 0x58) r2 = accept$alg(r1, 0x0, 0x0) sendmmsg$alg(r2, &(0x7f0000003e80)=[{0x0, 0x0, &(0x7f0000002a80), 0x0, &(0x7f0000000100)}], 0x1, 0x0) recvmmsg(r2, &(0x7f0000001280)=[{{&(0x7f0000000ec0)=@nl=@proc, 0x80, &(0x7f0000001180)=[{&(0x7f0000001080)=""/251, 0xfb}], 0x11, &(0x7f00000011c0)=""/157, 0x9d}}], 0x1500, 0x0, &(0x7f0000001380)={0x77359400}) [ 841.292207] FAULT_INJECTION: forcing a failure. [ 841.292207] name failslab, interval 1, probability 0, space 0, times 0 [ 841.303730] CPU: 1 PID: 14348 Comm: syz-executor7 Not tainted 4.18.0-rc3-next-20180709+ #2 [ 841.312150] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 841.321516] Call Trace: [ 841.324144] dump_stack+0x1c9/0x2b4 [ 841.327795] ? dump_stack_print_info.cold.2+0x52/0x52 [ 841.332998] ? is_bpf_text_address+0xd7/0x170 [ 841.337527] should_fail.cold.4+0xa/0x11 [ 841.341781] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 841.346919] ? save_stack+0xa9/0xd0 [ 841.350572] ? save_stack+0x43/0xd0 [ 841.354214] ? kasan_kmalloc+0xc4/0xe0 [ 841.358288] ? kmem_cache_alloc_trace+0x152/0x780 [ 841.363225] ? kobject_uevent_env+0x20f/0x1110 [ 841.368365] ? kobject_uevent+0x1f/0x30 [ 841.372348] ? blkdev_ioctl+0x9cd/0x2030 [ 841.376503] ? block_ioctl+0xee/0x130 [ 841.380483] ? do_vfs_ioctl+0x1de/0x1720 [ 841.384839] ? ksys_ioctl+0xa9/0xd0 [ 841.388734] ? __x64_sys_ioctl+0x73/0xb0 [ 841.392807] ? do_syscall_64+0x1b9/0x820 [ 841.396887] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 841.402346] ? lock_acquire+0x1e4/0x540 [ 841.406356] ? fs_reclaim_acquire+0x20/0x20 [ 841.410686] ? lock_downgrade+0x8f0/0x8f0 [ 841.414853] ? check_same_owner+0x340/0x340 [ 841.419185] ? do_raw_spin_unlock+0xa7/0x2f0 [ 841.423599] ? rcu_note_context_switch+0x730/0x730 [ 841.428540] __should_failslab+0x124/0x180 [ 841.432958] should_failslab+0x9/0x14 [ 841.436770] __kmalloc+0x2c8/0x760 [ 841.440320] ? kobject_get_path+0xc2/0x1a0 [ 841.444592] kobject_get_path+0xc2/0x1a0 [ 841.448671] kobject_uevent_env+0x234/0x1110 [ 841.453087] ? internal_create_group+0x39a/0x9e0 [ 841.457848] ? do_raw_spin_lock+0xc1/0x200 [ 841.462109] kobject_uevent+0x1f/0x30 [ 841.465917] lo_ioctl+0x133d/0x1d00 [ 841.469553] ? lo_rw_aio_complete+0x450/0x450 [ 841.474167] blkdev_ioctl+0x9cd/0x2030 [ 841.478062] ? lock_acquire+0x1e4/0x540 [ 841.482077] ? blkpg_ioctl+0xc40/0xc40 [ 841.486056] ? lock_release+0xa30/0xa30 03:38:54 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000180)={0x26, 'aead\x00', 0x0, 0x0, 'morus1280-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r2 = accept$alg(r1, 0x0, 0x0) sendmsg$alg(r2, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f00000004c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) chdir(&(0x7f0000000000)='./file0\x00') write$binfmt_script(r2, &(0x7f0000000300)=ANY=[], 0xffffffaa) recvmsg(r2, &(0x7f0000000480)={&(0x7f0000000200)=@pppol2tpv3={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @dev}}}, 0x80, &(0x7f0000000800)=[{&(0x7f0000000040)=""/55, 0x37}, {&(0x7f0000000580)=""/215, 0xd7}, {&(0x7f0000000680)=""/137, 0x89}, {&(0x7f0000000740)=""/130, 0x82}], 0x4, &(0x7f00000008c0)=""/233, 0xe9}, 0x0) [ 841.490039] ? save_stack+0xa9/0xd0 [ 841.493678] ? save_stack+0x43/0xd0 [ 841.497312] ? __fget+0x4d5/0x740 [ 841.500773] ? ksys_dup3+0x690/0x690 [ 841.504519] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 841.509112] ? kasan_check_write+0x14/0x20 [ 841.513355] ? do_raw_spin_lock+0xc1/0x200 [ 841.517692] block_ioctl+0xee/0x130 [ 841.521407] ? blkdev_fallocate+0x400/0x400 [ 841.525727] do_vfs_ioctl+0x1de/0x1720 [ 841.529612] ? ioctl_preallocate+0x300/0x300 [ 841.534017] ? __fget_light+0x2f7/0x440 [ 841.537980] ? fget_raw+0x20/0x20 [ 841.541528] ? trace_hardirqs_on+0xd/0x10 [ 841.545679] ? kmem_cache_free+0x22e/0x2d0 [ 841.549926] ? putname+0xf7/0x130 [ 841.553368] ? do_sys_open+0x3cb/0x720 [ 841.557259] ? security_file_ioctl+0x94/0xc0 [ 841.561683] ksys_ioctl+0xa9/0xd0 [ 841.565253] __x64_sys_ioctl+0x73/0xb0 [ 841.569156] do_syscall_64+0x1b9/0x820 [ 841.573037] ? finish_task_switch+0x1d3/0x870 [ 841.577971] ? syscall_return_slowpath+0x5e0/0x5e0 [ 841.582904] ? syscall_return_slowpath+0x31d/0x5e0 [ 841.588022] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 841.593297] ? prepare_exit_to_usermode+0x291/0x3b0 [ 841.598318] ? perf_trace_sys_enter+0xb10/0xb10 [ 841.602997] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 841.607851] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 841.613059] RIP: 0033:0x455c97 [ 841.616235] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7d bb fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 841.635690] RSP: 002b:00007f413f26ea88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 841.643403] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000455c97 [ 841.650669] RDX: 0000000000000014 RSI: 0000000000004c00 RDI: 0000000000000015 [ 841.657951] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 841.665214] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 [ 841.672680] R13: 0000000000000001 R14: 00000000004d3f40 R15: 0000000000000013 [ 841.683087] FAT-fs (loop7): Directory bread(block 2563) failed [ 841.689608] FAT-fs (loop7): Directory bread(block 2564) failed [ 841.696410] FAT-fs (loop7): Directory bread(block 2565) failed [ 841.702924] FAT-fs (loop7): Directory bread(block 2566) failed [ 841.720067] FAT-fs (loop7): Directory bread(block 2567) failed [ 841.729722] FAT-fs (loop7): Directory bread(block 2568) failed [ 841.735926] FAT-fs (loop7): Directory bread(block 2569) failed [ 841.746478] FAT-fs (loop7): Directory bread(block 2570) failed [ 841.753833] FAT-fs (loop7): Directory bread(block 2571) failed [ 841.760033] FAT-fs (loop7): Directory bread(block 2572) failed 03:38:54 executing program 3: r0 = syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0x5, 0x40) ioctl$TIOCSSOFTCAR(r0, 0x541a, &(0x7f0000000100)=0x80000000) r1 = socket$nl_route(0x10, 0x3, 0x0) recvmmsg(r1, &(0x7f0000003f80)=[{{&(0x7f0000000080)=@can, 0x80, &(0x7f00000001c0)}}], 0x1, 0x0, &(0x7f0000004000)={0x77359400}) sendmsg$nl_route_sched(r1, &(0x7f0000005a00)={&(0x7f0000000180)={0x10}, 0xc, &(0x7f00000059c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="2400000026000102000000000000000000000000", @ANYBLOB="062d07e74e"], 0x2}, 0x1}, 0x0) 03:38:54 executing program 2: munmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000) r0 = userfaultfd(0x0) r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x101001, 0x0) ioctl$TUNDETACHFILTER(r1, 0x401054d6, 0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000432fe8)={0xaa}) ioctl$UFFDIO_UNREGISTER(r0, 0x8010aa01, &(0x7f0000000280)={&(0x7f0000ffc000/0x2000)=nil, 0x2000}) ioctl$KVM_X86_SET_MCE(r1, 0x4040ae9e, &(0x7f0000000040)={0x8280000000000000, 0x4, 0x4, 0x1, 0x12}) 03:38:54 executing program 6: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000740)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000013e95), 0x4) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000140)={0x0, @in6={{0x2, 0x0, 0x0, @mcast1={0xff, 0x1, [], 0x1}, 0x60000000}}}, 0x98) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000140)=0xd) close(r0) 03:38:54 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020000056f786e6574302d232f70726f6300") 03:38:54 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000100)={r1, &(0x7f00000002c0)="bdcef53f3ca70d227b6eabe3d631b345052d023e2b3476f507aa4304f93f0edcec231f5f718bf7330d873c9ac66cf7c27f139b2aa4498c68c594701862422484d0d484d38dbda82a85c6796d6674e11a8cab60f7c67d527bea0fbff343f0a3f32d9f420cefeaf415d91f394cd0516357307b9ee35ca7b5b331a77e66b297815b22569b003b0dda1f9b87fb779912d44c9ab9e62ad7cd1d6bdc2afbebc2455f1e6b52d683daea8c8aa036c109ffdf074d4562cbfe7a4d2ac441df1eaff6b680cf2978804258dc8f5935ee417244722a7dbc358d38d09da03e186750cde9ada5f2d9a68d5b02227b56f46cafe559d50d27ad8596abd3950d70a7be75f62adc6f853fe51284432228592538c784654e7d3b6ae84857655d1fa02b3c1cbbb125b92d429758c73957e6ccab9d23a5594279fca57d5aac3931bd666e6a7008ef6f63f4c03bf810a17bb8ed13c203fa7376c8d9869f488947eb5677f25d5d08a483d26e085bdc78ce7ff01d2ea68d906fc09513fbfe614158d2777845bd5365d0036e3bbe5cdfba1f155a7012f9979d564fa5e0b92459478622777451b0486db8b62d5b4ead5c33b533d176180386f439281f268c65c74237e2b68734537bf12e9bbab04d9a9e0c1fced13732ba957149f09cd68256f4ed417be4cf2a0428b035a21f50b17fe6a52bf6d2cbfb09ccae6ab5d5dbf5355dc373d22283f2b335d685e3dba4b038c4d61c5cd97a70011cf00a745c78b1a2478c98ef0f730549a2bd1f89e4b66352880bbdf8b3c225d67188711aa7a87ea1b7ab58fef494a3cb0d1b91065f8768d4d8fa8329a735939e28e03e1f3b023292fbe37afb1ca0928dbd4e8951f085a87cde8431550ed2e69e41333a57c8d89b0a9a08ad4574f8c772aa87cf7d9d81371a5dd2cd50068400825819d2c7c6ee4f5a878404ac7e1f048211f9e07bd475b43ef8e6042f4dfc3bcb1eafe29ad1b907aea423b108aebb86d7f7c9e4dc1c4dc6cf71b72d2cf890a76ea04c4392f3ea2bec7dfbb4d58202dfb0204809cb4bbf2d1e5630fb1c9b8056257cc2c209efb90998a9bd734862aef5f6f48ef4cad4412dccb938ae005dc2b9b4bd35b68d3120067c373e2446211a598eb112a78b4485f131e49f682848446147bbe72f4906a1ebf08b59a95d37cb2975a35a35160d814e0bfdb9cdd454e80153b066f09f2e0c0dff80ab8f91994ff4099553bcaea57ae845173e06a35441d85a12229c068d5b6ef1d343e151f6390e025af259f4840a70f4d2d45f93121f95eb1703c9497a42fe91c797048ab674ee718b478836bb8629476a2800bc9992e2087d8570a8555b15fcc840d25aa7405a98d3c232b509d915e42773a2a125dc611467668a7aef174c2810c989a4a53d4dfad47050b2cdb2460ba69d100f4594fb764e7798aeab05e48665dd537291ec319f933578f0653d6666cc5ff044bf7ab17beb2db714f160a6f50ef11b6488921635a6ecd1703d7ebaa588570df57e53d4ef00fb024362c7dbe51f261b4df773498af7f08a4f99b821d296b7507b2932d5f6240e100af102b7accf718cf058479c3729354acc43df45d1d59d08690b095110faa0c71826561d2fd1b02d15175a8b7b1731ab81bdf0aef6fc913c95131b10808acb0d019c03ac27a02ad25427b5eaa206a90a29d1e217d78b4ac1acc049131751c966c338ee19242be5231c5c2c1f9f5706d7612efdd7f381f996e02c8ddf9ccc0e1afb8da5e3afecd4b81799ed4e0c9b37e427fb2732aafbde198f29a5c0a513a63816a01c0cce90aa498f2f4a160d702ff36c246043dc6d6a0ca06fccb74f4e76d049a96cec0b8a7d679fff4552a944cf09d461b72f17ac3c1d13f52f01b681ea7ec45a686b38a03d2c8ff85d04f53809c74e038fe531161a42b7cd4e99c64cbaf97908a351cb9009ffb2291e29c98418d8e44b1fce71e47e71eab312fb596ce0c37bec4a5b7d10f9e3298364980322a12b0c9e178801cf3ad9765a79a14663477ab223a9e1394fa6ef73603d91b4dbc0e11a83ea0faae06eff273d29089b08f7483935dee198831bdb5afcb453a96a0e780b3e213331633189785e358631c1f30d64bc9ceeab37634b8c1a3b90398e25029f06fe9ab5834c67ca372fd8661065805e6afab8f942ff69cf0417174bec9cdcf49dc96477f69067e32111539493e0d748c8395d0b1d3fc5b3e1c9648b12812bd923bf51137e2d1f8c7b615ab90fcf4af9ebaddf40e135e0c250422ad527d29c4c76a17312d6b14d7223f4d3536cd0b77254e8164b0e698dd3a3feee2cfbc5aa5eb76f0a1d2a814dbf2ddb9a15f73c2cc945f214dd62ffe3f97cc947a2463e5000f9a7efe4d41def627d585498ff25e58ed37afda727eb87d1e9a4039837ed96146b447b77f19f2118a53633b5c2ebcbd31d3b96df1b6c5e576ed96032d152c38b187bb0b6358b84e7644dc44d4932279e615b5005e19147a0d3e9b19e636d75ca556b92eb3d73f85fa72abb1b049c279ea2b3253ae056a18f8021d2de0f1a8e524082d2444403ac2919172f6915536015e3b6ee905d1aadc40f41b1aa9a6a4105469f2cde05b31ff141c06530992c7db97e066f3ee73644b979c96df5f0f3f645201e57da1ffac5096811e83e7b5fe83c69836f04bd20407cbd3a0244825f3ddbd397c483b61b0afc9f5b4e3ca3cc0e54cba37a949a91204d047f84dfe401108e817509c0197f12d8297e80c98cc402ab6965df902201ace7bf814d8ca1c674e81db9ab13c26aa2541f826a505331679fb8bc0f0c80f0524b37cfffb8ce9bcf17f2ecac7b5d8c5711696a33cd1294cdafd674f8c0b018b4084cfc51e7ee753ec5b6ea5d1f40ba07a219743014e6dd1f987336a5e2912ce6599c38df96dbe6b7aa88b25d06a8df7ddeb988bddbd55854c430211a55601f5da8dd6cc09a778d5f9f3616e852c1e6930cf99673739da8cffea2354b6342513f3a2dd2faf4569bcb83b719bcf38a4f017be852307d5a71526140d9189ada88caca217f5cd5da58548606cdfb66942403628e10ce952459a8051530a3e1c27bcfebc604e660becea531131db7f8c1b91e9bae5f3994ae2ffafc3c61b5eaf6fa42631b5354a79b2810794cdd77b5416f73d0db93d4b95d5939c8d03305ba7d4f3e45530daf6615fd8f1e0ec2d93a8dceaf8027d1e4f6f4fb65140907c90e7a4186d4dbb10c790c6394c756c659ccdd9f7a3160a095500dd403123fb491850ac78cf1461c0d67027cf28adcefad9681b3448c8fd0eea181a7bad5e51f9178730737ecb71abb8e2e98e36d3fe0d84fe0e506c1f6a2b90acc9e2cc0fa861cc9e3088766f5ab35d6e01273246a352088d63ab0e665e8edff917d396e36dd539d492bdf819dbb303f98e9c392e3131e5c9d86b1e4e151e871283b6d373cf55e588142e812a43fbb6900665feea5410ea994e26c11ac2b34808d3b872438825b9f2e067298651c542a88a5741b1a943cd5e5bc03aa740391cf0784657afdbce135d682ec310aded756199a350c6095b7bbd6874bdda1a24a523224515bc2885773ccad1bb400abb1c9f80589e78912c7e38e8d19af525b7a983d0e0ffe2d36567cce8a873ab3ae2c371681bc21cbebc854efac1cab73b16c6098691baa47ecfb2e87d4fe7c5c8f89bc3d51beacc1919aee05ca19a156eae8ce22fc48bae237a1886894ed53be478aa87f0b64e3aa57a65c84eaaaa0db26bf1bb400abe65a0f17b2b4bd944d1f447fc9e54828c22093e3fc7dc60a98095a970597ecadf4b4fe687e7cfb2f8f50a2eb5ffe87daa34e24471f3f154ee2a917b25811cf650224f1a551fad41c99e3a6208b1b58bf3f3df476e6ee30815bea9699af9bda06b5f5322e165db086252ad1d86c285b0a6c48f8227659d9e57a41d973fcb0c1a04a3c04777936a67212e187020920d85665787a80192dea49ca14394060f8f201c5483ffdbeddd1f13402a60215c14e885cdba5ec98eb415b63cd886789904f498d55d0a645a32df270b92317825d28882a6d202689fd3754254d40867eb8a366c7b38aa0142f8b9ef4526364f431b7c49e803b047e28e3c64ef35398977c831ea4973cddb02410dbf1bde88dc297a68b87d608a69966f949241d0de50070a01e0ee1b10c5704b4b2c1b2c5e8c59e7b59ecd48c4d486483bd25320aadb8fe2b48d52a6aee2a28c67b448ddeed926b84f4cf37447a7c8cabba8282d1a5b20955c7f51c9191bf12cdb11f171bd532985e6deac8138fcb9d0f946876124201a795924761a651a4b942ec89b9fc42736210b0468c4bae0c5ca3b71f3e16089044a8fd8ee8d419af20a083afe66963c8056d0e1b598414e27ae07c663894760a9a26c88518bddac21ad7736641a5df8124c65baa230c8c7dcdef0b931204754aa6af844bb2c593f23719ec55d1ff0a7e83428aefd97b6d2fa2493bf150ccfca10241b5f1d5d6b8d309b01d79fc1f8aae1839a4e98f5f90cc5d40bc4fa22a49262cb351d274d2372d6d6475a5b3a7ca23522e4cdfa07ba011211d5509ac9a930bc1e6363c247515b5dd52d67b6dbcb32cc3630ef32dd0c77315d367576b4df9a193176b4edf4ef72e3920f8d9c6019b8bfb3217e789008e0f861c65bb7aae206d1f455221e831920bc7cc9ee50b617241888239e16ca9c590b9082595a06c555443c813d437319ca9e0793d9bc55ea223e803e73a835eba08dfa2fc6e458018ffa30c23034e889b72920006a63710009e65a493107e3b33349b0052b53fb5a19043c41098ae9a86c2234001ed1b150d9622fc14fcc533dfc1dd81e3008e115f03718408d32fd73a4b00937e3e9852e2bef08b9d9196c16fa4156413eb0164a91bfe62c7faba36a534fa50b17572baaca74fb5ddbff29a5b3464c28ac3e6392582c6b8f500694090d09dc012a76d108ec5c38584b67729f43d98a3a0c9cf055330b0e107a5300a81eb83f0c42540f91091481e9e425785e75d28834416e7ac020c2b1940f999955792c339dd18806373bee9793227ae3679f68f84f2d0f0b819716cd157644c5ad3ed57354cb3748efec1d937984a19b1ae28549bfbbf6c6a10ab79b0f903cc151dcdd591c113891bb3b15e10f7ec17dd54388127697cb97912a734f8ebf4b6cfdfec7788890bb2822904a0f30a9de35da7e265da5f3f0323a5523e1f8bfcd1dfe3ff616130ca69f2da64717fa0625744b9b42c7cf9b6d20e5c7ce4b910b54e7084897c88ca5590e0e6cee15a0deb0646b3722305e3c37ae8045356d3009084868d924d51175cc3f1b8a8c451a8cf7cd76f3319d8b262746ab2910678775a8d30fcfeeeb61d9de95ab46c6a55cb9705c0d6df2c3f406750891f3c459af113148eb355c29e28f8bdb1cf543a78f8e1753aa779af19438ab2136e35a41fb5569dc3eb574865005f8da3e5ddd47bc4843513cde9c0bf8cb8016e3092d84586789811e0e7494c75c1c008f60cdd919783045a24a4e93b4c3bc2aa89d2f7b032df1da9e91b05200c74de2cba9b2a6ed9579e7c6098f49c1e2a7707d76ccdb3c742ce7f06875ba276249ea5478e56265a0f5a8ce7c2a15dcf764b82f27d719483eeeaf3b64cb5322231c6d2adc22078c98ef182a51f89ce3d0a0a32712992f2f2bc858c08d7b325f3ffd9877e27506ad0c6c364476a133151a66e22f5292ccc24d7a6b72370c697174ab55728a21ca30a0d1bfcd4116301a11e029376b2cf314f86cdabf5d12fddb5b221fd306ef1235ae3ad6fc318174d620f32e233960d30796222050a4439c1c1b09b41d931bb29d62d7f92", &(0x7f0000000040)=""/132}, 0x18) r2 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r2, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x0) 03:38:54 executing program 7 (fault-call:0 fault-nth:20): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010a0200027400f801", 0x17}], 0x0, &(0x7f00000001c0)) [ 841.921605] FAULT_INJECTION: forcing a failure. [ 841.921605] name failslab, interval 1, probability 0, space 0, times 0 [ 841.933483] CPU: 0 PID: 14386 Comm: syz-executor7 Not tainted 4.18.0-rc3-next-20180709+ #2 [ 841.933499] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 841.951260] Call Trace: [ 841.953846] dump_stack+0x1c9/0x2b4 [ 841.957477] ? dump_stack_print_info.cold.2+0x52/0x52 [ 841.962859] should_fail.cold.4+0xa/0x11 [ 841.967020] ? __kernel_text_address+0xd/0x40 [ 841.971514] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 841.976615] ? __save_stack_trace+0x8d/0xf0 [ 841.980944] ? save_stack+0xa9/0xd0 [ 841.984700] ? save_stack+0x43/0xd0 [ 841.988337] ? kasan_kmalloc+0xc4/0xe0 [ 841.992226] ? kasan_slab_alloc+0x12/0x20 [ 841.997658] ? kmem_cache_alloc_node+0x144/0x780 [ 842.002517] ? __alloc_skb+0x119/0x790 [ 842.006417] ? alloc_uevent_skb+0x89/0x220 [ 842.010995] ? kobject_uevent_env+0x866/0x1110 [ 842.015584] ? kobject_uevent+0x1f/0x30 03:38:55 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f00003cefe4)={&(0x7f0000000300)={0x10, 0x34000}, 0xc, &(0x7f0000007ff0)={&(0x7f0000000180)={0x20, 0x29, 0x6fd, 0x0, 0x0, {0x2004}, [@nested={0xc, 0x0, [@typed={0x8, 0x9, @ipv4}]}]}, 0x20}, 0x1}, 0x0) r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x0, 0x0) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f00000001c0)={{{@in6=@mcast2, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@remote}, 0x0, @in=@multicast2}}, &(0x7f0000000040)=0xe8) r3 = getuid() setsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, &(0x7f0000000340)={{{@in6=@mcast2={0xff, 0x2, [], 0x1}, @in=@rand_addr, 0x4e21, 0x3ff, 0x4e23, 0xcee, 0xa, 0x20, 0x20, 0x2f, r2, r3}, {0x9, 0x2, 0x4, 0x1000, 0x7, 0x9, 0x4, 0x985}, {0x1c38, 0x0, 0x7fffffff, 0x6}, 0x9dd2, 0x0, 0x2, 0x1, 0x3, 0x3}, {{@in=@broadcast=0xffffffff, 0x4d4, 0xff}, 0x0, @in=@local={0xac, 0x14, 0x14, 0xaa}, 0x3502, 0x0, 0x3, 0x100000000, 0xfff, 0x8001, 0x10000}}, 0xe8) 03:38:55 executing program 0: r0 = socket$inet6(0xa, 0x804, 0x2000000000000) getsockopt$inet_sctp6_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f0000000200), &(0x7f0000000240)=0x8) r1 = socket$key(0xf, 0x3, 0x2) ioctl(r1, 0xff9, &(0x7f0000000000)="02195bece8ddc754cc9f36695cc83d6d346dc3145f8f762070") ioctl$KVM_SET_FPU(r0, 0x41a0ae8d, &(0x7f0000000040)={[], 0xc2, 0x81, 0xfff, 0x0, 0x80, 0x3000, 0x0, [], 0x8}) r2 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r2, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000111c9d8fd5000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffff02030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x0) 03:38:55 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="0200007a6f786e6574302d232f70726f6300") [ 842.020030] ? lo_ioctl+0x133d/0x1d00 [ 842.023832] ? blkdev_ioctl+0x9cd/0x2030 [ 842.027890] ? block_ioctl+0xee/0x130 [ 842.031689] ? do_vfs_ioctl+0x1de/0x1720 [ 842.035744] ? ksys_ioctl+0xa9/0xd0 [ 842.039377] ? __x64_sys_ioctl+0x73/0xb0 [ 842.043502] ? lock_acquire+0x1e4/0x540 [ 842.047486] ? fs_reclaim_acquire+0x20/0x20 [ 842.051816] ? lock_downgrade+0x8f0/0x8f0 [ 842.055984] ? check_same_owner+0x340/0x340 [ 842.060328] ? lock_downgrade+0x8f0/0x8f0 [ 842.064528] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 842.070200] ? rcu_note_context_switch+0x730/0x730 [ 842.075157] __should_failslab+0x124/0x180 [ 842.079599] should_failslab+0x9/0x14 [ 842.083545] kmem_cache_alloc_node_trace+0x26f/0x770 [ 842.088669] ? kasan_kmalloc+0xc4/0xe0 [ 842.092578] __kmalloc_node_track_caller+0x33/0x70 [ 842.098054] __kmalloc_reserve.isra.41+0x3a/0xe0 [ 842.102925] __alloc_skb+0x155/0x790 [ 842.106652] ? skb_scrub_packet+0x490/0x490 [ 842.111064] ? lock_release+0xa30/0xa30 [ 842.115401] ? pointer+0x990/0x990 [ 842.118937] ? device_get_devnode+0x2e0/0x2e0 [ 842.123709] ? kasan_unpoison_shadow+0x35/0x50 [ 842.128310] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 842.133876] ? netlink_has_listeners+0x2cf/0x4a0 [ 842.138640] ? netlink_tap_init_net+0x3e0/0x3e0 [ 842.143301] alloc_uevent_skb+0x89/0x220 [ 842.147444] kobject_uevent_env+0x866/0x1110 [ 842.151841] ? internal_create_group+0x39a/0x9e0 [ 842.156597] ? do_raw_spin_lock+0xc1/0x200 [ 842.160832] kobject_uevent+0x1f/0x30 [ 842.164817] lo_ioctl+0x133d/0x1d00 [ 842.168438] ? lo_rw_aio_complete+0x450/0x450 [ 842.172922] blkdev_ioctl+0x9cd/0x2030 [ 842.176796] ? lock_acquire+0x1e4/0x540 [ 842.181105] ? blkpg_ioctl+0xc40/0xc40 [ 842.184995] ? lock_release+0xa30/0xa30 [ 842.188964] ? save_stack+0xa9/0xd0 [ 842.192581] ? save_stack+0x43/0xd0 [ 842.196224] ? __fget+0x4d5/0x740 [ 842.199671] ? ksys_dup3+0x690/0x690 [ 842.203376] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 842.207947] ? kasan_check_write+0x14/0x20 [ 842.212261] ? do_raw_spin_lock+0xc1/0x200 [ 842.216498] block_ioctl+0xee/0x130 [ 842.220114] ? blkdev_fallocate+0x400/0x400 [ 842.224599] do_vfs_ioctl+0x1de/0x1720 [ 842.228489] ? ioctl_preallocate+0x300/0x300 [ 842.232887] ? __fget_light+0x2f7/0x440 [ 842.236854] ? fget_raw+0x20/0x20 [ 842.240389] ? trace_hardirqs_on+0xd/0x10 [ 842.244527] ? kmem_cache_free+0x22e/0x2d0 [ 842.248767] ? putname+0xf7/0x130 [ 842.252221] ? do_sys_open+0x3cb/0x720 [ 842.256113] ? security_file_ioctl+0x94/0xc0 [ 842.260611] ksys_ioctl+0xa9/0xd0 [ 842.264054] __x64_sys_ioctl+0x73/0xb0 [ 842.267944] do_syscall_64+0x1b9/0x820 [ 842.271819] ? finish_task_switch+0x1d3/0x870 [ 842.276314] ? syscall_return_slowpath+0x5e0/0x5e0 [ 842.281336] ? syscall_return_slowpath+0x31d/0x5e0 [ 842.286256] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 842.291263] ? prepare_exit_to_usermode+0x291/0x3b0 [ 842.296309] ? perf_trace_sys_enter+0xb10/0xb10 [ 842.300973] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 842.305918] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 842.311187] RIP: 0033:0x455c97 [ 842.314360] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7d bb fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 842.334011] RSP: 002b:00007f413f26ea88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 842.341711] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000455c97 [ 842.348979] RDX: 0000000000000014 RSI: 0000000000004c00 RDI: 0000000000000015 [ 842.356235] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 842.363504] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 03:38:55 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0xfffffffffffffff9, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000000000)=ANY=[@ANYBLOB="d3993000feff4991e489bba596"]) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 842.370942] R13: 0000000000000001 R14: 00000000004d3f40 R15: 0000000000000014 [ 842.389817] FAT-fs (loop7): Directory bread(block 2563) failed 03:38:55 executing program 5: r0 = socket$inet6(0xa, 0x3000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000011c0)={0x2, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB='\vc'], 0x0, 0x0, &(0x7f00000001c0)}) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000340)={0x48, 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0c630000016340400000001da200000000000000000000000000000000000000000000000000007bb2815be7eee6a8000000000000020000", @ANYPTR=&(0x7f0000000180)=ANY=[], @ANYPTR=&(0x7f00000001c0)=ANY=[]], 0x0, 0x0, &(0x7f00000002c0)}) r2 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x3, 0x80000) ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000080)={0x6, 0x40, 0x9, 'queue0\x00', 0x3ff}) 03:38:55 executing program 2: r0 = socket$inet6(0xa, 0x3, 0x1) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) io_setup(0x8, &(0x7f0000000d40)=0x0) io_getevents(r3, 0x0, 0x4b9, &(0x7f0000000240), &(0x7f0000000480)={0x77359400}) close(r1) io_submit(r3, 0x1400, &(0x7f0000000600)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x8, 0x0, r2, &(0x7f0000000140), 0x700000000000}]) [ 842.424814] FAT-fs (loop7): Directory bread(block 2564) failed [ 842.432002] FAT-fs (loop7): Directory bread(block 2565) failed [ 842.447476] FAT-fs (loop7): Directory bread(block 2566) failed [ 842.455300] FAT-fs (loop7): Directory bread(block 2567) failed 03:38:55 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020000076f786e6574302d232f70726f6300") 03:38:55 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) r1 = socket$key(0xf, 0x3, 0x2) r2 = dup2(r0, r1) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000000)={0x0, @in={{0x2, 0x4e24, @broadcast=0xffffffff}}, 0x10001, 0x800000, 0x6, 0x10001, 0x1}, &(0x7f00000000c0)=0x98) getsockopt$inet_sctp_SCTP_ASSOCINFO(r2, 0x84, 0x1, &(0x7f0000000100)={r3, 0xfffffffffffffecb, 0x4, 0x3, 0xa2ba, 0x8001}, &(0x7f0000000140)=0x14) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r4 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r4, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x0) [ 842.475705] binder: 14415:14416 ERROR: BC_REGISTER_LOOPER called without request [ 842.483705] FAT-fs (loop7): Directory bread(block 2568) failed [ 842.502306] FAT-fs (loop7): Directory bread(block 2569) failed [ 842.509737] binder: 14415:14416 ERROR: BC_ENTER_LOOPER called after BC_REGISTER_LOOPER [ 842.512540] FAT-fs (loop7): Directory bread(block 2570) failed 03:38:55 executing program 1: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'gcm(serpent-generic)\x00'}, 0x58) r1 = accept4(r0, 0x0, &(0x7f0000000200), 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000001c0), 0x0) sendmmsg(r1, &(0x7f000000c8c0)=[{{&(0x7f0000000080)=@un=@file={0x0, './file0\x00'}, 0x80, &(0x7f0000000680)=[{&(0x7f0000000a80)="0eb110b46faa5d379f335fb9c245e676e68792191392766d88395313120546b4bb180d57e1d0b6d62305d9460c67d4c80e72a2c60d9a3c61709d6ac56481a1ac74c563ea36fbb8e49021247d965c386a92b061665650a25586376a3a896bc664", 0x60}], 0x1, &(0x7f0000009d80)}}], 0x1, 0x0) socket$pppoe(0x18, 0x1, 0x0) recvmmsg(r1, &(0x7f0000001fc0)=[{{&(0x7f0000000240)=@rc, 0x80, &(0x7f00000008c0)=[{&(0x7f00000006c0)=""/68, 0x44}, {&(0x7f0000001980)=""/165, 0xa5}], 0x2}}], 0x1, 0x0, &(0x7f0000002040)={0x77359400}) [ 842.517951] binder: 14415:14416 got reply transaction with no transaction stack [ 842.517974] binder: 14415:14416 transaction failed 29201/-71, size 47541709845529010-2199023255552 line 2759 [ 842.535542] FAT-fs (loop7): Directory bread(block 2571) failed [ 842.552692] FAT-fs (loop7): Directory bread(block 2572) failed [ 842.560596] binder: 14415:14416 ERROR: BC_REGISTER_LOOPER called without request 03:38:55 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socketpair$inet6_udp(0xa, 0x2, 0x0, &(0x7f0000000040)) ioctl(r0, 0x8913, &(0x7f00000000c0)="025cc83d6d345fcf76207028170987f81fc29c92fca5") r1 = socket$inet(0x10, 0x7, 0xffffffffffffffff) getsockopt$sock_int(r1, 0x1, 0x5, &(0x7f0000000000), &(0x7f0000000100)=0x672ccffa954202fa) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f00000013c0)='/dev/rtc0\x00', 0x200001, 0x0) getsockopt$bt_BT_FLUSHABLE(r2, 0x112, 0x8, &(0x7f0000001400)=0xffff, &(0x7f0000001440)=0x4) [ 842.584627] binder: 14415:14428 got reply transaction with no transaction stack [ 842.592344] binder: 14415:14428 transaction failed 29201/-71, size 47541709845529010-2199023255552 line 2759 [ 842.653085] binder: undelivered TRANSACTION_ERROR: 29201 [ 842.660555] binder: undelivered TRANSACTION_ERROR: 29201 03:38:55 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) recvmmsg(r0, &(0x7f0000003f80)=[{{&(0x7f0000000080)=@can, 0x80, &(0x7f00000001c0)}}], 0x1, 0x0, &(0x7f0000004000)={0x77359400}) sendmsg$nl_route_sched(r0, &(0x7f0000005a00)={&(0x7f0000000180)={0x10}, 0xc, &(0x7f00000059c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="24000000a6000102000000000000000000000000e39e675960f34c5422dae1a7bbfcb08e15c3a86a588ea9bd3973a9909a859a57ccb32e6924e2b08ada20b14d35c625848bb599a43a172b33667163e521e354e9f8fa312ef744e82f75d7f82e4200b319d3ad27cd6ad4be012fd2080030db18b86bb647584a3dc00acd8a13470b5d0f100dfee315db8fe737d141846a9de1ffccbf41e2e84b02587ae684370b4ea9e3ad7a8ab8ee33561adf63a858ea56e86241c8cccf59518fe9707861b0e315edc799e243c84018881de3fc222a4de33a53df8b2473f48194e74043b8e42157898af7f6373b91760e5425d60d71fb723612dd", @ANYBLOB="00000000bd"], 0x2}, 0x1}, 0x0) 03:38:55 executing program 7 (fault-call:0 fault-nth:21): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010a0200027400f801", 0x17}], 0x0, &(0x7f00000001c0)) 03:38:55 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) dup3(r0, r0, 0x80000) r1 = socket$key(0xf, 0x3, 0x2) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x100) ioctl$sock_bt_hci(r2, 0x400448ff, &(0x7f0000000040)="01215106e00d6b0d93007f76a301eee7dda1587e9f11d571a2310607397f5b2b775af95100e809a2f52bdd97f2d464f1a6981922eb85bb2f51d6d32e81491c42f8a09e33031cd12a01bf489e44b659315880938c076574a45094630bfdbe6963b8c63d51f763a104c5e4df5e551fb4ca102837049c6a0d31e4a2eac12d8d6904069bbb473d8bc5f8fb2cbb196fd2ad22810ef114bc07d4f48525bb4a") ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r3 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r3, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x0) setsockopt$SO_VM_SOCKETS_CONNECT_TIMEOUT(r1, 0x28, 0x6, &(0x7f0000000100)={0x0, 0x2710}, 0x10) 03:38:55 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020000486f786e6574302d232f70726f6300") 03:38:55 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) r1 = socket$key(0xf, 0x3, 0x2) r2 = dup2(r0, r1) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000000)={0x0, @in={{0x2, 0x4e24, @broadcast=0xffffffff}}, 0x10001, 0x800000, 0x6, 0x10001, 0x1}, &(0x7f00000000c0)=0x98) getsockopt$inet_sctp_SCTP_ASSOCINFO(r2, 0x84, 0x1, &(0x7f0000000100)={r3, 0xfffffffffffffecb, 0x4, 0x3, 0xa2ba, 0x8001}, &(0x7f0000000140)=0x14) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r4 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r4, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x0) 03:38:55 executing program 1: r0 = syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1) ioctl$sock_SIOCBRADDBR(r0, 0x89a0, &(0x7f0000000000)='veth1_to_team\x00') r1 = socket(0x10, 0x802, 0x0) write(r1, &(0x7f0000000080)="2400000020000300075f0165ff72fc2280000000001000220ee1000c08000f0000001700", 0xfffffffffffffecb) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r1, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0xc00008}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x1c, r2, 0x108, 0x70bd28, 0x25dfdbff, {0x10}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x6}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8010}, 0x40) 03:38:55 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x8d4, 0x10}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f00000ba000)={0x1, 0x5, &(0x7f0000346fc8)=ANY=[@ANYBLOB="1800000400000000000000000b00f8ff68180f3b0458b308d77062d3000000ff0f00000000000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0xfb, &(0x7f00001a7f05)=""/251}, 0x14) 03:38:55 executing program 6: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000740)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000013e95), 0x4) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000140)={0x0, @in6={{0x2, 0x0, 0x0, @mcast1={0xff, 0x1, [], 0x1}, 0xf4010000}}}, 0x98) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000140)=0xd) close(r0) [ 842.970472] FAULT_INJECTION: forcing a failure. [ 842.970472] name failslab, interval 1, probability 0, space 0, times 0 [ 842.982041] CPU: 1 PID: 14462 Comm: syz-executor7 Not tainted 4.18.0-rc3-next-20180709+ #2 [ 842.990481] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 842.999842] Call Trace: [ 843.002442] dump_stack+0x1c9/0x2b4 [ 843.006082] ? dump_stack_print_info.cold.2+0x52/0x52 [ 843.011281] ? lock_acquire+0x1e4/0x540 [ 843.015339] ? is_bpf_text_address+0xae/0x170 [ 843.019848] should_fail.cold.4+0xa/0x11 [ 843.023921] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 843.029074] ? rcu_is_watching+0x8c/0x150 [ 843.033235] ? rcu_cleanup_dead_rnp+0x200/0x200 [ 843.037918] ? is_bpf_text_address+0xd7/0x170 [ 843.042494] ? kernel_text_address+0x79/0xf0 [ 843.047095] ? __kernel_text_address+0xd/0x40 [ 843.051617] ? unwind_get_return_address+0x61/0xa0 [ 843.056746] ? __save_stack_trace+0x8d/0xf0 [ 843.061133] ? lock_acquire+0x1e4/0x540 [ 843.065128] ? fs_reclaim_acquire+0x20/0x20 [ 843.069475] ? lock_downgrade+0x8f0/0x8f0 [ 843.073627] ? save_stack+0xa9/0xd0 [ 843.077356] ? __kmalloc_reserve.isra.41+0x3a/0xe0 [ 843.082289] ? check_same_owner+0x340/0x340 [ 843.086607] ? blkdev_ioctl+0x9cd/0x2030 [ 843.090695] ? block_ioctl+0xee/0x130 [ 843.094582] ? do_vfs_ioctl+0x1de/0x1720 [ 843.098637] ? rcu_note_context_switch+0x730/0x730 [ 843.103582] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 843.109033] __should_failslab+0x124/0x180 [ 843.113366] should_failslab+0x9/0x14 [ 843.117158] kmem_cache_alloc+0x2af/0x760 [ 843.121394] ? lock_acquire+0x1e4/0x540 [ 843.125375] skb_clone+0x1f5/0x500 [ 843.128919] ? refcount_add_not_zero+0x2b0/0x330 [ 843.134136] ? skb_split+0x11f0/0x11f0 [ 843.138026] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 843.143034] ? netlink_trim+0x1ba/0x380 [ 843.147014] ? netlink_skb_destructor+0x210/0x210 [ 843.151856] netlink_broadcast_filtered+0x10b7/0x1620 [ 843.157040] ? __netlink_sendskb+0xd0/0xd0 [ 843.161278] ? pointer+0x990/0x990 [ 843.164860] ? device_get_devnode+0x2e0/0x2e0 [ 843.169431] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 843.174969] ? refcount_inc_not_zero+0x1e5/0x2f0 [ 843.179725] ? refcount_add_not_zero+0x330/0x330 [ 843.184485] ? netlink_has_listeners+0x2cf/0x4a0 [ 843.189240] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 843.194259] netlink_broadcast+0x3a/0x50 [ 843.198313] kobject_uevent_env+0x829/0x1110 [ 843.202720] ? internal_create_group+0x39a/0x9e0 [ 843.207478] ? do_raw_spin_lock+0xc1/0x200 [ 843.211707] kobject_uevent+0x1f/0x30 [ 843.215502] lo_ioctl+0x133d/0x1d00 [ 843.219231] ? lo_rw_aio_complete+0x450/0x450 [ 843.223718] blkdev_ioctl+0x9cd/0x2030 [ 843.227595] ? lock_acquire+0x1e4/0x540 [ 843.231573] ? blkpg_ioctl+0xc40/0xc40 [ 843.235454] ? lock_release+0xa30/0xa30 [ 843.239425] ? save_stack+0xa9/0xd0 [ 843.243061] ? save_stack+0x43/0xd0 [ 843.246692] ? __fget+0x4d5/0x740 [ 843.250138] ? ksys_dup3+0x690/0x690 [ 843.253849] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 843.258440] ? kasan_check_write+0x14/0x20 [ 843.262677] ? do_raw_spin_lock+0xc1/0x200 [ 843.266917] block_ioctl+0xee/0x130 [ 843.270563] ? blkdev_fallocate+0x400/0x400 [ 843.274894] do_vfs_ioctl+0x1de/0x1720 [ 843.278775] ? ioctl_preallocate+0x300/0x300 [ 843.283174] ? __fget_light+0x2f7/0x440 [ 843.287143] ? fget_raw+0x20/0x20 [ 843.290600] ? trace_hardirqs_on+0xd/0x10 [ 843.294798] ? kmem_cache_free+0x22e/0x2d0 [ 843.299120] ? putname+0xf7/0x130 [ 843.302576] ? do_sys_open+0x3cb/0x720 [ 843.306529] ? security_file_ioctl+0x94/0xc0 [ 843.311055] ksys_ioctl+0xa9/0xd0 [ 843.314513] __x64_sys_ioctl+0x73/0xb0 [ 843.318392] do_syscall_64+0x1b9/0x820 [ 843.322280] ? finish_task_switch+0x1d3/0x870 [ 843.326867] ? syscall_return_slowpath+0x5e0/0x5e0 [ 843.331898] ? syscall_return_slowpath+0x31d/0x5e0 [ 843.336921] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 843.341952] ? prepare_exit_to_usermode+0x291/0x3b0 [ 843.347346] ? perf_trace_sys_enter+0xb10/0xb10 [ 843.352298] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 843.357147] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 843.362441] RIP: 0033:0x455c97 [ 843.365628] Code: 48 83 c4 08 48 89 d8 5b 5d c3 66 0f 1f 84 00 00 00 00 00 48 89 e8 48 f7 d8 48 39 c3 0f 92 c0 eb 92 66 90 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7d bb fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 843.385178] RSP: 002b:00007f413f26ea88 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 843.392895] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000455c97 [ 843.400532] RDX: 0000000000000014 RSI: 0000000000004c00 RDI: 0000000000000015 [ 843.407988] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 843.415246] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 [ 843.422517] R13: 0000000000000001 R14: 00000000004d3f40 R15: 0000000000000015 [ 843.458470] FAT-fs (loop7): Directory bread(block 2563) failed 03:38:56 executing program 2: r0 = getpid() sched_setattr(r0, &(0x7f0000000000)={0x0, 0x2, 0x0, 0x0, 0x1}, 0x0) poll(&(0x7f0000000040), 0x0, 0xffff) socket$netlink(0x10, 0x3, 0x0) r1 = eventfd2(0x0, 0x0) read(r1, &(0x7f0000000240)=""/204, 0xcc) io_setup(0xa3c, &(0x7f0000001a00)) r2 = memfd_create(&(0x7f0000000500)='*cgroup\x00', 0x2) ioctl$RTC_UIE_OFF(r2, 0x7004) readv(r1, &(0x7f0000000200)=[{&(0x7f0000000040)=""/181, 0xb5}, {&(0x7f0000000100)=""/241, 0xf1}, {&(0x7f0000000340)=""/192, 0xc0}, {&(0x7f0000000400)=""/237, 0xed}], 0x4) 03:38:56 executing program 5: r0 = socket$inet6(0xa, 0x7, 0x8000000001004) ioctl(r0, 0x8915, &(0x7f00000000c0)="025c75afeb771d6d345f8fbc59d3cee4abf01090022d9f4de0954f0a0773056483a732e7bf2f23cfc32ba306e77ba97064") r1 = socket$inet_sctp(0x2, 0x1, 0x84) sendto$inet(r1, &(0x7f0000000080)="0f", 0x1, 0x0, &(0x7f0000000040)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}, 0x10) mkdir(&(0x7f0000c92000)='./file0\x00', 0x0) r2 = creat(&(0x7f0000f66ff4)='./file0/bus\x00', 0x0) r3 = open$dir(&(0x7f0000000180)='./file0/bus\x00', 0x0, 0x0) writev(r2, &(0x7f00002c8000)=[{&(0x7f00007fbf5f)="b7", 0x1}], 0x1) r4 = dup(r3) r5 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vga_arbiter\x00', 0xc000, 0x0) r6 = msgget$private(0x0, 0x40) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000140)={0x0, 0x0}, &(0x7f00000001c0)=0xc) stat(&(0x7f0000000200)='./file1\x00', &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fstat(r2, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0}) getresgid(&(0x7f0000000340), &(0x7f0000000380), &(0x7f00000003c0)=0x0) getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000400)={0x0}, &(0x7f0000000440)=0xc) ioctl$TIOCGSID(r5, 0x5429, &(0x7f0000000480)=0x0) msgctl$IPC_SET(r6, 0x1, &(0x7f00000004c0)={{0xffffffff, r7, r8, r9, r10, 0x3, 0x7}, 0x5, 0x2, 0x6, 0x10001, 0xce, 0x8c, r11, r12}) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x2011, r4, 0x0) sendto$inet(r1, &(0x7f0000029000)="c6", 0x1, 0x0, &(0x7f0000007ff0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff, 0xbb}}, 0x10) shutdown(r1, 0x800000000000001) getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r1, 0x84, 0x7d, &(0x7f0000018000)={0x0, @in6={{0xa}}}, &(0x7f0000000000)=0x8c) 03:38:56 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) r1 = syz_open_procfs(0x0, &(0x7f0000000080)='fd\x00') fchdir(r1) r2 = memfd_create(&(0x7f00000002c0)="bcf6", 0x0) write(r2, &(0x7f0000000300)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r2, 0x0) mount(&(0x7f0000000000)='./file0/file0/file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='anon_inodefs\x00', 0x0, &(0x7f0000000dc0)) open(&(0x7f0000000040)='./file0\x00', 0x8040, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r3 = socket$key(0xf, 0x3, 0x2) rt_sigreturn() sendmsg$key(r3, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x0) 03:38:56 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(0xffffffffffffff9c, 0x84, 0x66, &(0x7f0000000040)={0x0, 0x2}, &(0x7f0000000080)=0x8) setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f00000000c0)=@sack_info={r1, 0x4}, 0xc) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r2 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000300)={'vcan0\x00', 0x0}) sendmsg$nl_route(r2, &(0x7f0000000200)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000240)=@ipv4_newaddr={0x34, 0x14, 0x11d, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, r3}, [@IFA_LOCAL={0x8, 0x2, @dev={0xac, 0x14, 0x14}}, @IFA_CACHEINFO={0x14, 0x6, {0x0, 0x7}}]}, 0x34}, 0x1}, 0x0) 03:38:56 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020000046f786e6574302d232f70726f6300") [ 843.495357] FAT-fs (loop7): Directory bread(block 2564) failed [ 843.502716] FAT-fs (loop7): Directory bread(block 2565) failed [ 843.515526] FAT-fs (loop7): Directory bread(block 2566) failed [ 843.532870] FAT-fs (loop7): Directory bread(block 2567) failed [ 843.539450] FAT-fs (loop7): Directory bread(block 2568) failed 03:38:56 executing program 7 (fault-call:0 fault-nth:22): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010a0200027400f801", 0x17}], 0x0, &(0x7f00000001c0)) 03:38:56 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = syz_open_dev$usbmon(&(0x7f0000000040)='/dev/usbmon#\x00', 0xec, 0x2000) ioctl$EVIOCGMTSLOTS(r1, 0x8040450a, &(0x7f0000000080)=""/140) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_IRQ_LINE(r1, 0x4010ae67, &(0x7f00000001c0)) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r2, 0x4010ae68, &(0x7f0000000000)={0xfffffffffffffffb, 0x1000}) [ 843.545938] FAT-fs (loop7): Directory bread(block 2569) failed [ 843.552395] FAT-fs (loop7): Directory bread(block 2570) failed [ 843.559855] FAT-fs (loop7): Directory bread(block 2571) failed [ 843.566143] FAT-fs (loop7): Directory bread(block 2572) failed [ 843.624941] FAULT_INJECTION: forcing a failure. [ 843.624941] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 843.637000] CPU: 1 PID: 14500 Comm: syz-executor7 Not tainted 4.18.0-rc3-next-20180709+ #2 [ 843.645498] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 843.654849] Call Trace: [ 843.657442] dump_stack+0x1c9/0x2b4 [ 843.661067] ? dump_stack_print_info.cold.2+0x52/0x52 [ 843.666249] ? trace_hardirqs_off+0xd/0x10 [ 843.670489] should_fail.cold.4+0xa/0x11 [ 843.674558] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 843.679648] ? trace_hardirqs_off+0xd/0x10 [ 843.683967] ? wait_for_completion+0x8d0/0x8d0 [ 843.688549] ? __kasan_slab_free+0x131/0x170 [ 843.692944] ? trace_hardirqs_on+0x10/0x10 [ 843.697177] ? kobject_uevent_env+0x288/0x1110 [ 843.701748] ? internal_create_group+0x39a/0x9e0 [ 843.706582] ? do_raw_spin_lock+0xc1/0x200 [ 843.710894] ? mutex_unlock+0xd/0x10 [ 843.714616] ? lo_ioctl+0xe8/0x1d00 [ 843.718238] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 843.723776] ? should_fail+0x246/0xd86 [ 843.727656] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 843.732767] ? blkpg_ioctl+0xc40/0xc40 [ 843.736699] __alloc_pages_nodemask+0x36e/0xdb0 [ 843.741368] ? __alloc_pages_slowpath+0x2d00/0x2d00 [ 843.746397] ? save_stack+0xa9/0xd0 [ 843.750011] ? save_stack+0x43/0xd0 [ 843.753624] ? __fget+0x4d5/0x740 [ 843.757074] ? lock_acquire+0x1e4/0x540 [ 843.761305] ? fs_reclaim_acquire+0x20/0x20 [ 843.765627] ? lock_downgrade+0x8f0/0x8f0 [ 843.769791] ? lock_release+0xa30/0xa30 [ 843.773770] ? check_same_owner+0x340/0x340 [ 843.779123] cache_grow_begin+0x91/0x710 [ 843.783187] kmem_cache_alloc+0x689/0x760 [ 843.787321] ? fget_raw+0x20/0x20 [ 843.790764] getname_flags+0xd0/0x5a0 [ 843.794558] do_mkdirat+0xc5/0x310 [ 843.798088] ? __ia32_sys_mknod+0xb0/0xb0 [ 843.802235] ? fput+0x130/0x1a0 [ 843.805504] ? ksys_ioctl+0x81/0xd0 [ 843.809133] __x64_sys_mkdir+0x5c/0x80 [ 843.813113] do_syscall_64+0x1b9/0x820 [ 843.816987] ? finish_task_switch+0x1d3/0x870 [ 843.821483] ? syscall_return_slowpath+0x5e0/0x5e0 [ 843.826400] ? syscall_return_slowpath+0x31d/0x5e0 [ 843.831329] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 843.836343] ? prepare_exit_to_usermode+0x291/0x3b0 [ 843.841347] ? perf_trace_sys_enter+0xb10/0xb10 [ 843.846041] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 843.851584] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 843.856780] RIP: 0033:0x455267 [ 843.859972] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 843.879331] RSP: 002b:00007f413f26ea88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 843.887035] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000455267 [ 843.894310] RDX: 0000000000000014 RSI: 00000000000001ff RDI: 00000000200000c0 [ 843.901567] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 843.909006] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 [ 843.916274] R13: 0000000000000001 R14: 00000000004d3f40 R15: 0000000000000016 03:38:56 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x890e, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = memfd_create(&(0x7f0000000040)='ifb0\x00', 0x3) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_INFO(r1, 0xc08c5334, &(0x7f0000000080)={0x2, 0xdd, 0x1f, 'queue1\x00', 0x82}) ioctl$sock_inet_SIOCGIFBRDADDR(r0, 0x8919, &(0x7f0000000000)={'ifb0\x00', {0x2, 0x4e24, @loopback=0x7f000001}}) r2 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r2, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff0200130002009ae7e0aefcffffff0000030006000000000002004e20e000e700000000000000002402000100f8ffffff0000000200e00000a0ea863accd2ce5ea2000000000000000000000000000000"], 0x60}, 0x1}, 0x0) [ 843.925552] FAT-fs (loop7): Directory bread(block 2563) failed [ 843.931713] FAT-fs (loop7): Directory bread(block 2564) failed [ 843.937776] FAT-fs (loop7): Directory bread(block 2565) failed [ 843.943829] FAT-fs (loop7): Directory bread(block 2566) failed [ 843.949910] FAT-fs (loop7): Directory bread(block 2567) failed [ 843.956116] FAT-fs (loop7): Directory bread(block 2568) failed [ 843.962257] FAT-fs (loop7): Directory bread(block 2569) failed [ 843.968645] FAT-fs (loop7): Directory bread(block 2570) failed [ 843.975492] FAT-fs (loop7): Directory bread(block 2571) failed [ 843.986752] FAT-fs (loop7): Directory bread(block 2572) failed 03:38:57 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) recvmmsg(r0, &(0x7f0000003f80)=[{{&(0x7f0000000080)=@can, 0x80, &(0x7f00000001c0)}}], 0x1, 0x0, &(0x7f0000004000)={0x77359400}) r1 = accept(r0, &(0x7f0000000100)=@sco, &(0x7f0000000000)=0x80) bind$alg(r1, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'sha3-512\x00'}, 0x58) sendmsg$nl_route_sched(r0, &(0x7f0000005a00)={&(0x7f0000000180)={0x10}, 0xc, &(0x7f00000059c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="2400000026000102000000000000000000000000", @ANYBLOB="00000000bd"], 0x2}, 0x1}, 0x0) 03:38:57 executing program 7 (fault-call:0 fault-nth:23): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010a0200027400f801", 0x17}], 0x0, &(0x7f00000001c0)) 03:38:57 executing program 0: r0 = socket$inet6(0xa, 0x2, 0x81400) r1 = socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r2 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="0bc6b3ee2b4c810ec90f3a864abd6677f44d4670dc53617cc787579b9ced27e90001f2a6191b49406823f9c6c5969c822d915465614a9d917c7bb046755ca5dbd4b2cf51430ae3a4c135fa92d695b35f1ea659725a3f756f60cfbcda800ab9b33e9b23fa81f8ed3a1a0400000000000000aceec00a1f80eb61504c1b00000000005959dfd1630a71485bb8a740ee20703b95f64c6f1d7d22553d4b5957c9435d05abf769179bdd12a91b0b3eb1cd62a1d4bcf201", @ANYPTR64=&(0x7f0000000140)=ANY=[@ANYRES32=r2, @ANYRESDEC=r0, @ANYRESDEC=r2, @ANYRESHEX=r0, @ANYRESHEX=r2, @ANYPTR64=&(0x7f0000000100)=ANY=[@ANYRES32=r1, @ANYPTR64, @ANYRESOCT=r2], @ANYRES64=r1, @ANYRES16=r2]], 0x7a}, 0x1}, 0x8000000000000000) 03:38:57 executing program 6: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000740)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000013e95), 0x4) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000140)={0x0, @in6={{0x2, 0x0, 0x0, @mcast1={0xff, 0x1, [], 0x1}, 0x18}}}, 0x98) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000140)=0xd) close(r0) 03:38:57 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020000746f786e6574302d232f70726f6300") 03:38:57 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x4) writev(r0, &(0x7f0000000200)=[{&(0x7f0000000100)="480000001500190020ffff7fffffff560aa3bc4a03049164643e89720000de213ee23ffbf510040041feff5aff2b00000000fb00070001000080636fea516e69787263e9c8b92994", 0x48}], 0x1) getsockopt$inet_pktinfo(0xffffffffffffff9c, 0x0, 0x8, &(0x7f0000000040)={0x0, @multicast2, @local}, &(0x7f0000000080)=0xc) getresuid(&(0x7f00000000c0), &(0x7f0000000180), &(0x7f00000001c0)=0x0) lstat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000300)={0x0}, &(0x7f0000000340)=0xc) r5 = geteuid() getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffff9c, 0x29, 0x22, &(0x7f0000000380)={{{@in=@multicast2, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@dev}, 0x0, @in6=@loopback}}, &(0x7f0000000480)=0xe8) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f00000004c0)={{{@in=@remote, @in6=@ipv4={[], [], @local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@rand_addr}, 0x0, @in6=@mcast1}}, &(0x7f00000005c0)=0xe8) r8 = gettid() sendmsg$nl_route(r0, &(0x7f00000035c0)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000003580)={&(0x7f0000000600)=@newlink={0x2f78, 0x10, 0x600, 0x70bd25, 0x25dfdbfc, {0x0, 0x0, 0x0, r1, 0x10, 0x2000}, [@IFLA_CARRIER={0x8, 0x21}, @IFLA_MASTER={0x8, 0xa, 0x7479}, @IFLA_LINK_NETNSID={0x8, 0x25, 0xfffffffffffffff8}, @IFLA_VF_PORTS={0x2f24, 0x18, [{0x4, 0x1}, {0x120, 0x1, [@typed={0xc, 0x22, @u64=0x36d6}, @generic="61b56478766b272617cd1920a61eee6e337c06519aa2949dd24489a7d3a9f9dc04e083927e648643c5d1d748af40daec87de92d26111bb7e59252366a2d47f533688dd7907330600ee2f44a42acc532c0a292ff120b97cc33fe4e0d2bb25f421eafb4fb8e01c14ef266a4bdbafacca6f262f1bdd6064317cc38935dd5621defa8be526e4550031e33a62af8d37e613568b75fbfff53d83d938897d8c03624c", @generic="8c9fabb4ca39622d7af683dd719881808de5c431a024740b3bf91a11a78afba711aa4fec039136a43b26591e5741f29342867601def19764fa3992bd9aa53217f55a0dc2244e884257123dcdd382088a98f86607f8dd1fb54e3e72706cf55f6184ab6f46", @nested={0xc, 0x4a, [@typed={0x8, 0x36, @uid=r2}]}]}, {0x1400, 0x1, [@generic="42d065dfb07ef8fad3db9b3a9871c31cae3e1c9723b1fa165e2cfcffa268784ab086127dc6337c82e12a1b93f49ee1ee3b2f6b32649217d2a62651a5d41f021081cabf494f8c8bce772b5eeaeaca73c30870b9a58b34d2ba9344d7425f55484ba7b393fb56b7d70ecd400a967dbb10746be8a514bfd20131b91b4477db7256716417913d66fd8f47fc414ee2f321faf2a8f85464a7fbd99bc56a9b163fe7e8deaee94f894e1a9dd4f7f44c5bddc08c69565867ef0a9fbabe615ea244d6c889c144eeb1945f8018a7221b8ee3a149945b837118653547d0bda2b3c48495d9df2751157c1669f4cdb05f76db89c441de97beed7e", @typed={0x8, 0x65, @uid=r3}, @generic="e3d8d4d8ab117a14f213aea44127f00584eda2b12fd171793c2769eb46511ae0d7984480b1d984deef7b651949136ec2a160f04011cba2b994ff9653b3a6d65a8ba9e5ebc7cd6f", @generic="7e17d36562dded5fcf581fff08e3c7cf53479bef1d2bcefaa391dcf4181d4bdd26de7a14a4b7d510fd3233e3df16d0f29851e5f0d91bc0c131765e4510ca087c7fa155374bba2a3c7328cefd73d6150cf54260", @generic="962143e6a11a48e0af0d17f98c49b4bbcbde260ad54a6e39d74c718f3bae6720eed91c6eef9588582d54ffbc43e3ef1739b9a124af1ef12f7f0ff8e8221ccd306fa9fe379936a2f52e5a60b436d9adb78e69d8ec5991ec314e3c86a9693c6a27768d868f0e780c8b4d6d3f22773b2ce4387a3cce113dcf15", @nested={0x10c8, 0x26, [@typed={0x1004, 0x74, @binary="e4ad5913bdf74e93bf244af1d44fddeac5b95985f75d64d5e10dc8602b0adc25a32b74488524435042c39bbbb436964f7db215e0d6e732abf35a9779a7e37d92633212cf25e559d08edb978196968dadf0f7dbd83357f2274dc7d87df7bf2dc8bc17546b33926858c7031a30cc19fe4a609e87d745f9b39f87b9e83e4ad81466fb0563a54b51b587bee4799e29fbb5ca8d87a06c92d9ab67146cc72a4a4cb75a35506e3a211f9338b26671fbae9eb8164e814aeda680b5e3729211122972b7f13d87c3c8090b6e68d3af7589de0c094a04bf28c8546360cc38b56eadbeb793df10584709e135efe532534ed4150eb12ed40b9aadfddf9d575cf4de19a915a89cbb648430e511afe3be480278252396c87ffb174de16e57c46e48e88bd06c0dca68e99db0674b4583c3151a430c0bfba150a972582159fcee61bcd88dcf62dad7766db89ace7999627d65d3d4a111cfc4e47e12ea686a660baa12ba86fdfbb0d7c05fba7d39239804f3f0816c7c8e12e06e9371e015187e2f2537975c844b31d2b0c27c74371551d39e8f9caf0e9e20af55193032a0eee2917cd702c57b4fd92fdf323e767c900bdf4af382971ce29d9c4a0e6b2efc5296f17ec3307a772e3f0d4e993b75291aa984e1e668261e1fb517caadff5ae94cf110821b902497f5069593b87af3a77b6d3616a7ee46f92f46cf8d787835e2fda3de7bbbab7c2914cbf512c422d4669f034c754e245e28a2fdcab88894f4d9e3484919613e31d285d7cda12cb3a5b6b95ab1565b7a37c756157607d210143eeeda54fccfa067b04c2e72dd7d8eaad25d270e2b31d292b2fa05d92660820ca7fe735dcf1caacf195414b4723d92d0e1b6fe252ff4048fd5dae675901ae4b1da9ef97912bc51ac7659b4b50be3dcf7055868c0f3c0f34c921a9aae84c5a3535c69c1452d350944928b3083e268e85618f9be706d1358985b09fdca27ba0a71cd6fb859a722707a5749ab5ab49f7a9ec064aa5df598f3fc947679a0acd571816eddb9303dc925b3ff3286b01c2d534aab9fd4b0f5fcbaba1f4cc0931c34240dcc52e381a2ded23892b08a7b1ffbb29a5575355645edb65a1ae12b19775cb1c9541c8376de87604ed1df933a527c519dff484c1cf98feb1c3edccfdb8cc9f5070817869366c40838ee5b3625ce4edcf1492dd30ca74ba4b675627a027d782a8c8a70b584030a4a7ba85b96c13dab90681d56e132a5d295cff2af1c93af898a733f397b6c6e187fd4fbe2a44e5e2dcb4cfc2022bc8e2c005eb871fa045f7e3bfd510247ca7ccb4ec2ae6cf2111c3d5f71ccf5cc3eaa0009aa5662501502f45250c17e046883279a55940ce0be29e13744956673ac49288fed08692a1aee26808fb73e94d0958cf47847c5482962294aa896c0b058c0da7833511fe2dcca4d60f4398e305188f7c13509f97ca0c55baaa19ed8322d752575ee1b304dd58a8b2aafedeb67b41975672e895aef79b2b2d2dae4fea0645d47ae7f6e86f75de851d73beaf158cf3889b482114471639407bc9c83754d9d3b550a0268352bc39e4783beefed0c4fc753c7cdcb41588dc6a04c912b8ebc2bd22869731ea5264f49d19f694b66a0fb93e3036855ca7cbec0622e412d99ead1c8e84f472b1058ac216e42093bd7751e8c2f93b1aae6e4d781ee290e5b791173fb4e5d01bcb44518719e49076f3f529b5b55d022ff6b16c25295c53407bfa4345d88b76f307a8170d80e9212e28edf85689ad50646bc1f36fdca1d85e81ffe889088d88792e273cdef067ca6125705de8dc91f0bbf82a3c444b3a479eef8ff9d65e08f1c3e07c3a35bcfcd78115632d950e69fcc38c78b0174042aea1497485c4c0d72fca402fa9c4f243440b89e2ede2d82fbadb2f437148b3c9c83dabfa14ecbf243d4cfd2d78e97b91589ef66f7f07b0d8e9db3f2b14bbf50e1d8342543513c7eade2aff75acfea776aa1adae059bb233763a52b2e078cc9b6f9eb29882998a7eff424424a50988b56a3758b42d5095d1213ea2613627fafd608b370ee41d6931e6091325e8624fac7ab37e11fd147d46ca055c537583c40206665d5171f76df024c3d21bffc64bdd08046d822c124cdc5cb252d5c8e09ea35b8f33044b6eb169f88e7841c17eb439c86f882fe97b53df4b87f384f48f0a4f77499bde96b0df9774756d0f97a6b9960465f7f26182c5ff3624291fc5ed84921362de84027b02e0d3a73662e17928f594e129a968dde94085bac1ed2c5dc699ccca0169f6eeb8a6b64ccd94d00161ec30d6110b1029458c284dcd4b729cea425ab36222946c15f1fca9cd00c83bd6e900cec39cd95cc7a4ac363c9f700d82bc524f9f4e1362e261b2e4c04a10c9caa3d65a8f0b67bb223f011186b6873a114552eeaca65268a5a0d38973ce25d46e7ebc4f78445eac7031ffb14a6cb2af029b3da5413b3cd03de6b9e9ab82a2bf54636c52ccfd4c05db7158798d4fd9bf297a1e359e5853f4fb9b2388c3ab81ea4fe0ad9666a823d89e451aa3745c19436ddd4724e899a2e5cab0e0083b399d652e5356e788ee79f105afba73e184d2ea3b7ecb0b249b27be0b7c6f679eaa8f9dfc17a5f6f0be0a6b16d8e61a645598df44467a7d002831f966c1c7189c35ba1c63423fdf22074784b8d7b275cf715814b406651ece11a9750ad5a9675491eecd6cb7ba6b0995fbe553b4be347158023c4001d414660cf8256939a05039373bbf31b6fd0bedcd2c41e5dd0f64d9f85e9c066627b119315932ad6613d1e45e441ff326cf4155a497ce75333e867c2419e4255056f175bc969a2a1d13aea8a53b9d276d3ceb5447d6ef04b3210c9b8cfa6e5ac4021eea4f96d784dab39d9e3259617593b177eacba9e9c51cdac6e9f9d37be7af6ce4a54bc68d09844f2ec85dbe68efe791c635e6ae202b95b63d5bb0bc616835b9b438fae5e7e22a728d8fe04a1ec74383398d50ae739a672fc13c668b2e4157a6d8fb3c2dbcd40f665e5b26d44d180db503aceaa484d8b149bb9d91c4c56cdb8bdabdb9b7261b2d4d2085671711abb96b5d112f936e7541f9d2861a7e7360801a99f00c10fec5265cf49752d22a32d5e2fdbdcfeae166eef3613e65950158fe81fe74e3bce5e79b2adcf8a9f9c088373d39bc295b9ebed5b4e11c56fa2f624dda3163e910acbf72dd0b874460f0ce251f1a8d4e185d3ed654504e19b2be5979bcdc3967a9b950b698e156ab55c512311e9229520ab91685ec3953266d6aa7c7825e1d3c344e8a99a64d940fcd42f9a4ffe52803f736be0936999a7b0dc1042c8dd30172b7eb07e57e61c0fd6f11c5d48886b28500c1583ba4ffdc699f7398e6792191e045a90fbdf0f26dbd51da0feeed0d811e14cb01eeb2dbbb7469412a60319d9c4fd06e35b9b984f53af7f318c3c314c837aabdd6d6a02ea45751529077c490f939ee9eebe4a8977d16b77b8a06760a57fa7727d6ab41c04a30321670ac52e326efc850a32d079096f982f84498dda405bc6775bd9a10fa4e51beaec6ee560b4a659f6674683d09720b2467e61db9e4c75fcf64617ea64e648981a0f1a23a862686748296de278d8889d9e4755685a9aa66a88e97601b71d9b4485c2b39e237c48284b7202956d097984660917609d702b40aaa82c81f2272aef3f392509574a1be9d2254d2b8df3fd618342f4117e11ad761bb9f28f11aeebb6ccad5c7f273d5495c849b0bd8423235ca1507495d64ed3bca0bc6e984daeb4039388a7bd2925848ac1e50511c7b387add5829bb2767844b6ffc04ecf61535b19c5f28d277fc0fae1e8de84863300fef75199613b052e1a7ac88061aa6e4fe0844f9d231df724684b74b363c0a9ce71f7d4b2426b0ffcdca73a002ece9a4215bbeeed4d0739b5dbce383a20bba956165636967324b683bded414a76e3ac323f17f85e800b6a9f0d75e948abd733da136b4b375d3a0f8551168da718a4066f31d8b32e3f754f98d664b9029c23d131bd374d09369729f611f21438dd40a732692c7a8ae6ca86dc11361ca1c60d4a667d29ec118b26a23c3ba1bdcf8a92306f9f19572aeec1d5149c390b272370a47c644807efbf4591cc5df03720987452b699fa071dd8aa87ba0218954a46c3719e9b98233dd8a60fb95507f6b2787eab7f7463be285b68e28d93b3676e1824eb712a5c36133b0582a810f6f76c88c483f99ae630d00103442332651bc46f70c13a250e353e7bf3e61905b50b93ae917c5115060a8ac55c44d4e9d39a959bc71dede184ed6b197e53cd3087ab95a433a5eecb3b8f3e02cc245a1297dbff94f06b8d9da6c098b5f0b0ea467ff3540cc7ebd6dd44d2560c8b7c6e71d620b07781bd75f7516d0cac09b59b6f5dc082a3abc8b65d9823bbeea74bd04018696abcadd7d7e4bfaaec567506fcd9177c248c2ae3830e8739064533991aa373db2bb2036ac90d2d60ac83396c7b7f25228128da9e4fc0ea0acb8dd2b1d9e4997239c6057dcc3af0031e8e662aa2faacc0c1cc48fa9c7dcac158473ff02ba3372d43edf67298d0f7a6b239c98a8003af6d69fd39d3c727f6f982825232e73dd930b82a0cf7b7564c46a575d74227dfd3218a6cbd1f753dc886dcfba5297a93d79a00a5664503fefa88963d3bc4898be993d9550d2a78f7a7877a92993f5ebf1956202bd73494e62cd4e06917ea4ec4db284da9f3405c01ed33e3b6ad152925cb336714a6965dceb1f714b10c784915abe65f8f01c3d331d63eba13e5cf81699797f13e4d01ef0c843e96d0a52b09bd9152d04e68e006efed0e2af7c1141472b260280bb00506fe59be964044b8fa21211ae3dfb8629ca1b05b9011d2d232e02827bea4fa1c4b771de34152b7c8d3dc08d25f8a7d37e6f8b57ae9d905423bd9075e86cf06af67c669ec5c7ef97c2bdd6106a7d61e5601b2281285741eee16c91ec680ea91a6380f3fe6b8c8242e90d77509d93c7cc381b15d6a1f5ffd914440751d685dde4bab1d60f66f830b5e8e728a8a028f50e5b977bd12e40f2fb9683cf347bc0e308e44d52dcab28025314045b685eef4bfd0df8b170cd5f3bd4b1cb3e0af97be6b2d655a472bbfe7acb62ade315ed1f89107ab63d93cbc70f5d1522ca0418216acefb5681f41583877a2f019053d3c24d43bdd1a9bb2316304ff3da18990e7d0a9e68dbdb085c41ba8ab6a8466066ceff796e24bc0afcb11bcb32ad041d192758d3e59ee1ecd07a9c77e3190a0badb6a6da069e39ac9d1e8ae8818ec35638efd62452ca69391d15eeff21b43453bdab1b299bdeeff70218018041fafa88cb8bb30e7533f22d4a5bed08a5d3beb9fff6b78d1771219fb649b8a0e032a59becfdeba390e71b47be8857aa08bf10136e9a1487ab975deb93d9f732701c59fce67f8f1f9c6b11e6f5cad89bfbd07aa6d44e5d1f7b64bdeb05d14c30c7f29866eaffbec67271bc1cc72bd35d51aefd56b0c44cde06b2de1241765011749f26831f4484da4f6a5fc7f79e8458f6d4bc079969f3125e76cef99d3e167c652196f355913697921f9ff7c2b594d43c418c9c73aeb1105f86af1a43c6120d1d125c7cd2b13765565a442e560c78a05c8d6b6a160a4395060302cc8d0ed7958d7d92891f9286c5cbcee12319a8703b845aa4f05b1f7ed793509a4be899272f464dda37d379ac6b98807ad85b07639023530ca8c6c711ddd89138ab2e67891136a8563aa34e977c44885055b5e2c645dda1c0ca9393d069131b3fc9e44edc7b679934f97f5f050a03123522b38270baef462cc4794865ef3abfed3a3e"}, @generic="088cbde3b47d69c0a06e6228788713353e3e4235f9b1cbf7e188475d11c704e8a25900d4db8da8078fdcc2440a712b38f89d47c7ac1452df71ca3c8d07ea9a1adbc60937c87c71d85fb15279229f922b80c08af5e2a18e438f438f6c57fe89459f7b4b86175960886503f86b18bd9274bb0027499b5cc1b21b93ed10f5666a8ec22691838b80d93feb88f7184f148807961ed0664c6dd64397748a043949f864159cf4b26e66bde6b36f58f78da323ddd88cae4105d3f21b9055", @typed={0x4, 0x17}]}, @typed={0xe4, 0x67, @binary="6c2a41b403f04a299d1a7e34ee743fcb47d4a1f8f8ba6ab823337d555cdfd24dfe2f9cedf2a49b88a0e9f209383bb403b1b4eacef84f2d56db232cec37962b3f5e8ec646bcd96c0a8032c10d19713128f468e3d92f33e4555bdefdcf05e668710da7b26c6e6ef014549eedc8561d02a49c54529a2e463b33ee4b83b13158e08696ea566cdd86259cec3c1c9d574b6ecf591e192775f4a16701b54b5f57982a5cdbf49dd2fc4a6438673a43163ae169ce0714e184468d1f37101c7a5be4af79be61627f2e2aed7f9238b5ba8294576691ee292d1226f783046862366c4cba"}, @generic="a5a23967611f761d6c63899bbd9fb040ef340981f23c384875d583e18302172f23a892872f14b4a1fa7e870b16fd606ce9bccbd3", @generic="f56cfba24d96e57a4fa27892531738"]}, {0x534, 0x1, [@nested={0x1bc, 0x87, [@typed={0x8, 0xf, @fd=r0}, @typed={0x8, 0x39, @pid=r4}, @typed={0x14, 0x2, @ipv6}, @generic="c3fb3876069628ad6dc3034e69771ec6b453c2e4d9a6", @generic="ce74fb1867d4107bd98ebc94e281161376ac2b6ead38bdef67119a8e23a839205aefe63c5a9e4515df5ea40d98614e2026c098498afca9711e9c13fe34f471ae89f26bc744fd8720ab0da2c7a45ba9305be0ffa9db580763cf49939a276bb7f6a75e58f2e90833a433e99211aeb323f4c786c794abf2a3c44b4413bdaff12851c1c1a7db2065cea25950146b40167da5deb4ef53dc62e57948ed90da56b42c1e080953a02af197d6209f04f78bb92318416cbaa66af600dc978e4990ec962b00bad51ef4bbcbc556e11ae3da20fb4cd9945e6c9776acda54dd1235824f76e663b45b5986eaea64fee67e8b67", @typed={0x90, 0x50, @binary="02c77f4ba78e2167d77b2682e6cc7aa687a1c1147693cf50875714e40a710d4b2fdc40717eb1796541cd874e9b9970541ba66f28556964138d657018fd68b8b74607530df1729081057c1c774659028fda90a9bbb0a163df9e9e470ab50c53a52250a9f7193e89f06c8fce4a2c8c8a5f4355e07ef093483d1c434b950f875f7f130343b12ad52817962e88"}]}, @nested={0xc4, 0x2c, [@typed={0xa4, 0x62, @binary="af0c2757284dc55d0bc516c50ccd384794f2074ff35a84df199e9b41085aac86ee3db18d2d259de01a9c45d41dddd743bba9b5c3ef3325fe8c1f30f28b57446783f5925ad30e297d3f16cca7e16dfa8e5d57f542582be2fd167769fd530571f67bfb47ea7524838e7e69442b7aff708b07707d1722c339e2399f18c79a51af0a70ad89350d1e49543ba18e783649d5d64dea7403453211463ac74bfcf3aa73b4"}, @typed={0x8, 0x1d, @uid=r5}, @typed={0x8, 0xf, @uid=r6}, @typed={0xc, 0x70, @u64=0x41e8e082}]}, @generic="fe7c83ea7bf270dee304262ab4a32d027fa634549d3fdeb711db1279f64fd72f781278897d68d701a554fbcb30776621c16edfa7574bbdaeeefc84f7f5b9ebc4bfa065d59b16de86a1765f117b8678f68d2b108e50b9d8d0c33ce04891a7a063d98010809b8effbd7273e05b76bf4ec70c13f126e7c0d40afe9bea8cce5bf3052084445373d74be8cf980d5700051fca0927459c48171a", @generic="2f479ccfea24ea9670004d2296b90e03b9ee399c0fbe0d82661705eb8a916355096b23e9990e26efe2232ab35f20f653bb1975fa9520d1e6de0f719b8effbfd431f54988a6927983b60c9f2e7b6f08b5775706b6cfacd7cb6010b495f714d2e0e367ac1588687ec11feb11b8097451623cf29593cd", @generic="15f33e9698e006386d8b3d41089d1b7d0eec0ce44731c5024da2fbfcccf4a6bf6c7b1957f880bd56f55fabce15ad2b767b334c7a9b66a5083b0de76149ba0fec2def34de6bbf05920aa74f97c9c38c9cb2700e63bd1b81ee12096028d629dfb98c59bb8a351ec4cdf5cdce2cb877a92b4a91d6f3e82c324c6047989371b911eebc8be766de9adb2a1cec719ea061d364d3cc8b85c8a82c6413", @generic="15bf42c86db4bbf6d759a84129b77b59cd014965c7cd9bfb7ee564727e86aa39b541f093e9718181a8a1782135b830ec639274d758d48a6c", @generic="e358bf74b2ccd10d79f442130fac9291ccee5a91a5cf9746287b6a80611f2c22f12a38a24ea4019ec797f638fb2c0dba8474832d5ddfca17910cca03b2eeb556148fc1fcc2b7bd17b6923a9ffca2551bfba02df78151b2873ccd7ad16b1662d054b28390ff68cc5c0a3c035f81597ff21e378d0e", @typed={0x8, 0x66, @u32=0x61826377}, @nested={0x8, 0x6b, [@typed={0x4, 0xe}]}, @nested={0x4c, 0x3a, [@generic="44344d7ae688d2a1dc93a1d728b64356018458315976c357a2c6ec80113a3c9773e9952e8c", @generic="8563568ce40daca5b6029bef3f52480942bab44acd889da076c920da153a8bae8e6f05"]}]}, {0x18, 0x1, [@typed={0x14, 0x58, @ipv6=@ipv4={[], [0xff, 0xff], @remote={0xac, 0x14, 0x14, 0xbb}}}]}, {0x14b0, 0x1, [@nested={0x2c4, 0x6, [@typed={0x8, 0x49, @fd=r0}, @generic="5ed7b7677d794164a9c9bb964bbb28f7a063dd19ad4081560bf283812b5c4d223b5ccaf081ebc2aa981b2360769de97dc27db0b1f5a07e6591b1ae8a8709d84aa2543141cec231691b6bab0a9353a6e3c62d287ee84c8110c880e943b4bc5e991967e78e7bf64dbb69f6aae22f11cd21dba6dfe04c86153f7a85c38831b7fa01531bb5c778acfe33f81ee0d0443663", @typed={0x8, 0x10001, @fd=r0}, @generic="f061bb1f1b78fa47df63c42ab74a3e681e8666f8360e86f1121ce28b2f3dad21ca3e550187437ed77af6160dcd8c2b7ba9cbac039478d97918c2566ccc2f41c9065fcb62a1769b38c8e29697e1535750c481c0cfc3276845a35673ebd55eb18bd28d86fe26b54d988502b38c2ca41e197fd53134383c0372fc", @typed={0x14, 0x8b, @ipv6=@local={0xfe, 0x80, [], 0xaa}}, @typed={0x8, 0x78, @fd=r0}, @generic="5ed9f36d44533a9445962ecdd5e155f28809ca2aeb470a2691e2477e8b167361aa3610d64116adfd77f9ede44cb35e7451f953cde22ff5a2da6ded5ead3d1a06ae25722f49e876b02e56b23e2a", @generic="71ed1689c82e30dcd817f3b3bcb811326c59b34cfad64d39db70712de457d8b43adb22a4c8771de49ee3ecb0435c273e832d641ba175f8ec6517f1d2adb19175fbf52f489df35d491dcfdb2d09c98717e2bc8e05eea211756be3ff704524db67d3ecd46e9621534d39b1e89ba11aa92752d900a8f5434ec4ee0b38971b3985b1c787d96395b0a77980dfeee6d46a8c3d6fc5b00c617c4132a532a76a8fc7945d6cc8de74efed87d0fa99607900a19fb7e7ce8f094b825172a5f44e93a5c4", @generic="45363c3aaecc741bbecced1e8d4f0facfba9b6cf5769f9cabcd6d7dd63cddadf247774800bd143483221e485b0907721917aaad8d5b277cd37ba0f9a09080b889ae71cc8650cd726cc3f3001a8b156b3116b7c1a79dcba64e2f03d5511ea52002e8b1c67658158cc2e1755f4127f569c865d326d486060995a4286c9ab43b5ba7a"]}, @typed={0x18, 0x40, @binary="ae549171c1810b6fc223b7e67ad5c9dc8124"}, @nested={0x20, 0x61, [@typed={0x14, 0x27, @ipv6=@remote={0xfe, 0x80, [], 0xbb}}, @typed={0x8, 0x6d, @fd=r0}]}, @nested={0x11b0, 0x84, [@typed={0x4, 0x77}, @typed={0x4, 0x37}, @generic="7cc5c7374fe053bc29bc3f74f7bb423d2818cc73ecc9669f9351052ca9426ba517b3303180e7ba1a543b8c2fe7fd1472c44214fa63a2f36fcb8fa9a14ccf18219c32facf6b1defeefb7d49037cfb7d4db01159b0b1837d", @generic="69a2a9275dd2599c6cf77fc92ca8787e3e40e8175667e57c072c7002fa516d559a1511569a39607e3b56c4259f6e9dac607c53c97294891005cd331562f851b91363085286d04ff05340", @generic="3bcd87b9efc4e4b2f2da2ca9c309fb484e31cdb50f135312025ed80ad39df3ff8ffd6e8886959256eaa742dbb5984b455e522bcf2b5c6e255cc6314c12ad468f0968a209383a1dc217c7ed299a911adcf0441985e3a272cf9d9867751d04cf65bf88708f74e7ab996f140bcbb6da6055be9f292d8599d223162afd8662943f169f507ceda7475269bd7e185c2674ceaba9258dd2a8696caedcfa9ea5aaaa0a1c744eba757e0cd90d88e74d3e5c4cad4f9521a3e8d9ca1058ea158f85489d3854786763c4694448df45a1e8a6b779d03bd19dc612e4059659d8ad1cb841da3c7715103943b8a261654635", @typed={0x8, 0x37, @uid=r7}, @generic="61ca9a2c1514dab872889753f9cdef3b8cc249712815d36f1b71feb6b7c4aac613ca54254c7aad6371eeabde977fe55719325f431b19a3118d6981c33ddcc5c2e32364b95b0ea72864aa29d3e47dd27c91420eae31b1f5f767292c343733e4911ea3d63840bcb5e094524d119866f929fdd0cdc9c25d421060e62fc3f6bcbd32bd7433af0dffc4ccf84659e32adbedf2cb77347d16fefcd45c5b7eb4030b0fe70979ae17c64cc4b1d6b9d89a019831894daf858e3da06979526118df950d4e8102e102711203d8e8c96d906dacafeef6f8d119279f33ea900c2af6f9e21a081e1ac2161be4ceab43a4badb8f88ba8202792fd9a1299e1c1be87576ff385d6e546311b1360955d25bf5941647c0716b2345cec119f541bd5337b1c87f6a5034d5b794eeb974236740c4b6860f0d52fe0a444f21194bece94a0fd26bffa70a136e681fff92587e12f5cba0cc8916c4ad15b23764c61d464974b01e9aedb79670aca93b0517aa7a0027c51d3940874a3543692976742b3f4bb34e1dd8e2a3ef51a16cd985651407bc943b2f118b321c1983640987e1f69c092d6f027f9300edf2b5e0f511c598f2ef40ede23f2027d3a9a74e7f97b2e62c0b4d22662dbf459a07459418655fee925e09a27fe6b1b2b824797f894496b128a32964b614d7c0156d6c0f55f88ef64adc101edfd2606591f603bcc06dc0250042f9fd1a39e76895426a4fb88c254e79333dbed04f410f904784e3e85a4f6f5ece3abeb9fe5a909fb60c0cec863aea31135a194995cd15c428e2f16fd5c9f5ec38777a076f2971739933147a5acf466a5614be930f4b204b5ccc6feda5d897b0293d686939e022e06d0edf4d6379dbf8febbfd477193baa7d1fd6ff3ad2e2d7de91c99c3d3f1053210480ebe4fc3efd9a3bda2f9fb6f6189466bd4cb1ca17fb8194afdbdf34f68f7dffca6c8c3e2ef9dc56ed798d56311d26984f7eea443778de9566a1a1677530b64c74b25b8d76e9c0ca09f7077c5263fc4051662e127bc30a2bfefd142dc6d6febe1edb239529676f59c6fbe993fb2ad0838e443d30e8df21e396c9c94d56c7478007d6bd7340ceab219b3d5b43a80991f9019d446c9c6b8f2869ed6afe44f5e124a66e55a6d52484698a84e27ab0a7e96afde2613256ed5c22084104277e71ee243a5078aba97a12fdd325597f7e4f4751263ed1b846d62853e8a359247a98f9fbfde2124ae2e6a0c1ed27eb1f9518d03b3dda16758bb984b356cc5c7dce4ef7c88915eac225194beadd21fd3e043033c55982fd79ab0d824b3900df8a37975f7af8ad35e751f91aee4ebca460914150c92330a8ee0293812758c72868cfa817f13c0fd064fbd77b5ae74a45b9ec1884fcef1c19ae417ba4f5abe78521bb577e030df9bc8f62f79c5deef015d75f986f24feb75942fee9fa3659eee519a2ca562e92ef6096b007c330c1bacbdbba8151cc77f141dbe601837d480e094fad588dfb4a87f34355c25c195058488629d73d791d3aa7c0c96f671ab4fbc26e7c077eba504d6b409704be5e0ff5771a808de229f0412c8b0bada9b2cf86b3dff8d275ec4cbef1369fda19f430fd977a2d8f11483a83970940dfca4cbd8d1d942990799109f63db518acff3657f0293dda00cd26df86727a20e8a0c38b541494453dd3751cff3fe1e0407ede2469f5919eed642679c30acf62548cf164d24ab69e98124ecdf978469d927f40fbdfd054134cc7fee066d2c34cda6944e72479660d0d2d15d8c408589bdba78f254bae8b4a4fce3b4fcfc3d47af48c3c39be250c66cd8839917af5883ccb40e7bfd7451626c962a5ad8d33980f9e9d39e27312310c70ddd67ec38eb8c5a6db9d644f7a6bb39998ef5168aa7f066ffe4b0664861f5d18955c5440dfc13828b92e069e9fcd994c9b0cfe9d7e441fb8f84527d942ddd1c81de9f0adb47d49a6cf34e01ada5bd99acb7789912b9d922ef283e19bfbec700eb3b7a6903a6c2dc53944c19ff7ce3c130b77736b3894a264cef7875c17a7bfc835077758221be433e683e8e4d382d38c9f09a3feb776c8089467718d9e702a88e962188c1deda603267a195ff1efcf6ed34018d46ef4002245d61d584d9ea31b054104db38f7ec88b54666e4528da640d28698c64da3662e16e08ff4d5d62299bab6d885a715dd95d2cae8de2eb64db796ab7a3a69081bcde2a9aed84004be4eba9eb57df22f7f8ae98474283cfe59916dbce29871c0247aac8774f97135b321ac96d91df81d66a2bded3b1c4bd5a7cc4d8403ad83cebb325f031ceba83287ff7b3dec5f242e4be2f9c9ffe3a4fd5f338485eb3289aa7edd141732e96a77b4579615ff7cd4715ffe3842dc2a2215b3ad87c0f25e60f3cb94efee30940e63d5aacd6bb4eeabcf9950c2cefcfe66983591e23548a3d33dc99de6a60aacb4dc554978ebb8a5255740e20cd5550907bbff3bc123e5af856ecd605fd40736e41b70490fdd36569987a0ff589dc6368617af7031d4c7774559e08d5c40aa7b7897cb79b5ef75c8b82df3d4fc4b5a858664b386c03489d345197a5a8747ad3394bd5e600654a4e280f69a9b1eee798f3c5341764dab0588313ef9e8cfc0a8fd8e3a0b86b74680fae10d9bdc09c1c31374bb75715cfc669cf27301f2dee7ab6028a2a32005df0ef935c09a0c1a0eea5201defbfa9518bb1ff733cce91cdc4d1224b16e3d09f35969fb4f514a6a8866bd551e114d36f77ea9ebeae15e394eb762397f3e4909dc11c22f992c84c2e67cc05197b070b7cbf93322cb888195ea983fcc4860438bd2d30d112cd498c2d6c0d4f88e6720b0f27cd432c7764365ee7140e577baa2f377b4200bb333f6a511740ef5202e8bc083487eeb3bec6fe6dff9edee45dfe477b93cf993398dc71135257e0e5c246a7369de3d3f8036983c6dd8e8f5b0fdace8d8b097c0fb1c90d4a0979f13642c31a01f2903e68118d0712c36c71ddf6e56c742763e801db7bf3f36b4fb8b248ade0d501cdeae473bb2bc99c6a8e99755302835721da2c008d4bdc7c5ca26766a39db701967f1419e8ca5b8d72a66c02db6994a86ad4f76cea66d90f47a107e52dbe9fc9bcb2a1fc9fdd1ef81e7f3084fbde4000576b7528daf3b746b0347e14b7bdd0d899590dacb7b87dfd224f2e9872bae942b2d616eae725b95ce4d2d2b7bf4c967055ca79ff9f8b005b03b4cace60d36b07f515592b5ae9642189366a9153273f5c61523d74813e4e5b57272dadaebe77561e43e849cbf3ed3de608613e7c219c05d00275cc7747d1bd1ea4a63959d462c1f03848072336d8176d094f4fccec0de8836069e5b6c64ebd78bba93ad2c1ee675b29b8770716e3762cceecd4fa03b9ec9bb9860ab13ffd9b22d93469e30bd8328c4fc922c27fe071f5d0dad2e2564b218c7272d2a902c6afb5a8774d6609e70529a6e8bdcad6b1f38137db8466b619ed2c7ec495f9e77169e82a41bf50a127ae78cd8c5fbc3cfa502f6a36889acba4aacf7e9c9456c96d6d483a5eb11414adc06bf662ad6d58a6231e403fed42c4469b412512e47cb4e98a7e2fe9b5885f812c0f0ac08ea648116c315496dfa1cf4b56a6b3c36e0fefd4db4421294e21f1e85c7e5be405c0b0a61a6171a234b82b7e0b884afc7162299c703aaa8e6576394ecdd7e2d0be59a4b3df0da78b194569fc30051dafac3d811eed25c485f97f036850e93e93a95008de8eadcbbd91f6dbf575560ee87e7675168254102cea1c75968985cf52637bc591557b079b7a111aa9bb05855232a5885d6e0050dfb5a170e1559e9b233bdff30b40a1ebea3b6868fb784392b776c4dd9a1e655e2ec0f1dbdd7dd52e593f88ec52c1219a73eea025a3f4985c40478b85d964dfc9df8a8a1e22c585fc7e29e03345ca0fafa1024ecc164440800f4a78c9e619ca8a421a56d66db1703892fd4b56c4302b8614177428283edfb106606bc44030eb61d992bee2d0a2c11bdc9e62c635840fc335e00cf2ca82b58c079cbd3eaec9698f0915efa26d30e19f35e4961c8680430d624eb20caaa49850e170495900b694d875ebecb070f1465e490a95a2a2a7239056d921be60c9a226b314e79e6335b5da786c506e3114b93e57b37164b2fc8bb64fa80cb87b668cfb9bc9aa4d83affa2241f54f74db99f34e8c76697da0ca784fa0aba2af5865b50781da022eb184fb4a26bdfc57cf57a1fb0abf8da853c6ec523229c3aac779365c380b7e8687759a560456fa78573044627e02c76bf7ce34ba9cc2e1d63faf38f7ce272ca6e3fb7287fc070b36d13fea293ed92129bd6751a50ea9d070c4992f34ce8be4bdbfac5b6d4665b99bd6a00b6b10c39c6515709a22e9735d638da0205daf3367cf347dbf6e744af5b9b33678183a75f46462cc09a97d4bd9353eae56f484b1997fa705b02cc2ebad3439baae58de87b85bc6310b2ab817bb380716a50acd58f96a7de7c94cdf78ca091ade25872b74c48eb8c5a6580f3097ce7aba5eb6b0badd0ed4eda71a1cc5e15a8652485cbaf46e5e2c9057863b865e4ba4e0b6a3fbcaf8886ac68ffd491faf0aff41a348b0d1e3e0bd5f4fb8dc1d98f2cd2666897a8034a32ba8d7183d4e9e5a344d4988c0b4d010dc037c36d11571a3335db59795248b24daf71f146f3d32c32bde4b5b33ae1b37e784e75dc2656f07af15d2a29f03b7bb4822c58066ff84aeee9ac789735777377ee047ce5ce68b5c906ffd4cb29b4876c9f43a7aad74918029129c9f879067ac9a432d6071c3160bfef4b68862b23fda7e2c564bc3d42247e6aee7e8f1cf075db0d28bc5433713d572186bb5b8494cf98bb293e5bc76fa8bdac83282a8301f2eef8cabff2ceb6b958cd06b2c23e9b272572254b06dfed204ff5c59939b46d7638f18fa0968ced28bff1ea32acc034e6e14c069cc712737cf3deb3fffad916c9a308d56e5d66bdd0fd4a167575c986f47167339c8242c8cca068764be3dece4e69fb65f26c049071ac0c049e4526a0153c0d625be2c208a4c3d27ac420dffa12bef5347bfc011ec8a28e0e5cc3635dccdbce2cf0e1abfbc3f5f5111dc612dab0b813474f8a92aaa4c2824f70094f2ddffac19364b25565ee38cd4d27c4e7a073f44fdaed63c8e4ad12f610a6ac7b3374aa80ccb2a687dfae84be81ef46283dcfc41cfd265f49444e7e115e3b673d68cc70a0c40d22afcd3ea767d837c7855af616926d47c581ada872bfb26e2b60f0053acaffb1f4922a51ecb04e8a6a2184e153f60cbd2fc473310b35550de4534c67e693f45bdf515020b46ad7781b2855f14a020ea22e42c603ee6e3f50d58a6fbea82f9da355da174f8eef92993cb2126280cbdcb48f8bbfa0684653d14791afab9d447d07beca2a48d6c091d03d9c0c82de4175c61448a6c2e2df3caa70c05870cf17e5091de6f1bebcbcc29969d1915992c0c9aab2bb3b18965c5da8b5d95d0d7b4584db1464784de9971adb7b46402ba022950076196fa9240416b67a0da9ee23764121d146f5176af7bbc3d18e3eb1ecf906a8e8fd884a9fe1d8abef7193e241f0750396579433281a89f560deb0d0ba751da9cb8b559635a73c93618c1cb7856a4a081f1ea9a039ac79aae721dbc9a97d9106ce3602ea313828d4a58e2f2cd4195ab8fa61f8f19bf9a3d42ae4d927751f50489f408eb7524b26230cbff7eebc63305a799deb83a0718669d3d78d5eb772df80721c93701c85a264c7d7d947d4a616e3947cbc0f963def9d95b507e89d2ce50394abe2ea3ac0f33ea06272eddee4de3ce897c5aa91a6c", @typed={0x8, 0x5, @pid=r8}, @typed={0x8, 0x4f, @u32=0x5}]}]}]}, @IFLA_IFNAME={0x14, 0x3, 'syz_tun\x00'}, @IFLA_GROUP={0x8, 0x1b, 0xe44}]}, 0x2f78}, 0x1, 0x0, 0x0, 0x1}, 0x0) [ 844.498547] FAULT_INJECTION: forcing a failure. [ 844.498547] name failslab, interval 1, probability 0, space 0, times 0 [ 844.510073] CPU: 1 PID: 14531 Comm: syz-executor7 Not tainted 4.18.0-rc3-next-20180709+ #2 [ 844.518573] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 844.528197] Call Trace: [ 844.530807] dump_stack+0x1c9/0x2b4 [ 844.534487] ? dump_stack_print_info.cold.2+0x52/0x52 [ 844.539692] should_fail.cold.4+0xa/0x11 [ 844.543850] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 844.548963] ? lock_repin_lock+0x430/0x430 [ 844.553216] ? __schedule+0x884/0x1ed0 [ 844.557132] ? __fget+0x4d5/0x740 [ 844.560598] ? lock_acquire+0x1e4/0x540 [ 844.564575] ? fs_reclaim_acquire+0x20/0x20 [ 844.568902] ? lock_downgrade+0x8f0/0x8f0 [ 844.573318] ? check_same_owner+0x340/0x340 [ 844.577644] ? block_ioctl+0xee/0x130 [ 844.581448] ? rcu_note_context_switch+0x730/0x730 [ 844.586396] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 844.592030] __should_failslab+0x124/0x180 03:38:57 executing program 0: r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x404000, 0x0) ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000040)) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r2 = socket$key(0xf, 0x3, 0x2) getsockopt$inet_tcp_buf(r0, 0x6, 0x3d, &(0x7f0000000080)=""/21, &(0x7f00000000c0)=0x15) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$key(r2, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x0) [ 844.596315] should_failslab+0x9/0x14 [ 844.600126] kmem_cache_alloc+0x2af/0x760 [ 844.604302] ? __schedule+0x1ed0/0x1ed0 [ 844.608303] ? fget_raw+0x20/0x20 [ 844.611769] getname_flags+0xd0/0x5a0 [ 844.615691] do_mkdirat+0xc5/0x310 [ 844.619248] ? __ia32_sys_mknod+0xb0/0xb0 [ 844.623432] ? syscall_slow_exit_work+0x500/0x500 [ 844.628280] ? ksys_ioctl+0x81/0xd0 [ 844.631923] __x64_sys_mkdir+0x5c/0x80 [ 844.635854] do_syscall_64+0x1b9/0x820 [ 844.639767] ? syscall_slow_exit_work+0x500/0x500 03:38:57 executing program 5: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000100)=""/246) setsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000000)={0x1, 0x352b475e}, 0x8) ioctl$EVIOCGREP(r0, 0x4004743c, &(0x7f0000000340)=""/174) [ 844.644714] ? syscall_return_slowpath+0x5e0/0x5e0 [ 844.649658] ? syscall_return_slowpath+0x31d/0x5e0 [ 844.654604] ? prepare_exit_to_usermode+0x291/0x3b0 [ 844.659631] ? perf_trace_sys_enter+0xb10/0xb10 [ 844.664326] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 844.669281] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 844.674484] RIP: 0033:0x455267 [ 844.677681] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 844.697202] RSP: 002b:00007f413f26ea88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 844.704935] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000455267 [ 844.712498] RDX: 0000000000000014 RSI: 00000000000001ff RDI: 00000000200000c0 [ 844.719782] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 844.727107] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 [ 844.734419] R13: 0000000000000001 R14: 00000000004d3f40 R15: 0000000000000017 03:38:57 executing program 2: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000300)='/dev/mixer\x00', 0x1, 0x0) ioctl$sock_bt(r0, 0x5411, &(0x7f0000000280)="f23a14f04035bee1c14b73bf09e8aa29c07fb45ec98a1e6256178d297fc00beb") getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f00000000c0)={0x0, @in={{0x2, 0x4e23, @rand_addr=0x5}}}, &(0x7f0000000180)=0x84) setsockopt$inet_sctp_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f00000001c0)=@assoc_value={r1, 0x8}, 0x8) 03:38:57 executing program 1: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RLERRORu(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1400000007ffff070065"], 0xa) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x4, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@version_9p2000='version=9p2000', 0x2c}, {@debug={'debug', 0x3d, 0x5}, 0x2c}]}}) mkdir(&(0x7f0000000440)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)='9p\x00', 0x0, &(0x7f0000000640)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@version_9p2000='version=9p2000', 0x2c}]}}) 03:38:57 executing program 7 (fault-call:0 fault-nth:24): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010a0200027400f801", 0x17}], 0x0, &(0x7f00000001c0)) 03:38:57 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="0200004c6f786e6574302d232f70726f6300") 03:38:57 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") setsockopt$IPT_SO_SET_ADD_COUNTERS(0xffffffffffffffff, 0x0, 0x41, &(0x7f0000000000)=ANY=[@ANYBLOB="66696c746572000000000000000000000000000000000000000000000000000004000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000cf660ab9f7718ecfe24982ebf52efc35700c07"], 0x1) kexec_load(0x0, 0x7, &(0x7f00000005c0), 0x0) r1 = getpgrp(0x0) sched_getattr(r1, &(0x7f0000000080), 0x30, 0x0) 03:38:57 executing program 0: r0 = socket$inet6(0xa, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x8) ioctl$KVM_ASSIGN_SET_MSIX_NR(r1, 0x4008ae73, &(0x7f0000000040)={0xffffffffffffffff, 0x81}) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r2 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r2, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x0) [ 844.828001] 9pnet: p9_errstr2errno: server reported unknown error e [ 844.838618] FAULT_INJECTION: forcing a failure. [ 844.838618] name failslab, interval 1, probability 0, space 0, times 0 [ 844.849978] CPU: 1 PID: 14558 Comm: syz-executor7 Not tainted 4.18.0-rc3-next-20180709+ #2 [ 844.858399] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 844.867768] Call Trace: [ 844.870376] dump_stack+0x1c9/0x2b4 03:38:57 executing program 2: syz_mount_image$vfat(&(0x7f0000000140)='vfat\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0xc0, &(0x7f00000002c0)=[{&(0x7f0000000380)="dea9e5d1d7319f1b5e0ed37a0253db3d9d26eb524ea5e0a23d456d0adbd0ef9acd5126a47659c684854354b1dab53752c47110c5397c2d4f8d877eb3d3292af45392f82049a0f2cc73cdb07f129885cafe41d9ff05056fc8842ff75959414748b721d7dc71e5ee2e36ccd542079b67df87cc5960a0bb1dad850d54257dc4c5dada3e19b2b724706b7e553b42927bee139fce4e1d469a1f507ae80e156c4ec8356784d37ffab53eef1945dbab08d63f32d6da40c36975da8221c080f61787edbe27df0a91e16aa49eb8ec0fc0c4479624b1f61547dfeede439485", 0x0, 0x8}, {&(0x7f0000000180)="42c133dfd9ca55dcaa65ba46f36c4bde1dedc71a024c1525250567b436a3d290397483d73b09bd306cf3658d3eedbb10480ac72c8e51aed81614c7467601b06233952b40a0c788d227aefddb8a9a956ecbea3480", 0x2b5, 0x7}, {&(0x7f0000000580)="f8789edc3670d943f43ec5be93c56e64f9e5bc0a3b1007701ddc33689f08800fdb5ee1ad41890f5f1e49b4fbf6e189621d0f027c8af61318b989a0c5a9bb2b94155467ad8b6916cef1053f5ef6dd83fd2410067d4b9d2ea13e29c0fadc464ff592b3f4c3492feee69420b96de8716e2a5fc0f2472fd7f995fc323c484a2ef63cadb59b6a94b452a7607f6ada0b99e5706b765bb2ed83ff373106dee4039a509d6d0f0e808ad445a4312a381f249c2456d0987793d1037d0341e73ea354743f017c487072", 0x0, 0x4}], 0x0, &(0x7f0000000080)=ANY=[]) r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x0, 0x121100) accept$packet(r0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000004c0)=0x14) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000340)='./file0\x00', &(0x7f0000000280)='tmpfs\x00', 0x0, &(0x7f0000000080)) r1 = open$dir(&(0x7f0000000240)='./file0\x00', 0x3fd, 0x808000000000000) mknodat(r1, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0) renameat2(r1, &(0x7f0000000200)='./file1\x00', r1, &(0x7f0000000040)='./file1\x00', 0x4) 03:38:57 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r1 = dup(r0) ioctl$KVM_ASSIGN_SET_MSIX_ENTRY(r1, 0x4010ae74, &(0x7f0000000040)={0x400, 0x0, 0xff}) r2 = userfaultfd(0x0) r3 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x88200, 0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000140)={0xaa, 0x31}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r4 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r4, 0x84, 0x8, &(0x7f0000013e95), 0x4) setsockopt$inet_sctp6_SCTP_RECVRCVINFO(r4, 0x84, 0x7, &(0x7f0000000080), 0x4) close(r4) close(r2) [ 844.874053] ? dump_stack_print_info.cold.2+0x52/0x52 [ 844.879262] ? trace_hardirqs_on+0x10/0x10 [ 844.883516] ? perf_trace_lock+0x920/0x920 [ 844.887772] ? perf_trace_lock_acquire+0xeb/0x9a0 [ 844.892639] should_fail.cold.4+0xa/0x11 [ 844.896759] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 844.901892] ? walk_component+0x3fe/0x2630 [ 844.906156] ? lock_downgrade+0x8f0/0x8f0 [ 844.910413] ? perf_trace_lock_acquire+0xeb/0x9a0 [ 844.915276] ? perf_trace_lock_acquire+0xeb/0x9a0 [ 844.920137] ? kasan_check_write+0x14/0x20 [ 844.924403] ? perf_trace_lock+0x920/0x920 [ 844.928655] ? trace_hardirqs_on+0x10/0x10 [ 844.932910] ? perf_trace_lock+0x920/0x920 [ 844.937165] ? path_parentat.isra.43+0x20/0x160 [ 844.940591] tmpfs: No value for mount option '/dev/dmmidi#' [ 844.941937] ? lock_downgrade+0x8f0/0x8f0 [ 844.941968] ? lock_acquire+0x1e4/0x540 [ 844.941985] ? fs_reclaim_acquire+0x20/0x20 [ 844.942002] ? lock_downgrade+0x8f0/0x8f0 [ 844.942018] ? check_same_owner+0x340/0x340 [ 844.942037] ? rcu_note_context_switch+0x730/0x730 [ 844.976062] __should_failslab+0x124/0x180 [ 844.980576] should_failslab+0x9/0x14 [ 844.984917] kmem_cache_alloc+0x2af/0x760 [ 844.989083] ? perf_trace_lock+0x920/0x920 [ 844.993467] ? perf_trace_lock+0x920/0x920 [ 844.997716] __d_alloc+0xc8/0xd50 [ 845.001725] ? shrink_dcache_sb+0x350/0x350 [ 845.006056] ? shrink_dcache_for_umount+0x2b0/0x2b0 [ 845.011246] ? d_alloc_parallel+0x1ea0/0x1ea0 [ 845.015753] ? lock_release+0xa30/0xa30 [ 845.019741] ? lock_acquire+0x1e4/0x540 [ 845.023727] ? filename_create+0x1b2/0x5b0 [ 845.027977] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 845.033000] d_alloc+0x96/0x380 [ 845.036299] ? __d_lookup+0x9e0/0x9e0 [ 845.040103] ? __d_alloc+0xd50/0xd50 [ 845.043837] __lookup_hash+0xd9/0x190 [ 845.047644] filename_create+0x1e5/0x5b0 [ 845.051716] ? kern_path_mountpoint+0x40/0x40 [ 845.056212] ? fget_raw+0x20/0x20 [ 845.059676] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 845.065221] ? getname_flags+0x26e/0x5a0 [ 845.069314] do_mkdirat+0xda/0x310 [ 845.072860] ? __ia32_sys_mknod+0xb0/0xb0 [ 845.077110] ? ksys_ioctl+0x81/0xd0 [ 845.080744] __x64_sys_mkdir+0x5c/0x80 [ 845.084663] do_syscall_64+0x1b9/0x820 [ 845.088555] ? finish_task_switch+0x1d3/0x870 [ 845.093055] ? syscall_return_slowpath+0x5e0/0x5e0 [ 845.097995] ? syscall_return_slowpath+0x31d/0x5e0 [ 845.102942] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 845.107969] ? prepare_exit_to_usermode+0x291/0x3b0 [ 845.112994] ? perf_trace_sys_enter+0xb10/0xb10 [ 845.117668] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 845.122554] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 845.127765] RIP: 0033:0x455267 [ 845.131032] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 845.150355] RSP: 002b:00007f413f26ea88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 845.158166] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000455267 [ 845.165453] RDX: 0000000000000014 RSI: 00000000000001ff RDI: 00000000200000c0 [ 845.172725] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 845.179999] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 [ 845.187368] R13: 0000000000000001 R14: 00000000004d3f40 R15: 0000000000000018 03:38:58 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0xf840, 0x0) ioctl$SNDRV_CTL_IOCTL_TLV_READ(r1, 0xc008551a, &(0x7f0000000140)={0x3, 0x4, [0x8]}) recvmmsg(r0, &(0x7f0000003f80)=[{{&(0x7f0000000080)=@can, 0x80, &(0x7f00000001c0)}}], 0x1, 0x0, &(0x7f0000004000)={0x77359400}) sendmsg$nl_route_sched(r0, &(0x7f0000005a00)={&(0x7f0000000180)={0x10}, 0xc, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="2400000026000102000000000000000000000000", @ANYBLOB="00000000bd"], 0x2}, 0x1}, 0x0) 03:38:58 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000002c00)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00005befdc)={0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}) r1 = dup(r0) r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x2, 0x0) renameat2(r1, &(0x7f0000000000)='./file0\x00', r2, &(0x7f0000000080)='./file0\x00', 0x2) setsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r1, 0x84, 0x13, &(0x7f00000000c0)=0x8, 0x4) syz_open_pts(r0, 0x0) 03:38:58 executing program 2: r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./.ile0\x00', 0x4001, 0x1) lstat(&(0x7f0000000140)='./.ile0\x00', &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$TUNSETOWNER(r0, 0x400454cc, r1) r2 = open(&(0x7f0000000100)='./.ile0\x00', 0x4007d, 0x4e) openat$cgroup_ro(r2, &(0x7f00000000c0)='cpuacct.usage_percpu_user\x00', 0x0, 0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./.ile0\x00', &(0x7f0000000040)='9p\x00', 0x0, &(0x7f0000001180)={'trans=fd,', {'rfdno', 0x3d}, 0x2c, {'wfdno', 0x3d}, 0x2c, {[{@version_L='version=\np2000.L', 0x2c}]}}) 03:38:58 executing program 1: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)="6e65742f7274df61634e7400") close(r0) 03:38:58 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="0200006c6f786e6574302d232f70726f6300") 03:38:58 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000000)={0xd017, 0x4, 0x206, 0x3, 0xfffffffffffffffb, 0x0, 0xf8bc, 0xa6, 0x0}, &(0x7f0000000040)=0x20) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000080)={r1, 0x9, 0x67, 0x2, 0x4, 0x10000}, 0x14) r2 = socket$key(0xf, 0x3, 0x2) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r3 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r3, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x0) 03:38:58 executing program 7 (fault-call:0 fault-nth:25): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010a0200027400f801", 0x17}], 0x0, &(0x7f00000001c0)) 03:38:58 executing program 6: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000740)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000013e95), 0x4) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000140)={0x0, @in6={{0x2, 0x0, 0x0, @mcast1={0xff, 0x1, [], 0x1}, 0x60}}}, 0x98) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000140)=0xd) close(r0) 03:38:58 executing program 1: sigaltstack(&(0x7f0000ff9000/0x4000)=nil, &(0x7f0000000000)) r0 = socket$alg(0x26, 0x5, 0x0) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/igmp6\x00') bind$alg(r0, &(0x7f0000000180)={0x26, 'hash\x00', 0x0, 0x0, 'sha224-generic\x00'}, 0x38a) r2 = accept4$alg(r0, 0x0, 0x0, 0x0) sendfile(r2, r1, &(0x7f0000000040), 0x1000) 03:38:58 executing program 5: r0 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1) fcntl$getownex(r0, 0x10, &(0x7f0000000040)={0x0, 0x0}) fcntl$lock(r0, 0x7, &(0x7f0000000100)={0x0, 0x5, 0xa8, 0x6, r1}) r2 = fcntl$dupfd(r0, 0x0, r0) getsockname$unix(r2, &(0x7f0000000080)=@abs, &(0x7f0000000000)=0x6e) [ 845.584198] 9pnet: Unknown protocol version [ 845.584198] p2000.L 03:38:58 executing program 2: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r0, 0x404c534a, &(0x7f0000000040)={0xfffffffffffff6cb, 0x5, 0x6000000000}) setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f00000000c0)={0xcc53, 0x80000001, 0x9, 0x8, 0x2, 0x80000001, 0x7, 0x1f, 0x2, 0x1c8, 0xfffffffffffffff9}, 0xb) ioctl$sock_SIOCBRDELBR(r0, 0x89a1, &(0x7f0000000100)='nr0\x00') setsockopt$RDS_GET_MR_FOR_DEST(r0, 0x114, 0x7, &(0x7f0000000200)={@generic={0x4, "9c7d936eba1aac841fafa503320a9caa6d4ed79aa8472c43a0310a5812ab4bcc6c8fe1989cd85ff523a2e16e874ac2b542c69c8382b91c9147116c82c3f9e0a185c9a2d2658b11413ffc5383e5d7256b97826b767642d970a28bc2abcd1e6969fca87073f9a5e98fa33b832d238119d046bcac9b12de9a00e062201e73db"}, {&(0x7f0000000140)=""/82, 0x52}, &(0x7f00000001c0), 0x19}, 0xa0) ioctl$TIOCGETD(r0, 0x5424, &(0x7f00000002c0)) setsockopt$bt_BT_SNDMTU(r0, 0x112, 0xc, &(0x7f0000000300)=0x7fff, 0x2) r1 = fanotify_init(0x27, 0x0) setsockopt$RDS_GET_MR_FOR_DEST(r0, 0x114, 0x7, &(0x7f0000000400)={@vsock={0x28, 0x0, 0xffffffff, @my=0x0}, {&(0x7f0000000340)=""/86, 0x56}, &(0x7f00000003c0), 0x8}, 0xa0) getsockopt$inet_sctp6_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f00000004c0)={0x0, 0x7f}, &(0x7f0000000500)=0x8) setsockopt$inet_sctp6_SCTP_AUTH_DEACTIVATE_KEY(r0, 0x84, 0x23, &(0x7f0000000540)={r2, 0xfffffffffffffffb}, 0x8) ioctl$sock_inet_SIOCGIFBRDADDR(r0, 0x8919, &(0x7f0000000580)={'syzkaller0\x00', {0x2, 0x4e22, @loopback=0x7f000001}}) ioctl$KDGKBLED(r0, 0x4b64, &(0x7f00000005c0)) ioctl(r1, 0x9, &(0x7f0000000600)) getsockopt$IP_VS_SO_GET_INFO(r0, 0x0, 0x481, &(0x7f0000000640), &(0x7f0000000680)=0xc) getsockopt$inet6_mreq(r0, 0x29, 0x1c, &(0x7f0000000780)={@loopback, 0x0}, &(0x7f00000007c0)=0x14) stat(&(0x7f0000000800)='./file0\x00', &(0x7f0000000840)={0x0, 0x0, 0x0, 0x0, 0x0}) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000008c0)={{{@in6=@loopback={0x0, 0x1}, @in=@rand_addr=0x8, 0x4e22, 0x5, 0x4e20, 0x20, 0xa, 0x20, 0x20, 0x21, r3, r4}, {0x8, 0x6, 0x8, 0xd2b, 0x8, 0x4, 0x6, 0x5}, {0x583f, 0x3, 0x100, 0xdb}, 0x100000001, 0x6e6bb0, 0x2, 0x1, 0x0, 0x3}, {{@in6, 0x4d3, 0x7f}, 0xa, @in6=@loopback={0x0, 0x1}, 0x3504, 0x2, 0x0, 0x2, 0x4, 0x8c5, 0x7}}, 0xe8) setsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f00000009c0)={{{@in6, @in6=@loopback={0x0, 0x1}, 0x4e24, 0x1000, 0x4e24, 0x8, 0x2, 0x7995321da87be58c, 0x80, 0x7f, r3, r4}, {0x2, 0x81, 0x200, 0x8, 0x5, 0xfff, 0x0, 0x3}, {0xb5, 0x3, 0x8000, 0x9}, 0x4, 0x6e6bb4, 0x3, 0x1, 0x3, 0x1}, {{@in=@rand_addr=0x5, 0x4d2, 0x2b}, 0xa, @in6=@remote={0xfe, 0x80, [], 0xbb}, 0x3504, 0x3, 0x1, 0x80000001, 0x0, 0x381, 0xffffffffffffff00}}, 0xe8) ioctl$KVM_RUN(r0, 0xae80, 0x0) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000bc0)={r0, &(0x7f0000000ac0)="17edd78747e62a9e29f2aac7fa1050333de620797717efb89afd437b1853f0c22e5b9068f7afd8e82ab9d5d282c6b8fcc3ec54255bd19c7eb8751080feb899bb5754faf4f7f516985a403d637f693fc07767230fe40f9e699cfdebce47988ce752705014e71e24cecce9a3144eebb12021bdc7c4654861f360ccc855a694511b19b1ff55b5ce55b6273861db8b04d0bc15bfdc34fc0ec1aafff8e096511054e00b7866847d2c86928f4aafd19d7a70292cc12021f6b79c03bf972127a3d4dbd9", &(0x7f0000000b80)=""/23}, 0x18) setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000c00)={r2, 0x7}, 0x8) setsockopt$IP_VS_SO_SET_STOPDAEMON(r0, 0x0, 0x48c, &(0x7f0000000c40)={0x0, 'dummy0\x00', 0x1}, 0x18) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000e00)={r0, &(0x7f0000000c80)="90efcf88654d0b9c43384a1dd0bbc1ebfe5bfc5510d5cb580a063da782d93f70776258a2d83d598aae890bb6847ff7e9efdee989a2690e57b98308891a2c5ac09c48e08d23e20e4f1f663e96b8a629cea24bb7bddab9a095e32b002139f586af02adc022d71ec50b3ba45922ec00757fb83cb93d56c4883b206237d6dd254af52e018a681c69df3a294cfc44611358b2becdf0b61e7eee138e7679f5ceae768f62c05c4b5625320b5fe27bf435429c5534ef287fc1096b4ca0282a10b53bb3b9ca83", &(0x7f0000000d80)=""/123}, 0x18) signalfd4(r1, &(0x7f0000000e40)={0xbf0}, 0x8, 0x80000) write$P9_RRENAME(r0, &(0x7f0000000e80)={0x7, 0x15, 0x2}, 0x7) getsockopt$inet_sctp_SCTP_NODELAY(r0, 0x84, 0x3, &(0x7f0000000ec0), &(0x7f0000000f00)=0x4) ioctl$LOOP_CHANGE_FD(r0, 0x4c06, r1) setsockopt$inet_opts(r0, 0x0, 0x9, &(0x7f0000000f40)="5bc18c922fe71a6d912b1aec2dad6f0832f26e047cad973979dc777003a2f5fbedc33d8836a608c55d00589abe8d17828b1662975ec55fd258957c3614542cd8294f8c312f69ee3c1cf92e95d71c860c281feb180f107ccd952d4ce91581e5bf1c8cd796080c7aec96a7f4543b9940a18f102465316e8e41a406eab421f23c6201e248bf31b539b4845b4c", 0x8b) ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000001000)=0x0) ioctl$TIOCSPGRP(r0, 0x5410, &(0x7f0000001040)=r5) 03:38:58 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='binfmt_misc\x00', 0x8001, &(0x7f00000002c0)="1e9441978e42025cdf797a0a4ebc52028757137e3e7d0a0cd84415274b5c3ec73ee15c4ccb5445c901765467384511d80263cd24d77929d4b1c8659386d67c5de74e0d13805057c817f142332467199ac32142112aaf921fad47fec3f625a5a89b2120bf561aa057464bb236fa8c7ec56363a047f674cbf451102fd0c3a4ff6277c046e7817625faae599a14402db1cdae6e4fdd377ec7ad5c10c3ac4c41f31a1c82e1470f3c22cc30d25231") request_key(&(0x7f0000000140)='dns_resolver\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a, 0x3}, &(0x7f0000000200)='\x00', 0xffffffffffffffff) pipe(&(0x7f0000000000)={0xffffffffffffffff}) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090ca9b10e72bba9cbf1ffffff02001300020000000000fcffffff0000030006000000000002004e20e000000100000000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x0) connect$vsock_dgram(r2, &(0x7f0000000040)={0x28, 0x0, 0xffffffff, @reserved=0x1}, 0x10) 03:38:58 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020000006f786e6574302d232f70726f6300") 03:38:58 executing program 5: socketpair$inet6_udp(0xa, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, &(0x7f0000000080)={0x1, 0x4, 0x5, 0x2, 0xcbda}) mq_notify(0xffffffffffffffff, &(0x7f0000000000)={0xfffffffffffffffe, 0x7e}) 03:38:58 executing program 1: r0 = socket$inet6(0xa, 0xb, 0x1) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r3, 0x0, 0x2000000000000004, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr}, 0xc) setsockopt$inet_tcp_TCP_MD5SIG(r3, 0x6, 0x6, &(0x7f00000000c0)={@in={{0x2, 0x0, @multicast1=0xe0000001}}, 0x0, 0x0, 0x0, "550beaaa187996ee3d57889e8bfec0e8baa5be8750fcee33689f3a11ed3f4b3a8341a5022c8937416244c16b08fbd1da0a6e3d267351e314846469cb85fc934b5ddd3a714d4ca3832382c2a69e946e06"}, 0xd8) close(r3) dup3(r1, r2, 0x0) 03:38:58 executing program 2: r0 = syz_open_dev$binder(&(0x7f0000008ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0) r1 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000007000)={0x8, 0x0, &(0x7f0000005fd4)=[@acquire={0x40046305}], 0x0, 0x0, &(0x7f0000002000)}) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000400)={0x10, 0x0, &(0x7f0000000280)=[@request_death={0x400c630e}], 0x0, 0x0, &(0x7f0000000340)}) ioctl$BINDER_SET_MAX_THREADS(r1, 0x40046205, 0x9) r2 = socket$inet6(0xa, 0x1, 0x0) ioctl(r2, 0x4000008912, &(0x7f0000000100)="2957e1311f16f477671070") dup2(r1, r0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000180)={0x10, 0x0, &(0x7f0000000100)=[@request_death={0x400c630e}], 0x0, 0x0, &(0x7f0000000080)}) [ 845.751437] FAULT_INJECTION: forcing a failure. [ 845.751437] name failslab, interval 1, probability 0, space 0, times 0 [ 845.762943] CPU: 0 PID: 14617 Comm: syz-executor7 Not tainted 4.18.0-rc3-next-20180709+ #2 [ 845.771347] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 845.780848] Call Trace: [ 845.783441] dump_stack+0x1c9/0x2b4 [ 845.787139] ? dump_stack_print_info.cold.2+0x52/0x52 [ 845.792348] ? trace_hardirqs_on+0x10/0x10 [ 845.796611] should_fail.cold.4+0xa/0x11 [ 845.800693] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 845.805818] ? do_raw_spin_lock+0xc1/0x200 [ 845.810062] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 845.815603] ? kernel_poison_pages+0x136/0x220 [ 845.820623] ? trace_hardirqs_on+0x10/0x10 [ 845.824861] ? pagecache_get_page+0x2dd/0xe40 [ 845.829365] ? trace_hardirqs_on+0x10/0x10 [ 845.833615] ? find_get_pages_contig+0x1890/0x1890 [ 845.838583] ? trace_hardirqs_on+0x10/0x10 [ 845.842825] ? __isolate_free_page+0x690/0x690 [ 845.847432] ? check_same_owner+0x340/0x340 [ 845.851761] ? lock_downgrade+0x8f0/0x8f0 [ 845.855912] ? rcu_note_context_switch+0x730/0x730 [ 845.860849] __should_failslab+0x124/0x180 [ 845.865134] should_failslab+0x9/0x14 [ 845.868973] kmem_cache_alloc+0x2af/0x760 [ 845.873141] ? kasan_check_write+0x14/0x20 [ 845.877395] ? __brelse+0x104/0x180 [ 845.881028] ext4_alloc_inode+0xc9/0x880 [ 845.885098] ? ratelimit_state_init+0xb0/0xb0 [ 845.889615] ? lock_acquire+0x1e4/0x540 [ 845.893613] ? get_cached_acl+0x370/0x480 [ 845.897768] ? lock_downgrade+0x8f0/0x8f0 [ 845.901951] ? lock_release+0xa30/0xa30 [ 845.906040] ? trace_hardirqs_on+0x10/0x10 [ 845.910278] ? rcu_note_context_switch+0x730/0x730 [ 845.915237] ? ratelimit_state_init+0xb0/0xb0 [ 845.919769] alloc_inode+0x63/0x190 [ 845.923401] new_inode_pseudo+0x71/0x1a0 [ 845.927475] ? prune_icache_sb+0x1b0/0x1b0 [ 845.931720] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 845.937372] ? __ext4_xattr_set_credits+0x3aa/0x520 [ 845.942399] new_inode+0x1c/0x40 [ 845.945769] __ext4_new_inode+0x4af/0x6620 [ 845.950008] ? ext4_map_blocks+0x429/0x1b60 [ 845.954343] ? ext4_free_inode+0x1aa0/0x1aa0 [ 845.958779] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 845.963808] ? bpf_prog_kallsyms_find+0xde/0x4c0 [ 845.968585] ? lock_acquire+0x1e4/0x540 [ 845.972576] ? is_bpf_text_address+0xae/0x170 [ 845.977073] ? lock_downgrade+0x8f0/0x8f0 [ 845.981222] ? lock_release+0xa30/0xa30 [ 845.985223] ? kasan_check_read+0x11/0x20 [ 845.989376] ? rcu_is_watching+0x8c/0x150 [ 845.994606] ? rcu_cleanup_dead_rnp+0x200/0x200 [ 845.999312] ? is_bpf_text_address+0xd7/0x170 [ 846.003824] ? kernel_text_address+0x79/0xf0 [ 846.008238] ? __kernel_text_address+0xd/0x40 [ 846.012758] ? unwind_get_return_address+0x61/0xa0 [ 846.017725] ? __save_stack_trace+0x8d/0xf0 [ 846.022058] ? save_stack+0xa9/0xd0 [ 846.025713] ? save_stack+0x43/0xd0 [ 846.029368] ? __kasan_slab_free+0x11a/0x170 [ 846.033777] ? kasan_slab_free+0xe/0x10 [ 846.037752] ? kmem_cache_free+0x86/0x2d0 [ 846.041905] ? putname+0xf2/0x130 [ 846.045363] ? filename_create+0x2b2/0x5b0 [ 846.049600] ? do_mkdirat+0xda/0x310 [ 846.053318] ? __x64_sys_mkdir+0x5c/0x80 [ 846.057386] ? do_syscall_64+0x1b9/0x820 [ 846.061453] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 846.066821] ? kasan_check_read+0x11/0x20 [ 846.070969] ? do_raw_spin_unlock+0xa7/0x2f0 [ 846.075548] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 846.080232] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 846.085766] ? __dquot_initialize+0x61d/0xde0 [ 846.090263] ? do_raw_spin_lock+0xc1/0x200 [ 846.094503] ? trace_hardirqs_off+0xd/0x10 [ 846.098917] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 846.104024] ? dquot_get_next_dqblk+0x180/0x180 [ 846.109131] ? debug_check_no_obj_freed+0x30b/0x595 [ 846.114184] ? kasan_check_write+0x14/0x20 [ 846.118436] ? trace_hardirqs_off+0xd/0x10 [ 846.122788] ext4_mkdir+0x2e1/0xe60 [ 846.126425] ? ext4_init_dot_dotdot+0x510/0x510 [ 846.131105] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 846.136650] ? security_inode_permission+0xd2/0x100 [ 846.141674] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 846.147235] ? security_inode_mkdir+0xe8/0x120 [ 846.151821] vfs_mkdir+0x42e/0x6b0 [ 846.155371] do_mkdirat+0x27b/0x310 [ 846.159001] ? __ia32_sys_mknod+0xb0/0xb0 [ 846.163149] ? ksys_ioctl+0x81/0xd0 [ 846.166864] __x64_sys_mkdir+0x5c/0x80 [ 846.170757] do_syscall_64+0x1b9/0x820 [ 846.174650] ? finish_task_switch+0x1d3/0x870 [ 846.179149] ? syscall_return_slowpath+0x5e0/0x5e0 [ 846.184083] ? syscall_return_slowpath+0x31d/0x5e0 [ 846.189019] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 846.194037] ? prepare_exit_to_usermode+0x291/0x3b0 [ 846.199059] ? perf_trace_sys_enter+0xb10/0xb10 [ 846.203734] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 846.208587] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 846.213777] RIP: 0033:0x455267 [ 846.216975] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 846.236347] RSP: 002b:00007f413f26ea88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 846.244058] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000455267 [ 846.251325] RDX: 0000000000000014 RSI: 00000000000001ff RDI: 00000000200000c0 [ 846.258598] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 846.265867] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 [ 846.273134] R13: 0000000000000001 R14: 00000000004d3f40 R15: 0000000000000019 [ 846.286352] binder: 14637:14638 ioctl 40046205 9 returned -22 [ 846.305895] binder: 14637:14638 BC_REQUEST_DEATH_NOTIFICATION death notification already set [ 846.318186] binder: 14637:14639 BC_REQUEST_DEATH_NOTIFICATION invalid ref 0 [ 846.328976] binder: 14637:14638 ioctl 40046205 9 returned -22 03:38:59 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) recvmmsg(r0, &(0x7f0000003f80)=[{{&(0x7f0000000080)=@can, 0x80, &(0x7f00000001c0)}}], 0x1, 0x0, &(0x7f0000004000)={0x77359400}) r1 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0x4, 0x200) ioctl$VHOST_GET_VRING_ENDIAN(r1, 0x4008af14, &(0x7f0000000040)={0x800000003, 0x3}) sendmsg$nl_route_sched(r0, &(0x7f0000005a00)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0xfffffffffffffffc}, 0x6, &(0x7f00000059c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="2400000026000102000000000000000000000000fa1e2a511221568b3c0b8598846e701efcd391310649e2b6deef1c28abdcb25da13bb7a1be5e5e5b2eeba8b484df4db0f5250f70b5cddf390c8d7ed302c7ef12125ea27876baa04fb7ebcec714e59fb7d48e17534283c0fff18159010000000000008c3608542236db97bdd5bbb9ac2ac97190d4c2c1c403e832dd1acbe35f47a1638c6b55b129ab0a7d487ae52ab4f20a89ca6345c9b46c60229fcc2eaeb418d5ed35989954225590858b6d01408390cbb695a64df3fb5cfe24a7f14a24a35642549d3495ecd07d61008dd3855fd3930e4611593da0231d7ac01456d30c4d1232b078d3b3d07fcb0279bed14470894b66740fc475323d54f6c41c5f93", @ANYRES32=r0], 0x2}, 0x1}, 0x0) 03:38:59 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) r2 = getpid() fcntl$lock(r1, 0x6, &(0x7f0000000000)={0x2, 0x3, 0x1af, 0x2, r2}) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x0) 03:38:59 executing program 5: clone(0x0, &(0x7f0000001340), &(0x7f0000000100), &(0x7f0000000080), &(0x7f0000000140)) 03:38:59 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020000006f786e6574302d232f70726f6300") 03:38:59 executing program 7 (fault-call:0 fault-nth:26): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010a0200027400f801", 0x17}], 0x0, &(0x7f00000001c0)) 03:38:59 executing program 6: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000740)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000013e95), 0x4) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000140)={0x0, @in6={{0x2, 0x0, 0x0, @mcast1={0xff, 0x1, [], 0x1}, 0x300000000000000}}}, 0x98) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000140)=0xd) close(r0) 03:38:59 executing program 2: r0 = syz_open_dev$mouse(&(0x7f0000000140)='/dev/input/mouse#\x00', 0x1, 0x2000) capset(&(0x7f0000c6a000)={0x19980330}, &(0x7f0000001fe8)) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000180)='setgroups\x00') ioctl$SG_SET_FORCE_PACK_ID(r0, 0x227b, &(0x7f00000001c0)) r1 = gettid() setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x0, &(0x7f0000c29ffc), 0x4) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2) fremovexattr(r0, &(0x7f0000000200)=@known='system.posix_acl_default\x00') process_vm_writev(r1, &(0x7f0000000000)=[{&(0x7f0000000040)=""/247, 0xffffff50}], 0x1000000000000005, &(0x7f0000000180)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0) pkey_mprotect(&(0x7f000054b000/0x3000)=nil, 0x3000, 0x0, 0xffffffffffffffff) madvise(&(0x7f0000495000/0x400000)=nil, 0x400000, 0x8) 03:38:59 executing program 1: rt_sigaction(0x2b, &(0x7f0000000240)={0xffff, {0x4}, 0x10000000, 0x7}, &(0x7f00000002c0), 0x8, &(0x7f0000000300)) r0 = socket$inet6(0xa, 0x1000000000002, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x100) ioctl$SNDRV_SEQ_IOCTL_SYSTEM_INFO(r1, 0xc0305302, &(0x7f00000000c0)={0x7, 0x8, 0x1, 0xfffffffffffffff7, 0x1, 0x8001}) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") sendmmsg(r1, &(0x7f0000000780)=[{{&(0x7f0000000340)=@pppoe={0x18, 0x0, {0x1, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], 'dummy0\x00'}}, 0x80, &(0x7f0000000640)=[{&(0x7f00000003c0)="6de9d8aecd7bd2bf021d4edffc3372fb51b75f8f6bb09fdccf4ebce62fc0eae39cd9ed892c07941a102c8394907eed4ff70c861002", 0x35}, {&(0x7f0000000400)="ecc5467f2ce50d888edcb49b49ca38ffd47da8d59b5782bb7bd819a6454641e9ee5fdd05305d984ba5ece374e6ff96edaad927a39390f24f03387588228f4c61b26c4521e34a454dc737f4", 0x4b}, {&(0x7f0000000480)="92506e86479717ef6e080d59fd3bed4e601a671e8818cef95e9c2746bcef5d2d80e4df2b4cd6bdde479b51f2b78db21da2495c7601abd0dc6d3a69d7635aaadf30a35769fb8593fb59ab5798d5698aa5d98910949c0d8df66b8ca0991fddcea0814e3bc2ee26b3545ce5ee510302038009a6b324c159f2acb7c4f31fdb50aa7c9e8b00727dc80f03436c3cd380ce5712f5983bcc22e116273a4cb1fccd1f0898d929de4289df82a6ec57eec7d1eabdbc12a8613d347c1ffbcd0a1fa5ea3f70ad0cbfc23b7af96a055bf26eb59b43895a2182b6b7e4482ced1399ff2c09ec98b44094a32e8d4233055113500d3615caf10e", 0xf1}, {&(0x7f0000000580)}, {&(0x7f00000005c0)="c6ab1df9d3f8de38b7985b529046db09018d14553ff5f6c8d693963fdd685180569203da112dceb2913ae6b270dfd37500c202424986e16b9a8d5d20987cc46378c6d58f689c6269bb08902dde0526daa7dd323e17a2ce7ec65e22c80dedd1f52cfb82", 0x63}], 0x5, &(0x7f00000008c0)=ANY=[@ANYBLOB="b0000000000000001d010000000000003d1cb1a5fd2749409db596558ed9d746d7639eb361427c0d975aef540f59f49074b94e9eeda5647303782ec96a8bd7e787c72238c54531e318d9680fff10b19601c2937075ae1bd69e55355c1b99c5e5ac4ee726f35393ad7c69155393bec5aa5a85b7f463a2ca44f66c19016e42565ebc32767d74302531bf58adb028db9f73f256d5f342b8d533272820859450e3687b0364c53bf7ece7249e5b0800008a52e75b3c9ce722"], 0xb0, 0x8000}, 0x2}], 0x1, 0x0) getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000000580)={0x0, @broadcast, @loopback}, &(0x7f00000007c0)=0xc) syz_open_dev$adsp(&(0x7f0000000880)='/dev/adsp#\x00', 0x10000, 0x80000) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000800)={'sit0\x00', r2}) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000100)={{{@in=@multicast1, @in=@broadcast}}, {{@in6=@ipv4={[], [], @dev}}}}, &(0x7f0000000200)=0xe8) capget(&(0x7f0000000000)={0x20080522}, &(0x7f0000000080)) ioctl$KVM_DEASSIGN_PCI_DEVICE(r1, 0x4040ae72, &(0x7f0000000840)={0x1ff, 0x1, 0x8, 0x2, 0x4}) [ 846.678384] FAULT_INJECTION: forcing a failure. [ 846.678384] name failslab, interval 1, probability 0, space 0, times 0 [ 846.689977] CPU: 1 PID: 14658 Comm: syz-executor7 Not tainted 4.18.0-rc3-next-20180709+ #2 [ 846.698400] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 846.708040] Call Trace: [ 846.710647] dump_stack+0x1c9/0x2b4 [ 846.714291] ? dump_stack_print_info.cold.2+0x52/0x52 [ 846.719502] ? rcu_note_context_switch+0x730/0x730 [ 846.724467] should_fail.cold.4+0xa/0x11 [ 846.728582] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 846.733716] ? kasan_check_write+0x14/0x20 [ 846.738062] ? ext4_mark_iloc_dirty+0x1b6d/0x30b0 [ 846.743022] ? ext4_chunk_trans_blocks+0x30/0x30 [ 846.747808] ? lock_release+0xa30/0xa30 [ 846.751831] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 846.756877] ? __ext4_get_inode_loc+0x45a/0x13d0 [ 846.761861] ? jbd2_write_access_granted.part.9+0x274/0x430 [ 846.767600] ? check_same_owner+0x340/0x340 [ 846.772206] ? rcu_note_context_switch+0x730/0x730 03:38:59 executing program 5: mmap(&(0x7f0000000000/0xddf000)=nil, 0xddf000, 0x0, 0x32, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) getsockopt$bt_BT_DEFER_SETUP(r0, 0x112, 0x7, &(0x7f0000000000), &(0x7f0000000240)=0x4) r1 = syz_open_dev$usbmon(&(0x7f0000000100)='/dev/usbmon#\x00', 0x400, 0x200100) setsockopt$nfc_llcp_NFC_LLCP_RW(r1, 0x118, 0x0, &(0x7f0000000140)=0x3, 0x4) r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio\x00', 0x2, 0x0) getsockopt$inet_sctp6_SCTP_RECVNXTINFO(r2, 0x84, 0x21, &(0x7f0000000180), &(0x7f00000001c0)=0x4) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r2, 0x40605346, &(0x7f0000000080)={0x5, 0x1, {0xffffffffffffffff, 0x3, 0x8, 0x3, 0x5}}) 03:38:59 executing program 1: semget(0x0, 0x0, 0x200) r0 = semget(0x0, 0x3, 0x40) semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000080)=""/52) [ 846.777506] __should_failslab+0x124/0x180 [ 846.781819] should_failslab+0x9/0x14 [ 846.785657] __kmalloc+0x2c8/0x760 [ 846.789223] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 846.794960] ? ext4_reserve_inode_write+0x146/0x260 [ 846.799999] ? ext4_find_extent+0x775/0xa10 [ 846.804590] ext4_find_extent+0x775/0xa10 [ 846.808766] ? ext4_expand_extra_isize+0x5b0/0x5b0 [ 846.813750] ext4_ext_map_blocks+0x293/0x62f0 [ 846.818323] ? perf_trace_lock+0x920/0x920 [ 846.822621] ? perf_trace_lock_acquire+0xeb/0x9a0 03:38:59 executing program 2: pipe2(&(0x7f0000000000)={0xffffffffffffffff}, 0x84800) getsockopt$inet_dccp_buf(r0, 0x21, 0xf, &(0x7f0000000040)=""/44, &(0x7f0000000180)=0x2c) socketpair(0x1, 0x1, 0x0, &(0x7f0000000740)={0xffffffffffffffff, 0xffffffffffffffff}) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000300)={0xffffffffffffffff, &(0x7f0000000340), &(0x7f0000000080)}, 0x20) socketpair(0x1, 0x1, 0x0, &(0x7f0000000740)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x89f0, &(0x7f0000000300)='gre0\x00') fgetxattr(0xffffffffffffffff, &(0x7f0000000080)=@known='system.posix_acl_access\x00', &(0x7f00000000c0)=""/187, 0xbb) ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x89f3, &(0x7f0000000300)='gre0\x00') [ 846.828448] ? ext4_find_delalloc_cluster+0xc0/0xc0 [ 846.833583] ? perf_trace_lock+0x920/0x920 [ 846.837846] ? __ext4_new_inode+0xb0d/0x6620 [ 846.842380] ? lock_acquire+0x1e4/0x540 [ 846.847503] ? ext4_es_lookup_extent+0x42c/0xde0 [ 846.852282] ? lock_downgrade+0x8f0/0x8f0 [ 846.856453] ? lock_release+0xa30/0xa30 [ 846.860448] ? lock_acquire+0x1e4/0x540 [ 846.864437] ? ext4_map_blocks+0x480/0x1b60 [ 846.868794] ? lock_release+0xa30/0xa30 [ 846.872802] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 03:38:59 executing program 5: ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000100)=0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, r0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$admmidi(&(0x7f0000000040)='/dev/admmidi#\x00', 0x1349bbf8, 0x2) write$P9_RREMOVE(r1, &(0x7f0000000240)={0x7, 0x7b, 0x1}, 0x7) r2 = geteuid() getgroups(0x4, &(0x7f0000000080)=[0xffffffffffffffff, 0xee01, 0xffffffffffffffff, 0xee00]) getsockopt$inet_sctp_SCTP_RECVNXTINFO(r1, 0x84, 0x21, &(0x7f0000000140), &(0x7f0000000200)=0x4) fchown(r1, r2, r3) 03:38:59 executing program 1: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") futex(&(0x7f0000000040)=0x4, 0x0, 0x4, &(0x7f00000000c0)={0x77359400}, &(0x7f0000000080), 0x0) r1 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) capset(&(0x7f0000000000)={0x19980330, r1}, &(0x7f0000000140)={0x4, 0x2, 0x0, 0x7, 0xff, 0xd6}) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r1, 0x15) tkill(r1, 0x16) futex(&(0x7f000000cffc), 0x800000000005, 0x0, &(0x7f0000000180)={0x77359400}, &(0x7f0000000040), 0x0) [ 846.878358] ? ext4_es_lookup_extent+0x465/0xde0 [ 846.883413] ? rcu_note_context_switch+0x730/0x730 [ 846.888371] ? down_read+0xb5/0x1d0 [ 846.892008] ? ext4_map_blocks+0x480/0x1b60 [ 846.896346] ? __down_interruptible+0x700/0x700 [ 846.901036] ? kernel_text_address+0x79/0xf0 [ 846.905562] ext4_map_blocks+0xe31/0x1b60 [ 846.909721] ? __save_stack_trace+0x8d/0xf0 [ 846.914067] ? ext4_issue_zeroout+0x190/0x190 [ 846.918580] ? save_stack+0x43/0xd0 [ 846.922309] ? __kasan_slab_free+0x11a/0x170 [ 846.926725] ? kasan_slab_free+0xe/0x10 [ 846.930711] ? kmem_cache_free+0x86/0x2d0 [ 846.934873] ext4_getblk+0x10e/0x630 [ 846.938610] ? ext4_iomap_begin+0x1350/0x1350 [ 846.943140] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 846.948780] ? __dquot_initialize+0x61d/0xde0 [ 846.953287] ext4_bread+0x95/0x2b0 [ 846.956837] ? ext4_getblk+0x630/0x630 [ 846.960729] ? dquot_get_next_dqblk+0x180/0x180 [ 846.965406] ? debug_check_no_obj_freed+0x30b/0x595 [ 846.970864] ? kasan_check_write+0x14/0x20 [ 846.975108] ext4_append+0x14e/0x370 [ 846.979616] ext4_mkdir+0x532/0xe60 [ 846.983259] ? ext4_init_dot_dotdot+0x510/0x510 [ 846.988109] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 846.993655] ? security_inode_permission+0xd2/0x100 [ 846.998972] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 847.004953] ? security_inode_mkdir+0xe8/0x120 [ 847.009890] vfs_mkdir+0x42e/0x6b0 [ 847.014569] do_mkdirat+0x27b/0x310 [ 847.018246] ? __ia32_sys_mknod+0xb0/0xb0 [ 847.022403] ? ksys_ioctl+0x81/0xd0 [ 847.026039] __x64_sys_mkdir+0x5c/0x80 [ 847.029934] do_syscall_64+0x1b9/0x820 [ 847.033840] ? finish_task_switch+0x1d3/0x870 [ 847.038711] ? syscall_return_slowpath+0x5e0/0x5e0 [ 847.043646] ? syscall_return_slowpath+0x31d/0x5e0 [ 847.048589] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 847.053612] ? prepare_exit_to_usermode+0x291/0x3b0 [ 847.058634] ? perf_trace_sys_enter+0xb10/0xb10 [ 847.063309] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 847.069726] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 847.075295] RIP: 0033:0x455267 [ 847.078476] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 847.098147] RSP: 002b:00007f413f26ea88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 847.106663] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000455267 [ 847.113954] RDX: 0000000000000014 RSI: 00000000000001ff RDI: 00000000200000c0 [ 847.121226] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a 03:39:00 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x6, 0x80200) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/autofs\x00', 0x2, 0x0) r2 = openat$cgroup_ro(r1, &(0x7f0000000040)='cpu.stat\x00', 0x0, 0x0) fcntl$notify(r2, 0x402, 0x800000000000000d) fcntl$notify(r2, 0x402, 0x0) [ 847.128499] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 [ 847.135772] R13: 0000000000000001 R14: 00000000004d3f40 R15: 000000000000001a [ 847.160652] FAT-fs (loop7): Directory bread(block 2563) failed [ 847.166946] FAT-fs (loop7): Directory bread(block 2564) failed [ 847.173116] FAT-fs (loop7): Directory bread(block 2565) failed 03:39:00 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020000006f786e6574302d232f70726f6300") 03:39:00 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) accept4$inet6(r0, &(0x7f0000000100)={0x0, 0x0, 0x0, @local}, &(0x7f0000000140)=0x1c, 0x80800) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000000000)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea261ac0973745467867943354eb8369eef25c4be6d2ee4178deadd1c51c307f66776ba79477a743a669cafbe542f87d40e539d3d4df15ce036e5e248ee526891eb55166bcd795c342dcc6a48779a064ccfac307ca21683facde4bfb58cd3f0bc061761e977511ada506ff0ba75bcc5bbc9c7e01d967ae5804b7ab273c2"], 0x60}, 0x1}, 0x0) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv4/vs/lblcr_expiration\x00', 0x2, 0x0) getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f00000001c0), &(0x7f0000000200)=0x4) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000001480)={'vcan0\x00', 0x0}) setsockopt$inet6_IPV6_PKTINFO(r2, 0x29, 0x32, &(0x7f00000014c0)={@mcast2={0xff, 0x2, [], 0x1}, r3}, 0x14) [ 847.179151] FAT-fs (loop7): Directory bread(block 2566) failed [ 847.185281] FAT-fs (loop7): Directory bread(block 2567) failed [ 847.194798] FAT-fs (loop7): Directory bread(block 2568) failed [ 847.201310] FAT-fs (loop7): Directory bread(block 2569) failed [ 847.207498] FAT-fs (loop7): Directory bread(block 2570) failed [ 847.223138] FAT-fs (loop7): Directory bread(block 2571) failed [ 847.229222] FAT-fs (loop7): Directory bread(block 2572) failed 03:39:00 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) recvmmsg(r0, &(0x7f0000003f80)=[{{&(0x7f0000000080)=@can, 0x80, &(0x7f00000001c0)}}], 0x1, 0x0, &(0x7f0000004000)={0x77359400}) recvmmsg(r0, &(0x7f00000052c0)=[{{0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f0000000100)=""/71, 0x47}, {&(0x7f0000000000)=""/3, 0x3}, {&(0x7f00000001c0)=""/224, 0xe0}, {&(0x7f00000002c0)=""/126, 0x7e}, {&(0x7f0000000340)=""/166, 0xa6}, {&(0x7f0000000400)=""/194, 0xc2}, {&(0x7f0000000500)=""/122, 0x7a}, {&(0x7f0000000580)=""/28, 0x1c}, {&(0x7f00000005c0)=""/254, 0xfe}], 0x9, &(0x7f0000000780)=""/113, 0x71, 0x5}, 0x9}, {{&(0x7f0000000800)=@pppol2tpv3={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, 0x80, &(0x7f0000000a80)=[{&(0x7f0000000880)=""/243, 0xf3}, {&(0x7f0000000980)=""/218, 0xda}], 0x2, &(0x7f0000000ac0)=""/89, 0x59, 0xffffffff}, 0x4}, {{&(0x7f0000000b40)=@nfc, 0x80, &(0x7f0000002080)=[{&(0x7f0000000bc0)=""/142, 0x8e}, {&(0x7f0000000c80)}, {&(0x7f0000000cc0)=""/4096, 0x1000}, {&(0x7f0000001cc0)=""/35, 0x23}, {&(0x7f0000001d00)=""/203, 0xcb}, {&(0x7f0000001e00)=""/1, 0x1}, {&(0x7f0000001e40)=""/108, 0x6c}, {&(0x7f0000001ec0)=""/205, 0xcd}, {&(0x7f0000001fc0)=""/191, 0xbf}], 0x9, &(0x7f0000002140)=""/113, 0x71, 0x1}, 0xcb}, {{&(0x7f00000021c0)=@in6={0x0, 0x0, 0x0, @dev}, 0x80, &(0x7f0000002600)=[{&(0x7f0000002240)=""/28, 0x1c}, {&(0x7f0000002280)=""/248, 0xf8}, {&(0x7f0000002380)=""/149, 0x95}, {&(0x7f0000002440)=""/22, 0x16}, {&(0x7f0000002480)=""/163, 0xa3}, {&(0x7f0000002540)=""/172, 0xac}], 0x6, 0x0, 0x0, 0x6}, 0x7070}, {{&(0x7f0000002680)=@pppol2tpin6={0x0, 0x0, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, @remote}}}, 0x80, &(0x7f0000003800)=[{&(0x7f0000002700)=""/32, 0x20}, {&(0x7f0000002740)=""/4096, 0x1000}, {&(0x7f0000003740)=""/191, 0xbf}], 0x3, 0x0, 0x0, 0x400}, 0xd49}, {{&(0x7f0000003840)=@alg, 0x80, &(0x7f00000039c0)=[{&(0x7f0000004040)=""/4096, 0x1000}, {&(0x7f00000038c0)=""/216, 0xd8}], 0x2, &(0x7f0000003a00)=""/78, 0x4e}, 0x2}, {{&(0x7f0000003a80)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @multicast1}}}, 0x80, &(0x7f0000003d80)=[{&(0x7f0000003b00)=""/48, 0x30}, {&(0x7f0000003b40)=""/125, 0x7d}, {&(0x7f0000003bc0)=""/208, 0xd0}, {&(0x7f0000003cc0)=""/51, 0x33}, {&(0x7f0000003d00)=""/16, 0x10}, {&(0x7f0000003d40)=""/30, 0x1e}], 0x6, &(0x7f0000003e00)=""/129, 0x81, 0x1}, 0x4}, {{&(0x7f0000003ec0)=@sco, 0x80, &(0x7f0000003fc0)=[{&(0x7f0000005040)=""/80, 0x50}, {&(0x7f00000050c0)=""/248, 0xf8}, {&(0x7f00000051c0)=""/116, 0x74}, {&(0x7f0000003f40)=""/62, 0x3e}], 0x4, &(0x7f0000005240)=""/109, 0x6d, 0x5}, 0x200}], 0x8, 0x120, &(0x7f00000054c0)={0x0, 0x1c9c380}) sendmsg$nl_route_sched(r0, &(0x7f0000005a00)={&(0x7f0000000180)={0x10}, 0xc, &(0x7f00000059c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="2400000026000102000000000000000000000000", @ANYBLOB="00000000bd"], 0x2}, 0x1}, 0x0) 03:39:00 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = fcntl$dupfd(r0, 0x0, r1) ioctl$PIO_SCRNMAP(r2, 0x4b41, &(0x7f0000000500)="9d803cbb396d52fd6c2da6acbdb8c382662677d2bc403460b5ed40d40d3c164648fcf22b28a8484304013b11c13c2bf8321c595aa0117201e104b18fbb47ba07ab4c319c069c44075fe617b2057cecd9aba883806a431c8a88f9d1a75fd3c71c6afa5687b078021ec65369231af025d5cd7c11872ff904f15e88c006bba861c4086bab5571a86a5497a1d62ed1f043e9daed0104e6597b439d0dd3682eb0b1bb11bc512e65c89c6ebd6fb1b1734c48caa77808") execveat(r2, &(0x7f0000000280)='./file0\x00', &(0x7f00000003c0)=[&(0x7f00000002c0)='\x00', &(0x7f0000000300)='\x00', &(0x7f0000000340)='/\x00', &(0x7f0000000380)='\x00'], &(0x7f00000004c0)=[&(0x7f0000000400)='/dev/sequencer\x00', &(0x7f0000000440)='/dev/kvm\x00', &(0x7f0000000480)='self\'cgroup+%\\*\x00'], 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r4 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x400000, 0x0) ioctl$TCSETSW(r4, 0x5403, &(0x7f0000000240)={0x0, 0x81, 0x6, 0x81, 0x7ff, 0x4a3, 0x20, 0xfffffffffffff001, 0x6, 0xffff, 0x1, 0x5}) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, &(0x7f00000000c0)={0x0, 0xfffffffffffffff8}, &(0x7f0000000100)=0x8) ioctl$KVM_SET_PIT2(r4, 0x4070aea0, &(0x7f00000005c0)={[{0x81, 0x2000000000000, 0x1, 0x9, 0x3ff, 0x7, 0xc63f, 0x2, 0x101, 0x4, 0x33e, 0x1, 0x4}, {0xffffffffffff7fff, 0x0, 0x8, 0x6, 0x7c2, 0x8, 0x0, 0x5, 0x8, 0x2, 0x7fffffff, 0x9, 0x8000}, {0x10000, 0x10000, 0x7ff, 0x5, 0x0, 0x7, 0x3, 0x9, 0x23, 0x3, 0x4a99, 0x7, 0xbe}], 0x5}) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r4, 0x84, 0x72, &(0x7f0000000680)={r5, 0x7}, &(0x7f0000000200)=0xc) clock_settime(0x4, &(0x7f0000000040)={0x77359400}) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x5000aea5, &(0x7f0000000140)={0x0, 0x0, [0x4, 0x0, 0xfffffffffffffffe]}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000640)={0x1fd, 0x2, 0x70337db87f92b260, 0x2000, &(0x7f0000ffb000/0x2000)=nil}) 03:39:00 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020000006f786e6574302d232f70726f6300") 03:39:00 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000100)={'dummy0\x00', &(0x7f00000000c0)=@ethtool_modinfo={0x42, 0x7, 0x24000, "9e2e5a2152d64b52"}}) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") setsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, &(0x7f0000000080)={0x0, 0x402}, 0xfffffcd3) getsockopt$sock_int(0xffffffffffffffff, 0x1, 0x23, &(0x7f0000000000), &(0x7f0000000040)=0x4) 03:39:00 executing program 7 (fault-call:0 fault-nth:27): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010a0200027400f801", 0x17}], 0x0, &(0x7f00000001c0)) 03:39:00 executing program 0: r0 = syz_open_dev$admmidi(&(0x7f0000000040)='/dev/admmidi#\x00', 0x6, 0x20040) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, &(0x7f00000000c0)={0x0, 0x1ff}, &(0x7f0000000100)=0x8) mmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x8, 0x30010, r0, 0x0) getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x73, &(0x7f0000000140)={r1, 0x20, 0x30, 0x3f, 0xfffffffffffffff7}, &(0x7f0000000180)=0x18) socket$inet6(0xa, 0x1000000000002, 0x0) r2 = socket$key(0xf, 0x3, 0x2) ioctl(r2, 0x8912, &(0x7f0000000080)="ef57026e778ca136805d4f025cc83d6d04008f762070") r3 = socket$key(0xf, 0x3, 0x2) finit_module(r2, &(0x7f0000000000)='{cpusetposix_acl_access-\x00', 0x3) sendmsg$key(r3, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x0) 03:39:00 executing program 6: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000740)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000013e95), 0x4) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000140)={0x0, @in6={{0x2, 0x0, 0x0, @mcast1={0xff, 0x1, [], 0x1}, 0x1800}}}, 0x98) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000140)=0xd) close(r0) [ 847.846998] FAULT_INJECTION: forcing a failure. [ 847.846998] name failslab, interval 1, probability 0, space 0, times 0 [ 847.858593] CPU: 0 PID: 14716 Comm: syz-executor7 Not tainted 4.18.0-rc3-next-20180709+ #2 [ 847.867008] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 847.876395] Call Trace: [ 847.878990] dump_stack+0x1c9/0x2b4 [ 847.882645] ? dump_stack_print_info.cold.2+0x52/0x52 [ 847.887833] ? rcu_note_context_switch+0x730/0x730 [ 847.892775] should_fail.cold.4+0xa/0x11 [ 847.896832] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 847.901936] ? kasan_check_write+0x14/0x20 [ 847.906180] ? ext4_mark_iloc_dirty+0x1b6d/0x30b0 [ 847.911040] ? ext4_chunk_trans_blocks+0x30/0x30 [ 847.915788] ? lock_release+0xa30/0xa30 [ 847.919783] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 847.924792] ? __ext4_get_inode_loc+0x45a/0x13d0 [ 847.929560] ? jbd2_write_access_granted.part.9+0x274/0x430 [ 847.935486] ? check_same_owner+0x340/0x340 [ 847.939809] ? rcu_note_context_switch+0x730/0x730 [ 847.944751] __should_failslab+0x124/0x180 [ 847.948983] should_failslab+0x9/0x14 [ 847.952786] __kmalloc+0x2c8/0x760 [ 847.956317] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 847.961848] ? ext4_reserve_inode_write+0x146/0x260 [ 847.966862] ? ext4_find_extent+0x775/0xa10 [ 847.971897] ext4_find_extent+0x775/0xa10 [ 847.976041] ? ext4_expand_extra_isize+0x5b0/0x5b0 [ 847.980960] ext4_ext_map_blocks+0x293/0x62f0 [ 847.985443] ? perf_trace_lock+0x920/0x920 [ 847.989667] ? perf_trace_lock_acquire+0xeb/0x9a0 [ 847.995820] ? ext4_find_delalloc_cluster+0xc0/0xc0 [ 848.001012] ? perf_trace_lock+0x920/0x920 [ 848.005342] ? __ext4_new_inode+0xb0d/0x6620 [ 848.009739] ? lock_acquire+0x1e4/0x540 [ 848.013710] ? ext4_es_lookup_extent+0x42c/0xde0 [ 848.018986] ? lock_downgrade+0x8f0/0x8f0 [ 848.023141] ? lock_release+0xa30/0xa30 [ 848.027118] ? lock_acquire+0x1e4/0x540 [ 848.031077] ? ext4_map_blocks+0x480/0x1b60 [ 848.035387] ? lock_release+0xa30/0xa30 [ 848.039357] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 848.044894] ? ext4_es_lookup_extent+0x465/0xde0 [ 848.049637] ? rcu_note_context_switch+0x730/0x730 [ 848.054556] ? down_read+0xb5/0x1d0 [ 848.058193] ? ext4_map_blocks+0x480/0x1b60 [ 848.062497] ? __down_interruptible+0x700/0x700 [ 848.067156] ? kernel_text_address+0x79/0xf0 [ 848.071557] ext4_map_blocks+0xe31/0x1b60 [ 848.075703] ? __save_stack_trace+0x8d/0xf0 [ 848.080027] ? ext4_issue_zeroout+0x190/0x190 [ 848.084598] ? save_stack+0x43/0xd0 [ 848.088212] ? __kasan_slab_free+0x11a/0x170 [ 848.092602] ? kasan_slab_free+0xe/0x10 [ 848.096563] ? kmem_cache_free+0x86/0x2d0 [ 848.100699] ext4_getblk+0x10e/0x630 [ 848.104410] ? ext4_iomap_begin+0x1350/0x1350 [ 848.108894] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 848.114414] ? __dquot_initialize+0x61d/0xde0 [ 848.118900] ext4_bread+0x95/0x2b0 [ 848.122426] ? ext4_getblk+0x630/0x630 [ 848.126310] ? dquot_get_next_dqblk+0x180/0x180 [ 848.130984] ? debug_check_no_obj_freed+0x30b/0x595 [ 848.135986] ? kasan_check_write+0x14/0x20 [ 848.140222] ext4_append+0x14e/0x370 [ 848.143928] ext4_mkdir+0x532/0xe60 [ 848.147546] ? ext4_init_dot_dotdot+0x510/0x510 [ 848.152217] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 848.157839] ? security_inode_permission+0xd2/0x100 [ 848.162842] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 848.168449] ? security_inode_mkdir+0xe8/0x120 [ 848.173033] vfs_mkdir+0x42e/0x6b0 [ 848.176575] do_mkdirat+0x27b/0x310 [ 848.180210] ? __ia32_sys_mknod+0xb0/0xb0 [ 848.184357] ? ksys_ioctl+0x81/0xd0 [ 848.187975] __x64_sys_mkdir+0x5c/0x80 [ 848.191849] do_syscall_64+0x1b9/0x820 [ 848.195721] ? finish_task_switch+0x1d3/0x870 [ 848.200209] ? syscall_return_slowpath+0x5e0/0x5e0 [ 848.205125] ? syscall_return_slowpath+0x31d/0x5e0 [ 848.210055] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 848.215061] ? prepare_exit_to_usermode+0x291/0x3b0 [ 848.220073] ? perf_trace_sys_enter+0xb10/0xb10 [ 848.224830] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 848.229763] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 848.234935] RIP: 0033:0x455267 [ 848.238131] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 848.257334] RSP: 002b:00007f413f26ea88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 848.265204] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000455267 [ 848.272458] RDX: 0000000000000014 RSI: 00000000000001ff RDI: 00000000200000c0 [ 848.279714] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 848.286970] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 03:39:01 executing program 1: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000009fe8)={0xaa, 0x12}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000003000/0x4000)=nil, 0x4000}, 0x1}) r1 = getpid() sched_setattr(r1, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x0, 0x744}, 0x0) clone(0x0, &(0x7f00000000c0), &(0x7f0000000040), &(0x7f0000fef000), &(0x7f0000000000)) r2 = memfd_create(&(0x7f0000000000)='loeth1#$\x00', 0x0) write(r0, &(0x7f0000002000)='/', 0xfffffffffffffcd6) sendfile(r2, r2, &(0x7f0000001000), 0xfec) clone(0x0, &(0x7f0000001f37), &(0x7f0000001ffc), &(0x7f0000001000), &(0x7f0000001000)) read(r0, &(0x7f0000000280)=""/100, 0x39f) 03:39:01 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020000006f786e6574302d232f70726f63ff") 03:39:01 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x200, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000000c0)={0x0, 0x0}, &(0x7f0000000100)=0xc) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000140)={{{@in6, @in=@rand_addr, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@local}, 0x0, @in=@rand_addr}}, &(0x7f0000000240)=0xe8) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='9p\x00', 0x26000, &(0x7f00000002c0)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@uname={'uname', 0x3d, '*'}, 0x2c}, {@access_any='access=any', 0x2c}, {@privport='privport', 0x2c}, {@access_uid={'access', 0x3d, r2}, 0x2c}, {@afid={'afid', 0x3d, 0x5}, 0x2c}, {@aname={'aname', 0x3d, 'ppp1'}, 0x2c}, {@access_uid={'access', 0x3d, r3}, 0x2c}, {@msize={'msize', 0x3d, 0x1000}, 0x2c}, {@afid={'afid', 0x3d, 0x9}, 0x2c}, {@posixacl='posixacl', 0x2c}]}}) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r4 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r4, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x0) [ 848.294415] R13: 0000000000000001 R14: 00000000004d3f40 R15: 000000000000001b [ 848.312840] FAT-fs (loop7): Directory bread(block 2563) failed 03:39:01 executing program 5: r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/drop_entry\x00', 0x2, 0x0) write$P9_RMKDIR(r0, &(0x7f00000000c0)={0x14, 0x49, 0x2, {0x94, 0x2}}, 0x14) syz_emit_ethernet(0x66, &(0x7f0000000100)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaa0086dd6076605100303afffe80ff000000000000000000000000ffff02000000000000000000000000000186009078060c000060c5961e00000000ff712fba3d5d90d83e36f001000000000000180300baee0000000101ff0200000000"], 0x0) [ 848.351696] FAT-fs (loop7): Directory bread(block 2564) failed [ 848.366347] FAT-fs (loop7): Directory bread(block 2565) failed [ 848.372642] FAT-fs (loop7): Directory bread(block 2566) failed [ 848.379231] FAT-fs (loop7): Directory bread(block 2567) failed [ 848.391100] FAT-fs (loop7): Directory bread(block 2568) failed 03:39:01 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020000006f786e6574302d232f70726f6309") 03:39:01 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) socket$xdp(0x2c, 0x3, 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000280)='/dev/snd/pcmC#D#p\x00', 0x3, 0x200800) clock_gettime(0x0, &(0x7f00000002c0)={0x0, 0x0}) setsockopt$netlink_NETLINK_CAP_ACK(r1, 0x10e, 0xa, &(0x7f0000000380)=0x503a, 0x4) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r1, 0x402c5342, &(0x7f0000000300)={0xa0, 0x0, 0x1, {r2, r3+10000000}, 0x2, 0x9}) ioctl(r0, 0x4000000000008912, &(0x7f0000000000)="025cc83d00000000762070c349629cd58333cff3b421ed1f3b69113353eb47e9304a1d8bf96ee945bd7f1bcb9c54f4838d36f65625953c2a739960eb0449390d76f716a336f936bf8e3cfc0374e3525af59249d1fdd2720de99e398fa2aeac953abcc16639ff85da2e58856e5a273d5779d8f9ea99c2516d566b8dd740cbf2cb196b32f184e7823ce36972733542b866ec09d30ad04cf8219d06229e2944936355d0247bfd07dee2d1e610e82b33c415cfad976ecbd07ab0d5f662e0a04d72c0ed2109b696c4fef9") r4 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r4, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x0) r5 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snapshot\x00', 0x220040, 0x0) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r5, 0x84, 0x76, &(0x7f00000001c0)={0x0, 0x80}, &(0x7f0000000200)=0x8) setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000240)={r6, 0x3, 0x4, [0x9, 0xfff, 0x1, 0xfffffffffffffffd]}, 0x10) r7 = syz_open_dev$midi(&(0x7f0000000140)='/dev/midi#\x00', 0xff, 0x400) ioctl$FUSE_DEV_IOC_CLONE(r5, 0x8004e500, &(0x7f0000000180)=r7) 03:39:01 executing program 5: r0 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setresuid(r1, 0x0, 0x0) r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x400000, 0x0) ioctl$VT_ACTIVATE(r2, 0x5606, 0x401) getsockopt$inet_sctp_SCTP_ASSOCINFO(r2, 0x84, 0x1, &(0x7f0000000040)={0x0, 0x3, 0x849, 0x5ef7, 0x7, 0x3}, &(0x7f0000000080)=0x14) ioctl$TIOCLINUX4(r2, 0x541c, &(0x7f00000001c0)=0x4) getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r0, 0x84, 0x1a, &(0x7f00000000c0)={r3, 0x79, "43f284bd2f3aa195d8015662dea1c6d5c74573df1559d21880d7310b5f7ec990ae7c6647df5eb3b47fb859ca79e4ca508c592ce9b227336186fedd68cac663ab95c748a337ed46e8f1aa8d3073d939b6bbddf6c9e8e40ff3e54c33c6937b1f8304c6d3b0535a6f1da30a49259c681a0f34b9933a3c7f95c39d"}, &(0x7f0000000180)=0x81) ioprio_get$uid(0x3, r1) [ 848.411656] FAT-fs (loop7): Directory bread(block 2569) failed [ 848.445082] FAT-fs (loop7): Directory bread(block 2570) failed [ 848.455318] FAT-fs (loop7): Directory bread(block 2571) failed 03:39:01 executing program 7 (fault-call:0 fault-nth:28): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010a0200027400f801", 0x17}], 0x0, &(0x7f00000001c0)) [ 848.465021] FAT-fs (loop7): Directory bread(block 2572) failed 03:39:01 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback=0x7f000001}, 0x10) setsockopt$sock_int(r0, 0x1, 0x2e, &(0x7f0000000700)=0xcd, 0x141) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/hwrng\x00', 0x0, 0x0) write$P9_RRENAMEAT(r1, &(0x7f0000000140)={0x7, 0x4b, 0x2}, 0x7) r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x0, 0x0) write$P9_RLOPEN(r2, &(0x7f0000000100)={0x18, 0xd, 0x2, {{0x82, 0x1, 0x7}, 0x7}}, 0x18) r3 = fcntl$getown(r1, 0x9) fcntl$lock(r1, 0x7, &(0x7f0000000680)={0x1, 0x7, 0x7332, 0x3, r3}) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000280)={"13603aa4563546f3ac1634ac2063b713ecca8016fa9cb4e168f7cb9939ebd9d5ed8aa429989e2f02960aa51b8a4e64e3a16186e021b95153e67965c8790e404bf98ebfb3bf8c321619479241d1abc595f2399fe6ca38532043cac60fb28c74941cbc3a2142346f73b6f19ac88cde2882deb43da4f46259344d73784264b118eef9ffe9a08e7678f154ff89c54a3920020f37687706e70134183c34040a76a2d40dc121ddc4752bcb18b2760fcc4cb65a504d151cadb10ab49acd566317f3723d4a26bf5660d578ae5e4c4e72812411a68ab015f401af44f6ebaa07414f36a38657c3cac33c620b05e5c171b0af4daa15d5a2eb279498c0b48ccb17073cdbb44877bf53c047f43a1bfacd7fff7c6bf0e693d006b7cdcde35eb3ef641c28546755d1d9d94dbb27a67b82de7d83f5fa0906900b3852306d2ed1e9f2339ba69a9eb6ba91c3b2a94d4195586e6798374b5831bc2849fc104f64704c0a646969c2487f83d92180b39b40fba63658d9983b0cb78ec6bbddd3f338ff64075353bfb70c10b014e85212b6dcbf72be5314331b6ba081e97d4e86ab587113565597c8dbf8d7919821a17cfb58d15974ff87b0709238ed22d8503843e67a0764283c350e5c63ff6ff88e60a035c7e4d56fec3b184ad41bebed951ea54857c4b81e67f358561c06097aa6a37e158cd64a5dbcc107906e003c8e1a4f958ff4b80cf4d237ae2b12e09c0597bc5be163eb7911fff9e768e4bc51f8097b24ea0404dedc72e4c89eb77a0ff08abb94a193b20d5f82bf329d8df139f3e98275bae1b7017440210d352c40dea70f2d658439130e886f327d32607b4dd0f43636ea95fb3736b14879216b92f7cca0315742108781b784cd20d6354904ef1b1c677da9f271d091c47110fa4233f0537c03f6ce0a0923dda1249aae7137f50a0b640ac339d787cd237366642f409d3cdab8c272b8a69827428d70eb11307fecd9cf1c9b9c2083b2142404aef528431a85a8b69d6ca12cb41b5e903a173d13edf1bad5823b5d17d49d530643d4058c7b0b96969d564d7d69a1135b66546f81808ea5b22ec80a4e683363dc9d2f211a538f7b61a7a72f1cc01fed087c60f5b8b348c7107c3142dc29f36b24b30a7ba759def3d3495052515e97f56f29688f04f239008a8d3dba4fafb962b9f551bbfd304c8d7aa0a229b2238ecb230bce2c053ca7ed1910052b16c54ae6c5a91fce0d18e87152e5637b37b31c3960b53c98ae9a6e14b5f600ec9ee0d93475a70e2351ab43c3e3ff876ff5c58cce78a1057a8521c0aad5dfc13ea5c9783fda544035ea9e584cf96232a06fbf187ca5228c793dad8c3f290f7c1c0f01e98a0cf4c432b132871acac2d2f4f91bed20dc9375b005170ebda81ba5c0f4ec6b276e414f008f26a4ce7947418e724aef09f4882c525312276407aaf3ace546449aeaec"}) r4 = fcntl$getown(r0, 0x9) ptrace$getregs(0xe, r4, 0x1f5, &(0x7f0000000180)=""/68) recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000040)=@nfc, 0x80, &(0x7f00000001c0), 0x0, &(0x7f0000000200)=""/20, 0x14}, 0x0) [ 848.537229] FAULT_INJECTION: forcing a failure. [ 848.537229] name failslab, interval 1, probability 0, space 0, times 0 [ 848.548556] CPU: 1 PID: 14758 Comm: syz-executor7 Not tainted 4.18.0-rc3-next-20180709+ #2 [ 848.556967] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 848.566346] Call Trace: [ 848.568930] dump_stack+0x1c9/0x2b4 [ 848.572544] ? dump_stack_print_info.cold.2+0x52/0x52 [ 848.577724] ? trace_hardirqs_on+0x10/0x10 [ 848.581949] should_fail.cold.4+0xa/0x11 [ 848.586007] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 848.591098] ? trace_hardirqs_on+0x10/0x10 [ 848.595321] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 848.600337] ? bpf_prog_kallsyms_find+0xde/0x4c0 [ 848.605170] ? lock_acquire+0x1e4/0x540 [ 848.609477] ? is_bpf_text_address+0xae/0x170 [ 848.613970] ? lock_downgrade+0x8f0/0x8f0 [ 848.618116] ? lock_release+0xa30/0xa30 [ 848.622082] ? rcu_is_watching+0x8c/0x150 [ 848.626218] ? rcu_cleanup_dead_rnp+0x200/0x200 [ 848.630878] ? is_bpf_text_address+0xd7/0x170 [ 848.635449] ? kernel_text_address+0x79/0xf0 [ 848.639846] __should_failslab+0x124/0x180 [ 848.644072] should_failslab+0x9/0x14 [ 848.647873] kmem_cache_alloc+0x47/0x760 [ 848.651937] ? __es_tree_search.isra.13+0x1ba/0x220 [ 848.656938] __es_insert_extent+0x305/0x1140 [ 848.661337] ? ext4_es_insert_extent+0x21c/0x7e0 [ 848.666090] ? ext4_es_free_extent+0x820/0x820 [ 848.670685] ? lock_release+0xa30/0xa30 [ 848.674657] ? __x64_sys_mkdir+0x5c/0x80 [ 848.678717] ? do_syscall_64+0x1b9/0x820 [ 848.682769] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 848.688129] ? kasan_check_write+0x14/0x20 [ 848.692379] ? do_raw_write_lock+0xbd/0x1b0 [ 848.696691] ext4_es_insert_extent+0x2ea/0x7e0 [ 848.701267] ? ext4_es_find_delayed_extent_range+0xd80/0xd80 [ 848.707055] ? kasan_unpoison_shadow+0x35/0x50 [ 848.711636] ? kasan_kmalloc+0xc4/0xe0 [ 848.715520] ? __kmalloc+0x315/0x760 [ 848.719220] ext4_ext_put_gap_in_cache+0x158/0x1f0 [ 848.724132] ? ext4_zeroout_es+0x160/0x160 [ 848.728370] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 848.734066] ext4_ext_map_blocks+0x2453/0x62f0 [ 848.738634] ? unregister_lsm_notifier+0x20/0x20 [ 848.743374] ? ext4_init_acl+0x1d6/0x300 [ 848.747418] ? ext4_find_delalloc_cluster+0xc0/0xc0 [ 848.752419] ? block_commit_write+0x30/0x30 [ 848.756741] ? __ext4_new_inode+0xb0d/0x6620 [ 848.761140] ? lock_acquire+0x1e4/0x540 [ 848.765120] ? ext4_es_lookup_extent+0x42c/0xde0 [ 848.769876] ? lock_downgrade+0x8f0/0x8f0 [ 848.774117] ? lock_release+0xa30/0xa30 [ 848.778107] ? lock_acquire+0x1e4/0x540 [ 848.782067] ? ext4_map_blocks+0x480/0x1b60 [ 848.786390] ? lock_release+0xa30/0xa30 [ 848.790438] ? check_same_owner+0x340/0x340 [ 848.794747] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 848.800368] ? ext4_es_lookup_extent+0x465/0xde0 [ 848.805111] ? rcu_note_context_switch+0x730/0x730 [ 848.810040] ? down_read+0xb5/0x1d0 [ 848.813666] ? ext4_map_blocks+0x480/0x1b60 [ 848.818192] ? __down_interruptible+0x700/0x700 [ 848.822864] ? kernel_text_address+0x79/0xf0 [ 848.828195] ext4_map_blocks+0xe31/0x1b60 [ 848.832335] ? __save_stack_trace+0x8d/0xf0 [ 848.836738] ? ext4_issue_zeroout+0x190/0x190 [ 848.841223] ? save_stack+0x43/0xd0 [ 848.844840] ? __kasan_slab_free+0x11a/0x170 [ 848.849234] ? kasan_slab_free+0xe/0x10 [ 848.853196] ? kmem_cache_free+0x86/0x2d0 [ 848.857357] ext4_getblk+0x10e/0x630 [ 848.861081] ? ext4_iomap_begin+0x1350/0x1350 [ 848.865564] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 848.871084] ? __dquot_initialize+0x61d/0xde0 [ 848.875568] ext4_bread+0x95/0x2b0 [ 848.879097] ? ext4_getblk+0x630/0x630 [ 848.882974] ? dquot_get_next_dqblk+0x180/0x180 [ 848.887634] ? debug_check_no_obj_freed+0x30b/0x595 [ 848.892657] ? kasan_check_write+0x14/0x20 [ 848.896880] ext4_append+0x14e/0x370 [ 848.900608] ext4_mkdir+0x532/0xe60 [ 848.904234] ? ext4_init_dot_dotdot+0x510/0x510 [ 848.908900] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 848.914437] ? security_inode_permission+0xd2/0x100 [ 848.919441] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 848.925061] ? security_inode_mkdir+0xe8/0x120 [ 848.929639] vfs_mkdir+0x42e/0x6b0 [ 848.933164] do_mkdirat+0x27b/0x310 [ 848.936783] ? __ia32_sys_mknod+0xb0/0xb0 [ 848.940925] ? ksys_ioctl+0x81/0xd0 [ 848.944541] __x64_sys_mkdir+0x5c/0x80 [ 848.948426] do_syscall_64+0x1b9/0x820 [ 848.952308] ? finish_task_switch+0x1d3/0x870 [ 848.956789] ? syscall_return_slowpath+0x5e0/0x5e0 [ 848.961715] ? syscall_return_slowpath+0x31d/0x5e0 [ 848.966653] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 848.971656] ? prepare_exit_to_usermode+0x291/0x3b0 [ 848.976658] ? perf_trace_sys_enter+0xb10/0xb10 [ 848.981337] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 848.986168] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 848.991343] RIP: 0033:0x455267 [ 848.994512] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 849.013691] RSP: 002b:00007f413f26ea88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 849.021385] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000455267 [ 849.028646] RDX: 0000000000000014 RSI: 00000000000001ff RDI: 00000000200000c0 [ 849.035908] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 849.043160] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 [ 849.050413] R13: 0000000000000001 R14: 00000000004d3f40 R15: 000000000000001c [ 849.074982] FAT-fs (loop7): Directory bread(block 2563) failed [ 849.082647] FAT-fs (loop7): Directory bread(block 2564) failed [ 849.091028] FAT-fs (loop7): Directory bread(block 2565) failed [ 849.098128] FAT-fs (loop7): Directory bread(block 2566) failed [ 849.104545] FAT-fs (loop7): Directory bread(block 2567) failed [ 849.111367] FAT-fs (loop7): Directory bread(block 2568) failed [ 849.117616] FAT-fs (loop7): Directory bread(block 2569) failed [ 849.124367] FAT-fs (loop7): Directory bread(block 2570) failed [ 849.131501] FAT-fs (loop7): Directory bread(block 2571) failed [ 849.148059] FAT-fs (loop7): Directory bread(block 2572) failed 03:39:02 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='\x00'}, 0x10) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffff9c, 0x0, 0x10, &(0x7f00000001c0)={{{@in6=@local, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@loopback}, 0x0, @in6=@mcast1}}, &(0x7f0000000100)=0xe8) io_setup(0x3, &(0x7f00000000c0)=0x0) io_cancel(r3, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x2, r1, &(0x7f00000002c0)="d38a56c2c9b19ee27e480ae42f924a8804ff5c6ee02e617b8a2b", 0x1a, 0xc97, 0x0, 0x1, r1}, &(0x7f0000000340)) ioctl$sock_inet6_SIOCSIFDSTADDR(r1, 0x8918, &(0x7f0000000140)={@mcast2={0xff, 0x2, [], 0x1}, 0x25, r2}) sendmsg$nl_route_sched(r0, &(0x7f0000005a00)={&(0x7f0000000180)={0x10}, 0xc, &(0x7f00000059c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="2400000026000102000000000000000000000000", @ANYBLOB="00000000bd"], 0x2}, 0x1}, 0x0) 03:39:02 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020000006f786e6574302d232f70726f6302") 03:39:02 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") socket$key(0xf, 0x3, 0x2) 03:39:02 executing program 6: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000740)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000013e95), 0x4) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000140)={0x0, @in6={{0x2, 0x0, 0x0, @mcast1={0xff, 0x1, [], 0x1}, 0x6000}}}, 0x98) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000140)=0xd) close(r0) 03:39:02 executing program 2: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000280)='/dev/zero\x00', 0x0, 0x0) r1 = timerfd_create(0x0, 0x0) readv(r1, &(0x7f0000000000)=[{&(0x7f0000000280)=""/146, 0x92}], 0x1) r2 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x100000000012}, &(0x7f0000044000)) r3 = socket$inet6(0xa, 0x1, 0x0) ioctl(r3, 0x4000008912, &(0x7f0000000040)="295ee1311f16f477671070") timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r1) tkill(r2, 0x1004000000016) 03:39:02 executing program 7 (fault-call:0 fault-nth:29): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010a0200027400f801", 0x17}], 0x0, &(0x7f00000001c0)) 03:39:02 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020000006f786e6574302d232f70726f6305") 03:39:02 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000040)={0x4, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r2, 0x4018aee1, &(0x7f0000000100)={0x0, 0x1}) 03:39:02 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000000080)=ANY=[@ANYPTR64=&(0x7f00000000c0)=ANY=[@ANYRES64=r1, @ANYRES16=r1]], 0x8}, 0x1}, 0x4) 03:39:02 executing program 5: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = gettid() ioctl$sock_FIOSETOWN(r0, 0x8901, &(0x7f0000000180)=r1) getsockname(0xffffffffffffffff, &(0x7f00000002c0)=@ll={0x0, 0x0, 0x0}, &(0x7f0000000080)=0x80) getresgid(&(0x7f0000000240)=0x0, &(0x7f0000000340), &(0x7f0000000380)) setgid(r3) setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x15, &(0x7f00000000c0)={@remote={0xfe, 0x80, [], 0xbb}, r2}, 0x14) bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x12, 0x0, 0x4, 0x1, 0x2, 0x1}, 0x209) capset(&(0x7f0000000100)={0x20071026, r1}, &(0x7f0000000140)={0x4, 0x6, 0x4, 0x1000, 0x100000001, 0x280000000000}) socketpair(0x8, 0x800, 0x6, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) accept4$bt_l2cap(r4, &(0x7f0000000040), &(0x7f00000001c0)=0xe, 0x80000) setsockopt$netlink_NETLINK_PKTINFO(r4, 0x10e, 0x3, &(0x7f0000000200)=0x80000000, 0x4) 03:39:02 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) recvmmsg(r0, &(0x7f0000003f80)=[{{&(0x7f0000000080)=@can, 0x80, &(0x7f00000001c0)}}], 0x1, 0x0, &(0x7f0000004000)={0x77359400}) sendmsg$nl_route_sched(r0, &(0x7f0000000000)={&(0x7f0000000180)={0x10}, 0xc, &(0x7f00000059c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="2400000026000102000000000000000000000000", @ANYBLOB="00000000bd"], 0x2}, 0x1}, 0x0) 03:39:02 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020000006f786e6574302d232f70726f6348") 03:39:02 executing program 5: r0 = socket$inet(0x2, 0x3, 0x7) bind$inet(r0, &(0x7f0000000000)={0x2, 0x0, @loopback=0x7f000001}, 0x10) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/tcp\x00') ioctl$ASHMEM_PURGE_ALL_CACHES(r1, 0x770a, 0x0) ioctl$EVIOCGPROP(r1, 0x80404509, &(0x7f0000000100)=""/209) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000340)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000080)={0xffffffff}, 0x106, 0xb}}, 0x20) write$RDMA_USER_CM_CMD_INIT_QP_ATTR(r1, &(0x7f0000000380)={0xb, 0x10, 0xfa00, {&(0x7f0000000200), r2, 0xc0000000000000}}, 0x18) bind(r1, &(0x7f00000003c0)=@alg={0x26, 'hash\x00', 0x0, 0x0, 'sm4-generic\x00'}, 0x80) sendmmsg(r0, &(0x7f0000001e80)=[{{&(0x7f0000000000)=@in={0x2}, 0x10, &(0x7f0000000080), 0x0, &(0x7f0000000080)}}, {{&(0x7f00000002c0)=@in={0x2, 0x0, @broadcast=0xffffffff}, 0x10, &(0x7f0000000600), 0x0, &(0x7f0000002040)}}], 0x2, 0x0) 03:39:02 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x80000000000000) socket$key(0xf, 0x3, 0x2) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='fdinfo/4\x00') write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffff}, 0x2, 0xb}}, 0x20) write$RDMA_USER_CM_CMD_NOTIFY(r1, &(0x7f00000000c0)={0xf, 0x8, 0xfa00, {r2}}, 0x10) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r3 = socket$key(0xf, 0x3, 0x2) setsockopt$inet6_udp_encap(r1, 0x11, 0x64, &(0x7f0000000100)=0x5, 0x4) sendmsg$key(r3, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x0) 03:39:02 executing program 5: r0 = fcntl$getown(0xffffffffffffff9c, 0x9) getpgid(r0) ioctl$TIOCGPGRP(0xffffffffffffff9c, 0x540f, &(0x7f00000000c0)=0x0) ioprio_set$pid(0x2, r1, 0x4000) clone(0x0, &(0x7f0000000700), &(0x7f00000006c0), &(0x7f0000001880), &(0x7f0000000000)) 03:39:02 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020000006f786e6574302d232f70726f6300") 03:39:02 executing program 1: r0 = socket$inet6(0xa, 0x4000000001, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000080)={@remote={0xfe, 0x80, [], 0xbb}}, 0x14) setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000200)={@dev={0xfe, 0x80}}, 0x14) r2 = socket(0xa, 0x2, 0x0) sendto$inet6(r2, &(0x7f0000000280), 0xf401, 0x0, &(0x7f0000000200)={0xa, 0x4e24, 0x0, @loopback={0x0, 0x8}}, 0x1c) getsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f0000000580)={{{@in=@multicast1, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@dev}, 0x0, @in=@local}}, &(0x7f0000000680)=0xe8) r4 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0x7f, 0x101000) ioctl$EVIOCGSND(r4, 0x8040451a, &(0x7f0000000040)=""/5) setsockopt$inet6_IPV6_PKTINFO(r0, 0x29, 0x32, &(0x7f00000006c0)={@remote={0xfe, 0x80, [], 0xbb}, r3}, 0x14) 03:39:02 executing program 0: r0 = socket$inet6(0xa, 0x1000000000006, 0x2000000000) r1 = socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x8000, 0x0) setsockopt$bt_l2cap_L2CAP_OPTIONS(r2, 0x6, 0x1, &(0x7f00000000c0)={0x0, 0xffffffff, 0x0, 0xffff, 0x6df, 0x7ff, 0xfffffffffffffffc}, 0xc) r3 = socket$key(0xf, 0x3, 0x2) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffff9c, 0x89e2, &(0x7f0000000000)={r1}) ioctl$sock_kcm_SIOCKCMCLONE(r4, 0x89e2, &(0x7f0000000040)={r1}) sendmsg$key(r3, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x0) 03:39:02 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="2957e1311f16f477671070") r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x800, 0x8) write$P9_RAUTH(r1, &(0x7f0000000300)={0x14, 0x67, 0x1, {0x20, 0x4, 0x5}}, 0x14) r2 = socket(0xa, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r2, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00\x00d\x00', 0x20, 0x1, 0x1c8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000100], 0x0, &(0x7f0000000040), &(0x7f0000000100)=[{0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x9, 0x0, 0x0, 'bond0\x00', 'bond_slave_0\x00', 'veth0_to_team\x00', 'veth0\x00', @link_local={0x1, 0x80, 0xc2}, [], @empty, [], 0x108, 0x108, 0x138, [@limit={'limit\x00', 0x20, {{0x0, 0x81}}}, @ipvs={'ipvs\x00', 0x28, {{@ipv6}}}]}}, @common=@CONNSECMARK={'CONNSECMARK\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xffffffffffffffff}, {0x0, '\x00', 0x1, 0xffffffffffffffff}]}, 0x240) [ 849.684304] FAULT_INJECTION: forcing a failure. [ 849.684304] name failslab, interval 1, probability 0, space 0, times 0 [ 849.695926] CPU: 0 PID: 14823 Comm: syz-executor7 Not tainted 4.18.0-rc3-next-20180709+ #2 [ 849.704341] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 849.713705] Call Trace: [ 849.716301] dump_stack+0x1c9/0x2b4 [ 849.719998] ? dump_stack_print_info.cold.2+0x52/0x52 [ 849.725221] ? kasan_check_read+0x11/0x20 [ 849.729380] ? rcu_is_watching+0x8c/0x150 [ 849.733544] should_fail.cold.4+0xa/0x11 [ 849.737621] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 849.742730] ? kernel_text_address+0x79/0xf0 [ 849.747138] ? __kernel_text_address+0xd/0x40 [ 849.751648] ? unwind_get_return_address+0x61/0xa0 [ 849.756580] ? __save_stack_trace+0x8d/0xf0 [ 849.760908] ? save_stack+0xa9/0xd0 [ 849.764646] ? save_stack+0x43/0xd0 [ 849.768275] ? __kasan_slab_free+0x11a/0x170 [ 849.772719] ? kasan_slab_free+0xe/0x10 [ 849.776694] ? kfree+0xd9/0x260 [ 849.779973] ? ext4_ext_map_blocks+0xede/0x62f0 [ 849.786201] ? ext4_map_blocks+0xe31/0x1b60 [ 849.790522] ? ext4_getblk+0x10e/0x630 [ 849.794407] ? ext4_bread+0x95/0x2b0 [ 849.798137] ? ext4_append+0x14e/0x370 [ 849.802032] ? ext4_mkdir+0x532/0xe60 [ 849.805836] ? vfs_mkdir+0x42e/0x6b0 [ 849.809555] ? __x64_sys_mkdir+0x5c/0x80 [ 849.813621] ? do_syscall_64+0x1b9/0x820 [ 849.817716] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 849.823262] ? kasan_check_read+0x11/0x20 [ 849.827418] ? check_same_owner+0x340/0x340 [ 849.831740] ? kasan_check_write+0x14/0x20 [ 849.835976] ? rcu_note_context_switch+0x730/0x730 [ 849.840915] __should_failslab+0x124/0x180 [ 849.845191] should_failslab+0x9/0x14 [ 849.848995] __kmalloc+0x2c8/0x760 [ 849.852548] ? trace_hardirqs_off+0xd/0x10 [ 849.856789] ? ext4_find_extent+0x775/0xa10 [ 849.861135] ext4_find_extent+0x775/0xa10 [ 849.865306] ? trace_hardirqs_on+0xd/0x10 [ 849.869456] ext4_ext_map_blocks+0x293/0x62f0 [ 849.873961] ? ext4_find_delalloc_cluster+0xc0/0xc0 [ 849.878980] ? block_commit_write+0x30/0x30 [ 849.883311] ? __ext4_new_inode+0xb0d/0x6620 [ 849.887896] ? lock_acquire+0x1e4/0x540 [ 849.891959] ? ext4_es_lookup_extent+0x42c/0xde0 [ 849.896722] ? lock_downgrade+0x8f0/0x8f0 [ 849.900883] ? lock_release+0xa30/0xa30 [ 849.904878] ? lock_acquire+0x1e4/0x540 [ 849.908865] ? ext4_map_blocks+0x480/0x1b60 [ 849.913195] ? lock_acquire+0x1e4/0x540 [ 849.917169] ? ext4_map_blocks+0x88b/0x1b60 [ 849.921494] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 849.927034] ? lock_release+0xa30/0xa30 [ 849.931018] ? check_same_owner+0x340/0x340 [ 849.935344] ? ext4_map_blocks+0x66a/0x1b60 [ 849.939667] ? rcu_note_context_switch+0x730/0x730 [ 849.944615] ? down_write+0x8f/0x130 [ 849.948329] ? ext4_map_blocks+0x88b/0x1b60 [ 849.952648] ? down_read+0x1d0/0x1d0 [ 849.956386] ext4_map_blocks+0x8f3/0x1b60 [ 849.960541] ? __save_stack_trace+0x8d/0xf0 [ 849.964880] ? ext4_issue_zeroout+0x190/0x190 [ 849.969386] ? save_stack+0x43/0xd0 [ 849.973021] ? __kasan_slab_free+0x11a/0x170 [ 849.977431] ? kasan_slab_free+0xe/0x10 [ 849.981403] ? kmem_cache_free+0x86/0x2d0 [ 849.985557] ext4_getblk+0x10e/0x630 [ 849.989276] ? ext4_iomap_begin+0x1350/0x1350 [ 849.994985] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 850.000536] ? __dquot_initialize+0x61d/0xde0 [ 850.005045] ext4_bread+0x95/0x2b0 [ 850.008590] ? ext4_getblk+0x630/0x630 [ 850.012478] ? dquot_get_next_dqblk+0x180/0x180 [ 850.017155] ? debug_check_no_obj_freed+0x30b/0x595 [ 850.022172] ? kasan_check_write+0x14/0x20 [ 850.026497] ext4_append+0x14e/0x370 [ 850.030215] ext4_mkdir+0x532/0xe60 [ 850.033852] ? ext4_init_dot_dotdot+0x510/0x510 [ 850.038526] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 850.044064] ? security_inode_permission+0xd2/0x100 [ 850.049087] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 850.054623] ? security_inode_mkdir+0xe8/0x120 [ 850.059207] vfs_mkdir+0x42e/0x6b0 [ 850.062753] do_mkdirat+0x27b/0x310 [ 850.066386] ? __ia32_sys_mknod+0xb0/0xb0 [ 850.070532] ? ksys_ioctl+0x81/0xd0 [ 850.074250] __x64_sys_mkdir+0x5c/0x80 [ 850.078139] do_syscall_64+0x1b9/0x820 [ 850.082118] ? syscall_return_slowpath+0x5e0/0x5e0 [ 850.087079] ? syscall_return_slowpath+0x31d/0x5e0 [ 850.092545] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 850.097569] ? prepare_exit_to_usermode+0x291/0x3b0 [ 850.102589] ? perf_trace_sys_enter+0xb10/0xb10 [ 850.107264] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 850.112116] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 850.117302] RIP: 0033:0x455267 [ 850.120489] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 850.139766] RSP: 002b:00007f413f26ea88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 850.147479] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000455267 [ 850.154746] RDX: 0000000000000014 RSI: 00000000000001ff RDI: 00000000200000c0 [ 850.162018] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 850.169294] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 [ 850.176673] R13: 0000000000000001 R14: 00000000004d3f40 R15: 000000000000001d 03:39:03 executing program 6: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000740)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000013e95), 0x4) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000140)={0x0, @in6={{0x2, 0x0, 0x0, @mcast1={0xff, 0x1, [], 0x1}, 0xf401}}}, 0x98) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000140)=0xd) close(r0) 03:39:03 executing program 2: syz_read_part_table(0x86, 0x8, &(0x7f0000000540)=[{&(0x7f0000000080)="8282f22ab8ba12066a39f98103d173bc12567bff056af4388be619695319a2f8cf8a00a07208ef690d72fd59dc714e1d3016bf746b0e1ba38b713f34010b7ed7950aab24d837780d0516bcc320570a9ab4fccebfcf992f3a6bc6bc3bf5ace32f398e0ed6f1c1051a2e83d50544b79f8ffce8c36074af767c1bff2c7fbace35f6202428b63b9a69d31681c3b675efbe8f93b06b25a345749e66b4e6b4f666f9a758e1c0a159153e60fd6dbd0b8f6330f509755c77557289b8a6e2940c8d9a8fe541ac0ad36f0663b5d553409b7d061f151c9de0c1f672", 0xd6, 0x10001}, {&(0x7f0000000180)="d94d39a43d5529ebe532715ee0d6bf3d7e4d411d59c80306001814f5caa98519d02b31982a3eaf5dd38928b89afc127c021a5b08996b8c3f61ca46d064e0a98947a408d1f5b97f94ab216a64192a301ab28974f2ff9d5d7078858a672a3f3e539be6ffe91fe59b93771568521869b559f09e72517822808084475014cdcb8aebf76a046173e454fe7db48cd7f6aa7be9b3b020b18a58a4d718b331fc399e21538871a6f6031b658083be12d4f7edb5e5fab28f6488e4cf77a101ea0c072066ff2954ad09cd51b75d757f213357962bf9f8dbf8750fff3f4dccef79c17d15f5311f45ab2d", 0xe4, 0x100000000}, {&(0x7f0000000280)="551f3e817ea24cbabcac0a27c28bd87a562e7809e840c5fa871e8948a7c9efa776c8fb922508085e1279e8e165d28539d2b87fbb764c49e4aaafe8c2555bfca97f457317f1591b14e15bd5e8219f9aca31aebd9fd9993f749d47132f23d0c3ff37f52256edbd116db7f7c5c404051be7a8130b6f8866b48c444a8bb934", 0x7d, 0x7}, {&(0x7f0000000300)="fad3819df150b211acb3f62d3008645e30307220647c30dd9286ef814996d09dfea809c08060784f4936089aa6404ac31ee2833b2151fc60934126262f5616107071b987666a6f2a80240e2f5208f8f833bc", 0x52, 0x3}, {&(0x7f0000000380)="4784a618a6cf28777099dd517bc89ceae798e046de6f4c430e2832", 0x1b, 0x7}, {&(0x7f00000003c0)="67fa724ec6c2cd94c11b2e6e8e47741b52b65de9fc10ed73779fc67571f74673fbd90c9c31cc1d36997bf0311f2a64fee70e7dd65c6d2ef5397de9c8006c8e2742623f4344", 0x45, 0x60000000000}, {&(0x7f0000000440)="0021727afc3e90b60ddf02fd320526e85161389ef6f2da66afb5ddb4f5371f3593bac43fb2942d610adafba426624fc2e0e3aaf77664fbbe68508abdc9830e5548508bd24934b515d7ef23260419c72f000fe536dbaec72c1be0614b", 0x5c, 0x6a}, {&(0x7f00000004c0)="cdc0e52a3f5ae4a3b0dbb63ae00dfb6aa06cb3d1716575a857753bbeae6dd819cb8d506f9469ab5670a2a74b0502a2968d6048bbbe52e9d22ee1345e08e1a08ed5bbe5725a136eda9e3fc4601d9b689c25b83c88eb36f7bf49e3f45fef", 0x5d, 0x100000001}]) r0 = shmget(0x0, 0x3000, 0x400, &(0x7f0000ffc000/0x3000)=nil) shmctl$SHM_INFO(r0, 0xe, &(0x7f0000000640)=""/4096) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x1, 0x0) ioctl$sock_inet_SIOCSIFBRDADDR(r1, 0x891a, &(0x7f0000000600)={'veth1_to_bridge\x00', {0x2, 0x4e1d, @multicast2=0xe0000002}}) 03:39:03 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020000006f786e6574302d232f70726f6306") 03:39:03 executing program 1: lstat(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r1 = getegid() lstat(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setresgid(r0, r1, r2) r3 = syz_open_procfs(0x0, &(0x7f0000000200)="6e756d615f6d61707300b5c62e9e8de9f243640adf803c64577aa9e4e33f9f72e5185191246f8fe224c3925050e2a9e57dbf6b530a5ebbec861baf4dc4f84bb1df13f0b152aa3b6e780781b6a8d091f88658ef4f16a21417d83d000000000000000000000000000000") mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x0, 0x8c4b815a5465c2b2, 0xffffffffffffffff, 0x0) pread64(r3, &(0x7f0000df6000), 0x0, 0x800000000000) 03:39:03 executing program 7 (fault-call:0 fault-nth:30): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010a0200027400f801", 0x17}], 0x0, &(0x7f00000001c0)) [ 850.235831] xt_ipvs: protocol family 7 not supported 03:39:03 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(0xffffffffffffff9c, 0x84, 0x76, &(0x7f0000000000)={0x0, 0x1}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f0000000080)={r1, 0xfff}, 0x8) r2 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r2, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x0) 03:39:03 executing program 5: r0 = socket(0xa, 0x1, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r0) sendmmsg$unix(r1, &(0x7f0000005240)=[{&(0x7f0000000100)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000540), 0x0, &(0x7f0000000680)=[@rights={0x18, 0x1, 0x1, [r3]}], 0x18}], 0x4924924924926c2, 0x0) prctl$setname(0xf, &(0x7f0000000180)='loproc@self,bdev\x00') r4 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r4, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") recvmmsg(r2, &(0x7f0000004e40)=[{{&(0x7f0000000000)=@llc, 0x80, &(0x7f00000006c0), 0x0, &(0x7f0000000080)=""/9, 0x9}}], 0x37a, 0x0, &(0x7f00000050c0)={0x77359400}) [ 850.304503] FAULT_INJECTION: forcing a failure. [ 850.304503] name failslab, interval 1, probability 0, space 0, times 0 [ 850.315844] CPU: 1 PID: 14857 Comm: syz-executor7 Not tainted 4.18.0-rc3-next-20180709+ #2 [ 850.324457] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 850.324461] Call Trace: [ 850.324503] dump_stack+0x1c9/0x2b4 [ 850.324525] ? dump_stack_print_info.cold.2+0x52/0x52 [ 850.346075] should_fail.cold.4+0xa/0x11 [ 850.350151] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 850.355269] ? do_raw_spin_unlock+0xa7/0x2f0 [ 850.359688] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 850.364275] ? kasan_check_write+0x14/0x20 [ 850.368509] ? do_raw_spin_lock+0xc1/0x200 [ 850.372750] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 850.378292] ? __mark_inode_dirty+0x495/0x1550 [ 850.382903] ? __inode_attach_wb+0x13e0/0x13e0 [ 850.387504] ? kasan_check_read+0x11/0x20 [ 850.391653] ? do_raw_spin_unlock+0xa7/0x2f0 [ 850.396059] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 850.400659] ? kasan_check_write+0x14/0x20 [ 850.404899] ? check_same_owner+0x340/0x340 [ 850.409215] ? __dquot_alloc_space+0x4b6/0x8c0 [ 850.413796] ? rcu_note_context_switch+0x730/0x730 [ 850.418733] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 850.424375] __should_failslab+0x124/0x180 [ 850.428617] should_failslab+0x9/0x14 [ 850.432430] kmem_cache_alloc+0x2af/0x760 [ 850.436587] ? percpu_counter_add_batch+0xf2/0x150 [ 850.441524] ext4_mb_new_blocks+0x778/0x4740 [ 850.445938] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 850.450963] ? bpf_prog_kallsyms_find+0xde/0x4c0 [ 850.455734] ? ext4_discard_preallocations+0x13d0/0x13d0 [ 850.461190] ? lock_release+0xa30/0xa30 [ 850.465164] ? kasan_check_read+0x11/0x20 [ 850.469312] ? rcu_is_watching+0x8c/0x150 [ 850.473465] ? rcu_cleanup_dead_rnp+0x200/0x200 [ 850.478134] ? is_bpf_text_address+0xd7/0x170 [ 850.482631] ? kernel_text_address+0x79/0xf0 [ 850.487127] ? __kernel_text_address+0xd/0x40 [ 850.491619] ? unwind_get_return_address+0x61/0xa0 [ 850.496552] ? __save_stack_trace+0x8d/0xf0 [ 850.500883] ? save_stack+0xa9/0xd0 [ 850.504510] ? save_stack+0x43/0xd0 [ 850.508134] ? kasan_kmalloc+0xc4/0xe0 [ 850.512019] ? __kmalloc+0x14e/0x760 [ 850.515728] ? ext4_find_extent+0x775/0xa10 [ 850.520040] ? ext4_ext_map_blocks+0x293/0x62f0 [ 850.524703] ? ext4_map_blocks+0x8f3/0x1b60 [ 850.529034] ? ext4_getblk+0x10e/0x630 [ 850.532927] ? ext4_bread+0x95/0x2b0 [ 850.536638] ? ext4_append+0x14e/0x370 [ 850.540518] ? ext4_mkdir+0x532/0xe60 [ 850.544328] ? vfs_mkdir+0x42e/0x6b0 [ 850.548040] ? do_mkdirat+0x27b/0x310 [ 850.551835] ? __x64_sys_mkdir+0x5c/0x80 [ 850.555893] ? do_syscall_64+0x1b9/0x820 [ 850.559950] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 850.565315] ? save_stack+0xa9/0xd0 [ 850.568940] ? save_stack+0x43/0xd0 [ 850.572576] ? __kasan_slab_free+0x11a/0x170 [ 850.576976] ? kasan_slab_free+0xe/0x10 [ 850.580942] ? kfree+0xd9/0x260 [ 850.584219] ? ext4_ext_map_blocks+0xede/0x62f0 [ 850.588904] ? ext4_map_blocks+0xe31/0x1b60 [ 850.593221] ? ext4_getblk+0x10e/0x630 [ 850.597112] ? ext4_bread+0x95/0x2b0 [ 850.600823] ? ext4_append+0x14e/0x370 [ 850.604702] ? ext4_mkdir+0x532/0xe60 [ 850.608499] ? vfs_mkdir+0x42e/0x6b0 [ 850.612210] ? do_mkdirat+0x27b/0x310 [ 850.616106] ? __x64_sys_mkdir+0x5c/0x80 [ 850.620164] ? do_syscall_64+0x1b9/0x820 [ 850.624224] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 850.629585] ? kasan_check_read+0x11/0x20 [ 850.633730] ? do_raw_spin_unlock+0xa7/0x2f0 [ 850.638137] ? check_same_owner+0x340/0x340 [ 850.642484] ? kasan_check_write+0x14/0x20 [ 850.646720] ? kasan_unpoison_shadow+0x35/0x50 [ 850.651307] ? kasan_kmalloc+0xc4/0xe0 [ 850.655193] ? __kmalloc+0x315/0x760 [ 850.658905] ? trace_hardirqs_off+0xd/0x10 [ 850.663137] ? ext4_find_extent+0x775/0xa10 [ 850.667545] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 850.673080] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 850.678629] ? ext4_inode_to_goal_block+0x2e3/0x3f0 [ 850.683646] ext4_ext_map_blocks+0x2dc0/0x62f0 [ 850.688234] ? ext4_find_delalloc_cluster+0xc0/0xc0 [ 850.693263] ? block_commit_write+0x30/0x30 [ 850.697587] ? __ext4_new_inode+0xb0d/0x6620 [ 850.701993] ? lock_acquire+0x1e4/0x540 [ 850.705963] ? ext4_es_lookup_extent+0x42c/0xde0 [ 850.718014] ? lock_downgrade+0x8f0/0x8f0 [ 850.722256] ? lock_acquire+0x1e4/0x540 [ 850.726233] ? ext4_map_blocks+0x480/0x1b60 [ 850.730916] ? lock_acquire+0x1e4/0x540 [ 850.734893] ? ext4_map_blocks+0x88b/0x1b60 [ 850.739218] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 850.744772] ? lock_release+0xa30/0xa30 [ 850.748744] ? check_same_owner+0x340/0x340 [ 850.753161] ? ext4_map_blocks+0x66a/0x1b60 [ 850.757487] ? rcu_note_context_switch+0x730/0x730 [ 850.762415] ? down_write+0x8f/0x130 [ 850.766130] ? ext4_map_blocks+0x88b/0x1b60 [ 850.770462] ? down_read+0x1d0/0x1d0 [ 850.774179] ext4_map_blocks+0x8f3/0x1b60 [ 850.778336] ? __save_stack_trace+0x8d/0xf0 [ 850.782670] ? ext4_issue_zeroout+0x190/0x190 [ 850.787166] ? save_stack+0x43/0xd0 [ 850.790792] ? __kasan_slab_free+0x11a/0x170 [ 850.795196] ? kasan_slab_free+0xe/0x10 [ 850.799167] ? kmem_cache_free+0x86/0x2d0 [ 850.803423] ext4_getblk+0x10e/0x630 [ 850.807163] ? ext4_iomap_begin+0x1350/0x1350 [ 850.811852] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 850.817383] ? __dquot_initialize+0x61d/0xde0 [ 850.821880] ext4_bread+0x95/0x2b0 [ 850.826505] ? ext4_getblk+0x630/0x630 [ 850.830420] ? dquot_get_next_dqblk+0x180/0x180 [ 850.835108] ? debug_check_no_obj_freed+0x30b/0x595 [ 850.840120] ? kasan_check_write+0x14/0x20 [ 850.844359] ext4_append+0x14e/0x370 [ 850.848073] ext4_mkdir+0x532/0xe60 [ 850.851699] ? ext4_init_dot_dotdot+0x510/0x510 [ 850.856364] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 850.861990] ? security_inode_permission+0xd2/0x100 [ 850.867004] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 850.872533] ? security_inode_mkdir+0xe8/0x120 [ 850.877115] vfs_mkdir+0x42e/0x6b0 [ 850.880654] do_mkdirat+0x27b/0x310 [ 850.884280] ? __ia32_sys_mknod+0xb0/0xb0 [ 850.888428] ? ksys_ioctl+0x81/0xd0 [ 850.892053] __x64_sys_mkdir+0x5c/0x80 [ 850.895939] do_syscall_64+0x1b9/0x820 [ 850.899835] ? finish_task_switch+0x1d3/0x870 [ 850.904331] ? syscall_return_slowpath+0x5e0/0x5e0 [ 850.909261] ? syscall_return_slowpath+0x31d/0x5e0 [ 850.914279] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 850.919295] ? prepare_exit_to_usermode+0x291/0x3b0 [ 850.924312] ? perf_trace_sys_enter+0xb10/0xb10 [ 850.928981] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 850.933845] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 850.939031] RIP: 0033:0x455267 03:39:03 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) recvmmsg(r0, &(0x7f0000003f80)=[{{&(0x7f0000000080)=@can, 0x80, &(0x7f00000001c0)}}], 0x1, 0x0, &(0x7f0000004000)={0x77359400}) sendmsg$nl_route_sched(r0, &(0x7f0000005a00)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000059c0)={&(0x7f0000000040)=ANY=[]}, 0x1}, 0x0) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x200000, 0x0) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, &(0x7f0000000040)={0x0, 0x3, 0x80}, &(0x7f0000000100)=0x8) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000280)={r2, @in6={{0xa, 0x4e24, 0x854, @local={0xfe, 0x80, [], 0xaa}, 0x10000}}, 0x1000000, 0xe3, 0x8, 0x7, 0x40}, 0x98) setsockopt$inet_sctp_SCTP_SET_PEER_PRIMARY_ADDR(r1, 0x84, 0x5, &(0x7f00000001c0)={r2, @in6={{0xa, 0x4e21, 0x9, @local={0xfe, 0x80, [], 0xaa}, 0x9}}}, 0x84) 03:39:03 executing program 1: setsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000001000)={0x10000, 0x4, 0x100, 0x400}, 0x6) r0 = socket(0x11, 0x80002, 0x0) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000788000)=0x2, 0x4) bind$packet(r0, &(0x7f0000000480)={0x11, 0x3, 0x0, 0x1, 0x0, 0x6, @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}}, 0x14) setsockopt(r0, 0x107, 0x5, &(0x7f0000001000), 0xc5) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c) listen(r1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) r3 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r3, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") setsockopt$inet6_MRT6_DEL_MFC(r1, 0x29, 0xcd, &(0x7f0000000100)={{0xa, 0x4e21, 0xf567, @remote={0xfe, 0x80, [], 0xbb}, 0x6}, {0xa, 0x4e22, 0x200, @dev={0xfe, 0x80, [], 0x10}, 0x5}, 0x7, [0x0, 0x2, 0x1b41651c, 0x9, 0x10000, 0x2, 0x8001, 0x1]}, 0x5c) getsockname$packet(r0, &(0x7f0000000040)={0x0, 0x0, 0x0}, &(0x7f0000000080)=0x14) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f00000000c0)={'team0\x00', r4}) r5 = semget$private(0x0, 0x7, 0x400) semctl$SETVAL(r5, 0x3, 0x10, &(0x7f0000000180)) sendto$inet6(r2, &(0x7f0000000280), 0xfffffffffffffc9e, 0x20009002, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @empty={[0x0, 0x0, 0x1000000000000000]}}, 0x1c) shutdown(r2, 0x1) 03:39:03 executing program 2: r0 = socket$inet6(0xa, 0x40100000003, 0x7) sendto$inet6(r0, &(0x7f0000000000), 0xffa7, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0x0, 0x8}}, 0x1b) [ 850.942213] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 850.961493] RSP: 002b:00007f413f26ea88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 850.969205] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000455267 [ 850.976471] RDX: 0000000000000014 RSI: 00000000000001ff RDI: 00000000200000c0 [ 850.983757] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 850.991043] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 [ 850.998311] R13: 0000000000000001 R14: 00000000004d3f40 R15: 000000000000001e 03:39:04 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020000006f786e6574302d232f70726f6300") 03:39:04 executing program 2: r0 = socket$inet(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f00000000c0)={{0x2, 0x0, @dev={0xac, 0x14, 0x14}}, {}, 0x4, {0x2, 0x0, @loopback=0x7f000001}, 'ip6gre0\x00'}) recvfrom$inet(r0, &(0x7f0000000140)=""/4096, 0x1000, 0x10100, &(0x7f0000000000)={0x2, 0x4e20, @rand_addr=0x4}, 0x10) 03:39:04 executing program 7 (fault-call:0 fault-nth:31): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010a0200027400f801", 0x17}], 0x0, &(0x7f00000001c0)) [ 851.095018] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. [ 851.128784] FAULT_INJECTION: forcing a failure. [ 851.128784] name failslab, interval 1, probability 0, space 0, times 0 [ 851.140152] CPU: 0 PID: 14887 Comm: syz-executor7 Not tainted 4.18.0-rc3-next-20180709+ #2 [ 851.148652] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 851.158131] Call Trace: [ 851.160736] dump_stack+0x1c9/0x2b4 [ 851.164390] ? dump_stack_print_info.cold.2+0x52/0x52 [ 851.169594] ? ext4_getblk+0x10e/0x630 [ 851.173495] ? ext4_bread+0x95/0x2b0 [ 851.177223] ? ext4_append+0x14e/0x370 [ 851.181122] ? ext4_mkdir+0x532/0xe60 [ 851.184929] ? do_mkdirat+0x27b/0x310 [ 851.188732] should_fail.cold.4+0xa/0x11 [ 851.192794] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 851.197914] ? kasan_check_write+0x14/0x20 [ 851.202151] ? do_raw_spin_lock+0xc1/0x200 [ 851.206387] ? trace_hardirqs_on+0x10/0x10 [ 851.210615] ? debug_check_no_obj_freed+0x30b/0x595 [ 851.215824] ? trace_hardirqs_off+0xd/0x10 [ 851.220057] ? quarantine_put+0x10d/0x1b0 [ 851.224195] ? __kasan_slab_free+0x131/0x170 [ 851.228684] ? trace_hardirqs_on+0xd/0x10 [ 851.232823] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 851.238354] ? ext4_ext_map_blocks+0xfb2/0x62f0 [ 851.243031] __should_failslab+0x124/0x180 [ 851.247258] should_failslab+0x9/0x14 [ 851.251048] kmem_cache_alloc+0x47/0x760 [ 851.255115] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 851.260128] ? ext4_es_can_be_merged+0x238/0x2a0 [ 851.264900] __es_insert_extent+0x305/0x1140 [ 851.269300] ? ext4_es_free_extent+0x820/0x820 [ 851.273872] ? lock_release+0xa30/0xa30 [ 851.277846] ? lock_acquire+0x1e4/0x540 [ 851.281818] ? ext4_map_blocks+0x480/0x1b60 [ 851.286140] ? kasan_check_write+0x14/0x20 [ 851.290363] ? do_raw_write_lock+0xbd/0x1b0 [ 851.294674] ext4_es_insert_extent+0x2ea/0x7e0 [ 851.299255] ? lock_release+0xa30/0xa30 [ 851.303228] ? ext4_es_find_delayed_extent_range+0xd80/0xd80 [ 851.309030] ? rcu_note_context_switch+0x730/0x730 [ 851.313951] ? down_write+0x8f/0x130 [ 851.317660] ? ext4_map_blocks+0x88b/0x1b60 [ 851.321968] ? down_read+0x1d0/0x1d0 [ 851.325674] ext4_map_blocks+0xb08/0x1b60 [ 851.329820] ? __save_stack_trace+0x8d/0xf0 [ 851.334137] ? ext4_issue_zeroout+0x190/0x190 [ 851.338631] ? save_stack+0x43/0xd0 [ 851.342266] ? __kasan_slab_free+0x11a/0x170 [ 851.346696] ? kasan_slab_free+0xe/0x10 [ 851.350666] ? kmem_cache_free+0x86/0x2d0 [ 851.354806] ext4_getblk+0x10e/0x630 [ 851.358517] ? ext4_iomap_begin+0x1350/0x1350 [ 851.363002] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 851.368525] ? __dquot_initialize+0x61d/0xde0 [ 851.373021] ext4_bread+0x95/0x2b0 [ 851.376561] ? ext4_getblk+0x630/0x630 [ 851.380461] ? dquot_get_next_dqblk+0x180/0x180 [ 851.385129] ? debug_check_no_obj_freed+0x30b/0x595 [ 851.390135] ? kasan_check_write+0x14/0x20 [ 851.394368] ext4_append+0x14e/0x370 [ 851.398074] ext4_mkdir+0x532/0xe60 [ 851.401696] ? ext4_init_dot_dotdot+0x510/0x510 [ 851.406358] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 851.411891] ? security_inode_permission+0xd2/0x100 [ 851.416908] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 851.422437] ? security_inode_mkdir+0xe8/0x120 [ 851.427008] vfs_mkdir+0x42e/0x6b0 [ 851.430537] do_mkdirat+0x27b/0x310 [ 851.434174] ? __ia32_sys_mknod+0xb0/0xb0 [ 851.438397] ? ksys_ioctl+0x81/0xd0 [ 851.442014] __x64_sys_mkdir+0x5c/0x80 [ 851.445920] do_syscall_64+0x1b9/0x820 [ 851.449804] ? finish_task_switch+0x1d3/0x870 [ 851.454296] ? syscall_return_slowpath+0x5e0/0x5e0 [ 851.459225] ? syscall_return_slowpath+0x31d/0x5e0 [ 851.464160] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 851.469168] ? prepare_exit_to_usermode+0x291/0x3b0 [ 851.474170] ? perf_trace_sys_enter+0xb10/0xb10 [ 851.478828] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 851.483662] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 851.488836] RIP: 0033:0x455267 [ 851.492009] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 851.511300] RSP: 002b:00007f413f26ea88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 851.518996] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000455267 [ 851.526252] RDX: 0000000000000014 RSI: 00000000000001ff RDI: 00000000200000c0 [ 851.533516] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a 03:39:04 executing program 6: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000740)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000013e95), 0x4) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000140)={0x0, @in6={{0x2, 0x0, 0x0, @mcast1={0xff, 0x1, [], 0x1}}}}, 0x98) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000140)=0xd) close(r0) 03:39:04 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020000006f786e6574302d232f70726f6300") 03:39:04 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffb8ffffffff02001300020000000000fcffbfff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x0) [ 851.540782] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 [ 851.548046] R13: 0000000000000001 R14: 00000000004d3f40 R15: 000000000000001f [ 851.588893] FAT-fs (loop7): Directory bread(block 2563) failed [ 851.595346] FAT-fs (loop7): Directory bread(block 2564) failed [ 851.603590] FAT-fs (loop7): Directory bread(block 2565) failed [ 851.610263] FAT-fs (loop7): Directory bread(block 2566) failed [ 851.617116] FAT-fs (loop7): Directory bread(block 2567) failed [ 851.624144] FAT-fs (loop7): Directory bread(block 2568) failed [ 851.630542] FAT-fs (loop7): Directory bread(block 2569) failed 03:39:04 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020000006f786e6574302d232f70726f63ff") 03:39:04 executing program 0: r0 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vcs\x00', 0x420040, 0x0) getpeername$inet6(r0, &(0x7f0000000100), &(0x7f0000000140)=0x1c) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r2 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r2, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000000000)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x0) [ 851.636843] FAT-fs (loop7): Directory bread(block 2570) failed [ 851.643421] FAT-fs (loop7): Directory bread(block 2571) failed [ 851.649717] FAT-fs (loop7): Directory bread(block 2572) failed 03:39:04 executing program 7 (fault-call:0 fault-nth:32): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010a0200027400f801", 0x17}], 0x0, &(0x7f00000001c0)) [ 851.768321] FAULT_INJECTION: forcing a failure. [ 851.768321] name failslab, interval 1, probability 0, space 0, times 0 [ 851.779708] CPU: 1 PID: 14907 Comm: syz-executor7 Not tainted 4.18.0-rc3-next-20180709+ #2 [ 851.788112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 851.797458] Call Trace: [ 851.800053] dump_stack+0x1c9/0x2b4 [ 851.803684] ? dump_stack_print_info.cold.2+0x52/0x52 [ 851.808876] ? ext4_getblk+0x10e/0x630 [ 851.812765] ? ext4_bread+0x95/0x2b0 [ 851.816477] ? ext4_append+0x14e/0x370 [ 851.820366] ? ext4_mkdir+0x532/0xe60 [ 851.824162] ? do_mkdirat+0x27b/0x310 [ 851.827965] should_fail.cold.4+0xa/0x11 [ 851.832027] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 851.837127] ? kasan_check_write+0x14/0x20 [ 851.841360] ? do_raw_spin_lock+0xc1/0x200 [ 851.845594] ? trace_hardirqs_on+0x10/0x10 [ 851.849829] ? debug_check_no_obj_freed+0x30b/0x595 [ 851.854860] ? trace_hardirqs_off+0xd/0x10 [ 851.859092] ? quarantine_put+0x10d/0x1b0 [ 851.863240] ? __kasan_slab_free+0x131/0x170 [ 851.867647] ? trace_hardirqs_on+0xd/0x10 [ 851.871802] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 851.877340] ? ext4_ext_map_blocks+0xfb2/0x62f0 [ 851.882013] __should_failslab+0x124/0x180 [ 851.886348] should_failslab+0x9/0x14 [ 851.890147] kmem_cache_alloc+0x47/0x760 [ 851.894206] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 851.899228] ? ext4_es_can_be_merged+0x238/0x2a0 [ 851.903994] __es_insert_extent+0x305/0x1140 [ 851.908573] ? ext4_es_free_extent+0x820/0x820 [ 851.913152] ? lock_release+0xa30/0xa30 [ 851.917126] ? lock_acquire+0x1e4/0x540 [ 851.921095] ? ext4_map_blocks+0x480/0x1b60 [ 851.925418] ? kasan_check_write+0x14/0x20 [ 851.929651] ? do_raw_write_lock+0xbd/0x1b0 [ 851.933970] ext4_es_insert_extent+0x2ea/0x7e0 [ 851.938554] ? lock_release+0xa30/0xa30 [ 851.942528] ? ext4_es_find_delayed_extent_range+0xd80/0xd80 [ 851.948321] ? rcu_note_context_switch+0x730/0x730 [ 851.953255] ? down_write+0x8f/0x130 [ 851.956975] ? ext4_map_blocks+0x88b/0x1b60 [ 851.961289] ? down_read+0x1d0/0x1d0 [ 851.965001] ext4_map_blocks+0xb08/0x1b60 [ 851.969147] ? __save_stack_trace+0x8d/0xf0 [ 851.973469] ? ext4_issue_zeroout+0x190/0x190 [ 851.977963] ? save_stack+0x43/0xd0 [ 851.981584] ? __kasan_slab_free+0x11a/0x170 [ 851.985985] ? kasan_slab_free+0xe/0x10 [ 851.989954] ? kmem_cache_free+0x86/0x2d0 [ 851.994314] ext4_getblk+0x10e/0x630 [ 851.998057] ? ext4_iomap_begin+0x1350/0x1350 [ 852.002554] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 852.008087] ? __dquot_initialize+0x61d/0xde0 [ 852.012580] ext4_bread+0x95/0x2b0 [ 852.016116] ? ext4_getblk+0x630/0x630 [ 852.020003] ? dquot_get_next_dqblk+0x180/0x180 [ 852.024689] ? debug_check_no_obj_freed+0x30b/0x595 [ 852.029707] ? kasan_check_write+0x14/0x20 [ 852.033959] ext4_append+0x14e/0x370 [ 852.037674] ext4_mkdir+0x532/0xe60 [ 852.041301] ? ext4_init_dot_dotdot+0x510/0x510 [ 852.045989] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 852.051522] ? security_inode_permission+0xd2/0x100 [ 852.056543] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 852.062091] ? security_inode_mkdir+0xe8/0x120 [ 852.066672] vfs_mkdir+0x42e/0x6b0 [ 852.070215] do_mkdirat+0x27b/0x310 [ 852.073840] ? __ia32_sys_mknod+0xb0/0xb0 [ 852.077985] ? ksys_ioctl+0x81/0xd0 [ 852.081612] __x64_sys_mkdir+0x5c/0x80 [ 852.085498] do_syscall_64+0x1b9/0x820 [ 852.089380] ? finish_task_switch+0x1d3/0x870 [ 852.093888] ? syscall_return_slowpath+0x5e0/0x5e0 [ 852.098815] ? syscall_return_slowpath+0x31d/0x5e0 [ 852.103743] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 852.108758] ? prepare_exit_to_usermode+0x291/0x3b0 [ 852.113773] ? perf_trace_sys_enter+0xb10/0xb10 [ 852.118441] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 852.123290] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 852.128476] RIP: 0033:0x455267 [ 852.131663] Code: 1f 40 00 b8 5a 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 cd c5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad c5 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 852.150933] RSP: 002b:00007f413f26ea88 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 852.159432] RAX: ffffffffffffffda RBX: 0000000020000228 RCX: 0000000000455267 03:39:05 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020000006f786e6574302d232f70726f6300") [ 852.166693] RDX: 0000000000000014 RSI: 00000000000001ff RDI: 00000000200000c0 [ 852.173964] RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a [ 852.181315] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000014 [ 852.188589] R13: 0000000000000001 R14: 00000000004d3f40 R15: 0000000000000020 [ 852.198826] FAT-fs (loop7): Directory bread(block 2563) failed 03:39:05 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) r1 = accept4$inet(0xffffffffffffff9c, 0x0, &(0x7f0000000000), 0x80000) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f0000000040)={0x0, @in={{0x2, 0x4e24, @broadcast=0xffffffff}}, 0x3, 0x4}, &(0x7f0000000100)=0x90) getsockopt$inet_sctp_SCTP_RTOINFO(r1, 0x84, 0x0, &(0x7f0000000140)={r2, 0xff, 0x7fffffff, 0x6}, &(0x7f0000000180)=0x10) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r3 = socket$key(0xf, 0x3, 0x2) setsockopt$sock_int(r1, 0x1, 0x22, &(0x7f00000001c0)=0xab29, 0x4) sendmsg$key(r3, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x0) [ 852.224856] FAT-fs (loop7): Directory bread(block 2564) failed [ 852.235018] FAT-fs (loop7): Directory bread(block 2565) failed [ 852.242361] FAT-fs (loop7): Directory bread(block 2566) failed [ 852.249007] FAT-fs (loop7): Directory bread(block 2567) failed [ 852.255506] FAT-fs (loop7): Directory bread(block 2568) failed [ 852.261742] FAT-fs (loop7): Directory bread(block 2569) failed [ 852.268186] FAT-fs (loop7): Directory bread(block 2570) failed 03:39:05 executing program 6: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000740)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000013e95), 0x4) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000140)={0x0, @in6={{0x2, 0x0, 0x0, @mcast1={0xff, 0x1, [], 0x1}}}}, 0x98) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000140)=0xd) close(r0) [ 852.274443] FAT-fs (loop7): Directory bread(block 2571) failed [ 852.281360] FAT-fs (loop7): Directory bread(block 2572) failed 03:39:05 executing program 5: r0 = syz_open_dev$sndpcmp(&(0x7f0000000140)='/dev/snd/pcmC#D#p\x00', 0x8000, 0x2) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000000)='tls\x00', 0x4) fcntl$setstatus(r0, 0x4, 0x42000) 03:39:05 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) recvmmsg(r0, &(0x7f0000003f80)=[{{&(0x7f0000000080)=@can, 0x80, &(0x7f00000001c0)}}], 0x1, 0x0, &(0x7f0000004000)={0x77359400}) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vga_arbiter\x00', 0x100, 0x0) recvmsg$kcm(r1, &(0x7f0000000580)={&(0x7f00000001c0)=@pppol2tpv3={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @loopback}}}, 0x80, &(0x7f0000000440)=[{&(0x7f0000000240)=""/115, 0x73}, {&(0x7f00000002c0)=""/114, 0x72}, {&(0x7f0000000340)=""/203, 0xcb}], 0x3, &(0x7f0000000480)=""/235, 0xeb, 0x2}, 0x100) getsockopt$IPT_SO_GET_REVISION_TARGET(r1, 0x0, 0x43, &(0x7f00000005c0)={'NETMAP\x00'}, &(0x7f0000000600)=0x1e) sendmsg$nl_route_sched(r0, &(0x7f0000005a00)={&(0x7f0000000180)={0x10}, 0xc, &(0x7f00000059c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="2400000026000102000000000000000000000000", @ANYBLOB="00000000bd"], 0x2}, 0x1}, 0x0) r2 = creat(&(0x7f0000000000)='./file0\x00', 0x2a) setsockopt$inet_sctp_SCTP_EVENTS(r2, 0x84, 0xb, &(0x7f0000000100)={0x71c, 0x2, 0x400, 0x6, 0x8001, 0x480000000000000, 0x4, 0x0, 0x5, 0x6, 0x137fe000000}, 0xb) 03:39:05 executing program 1: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth1_to_bridge\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@loopback={0x0, 0x1}, @dev={0xfe, 0x80}, @loopback={0x0, 0x1}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}) socket$inet6(0xa, 0x80000, 0xd141) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000380)={@mcast1={0xff, 0x1, [], 0x1}, @loopback={0x0, 0x1}, @empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}) 03:39:05 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020000006f786e6574302d232f70726f63fd") 03:39:05 executing program 7 (fault-call:0 fault-nth:33): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010a0200027400f801", 0x17}], 0x0, &(0x7f00000001c0)) 03:39:05 executing program 2: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount(&(0x7f0000000840)='./file0/file0\x00', &(0x7f0000000000)='./file0/file0/file0\x00', &(0x7f00000008c0)='proc\x00', 0x0, 0x0) syz_fuseblk_mount(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='./file0/file0/file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 03:39:05 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) r1 = dup3(r0, r0, 0x80000) r2 = syz_genetlink_get_family_id$fou(&(0x7f00000000c0)='fou\x00') sendmsg$FOU_CMD_DEL(r1, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2251c}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x2c, r2, 0x0, 0x70bd25, 0x25dfdbff, {0x2}, [@FOU_ATTR_TYPE={0x8, 0x4}, @FOU_ATTR_PORT={0x8, 0x1, 0x4e24}, @FOU_ATTR_IPPROTO={0x8, 0x3, 0x2f}]}, 0x2c}, 0x1, 0x0, 0x0, 0x80}, 0x4c015) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r3 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r3, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffff1300020000000000fcffffff0000030006000000000002004e20e00000010000000000000024020001767bffbfff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea200000000000000"], 0x60}, 0x1}, 0x0) r4 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x9, 0x40) recvfrom$llc(r4, &(0x7f00000002c0)=""/4096, 0x1000, 0x20, &(0x7f0000000040)={0x1a, 0x201, 0x8001, 0x494, 0x0, 0x3, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xf}}, 0x10) 03:39:05 executing program 5: r0 = socket$inet(0x2, 0x200000002, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000480)=@broute={'broute\x00', 0x20, 0x2, 0x328, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000080], 0x0, &(0x7f0000000040), &(0x7f0000000500)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000190000000000000000726f736530000000000000000000000076657468315f746f5f627269646765007465616d5f736c6176655f310000000064756d6d7930000000000000000000000180c2000000000000000000ffffffffffff0000000000000000d00000000801000038010000706b747479706500000000cb7f703d14a0b1370000000000000000000000000008000000000000000000000000000000706b747479706500000000000000000000000000000000000000000000000000080000000000000000000000000000006d61726b0000000000000000000000000000000000000000000000000000000010000000000000000000000000000000fdffffff0000000072656469726563740000000000000000000000000000000000000000000000000800000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000001000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000001000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000001000000ffffffff01000000030000000000000080357665746831000000000000000000000074756e6c30000000000000000000000076657468315f746f5f7465616d000000766c616e300000000000000000000000aaaaaaaaaabb000000000000aaaaaaaaaa0000000000000000000001000000010000300100006367726f757000000000000000000000000000000000000000000000000000000800000000000000000000000000000061727000000000000000000000000000000000000000000000000000000000003800000000000000000000000000000000000000000000007f0000010000000072ce35f34121000000000000000000000000000000000000000000000000000072656469726563740000000000000000000000000000000000000000000000000800000000000000ffffffff000000008d4ed8fd3965e5087fec855eed982be274b451f43322972b23c9b10c8c26f1d3fe48d1871e808f37180500"]}, 0x3ca) fcntl$getownex(r0, 0x10, &(0x7f0000000000)={0x0, 0x0}) getsockopt$inet_tcp_buf(r0, 0x6, 0x2b, &(0x7f0000000080)=""/132, &(0x7f0000000140)=0x84) ptrace$getregset(0x4204, r1, 0x4, &(0x7f0000000440)={&(0x7f00000003c0)=""/71, 0x47}) [ 852.462864] kernel msg: ebtables bug: please report to author: Wrong len argument [ 852.475986] FAULT_INJECTION: forcing a failure. [ 852.475986] name failslab, interval 1, probability 0, space 0, times 0 [ 852.487333] CPU: 1 PID: 14943 Comm: syz-executor7 Not tainted 4.18.0-rc3-next-20180709+ #2 [ 852.495747] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 852.505128] Call Trace: [ 852.507736] dump_stack+0x1c9/0x2b4 03:39:05 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$vsock_dgram(0x28, 0x2, 0x0) shutdown(r1, 0x1) timer_create(0x7, &(0x7f0000000040)={0x0, 0x14, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000080)=0x0) timer_gettime(r2, &(0x7f00000000c0)) poll(&(0x7f0000000000)=[{r1}], 0x1, 0x3) [ 852.511369] ? dump_stack_print_info.cold.2+0x52/0x52 [ 852.516568] ? __kernel_text_address+0xd/0x40 [ 852.521068] should_fail.cold.4+0xa/0x11 [ 852.525131] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 852.530237] ? perf_trace_lock+0x920/0x920 [ 852.534473] ? save_stack+0x43/0xd0 [ 852.538100] ? kasan_kmalloc+0xc4/0xe0 [ 852.541986] ? __kmalloc_track_caller+0x14a/0x760 [ 852.546833] ? memdup_user+0x2c/0xa0 [ 852.550547] ? strndup_user+0x77/0xd0 [ 852.554348] ? ksys_mount+0x3c/0x140 [ 852.558077] ? do_syscall_64+0x1b9/0x820 03:39:05 executing program 1: r0 = socket$netlink(0x10, 0x3, 0xc) writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000000)="48000000140019eca54dcbeafd0d8c560a84ffe00600000000000000a2bc5603ca00000f7f81001e362d6f53000101ff0000000309ff5bffff00c7e5ed5e00000000000000b32b2d", 0x48}], 0x1) r1 = memfd_create(&(0x7f0000000080)='\x00', 0x2) setsockopt$bt_BT_DEFER_SETUP(r1, 0x112, 0x7, &(0x7f0000000100)=0x7, 0x4) openat$cgroup_procs(r1, &(0x7f0000000140)='cgroup.threads\x00', 0x2, 0x0) [ 852.562152] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 852.562840] kernel msg: ebtables bug: please report to author: Wrong len argument [ 852.567529] ? lock_acquire+0x1e4/0x540 [ 852.567551] ? lock_acquire+0x1e4/0x540 [ 852.567566] ? fs_reclaim_acquire+0x20/0x20 [ 852.567585] ? lock_downgrade+0x8f0/0x8f0 [ 852.591597] ? check_same_owner+0x340/0x340 [ 852.595935] ? lock_release+0xa30/0xa30 [ 852.599921] ? rcu_note_context_switch+0x730/0x730 [ 852.604861] ? __sanitizer_cov_trace_cmp8+0x18/0x20 03:39:05 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000002000)={0xaa}) r2 = dup(r0) getresuid(&(0x7f00000000c0)=0x0, &(0x7f0000000140), &(0x7f0000000180)) r4 = getegid() getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f00000001c0)={{{@in6=@local, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast1}}}, &(0x7f00000002c0)=0xe8) write$P9_RSTATu(r2, &(0x7f0000000380)=ANY=[@ANYBLOB="670000007d020000005100010008000000010300000005000000000000000000a85901000000a3770000feffffffffffffff0b002f6465762f6164737023000300402b21050065746831280b002f6465762f61647370230001002b73ed453f5d8f8d10", @ANYRES32=r3, @ANYRES32=r4, @ANYRES32=r5], 0x67) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) ioctl$UFFDIO_UNREGISTER(r1, 0x8010aa01, &(0x7f0000000000)={&(0x7f0000011000/0x2000)=nil, 0x2000}) r6 = syz_open_dev$adsp(&(0x7f0000000040)='/dev/adsp#\x00', 0x6, 0x400) ioctl$SG_GET_SCSI_ID(r6, 0x2276, &(0x7f0000000080)) [ 852.609888] __should_failslab+0x124/0x180 [ 852.614133] should_failslab+0x9/0x14 [ 852.617944] __kmalloc_track_caller+0x2c4/0x760 [ 852.622626] ? strncpy_from_user+0x510/0x510 [ 852.627044] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 852.632593] ? strndup_user+0x77/0xd0 [ 852.636405] memdup_user+0x2c/0xa0 [ 852.639959] strndup_user+0x77/0xd0 [ 852.643598] ksys_mount+0x73/0x140 [ 852.647150] __x64_sys_mount+0xbe/0x150 [ 852.651140] do_syscall_64+0x1b9/0x820 [ 852.655041] ? finish_task_switch+0x1d3/0x870 03:39:05 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rfkill\x00', 0xc00, 0x0) ioctl$BLKGETSIZE64(r1, 0x80081272, &(0x7f00000001c0)) r2 = gettid() mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000445000/0x1000)=nil) process_vm_writev(r2, &(0x7f0000000000)=[{&(0x7f0000000040)=""/247, 0xffffff50}], 0x1000000000000005, &(0x7f0000000180)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0) madvise(&(0x7f0000495000/0x400000)=nil, 0x400000, 0x8) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f0000000200)={0x0, 0x6, 0x7f}, &(0x7f0000000300)=0x8) setsockopt$inet_sctp6_SCTP_ADD_STREAMS(r0, 0x84, 0x79, &(0x7f00000002c0)={r3, 0x4, 0x7}, 0x8) 03:39:05 executing program 1: r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x0, 0x0) ioctl$KVM_GET_ONE_REG(r0, 0x4010aeab, &(0x7f0000000040)={0x5, 0x1}) ioctl$TIOCLINUX6(r0, 0x541c, &(0x7f0000000080)={0x6}) ioctl$VT_WAITACTIVE(r0, 0x5607) getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f00000000c0)={0x0, 0x1}, &(0x7f0000000100)=0x8) getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000140)={0xe8c, 0xffffffff, 0x8004, 0x7, 0x2818, 0x81, 0x7, 0x400, r1}, &(0x7f0000000180)=0x20) ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f00000001c0)={0x6, 0x8, 0x2, 0x800, 0x1}) ioctl$TIOCGLCKTRMIOS(r0, 0x5456, &(0x7f0000000200)={0x3, 0xde, 0x0, 0xfa7, 0x7fffffff, 0x8000, 0xffff, 0x3, 0x10001, 0x2, 0x80, 0xfe2}) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000240)=0x4, 0x4) setsockopt$bt_hci_HCI_TIME_STAMP(r0, 0x0, 0x3, &(0x7f0000000280)=0x7, 0x4) ioctl$GIO_SCRNMAP(r0, 0x4b40, &(0x7f00000002c0)=""/191) ioctl$BLKIOMIN(r0, 0x1278, &(0x7f0000000380)) write$P9_RXATTRCREATE(r0, &(0x7f00000003c0)={0x7, 0x21, 0x2}, 0x7) ioctl$sock_SIOCADDDLCI(r0, 0x8980, &(0x7f0000000400)={'eql\x00', 0x40}) r2 = syz_open_pts(r0, 0x2000) r3 = add_key(&(0x7f0000000440)='encrypted\x00', &(0x7f0000000480)={0x73, 0x79, 0x7a, 0x0}, 0x0, 0x0, 0xfffffffffffffff8) keyctl$revoke(0x3, r3) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f00000004c0)={0x6, 0x8, 0x1}) ioctl$SNDRV_TIMER_IOCTL_PVERSION(r0, 0x80045400, &(0x7f0000000540)) r4 = getpgid(0x0) r5 = getpgid(0x0) rt_tgsigqueueinfo(r4, r5, 0x22, &(0x7f0000000580)={0x27, 0x1, 0x8000, 0xb1e}) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000600)={0x0, 0x18, 0xfa00, {0x3, &(0x7f00000005c0)={0xffffffff}, 0x13f, 0xb}}, 0x20) write$RDMA_USER_CM_CMD_NOTIFY(r0, &(0x7f0000000640)={0xf, 0x8, 0xfa00, {r6, 0x1f}}, 0x10) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000000880)={{{@in, @in=@rand_addr, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@broadcast}, 0x0, @in=@broadcast}}, &(0x7f0000000980)=0xe8) bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0xf, 0xf, &(0x7f0000000680)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffff, 0x0, 0x0, 0x0, 0x1000}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x800}, @call={0x85, 0x0, 0x0, 0x3e}, @generic={0x0, 0xa9f7, 0xffff}, @jmp={0x5, 0x1, 0xf, 0x1, 0x1, 0xffffffff, 0x10}, @generic={0x5, 0x1, 0x1, 0x80000001}, @generic={0xfffffffffffffe01, 0x101, 0x6, 0x400}], {0x95}}, &(0x7f0000000700)='GPL\x00', 0xfffffffffffffff7, 0xe3, &(0x7f0000000740)=""/227, 0x41f00, 0x1, [], r7, 0x1}, 0x48) connect$vsock_dgram(r0, &(0x7f0000000a40)={0x28, 0x0, 0xffffffff, @host=0x2}, 0x10) ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000a80)=r0) fcntl$getown(r2, 0x9) ioctl$sock_inet_SIOCGARP(r0, 0x8954, &(0x7f0000000ac0)={{0x2, 0x4e21, @rand_addr=0xfffffffffffffffd}, {0x306}, 0x4, {0x2, 0x4e22, @loopback=0x7f000001}, 'syzkaller1\x00'}) [ 852.659551] ? syscall_return_slowpath+0x5e0/0x5e0 [ 852.664493] ? syscall_return_slowpath+0x31d/0x5e0 [ 852.669436] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 852.674475] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 852.680100] ? prepare_exit_to_usermode+0x291/0x3b0 [ 852.685134] ? perf_trace_sys_enter+0xb10/0xb10 [ 852.689809] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 852.694664] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 852.699860] RIP: 0033:0x45885a 03:39:05 executing program 5: r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x200, 0x0) r1 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000140)={0x73, 0x79, 0x7a, 0x0}, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000300)={0x1, [0x0]}, &(0x7f0000000340)=0xffffffffffffff1f) keyctl$restrict_keyring(0x1d, r1, &(0x7f0000000180)='id_legacy\x00', &(0x7f00000001c0)='#\x00') getsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r0, 0x84, 0x12, &(0x7f0000000080), &(0x7f00000000c0)=0x4) socket$inet6_sctp(0xa, 0x1, 0x84) r2 = socket$netlink(0x10, 0x3, 0x0) writev(r2, &(0x7f0000000000)=[{&(0x7f0000ac9000)="290000002000190600003fffffffda060200000003000000000000000d00140000050000000500e8ff", 0x29}], 0x1) [ 852.703048] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 852.722351] RSP: 002b:00007f413f26ea88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 852.730078] RAX: ffffffffffffffda RBX: 00007f413f26eb30 RCX: 000000000045885a [ 852.737361] RDX: 00007f413f26ead0 RSI: 00000000200000c0 RDI: 00007f413f26eaf0 [ 852.744649] RBP: 00000000200000c0 R08: 00007f413f26eb30 R09: 00007f413f26ead0 [ 852.751931] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014 03:39:05 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020000006f786e6574302d232f70726f6300") [ 852.759218] R13: 0000000000000000 R14: 00000000004d3f40 R15: 0000000000000021 03:39:06 executing program 6: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000740)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000013e95), 0x4) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000140)={0x0, @in6={{0x2, 0x0, 0x0, @mcast1={0xff, 0x1, [], 0x1}}}}, 0x98) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000140)=0xd) close(r0) 03:39:06 executing program 7 (fault-call:0 fault-nth:34): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010a0200027400f801", 0x17}], 0x0, &(0x7f00000001c0)) [ 853.196051] FAULT_INJECTION: forcing a failure. [ 853.196051] name failslab, interval 1, probability 0, space 0, times 0 [ 853.207350] CPU: 1 PID: 14982 Comm: syz-executor7 Not tainted 4.18.0-rc3-next-20180709+ #2 [ 853.215747] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 853.225097] Call Trace: [ 853.227695] dump_stack+0x1c9/0x2b4 [ 853.231346] ? dump_stack_print_info.cold.2+0x52/0x52 [ 853.236539] ? __kernel_text_address+0xd/0x40 [ 853.241035] ? unwind_get_return_address+0x61/0xa0 [ 853.245963] should_fail.cold.4+0xa/0x11 [ 853.250025] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 853.255129] ? save_stack+0xa9/0xd0 [ 853.258954] ? save_stack+0x43/0xd0 [ 853.262579] ? kasan_kmalloc+0xc4/0xe0 [ 853.266466] ? __kmalloc_track_caller+0x14a/0x760 [ 853.271305] ? memdup_user+0x2c/0xa0 [ 853.275016] ? strndup_user+0x77/0xd0 [ 853.278813] ? ksys_mount+0x3c/0x140 [ 853.282523] ? do_syscall_64+0x1b9/0x820 [ 853.286601] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 853.292322] ? lock_acquire+0x1e4/0x540 [ 853.296292] ? handle_mm_fault+0x417/0xc80 [ 853.300525] ? lock_release+0xa30/0xa30 [ 853.304496] ? lock_acquire+0x1e4/0x540 [ 853.308467] ? fs_reclaim_acquire+0x20/0x20 [ 853.312784] ? lock_downgrade+0x8f0/0x8f0 [ 853.316930] ? check_same_owner+0x340/0x340 [ 853.321266] ? lock_release+0xa30/0xa30 [ 853.325239] ? rcu_note_context_switch+0x730/0x730 [ 853.330169] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 853.335188] __should_failslab+0x124/0x180 [ 853.339430] should_failslab+0x9/0x14 [ 853.343237] __kmalloc_track_caller+0x2c4/0x760 [ 853.347907] ? strncpy_from_user+0x510/0x510 [ 853.352317] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 853.357852] ? strndup_user+0x77/0xd0 [ 853.361653] memdup_user+0x2c/0xa0 [ 853.365191] strndup_user+0x77/0xd0 [ 853.368821] ksys_mount+0x73/0x140 [ 853.372357] __x64_sys_mount+0xbe/0x150 [ 853.376342] do_syscall_64+0x1b9/0x820 [ 853.380228] ? finish_task_switch+0x1d3/0x870 [ 853.384725] ? syscall_return_slowpath+0x5e0/0x5e0 [ 853.389655] ? syscall_return_slowpath+0x31d/0x5e0 [ 853.394582] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 853.399607] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 853.405145] ? prepare_exit_to_usermode+0x291/0x3b0 [ 853.410176] ? perf_trace_sys_enter+0xb10/0xb10 [ 853.414845] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 853.419696] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 853.424885] RIP: 0033:0x45885a [ 853.428062] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 853.447522] RSP: 002b:00007f413f26ea88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 853.455236] RAX: ffffffffffffffda RBX: 00007f413f26eb30 RCX: 000000000045885a [ 853.462502] RDX: 00007f413f26ead0 RSI: 00000000200000c0 RDI: 00007f413f26eaf0 [ 853.469790] RBP: 00000000200000c0 R08: 00007f413f26eb30 R09: 00007f413f26ead0 [ 853.477056] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014 [ 853.484319] R13: 0000000000000000 R14: 00000000004d3f40 R15: 0000000000000022 03:39:06 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f00000002c0)=0x0) syz_open_procfs(r1, &(0x7f0000000240)='sched\x00') recvmmsg(r0, &(0x7f0000003f80)=[{{&(0x7f0000000080)=@can, 0x80, &(0x7f00000001c0)}}], 0x1, 0x0, &(0x7f0000004000)={0x77359400}) sendmsg$nl_route_sched(r0, &(0x7f0000005a00)={&(0x7f0000000180)={0x10}, 0xc, &(0x7f00000059c0)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00\x00\x00\x00\x00\x00\x00#\x00\x00\x00\x00\x00\x00\x00\x00\x00', @ANYBLOB="00000000bd"], 0x2}, 0x1}, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={0x0}, &(0x7f0000000100)=0xc) ptrace$setregs(0xd, r2, 0x3ff, &(0x7f00000001c0)="3f08721706d796e49e51b8487358a860eea73615653513b1ce664295a9960d3bb625fd16423648c419be6a6fd6c15593621132ff7aac336efa3a10681535a3dfe2cd06ea") 03:39:06 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) socket$inet6_udplite(0xa, 0x2, 0x88) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x0) 03:39:06 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="025cc83d6d345f8f762070327fd9a73257f06ecc888be19a3b80948b14400d23a93338bbf01b8d0524453cadee58773559fe6b1aa45886aa9bb93c7bfa8cce3aabe0ed35233f2f4561581c9b013f9c964d8c939dd0ecb808a2dfef7f5de4d9a433d555f687e2bb744f4a532b835bb0b54e40b4ac718f6b7061be981e462cd4f8e86d19ece9d9aff1094451") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0xdc, 0x40}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=ANY=[@ANYBLOB="18000000000000000000000000000018f84071100c000000000000000050e7934e00009500000000"], &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0xffffff97]}, 0x18) 03:39:06 executing program 5: clone(0x200, &(0x7f0000b6b000), &(0x7f0000744000), &(0x7f0000fef000), &(0x7f0000000000)) mknod(&(0x7f0000000100)='./file0\x00', 0x1042, 0x0) execve(&(0x7f0000ee6ff8)='./file0\x00', &(0x7f0000000200), &(0x7f00000001c0)) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='io\x00') pread64(r0, &(0x7f00009f3000), 0x0, 0x0) lseek(r0, 0x0, 0x4) pipe2(&(0x7f0000000000), 0x84800) open$dir(&(0x7f0000296ff8)='./file0\x00', 0x27e, 0x0) 03:39:06 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020000006f786e6574302d232f70726f6300") 03:39:06 executing program 2: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_MRT6_ADD_MFC(r0, 0x29, 0xcc, &(0x7f0000000200)={{0xa, 0x4e24, 0x800, @mcast2={0xff, 0x2, [], 0x1}, 0xfff}, {0xa, 0x4e22, 0xffffffffffffd22e, @dev={0xfe, 0x80, [], 0x12}, 0x2000}, 0x2, [0x3, 0x200, 0x3ff, 0x3, 0x1, 0x2, 0x9, 0xe14]}, 0x5c) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @dev={0xfe, 0x80}, 0x4}, 0x1c) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x0, 0x0) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000040)=@assoc_value, &(0x7f0000000080)=0x8) getsockopt$IP_VS_SO_GET_DAEMON(r0, 0x0, 0xe, &(0x7f0000000300), &(0x7f00000002c0)=0x2) socket$inet6_udp(0xa, 0x2, 0x0) 03:39:06 executing program 7 (fault-call:0 fault-nth:35): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010a0200027400f801", 0x17}], 0x0, &(0x7f00000001c0)) 03:39:06 executing program 2: r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ion\x00', 0x0, 0x0) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000000500)={0x10000009, 0xffffffffffffffff}) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x4000812, r0, 0x2000000) [ 853.598712] FAULT_INJECTION: forcing a failure. [ 853.598712] name failslab, interval 1, probability 0, space 0, times 0 [ 853.610137] CPU: 0 PID: 15003 Comm: syz-executor7 Not tainted 4.18.0-rc3-next-20180709+ #2 [ 853.618649] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 853.628099] Call Trace: [ 853.630713] dump_stack+0x1c9/0x2b4 [ 853.634357] ? dump_stack_print_info.cold.2+0x52/0x52 [ 853.639573] ? __kernel_text_address+0xd/0x40 [ 853.644081] should_fail.cold.4+0xa/0x11 03:39:06 executing program 1: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={"766574000000000000000000bd6800", 0x43732e5398416f1a}) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000140)={&(0x7f00000000c0)={0x10}, 0xc, &(0x7f0000000100)={&(0x7f0000000180)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8, 0x1b}]}, 0x28}, 0x1}, 0x0) ioctl$TUNSETLINK(r0, 0x400454cd, 0x0) r2 = syz_open_dev$vcsn(&(0x7f0000000080)='/dev/vcs#\x00', 0x1, 0x8000) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000001c0)={0x0, 0x2, 0x30}, &(0x7f0000000200)=0xc) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r2, 0x84, 0x66, &(0x7f0000000240)={r3, 0x63}, &(0x7f0000000280)=0x8) [ 853.648169] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 853.653290] ? perf_trace_lock+0x920/0x920 [ 853.657766] ? save_stack+0x43/0xd0 [ 853.661402] ? kasan_kmalloc+0xc4/0xe0 [ 853.665301] ? __kmalloc_track_caller+0x14a/0x760 [ 853.670154] ? memdup_user+0x2c/0xa0 [ 853.673881] ? strndup_user+0x77/0xd0 [ 853.677702] ? ksys_mount+0x3c/0x140 [ 853.681453] ? do_syscall_64+0x1b9/0x820 [ 853.685535] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 853.690919] ? lock_acquire+0x1e4/0x540 [ 853.694916] ? lock_acquire+0x1e4/0x540 [ 853.699032] ? fs_reclaim_acquire+0x20/0x20 [ 853.703372] ? lock_downgrade+0x8f0/0x8f0 [ 853.707541] ? check_same_owner+0x340/0x340 [ 853.710699] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 853.711968] ? lock_release+0xa30/0xa30 [ 853.711986] ? rcu_note_context_switch+0x730/0x730 [ 853.712004] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 853.712023] __should_failslab+0x124/0x180 [ 853.712040] should_failslab+0x9/0x14 [ 853.712056] __kmalloc_track_caller+0x2c4/0x760 03:39:06 executing program 2: bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x0, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="18c775c94f0f000000000000028000107a0a8bf9dba7efa63cbb84"], &(0x7f0000000000)="47504c00bc3047eb525f484f89fc96dd6ca64da40ff023122e66f6", 0x0, 0xce, &(0x7f0000000300)=""/206}, 0x48) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/hwrng\x00', 0x200000, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000480)={'team_slave_1\x00', 0x2000}) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000000000000028000006a0a00fffffff6006118"], &(0x7f0000000080)='syzkalleP\x00', 0x0, 0xce, &(0x7f0000000180)=""/206}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0xe, 0x5, &(0x7f0000000040)=@framed={{0x18}, [@jmp={0x5}], {0x95}}, &(0x7f0000000280)="735f686b616c6c65721d672897a30863f712d000", 0x9, 0x22e, &(0x7f0000000300)=""/187}, 0x48) r1 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0) r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={0xffffffff}, 0x111}}, 0x20) write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000200)={0xe, 0x18, 0xfa00, @id_resuseaddr={&(0x7f0000000080), r3, 0x0, 0x2, 0x400000}}, 0x20) [ 853.712076] ? strncpy_from_user+0x510/0x510 [ 853.712091] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 853.712106] ? strndup_user+0x77/0xd0 [ 853.712120] memdup_user+0x2c/0xa0 [ 853.712133] strndup_user+0x77/0xd0 [ 853.712147] ksys_mount+0x73/0x140 [ 853.712163] __x64_sys_mount+0xbe/0x150 [ 853.712177] do_syscall_64+0x1b9/0x820 [ 853.712188] ? finish_task_switch+0x1d3/0x870 [ 853.712203] ? syscall_return_slowpath+0x5e0/0x5e0 [ 853.712218] ? syscall_return_slowpath+0x31d/0x5e0 [ 853.712234] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 853.712249] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 853.712263] ? prepare_exit_to_usermode+0x291/0x3b0 [ 853.712278] ? perf_trace_sys_enter+0xb10/0xb10 [ 853.712293] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 853.712312] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 853.712323] RIP: 0033:0x45885a [ 853.712332] Code: [ 853.726456] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready [ 853.727908] b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 853.834299] RSP: 002b:00007f413f26ea88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 853.834310] RAX: ffffffffffffffda RBX: 00007f413f26eb30 RCX: 000000000045885a 03:39:06 executing program 0: socket$inet6(0xa, 0x1000000000002, 0x0) r0 = socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x0) socket$rds(0x15, 0x5, 0x0) 03:39:06 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020000006f786e6574302d232f70726f6300") [ 853.834316] RDX: 00007f413f26ead0 RSI: 00000000200000c0 RDI: 00007f413f26eaf0 03:39:06 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) r1 = getpid() sched_setparam(r1, &(0x7f00000000c0)=0x7) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ctr(blowfish)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec", 0x4) r2 = accept$alg(r0, 0x0, 0x0) sendmsg$alg(r2, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f00000004c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) readv(r2, &(0x7f0000000400)=[{&(0x7f00000013c0)=""/4096, 0x1000}], 0x1) [ 853.834322] RBP: 00000000200000c0 R08: 00007f413f26eb30 R09: 00007f413f26ead0 [ 853.834328] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014 [ 853.834334] R13: 0000000000000000 R14: 00000000004d3f40 R15: 0000000000000023 [ 853.974683] binder_alloc: binder_alloc_mmap_handler: 15014 20001000-20004000 already mapped failed -16 03:39:07 executing program 2: r0 = socket$pptp(0x18, 0x1, 0x2) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000040)={'veth0_to_bridge\x00', 0x8400}) arch_prctl(0x1001, &(0x7f0000000180)="2898868c0e01ba189e29ffdb5ae3e5d139e26da2989dcc2ee6727b3bccb2df723ee04d220770e63cc69ab1e9bfd078172f2b0be331f62f180c059c80bb1cb8109c50382f3600443af4c5a901ff98c0b4ec48c8e4ea9ff1e8f6881d35a7a0af448b9eb54de6f379cd8b36d92718399c3483a2df3ea5658f29770c7dbd0add00b3d4a5f661f85b41df96dd9ac6b9362701d33f4776c510f1af45a06a8a190348d197275796b289e7ff59255cab56faf3b17a4bda9f0f53a9bc744d00b1a01c6c96f97068d7a45aa48e77345aefce38d0fd8d412415ac74b77adc30f9a526e79a2a0e690c1b7e2303dfd2d1c74791116b87bca67022524473") bpf$PROG_LOAD(0x5, &(0x7f00000ba000)={0x8, 0x3, &(0x7f00000000c0)=@framed={{0x18}, [], {0x95}}, &(0x7f0000000000)='GPL\x00', 0x4, 0xfb, &(0x7f00001a7f05)=""/251}, 0x48) r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000280)='/dev/vsock\x00', 0x282400, 0x0) execveat(r1, &(0x7f00000002c0)='./file0\x00', &(0x7f00000004c0)=[&(0x7f0000000300)='/dev/hwrng\x00', &(0x7f0000000340)='em0{vmnet0user-\x00', &(0x7f0000000380)='\x00', &(0x7f00000003c0)='ppp0\x00', &(0x7f0000000400)='.\'\x00', &(0x7f0000000440)='/dev/hwrng\x00', &(0x7f0000000480)='\x00'], &(0x7f00000005c0)=[&(0x7f0000000500)='veth0_to_bridge\x00', &(0x7f0000000540)='(nodev\x00', &(0x7f0000000580)='veth0_to_bridge\x00'], 0x1000) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000100)='/dev/hwrng\x00', 0x0, 0x0) ioctl$KVM_DIRTY_TLB(r2, 0x4010aeaa, &(0x7f0000000140)={0x52, 0x28eeeab9}) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r0, 0x40045542, &(0x7f0000000080)=0x3) 03:39:07 executing program 6: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000740)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000013e95), 0x4) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000140)={0x0, @in6={{0x2, 0x0, 0x0, @mcast1={0xff, 0x1, [], 0x1}}}}, 0x98) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000140)=0xd) close(r0) 03:39:07 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020000006f786e6574302d232f70726f6300") [ 854.059146] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready 03:39:07 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) recvmmsg(r0, &(0x7f0000003f80)=[{{&(0x7f0000000080)=@can, 0x80, &(0x7f00000001c0)}}], 0x1, 0x0, &(0x7f0000004000)={0x77359400}) r1 = syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0xf254, 0x400400) ioctl$RTC_IRQP_SET(r1, 0x4008700c, 0x1e96) sendmsg$nl_route_sched(r0, &(0x7f0000005a00)={&(0x7f0000000180)={0x10}, 0xc, &(0x7f00000059c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="2400000026000102000000000000000000000000", @ANYBLOB="00000000bd"], 0x2}, 0x1}, 0x0) 03:39:07 executing program 7 (fault-call:0 fault-nth:36): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010a0200027400f801", 0x17}], 0x0, &(0x7f00000001c0)) 03:39:07 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x7fffffff, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x0) 03:39:07 executing program 2: r0 = socket$inet6(0xa, 0xe, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0x3, 0x90680) getsockopt$inet_sctp6_SCTP_STATUS(r0, 0x84, 0xe, &(0x7f0000000040)={0x0, 0x3, 0x3, 0x3, 0xfffffffffffffff9, 0x2, 0x3, 0xad8, {0x0, @in={{0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x19}}}, 0xe2a, 0x8, 0x8001, 0x6, 0x80}}, &(0x7f0000000100)=0xb0) getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(r2, 0x84, 0x70, &(0x7f0000000140)={r3, @in6={{0xa, 0x4e20, 0x8, @loopback={0x0, 0x1}, 0xff}}, [0x2, 0x7f, 0x8, 0x4, 0x0, 0x6, 0x1ff, 0x2, 0xfff, 0x0, 0x100000001, 0x5, 0x8, 0x3, 0x401]}, &(0x7f0000000240)=0x100) r4 = add_key(&(0x7f00000002c0)='user\x00', &(0x7f0000000300)={0x73, 0x79, 0x7a, 0x3}, &(0x7f0000000340)="05ef1840201f9609b6ff7ca422973ff4d547fa555cef5d601054a81d076a7cc4a5a84d3d9b7b2213c68ec909279b52540ed5665aff182f00f57f9a979a573d258922bf51ddacbce93b2d48b914", 0x4d, 0xfffffffffffffffc) r5 = add_key(&(0x7f00000003c0)='id_resolver\x00', &(0x7f0000000400)={0x73, 0x79, 0x7a, 0x1}, &(0x7f0000000440)="401d065e3f81769280d6215d5bf694d2804144df091bbebae142323eedc8539298190256ced7a88629f733182d29204d1e6833bb46e4a57ea3eeed5ba5b4eb8b76816fdf231b9cf54f7e4615504726959673a00efecd52f54864ce7107f31280c3a36ffb014f27e4b891eb1386dfa6c9ed7e8f58ab328f9d8867f7ec9fb7bca94333c5b252580846ad2103a0019bca4032ffb7c5bf9d2444e09e7a23dbeab600db258f", 0xa3, 0xfffffffffffffffb) keyctl$reject(0x13, r4, 0x1, 0x3, r5) setsockopt$IP_VS_SO_SET_FLUSH(r1, 0x0, 0x16, 0x0, 0x0) 03:39:07 executing program 1: r0 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) dup2(r0, r1) 03:39:07 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020000006f786e6574302d232f70726f63ff") 03:39:07 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe7000/0x18000)=nil, &(0x7f00000000c0)=[@text64={0x40, &(0x7f0000000040)="670f37c482b53c8cfe8b05000066ba200066b8000066ef420f019e580000008f2a18120fb300000066440f383f25007000003ef244ab0f2298430f011966400f38805174", 0x44}], 0x1, 0x0, &(0x7f0000000100), 0x0) ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f00000001c0)={0x79, 0x0, [0x480, 0x1000000000007]}) [ 854.707108] FAULT_INJECTION: forcing a failure. [ 854.707108] name failslab, interval 1, probability 0, space 0, times 0 [ 854.718452] CPU: 0 PID: 15064 Comm: syz-executor7 Not tainted 4.18.0-rc3-next-20180709+ #2 [ 854.726885] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 854.736243] Call Trace: [ 854.739106] dump_stack+0x1c9/0x2b4 [ 854.742760] ? dump_stack_print_info.cold.2+0x52/0x52 [ 854.747969] ? __kernel_text_address+0xd/0x40 [ 854.752490] ? unwind_get_return_address+0x61/0xa0 [ 854.757472] should_fail.cold.4+0xa/0x11 [ 854.761542] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 854.766670] ? perf_trace_lock+0x920/0x920 [ 854.771033] ? kasan_kmalloc+0xc4/0xe0 [ 854.774924] ? __kmalloc_track_caller+0x14a/0x760 [ 854.779776] ? memdup_user+0x2c/0xa0 [ 854.783500] ? strndup_user+0x77/0xd0 [ 854.787330] ? ksys_mount+0x73/0x140 [ 854.791062] ? __x64_sys_mount+0xbe/0x150 [ 854.795216] ? do_syscall_64+0x1b9/0x820 [ 854.799289] ? lock_acquire+0x1e4/0x540 [ 854.803279] ? lock_acquire+0x1e4/0x540 [ 854.807257] ? fs_reclaim_acquire+0x20/0x20 [ 854.811593] ? lock_downgrade+0x8f0/0x8f0 [ 854.815766] ? check_same_owner+0x340/0x340 [ 854.820091] ? lock_release+0xa30/0xa30 [ 854.824073] ? rcu_note_context_switch+0x730/0x730 [ 854.829018] ? __check_object_size+0x9d/0x5f2 [ 854.833524] __should_failslab+0x124/0x180 [ 854.837768] should_failslab+0x9/0x14 [ 854.841616] kmem_cache_alloc_trace+0x2cb/0x780 [ 854.846396] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 854.851943] ? _copy_from_user+0xdf/0x150 [ 854.856106] copy_mount_options+0x5f/0x380 [ 854.860350] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 854.865896] ksys_mount+0xd0/0x140 [ 854.869453] __x64_sys_mount+0xbe/0x150 [ 854.873441] do_syscall_64+0x1b9/0x820 [ 854.877334] ? finish_task_switch+0x1d3/0x870 [ 854.881840] ? syscall_return_slowpath+0x5e0/0x5e0 [ 854.886779] ? syscall_return_slowpath+0x31d/0x5e0 [ 854.891744] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 854.896787] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 854.902334] ? prepare_exit_to_usermode+0x291/0x3b0 [ 854.907373] ? perf_trace_sys_enter+0xb10/0xb10 [ 854.912047] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 854.916902] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 854.922095] RIP: 0033:0x45885a [ 854.925276] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 854.944605] RSP: 002b:00007f413f26ea88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 03:39:07 executing program 6: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000740)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000013e95), 0x4) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000140)={0x0, @in6={{0x2, 0x0, 0x0, @mcast1={0xff, 0x1, [], 0x1}}}}, 0x98) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000140)=0xd) close(r0) 03:39:07 executing program 2: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") setsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000001000)={0x10000, 0x4, 0x100, 0x400}, 0x6) r2 = socket(0x11, 0x3, 0x2) bind$packet(r2, &(0x7f0000000480)={0x11, 0x3, 0x0, 0x1, 0x0, 0x6, @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}}, 0x14) setsockopt(r2, 0x107, 0x5, &(0x7f0000001000), 0xc5) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x600000, 0x0) write$P9_RREAD(r3, &(0x7f0000000140)={0xec, 0x75, 0x1, {0xe1, "f17117626ca90615995e6f69a3336ea752ccef0fb14ce30f368bcff8e0664ead2d4832ebff4ec09b9c5bad237e63eda355dc54be3a6515889144ca29b08b7c7508d76b0faa648874a9b55733cf6cb15fdc696b3ace748af70b09df1ee3c167d92f2e69a148567e5193113594e15b781bd5b8e086d9696adb51a3c984cd772d4f247b243d80009d41f579f93273ed7e2bcdc81dde0e9be8fa5effa90007feb02825dd6e7775b167c25799be7ec96a1aedb8b854f373bc86731c926c8983a8e7ba40612ab67b5fcc4e92db4cd2470cc004d23cbbe4edefa47a0e98c442e89631b483"}}, 0xec) sendto$inet(r0, &(0x7f0000a88f88), 0xfffffffffffffe6e, 0x20000000, &(0x7f0000e68000)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) poll(&(0x7f00000000c0)=[{r2}, {r2}, {r2}], 0x3, 0x0) 03:39:07 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020000006f786e6574302d232f70726f6300") [ 854.952332] RAX: ffffffffffffffda RBX: 00007f413f26eb30 RCX: 000000000045885a [ 854.959608] RDX: 00007f413f26ead0 RSI: 00000000200000c0 RDI: 00007f413f26eaf0 [ 854.966882] RBP: 00000000200000c0 R08: 00007f413f26eb30 R09: 00007f413f26ead0 [ 854.974153] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014 [ 854.981423] R13: 0000000000000000 R14: 00000000004d3f40 R15: 0000000000000024 03:39:07 executing program 1: r0 = add_key(&(0x7f0000000000)='asymmetric\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a, 0x2}, &(0x7f00000000c0)="fed9377f9e56e7411a103131990eb610bfdd252be3fc207f7fe13bfe862bc8c7fdb9f937928d9ca625c36cd4dbac47008682b25e9e94ab5372", 0x39, 0xfffffffffffffffb) r1 = add_key(&(0x7f0000000100)='trusted\x00', &(0x7f0000000140)={0x73, 0x79, 0x7a, 0x3}, &(0x7f0000000180)="09963ca0e4d7a2aa71a0c1bfc7730ab09640b4c1a4a977c652403ba0e16b86fa8cedfb2cd5bea6d081de54807f828574e09c458ae938395296591d4d35afacf0e526403ce3161369db3aa2fb170e0f87403b30c2f0541a5aca8be71a5a0cd9f9e506ee00160d4cd13f", 0x69, 0xffffffffffffffff) r2 = add_key$user(&(0x7f0000000200)='user\x00', &(0x7f0000000240)={0x73, 0x79, 0x7a, 0x2}, &(0x7f0000000540)="9fbc9b4c719dd444000000000000000000000000000000213113a7773bc309dc77e1bb63bf2e43ec5c3f57a0f869d584f77b8001f27374d69af360edbd0a503de0b8c9f23d3a85fd5833feefce20e53e8202e635d4a67a8ce9b520222016bcb0f83c7c26bb79899dddebfbb884b80759e250166a68c18ca62e08005735a6763d5e97d2060ba6ade505ef5141e59469c1ae2318b69dab08adb91e87a4b4e2f12d7053021f99c41a794822851d1aedcb7eb201ff7bb3e726e95af7a3268678a4beedcf15eeb12ff94e8fa5", 0xca, 0xffffffffffffffff) r3 = openat$full(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/full\x00', 0x300, 0x0) getsockopt$inet6_tcp_int(r3, 0x6, 0x1f, &(0x7f0000000400), &(0x7f0000000440)=0x4) keyctl$dh_compute(0x17, &(0x7f00000002c0)={r0, r1, r2}, &(0x7f0000000480)=""/180, 0xb4, 0x0) r4 = socket$rds(0x15, 0x5, 0x0) bind$rds(r4, &(0x7f0000000040)={0x2, 0x0, @rand_addr=0x12}, 0x10) 03:39:07 executing program 0: r0 = socket$inet6(0xa, 0xe, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x0) 03:39:07 executing program 5: creat(&(0x7f0000000700)='./bus\x00', 0x0) r0 = open(&(0x7f000000fffa)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000005000/0x1000)=nil, 0x1000, 0x0, 0x12, r0, 0x0) r1 = socket$rds(0x15, 0x5, 0x0) getsockopt$inet_sctp_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f0000000000), &(0x7f0000000040)=0x8) bind$rds(r1, &(0x7f0000000180)={0x2, 0x0, @loopback=0x7f000001}, 0x10) sendmsg$rds(r1, &(0x7f00001c3000)={&(0x7f0000014000)={0x2, 0x0, @multicast1=0xe0000001}, 0x10, &(0x7f0000004000), 0x0, &(0x7f0000003b80)=[@rdma_args={0x48, 0x114, 0x1, {{}, {&(0x7f0000001840)=""/18, 0x29}, &(0x7f0000003b00)=[{&(0x7f0000003ac0)=""/41, 0x100000}], 0x1}}], 0x48}, 0x0) 03:39:08 executing program 7 (fault-call:0 fault-nth:37): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010a0200027400f801", 0x17}], 0x0, &(0x7f00000001c0)) [ 855.077182] RDS: rds_bind could not find a transport for 0.0.0.18, load rds_tcp or rds_rdma? [ 855.113430] FAULT_INJECTION: forcing a failure. [ 855.113430] name fail_page_alloc, interval 1, probability 0, space 0, times 0 03:39:08 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") ioctl(0xffffffffffffffff, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") bpf$MAP_CREATE(0x0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff9c, 0x10dd}, 0x2c) r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio\x00', 0x44000, 0x0) setsockopt$netlink_NETLINK_CAP_ACK(r1, 0x10e, 0xa, &(0x7f0000000080)=0x3, 0x4) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x5, &(0x7f0000000100)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0xffffffa5, 0x0, 0x2, 0xe8030000}, [@ldst={0x7, 0x18d1fb, 0x0, 0x1d1}], {0x95}}, &(0x7f0000003ff6)='syzkaller\x00', 0x1, 0x3e9, &(0x7f000000cf3d)=""/195}, 0x48) r2 = semget(0x3, 0x3, 0x400) semctl$SETVAL(r2, 0x1, 0x10, &(0x7f0000000000)=0x3dc6cb14) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) 03:39:08 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020000006f786e6574302d232f70726f637a") [ 855.125293] CPU: 0 PID: 15099 Comm: syz-executor7 Not tainted 4.18.0-rc3-next-20180709+ #2 [ 855.133701] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 855.143064] Call Trace: [ 855.145668] dump_stack+0x1c9/0x2b4 [ 855.149315] ? dump_stack_print_info.cold.2+0x52/0x52 [ 855.154535] should_fail.cold.4+0xa/0x11 [ 855.158626] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 855.163744] ? lock_acquire+0x1e4/0x540 [ 855.168175] ? is_bpf_text_address+0xae/0x170 [ 855.172940] ? lock_downgrade+0x8f0/0x8f0 [ 855.177102] ? lock_release+0xa30/0xa30 [ 855.181077] ? trace_hardirqs_on+0x10/0x10 [ 855.185310] ? trace_hardirqs_on+0x10/0x10 [ 855.189544] ? is_bpf_text_address+0xd7/0x170 [ 855.194119] ? kernel_text_address+0x79/0xf0 [ 855.198529] ? __kernel_text_address+0xd/0x40 [ 855.203022] ? unwind_get_return_address+0x61/0xa0 [ 855.207944] ? __save_stack_trace+0x8d/0xf0 [ 855.212256] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 855.217783] ? should_fail+0x246/0xd86 [ 855.221662] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 855.226775] __alloc_pages_nodemask+0x36e/0xdb0 [ 855.231448] ? __kmalloc_track_caller+0x14a/0x760 [ 855.236289] ? memdup_user+0x2c/0xa0 [ 855.239989] ? strndup_user+0x77/0xd0 [ 855.243781] ? ksys_mount+0x73/0x140 [ 855.247497] ? __alloc_pages_slowpath+0x2d00/0x2d00 [ 855.252594] ? handle_mm_fault+0x417/0xc80 [ 855.256820] ? lock_release+0xa30/0xa30 [ 855.260787] ? lock_acquire+0x1e4/0x540 [ 855.264764] ? fs_reclaim_acquire+0x20/0x20 [ 855.269077] ? lock_downgrade+0x8f0/0x8f0 [ 855.273216] ? lock_release+0xa30/0xa30 [ 855.277192] ? check_same_owner+0x340/0x340 [ 855.281500] ? lock_release+0xa30/0xa30 [ 855.285482] cache_grow_begin+0x91/0x710 [ 855.289543] kmem_cache_alloc_trace+0x6a5/0x780 [ 855.294302] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 855.299844] copy_mount_options+0x5f/0x380 [ 855.304078] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 855.309615] ksys_mount+0xd0/0x140 [ 855.313148] __x64_sys_mount+0xbe/0x150 [ 855.317126] do_syscall_64+0x1b9/0x820 [ 855.321009] ? finish_task_switch+0x1d3/0x870 [ 855.347282] ? syscall_return_slowpath+0x5e0/0x5e0 [ 855.352212] ? syscall_return_slowpath+0x31d/0x5e0 [ 855.357141] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 855.362232] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 855.367881] ? prepare_exit_to_usermode+0x291/0x3b0 [ 855.372971] ? perf_trace_sys_enter+0xb10/0xb10 [ 855.377816] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 855.382657] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 855.387833] RIP: 0033:0x45885a [ 855.391102] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 855.410726] RSP: 002b:00007f413f26ea88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 855.418425] RAX: ffffffffffffffda RBX: 00007f413f26eb30 RCX: 000000000045885a [ 855.425706] RDX: 00007f413f26ead0 RSI: 00000000200000c0 RDI: 00007f413f26eaf0 [ 855.432973] RBP: 00000000200000c0 R08: 00007f413f26eb30 R09: 00007f413f26ead0 [ 855.440244] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014 [ 855.447506] R13: 0000000000000000 R14: 00000000004d3f40 R15: 0000000000000025 [ 855.465989] FAT-fs (loop7): Directory bread(block 2563) failed [ 855.478643] FAT-fs (loop7): Directory bread(block 2564) failed [ 855.485947] FAT-fs (loop7): Directory bread(block 2565) failed [ 855.494085] FAT-fs (loop7): Directory bread(block 2566) failed [ 855.515222] FAT-fs (loop7): Directory bread(block 2567) failed [ 855.524996] FAT-fs (loop7): Directory bread(block 2568) failed [ 855.531415] FAT-fs (loop7): Directory bread(block 2569) failed [ 855.538814] FAT-fs (loop7): Directory bread(block 2570) failed [ 855.551594] FAT-fs (loop7): Directory bread(block 2571) failed [ 855.557800] FAT-fs (loop7): Directory bread(block 2572) failed 03:39:08 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) recvmmsg(r0, &(0x7f0000003f80)=[{{&(0x7f0000000080)=@can, 0x80, &(0x7f00000001c0)}}], 0x1, 0x0, &(0x7f0000004000)={0x77359400}) sendmsg$nl_route_sched(r0, &(0x7f0000005a00)={&(0x7f0000000180)={0x10}, 0xc, &(0x7f00000059c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="2400000026000102000000000000000000000000", @ANYBLOB="00000000bd"], 0x2}, 0x1}, 0x0) shutdown(r0, 0x1) 03:39:08 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) r1 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x2000) accept4$bt_l2cap(r1, &(0x7f0000000040), &(0x7f0000000080)=0xe, 0x80000) setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f00000002c0)={0x4, {{0xa, 0x4e20, 0x1000, @empty, 0x9}}, 0x1, 0x4, [{{0xa, 0x4e21, 0xd3e, @remote={0xfe, 0x80, [], 0xbb}, 0x5}}, {{0xa, 0x4e20, 0x56bd, @loopback={0x0, 0x1}, 0x69b}}, {{0xa, 0x4e22, 0x100, @local={0xfe, 0x80, [], 0xaa}, 0x5}}, {{0xa, 0x4e24, 0x401, @remote={0xfe, 0x80, [], 0xbb}, 0x9}}]}, 0x290) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r2 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r2, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x0) 03:39:08 executing program 1: mkdir(&(0x7f0000000100)='./file0\x00', 0x0) r0 = socket$inet6(0xa, 0x1000000000002, 0x0) r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x2, 0x0) ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000400)={0x8, 0x0, [{0x4000, 0x42, &(0x7f0000000040)=""/66}, {0x10000, 0x5b, &(0x7f0000000140)=""/91}, {0xf000, 0x2c, &(0x7f00000000c0)=""/44}, {0x0, 0xe5, &(0x7f0000000300)=""/229}, {0x10d000, 0x55, &(0x7f00000001c0)=""/85}, {0x0, 0x26, &(0x7f0000000240)=""/38}, {0x7000, 0x1000, &(0x7f00000005c0)=""/4096}, {0x5000, 0x1000, &(0x7f00000015c0)=""/4096}]}) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") mount(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000540)='.', &(0x7f0000000580)='gfs2meta\x00', 0x0, 0x0) 03:39:08 executing program 2: r0 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffe}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x10003, 0x80011, r0, 0x0) timer_create(0x1, &(0x7f0000000040)={0x0, 0x1b, 0x5}, &(0x7f0000000080)=0x0) timer_gettime(r1, &(0x7f00000000c0)) mount$9p_rdma(&(0x7f0000000200)='127.0.0.1\x00', &(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='9p\x00', 0x1000000, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=rdma,port=0x0000000002S04e24,rqQ000000000042949B7295,timeout=00000000000000000007,sq=00000000000000000032,timeout=00000000000000000000,\x00']) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r2, &(0x7f0000000140)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xbb}, 0x5}, 0x1c) r3 = gettid() r4 = fcntl$dupfd(r2, 0x0, r2) recvmmsg(r4, &(0x7f0000000100)=[{{&(0x7f0000000180)=@pppoe={0x0, 0x0, {0x0, @local}}, 0x4, &(0x7f0000000040), 0x0, &(0x7f0000001140)=""/161, 0xa1}}], 0x4000183, 0x0, &(0x7f0000001300)) timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r3, 0x1004000000016) 03:39:08 executing program 5: r0 = socket$inet6(0xa, 0xf, 0x8000001000008) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") socket$key(0xf, 0x3, 0x2) socketpair(0xf, 0x3, 0x2, &(0x7f0000000040)) 03:39:08 executing program 7 (fault-call:0 fault-nth:38): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010a0200027400f801", 0x17}], 0x0, &(0x7f00000001c0)) 03:39:08 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020000006f786e6574302d232f70726f636c") [ 855.788386] FAULT_INJECTION: forcing a failure. [ 855.788386] name failslab, interval 1, probability 0, space 0, times 0 [ 855.799951] CPU: 0 PID: 15121 Comm: syz-executor7 Not tainted 4.18.0-rc3-next-20180709+ #2 [ 855.808359] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 855.817820] Call Trace: [ 855.820422] dump_stack+0x1c9/0x2b4 [ 855.824062] ? dump_stack_print_info.cold.2+0x52/0x52 [ 855.829274] ? putname+0xf2/0x130 [ 855.832759] ? filename_lookup+0x397/0x510 [ 855.837168] ? user_path_at_empty+0x40/0x50 [ 855.841504] ? do_mount+0x180/0x1fb0 [ 855.845522] should_fail.cold.4+0xa/0x11 [ 855.849607] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 855.854718] ? perf_trace_lock_acquire+0xeb/0x9a0 [ 855.859827] ? do_raw_spin_lock+0xc1/0x200 [ 855.864083] ? perf_trace_lock+0x920/0x920 [ 855.868455] ? debug_check_no_obj_freed+0x30b/0x595 [ 855.873866] ? path_lookupat.isra.45+0x27d/0xbf0 [ 855.878660] ? trace_hardirqs_off+0xd/0x10 [ 855.882925] ? quarantine_put+0x10d/0x1b0 [ 855.887110] ? lock_acquire+0x1e4/0x540 [ 855.891095] ? fs_reclaim_acquire+0x20/0x20 [ 855.895424] ? lock_downgrade+0x8f0/0x8f0 [ 855.899582] ? check_same_owner+0x340/0x340 [ 855.903911] ? lock_downgrade+0x8f0/0x8f0 [ 855.908086] ? rcu_note_context_switch+0x730/0x730 [ 855.913067] __should_failslab+0x124/0x180 [ 855.917317] should_failslab+0x9/0x14 [ 855.921143] kmem_cache_alloc_trace+0x2cb/0x780 [ 855.925828] ? kasan_check_write+0x14/0x20 [ 855.930068] ? do_raw_read_unlock+0x3f/0x60 [ 855.934399] vfs_new_fs_context+0x5a/0x700 [ 855.938667] do_mount+0x5cf/0x1fb0 [ 855.942216] ? check_same_owner+0x340/0x340 [ 855.946800] ? lock_release+0xa30/0xa30 [ 855.950865] ? copy_mount_string+0x40/0x40 [ 855.955124] ? retint_kernel+0x10/0x10 [ 855.959040] ? copy_mount_options+0x1e3/0x380 [ 855.963550] ? __sanitizer_cov_trace_pc+0x14/0x50 [ 855.968399] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 855.973967] ? copy_mount_options+0x285/0x380 [ 855.978476] ksys_mount+0x12d/0x140 [ 855.982111] __x64_sys_mount+0xbe/0x150 [ 855.986094] do_syscall_64+0x1b9/0x820 [ 855.990009] ? finish_task_switch+0x1d3/0x870 [ 855.995732] ? syscall_return_slowpath+0x5e0/0x5e0 [ 856.000670] ? syscall_return_slowpath+0x31d/0x5e0 [ 856.005614] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 856.010651] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 856.016219] ? prepare_exit_to_usermode+0x291/0x3b0 [ 856.021258] ? perf_trace_sys_enter+0xb10/0xb10 [ 856.025968] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 856.030912] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 856.036120] RIP: 0033:0x45885a [ 856.036517] Unknown ioctl 1074310915 [ 856.039315] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 856.055369] gfs2: gfs2 mount does not exist [ 856.062473] RSP: 002b:00007f413f26ea88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 856.062489] RAX: ffffffffffffffda RBX: 00007f413f26eb30 RCX: 000000000045885a [ 856.062497] RDX: 00007f413f26ead0 RSI: 00000000200000c0 RDI: 00007f413f26eaf0 [ 856.062505] RBP: 00000000200000c0 R08: 00007f413f26eb30 R09: 00007f413f26ead0 [ 856.062514] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014 [ 856.062522] R13: 0000000000000000 R14: 00000000004d3f40 R15: 0000000000000026 03:39:09 executing program 6: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000740)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000013e95), 0x4) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000140)={0x0, @in6={{0x2, 0x0, 0x0, @mcast1={0xff, 0x1, [], 0x1}}}}, 0x98) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000140)=0xd) close(r0) 03:39:09 executing program 5: r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000001100)='/dev/audio\x00', 0x400000, 0x0) getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(0xffffffffffffff9c, 0x84, 0x70, &(0x7f0000001140)={0x0, @in6={{0xa, 0x4e24, 0xfffffffffffffff9, @empty, 0x8}}, [0x49a5, 0xc2, 0x7, 0x38, 0x1e432ff8, 0xc1dc, 0x7fffffff, 0xd1, 0x9de7, 0x6, 0xfffffffffffffeff, 0x6, 0x7fff, 0x9e, 0x3]}, &(0x7f0000001240)=0x100) getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, &(0x7f0000001280)={r1, 0x7}, &(0x7f00000012c0)=0x8) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r3 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x0, 0x0) pread64(r3, &(0x7f0000000100)=""/4096, 0x1000, 0x0) ppoll(&(0x7f0000000000)=[{r3}], 0x1, &(0x7f0000000040)={0x0, 0x1c9c380}, &(0x7f0000000080), 0x8) 03:39:09 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020000006f786e6574302d232f70726f630a") [ 856.130783] Unknown ioctl 1074310915 03:39:09 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat(0xffffffffffffffff, &(0x7f0000000200)='./file0\x00', 0x0, 0x8) ioctl$TUNGETIFF(r1, 0x800454d2, &(0x7f0000000240)) r2 = socket$key(0xf, 0x3, 0x2) ioctl$FS_IOC_GETFSLABEL(r0, 0x81009431, &(0x7f0000000100)) sendmsg$key(r2, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000000000)=ANY=[@ANYBLOB="020a00090c000000ffffffffffffffff02001300020000000000fcff11000100030006000000000002004e20e00000010000000000000024020001891de4f1951aa2d3e77de6a4c06dd400f8ffffff0000000200000000030005000000000002e7f836bbf3bcb9ead1ef51fe0d117b169746b24265df01f4ee375f0145bbae9cc83b1b7aa12d0c0cd110123e331c5e810d8b2d6616952e4d96cc836430cc0ec2f875c367785b9e7804a0400717d9e0c389030dc5c1411ca30b04595bdd4c669bfd84420f35785c304866bfc7fea62f5c870fe8e30faf53"], 0x60}, 0x1}, 0x0) 03:39:09 executing program 1: r0 = perf_event_open(&(0x7f000025c000)={0x1, 0x70}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, r0, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/udplite6\x00') clock_gettime(0x0, &(0x7f0000000080)={0x0, 0x0}) ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r2, 0xc4c85513, &(0x7f0000000140)={{0x3, 0x5, 0xf49, 0x3, 'syz1\x00', 0x1}, 0x0, [0x5, 0x5, 0x2, 0xadeb, 0x0, 0x7ff, 0x3, 0x6, 0x401, 0x0, 0xfff, 0x39, 0x5, 0x3, 0x4, 0x101, 0x1, 0x1, 0x8, 0x3ff, 0x6, 0x7f, 0x4, 0x200, 0x2, 0x80, 0xc61a, 0x3, 0x400, 0x4, 0xffffffffffffffc1, 0x65c7, 0x7dbb3fa0, 0x7fff, 0x3f, 0x5, 0xffff, 0x100000000, 0x40, 0x2, 0x7f, 0x4, 0x4, 0x7, 0x4, 0x0, 0x1ff, 0xffffffffffff4481, 0x2, 0x1f, 0x8, 0x7f, 0x1, 0x7, 0x4, 0x100000000000, 0x7, 0x9870, 0x2, 0x3, 0x7, 0x6, 0x7ff, 0x70a, 0x1f, 0xe7f, 0x1, 0x7fff, 0x1, 0x4, 0x8, 0x4, 0xfff, 0xbfd9, 0x1000, 0x0, 0x8000, 0x4000000000, 0x2, 0x200, 0x100000000, 0x1000, 0x10000, 0x10001, 0xffffffffffffffff, 0x1, 0x4, 0xcb, 0x7, 0x1, 0x3, 0x7, 0xffffffffffff6080, 0x6, 0x101, 0x2, 0x9, 0x1000, 0xff, 0x800, 0x40, 0x40, 0x5, 0x6b8b, 0x4, 0x3, 0x7, 0xa28, 0x6, 0xc0000000, 0x65e, 0x10001, 0x1, 0x6, 0x4, 0x9, 0x9, 0x10001, 0x4, 0x6e7b, 0x3, 0x5, 0x0, 0x2, 0x6, 0x6, 0x402b0cd9, 0x8], {r3, r4+10000000}}) read(r1, &(0x7f00000000c0)=""/91, 0x5b) 03:39:09 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020000006f786e6574302d232f70726f63c0") 03:39:09 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffff4d5affffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f84dfdff0002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x0) 03:39:09 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = eventfd(0x7fffffff) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) getsockopt$inet_sctp6_SCTP_NODELAY(r2, 0x84, 0x3, &(0x7f0000000040), &(0x7f0000000080)=0x4) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f00000015c0)={r2}) r3 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000280)='/dev/sequencer2\x00', 0x100, 0x0) r4 = openat$sequencer(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/sequencer\x00', 0x800, 0x0) ioctl$ION_IOC_ALLOC(r3, 0xc0184900, &(0x7f0000000300)={0x1, 0x2a, 0x1, r4}) r5 = syz_open_dev$midi(&(0x7f00000000c0)='/dev/midi#\x00', 0x4, 0x20800) recvfrom$unix(r5, &(0x7f0000000100)=""/33, 0x21, 0x40010000, &(0x7f0000000200)=@abs={0x1, 0x0, 0x4e23}, 0x6e) 03:39:09 executing program 1: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)={0x1, 0x7, 0x7, 0x2}, 0x2c) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x8914, &(0x7f0000000080)={'teql0\x00'}) r1 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f00006dc000)=[{0x6, 0x0, 0x0, 0xa1}]}, 0x10) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r0, &(0x7f0000000000), &(0x7f0000000080)}, 0x20) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000040)={r0, &(0x7f0000000540)}, 0x10) r2 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/null\x00', 0x800, 0x0) sendmsg$nl_route(r2, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x12}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)=@ipv6_getnetconf={0x1c, 0x52, 0x300, 0x70bd29, 0x25dfdbfe, {0xa}, [@NETCONFA_PROXY_NEIGH={0x8, 0x5, 0x7ff}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4840}, 0x4040) 03:39:09 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) recvmmsg(r0, &(0x7f0000003f80)=[{{&(0x7f0000000080)=@can, 0x80, &(0x7f00000001c0)}}], 0x1, 0x0, &(0x7f0000004000)={0x77359400}) sendmsg$nl_route_sched(r0, &(0x7f0000005a00)={&(0x7f0000000180)={0x10}, 0xc, &(0x7f00000059c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="2400000026000102000000000000000000000000", @ANYBLOB="00000000bd"], 0x2}, 0x1}, 0x0) r1 = memfd_create(&(0x7f0000000000)='bdev.-+vmnet0$ppp1\x00', 0xe02cfa961098c5f3) write$P9_RATTACH(r1, &(0x7f0000000100)={0x14, 0x69, 0x2, {0x40, 0x2, 0x4}}, 0x14) 03:39:09 executing program 7 (fault-call:0 fault-nth:39): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010a0200027400f801", 0x17}], 0x0, &(0x7f00000001c0)) 03:39:09 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x0) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x7fffffff, 0x8, &(0x7f0000000680)=[{&(0x7f0000000080)="a3f01fcf2699c8b7726d78925a3117bba1aa16bdb74dbe056010a8b1c4215f8a0a69d3648ef20f900fca911e523c0d154e4f4c300196a2113f60", 0x3a, 0x7}, {&(0x7f00000000c0)="cca06d3f9b5a77c1d71483ca0cc0e739285843d711fc494a673390909ce61af30ebe8730a105468420da39a4833be64d432f5ccad6815301c88caff64b4ab3947ac804e12938e3a7e28edf87a6f70ab14fa48a31bf8b01c5c53d454a8af6226b6b06fba2cd8d15408595e49ec4391efbadc8aec36051dda7dd620507edf8ac44022913779649da00e63746cb0ee515b7099188a672bdcd93d37e0e5e7d057b0aef5b9656765880f413ceef4cb15c42e2c6ef84f011c88a22b63f8f96e975ffea6bfb8064bc8e561830f8f8b490dffb67f9bb32f86e95390ad0f0", 0xda, 0x3}, {&(0x7f00000002c0)="c1b0f36dd966540ee151889b199b13f7f89fb818cd23df2da7806fcf7111405a167afec6db27da1df5865267f5009f04703ef1f78efa13d9d917b79c2c4877c9c7793f29fcacc74e05dec5f33674c110a14947a415939a6026f3c2b68b27fb542295d5ab216315eb45cc8e3ba73f839a8db084f79ee323b596348ded99210ea2f802e7ef11c07feffc243e8a063893eaa786819ccfd99ae65098d417bb23ba2c86db2ec4598f9e737461c635d4fcbaa4bac6918bd234c1dea1263e5da5efa89fbb17564ae88e60d8982cd9ecabe3a1788e326accced289c95ad296edf2e1b9c9f1afd2939f64e5306846a6a518f3", 0xee, 0x7ff}, {&(0x7f00000001c0)="d62fa9b1cbe1cfc0c5ee9de4e1520b596f76e4f72b266655cb", 0x19, 0x9}, {&(0x7f00000003c0)="76187412357b51659727219a555ef64c23df510a0462ba32c487696ef4b63b317520d05cfb67653a673a42f5900e189057b1854652aa11ce44031874de37f677bbb1275fad8f891595fecb7974aed5972424aa2ab81114f2993c4aa46fc5d641c475554ca93a2af9841a4f3bfbf0205215a5fbc91afe9aae805b36fb3cd9f8ec5a0be6238cb5da71202ca1a82fb723a1165dbac0893d5753a271fe5ce3a60546ac9067ff235712808790356dbea8bbc4b6dca46d81aee555afa0f744454916d6e9542616dd7664e3cd4f0c7e8ad43759e4130e5f3f715b2711dd6792a07333e57c0cc3936e4e949ec437", 0xea, 0x3}, {&(0x7f00000004c0)="8819bc66ef7ddac6e578cf80268b540fd9ec42f4f355a82ce160ba53a7e9f07b6a6b2b4302822daea779ee101e466fbed74595919a9b4c2f32aef265ee5972ca888e51c854aff74536cf33fd27887caeca618276945b426ebf33c4c9684b115ccbca9379e848a925298df76b328c7cf87651cb2a9a87832633f452c5a335a0fd1be26adc9e112f2b98888a8e2df27f1a66ef7f1381b72ae2254a23b03a65d6a4b3a910c5e880eb4f32", 0xa9, 0x401}, {&(0x7f0000000200)="7684ad8240c97e4ef79493318ec7695c97d6348e5eff5203221de6f1b6469fe86b73d8fb6f4707635299fa2b355ad755d8514a54677d9d76b8f693", 0x3b, 0x1}, {&(0x7f0000000580)="63a733562c7ee23d6442c165ccc284f0802459a422905969f17ba5fab5396a67bbe3a54d22c96f8534e6d77073e370b1856fcedf018cce59efecbe73b8c20434c5fed9f0750f68716b9de3b2e5d3a307addb3840b33fe11c0a5ed34f078ba0b7370294357fb80a246d18df7a94d51d404679a1bbc19839b74358438a35877540ddc9f43aad404c4b274cc928d99fd7c85cd08d54ba47ae9c62477bde67161eeb3e6643044b9765db7e1b9c4582d6cbec36d2be92856fe63ebe01e730dc9256db08be557296814efeaa42", 0xca, 0x4c8}], 0x0, &(0x7f0000000240)={[{@degraded='degraded', 0x2c}, {@rescan_uuid_tree='rescan_uuid_tree', 0x2c}, {@nodatacow='nodatacow', 0x2c}]}) [ 857.019351] FAULT_INJECTION: forcing a failure. [ 857.019351] name failslab, interval 1, probability 0, space 0, times 0 [ 857.030871] CPU: 1 PID: 15175 Comm: syz-executor7 Not tainted 4.18.0-rc3-next-20180709+ #2 [ 857.039277] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 857.048620] Call Trace: [ 857.051224] dump_stack+0x1c9/0x2b4 [ 857.054851] ? dump_stack_print_info.cold.2+0x52/0x52 [ 857.060059] ? kernel_text_address+0x79/0xf0 [ 857.064731] should_fail.cold.4+0xa/0x11 [ 857.068792] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 857.073902] ? save_stack+0xa9/0xd0 [ 857.077526] ? save_stack+0x43/0xd0 [ 857.081149] ? kasan_kmalloc+0xc4/0xe0 [ 857.085035] ? vfs_new_fs_context+0x5a/0x700 [ 857.089449] ? do_mount+0x5cf/0x1fb0 [ 857.093174] ? ksys_mount+0x12d/0x140 [ 857.097011] ? __x64_sys_mount+0xbe/0x150 [ 857.101261] ? do_syscall_64+0x1b9/0x820 [ 857.105331] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 857.110709] ? trace_hardirqs_off+0xd/0x10 [ 857.114948] ? quarantine_put+0x10d/0x1b0 [ 857.119106] ? lock_acquire+0x1e4/0x540 [ 857.123084] ? fs_reclaim_acquire+0x20/0x20 [ 857.127414] ? lock_downgrade+0x8f0/0x8f0 [ 857.131605] ? fs_reclaim_acquire+0x20/0x20 [ 857.135941] ? check_same_owner+0x340/0x340 [ 857.140266] ? debug_mutex_init+0x2d/0x60 [ 857.144420] ? rcu_note_context_switch+0x730/0x730 [ 857.149375] __should_failslab+0x124/0x180 [ 857.153703] should_failslab+0x9/0x14 [ 857.157526] __kmalloc_track_caller+0x2c4/0x760 [ 857.162217] ? vfs_set_fs_source+0x67/0x180 [ 857.166561] kmemdup_nul+0x31/0xa0 [ 857.170121] vfs_set_fs_source+0x67/0x180 [ 857.174273] do_mount+0x61b/0x1fb0 [ 857.177819] ? check_same_owner+0x340/0x340 [ 857.182150] ? lock_release+0xa30/0xa30 [ 857.186138] ? copy_mount_string+0x40/0x40 [ 857.190424] ? retint_kernel+0x10/0x10 [ 857.194338] ? copy_mount_options+0x1d9/0x380 [ 857.198863] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 857.204523] ? copy_mount_options+0x285/0x380 [ 857.209031] ksys_mount+0x12d/0x140 [ 857.212673] __x64_sys_mount+0xbe/0x150 [ 857.217617] do_syscall_64+0x1b9/0x820 [ 857.221683] ? finish_task_switch+0x1d3/0x870 [ 857.226291] ? syscall_return_slowpath+0x5e0/0x5e0 [ 857.231250] ? syscall_return_slowpath+0x31d/0x5e0 [ 857.236205] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 857.241233] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 857.246773] ? prepare_exit_to_usermode+0x291/0x3b0 [ 857.251813] ? perf_trace_sys_enter+0xb10/0xb10 [ 857.256494] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 857.261376] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 857.266676] RIP: 0033:0x45885a [ 857.269971] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 857.289242] RSP: 002b:00007f413f26ea88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 857.296972] RAX: ffffffffffffffda RBX: 00007f413f26eb30 RCX: 000000000045885a [ 857.304242] RDX: 00007f413f26ead0 RSI: 00000000200000c0 RDI: 00007f413f26eaf0 [ 857.311512] RBP: 00000000200000c0 R08: 00007f413f26eb30 R09: 00007f413f26ead0 [ 857.318778] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014 [ 857.326044] R13: 0000000000000000 R14: 00000000004d3f40 R15: 0000000000000027 03:39:11 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0xfefffffffffffffe, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000580), 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000a000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000000)="0f20d86635080000000f22d866b9120400000f320f01dfbaf80c66b8b0f20d8166efbafc0c66b80400000066ef0f20d86635200000000f22d86600ef66b8810000000f23c00f21f8663500000f000f23f8b82d010f00d0f08246f4000f07", 0x5e}], 0x1, 0x0, &(0x7f0000000140), 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 03:39:11 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020000006f786e6574302d232f70726f6300") 03:39:11 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) fstat(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) mount$9p_unix(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='9p\x00', 0x20004, &(0x7f0000000140)={'trans=unix,', {[{@access_user='access=user', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}, {@version_u='version=9p2000.u', 0x2c}, {@cache_fscache='cache=fscache', 0x2c}]}}) r2 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x101000, 0x9) write$P9_RFSYNC(r2, &(0x7f0000000200)={0x7, 0x33, 0x2}, 0x7) setresgid(0x0, 0x0, r1) setregid(0x0, r1) 03:39:11 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00003e4000)={&(0x7f0000e87000)={0x10}, 0xffffff8a, &(0x7f0000a3bff8)={&(0x7f0000000000)=@getlink={0x38, 0x12, 0x209, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x10, 0x12, [@IFLA_INFO_KIND={0x4, 0x1, 'user{\x00'}]}, @IFLA_MASTER={0x8, 0xa}]}, 0x38}, 0x1, 0x0, 0x0, 0xfffffffffffffffd}, 0x0) 03:39:11 executing program 6: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000740)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000013e95), 0x4) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000140)={0x0, @in6={{0x2, 0x0, 0x0, @mcast1={0xff, 0x1, [], 0x1}}}}, 0x98) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000140)=0xd) close(r0) 03:39:11 executing program 7 (fault-call:0 fault-nth:40): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010a0200027400f801", 0x17}], 0x0, &(0x7f00000001c0)) 03:39:11 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) r1 = socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000), &(0x7f0000000040)=0x4) r2 = syz_open_dev$amidi(&(0x7f0000000080)='/dev/amidi#\x00', 0x2, 0x111200) getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r2, 0x84, 0x7, &(0x7f00000016c0), &(0x7f0000001700)=0x4) ioctl$IOC_PR_PREEMPT(r2, 0x401870cb, &(0x7f00000000c0)={0x3ff, 0x258, 0x4, 0x3}) r3 = socket$key(0xf, 0x3, 0x2) getsockopt$inet6_mreq(r2, 0x29, 0x1c, &(0x7f0000000240)={@dev}, &(0x7f00000002c0)=0x14) r4 = shmget$private(0x0, 0x4000, 0x78000000, &(0x7f0000ffb000/0x4000)=nil) setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f0000001340)=@raw={'raw\x00', 0x9, 0x3, 0x2f8, 0x160, 0xffffffff, 0xffffffff, 0x160, 0xffffffff, 0x260, 0xffffffff, 0xffffffff, 0x260, 0xffffffff, 0x3, &(0x7f0000001300), {[{{@ip={@multicast1=0xe0000001, @multicast2=0xe0000002, 0xff, 0xffffff00, 'gretap0\x00', 'bridge_slave_1\x00', {}, {0xff}, 0x33, 0x1, 0xd}, 0x0, 0xf8, 0x160, 0x0, {}, [@common=@unspec=@connbytes={0x38, 'connbytes\x00', 0x0, {0x9, 0xfff, 0x2, 0x1}}, @inet=@rpfilter={0x28, 'rpfilter\x00', 0x0, {0xc}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x7f, 0xb66, 0x3ff, 'netbios-ns\x00', 'syz0\x00', 0x1000}}}, {{@uncond, 0x0, 0x98, 0x100}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x4, 0x8, 0x3, 0x800, 'snmp_trap\x00', 'syz1\x00', 0x1f}}}], {{[], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x0, 0xfffffffffffffffe}}}}, 0x358) flock(r2, 0x8) shmctl$SHM_INFO(r4, 0xe, &(0x7f0000000300)=""/4096) sendmsg$key(r3, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000000100)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff00000000030005000000000002004e20e00000a0ea863accd2ce5ea20000000024a9218ed6b02360bf6c150fd53d918ba2d26a67c9792fed475c3896c862e632c2cedcdad87ac0f6cc9cd613930470351886ecd0030b11179762e0679a1c29ccde787796307941d8f890a55d1d27806efc6531d9a493a3348a6dc260343ace4ae8a3f9f40bea413406a0f2a083df4b22e855ba3a5c469238e6b0e46d5af66bd983ecf6a10151a0eda9efa56fb492153b496f4cc3f8b64401826799d8a5a319f34c384e62cb2d010044a2ab08264cf88da85cea55f006fe97bf0e4569dccf16bee242a5103bc442be66570e5e3e39f905eb6e498e82"], 0x60}, 0x1}, 0x0) socket$key(0xf, 0x3, 0x2) 03:39:11 executing program 3: r0 = socket$alg(0x26, 0x5, 0x0) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x640480, 0x0) bind$alg(r0, &(0x7f0000b5dfa8)={0x26, 'hash\x00', 0x0, 0x0, 'sha1-avx\x00'}, 0x58) r2 = accept$alg(r0, 0x0, 0x0) r3 = open(&(0x7f00004b8ff8)='./file0\x00', 0x28042, 0x0) ioctl$sock_inet_tcp_SIOCOUTQNSD(r3, 0x894b, &(0x7f0000000080)) getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000000c0)={0x0, 0x83e1, 0x20, 0x6, 0x3}, &(0x7f0000000100)=0x18) setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x6, &(0x7f0000000140)={r4, @in6={{0xa, 0x4e20, 0x400, @remote={0xfe, 0x80, [], 0xbb}, 0x40}}}, 0x84) fallocate(r3, 0x30, 0x10004, 0x7d) sendfile(r2, r3, &(0x7f0000000000), 0x400) [ 858.863155] FAULT_INJECTION: forcing a failure. [ 858.863155] name failslab, interval 1, probability 0, space 0, times 0 [ 858.874831] CPU: 1 PID: 15197 Comm: syz-executor7 Not tainted 4.18.0-rc3-next-20180709+ #2 [ 858.883363] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 858.892944] Call Trace: [ 858.895560] dump_stack+0x1c9/0x2b4 [ 858.899220] ? dump_stack_print_info.cold.2+0x52/0x52 [ 858.904428] ? __kernel_text_address+0xd/0x40 [ 858.908934] should_fail.cold.4+0xa/0x11 [ 858.913048] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 858.918178] ? save_stack+0xa9/0xd0 [ 858.921853] ? save_stack+0x43/0xd0 [ 858.925500] ? kasan_kmalloc+0xc4/0xe0 [ 858.929564] ? __kmalloc_track_caller+0x14a/0x760 [ 858.934417] ? kmemdup_nul+0x31/0xa0 [ 858.938140] ? vfs_set_fs_source+0x67/0x180 [ 858.942468] ? ksys_mount+0x12d/0x140 [ 858.946269] ? __x64_sys_mount+0xbe/0x150 [ 858.950419] ? do_syscall_64+0x1b9/0x820 [ 858.954504] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 858.959876] ? do_syscall_64+0x1b9/0x820 [ 858.963949] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 858.969424] ? quarantine_put+0x10d/0x1b0 [ 858.973586] ? lock_acquire+0x1e4/0x540 [ 858.977664] ? fs_reclaim_acquire+0x20/0x20 [ 858.981992] ? lock_downgrade+0x8f0/0x8f0 [ 858.986157] ? lock_release+0xa30/0xa30 [ 858.990177] ? check_same_owner+0x340/0x340 [ 858.994505] ? check_same_owner+0x340/0x340 [ 858.998829] ? debug_mutex_init+0x2d/0x60 [ 859.002984] ? rcu_note_context_switch+0x730/0x730 [ 859.007932] __should_failslab+0x124/0x180 [ 859.012179] should_failslab+0x9/0x14 [ 859.016185] __kmalloc_track_caller+0x2c4/0x760 [ 859.020856] ? __kmalloc_track_caller+0x311/0x760 [ 859.025718] ? legacy_parse_monolithic+0xc1/0x1d0 [ 859.031728] kmemdup+0x24/0x50 [ 859.034926] legacy_parse_monolithic+0xc1/0x1d0 [ 859.039598] ? vfs_set_fs_source+0x12c/0x180 [ 859.044030] ? legacy_validate+0x210/0x210 [ 859.048270] do_mount+0x69e/0x1fb0 [ 859.051813] ? kasan_check_read+0x11/0x20 [ 859.055963] ? do_raw_spin_unlock+0xa7/0x2f0 [ 859.060386] ? copy_mount_string+0x40/0x40 [ 859.064632] ? retint_kernel+0x10/0x10 [ 859.068531] ? copy_mount_options+0x1a1/0x380 [ 859.073054] ? copy_mount_options+0x1b2/0x380 [ 859.077555] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 859.083391] ? copy_mount_options+0x285/0x380 [ 859.087895] ksys_mount+0x12d/0x140 [ 859.091552] __x64_sys_mount+0xbe/0x150 [ 859.095548] do_syscall_64+0x1b9/0x820 [ 859.099438] ? finish_task_switch+0x1d3/0x870 [ 859.104024] ? syscall_return_slowpath+0x5e0/0x5e0 [ 859.108955] ? syscall_return_slowpath+0x31d/0x5e0 [ 859.113887] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 859.118906] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 859.124475] ? prepare_exit_to_usermode+0x291/0x3b0 [ 859.129491] ? perf_trace_sys_enter+0xb10/0xb10 [ 859.134248] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 859.139113] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 859.144322] RIP: 0033:0x45885a 03:39:12 executing program 5: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) pivot_root(&(0x7f0000000000)='./file0\x00', &(0x7f0000000100)='./file0/file0\x00') read(0xffffffffffffffff, &(0x7f0000003380)=""/4096, 0xf) r0 = syz_open_dev$dspn(&(0x7f0000000040)='/dev/dsp#\x00', 0x7e36, 0x1) mkdirat$cgroup(r0, &(0x7f0000000080)='syz1\x00', 0x1ff) ioctl$TIOCGSID(r0, 0x5429, &(0x7f00000000c0)=0x0) migrate_pages(r1, 0x4, &(0x7f0000000140)=0xffffffff, &(0x7f00000001c0)=0xffffffffffffff16) 03:39:12 executing program 1: r0 = socket$packet(0x11, 0x800000000002, 0x300) syz_emit_ethernet(0x32, &(0x7f0000000cc0)={@link_local={0x1, 0x80, 0xc2}, @empty=[0x0, 0x0, 0x14], [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x32, 0x0, @rand_addr, @multicast1=0xe0000001}, @dccp={{0x0, 0x0, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "d70502", 0x0, "f53475"}}}}}}, 0x0) ioctl$int_out(r0, 0x2, &(0x7f0000000000)) [ 859.147531] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 859.166855] RSP: 002b:00007f413f26ea88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 859.174567] RAX: ffffffffffffffda RBX: 00007f413f26eb30 RCX: 000000000045885a [ 859.181856] RDX: 00007f413f26ead0 RSI: 00000000200000c0 RDI: 00007f413f26eaf0 [ 859.189126] RBP: 00000000200000c0 R08: 00007f413f26eb30 R09: 00007f413f26ead0 [ 859.196396] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014 [ 859.203666] R13: 0000000000000000 R14: 00000000004d3f40 R15: 0000000000000028 03:39:12 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000500)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) connect$inet(r0, &(0x7f0000ccb000)={0x2, 0x4e20}, 0x10) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x3, &(0x7f00009ff000)=@framed={{0x18}, [], {0x95}}, &(0x7f00002bf000)='syzkaller\x00', 0x1, 0xb7, &(0x7f0000000440)=""/183}, 0x48) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r3 = socket$kcm(0x29, 0x1000000000002, 0x0) ioctl$sock_kcm_SIOCKCMATTACH(r3, 0x89e0, &(0x7f000031aff8)={r0, r1}) ioctl$sock_kcm_SIOCKCMCLONE(r3, 0x89e2, &(0x7f0000000000)={0xffffffffffffffff}) sendmsg$nl_netfilter(r4, &(0x7f0000000140)={&(0x7f00000000c0)={0x10}, 0xc, &(0x7f0000000100)={&(0x7f0000000540)=ANY=[@ANYBLOB="1400000000000000000000000000000000000000"], 0x14}, 0x1}, 0x80d4) sendmsg$IPVS_CMD_GET_CONFIG(r4, &(0x7f0000000400)={&(0x7f0000000280)={0x10}, 0xc, &(0x7f00000003c0)={&(0x7f0000000300)={0x14, 0x0, 0x0, 0x0, 0x0, {0xd}}, 0x5580}, 0x1}, 0x0) 03:39:12 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020000006f786e6574302d232f70726f6300") 03:39:12 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f0000000100)="2957e1311f16f477671070") readv(r0, &(0x7f0000000000), 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f0000000180)=ANY=[@ANYBLOB="000000000600000008"]) ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f00000000c0)) 03:39:12 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) r1 = socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x5, 0x13, r1, 0x0) r2 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r2, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x0) 03:39:12 executing program 7 (fault-call:0 fault-nth:41): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010a0200027400f801", 0x17}], 0x0, &(0x7f00000001c0)) 03:39:12 executing program 5: r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp\x00', 0x40000, 0x0) getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000080), &(0x7f00000000c0)=0x4) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000100)={0x0, 0x1, 0xffff, 0x9}) r1 = semget$private(0x0, 0x3, 0x0) semop(r1, &(0x7f0000000180)=[{0x0, 0x0, 0x1800}], 0x1) semop(0x0, &(0x7f0000000000)=[{0x0, 0x0, 0x1800}], 0x2aaaaaaaaaaaadad) r2 = semget$private(0x0, 0x5, 0x0) semop(r2, &(0x7f0000000140), 0x0) 03:39:12 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000140)="025cc83d6d345f8f762070") add_key(&(0x7f0000000000)='id_resolver\x00', &(0x7f0000000040)={0x73, 0x79, 0x7a, 0x1}, 0x0, 0x0, 0xfffffffffffffffa) r1 = add_key$keyring(&(0x7f0000000080)='keyring\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a, 0x0}, 0x0, 0x0, 0xffffffffffffffff) keyctl$clear(0x7, r1) [ 859.324448] FAULT_INJECTION: forcing a failure. [ 859.324448] name failslab, interval 1, probability 0, space 0, times 0 [ 859.336015] CPU: 1 PID: 15229 Comm: syz-executor7 Not tainted 4.18.0-rc3-next-20180709+ #2 [ 859.344519] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 859.353886] Call Trace: [ 859.356498] dump_stack+0x1c9/0x2b4 [ 859.360142] ? dump_stack_print_info.cold.2+0x52/0x52 [ 859.365349] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 859.370381] ? bpf_prog_kallsyms_find+0xde/0x4c0 [ 859.375157] should_fail.cold.4+0xa/0x11 [ 859.379233] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 859.384350] ? perf_trace_lock+0x920/0x920 [ 859.388597] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 859.393740] ? kasan_check_read+0x11/0x20 [ 859.397900] ? rcu_is_watching+0x8c/0x150 [ 859.402073] ? lock_acquire+0x1e4/0x540 [ 859.406062] ? fs_reclaim_acquire+0x20/0x20 [ 859.410399] ? lock_downgrade+0x8f0/0x8f0 [ 859.414659] ? check_same_owner+0x340/0x340 [ 859.418997] ? check_same_owner+0x340/0x340 [ 859.423355] ? rcu_note_context_switch+0x730/0x730 [ 859.428293] ? rcu_note_context_switch+0x730/0x730 [ 859.433242] __should_failslab+0x124/0x180 [ 859.437488] should_failslab+0x9/0x14 [ 859.441300] kmem_cache_alloc+0x2af/0x760 [ 859.445502] ? __alloc_pages_nodemask+0x6e3/0xdb0 [ 859.450355] getname_kernel+0x54/0x370 [ 859.454271] kern_path+0x1e/0x40 [ 859.457640] lookup_bdev+0x10c/0x250 [ 859.461361] ? blkdev_open+0x280/0x280 [ 859.465253] ? do_raw_spin_unlock+0xa7/0x2f0 [ 859.469689] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 859.474280] blkdev_get_by_path+0x1f/0xe0 [ 859.478433] mount_bdev+0x61/0x3e0 [ 859.481977] ? msdos_mount+0x50/0x50 [ 859.485786] msdos_mount+0x3c/0x50 [ 859.489415] ? setup+0xe0/0xe0 [ 859.492613] legacy_get_tree+0x118/0x440 [ 859.496683] vfs_get_tree+0x1cb/0x5c0 [ 859.500497] ? vfs_set_fs_source+0x12c/0x180 [ 859.505019] do_mount+0x6c1/0x1fb0 [ 859.508560] ? check_same_owner+0x340/0x340 [ 859.513160] ? lock_release+0xa30/0xa30 [ 859.517181] ? copy_mount_string+0x40/0x40 [ 859.521451] ? retint_kernel+0x10/0x10 [ 859.525344] ? copy_mount_options+0x1f0/0x380 [ 859.529859] ? copy_mount_options+0x1f6/0x380 [ 859.534361] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 859.539907] ? copy_mount_options+0x285/0x380 [ 859.544460] ksys_mount+0x12d/0x140 [ 859.548268] __x64_sys_mount+0xbe/0x150 [ 859.552252] do_syscall_64+0x1b9/0x820 [ 859.556150] ? finish_task_switch+0x1d3/0x870 [ 859.560654] ? syscall_return_slowpath+0x5e0/0x5e0 [ 859.565762] ? syscall_return_slowpath+0x31d/0x5e0 [ 859.570726] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 859.575748] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 859.581312] ? prepare_exit_to_usermode+0x291/0x3b0 [ 859.586432] ? perf_trace_sys_enter+0xb10/0xb10 [ 859.591112] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 859.595964] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 859.601154] RIP: 0033:0x45885a [ 859.604393] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 03:39:12 executing program 2: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000280)="2e2f6367726f75702e63707500eac5bea7af575a45fddd5af3a7709295a69e7bc5fd0592bf2a4dc8ace908be8842141ca2a714ed0163d4afd8ac48123d4869e05556a93347d6a7430e03a5f2beb186f16bacf2e4dcdcf3b9ff1d99165ce38d996e7798fe471d9a0d81acd08788fcc9892a2487efcde7a649614b14ba1c18", 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f0000000540)='cpuset.sched_relax_domain_level\x00', 0x2, 0x0) ustat(0x1, &(0x7f0000000040)) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0, 0x9, 0xffffffffffffffff, 0x0) r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ppp\x00', 0x200d00, 0x0) statx(r2, &(0x7f0000000100)='./file0\x00', 0x6400, 0x0, &(0x7f0000000300)) sendfile(r1, r1, &(0x7f0000000080), 0x1000000000400) 03:39:12 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'veth0_to_bridge\x00', 0x0}) getsockname(r0, &(0x7f0000003280)=@pppol2tpv3in6={0x0, 0x0, {0x0, 0xffffffffffffffff}}, &(0x7f0000003300)=0x80) r3 = accept$inet(r2, &(0x7f0000003240)={0x0, 0x0, @loopback}, &(0x7f0000003340)=0xfffffffffffffe3a) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, &(0x7f0000000140)={0x0, @in={{0x2, 0x4e22, @remote={0xac, 0x14, 0x14, 0xbb}}}, 0x3, 0x83, 0x3, 0x0, 0x9}, &(0x7f0000000200)=0x98) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r3, 0x84, 0x7c, &(0x7f0000003580)={r4, 0x101, 0x5}, &(0x7f00000035c0)=0x8) socket$pppoe(0x18, 0x1, 0x0) setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r3, 0x84, 0x72, &(0x7f0000000240)={r4, 0x8, 0x30}, 0xc) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000080)={r1, 0x1, 0x6, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}}, 0x10) r5 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280)='/dev/sequencer\x00', 0x200000, 0x0) timer_create(0x7, &(0x7f00000000c0)={0x0, 0x40, 0x4, @thr={&(0x7f0000000000)="a84873cffe2f0a7c5c66c27d8b8007b61d344d97ba74a059867e7ee93864af1ced", &(0x7f0000003380)="110ced095fbcf83452f3a4f88f171837b0a7f9ffcb02501c4530fba0906c076c5d08f64389f8bd56a1503c68674f9b377b130c4d72e613a89d3da1eca47534ad7963c7b80459cbaedf6aaf70eb18e5675ea451310e0fdb9dfbc52ff747d9cd49edc44c4e59180f5671fb2f2b6222e113b128a1282e81178e6cdd2648156d4ed47d6dc166a8c90e3e9584b7064bcd54f3d0a7723684706910415a011c7ca8581bf84de2795ce91d9d0d3bd2508cfbf280fa8c0cf509a81b7e7e3db4e7e9c1d7f5628013cd2c73722f94aab1765fa5360bdb1941b08d7bc3aa984d85c434c1711ba06f24f2ed5dae"}}, &(0x7f0000003480)=0x0) getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r2, 0x84, 0x18, &(0x7f00000034c0)={r4}, &(0x7f0000003500)=0x8) timer_getoverrun(r6) ioctl$KVM_CHECK_EXTENSION_VM(r5, 0xae03, 0x86) sendmmsg$nfc_llcp(r5, &(0x7f0000002fc0)=[{&(0x7f0000000300)={0x27, 0x0, 0x1, 0x3, 0x4, 0x100000000, "3be919000f9dc353f08243278f2447728c5dc35f34f780e746a72af6b239a0e0b7e90212211d28879f350e85bb424c47f200c7ab838f527037a539bd1c53df", 0x14}, 0x60, &(0x7f0000000700)=[{&(0x7f0000000380)="cedaea2fb216e10837dbf4ed35b2e874282cd80a0e447314372ccbd169ad374c267f613613fe125760433794c79ad71598560db51dcf466b27d3db1ed6c131f46ff84c23a3b2eebaef721bbd836b7804936df2561cf295499f1b8b372ab4c12eba1392db04433383ce3415", 0x6b}, {&(0x7f0000000400)="12c4f98c8f1eb13e5d492f679faa5a4554d289d3ab995c0d294eaeda49b4f8e608414c0ea998f41f2bc66cd0b7e7c0c5525e30187be395849e8037431bf593b3f419766b83adba245d3cb47d7327852d6cbc4aa4ba83f70d5f384829fae0ad890c2f33b35c7e3a5e83827d912e50fc3696e5df7ea6446ad83897165c97363b3f4e9913db28682d51bd3090a48ad1", 0x8e}, {&(0x7f00000004c0)="9a1ec87815c3eb4f5ab532a05958d1c27f6057ba813893395ee2ae20077a82b602fe313620a0c872151db49f98b5bdba506e10d50ca19d9361eae783ede75189b4d57bd743147e2c087f49a2e8d1c4195632fe65d7de5644a4f46d408d633f1ee48dce06f9fc40da361c96b812d38a513d6bf544fa3ccf13b9632d98d86b7f5285ed257c2e117e067f6aee1bd1b893b14bbeaa980d", 0x95}, {&(0x7f0000000040)="b4b281c83904af", 0x7}, {&(0x7f0000000580)="6176d833c0ff77962a01298ae18bc27aabd2a6b59242f77b2acfeee8bff4ee6104186fbbdd9a608d7bb2fa356d04ebadbf3208a70be809", 0x37}, {&(0x7f00000005c0)="90a91e3df48440e40ecd1a0ef4acce1316d9717140d938761b443de496489349dd7712c51c6e953ab26fefdfbe3bfd98ae7b9cce483ca2f52c71dbcb0cb4898b43cf", 0x42}, {&(0x7f0000000640)="f61b25b301a37f49a68005c6bca50d54fefa6afcaa2828e85941a92aff20c7c0b5dd4559857d95914eede58661b292077c39c2c05a0f38f497f3a896bb028fbf77ef6694c201d84f06906c26ad2b48347b98f20659b6fade040a854d4b53c283e43d37888a9174a53150cd2511c471d06d321a299b857c8ae32e4e4dea92c1f7f08e54e3402da3e431b6b9a36d703b55c232f9b066094526161b6a2c73a1441519b5773cda8cba476d463bafae9d23", 0xaf}, {&(0x7f0000000900)="820125fda5ffd98ed9bdd7aa1999dfc8493f804906b44167f6323af06bf3d236db8c81301c76b30314d79480e7905932052c97a634bf207a1ae6138120920859d063aeb11df29d99e299394c2ceec45476a85f3fd12b5ec31913c1d36cca145c802854e7b5fffe84050488444ed35e5134914fdc28cf6d53327940405bb7fdfbf42cde6c61a5fdbfa0ab1617053c644911d3e189d224fbdfe64d5ec95b5be7913a6ec6ec7c8211e240ef4fd5cd33c3b6319bf03890d69ba77720a301eaeb78419e8da698609e1643c4b2b80c94b15822f6e7efa473c990091037cd968d7a93bc09e587e1a504823b765bad10adfd9f94e117867e6c034166f05287c22cb4179f6af3e2311e87f71780009edd47768e7d3d08ee4b7ad31058955828c5c6ea52737a95fd2be113c6481ba8b4032a6fa2606d3c035963dd762b993ed9bd0ac81c1cacb1ff3e5cc60118f645b60169e087f6bad57b1e6cfb8dfd265d4b348299f2b00235db68e7dc1468af5ba46bf1aabe989d64372202c3f4aa53181a62b6bf13388aaaac94190c65b5e67b57b85321d46c902fdf4d5c406339bc385991b3d484a0ec07ff52649e31b06972912dfc0a5203b6ed6f6a6bc52991e807acf4e22231be212e4518607930dc50a11fc3c8aaa15686f713232ef1ec04294a136a9f9b2e91e4b741fedd676084b1a7f2d0264cf182229da789baf40b13a79c08d959e2783886e8713c794a084cec3e9edb85af9855d7f37e74a6c3b847e5a611634e17e3c19767a474c705b73fa6e243ba87bedbe1c85dd52bcec6447c02bf15243f7f32d55a1ea20d9f8af49295c6b27b0120e2d293e98b8cf8a4344854a5f4542567cc0af7dfd3211d468a66bafe0865cd61623cef827fe11c28430a9bea4c0f5ec4e099251e945499b5c70882e79801f30ff119642151e1533a87809cfafc784b5c7aa4d03fe0fd40f9da46d2f684857f7828fb494c47d07dc3614ac42b45fef71067d22c0bd4256a694a2e95714cfac84173664f710a6ee8cecc625691e27b7bc6a69583656474c92cb18caf3f6119a703e54065c6401423d84746d210704d2c0ede2cf0e989230ccbd74c02f771d60c1d99aad37721011314f27f6d8f4088c7fef136e27d8cde12bd077cf99db3a614a739daa8870c183d580ec7767379d0341b7be4c6503e7a305001bbd8b0d0c321de1413ede19d0f11e0f1e5e51c88de2f19c04cc6761aa913efbcb449f3823bcbb3e40a12e62b4df42d9e1fbfe2c3cf5020d5dcd1edad60f4e2715fb24fee767f01254ed62978f83110e061465ca5a3ca102c9eca635faea755527dc652fc6659d353347a4c5d4cf8cef701a31e2a061f72282a3124b42ead912b11a6689637a8b6a90437632ed7e85e149d46b0d302b9dc79fe11fc05247b4e83b3deae4a369c4f3336c562b3c0b42c656dc408d115ee2ca4d1476518a4b25489b1b8633e6d587e1294196054f5e9355dc053afeb54f83edbbad8198f817a43f143218c5309336854782ef5a0bad0fec130c60d08534243391e91e986e9809dddc06e68449f1d269d9e826ed9f96f3b63a957e08929a59a169bfc5e1e165a192ddd2383f80e8ec76e973f44eac16dcb37a15b5b56d153af757c71b75af352ab6d4401039d4b8e2b019d39a6197b27395f731ec8732df6b2d67f6c7936178225a37627f8d7a7c3ace3bf8755ef5852db9ea622baa721cd26dd4a144d6d7a928235b2ffac83f86881ae18acb006d057f09bc6fcf378f4fc8850ce23ccb7c78daf679785deb1c712abf5de1f62dd595e02ce20adda27969217f40475a55ff4ba8f723763498e508e1627ed1e8e369667149f4ddcfe61357ec0513ea0ee85be5f3463f3319fa9b4966ca42b2be387784f47a547d40407ced0d9fed8dd936a6ae6818b70702827af5628839fe4d1fea9c2c8e4afd0dfb670aefb528e870c92e5c5468866a0c9b696463e45e9121d5f312b4c999a6d640cbf0c7ffe5114cc23fc7e7547313e0e016b798c891d047ecf984c6173e3b87bd4d266090fc8ed782149cc28f53724ee8b950c0ac6c361098848f8740a8893afd607c083f8a935a2ff03480e90e799a5f672d5b230f031409a62a830a1f595c37cd3183d5e80055910fbb3c8504e15eb69f8f521d626f79cc5e9d76e11adf32b817bd73e49c0427f1185aeb17f9573a9418069e54c6e51d3f258c2b19016558e4fadc3b6405812d2bde327932646b572360aec27c588a2cec56e1d73d2a9a305a16391106ab527300802c6d3fa83f51f3ba41e0410c33b90531f964cee5079413e15dbfbf9ca04fd76b0fe4b799d120e4c0eeec0906ceedb017b1b2207db158c1eafd422f81e03a29fd9751c8fba27c16d402860f72d47b586f3fb40a50e3f476144aeb3ab1a078a684f352921e24bfc1af2f804a79236c77290852fd24c18ad18303022a5c2218020e36126512e0c8bbd65cf2f1a38ee20636dce7fb0eb42f07749214a2ea2a88c33ed0d1575a3f8320e0afe19db98271ed53835123c6e1688195faacca1439f2eb4480f7ae438a6cbd24428bafdd11632d764614c58a24f1acb0ea6463060bbbe4d84daf8638fc3d986b82f72ceed0818a214d4c35922392e6732933cf5e8545a95521e840a578855ccb40f87ee8a180589670595f3a85e1db5cdbc120886699b840eae098452990892cc2b03e918593a93dec49d98559b7444cace3ffe315a749a60b07e16387bbf41b41b784d23018a1aef201a6364be2f8f3e192639d4c0b11f6d7487b1163766f7b86c31528fec05332a171ad8f1c1026cc8ed4b922e9ec8ad37d70d967316ce445f6e750cb7df81b24b2ffac0bf92194bcae4ce812f04111de2e215b1eff9445bf0d6aa6732217724804e81f82d1ecd0474130ee1c9114868a1602a4a605da11e256a7090024d2876adbc1a0377e87dd293c82064337315352073f134f248458ca0c0d73762a15620f5b57cedf8533fac9ef58ef2d447191356dd24126e0ea3265c536962ed8519436dc02f32fe8209d1a4f25847310a298b3818842a67529f9d1eb308815a595bf347bf3f20dae1e9b655826c5cfbea161dba71eae44ec7d27f30f193c8a10020e3b7d48228b93e1d23d2c4862e75540a8de1c21b9e5983f9d4ae422aea746514d0b6b963d72b57757cd3b366fc568c63b5327691b7eb000d105a897eb7810aa044c859dfe9ab00347e188166930f5a7e5b2767bfb4e8800059732bdcfbc8e58b0419228824f0365b880aa381c56fbc89c75aa97063442939bffd79bba1179083d9edd13377620e76d14e481033b2836e0bd7d30e480f03a6e2a2c3e3595254d783039f23dc77e2bf8faeeaef7adfeed4442e0b2a1fe62b614aabb7d12619f31c5148691a9228f72703d129f4ad021c396153e8a567d8c9554ef95ff02a5d63e28eec8571277a811dad4465e4693c19a7e0cd3f23cee4b367a1e6c7515965148d2bf17eca0d1d7d2e04126ce77c1cfb9573013bdedab00f0bd13259b211477ade719276b6c3fc7638c790c04bb1530fea227fc03db67133e941a8d69d7e559020417ad00fe6536044d8df9a88b012f6a400f4477018646b41e89991cf89959a746d7b41cb237317103e739a64b1bb7904f879a0d39e5b572e13f53bf511b174f0b3df74816224469502ad480be93fe03dbab1fb67a78d3152d63fc354c8123335b93bd294cddb284f70c77044125d6471ba65195112d6bb3eaf655852219b56135493af03573eb42fd65dba999a37625bbeb272b37af0c9154c6d42b9f7fb2a92e71e6deb1d4f569ce9171ac3239e73990201deb9636fc00ebd6e1c9c460a93399d954a2d1c222460069774ba26a17e27e3081590391bc0a38b577ccfd501363f0333316ddd5dbae0afc38ba1e41b7106168a17a11d169b14567b9842a50aae0331e2bee117975ae93fc4153298686caedbb265b45dae25df75ca726229b033d95bd577702a56818f13ad20c044de9f27553097df25a76debbe819d84d916d04abbb2dc78fef6d1d401c75b384c9e142a222a702c6d623257f08b2c008cf4df25061490e413a7c2af6b58a6566422918e5c21fa877c4edb82c29ba36b0cf7e9688bddee3e414932444853e61ec1de241e6dfe0312488177732c4f185bb12aba3c4990e6ea1689669b63957d756b7a69366aba2cb6fa20f6383eacfa73167875f79da224bb30462e4fbca85d967b35dfd768a8c06a1447836e0bbe689ad419bed0704c22a8b93142c475b54c29d1f13b9892ebd99946a6b209d90eb3b5fe48fefff29cfb3e1b9f334959bc5f017ebeb28ed171068dc5cbfefcd007166f97acf697a0597d73d2dbdc2af1e2b1ee7f2446a6db97b45121396153c16d603207bfbc11b9cce75bdc9cdf357b7fcc4fd8e800f2c97cf092e932e0137cd764da8edcbe56a5f339567fcda70a368a13dc138398e0194e84a8497ee8ab49fd2730ecfe96ff0a9eed1efb935e1af55cff542786fce2e12bb08d9a997746398449f8d035cfd8fde27f65378f167a20755b029b916875ee44f78d7748db3ddb27e945879faf22713c4ef991237066ffaef00dd17ae9305db7f33791ec84deb415fa7e32d249346a17ac18a8c8765accc65703d237747c83e3009d9883478f31b76f4424fc8322b600d6f6e99c439b20f3d2d75372e10000d1565faedbaef1b77558a60c12f84f241b9f22afea2b059444c23c1016d4d9a0b5eab78e937f68816db187f0b56449d90c0591aedc1911164d0e444e78c5d39cd16d057178b036b014c2725a86ec32d5875d0829441c1fd7910afd43fa8b99090aa79704a5ac1cd4a8ed3d8c465cf4b690beaeffcb0efc586abd6b0e8b25ec2fa17d12c5687e1d9b93e1d86af7d0b894bea4af836b6d780d95bc9596e55ff2026e0eecc869e607054d75e8f77bb66f897f290b343af84795817e4d68192d0c446cc4ca476ca53201a219fd04bae3750d4bf53581c330cc319b34bb5d56f1b6326d2af499203ca3a9e521082e8d73be0d6acd1726ff1eab25af2cdbbf8d33eedce2b6d117dfd581471b67e84fc9697ea2258c87a5dd2b6a99140cd4dcebe961f7e585b36a335836c3fcdf9655cee74526c35ea3e9d157f41ece9783782b4ef635b2a64b3860e5f220ca030d8c4c78b86f981089a4a5c10af3101641310c15bda3db1423d32841ec27ed00a2aa39922bf3877d7972e1cf9eff86976c62d3ec378c6ae1e0e7611ed069b89cc42aca9ddfb917fd5aafa59dfa9d68e2b9c16bea993484508de2637eea50726f4b72543b04e53cc58eba6f741c911929886b905cd0bd0d28738a1ce54144bcb16a4cfe1837aa318bbf5ea6869b8f00f64183019cc5a0bed890cef8096a507b9304f02d2eef99b1d36183b09a5c1804e8bc999602620304f7455f023cfad20ef5b47a6fb0a52a2bdb47f58745d5303828386239f9c636965d1d7329bbdf8093933ea7251f5379a3fd2e7ce18d24fc1a00b1cdca4b6b292660f726306188ab8d12bb80fc4e04f70ca98fe87bfc06e6f2a1577f6e4d7889c6f7be65539679804bb722532a5b3ad942fec40dfe2dd531e92a10b87e1232e1dd3e0c0cf14a510bb00d8822c61dc64491fb90bc0173351d77fdea3df09e39b0271c6ed25fdc4e0f60da3c40ae9dc021918c7ad2ff83567c5b70b246fdee440f8cd4ca34678c49c57f57b6cfc78412607cbc273e98193eab0128c0f672eb48d928445128ddc4222e70d9613853b93183456e5cfb3c7117000d102ae9501f315da89e9bcb6ab7a0aa8eecdf3850068be12c0f2c7f574ad27b505c5dcda8", 0x1000}], 0x8, &(0x7f0000000780)={0x58, 0x18f, 0x4, "ae07122ccbdee1a4f6ed7bb44ef19598dc51c1a398974eb884370a1e222e3e418858d5f63d87f745db8638d868d249b3ea2be6adddc06ebefc44214ddbf121e9edf09e154d"}, 0x58, 0x8000}, {&(0x7f0000000800)={0x27, 0x0, 0x2, 0x7, 0x7, 0x2, "de64e6681fa23486b470bd5279eadd33f0a2f393ff21848937b5a80dd1c1b0c114946acf5e25a10c48556b419b36b55fa313ebab447cfd1aecd828e1cc8d06"}, 0x60, &(0x7f0000002e40)=[{&(0x7f0000001900)="89bbff107c425da4895d6882f748c6528b9351a45fd682f3f6c6d8628a102a9bcc23edeeb5d4d250bf7a27c28a7058827e2455046e2237590a3f8749bad317576f9420c49909a0994965998e8e2dbba85ce5e025279daf55ca3b3649476e8bb92e8f0a4fc5ebbc9ad7eb0f46690fb93f1ec487750394051c47e9159c3bf2dbbcc541a38b5dcc3c9d8a333fad952e8ce241fa581456c2f5d347b4932c7d4a863d2a1ab02386fb33c1c758703ec222cbc7b92d9004f71d8d7249", 0xb9}, {&(0x7f00000019c0)="320ad2c24d4a2a0bed5f5636a8583fed91f6325eb5820274b45e227ac6aeeda9da86a17804f8842e32d4c97f1514aa0dea1b1548f436a490458499fac25ed0e81d956e8db699fe0a09bf0b991338f654103cdee60d80a68144a278d219a5fc9285f9f433044329cd02cb7c455453d314e7c2644c6a496ae30e7f424ea54f43d0a31dfa239e806d696591", 0x8a}, {&(0x7f0000001a80)="6bc097894dc8118ae61ff4a681415631de3262a34590b6edb11b472db94d6beed7328f5d64ba21d0c30ce8c08e943347b7d748020f537939a2903df6e51ea22fd187fe89bf2a28d1130dcbcc84b86cf9bcf4d406bbfef28b598abcef6a044de6a96e01fa0a76b2777983d921c34f51da1566bd46ebf311136160957f52a890b5db2acebb94502d00018ed382e0e49ddd2dee33c6256a5e05a7686c2d5b623ce2e884ab31cb28619299eee574cc4821671ca6d2d99c773ba95631c1f7b0a37a02f12893c1ba2d15ee6d565d380049413377771e5f74b371649a7d3df9fa2f7fabc3bc999092a67e7e6bb9ec37", 0xec}, {&(0x7f0000001b80)="7c3e59e8bda3720c647094c0b4ac7f4535a2f1b83bee14201a150f76a94f36f29889986ec52359aab3ca13a21f0523c49efaba3b9ae49a8d560979446cec8d90d05fe59d0af2e774e4bc9de7fad6766267830731fe0b8d80abfcb8c7e642640755fb3a110e474392418040a72d90668d580642218e6394e9b99ae83f6ae21607b3a2b1e5a54a4279016ca6098d28e7ae0bebb1007503affaac503125e70b82e6aeacfcc53f6af7862ceac542315fdfad203b68612ee15b54f64146a2c181841e570f2a", 0xc3}, {&(0x7f0000001c80)="d8af15ae9fbcb49f08fbc87be32e7416119cbe43036283c1c6efcd31ec4c76b3c5cc8cf0623897624a98567fea8bb764b056a71126e69cf2f2571da9455ab1657317331f8376efe81e0b6843925304f6a8be885558a73850f930193ff700c2a1588382aed1ae0e81b30f418babc28fc3d65f3790c14bba2363a79b97b89fb6ce20de8fc15a4ca2116fb80ad624b2b8b1f2b44cc14e0507cb0956b9b10cd34a01a22888a3497d25314bd4a7f4c0bbd19a5b0f541d28a0354eafd1bcbe3739a4c5d3f34bd76ab6306d243082f58ad440430a046349c5788eca1cbd1af5c3c3fa03855628334fe16f1bcc2925167f33fb4efe9520583ff7910fb6174ca6dc303c67eae04ddf50cc03912c85d105017e2c97224f628c282295d662574ca29049ebba0104add1a463f703146e7f820d171a314816f98df1f10c1a432e3633add8be7e8a1ab4acb98f52ca4e54940092ca06e3309c78c5b8725b64b4662dd05f3826de931ffa31ab896830009daa1b312094835c8698711b280c4681fc50740323e0ef3889d19b2a3f88b31e9227475b75384760c75d0e2c1438d9b0333448300d705b24ff18bd550fbab34a4e8b5ba3c50e3916c2439db2c02674673d6c308d2f81f5f406c31f30cabf3a717470b67973d3886060495450af221dfab500e1db28df322b7fe920e7ad7265417e249efcf4c10590050225eb16c7b280d47f21509042439291d7a199e7242175437053e9febe9ffcd39ae8c88f37e5a8343973b6e62477da9b51ce3231b0bebd1063385391bfef6afcb1fe03ca4b0386fa1d2c7fd2568429cf42e35334226bfaf14f719b0e06a0dade11f6f35b50d44e6caba32a2fe1df92464a18826d11645f7de210fed44e377a5162fe932f4b2f20cecf9767a7d45950e977fbaab38a57ded77b3affbb879145df9af782c7327b0b3c3c6da20cdaac5e93e6e0841cfc57e51977c79c3404181aad5471658e5fb4e4638d835c656667bd9971144cc041d983a8c918f21df257542b96856aebee23e10c0b29563041f467ef22a4a1f3c192d5058b259493dad1e778403825ee787cbbfa2f317147f6632d18a94ca21148128627c93fdd222b9d53e7ae0041ce35d4f33202a88d8dc4919247ab049ef8fd5c152a2ac348f62a2e7c3ee51746c1fccc7bd70526fb4d944446932f00e073e5182dab119c607b20551a492782dae444d88347982ca1d876f18028be61c3f6ed7d591f71ad2256c7032ef4d2733a184373bcac1f725aea8f4f3c282307618b325f9e9f51dcae81d91d70497669ecb6cecd86140b2913be3912acfa8c5486d59280cf9f3cce37a8ef0b48d7599f52e080b1bd13ead7ffc212983815defffbcebf60528e7fbfa4f0e9c3ee560a8d3c5907c3d5d41dcd3bd30c2ae026c7c1c4f39f0db60954669e8e77a1bbc4fd4eb9d9cd72c50a4ebc3305effed000369647e0a2c2ca4756d2f680800c2671b65b0cc886af50f358576e5e171fa41607dfca0108a74864e97b1b601624f2dc9bfbb4c115f811160b05ec282955ad655ecdc4b9263d4ba075021bbd52244a48b81b17a72666edaccc612da2beb3e6f2eac06aff06b91cf39b812b5f7772c41a1186f1fadc95b19293279447cea29f7fc205a4ebd601841fe5730319d9f94ced2727d1ac8fb85abbccd1ae050602ecb32dc99d0f21c8bfd585a7381a5f14f0bdf180afd7a9e0ec7b4366fe1887815193efdb0c6444e02e9f23e8ab4df98dea9a13722f46fddf2e2126e766784a39ac6552b440c7b0e59a510f1c88c364520a7b1d4a89f66eaa49f276f673793ad635a2a5826ab531b28c3cd1eaf0371d0aab25719b24a794862658cbb2385de83ea69885021c4ea20a58190b4a7461b56c4b3a9b72cab824eab4548d3fac5c547d1314813cef7554ebfd9d3ba099c6fa10ceed9d84bb3c36e2387ad1e7491221803df4955b2d5fbaac8db6eca9845840119a95f22b8ea0d4faec1f9c280eeff00ab9701fb07fee57f1bfdb56dc1ebe754ae0859609c6a1b852d88946e1c1985e208c7cee079bb6c5bc646b572c4ccf5a214b143608aee1e8a4105702277fae0be03caf1fb4769d5402005e2866bdc61cb67624062af450d8008d4e127ed33a9d36b50ea174fe61a69b7f7ffdd4683f95bb8322ce3e6a0f9536faa67a22dbc2d5114c97cfa31f1b763e4985c1ae9f628482ad8f41f862eb66eec57613d0ac03d0551f8a246c69e407e715a5176fa32121d694b025c25b231177de75e6471e818c969212fc606569c5dbf308ba2bcd23fe104111623a16bce71af54b596ea588c5cb110484e5645eff002a8e4dc868ca1f48f1f350a224b30f0aa0e50d5b089c77e428a274bc2d97481c5ed59bb7892513e2e7556cd47295e66808cbe04204481423af3e525bc3edde03f24e8c629f14bca969449706afc11db26831cd84cf0a82411436d5a008b59b0598abd82d86f721d0fa4d3511af523205959486bdad8c68bb36382aaa16ca515c2073c11697ad33e924dd3572218d1a01564b50acd96f41826eb1ec6c4e8cd7540c804db33c3bd6c6ce3e177f7bc8fc63ba8cecc0c726e4d6169d6b4e5ca7cb958ee95ebf1ea690baf033fd53b366c336093b8c7ee8ee5bcd3ce665668a0c09acc9ed926f0a82d39611b05c8656d4140ece6aff2da408fa34b2e694ccef476f7456c7364aa6c39371f0829fa88cf9e52658f54185265008c5e077f66cf0c6bd6723ac3082bcbe09c31fc4143f755281fc70ec144713dea227f768925b49c681e406436c7909fe59e2114dc30e97f9d0167ec436d574c094f99dfea0c565696eab6955da52dd101c1dd606616441dcaf872434d4e71c7702da401afdb5ff0644f2e1ec70a47b22d64841cd42f14cce1d2ae6665483aef5cdc06512e4d129e74a7e6dae789d7b34918d96a4b99b4e3731e8ab0fa7cd61471b1375eef28e1ccfcbfcc1e3f2aa86e3dd5afb1cc75f9f34a859e3a06732fabcdc46c892a8fcb55a0142b5060ff5bd7da9def00a25d0751f42035244106e32e093202ee1547ca1cd135d948f199e90298ba7c3f4dff7b8563634ea6a98e24e7618b3fc15ef088c94e0facb7065e4a747279c75063a5190023e9cdc0af34e0348549bd51c247aa93a2d75052b17e26b12eee43959a2a91731e0762f5fb21102ceca6ae69533276c97fafba5cb8d9e9f940986ededa0c47874730e9077b0e3ee55f544bf4bc38ffb89f90e5dbfec5d0c305ae930acee6f4be66e4cbec22e75ec8f458687932805de2ad10f7972c8f4976b9e3605fd1894924799b2af3a3347a8fd75a5c36b45c250e93cc994843c2ec582171660abffa2e14ed5609147a09f36ee9f139325c7dd29f190c8cca4b7fedf2ea50124fe04ca89d05b588e06b2e965ff00178fdc77735c4d734f83a0f74ca909a7625e4660cf449e31cdea8050e0c574ffa1442e423b9e83ebc41e492ab689df3009e6f969a26e50cae93558ee4dd202156383da6cc45d99af078a6f7afed1d6df664c32a27b4fbd49fbdf0459bcea6546a0cbcd2692f187a5373e65aa58d4963fbaec853dbf2151bd52f1e651b3efa859eafee35a918a36dc97bac1f96ca1f7181408d48b38e17c856afa7107ff3bae585152c2073836ccca74902a3c3874457256d44aa1c0ffaf414fd4b0483db52c643c35a5c37efd00f203078a8c1058c41b4cab25cf869e007160fe686b59a6c75d57305e61ffa82641b64c01ec1bc20c36e0e0d61613ab461b772e212765f4adee0b1309cf2eb1d34fc90606a42e1ef68c96bc4977c5aa8d351f5e2a6d5994c41c1d5051d47c9e0f9bf3b1dd2ad6c3a2cffbbd0c8de17046ddce65857b24726625f99b8ef51efd709280f0454eaccb7ce1056ea9aae2e4a09d024b9addacde65f70e47a0ae4449621bdd8bf8a2e9e5760d0994aac4dee927bb90a2d648f8cfed493bcfdb8dca54014c89c356cbf9fb1645cff03835ea94c8d3b8a2ae0ffdb5f693ee312d4e34730ef18a96125473112a9391abf46b1f6a1643fad4423b3f063eaf58ec07720e57f9aae61b614fe7d1beb35129d6693cf3710f827ab86e7b664d09da986fb4cb10980ece20eac6788a00b18d041fceace61772ff797b76d9ab0893be7409dbf53d7d5695e9f715bfd093e3f3092c9d62754b86fe03394e4c2b939b5002020bc8aee757caa49b5932dbabda7dc850f3b6cb73702c3b517d61c463b6632084e9b7d3010fa9731d845b52186749f7a0587fef59c92087a32fb3abcb9371e2e51c072f58f020a243e786b586c75654a76ff3e27a30055edbd9675ee5185137d7e66362d4ecdad9cc8dd2d7fff62f35397efc1a1eeb82e2b2a39dfc117ac8aa5dfd938343cf5e271dace1d4955cdf21d3a89df2bc09d18fefce3fd857cb5e5fd1875ca6104d81607e9b10d546f89cde29c79360154c9bcd6c153e902ba9b1348368f372cf09ca4474250f727e6212ae23a795489503094028ea0227e25203500c570479b18c0329b5b3ea1f1e5f670816c9dba47fcd2a453135caeb35cf1998ccab9b62674e8e89904aa61146e04775d289aac8204856320ff4fffa39030bdb2a509cdc0c2abd2d276d3f6dfb439739369795fdee783dcb9b83790841247b52c6cf09533e22cf262bd14daa386250ba59aac79564774e4b109c7b4ad2a318a729240d037d6de1e288b29c0a2de0d55ec4b956aa3fa3526055f1ff38fdf892bd2b587c6cad9edcc7305e6f1add16e871553fe13320451bf804c98b46cba4a47fcf17f1000d9a95ca31d9b4b5e5615f0924b0708462a0f057a9776afd1e82c8786bf41b95ad9e0ff298661155d5fb9aea6a6dfcbb4687ac785471db06056c933ffd571ba43a20991c959bfc2cba73fef8bb2bc11abcab614665f5ba28cf764b6e7a2421d44f66e88c941906899e87f9ef01089e0d72eac947f80cb0f41a2178b6299e9943d7ef6841f9887f00abc7082aa9d636b34f0ba439a401194800b9b7a0152cd51354846235e15a540deb342da8f0284455da3d26097577fde145886553c62259afed2f1be9a4437827254f6c699bdfef8173a9a8325fe976ffc090015a477b8c57b9e9166fe5b04418a047f03216aa47d535ce257ff7e40a3bae4ff8cd8e5d6e392341e85fe08b7f110e21f94ceec2fa6c3012f871a399379acd379837ef871245713d79bde47b4e6af44db701f7680f39802f81c196366222cf9ea5f7e7fdf1408ba4afc92535457062e58e66e79a4ad8ae0bb089ebd47354f719d2cf7f18d2d2683d0cdfe175ca00216b5575350d853620eb3355a1d3a932324fbc7c58f57b6d163c2f3e6c077e2f562cd09b5ebfe62f46e12f912cfcaf6152af171482ad4fe74052355aed8f2037a768c2ce69f0d155e07ec9936aab4589dc05ccfa538b8baca369c6b7541b8844c18dfe38dc70ea79f743622bdea43db12b302a96b937bcfcac31d7d09f9f57724357c938f2dd797bd0f7b5b1f35eb8853c1b9ab60120fe85f805f55151448e429dfe09527856f2d3b1728df8fb5cd552b527c92270fcc678d912f5812340a3657ba3965df0453252e8c39dcfaee4b44b62860be25973d4bcd85df7b12005503f39b80ffb37c9301286a79db493b17b111506645d7ed99b577243d6e1629f8a59b55722f680f09d35725995b5574c72e882eae4c16a50a232d530decbbbb2287f2dcc3a26ea54b0c2f5c3b583af470d849ce96ccdf379632050e0fdc52c282869d550a7d34044c80c93a1999a4fa7b8efaef3d63cf28ac420bbc80a5ead7135e411d5f5ce02f198fe976db0bfc3050fa3653a43", 0x1000}, {&(0x7f0000002c80)="75b3c26860855bb35da4e978335ad46df0ea0b07516a7cd1b8e8582cfbf8de64c7f0cdff322d960c476ba4b969c38adf4675d8c21e0f6ac84e26d4cb0351cf74d105df02cd5b313b7483faa121906402607e39228245546b994063f57cfdded97d9deb3cfe33827ff2fc549253b8218da0490a8bfeddee962a40fe8e31859e58a60254546e067e3f13c28a330e5353207945cb696bb4797a9a3a58914e8e117e93350e72ec167a31a5b667363aebdc29798a236156f274021dd5f81dd3c42123dc953c66a48cdbb8f5b870692a5054683d51112b0069", 0xd6}, {&(0x7f0000002d80)="a07c2083a82027eb12163149a0817b0f19a8d95b03690c4a78c1e50cee1eac3157a46734cd524dc37e5faf3bc6ab1cc6413465d036d5a2e7bca5faa398f1b15763bff7989048dc81bdd82b5e3cab580bf2f090c1eec961cf351cd04cc9c6984251d148a9866317166bf3184289d563855192e761c93b2e405f4bfd2364f839d67926af2bccb74a9bbf5c2b6bf953e5f4c30c83bbbfb4efbb52", 0x99}], 0x7, &(0x7f0000002ec0)={0xd0, 0x107, 0x10be, "418c264110804f2e33246ddefd9884fef54a7ab3c6e16702da156578b1fc31c350e6f11fde5eecd7ba1effb5fc27ab7f57b0e51dd20fbbc45ee5f119ed421c4550fe36628158081279525d0eb02dcefbea54ee1ce304591f8c3407cd77ce88cf2d0395c35502e2cc8824f93278a59fa1178948888adf55d8c782022ac340c4d35dedaa9616eabada5f5ad6d1346ef33ca274405472f0495b64d4c6d04f3c04c91b4bdcf5daa05e1dd980cd94473f6388204ac96cccf7d7fa00c3"}, 0xd0, 0x20000090}], 0x2, 0x40) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f00000008c0)={r1, 0x1, 0x6, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}}, 0x10) socketpair(0xb, 0x1, 0x80000000, &(0x7f0000003680)={0xffffffffffffffff}) execveat(r5, &(0x7f0000000880)='./file0\x00', &(0x7f0000003140)=[&(0x7f0000003040)='veth0_to_bridge\x00', &(0x7f0000003080)='/dev/sequencer\x00', &(0x7f00000030c0)='ppp1ppp1nodev-ppp1bdev\x00', &(0x7f0000003100)='/dev/sequencer\x00'], &(0x7f00000031c0)=[&(0x7f0000003180)='veth0_to_bridge\x00'], 0x1000) setsockopt$packet_drop_memb(r0, 0x107, 0x2, &(0x7f00000002c0)={r1, 0x1, 0xfffffffffffffed5, @random="925a029ee75b"}, 0xfffffffffffffebf) ioctl$sock_inet_SIOCSIFBRDADDR(r7, 0x891a, &(0x7f0000003540)={'teql0\x00', {0x2, 0x4e23, @remote={0xac, 0x14, 0x14, 0xbb}}}) 03:39:12 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) readahead(r0, 0x81, 0x930) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @broadcast=0xffffffff}, 0x10) r1 = syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x4, 0x20002) r2 = syz_genetlink_get_family_id$team(&(0x7f0000000080)='team\x00') getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000000180)={{{@in6, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast2}, 0x0, @in=@local}}, &(0x7f00000000c0)=0xe8) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000100)={'team0\x00', 0x0}) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000280)={{{@in6=@local, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@loopback}}}, &(0x7f0000000380)=0xe8) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f00000009c0)=@filter={'filter\x00', 0xe, 0x4, 0x368, 0xffffffff, 0x0, 0x120, 0x1e0, 0xffffffff, 0xffffffff, 0x2d0, 0x2d0, 0x2d0, 0xffffffff, 0x4, &(0x7f0000000400), {[{{@uncond, 0x0, 0xe0, 0x120, 0x0, {}, [@common=@socket0={0x20, 'socket\x00'}, @common=@icmp={0x28, 'icmp\x00', 0x0, {0x12, 0x0, 0x7f}}]}, @common=@inet=@LOG={0x40, 'LOG\x00', 0x0, {0x0, 0x20, "fe60ffd4dbd1d13fc5e11c14528f6f2d0cb22f37e1a62f2d0d8741647c43"}}}, {{@ip={@multicast2=0xe0000002, @multicast2=0xe0000002, 0xffffff00, 0xffffffff, 'bridge_slave_1\x00', 'veth0_to_bridge\x00', {}, {0xff}, 0x29, 0x2, 0x43}, 0x0, 0x98, 0xc0}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x7}}}, {{@ip={@loopback=0x7f000001, @local={0xac, 0x14, 0x14, 0xaa}, 0x0, 0xff, 'syzkaller1\x00', 'team_slave_0\x00', {0xff}, {0xff}, 0x77, 0x1, 0x31}, 0x0, 0xc8, 0xf0, 0x0, {}, [@common=@addrtype={0x30, 'addrtype\x00', 0x0, {0x820, 0x0, 0x1, 0x1}}]}, @REJECT={0x28, 'REJECT\x00'}}], {{[], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x0, 0xfffffffffffffffe}}}}, 0x3c8) getsockopt$inet6_mreq(0xffffffffffffff9c, 0x29, 0x1c, &(0x7f0000000700)={@ipv4={[], [], @local}, 0x0}, &(0x7f0000000740)=0x14) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000000780)={{{@in=@multicast2, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@loopback}}}, &(0x7f0000000880)=0xe8) getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f00000008c0)={{{@in6=@ipv4={[], [], @local}, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@rand_addr}, 0x0, @in6=@mcast2}}, &(0x7f00000003c0)=0x153) getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000e00)={{{@in=@multicast2, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast1}, 0x0, @in6=@dev}}, &(0x7f0000000f00)=0xe8) sendmsg$TEAM_CMD_OPTIONS_SET(r1, &(0x7f00000012c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000001280)={&(0x7f0000000f40)={0x33c, r2, 0x0, 0x70bd25, 0x25dfdbfd, {0x1}, [{{0x8, 0x1, r3}, {0x3c, 0x2, [{0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4}}}]}}, {{0x8, 0x1, r4}, {0x1a8, 0x2, [{0x38, 0x1, @lb_stats_refresh_interval={{0x24, 0x1, 'lb_stats_refresh_interval\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x3}}}, {0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x8, 0x3, 0xe}, {0x8, 0x4, 0x1300000000000}}, {0x8, 0x6, r5}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x4}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24, 0x1, 'mcast_rejoin_count\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x8}}}, {0x40, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x8, 0x3, 0x5}, {0x10, 0x4, 'roundrobin\x00'}}}, {0x3c, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x8, 0x3, 0x5}, {0xc, 0x4, 'random\x00'}}}, {0x40, 0x1, @queue_id={{{0x24, 0x1, 'queue_id\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x3}}, {0x8, 0x6}}}]}}, {{0x8, 0x1, r6}, {0x12c, 0x2, [{0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, r7}}}, {0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, r8}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x80}}}, {0x40, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x8, 0x3, 0x5}, {0x10, 0x4, 'broadcast\x00'}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, r9}}, {0x8, 0x7}}}]}}]}, 0x33c}, 0x1, 0x0, 0x0, 0x80}, 0x1) sendto$inet(r0, &(0x7f0000000140), 0x0, 0x200007ff, &(0x7f0000deaff0)={0x2, 0x4e23}, 0x10) setsockopt$sock_int(r0, 0x1, 0x9, &(0x7f0000000140), 0x4) [ 859.623900] RSP: 002b:00007f413f26ea88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 859.631637] RAX: ffffffffffffffda RBX: 00007f413f26eb30 RCX: 000000000045885a [ 859.638928] RDX: 00007f413f26ead0 RSI: 00000000200000c0 RDI: 00007f413f26eaf0 [ 859.646283] RBP: 00000000200000c0 R08: 00007f413f26eb30 R09: 00007f413f26ead0 [ 859.653551] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014 [ 859.660818] R13: 0000000000000000 R14: 00000000004d3f40 R15: 0000000000000029 03:39:12 executing program 6: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000740)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000013e95), 0x4) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000140)={0x0, @in6={{0x2, 0x0, 0x0, @mcast1={0xff, 0x1, [], 0x1}}}}, 0x98) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000140)=0xd) close(r0) 03:39:12 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020000006f786e6574302d232f70726f6300") 03:39:12 executing program 7 (fault-call:0 fault-nth:42): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010a0200027400f801", 0x17}], 0x0, &(0x7f00000001c0)) 03:39:12 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") get_thread_area(&(0x7f0000000040)={0xffffffff, 0x0, 0xffffffff, 0x8, 0x3, 0xed3, 0x6, 0x5, 0x8001}) r1 = socket$key(0xf, 0x3, 0x2) ioctl$EVIOCGMTSLOTS(r0, 0x8040450a, &(0x7f0000000000)=""/31) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000000080)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea26ca4db5d97fc8b1c572d0642060860e4f57ec6b718353533632872ce9dd14e1874a3d2b4dfef684b734f91e7abcd1d68bc0f92e8471d22ca30e95790daedf153ae725e149890fb397940ad99381ea7c504f2b7c4fa252d4a6754eba9a5b271c0ba964e6f91932e07d04480b72273a36b19ff6b1309f91e677b256bec5999030495e177136b800d030cf6c8c790b5938b40c50ccf5e9ce2a42fb599c4d96545be4e90ec4a0e13018af7d4f1a0c1c7d890acd32946bf99090658b756ee00000000"], 0x60}, 0x1}, 0x0) 03:39:12 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f00000003c0)='smaps\x00') r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000000}, 0x0, 0x7, 0xffffffffffffffff, 0x0) preadv(r0, &(0x7f0000002600)=[{&(0x7f0000001600)=""/4096, 0x3c}], 0x1, 0x0) ioctl$KVM_SET_CPUID(r1, 0x4008ae8a, &(0x7f00000000c0)=ANY=[@ANYBLOB="0366f26cbad00036f0010001000600000001800000000000000f0000008ce8000002000000930c000001010000000000000400000000000000ff0300f0000400000000000000000000"]) ioctl$EVIOCGKEY(r0, 0x80404518, &(0x7f0000000040)=""/117) [ 859.708753] device veth0_to_bridge entered promiscuous mode 03:39:12 executing program 5: r0 = getpid() sched_setattr(r0, &(0x7f0000000140)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) read(r1, &(0x7f0000fb6000)=""/28, 0x3f0) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x12, @time={0x0, 0x1c9c380}, 0x1, {0x2, 0x81}, 0x8, 0x0, 0x8}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r1, 0xc0a85320, &(0x7f0000418f50)={{0x80}, "0a4ceaa05d9a00000000000000039b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42f376589701a4", 0xa9824f69d1376637, 0x10800a}) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000240)={0xbf}) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r1, 0xc08c5336, &(0x7f0000000000)) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x0, 0x0) [ 859.779924] FAULT_INJECTION: forcing a failure. [ 859.779924] name failslab, interval 1, probability 0, space 0, times 0 [ 859.791259] CPU: 1 PID: 15252 Comm: syz-executor7 Not tainted 4.18.0-rc3-next-20180709+ #2 [ 859.800285] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 859.809679] Call Trace: [ 859.812555] dump_stack+0x1c9/0x2b4 [ 859.816222] ? dump_stack_print_info.cold.2+0x52/0x52 [ 859.821472] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 859.826518] ? bpf_prog_kallsyms_find+0xde/0x4c0 [ 859.831309] should_fail.cold.4+0xa/0x11 [ 859.835518] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 859.840744] ? perf_trace_lock+0x920/0x920 [ 859.845008] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 859.850167] ? kasan_check_read+0x11/0x20 [ 859.854350] ? rcu_is_watching+0x8c/0x150 [ 859.858537] ? lock_acquire+0x1e4/0x540 [ 859.862539] ? fs_reclaim_acquire+0x20/0x20 [ 859.867060] ? lock_downgrade+0x8f0/0x8f0 [ 859.871237] ? check_same_owner+0x340/0x340 [ 859.875579] ? check_same_owner+0x340/0x340 [ 859.880099] ? rcu_note_context_switch+0x730/0x730 [ 859.885131] ? rcu_note_context_switch+0x730/0x730 [ 859.890069] __should_failslab+0x124/0x180 [ 859.894308] should_failslab+0x9/0x14 [ 859.898638] kmem_cache_alloc+0x2af/0x760 [ 859.902793] ? __alloc_pages_nodemask+0x6e3/0xdb0 [ 859.907649] getname_kernel+0x54/0x370 [ 859.911534] kern_path+0x1e/0x40 [ 859.914890] lookup_bdev+0x10c/0x250 [ 859.918600] ? blkdev_open+0x280/0x280 [ 859.922482] ? check_same_owner+0x340/0x340 [ 859.926833] ? debug_mutex_init+0x2d/0x60 [ 859.930980] blkdev_get_by_path+0x1f/0xe0 [ 859.935134] mount_bdev+0x61/0x3e0 [ 859.938668] ? msdos_mount+0x50/0x50 [ 859.942372] msdos_mount+0x3c/0x50 [ 859.945915] ? setup+0xe0/0xe0 [ 859.949098] legacy_get_tree+0x118/0x440 [ 859.953339] vfs_get_tree+0x1cb/0x5c0 [ 859.957132] ? vfs_set_fs_source+0x12c/0x180 [ 859.961709] do_mount+0x6c1/0x1fb0 [ 859.965253] ? check_same_owner+0x340/0x340 [ 859.969562] ? lock_release+0xa30/0xa30 [ 859.973536] ? copy_mount_string+0x40/0x40 [ 859.977770] ? retint_kernel+0x10/0x10 [ 859.981650] ? __sanitizer_cov_trace_const_cmp2+0x20/0x20 [ 859.987191] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 859.993175] ? copy_mount_options+0x285/0x380 [ 859.997676] ksys_mount+0x12d/0x140 [ 860.001298] __x64_sys_mount+0xbe/0x150 [ 860.005276] do_syscall_64+0x1b9/0x820 [ 860.009162] ? finish_task_switch+0x1d3/0x870 [ 860.013657] ? syscall_return_slowpath+0x5e0/0x5e0 [ 860.018573] ? syscall_return_slowpath+0x31d/0x5e0 [ 860.023676] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 860.028778] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 860.034421] ? prepare_exit_to_usermode+0x291/0x3b0 [ 860.039512] ? perf_trace_sys_enter+0xb10/0xb10 [ 860.044368] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 860.049200] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 860.055282] RIP: 0033:0x45885a [ 860.058465] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 03:39:12 executing program 3: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snapshot\x00', 0x2000, 0x0) getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000240)={0x0, 0x94, &(0x7f0000000440)=[@in={0x2, 0x4e20, @multicast1=0xe0000001}, @in6={0xa, 0x4e23, 0xc8b, @mcast1={0xff, 0x1, [], 0x1}, 0x3}, @in6={0xa, 0x4e20, 0x100000000, @mcast2={0xff, 0x2, [], 0x1}, 0x1}, @in6={0xa, 0x4e20, 0x8, @empty, 0x2b}, @in={0x2, 0x4e24, @multicast1=0xe0000001}, @in={0x2, 0x4e20, @multicast2=0xe0000002}, @in={0x2, 0x4e23, @remote={0xac, 0x14, 0x14, 0xbb}}]}, &(0x7f00000002c0)=0x10) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000500)={r1, 0x7, 0x30}, &(0x7f0000000540)=0xc) ioctl$PPPIOCSMRU(r0, 0x40047452, &(0x7f0000000200)=0xde) r2 = socket$inet6(0xa, 0x4000000000001, 0x80000001) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r3 = syz_open_dev$ndb(&(0x7f0000000040)='/dev/nbd#\x00', 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r2, 0x84, 0x20, &(0x7f0000000080), &(0x7f00000000c0)=0x4) getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000300)={0x0, @in={{0x2, 0x4e24, @local={0xac, 0x14, 0x14, 0xaa}}}}, &(0x7f00000003c0)=0x84) ioctl$EVIOCGSW(r0, 0x8040451b, &(0x7f0000000580)=""/57) setsockopt$inet_sctp_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000400)={r4, 0x6, 0x3, 0x7f, 0x3ff, 0x81}, 0x14) ioctl$BLKBSZSET(r3, 0x40081271, &(0x7f0000000000)=0x800) r5 = syz_open_dev$midi(&(0x7f0000000100)='/dev/midi#\x00', 0x4, 0x80) getpeername$llc(r5, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @local}, &(0x7f0000000180)=0x10) 03:39:12 executing program 2: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0xfffffffffffffffe, 0x1) r1 = add_key$user(&(0x7f0000000000)='user\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a, 0x1}, &(0x7f0000000100)="8fc58133cf12279b4a9e23271184106b14b3516cf9648362fc88d7085b6fc38e1004739f5550d337d384c5d19ab6d4c6", 0x30, 0xfffffffffffffffb) r2 = add_key(&(0x7f00000001c0)='.dead\x00', &(0x7f0000000200)={0x73, 0x79, 0x7a, 0x2}, &(0x7f0000000280)="b00669dc42e06f2d4aecfc1d524cbcee9fbf8331cd83c394f548a72b4a0df7057261d45b6fe9fcb6ea98", 0x2a, 0xfffffffffffffffc) r3 = add_key$user(&(0x7f00000002c0)='user\x00', &(0x7f0000000300)={0x73, 0x79, 0x7a, 0x3}, &(0x7f0000000340)="dbe9446c811e27555f07bc44a01edf444d6cde2e98411a533887b712f6a1b4353dd59cccefdae150b5c9b2bdcd68044f1193d2b486bc4844f2aa341b4f2280a081aab60385fcd19a9d6c1090a6023854ab32cbdcb719784fd6fe8496810e09f95f5c24c3200f88c8fe8da83cf234545cc95941c75521775d0fb2d31bfc0f3a0122dabf9d61834ac65a3201bfdc779349a53c09b5ca7d6aaad5a71968fe21d3fba9fd49d26443124946420b6a479a61cc93bf551c65c6b6b1fec5724463734d2734e19bab17b2db9f752c42b5c2b698d6ebc51235707424207158601706e9b8aab2c9b86b34a263b86b1c564c33d6106310760618d0c3d90ea9fcdd1f74960569f0a5b3bca81ca734b2b5ff7f4f105a321c98b78cc86807b22306ff3113eb61db5aa10872f75a92260f54a2b94f522cdd971ec8a519aae7c238682d3b57259396079a8d0f20114d69c5900f70640fb1979de06ad0589ea0f469f268b560528c624a43995873b52dd0a46255446487319edf37993871a9158ff4bdcd25e28a74b3b0ae79b1cfb7f1df30cbf76661c4c08e853082f8871b9660545d99f42c9748b2894681bfb17f8c24c2ca7de5526d4c431f213a460757ab306c08c46c5c793e04c3405f35e19792b9c6c72c6c0154b7c622ca7a7bf7b37551b4dee84798345dc3984d2e4dd612064151001de24bd6fce045fc68dc924627742380cfa8b82c3a94c50cfedd212b329c9cb90050bec9e7d9a1c32a798d42d37cfbf9aec443986922bb0f430500f2190e1cff48dfa141364ed878f3552fe6fa52aa4121267ce4487585c368d59c1f1d489693d816370e0f2bb241cc6e06ccfe0941c18d40fc3fac8d81e24cecee7ff4fffc263708d33f96d9cf297132998e0965585c744be619bc6f737b04881352f9cb59a77b9b8de7da85468362006e17fbe38965e74689e26541383c3308f559b634cd65ee3ff664ebf4e5542238d929ce62234660fef45b66ab9f44e55a569020a9bd1445b6a1b0d5075d0407b45758f5a16c99e3297b3b56d9a0e167dcfe427acf84b59ec5be2b7d0200a103f9ca41bcdbe96a691c031ed2a6dd8ecfcc1fa5906eb72eeb17421af8cd531b2963a4d8dc31620ffe64c30bf11cba3c6e412c69e248a93dae707bdc6e54e8cd44b37924138a667c174fc959ebe81891e328f7929f656f018d55fc8d4758eb8cdc3999762dc74473b24cad3d78ffd166fd748bae01b1be4040dd515672c925396f1554f5321705fb574bf4351bf07bd79b698d2cb518b9fb15c49e12f6548d3b211d33fa15323386e2d3c1217ee120d3928311bc81c07499d64b563a790321a30d8ca7954e1f27351a4e9282c735377ead96ee07fa72c4788bc58625fa45e2397c56036c1f15678b3a2740156386b6d7b6d66b4838266d630044ee3bc9dc0a23daeff895a2cf2d1daaca5c07dd07498161b47856657fa56650bb894f61f2c717d5d724cbd5fc777b9b4890811ebc0eb3500afb3791a3f88e7bffb97bd213e634b866f5a1ba9627918446a4d8a006a2161a1ac57f66648b845e6225c53931e5806d766f1f07c2e63eaa468137220d65e969fd64cc13ca8145c47116951619c3fbdf8bb75e2bfcaa6d058475ba792dd8683e6f086e034e174edbf88d2a83f3696e2ccb50877f5f5adb2191a9e7877c18f611bd3c5042abc50b9d19e1d14d3022ec4299500fc5c38201d9d28b03c8fbe66e8ffb0b9c944a455f3eee8d285c965fa8b14724f76c52cf39c472de43956dc0e7c190a9fd3779bce226c80e1b9baa0919d725ee672cc28b55aa8927537c02193e2ccf49aec96f341b5da02e47fbc35c6cba3add46b988c606654417effa0136ac712b6744749211bc313cf866897cc11567a863f0d8fe3cdcb7f63a0f5472f54e11b6a86f713f4cc556437222dba0a8a50fe55c825b4fcff4a06181f76b17c0b44c8d1bff8ebef1d256ec607a0475288e4d0ed541fd75da7faa887c07b1d055323d0cf499a7d43a59de8160e30f61fb1c1cb7941bf86acb2e9da45278139b854d97245defedee61e7301e1ff1407308f42fab346a17871f78584b565ad11f962061cd4851c08404c3de2a28fdccee345583e4f13eb49a469daa3223a819d86efb113e74d910264de4fd6384d59722a9e104f48abe2f6bff9eb6e8e98dfcbb7e9c9ce9e17028a05b62a001c4a1569ea526cad46497cef1a54f69ef23f67d32410902a841d7b97e0152cbeb6a1135dd3ab3037597875adc1d4be372515ced3f5377ecd3f09c1646623d21a63204ec5e96cf3d094c4b3e9f5cf68fb24b50292422095a873cc10101b61faf29b1e3e9332e958b7158f1fc05398c1ae76e7e3613287999484567e4f604557f63034e1a97040d9832adaf2fce66bfa0835900eab1771637e137fb8084ee2991c26a8baaf81cf3c3064464b2d32d0b2db25541fea55c72f19477473498cde3e96ee06c73941a76ac182c734e6bf2094753e5a12ba45672c58b52f58ccbe82196385da69c83479bc662c5f3396a026f75a74a0c51af18ba9f4145cd6af5769cb898b937bd1fa7c035edf9a733aaa135342c048c9c3c0c3521d670f9e21350e43df718808cdcdbf25127a0ae2a88b7c5c4aa2fff7ef6c4fc43ac72ce0016bf4414f28ded07f7592a9dda3b1d5fa29c0cc748f9ae06059cc39f87b716bb73baba96befa46138590dc4438cef54ac8071c64c719ace420e0a0c0f2b6cd830dc16bc8124df7faf8289021fd391e6521d2bb4cb97357c110e516c441a21fee7b93bc0312a535a1925786fb9463934b4f788f8b12bad5a26aac6880df06d223a3a583f88d2d5ab72733aa80c7d575bd0e18786b6675913dc9c75882a1b1d34888c4d08ba837f40326c1722a59a74b5f58fa85c6e8b1704221d0dec02452b2e29b52328d95988a805aa44866d4ab5c55896dcee70ef28a565340098e7d3eba2c376e80605d2ad17bd092901a1314249428b1fb1660a03158fbd7ed30c501b0d5786cb528497fc62228d8c9f1ce6ba239ffb4752dfe7f8aa88593f5147e4a63bdbb043d0e8ce9504dac2b6697041e850760c324aabab47779558f9384861088734b1ad307ced84f8a1fd3e316577910aaa159a4dd1a6f3b364d6f146312995065c75ef4617fbd5fb658e0231f118ce1be4b71226f4e62cf59c39bb20e37556594016f28b93cf6a409d1ff37dad9d002d75c2fbf6a660c646de0a1ccf2c52fba6cc16497dc6fb5902842d7608b3050e1a1ae486554e5a921a67a3df954615527cf4e818b4830745b685e1494e50489048610a67fe5e3d6972fdccc96dcde1bdff5236d573dc87b661f71caec22baf08d251e41b5d345ff5575d242571c6c08a1ef7c4a473374073cb49f969d4ff6b93a1bd7e8e25c7256d1763be2770a369bd597b09c6d0de6353caa5045c8e20d257d0e5ff038691219858d5ae14d3d07fe01995844011bc23b41545447e0ba25343a102a11de7e36ce57454e1c179089267a2669e56d976b0776338f780def9e2ff9f201d4263c5b2dc365531b7faad7274755780508e06a957655ea9fdfeadc2da02d9c1dd3f0d2e9dbc4e972bf2a90a7541098c8f7d2b85d075c9570c2ca2ce495db3f7db1514fc676a10e589ca22d4f3f5c346b4b77fa1a4ab4fe01388db7f5a07748dd0d9e030617c515c79574ecd7aca72b939f0d123d8dbe63874c5db253d9ee0d9bd9beb259b930e7c94c8dd38e3916eaefcc5e0b3a027c37446cb1c3b868f9e902112fe4e4495e857e57c1a1a89bd56d0a7578f5fdd62b1b83484bb593f05e057f847b00718c90ea59d44621c751b57cdf509694e394551feafc61512b922a4a535b62bcf4943c2c4178a5bbd50ab37de03a28fefdf07f1d180ee5fb2b607adbdf126b16f6affbc6858c8b3902edb4f73ee2b226ac7b7090bab284c95d2fa8189db0c395e20ecbe57d2465fa65a0ec486f25a2c82273fb98cd8817a4a051f5693da61142f49455ccaad4d5647c495d3a33df300eaf7dcf813177ad2e0e0d8bce57da99dac9730d4fb01070e31d89a2e671964a95a70fe8c54ca16f44eeae09d6ebfe061a76aa6d5f3079128d6cc09a53a57748734382fb0848547cdeb52fe75e4f43b1072ce17db93199ce07eb87b67b754b41a4404ca77319635c4aa52eab7cecf0594e8c2db3f7b1602667958913cb5dbc4cf76791fd5ad67b8e36afed6ff632b39695e959669877066869f31b0f759187cf69f9a933d3ca916e5ff6f0e29b603cac7ecf742b6295224480d0c3101648edf9a153a0ff418f689ab0b7114ca530a8f5cbab39d551def7b982cbf687ed1ab972fed6366213c537499a3475cbfe27ee5c702067c217b05d113e1ec7bbdbd7d41119b92724cdd99973055d6f4a3160703a5ed214d0ea00dc4fd576648691d638452e501f5ead2f9aed9d844a25c0ba616933706cf95a8577311799fe47d1cdbeb76321d240de22faa6f62247ff1805f6c70feae49053a5ea82cc1e116452a9c73dcb51e1df7ef2be51c3a763d09388144e48bb05616f098e4f33f74c5a3f1cfa0296dc4a903a440e127a418496afa41b6fa6b19779c7a7644f1d6fc5d75fc390bed0976691ab0529ca20d1ec051186c16bb3b3572eb22a8c3217facc5eec11d831aa54fb8faeabe1d8d8712fc8909bc4ed6b2de48b5915d58a61026d8e2cf6c63cd95f0159bf4e3f48e514f541da487c7566921363a48c6bf31fa5e7f3ab384fec5a60a084da2595593c9e98a39aed43eb08c8b5eea95a64d376f2126688141296e6da42a58a9c85a5ac041e7c23419acd273d1c04dbd19594523e719395e55c298ba66b04c6e39d1bd1688e688577df01abf8769febb3f85e223f7f8133f73605768cb965c2cb521990daa9e0bc2d43a1073f5f308f8e63a26e4d4a494129d2a9f557a4caae1078d33ee20022463d221479414aaac0b4579b7e3bdbd73c27ed8eb229aca0c11b2343044c572326a27497ebb21420c244d330b5a887677a5cc866ab005bcb481686d7d846a6484adc6a27bed707f3410fd2486d6185fb264ce8bc55fc2a3f62d5a40c394e7263c0df8c5b2633c59ad0c6b6a93b00246ad36118e66e10c6e62d35fbcae910878354e8e5cdbccf8c031afc6a162a00afafeb87e7e43fa9c8f67e12f4158b873fb796300add4220af948381560770a28b0c97ddb499a45e9f30ca131b30c9c7096fba8342cc4af36882b524f4db3a9924693f5989f8bad31c44788526fdbc928ab1e2a33295d88a5da3669f1a278ff4603bb7f47271f2269e0c602a7b0126b9730a03a292051a6150ff4f26418f6c3d29d2f005f586354c8228cdbb5a4ebec63bf3dd32eefc7997ba0045ab9df06116b1aacdeedf40e9cc919312819597d818781bf08fab1022b162cad4d665b9ce24a1e66545df0003096842384f214d89f1f835a041bc8f6dec75f1e6c624c17cfe25d127519d5df28cc5719ffa90d77b280535f095cdcc99c63f7810b96712c5b56e74942d1a8f22b75e3baffbd4428859c93f4ab07552112434210c549c5617f8156bae5d6ce43d43796fe3c3ca3b1c66e4665413521b2bb7c144bc35073ad5b1bbb5a7096f9c2dea7843a84a7d317ad23cbe57824592c16fc2c69edc589cf0cef812c6f43a196f1b30e740eb44c62cae71847c51c29aae0f2b79def5becd3f974c08f060cc1eac856617e2ed4213f8faa6ae4ad006a07eabeb6edcc51a7d8e3d486eeb1337648832fd7ccb98c42eca0bf66dd8108fe78048fd2122752303e42262b944c239a068c67c10da4da9a49bcf47e724875a58424eb329f6", 0x1000, 0xfffffffffffffffc) keyctl$dh_compute(0x17, &(0x7f0000001340)={r1, r2, r3}, &(0x7f0000001380)=""/4096, 0x1000, &(0x7f00000023c0)={&(0x7f0000002380)={'sha256-ssse3\x00'}}) getegid() ioctl(r0, 0x2fcc, &(0x7f00000000c0)="295ee1311f16f477671070") getsockopt$bt_BT_FLUSHABLE(r0, 0x112, 0x8, &(0x7f0000002640)=0x8, &(0x7f0000002680)=0x4) r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000002700)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000026c0), 0x106, 0xe}}, 0x20) setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000002400)={0x8, {{0xa, 0x4e22, 0x1f, @remote={0xfe, 0x80, [], 0xbb}, 0x20}}, 0x1, 0x3, [{{0xa, 0x4e22, 0x1, @remote={0xfe, 0x80, [], 0xbb}, 0xfffffffffffff15f}}, {{0xa, 0x4e22, 0xffffffffffffffff, @ipv4={[], [0xff, 0xff], @multicast2=0xe0000002}}}, {{0xa, 0x4e20, 0x7, @empty, 0xc7}}]}, 0x210) shmget$private(0x0, 0x1000, 0x269, &(0x7f0000ffe000/0x1000)=nil) write$RDMA_USER_CM_CMD_DISCONNECT(r4, &(0x7f0000000240)={0xa, 0x4, 0xfa00}, 0xc) 03:39:12 executing program 3: r0 = timerfd_create(0x0, 0x0) clock_gettime(0x0, &(0x7f0000000000)={0x0, 0x0}) clock_gettime(0x0, &(0x7f0000000080)) clock_gettime(0x7, &(0x7f0000000140)={0x0, 0x0}) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'team0\x00', 0x0}) sendmsg$xdp(r0, &(0x7f0000000440)={&(0x7f00000001c0)={0x2c, 0x6, r5, 0x1a}, 0x10, &(0x7f0000000400)=[{&(0x7f0000000200)="4a4a123f6e6fa38692d040835c34472cd72817e4ca98d4fb64bd8923245726259ecdc5618b15af9150b1fbc62d7fec239dbeb78bae57e7d01b4f3a857011f6b45db480613bf4525eb09e9a2cfeedb76c0bbbe731644fa264cc6aa89df472303b32d0d4f3a3651f3554bf3b2975f22650a00489fab2e009345d1f3418e46a8cde15277a6d94fb704297424948daff01d8c38dcd57adda96b0d93c9f96e659a21469fc18b3ea58e3fb9cc5a7b7665d6d120cfcc3b1e45f9db310d70191072962aa24365227ab0fe670f462e9571afc0b69a4078df29e9df466feb00e1f7c2dd4e48a9edd754fc64021f6d07b4c290e", 0xee}, {&(0x7f0000000300)="32808a072f5448093a342c1e28b3bb07ef9b06418d5e494c92951eba3efc3c592569b003e47cb48459e70ba8d47fa63df5d027264a618f2dcbc9641d091b404956e2dbcd19a4968889ae5d029505548c137f4b1391916697636ee975ab42584c0b7a8234382bc29425dd7e71f1d775b08cc3292c9f1ebd4f45303eb0dbd972302b1f8c7f1ddeeaf267bef55016d9beb1cae3163e306c66c80707439392a336558aa55f4a5288bd6daaca1721b3983c1ade69249ee565f0f558389c52e1096d952bd0fdca12c0bb56261c3c85b4f1ab3abfd06ecf0f65e4010d97a8a83d0d24e798ecddffb28b4aebc771cf64886170aac75ba5873f0d4ce30417da95", 0xfc}], 0x2, 0x0, 0x0, 0x40004}, 0x0) timerfd_settime(r0, 0x3, &(0x7f0000000100)={{r3, r4+10000000}, {r1, r2+30000000}}, &(0x7f0000000040)) timerfd_gettime(r0, &(0x7f00000000c0)) 03:39:13 executing program 7 (fault-call:0 fault-nth:43): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010a0200027400f801", 0x17}], 0x0, &(0x7f00000001c0)) [ 860.078559] RSP: 002b:00007f413f26ea88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 860.086259] RAX: ffffffffffffffda RBX: 00007f413f26eb30 RCX: 000000000045885a [ 860.093526] RDX: 00007f413f26ead0 RSI: 00000000200000c0 RDI: 00007f413f26eaf0 [ 860.100879] RBP: 00000000200000c0 R08: 00007f413f26eb30 R09: 00007f413f26ead0 [ 860.108146] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014 [ 860.115402] R13: 0000000000000000 R14: 00000000004d3f40 R15: 000000000000002a 03:39:13 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = shmget(0x2, 0x9000, 0x78000400, &(0x7f0000ff5000/0x9000)=nil) shmctl$SHM_STAT(r1, 0xd, &(0x7f00000002c0)=""/4096) r2 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r2, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x0) 03:39:13 executing program 3: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='securitywlan0systemtrusted\x00', 0xffffffffffffff9c}, 0x10) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000180)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000140), 0x106, 0x100f}}, 0x20) r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_RESOLVE_IP(r1, &(0x7f0000000000)={0x3, 0x40, 0xfa00, {{0x2, 0x0, 0x0, @remote={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000], 0xbb}}, {0x2, 0x0, 0x0, @local={0xfe, 0x80, [], 0xaa}}}}, 0x48) [ 860.173187] device veth0_to_bridge left promiscuous mode [ 860.182089] FAULT_INJECTION: forcing a failure. [ 860.182089] name failslab, interval 1, probability 0, space 0, times 0 [ 860.193879] CPU: 1 PID: 15286 Comm: syz-executor7 Not tainted 4.18.0-rc3-next-20180709+ #2 [ 860.202499] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 860.211865] Call Trace: [ 860.214524] dump_stack+0x1c9/0x2b4 [ 860.218164] ? dump_stack_print_info.cold.2+0x52/0x52 [ 860.223455] ? __kernel_text_address+0xd/0x40 [ 860.228404] should_fail.cold.4+0xa/0x11 [ 860.232477] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 860.237579] ? save_stack+0xa9/0xd0 [ 860.241228] ? save_stack+0x43/0xd0 [ 860.244946] ? kasan_kmalloc+0xc4/0xe0 [ 860.248823] ? __kmalloc_track_caller+0x14a/0x760 [ 860.253656] ? kmemdup_nul+0x31/0xa0 [ 860.258313] ? vfs_set_fs_source+0x67/0x180 [ 860.262627] ? ksys_mount+0x12d/0x140 [ 860.266413] ? __x64_sys_mount+0xbe/0x150 [ 860.270577] ? do_syscall_64+0x1b9/0x820 [ 860.274647] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 860.280001] ? do_syscall_64+0x1b9/0x820 [ 860.284069] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 860.289436] ? trace_hardirqs_off+0xd/0x10 [ 860.293673] ? quarantine_put+0x10d/0x1b0 [ 860.297823] ? lock_acquire+0x1e4/0x540 [ 860.301789] ? fs_reclaim_acquire+0x20/0x20 [ 860.306200] ? lock_downgrade+0x8f0/0x8f0 [ 860.310335] ? lock_downgrade+0x8f0/0x8f0 [ 860.314476] ? lock_release+0xa30/0xa30 [ 860.318541] ? check_same_owner+0x340/0x340 [ 860.322849] ? check_same_owner+0x340/0x340 [ 860.327159] ? debug_mutex_init+0x2d/0x60 [ 860.331308] ? rcu_note_context_switch+0x730/0x730 [ 860.336234] __should_failslab+0x124/0x180 [ 860.340476] should_failslab+0x9/0x14 [ 860.344278] __kmalloc_track_caller+0x2c4/0x760 [ 860.348936] ? __kmalloc_track_caller+0x311/0x760 [ 860.353769] ? legacy_parse_monolithic+0xc1/0x1d0 [ 860.358606] kmemdup+0x24/0x50 [ 860.361788] legacy_parse_monolithic+0xc1/0x1d0 [ 860.366456] ? vfs_set_fs_source+0x12c/0x180 [ 860.370853] ? legacy_validate+0x210/0x210 [ 860.375075] do_mount+0x69e/0x1fb0 [ 860.378608] ? kasan_check_write+0x14/0x20 [ 860.382844] ? copy_mount_string+0x40/0x40 [ 860.387079] ? kasan_kmalloc+0xc4/0xe0 [ 860.390960] ? kmem_cache_alloc_trace+0x318/0x780 [ 860.396169] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 860.401701] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 860.407225] ? copy_mount_options+0x285/0x380 [ 860.411712] ksys_mount+0x12d/0x140 [ 860.415345] __x64_sys_mount+0xbe/0x150 [ 860.419313] do_syscall_64+0x1b9/0x820 [ 860.423203] ? syscall_slow_exit_work+0x500/0x500 [ 860.428045] ? syscall_return_slowpath+0x5e0/0x5e0 [ 860.432963] ? syscall_return_slowpath+0x31d/0x5e0 [ 860.437894] ? prepare_exit_to_usermode+0x291/0x3b0 [ 860.442913] ? perf_trace_sys_enter+0xb10/0xb10 [ 860.447580] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 860.452432] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 860.457695] RIP: 0033:0x45885a 03:39:13 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020000006f786e6574302d232f70726f6300") [ 860.460872] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 860.480239] RSP: 002b:00007f413f26ea88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 860.487938] RAX: ffffffffffffffda RBX: 00007f413f26eb30 RCX: 000000000045885a [ 860.495215] RDX: 00007f413f26ead0 RSI: 00000000200000c0 RDI: 00007f413f26eaf0 [ 860.502472] RBP: 00000000200000c0 R08: 00007f413f26eb30 R09: 00007f413f26ead0 [ 860.509727] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014 [ 860.516986] R13: 0000000000000000 R14: 00000000004d3f40 R15: 000000000000002b 03:39:13 executing program 1: uname(&(0x7f0000000100)=""/51) 03:39:13 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x2) r1 = getpgrp(0xffffffffffffffff) setpriority(0x1, r1, 0xfffffffffffeffff) ioctl$SG_GET_VERSION_NUM(r0, 0x2282, &(0x7f0000000180)) ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f0000000300)={0x53, 0xffffffffffffffff, 0xfffffca4, 0x0, @buffer={0x0, 0xe9, &(0x7f0000000080)=""/233}, &(0x7f0000000200), &(0x7f0000000240)=""/126, 0x0, 0x0, 0x0, &(0x7f00000002c0)}) write$binfmt_elf64(r0, &(0x7f0000000300)=ANY=[], 0x33) read(r0, &(0x7f0000000000)=""/42, 0x2a) 03:39:13 executing program 0: socket$inet6(0xa, 0x1000000000002, 0x0) r0 = socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8915, &(0x7f0000000000)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x0) 03:39:13 executing program 7 (fault-call:0 fault-nth:44): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010a0200027400f801", 0x17}], 0x0, &(0x7f00000001c0)) 03:39:13 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020000006f786e6574302d232f70726f6300") 03:39:13 executing program 1: r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x0, 0x0) ioctl$TCSETA(r0, 0x5406, &(0x7f0000000040)={0x28d2, 0x1, 0x20, 0x7, 0x101, 0x7, 0xfffffffffffffffe, 0x100, 0xffffffff, 0x2}) r1 = socket$packet(0x11, 0x3, 0x300) getsockopt$packet_int(r1, 0x107, 0xa, &(0x7f0000000080), &(0x7f00000000c0)=0x4) 03:39:13 executing program 6: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000740)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000013e95), 0x4) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000140)={0x0, @in6={{0x2, 0x0, 0x0, @mcast1={0xff, 0x1, [], 0x1}}}}, 0x98) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000140)=0xd) close(r0) 03:39:13 executing program 0: r0 = syz_open_dev$midi(&(0x7f0000000040)='/dev/midi#\x00', 0x4, 0x4620c0) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffff9c, 0x84, 0x7b, &(0x7f0000000080)={0x0, 0x1}, &(0x7f00000000c0)=0x8) setsockopt$inet_sctp6_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000100)={r1, 0x7fff, 0x5, 0x4}, 0x10) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r2, 0x8912, &(0x7f0000000000)="025cc88300345f8f767f7f9d35db3cb15a9f4aaae11e992070") r3 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r3, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x0) [ 860.719795] FAULT_INJECTION: forcing a failure. [ 860.719795] name failslab, interval 1, probability 0, space 0, times 0 [ 860.731219] CPU: 1 PID: 15320 Comm: syz-executor7 Not tainted 4.18.0-rc3-next-20180709+ #2 [ 860.739627] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 860.748988] Call Trace: [ 860.751599] dump_stack+0x1c9/0x2b4 [ 860.755272] ? dump_stack_print_info.cold.2+0x52/0x52 [ 860.760582] should_fail.cold.4+0xa/0x11 [ 860.765348] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 860.771069] ? lock_release+0xa30/0xa30 [ 860.775055] ? perf_trace_lock_acquire+0xeb/0x9a0 [ 860.779903] ? trace_hardirqs_on+0x10/0x10 [ 860.784162] ? perf_trace_lock+0x920/0x920 [ 860.788403] ? blkdev_get+0x5f2/0xb50 [ 860.792214] ? lock_acquire+0x1e4/0x540 [ 860.796278] ? fs_reclaim_acquire+0x20/0x20 [ 860.800622] ? lock_downgrade+0x8f0/0x8f0 [ 860.804869] ? check_same_owner+0x340/0x340 [ 860.809195] ? perf_trace_lock+0x920/0x920 [ 860.813432] ? rcu_note_context_switch+0x730/0x730 [ 860.818373] __should_failslab+0x124/0x180 [ 860.822632] should_failslab+0x9/0x14 [ 860.827351] kmem_cache_alloc_trace+0x2cb/0x780 [ 860.832029] ? perf_trace_lock_acquire+0xeb/0x9a0 [ 860.837063] ? rcu_note_context_switch+0x730/0x730 [ 860.842003] alloc_super+0xd4/0xb10 [ 860.845640] ? destroy_unused_super.part.11+0x110/0x110 [ 860.851197] ? sget_userns+0x17c/0x860 [ 860.855107] ? lock_downgrade+0x8f0/0x8f0 [ 860.859294] ? kasan_check_read+0x11/0x20 [ 860.863464] ? do_raw_spin_unlock+0xa7/0x2f0 [ 860.867878] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 860.872475] ? kasan_check_write+0x14/0x20 [ 860.876717] ? do_raw_spin_lock+0xc1/0x200 [ 860.882360] sget_userns+0x276/0x860 [ 860.886088] ? kill_litter_super+0x60/0x60 [ 860.890337] ? test_single_super+0x10/0x10 [ 860.894579] ? vfs_get_super+0x270/0x270 [ 860.898647] ? kasan_check_read+0x11/0x20 [ 860.902817] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 860.907430] ? kasan_check_write+0x14/0x20 [ 860.911698] ? do_raw_spin_lock+0xc1/0x200 [ 860.915998] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 860.921570] ? ns_capable_common+0x13f/0x170 [ 860.925989] ? kill_litter_super+0x60/0x60 [ 860.930279] sget+0x10b/0x150 [ 860.933429] ? test_single_super+0x10/0x10 [ 860.937699] mount_bdev+0x115/0x3e0 [ 860.941341] ? msdos_mount+0x50/0x50 [ 860.945072] msdos_mount+0x3c/0x50 [ 860.948644] ? setup+0xe0/0xe0 [ 860.951989] legacy_get_tree+0x118/0x440 [ 860.956062] vfs_get_tree+0x1cb/0x5c0 [ 860.959964] ? vfs_set_fs_source+0x12c/0x180 [ 860.964381] do_mount+0x6c1/0x1fb0 [ 860.967924] ? check_same_owner+0x340/0x340 [ 860.972246] ? lock_release+0xa30/0xa30 [ 860.976234] ? copy_mount_string+0x40/0x40 [ 860.980479] ? retint_kernel+0x10/0x10 [ 860.984384] ? __sanitizer_cov_trace_const_cmp2+0x20/0x20 [ 860.989933] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 860.995493] ? copy_mount_options+0x285/0x380 [ 861.000033] ksys_mount+0x12d/0x140 [ 861.003668] __x64_sys_mount+0xbe/0x150 [ 861.007650] do_syscall_64+0x1b9/0x820 [ 861.011556] ? syscall_return_slowpath+0x5e0/0x5e0 [ 861.016491] ? syscall_return_slowpath+0x31d/0x5e0 [ 861.021432] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 861.026460] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 861.032006] ? prepare_exit_to_usermode+0x291/0x3b0 [ 861.037028] ? perf_trace_sys_enter+0xb10/0xb10 [ 861.041703] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 861.046560] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 861.051846] RIP: 0033:0x45885a 03:39:14 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x20000000000, &(0x7f0000000180)="000000000000e736c934d2eda704d5b03e6b49cf80850cd92100") r1 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffa000/0x4000)=nil) shmat(r1, &(0x7f0000ffb000/0x4000)=nil, 0x6ffd) msync(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x6) gettid() r2 = getpgid(0xffffffffffffffff) getsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000000), &(0x7f0000000100)=0x8) r3 = syz_open_procfs(r2, &(0x7f0000000080)='net/ip_vs_sta|s_pxrcpu\x00') setsockopt$bt_hci_HCI_TIME_STAMP(r3, 0x0, 0x3, &(0x7f0000000040)=0x8, 0x4) 03:39:14 executing program 3: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = memfd_create(&(0x7f0000000040)="00000600000000000000", 0x0) write$binfmt_elf64(r1, &(0x7f00000002c0)=ANY=[@ANYBLOB="7f454c4600000000000000000000000003003e00000000006f020000000000004000000000000000000000000000000000000000000038000300000000000000000000000000000000a9000000000000ff07000000000000040000000000000000000000000000000000000000891f6ce000000000000000"], 0x78) getsockopt$inet6_dccp_buf(r0, 0x21, 0xd, &(0x7f00000000c0)=""/52, &(0x7f0000000140)=0x34) sendfile(r1, r1, &(0x7f0000000080), 0xfba) execveat(r1, &(0x7f0000000000)='\x00', &(0x7f0000000280), &(0x7f0000000500), 0x1000) [ 861.055028] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 861.074447] RSP: 002b:00007f413f26ea88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 861.082161] RAX: ffffffffffffffda RBX: 00007f413f26eb30 RCX: 000000000045885a [ 861.089434] RDX: 00007f413f26ead0 RSI: 00000000200000c0 RDI: 00007f413f26eaf0 [ 861.096705] RBP: 00000000200000c0 R08: 00007f413f26eb30 R09: 00007f413f26ead0 [ 861.104148] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014 [ 861.111419] R13: 0000000000000000 R14: 00000000004d3f40 R15: 000000000000002c 03:39:14 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020000006f786e6574302d232f70726f6300") 03:39:14 executing program 7 (fault-call:0 fault-nth:45): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010a0200027400f801", 0x17}], 0x0, &(0x7f00000001c0)) 03:39:14 executing program 1: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000)='/dev/net/tun\x00', 0x0, 0x0) io_setup(0xfe, &(0x7f0000000080)=0x0) mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) mount(&(0x7f000000a000)='./file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='configfs\x00', 0x0, &(0x7f0000000040)) utimes(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={{0x0, 0x2710}, {0x77359400}}) r2 = fcntl$dupfd(r0, 0x406, r0) setns(r2, 0x2000000) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)}, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x3, 0xfff, r0, &(0x7f0000000400)="ee1016341071c4214e477e6f87c27fbcea4ca0ca83b7b6b03b319d3c78d8ab30b70d004d2a16ad2e69f6ddc59bcba0a09ec3094cda9392c37b55f2eb332c59a9805e1c48afabecdfecb79f0361fe4fba891db7f77424b972768989dccd56947c0930e902cceea3f39fabbb2a37f5ca3a2429c923375dc72dbcc86ad55c034369371e7c4bad64995e0415d54b18f976ef48252b29b1115a98ec0ef487bd1a89c42faf6897f40b3e18663ef16deddbafb299f11316383d2c5b4dd11d433a9da6913a29700595a18d512ec7c1dd4b5eb16c2a29df192c75d8f73db52c48a0de225e0b49209acc60c83bb04fd6329f172058a77baa137e4f", 0xf6, 0x1f}, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x7, 0x7, 0xffffffffffffffff, &(0x7f0000001680)="9ece6a6bd5a9184c3d50009cd5956c02b0cab4d016967a1916a2767496f3445c1b14ebe9982121ce731dbff941cc2905f43e1bf8274bcf46d431d217a8820573a0edc3ce901e27e6e02cb90e3b717d074a9adf6b24cbc1f46870fe3e9aac298a25bc6be93934547540069b5b2f7d02d94b92352c5d5c5275e248be69d1fdd2e4b33c52d9c703f06b9dc01aeb7c5f5c49356bc275d6c885c78b18e30e4d388964f2bad2b74c0cddf8ac3afd39fa578c77df12", 0xb2, 0x7}]) 03:39:14 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) r2 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x7fffffff, 0x200) ioctl$ASHMEM_SET_NAME(r2, 0x41007701, &(0x7f0000000040)='ppp1/wlan0keyringvmnet1}}md5sum\x00') sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x0) [ 861.212573] FAULT_INJECTION: forcing a failure. [ 861.212573] name failslab, interval 1, probability 0, space 0, times 0 [ 861.224104] CPU: 0 PID: 15343 Comm: syz-executor7 Not tainted 4.18.0-rc3-next-20180709+ #2 [ 861.232632] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 861.242058] Call Trace: [ 861.244662] dump_stack+0x1c9/0x2b4 [ 861.248299] ? dump_stack_print_info.cold.2+0x52/0x52 [ 861.253509] ? kasan_check_write+0x14/0x20 [ 861.257771] should_fail.cold.4+0xa/0x11 [ 861.261838] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 861.267928] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 861.272966] ? kasan_check_read+0x11/0x20 [ 861.277127] ? do_raw_spin_unlock+0xa7/0x2f0 [ 861.281587] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 861.286173] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 861.291192] ? find_next_bit+0x104/0x130 [ 861.295292] ? cpumask_next+0x24/0x30 [ 861.299120] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 861.304667] ? lock_acquire+0x1e4/0x540 [ 861.308658] ? fs_reclaim_acquire+0x20/0x20 [ 861.313593] ? lock_downgrade+0x8f0/0x8f0 [ 861.317749] ? check_same_owner+0x340/0x340 [ 861.322075] ? rcu_note_context_switch+0x730/0x730 [ 861.327198] __should_failslab+0x124/0x180 [ 861.331437] should_failslab+0x9/0x14 [ 861.335239] __kmalloc+0x2c8/0x760 [ 861.338778] ? __init_rwsem+0x1cc/0x2a0 [ 861.342752] ? do_raw_write_unlock.cold.8+0x49/0x49 [ 861.347786] ? prealloc_shrinker+0x124/0x450 [ 861.352198] prealloc_shrinker+0x124/0x450 [ 861.356448] ? inactive_list_is_low+0x850/0x850 [ 861.361125] ? __lockdep_init_map+0x105/0x590 [ 861.365628] alloc_super+0x8dd/0xb10 [ 861.369349] ? destroy_unused_super.part.11+0x110/0x110 [ 861.374728] ? lock_downgrade+0x8f0/0x8f0 [ 861.378881] ? kasan_check_read+0x11/0x20 [ 861.383036] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 861.387795] ? kasan_check_write+0x14/0x20 [ 861.392129] ? do_raw_spin_lock+0xc1/0x200 [ 861.396370] sget_userns+0x276/0x860 [ 861.400096] ? kill_litter_super+0x60/0x60 [ 861.404770] ? test_single_super+0x10/0x10 [ 861.409018] ? vfs_get_super+0x270/0x270 [ 861.413092] ? kasan_check_read+0x11/0x20 [ 861.417335] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 861.421919] ? kasan_check_write+0x14/0x20 [ 861.426157] ? do_raw_spin_lock+0xc1/0x200 [ 861.430413] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 861.435950] ? ns_capable_common+0x13f/0x170 [ 861.440367] ? kill_litter_super+0x60/0x60 [ 861.444599] sget+0x10b/0x150 [ 861.447707] ? test_single_super+0x10/0x10 [ 861.451962] mount_bdev+0x115/0x3e0 [ 861.455597] ? msdos_mount+0x50/0x50 [ 861.459347] msdos_mount+0x3c/0x50 [ 861.462888] ? setup+0xe0/0xe0 [ 861.466083] legacy_get_tree+0x118/0x440 [ 861.470234] vfs_get_tree+0x1cb/0x5c0 [ 861.474035] ? vfs_set_fs_source+0x12c/0x180 [ 861.478443] do_mount+0x6c1/0x1fb0 [ 861.481984] ? check_same_owner+0x340/0x340 [ 861.486310] ? lock_release+0xa30/0xa30 [ 861.490372] ? copy_mount_string+0x40/0x40 [ 861.495131] ? retint_kernel+0x10/0x10 [ 861.499029] ? copy_mount_options+0x1f0/0x380 [ 861.503697] ? copy_mount_options+0x1f6/0x380 [ 861.508198] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 861.513735] ? copy_mount_options+0x285/0x380 [ 861.518243] ksys_mount+0x12d/0x140 [ 861.521889] __x64_sys_mount+0xbe/0x150 [ 861.525865] do_syscall_64+0x1b9/0x820 [ 861.529749] ? finish_task_switch+0x1d3/0x870 [ 861.534247] ? syscall_return_slowpath+0x5e0/0x5e0 [ 861.539187] ? syscall_return_slowpath+0x31d/0x5e0 [ 861.544117] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 861.549134] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 861.554684] ? prepare_exit_to_usermode+0x291/0x3b0 [ 861.559701] ? perf_trace_sys_enter+0xb10/0xb10 [ 861.564371] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 861.569220] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 861.574490] RIP: 0033:0x45885a [ 861.577670] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 861.598023] RSP: 002b:00007f413f26ea88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 861.605729] RAX: ffffffffffffffda RBX: 00007f413f26eb30 RCX: 000000000045885a 03:39:14 executing program 3: r0 = socket$inet6(0xa, 0x1, 0x7ffdfffd) bind$inet6(r0, &(0x7f00004c0000)={0xa, 0x3, 0x0, @ipv4={[], [0xff, 0xff]}}, 0x1c) listen(r0, 0x6) r1 = socket$inet6_sctp(0xa, 0x4000000000000001, 0x84) sendto$inet6(r1, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x3, 0x0, @loopback={0x0, 0x1}}, 0x1c) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000b20000)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x2}]}, 0x10) close(r0) shutdown(r1, 0x100000000000002) 03:39:14 executing program 5: mkdir(&(0x7f0000000240)='./file0\x00', 0x81) r0 = syz_fuse_mount(&(0x7f0000000380)='./file0\x00', 0x4000, 0x0, 0x0, 0x0, 0x0) syz_fuse_mount(&(0x7f0000000140)='./file0/file0\x00', 0x0, 0x0, 0x0, 0x401, 0x1) umount2(&(0x7f0000000040)='./file0/file0\x00', 0x1008) sched_setaffinity(0x0, 0x8, &(0x7f0000000540)=0x9) r1 = syz_open_dev$audion(&(0x7f0000000100)='/dev/audio#\x00', 0xfffffffffffff3e0, 0x0) setsockopt$bt_rfcomm_RFCOMM_LM(r1, 0x12, 0x3, &(0x7f00000001c0)=0x10, 0x4) r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0/file0\x00', 0x0, 0x0) ioctl$KVM_GET_CLOCK(r1, 0x8030ae7c, &(0x7f0000000200)) close(r0) ioctl$KVM_SET_IDENTITY_MAP_ADDR(r2, 0x4008ae48, &(0x7f0000000080)=0x1000) fchmodat(r2, &(0x7f00000000c0)='./file0\x00', 0x10) setxattr(&(0x7f0000000180)='./file0\x00', &(0x7f0000000280)=@known='com.apple.FinderInfo\x00', &(0x7f00000002c0)='/dev/audio#\x00', 0xc, 0x1) 03:39:14 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020000006f786e6574302d232f70726f6300") [ 861.613083] RDX: 00007f413f26ead0 RSI: 00000000200000c0 RDI: 00007f413f26eaf0 [ 861.620709] RBP: 00000000200000c0 R08: 00007f413f26eb30 R09: 00007f413f26ead0 [ 861.627979] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014 [ 861.635246] R13: 0000000000000000 R14: 00000000004d3f40 R15: 000000000000002d 03:39:14 executing program 2: r0 = socket(0xa, 0x1, 0x0) ioctl$sock_SIOCADDDLCI(r0, 0x8980, &(0x7f0000000000)={'veth0_to_bridge\x00', 0x8}) setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000080)={0x11, @multicast2=0xe0000002, 0x0, 0x0, 'wrr\x00'}, 0x2c) setsockopt$IP_VS_SO_SET_FLUSH(r0, 0x0, 0x485, 0x0, 0x0) 03:39:14 executing program 7 (fault-call:0 fault-nth:46): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010a0200027400f801", 0x17}], 0x0, &(0x7f00000001c0)) 03:39:14 executing program 1: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000)='/dev/net/tun\x00', 0x0, 0x0) io_setup(0xfe, &(0x7f0000000080)=0x0) mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) mount(&(0x7f000000a000)='./file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='configfs\x00', 0x0, &(0x7f0000000040)) utimes(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={{0x0, 0x2710}, {0x77359400}}) r2 = fcntl$dupfd(r0, 0x406, r0) setns(r2, 0x2000000) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)}, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x3, 0xfff, r0, &(0x7f0000000400)="ee1016341071c4214e477e6f87c27fbcea4ca0ca83b7b6b03b319d3c78d8ab30b70d004d2a16ad2e69f6ddc59bcba0a09ec3094cda9392c37b55f2eb332c59a9805e1c48afabecdfecb79f0361fe4fba891db7f77424b972768989dccd56947c0930e902cceea3f39fabbb2a37f5ca3a2429c923375dc72dbcc86ad55c034369371e7c4bad64995e0415d54b18f976ef48252b29b1115a98ec0ef487bd1a89c42faf6897f40b3e18663ef16deddbafb299f11316383d2c5b4dd11d433a9da6913a29700595a18d512ec7c1dd4b5eb16c2a29df192c75d8f73db52c48a0de225e0b49209acc60c83bb04fd6329f172058a77baa137e4f", 0xf6, 0x1f}, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x7, 0x7, 0xffffffffffffffff, &(0x7f0000001680)="9ece6a6bd5a9184c3d50009cd5956c02b0cab4d016967a1916a2767496f3445c1b14ebe9982121ce731dbff941cc2905f43e1bf8274bcf46d431d217a8820573a0edc3ce901e27e6e02cb90e3b717d074a9adf6b24cbc1f46870fe3e9aac298a25bc6be93934547540069b5b2f7d02d94b92352c5d5c5275e248be69d1fdd2e4b33c52d9c703f06b9dc01aeb7c5f5c49356bc275d6c885c78b18e30e4d388964f2bad2b74c0cddf8ac3afd39fa578c77df12", 0xb2, 0x7}]) 03:39:14 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x4, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) r2 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x0, 0x0) ioctl$ASHMEM_SET_PROT_MASK(r2, 0x40087705, &(0x7f0000000040)={0x7ff, 0x6}) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x0) 03:39:14 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020000006f786e6574302d232f70726f6300") 03:39:14 executing program 6: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000740)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000013e95), 0x4) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000140)={0x0, @in6={{0x2, 0x0, 0x0, @mcast1={0xff, 0x1, [], 0x1}}}}, 0x98) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000140)=0xd) close(r0) [ 861.813314] QAT: Invalid ioctl [ 861.813336] FAULT_INJECTION: forcing a failure. [ 861.813336] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 861.828468] CPU: 1 PID: 15375 Comm: syz-executor7 Not tainted 4.18.0-rc3-next-20180709+ #2 [ 861.832535] QAT: Invalid ioctl [ 861.836997] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 861.837003] Call Trace: [ 861.837032] dump_stack+0x1c9/0x2b4 [ 861.837051] ? dump_stack_print_info.cold.2+0x52/0x52 [ 861.837070] ? lock_acquire+0x1e4/0x540 [ 861.837088] should_fail.cold.4+0xa/0x11 [ 861.837107] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 861.874781] ? kasan_check_read+0x11/0x20 [ 861.878928] ? rcu_is_watching+0x8c/0x150 [ 861.883093] ? rcu_cleanup_dead_rnp+0x200/0x200 [ 861.887776] ? is_bpf_text_address+0xd7/0x170 [ 861.892294] ? kernel_text_address+0x79/0xf0 [ 861.896707] ? __kernel_text_address+0xd/0x40 [ 861.901207] ? unwind_get_return_address+0x61/0xa0 [ 861.906244] ? lock_acquire+0x1e4/0x540 [ 861.910209] ? fs_reclaim_acquire+0x20/0x20 [ 861.914521] ? lock_downgrade+0x8f0/0x8f0 [ 861.918679] ? check_same_owner+0x340/0x340 [ 861.923091] ? save_stack+0x43/0xd0 [ 861.926721] ? rcu_note_context_switch+0x730/0x730 [ 861.931642] ? do_mount+0x69e/0x1fb0 [ 861.935372] __alloc_pages_nodemask+0x36e/0xdb0 [ 861.940132] ? __alloc_pages_slowpath+0x2d00/0x2d00 [ 861.946194] ? kasan_check_read+0x11/0x20 [ 861.950441] ? do_raw_spin_unlock+0xa7/0x2f0 [ 861.954841] ? kasan_check_write+0x14/0x20 [ 861.959078] ? do_raw_spin_lock+0xc1/0x200 [ 861.963304] ? kasan_unpoison_shadow+0x35/0x50 [ 861.967876] ? kasan_kmalloc+0xc4/0xe0 [ 861.971758] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 861.977301] alloc_pages_current+0x10c/0x210 [ 861.981714] get_zeroed_page+0x14/0x50 [ 861.985683] legacy_validate+0x111/0x210 [ 861.989752] ? kmemdup+0x44/0x50 [ 861.993120] ? legacy_get_tree+0x440/0x440 [ 861.997347] vfs_get_tree+0x144/0x5c0 [ 862.001399] ? vfs_set_fs_source+0x12c/0x180 [ 862.005811] do_mount+0x6c1/0x1fb0 [ 862.009343] ? kasan_check_write+0x14/0x20 [ 862.013569] ? copy_mount_string+0x40/0x40 [ 862.017804] ? kasan_kmalloc+0xc4/0xe0 [ 862.021714] ? kmem_cache_alloc_trace+0x318/0x780 [ 862.026563] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 862.032100] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 862.037630] ? copy_mount_options+0x285/0x380 [ 862.042123] ksys_mount+0x12d/0x140 [ 862.046180] __x64_sys_mount+0xbe/0x150 [ 862.050157] do_syscall_64+0x1b9/0x820 [ 862.054035] ? finish_task_switch+0x1d3/0x870 [ 862.058530] ? syscall_return_slowpath+0x5e0/0x5e0 [ 862.076496] ? syscall_return_slowpath+0x31d/0x5e0 [ 862.081438] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 862.086536] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 862.092102] ? prepare_exit_to_usermode+0x291/0x3b0 [ 862.097295] ? perf_trace_sys_enter+0xb10/0xb10 [ 862.102041] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 862.106888] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 862.112077] RIP: 0033:0x45885a [ 862.115258] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 862.135082] RSP: 002b:00007f413f26ea88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 862.142782] RAX: ffffffffffffffda RBX: 00007f413f26eb30 RCX: 000000000045885a [ 862.150125] RDX: 00007f413f26ead0 RSI: 00000000200000c0 RDI: 00007f413f26eaf0 [ 862.157415] RBP: 00000000200000c0 R08: 00007f413f26eb30 R09: 00007f413f26ead0 [ 862.164685] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014 [ 862.172028] R13: 0000000000000000 R14: 00000000004d3f40 R15: 000000000000002e 03:39:15 executing program 1: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000)='/dev/net/tun\x00', 0x0, 0x0) io_setup(0xfe, &(0x7f0000000080)=0x0) mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) mount(&(0x7f000000a000)='./file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='configfs\x00', 0x0, &(0x7f0000000040)) utimes(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={{0x0, 0x2710}, {0x77359400}}) r2 = fcntl$dupfd(r0, 0x406, r0) setns(r2, 0x2000000) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)}, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x3, 0xfff, r0, &(0x7f0000000400)="ee1016341071c4214e477e6f87c27fbcea4ca0ca83b7b6b03b319d3c78d8ab30b70d004d2a16ad2e69f6ddc59bcba0a09ec3094cda9392c37b55f2eb332c59a9805e1c48afabecdfecb79f0361fe4fba891db7f77424b972768989dccd56947c0930e902cceea3f39fabbb2a37f5ca3a2429c923375dc72dbcc86ad55c034369371e7c4bad64995e0415d54b18f976ef48252b29b1115a98ec0ef487bd1a89c42faf6897f40b3e18663ef16deddbafb299f11316383d2c5b4dd11d433a9da6913a29700595a18d512ec7c1dd4b5eb16c2a29df192c75d8f73db52c48a0de225e0b49209acc60c83bb04fd6329f172058a77baa137e4f", 0xf6, 0x1f}, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x7, 0x7, 0xffffffffffffffff, &(0x7f0000001680)="9ece6a6bd5a9184c3d50009cd5956c02b0cab4d016967a1916a2767496f3445c1b14ebe9982121ce731dbff941cc2905f43e1bf8274bcf46d431d217a8820573a0edc3ce901e27e6e02cb90e3b717d074a9adf6b24cbc1f46870fe3e9aac298a25bc6be93934547540069b5b2f7d02d94b92352c5d5c5275e248be69d1fdd2e4b33c52d9c703f06b9dc01aeb7c5f5c49356bc275d6c885c78b18e30e4d388964f2bad2b74c0cddf8ac3afd39fa578c77df12", 0xb2, 0x7}]) 03:39:15 executing program 2: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={"766574000000000000000000bd6800", 0x43732e5398416f1a}) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vsock\x00', 0x20201, 0x0) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e22, 0x4, @mcast1={0xff, 0x1, [], 0x1}, 0x1}, 0x1c) ioctl$sock_SIOCBRADDBR(r1, 0x89a0, &(0x7f0000000100)='veth0\x00') 03:39:15 executing program 7 (fault-call:0 fault-nth:47): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010a0200027400f801", 0x17}], 0x0, &(0x7f00000001c0)) 03:39:15 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000000)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x0) 03:39:15 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020000006f786e6574302d232f70726f6300") [ 862.269010] FAULT_INJECTION: forcing a failure. [ 862.269010] name failslab, interval 1, probability 0, space 0, times 0 [ 862.280441] CPU: 1 PID: 15396 Comm: syz-executor7 Not tainted 4.18.0-rc3-next-20180709+ #2 [ 862.289013] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 862.298553] Call Trace: [ 862.301176] dump_stack+0x1c9/0x2b4 [ 862.304812] ? dump_stack_print_info.cold.2+0x52/0x52 [ 862.310209] should_fail.cold.4+0xa/0x11 [ 862.314377] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 862.319492] ? lock_release+0xa30/0xa30 [ 862.323472] ? check_same_owner+0x340/0x340 [ 862.327898] ? check_same_owner+0x340/0x340 [ 862.332314] ? trace_hardirqs_on+0x10/0x10 [ 862.336598] ? lock_acquire+0x1e4/0x540 [ 862.340574] ? blkdev_get+0x5f2/0xb50 [ 862.344387] ? lo_open+0x1b/0xb0 [ 862.347763] ? lock_acquire+0x1e4/0x540 [ 862.351825] ? fs_reclaim_acquire+0x20/0x20 [ 862.356146] ? lock_downgrade+0x8f0/0x8f0 [ 862.360484] ? check_same_owner+0x340/0x340 [ 862.364827] ? kasan_check_write+0x14/0x20 [ 862.369063] ? rcu_note_context_switch+0x730/0x730 [ 862.373993] __should_failslab+0x124/0x180 [ 862.378324] should_failslab+0x9/0x14 [ 862.382143] kmem_cache_alloc_trace+0x2cb/0x780 [ 862.386815] ? check_same_owner+0x340/0x340 [ 862.391240] ? m_show+0x5d0/0x5d0 [ 862.394779] ? rcu_note_context_switch+0x730/0x730 [ 862.399718] alloc_super+0xd4/0xb10 [ 862.403353] ? destroy_unused_super.part.11+0x110/0x110 [ 862.408714] ? sget_userns+0x17c/0x860 [ 862.412596] ? lock_downgrade+0x8f0/0x8f0 [ 862.416765] ? kasan_check_read+0x11/0x20 [ 862.420924] ? do_raw_spin_unlock+0xa7/0x2f0 [ 862.425321] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 862.429907] ? kasan_check_write+0x14/0x20 [ 862.434127] ? do_raw_spin_lock+0xc1/0x200 [ 862.438388] sget_userns+0x276/0x860 [ 862.442112] ? kill_litter_super+0x60/0x60 [ 862.446338] ? test_single_super+0x10/0x10 [ 862.450578] ? vfs_get_super+0x270/0x270 [ 862.454631] ? kasan_check_read+0x11/0x20 [ 862.458878] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 862.463462] ? kasan_check_write+0x14/0x20 [ 862.467683] ? do_raw_spin_lock+0xc1/0x200 [ 862.471944] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 862.477484] ? ns_capable_common+0x13f/0x170 [ 862.481893] ? kill_litter_super+0x60/0x60 [ 862.486116] sget+0x10b/0x150 [ 862.489221] ? test_single_super+0x10/0x10 [ 862.493448] mount_bdev+0x115/0x3e0 [ 862.497063] ? msdos_mount+0x50/0x50 [ 862.501288] msdos_mount+0x3c/0x50 [ 862.504816] ? setup+0xe0/0xe0 [ 862.508017] legacy_get_tree+0x118/0x440 [ 862.512080] vfs_get_tree+0x1cb/0x5c0 [ 862.515877] ? vfs_set_fs_source+0x12c/0x180 [ 862.520283] do_mount+0x6c1/0x1fb0 [ 862.523814] ? kasan_check_write+0x14/0x20 [ 862.528052] ? copy_mount_string+0x40/0x40 [ 862.532290] ? retint_kernel+0x10/0x10 [ 862.536357] ? copy_mount_options+0x1f0/0x380 [ 862.540853] ? copy_mount_options+0x1f6/0x380 [ 862.545338] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 862.550962] ? copy_mount_options+0x285/0x380 [ 862.555460] ksys_mount+0x12d/0x140 [ 862.559078] __x64_sys_mount+0xbe/0x150 [ 862.563061] do_syscall_64+0x1b9/0x820 [ 862.566938] ? finish_task_switch+0x1d3/0x870 [ 862.571423] ? syscall_return_slowpath+0x5e0/0x5e0 [ 862.576514] ? syscall_return_slowpath+0x31d/0x5e0 [ 862.581433] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 862.586440] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 862.591977] ? prepare_exit_to_usermode+0x291/0x3b0 [ 862.596983] ? perf_trace_sys_enter+0xb10/0xb10 [ 862.601651] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 862.606489] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 862.611675] RIP: 0033:0x45885a [ 862.614846] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 862.634139] RSP: 002b:00007f413f26ea88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 862.641855] RAX: ffffffffffffffda RBX: 00007f413f26eb30 RCX: 000000000045885a [ 862.649130] RDX: 00007f413f26ead0 RSI: 00000000200000c0 RDI: 00007f413f26eaf0 [ 862.656391] RBP: 00000000200000c0 R08: 00007f413f26eb30 R09: 00007f413f26ead0 [ 862.663659] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014 03:39:15 executing program 3: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_MCAST_LEAVE_GROUP(r1, 0x29, 0x2d, &(0x7f0000000080)={0x1, {{0xa, 0x4e23, 0x9, @ipv4={[], [0xff, 0xff]}, 0xfff}}}, 0x88) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x80, 0x0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000180)={0x0, 0x0}, &(0x7f00000001c0)=0xc) stat(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) write$P9_RGETATTR(r2, &(0x7f00000002c0)={0xa0, 0x19, 0x2, {0x220, {0x10, 0x3, 0x7}, 0x1, r3, r4, 0x679, 0x80000000, 0x0, 0x1ff, 0x7, 0xfffffffeffffffff, 0x10001, 0x0, 0x1, 0x1, 0xffffffffffffffe0, 0x8, 0x7, 0x0, 0x8}}, 0xa0) getsockopt$bt_BT_DEFER_SETUP(r0, 0x112, 0x4, &(0x7f0000000000), &(0x7f0000000040)=0x4) 03:39:15 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000000000)={{{@in, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@dev}, 0x0, @in6=@loopback}}, &(0x7f0000000100)=0xe8) ioprio_get$uid(0x3, r1) r2 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r2, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x0) 03:39:15 executing program 1: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000)='/dev/net/tun\x00', 0x0, 0x0) io_setup(0xfe, &(0x7f0000000080)=0x0) mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) mount(&(0x7f000000a000)='./file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='configfs\x00', 0x0, &(0x7f0000000040)) utimes(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={{0x0, 0x2710}, {0x77359400}}) r2 = fcntl$dupfd(r0, 0x406, r0) setns(r2, 0x2000000) io_submit(r1, 0x3, &(0x7f00000005c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000180)}, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x3, 0xfff, r0, &(0x7f0000000400)="ee1016341071c4214e477e6f87c27fbcea4ca0ca83b7b6b03b319d3c78d8ab30b70d004d2a16ad2e69f6ddc59bcba0a09ec3094cda9392c37b55f2eb332c59a9805e1c48afabecdfecb79f0361fe4fba891db7f77424b972768989dccd56947c0930e902cceea3f39fabbb2a37f5ca3a2429c923375dc72dbcc86ad55c034369371e7c4bad64995e0415d54b18f976ef48252b29b1115a98ec0ef487bd1a89c42faf6897f40b3e18663ef16deddbafb299f11316383d2c5b4dd11d433a9da6913a29700595a18d512ec7c1dd4b5eb16c2a29df192c75d8f73db52c48a0de225e0b49209acc60c83bb04fd6329f172058a77baa137e4f", 0xf6, 0x1f}, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x7, 0x7, 0xffffffffffffffff, &(0x7f0000001680)="9ece6a6bd5a9184c3d50009cd5956c02b0cab4d016967a1916a2767496f3445c1b14ebe9982121ce731dbff941cc2905f43e1bf8274bcf46d431d217a8820573a0edc3ce901e27e6e02cb90e3b717d074a9adf6b24cbc1f46870fe3e9aac298a25bc6be93934547540069b5b2f7d02d94b92352c5d5c5275e248be69d1fdd2e4b33c52d9c703f06b9dc01aeb7c5f5c49356bc275d6c885c78b18e30e4d388964f2bad2b74c0cddf8ac3afd39fa578c77df12", 0xb2, 0x7}]) [ 862.670916] R13: 0000000000000000 R14: 00000000004d3f40 R15: 000000000000002f [ 862.687218] Unknown ioctl 35232 [ 862.709952] Unknown ioctl 35232 03:39:15 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x3f, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_emit_ethernet(0x3a, &(0x7f0000000000)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], {@ipv4={0x800, {{0x6, 0x4, 0x0, 0x0, 0x18, 0x0, 0x0, 0x0, 0x11, 0x0, @dev={0xac, 0x14, 0x14}, @remote={0xac, 0x14, 0x223, 0xbb}, {[@rr={0x7, 0x3}]}}, @icmp=@timestamp_reply={0xe}}}}}, &(0x7f0000000100)) 03:39:15 executing program 7 (fault-call:0 fault-nth:48): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010a0200027400f801", 0x17}], 0x0, &(0x7f00000001c0)) 03:39:15 executing program 6: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000740)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000013e95), 0x4) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000140)={0x0, @in6={{0x2, 0x0, 0x0, @mcast1={0xff, 0x1, [], 0x1}}}}, 0x98) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000140)=0xd) close(r0) 03:39:15 executing program 2: ioctl$LOOP_SET_STATUS(0xffffffffffffffff, 0xc0481273, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "160000000100000000001bf3ffffff000065000000edea00007db000000001f9b319d8000018e58d1c43473000e05026fb00000067010400335d5bffff0001d7", "cea40005003500f7ff0002ff000000000000000000810000dc01867dfffe0200"}) munmap(&(0x7f0000ffb000/0x2000)=nil, 0x2000) [ 862.818967] FAULT_INJECTION: forcing a failure. [ 862.818967] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 862.830880] CPU: 0 PID: 15422 Comm: syz-executor7 Not tainted 4.18.0-rc3-next-20180709+ #2 [ 862.839313] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 862.848677] Call Trace: [ 862.851287] dump_stack+0x1c9/0x2b4 [ 862.854951] ? dump_stack_print_info.cold.2+0x52/0x52 [ 862.860187] ? kasan_check_read+0x11/0x20 [ 862.864390] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 862.869949] should_fail.cold.4+0xa/0x11 [ 862.874040] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 862.879184] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 862.884246] ? trace_hardirqs_on+0x10/0x10 [ 862.888524] ? trace_hardirqs_on+0x10/0x10 [ 862.892787] ? lock_acquire+0x1e4/0x540 [ 862.896777] ? is_bpf_text_address+0xae/0x170 [ 862.901377] ? lock_downgrade+0x8f0/0x8f0 [ 862.905560] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 862.910593] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 862.916140] ? should_fail+0x246/0xd86 [ 862.920023] ? is_bpf_text_address+0xae/0x170 [ 862.924529] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 862.929721] ? should_fail+0x246/0xd86 [ 862.933603] __alloc_pages_nodemask+0x36e/0xdb0 [ 862.938261] ? kasan_check_read+0x11/0x20 [ 862.942400] ? rcu_is_watching+0x8c/0x150 [ 862.946550] ? __alloc_pages_slowpath+0x2d00/0x2d00 [ 862.951572] ? is_bpf_text_address+0xd7/0x170 [ 862.956058] ? kernel_text_address+0x79/0xf0 [ 862.960458] ? __kernel_text_address+0xd/0x40 [ 862.964957] ? lock_acquire+0x1e4/0x540 [ 862.968919] ? fs_reclaim_acquire+0x20/0x20 [ 862.973233] ? lock_downgrade+0x8f0/0x8f0 [ 862.977372] ? fs_reclaim_acquire+0x20/0x20 [ 862.981698] ? lock_release+0xa30/0xa30 [ 862.985674] ? check_same_owner+0x340/0x340 [ 862.989999] cache_grow_begin+0x91/0x710 [ 862.994055] kmem_cache_alloc+0x689/0x760 [ 862.998218] ? __alloc_pages_nodemask+0x6e3/0xdb0 [ 863.003056] getname_kernel+0x54/0x370 [ 863.006933] kern_path+0x1e/0x40 [ 863.010289] lookup_bdev+0x10c/0x250 [ 863.014002] ? blkdev_open+0x280/0x280 [ 863.017880] ? kasan_check_write+0x14/0x20 [ 863.022289] ? do_raw_spin_lock+0xc1/0x200 [ 863.026520] blkdev_get_by_path+0x1f/0xe0 [ 863.030659] mount_bdev+0x61/0x3e0 [ 863.034274] ? msdos_mount+0x50/0x50 [ 863.038004] msdos_mount+0x3c/0x50 [ 863.041547] ? setup+0xe0/0xe0 [ 863.044742] legacy_get_tree+0x118/0x440 [ 863.048807] vfs_get_tree+0x1cb/0x5c0 [ 863.052594] ? vfs_set_fs_source+0x12c/0x180 [ 863.056992] do_mount+0x6c1/0x1fb0 [ 863.060525] ? kasan_check_write+0x14/0x20 [ 863.064751] ? copy_mount_string+0x40/0x40 [ 863.068995] ? kasan_kmalloc+0xc4/0xe0 [ 863.072877] ? kmem_cache_alloc_trace+0x318/0x780 [ 863.077712] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 863.083250] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 863.088776] ? copy_mount_options+0x285/0x380 [ 863.093272] ksys_mount+0x12d/0x140 [ 863.096900] __x64_sys_mount+0xbe/0x150 [ 863.100870] do_syscall_64+0x1b9/0x820 [ 863.104754] ? finish_task_switch+0x1d3/0x870 [ 863.109586] ? syscall_return_slowpath+0x5e0/0x5e0 [ 863.114505] ? syscall_return_slowpath+0x31d/0x5e0 [ 863.119441] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 863.124444] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 863.129979] ? prepare_exit_to_usermode+0x291/0x3b0 [ 863.135249] ? perf_trace_sys_enter+0xb10/0xb10 [ 863.139928] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 863.144765] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 863.149942] RIP: 0033:0x45885a 03:39:15 executing program 0: r0 = socket$inet6(0xa, 0x1000000000004, 0x400000000000) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000ffd000/0x2000)=nil, 0x2000}, 0x1}) ioctl$KDADDIO(r1, 0x4b34, 0x7fffffff) socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x2) 03:39:15 executing program 1: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000)='/dev/net/tun\x00', 0x0, 0x0) io_setup(0xfe, &(0x7f0000000080)) mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) mount(&(0x7f000000a000)='./file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='configfs\x00', 0x0, &(0x7f0000000040)) utimes(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={{0x0, 0x2710}, {0x77359400}}) r1 = fcntl$dupfd(r0, 0x406, r0) setns(r1, 0x2000000) 03:39:15 executing program 2: r0 = socket$inet6(0xa, 0x1, 0x1) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$mice(&(0x7f0000000040)='/dev/input/mice\x00', 0x0, 0x400000) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f0000000080)=0x9, 0x4) r2 = syz_open_dev$sndmidi(&(0x7f0000000000)='/dev/snd/midiC#D#\x00', 0x200, 0x0) poll(&(0x7f0000000100)=[{r2}], 0x1, 0x1) 03:39:15 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020000006f786e6574302d232f70726f6300") [ 863.153114] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 863.172393] RSP: 002b:00007f413f26ea88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 863.180090] RAX: ffffffffffffffda RBX: 00007f413f26eb30 RCX: 000000000045885a [ 863.187349] RDX: 00007f413f26ead0 RSI: 00000000200000c0 RDI: 00007f413f26eaf0 [ 863.194731] RBP: 00000000200000c0 R08: 00007f413f26eb30 R09: 00007f413f26ead0 [ 863.202006] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014 [ 863.209272] R13: 0000000000000000 R14: 00000000004d3f40 R15: 0000000000000030 03:39:16 executing program 3: r0 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffc) keyctl$search(0xa, r0, &(0x7f0000000080)='dns_resolver\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, 0x0) socketpair(0x8, 0x0, 0x729, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(0xffffffffffffffff, 0x84, 0x73, &(0x7f0000000140)={0x0, 0xc9, 0x10, 0x11e, 0x40}, &(0x7f0000000180)=0x18) getsockopt$inet_sctp6_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f00000001c0)={r2, 0x8}, &(0x7f0000000200)=0x8) 03:39:16 executing program 5: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) msgget(0x2, 0x40) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0x3, 0x1, &(0x7f0000000040)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) umount2(&(0x7f0000000440)='./file0\x00', 0x0) [ 863.218029] FAT-fs (loop7): Directory bread(block 2563) failed [ 863.225925] FAT-fs (loop7): Directory bread(block 2564) failed [ 863.232037] FAT-fs (loop7): Directory bread(block 2565) failed [ 863.238418] FAT-fs (loop7): Directory bread(block 2566) failed 03:39:16 executing program 3: r0 = socket$alg(0x26, 0x5, 0x0) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sloppy_sctp\x00', 0x2, 0x0) setsockopt$bt_BT_DEFER_SETUP(r1, 0x112, 0x7, &(0x7f0000000040), 0x4) bind$alg(r0, &(0x7f0000000140)={0x26, 'aead\x00', 0x0, 0x0, 'rfc7539(ctr-serpent-avx,tgr128-generic)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x5, &(0x7f0000000000), 0x10) 03:39:16 executing program 1: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000)='/dev/net/tun\x00', 0x0, 0x0) io_setup(0xfe, &(0x7f0000000080)) mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) mount(&(0x7f000000a000)='./file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='configfs\x00', 0x0, &(0x7f0000000040)) utimes(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={{0x0, 0x2710}, {0x77359400}}) fcntl$dupfd(r0, 0x406, r0) [ 863.278303] FAT-fs (loop7): Directory bread(block 2567) failed [ 863.297855] FAT-fs (loop7): Directory bread(block 2568) failed [ 863.307868] FAT-fs (loop5): bogus number of reserved sectors [ 863.313804] FAT-fs (loop5): Can't find a valid FAT filesystem 03:39:16 executing program 2: mkdir(&(0x7f0000000240)='./file0\x00', 0x0) r0 = syz_open_dev$sndpcmp(&(0x7f0000000080)='/dev/snd/pcmC#D#p\x00', 0x0, 0x141000) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)={0x1, 0x2, 0x0, 0x1, 0x1, r0}, 0xffffffffffffff23) mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000000)='./file0\x00', &(0x7f00000001c0)='bpf\x00', 0x0, &(0x7f0000000040)) bpf$OBJ_PIN_MAP(0x6, &(0x7f00000004c0)={&(0x7f0000000280)='./file0/file0\x00', r1}, 0x10) unlink(&(0x7f0000000040)='./file0/file0\x00') [ 863.326928] FAT-fs (loop7): Directory bread(block 2569) failed [ 863.337078] FAT-fs (loop7): Directory bread(block 2570) failed [ 863.350275] FAT-fs (loop7): Directory bread(block 2571) failed 03:39:16 executing program 3: mmap(&(0x7f0000011000/0x2000)=nil, 0x2000, 0x1000000, 0x32, 0xffffffffffffffff, 0x0) pipe2(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4800) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000580)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) write$sndseq(r1, &(0x7f0000011fd2), 0xffffffee) read(r0, &(0x7f0000000000)=""/126, 0xfffffeab) ioctl$FIONREAD(r1, 0x541b, &(0x7f0000604ffc)) dup2(r0, r2) 03:39:16 executing program 1: openat$tun(0xffffffffffffff9c, &(0x7f0000000000)='/dev/net/tun\x00', 0x0, 0x0) io_setup(0xfe, &(0x7f0000000080)) mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) mount(&(0x7f000000a000)='./file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='configfs\x00', 0x0, &(0x7f0000000040)) utimes(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={{0x0, 0x2710}, {0x77359400}}) 03:39:16 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r0, &(0x7f0000e11ff0)=[{&(0x7f0000000100)="580000001400192340834b80040d8c560a02000000ff81004e227e00000058000b4824ca944f64009400050028925aa8000000000000008000f0ffffffff09000000fff5dd000000100001000a0c0c00fcff0000040e05a5", 0x58}], 0x1) r1 = openat$vsock(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/vsock\x00', 0xfffffffffffffffd, 0x0) epoll_ctl$EPOLL_CTL_DEL(r1, 0x2, r0) setsockopt$inet_MCAST_JOIN_GROUP(r1, 0x0, 0x2a, &(0x7f0000000000)={0x4, {{0x2, 0x4e23, @rand_addr=0x1589}}}, 0x88) 03:39:16 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x0) [ 863.375411] FAT-fs (loop7): Directory bread(block 2572) failed [ 863.390168] FAT-fs (loop5): bogus number of reserved sectors [ 863.396083] FAT-fs (loop5): Can't find a valid FAT filesystem 03:39:16 executing program 7 (fault-call:0 fault-nth:49): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010a0200027400f801", 0x17}], 0x0, &(0x7f00000001c0)) [ 863.506089] FAULT_INJECTION: forcing a failure. [ 863.506089] name failslab, interval 1, probability 0, space 0, times 0 [ 863.517432] CPU: 1 PID: 15484 Comm: syz-executor7 Not tainted 4.18.0-rc3-next-20180709+ #2 [ 863.525838] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 863.535200] Call Trace: [ 863.537801] dump_stack+0x1c9/0x2b4 [ 863.541435] ? dump_stack_print_info.cold.2+0x52/0x52 [ 863.546629] ? __kernel_text_address+0xd/0x40 [ 863.551145] ? unwind_get_return_address+0x61/0xa0 [ 863.556078] should_fail.cold.4+0xa/0x11 [ 863.560145] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 863.565254] ? save_stack+0xa9/0xd0 [ 863.568881] ? save_stack+0x43/0xd0 [ 863.572507] ? kasan_kmalloc+0xc4/0xe0 [ 863.576392] ? kmem_cache_alloc_trace+0x152/0x780 [ 863.581232] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 863.586680] ? __list_lru_init+0x4d6/0x840 [ 863.590916] ? alloc_super+0x976/0xb10 [ 863.594803] ? sget+0x10b/0x150 [ 863.598087] ? mount_bdev+0x115/0x3e0 [ 863.601885] ? msdos_mount+0x3c/0x50 [ 863.605594] ? legacy_get_tree+0x118/0x440 [ 863.609825] ? vfs_get_tree+0x1cb/0x5c0 [ 863.613793] ? do_mount+0x6c1/0x1fb0 [ 863.617511] ? ksys_mount+0x12d/0x140 [ 863.621324] ? __x64_sys_mount+0xbe/0x150 [ 863.625478] ? do_syscall_64+0x1b9/0x820 [ 863.629585] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 863.634958] ? save_stack+0xa9/0xd0 [ 863.638590] ? lock_acquire+0x1e4/0x540 [ 863.642571] ? fs_reclaim_acquire+0x20/0x20 [ 863.646982] ? lock_downgrade+0x8f0/0x8f0 [ 863.651136] ? do_mount+0x6c1/0x1fb0 03:39:16 executing program 6: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000740)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000013e95), 0x4) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000140)={0x0, @in6={{0x2, 0x0, 0x0, @mcast1={0xff, 0x1, [], 0x1}}}}, 0x98) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000140)=0xd) close(r0) 03:39:16 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020000006f786e6574302d232f70726f6300") 03:39:16 executing program 1: openat$tun(0xffffffffffffff9c, &(0x7f0000000000)='/dev/net/tun\x00', 0x0, 0x0) io_setup(0xfe, &(0x7f0000000080)) mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) utimes(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={{0x0, 0x2710}, {0x77359400}}) 03:39:16 executing program 3: r0 = timerfd_create(0x0, 0x0) mknod$loop(&(0x7f0000000040)='./file0\x00', 0x6000, 0x1) r1 = fcntl$dupfd(r0, 0x0, r0) timerfd_settime(r1, 0x1, &(0x7f0000000000)={{}, {0x0, 0x989680}}, &(0x7f0000005fe0)) timerfd_gettime(r1, &(0x7f0000eb8000)) syz_mount_image$nfs4(&(0x7f0000000080)='nfs4\x00', &(0x7f00000000c0)='./file0\x00', 0x9, 0x7, &(0x7f0000000500)=[{&(0x7f0000000100)="b6e8ed841b910bfff13aa7abd70fed9eb2b169374270bff280e27e1a245ece0ab25b8b368b0c2f5487fa8c15e1a04963d54231491e76df6d5cabfab99178ad45326d42a0a4179d5d3498b851ca175ebcf58fc95c9b63ffd7695a84e43583d1dadd37c0fe0437f617d9a93fdbdfc532027ae886b9ad3d5601de476c3cdd662c1a24678b9c8fd534abd7e43b", 0x8b, 0x3}, {&(0x7f00000001c0)="165ae4805f46baf9c9dfde4c78875929ac92970e592132dbcc7426ed6cbd84d7057ee39a693a73b7062bb9201962c5a01fc4a3dc05099b21e1b712e0809df762dd29838ec2514a00ff991a745ae7efe27f73850504d8341fe12d250b947b44ec56f006c85fc84b4f82f79f1b012bd1745920269f6c80c77de21c76579e72ac665d21f0d0f435b2f3b6afc1cde4de4002bab368483f61400a15afee54c9c1542d835f8792fb8e9d191c13c998f8e2d6167acb88dd2881e6089b50e1279ebda45a40d846", 0xc3, 0xfff}, {&(0x7f00000002c0)="0e2a18344cb9a20ffc0064c377998c7af44ae5168c55120349427fc03888c3d81d0007e28f8db272f3bc4fb073d96b391e0b76e6c488f1c4cfc76ae7fe39b9f9e9b92768d3b11c92125afe8e7d22a93c93ead00a287c760abdb864bc0cd2ab2cc1473d68fc6ccb244ebd48cf54a9f8ca746bda40efcc04d27ce356aec9979637b519", 0x82, 0x3}, {&(0x7f0000000380)='5p', 0x2, 0x7f}, {&(0x7f00000003c0)="8f371d60e086be424764a5bb4dcac820001cc78a03ced30735c24843ba3b7ad07270f1e437627cacb4a066eb3a7c81940f81e1c1a998eaedf400a5490b50a5b956ca9d8003ffbd3c1820dac74105e73dcb276f55a8ef976db6239e6f17c36a88f9990e0c77", 0x65, 0x6}, {&(0x7f0000000440)="cd9d89ee7329748c48c5f3d8f379ce738ecdf791fbc9cbe5b6f0e47fbcf3e4a5f6b3b1d8c355", 0x26, 0xfffffffffffffffa}, {&(0x7f0000000480)="9707bbc49ea4796764dc24c1d7d0e9d32aac5b6e93fdb2cb51a853062995dc6d249e80b78b841048751df89d0eb7f6123267e80107dec065c4ae42e97a7a41b3d03d654bad8af1f449b75182267961a5bf2617c0e5d630a086fea87a6894a7b18f2e92055b2fbb702c71658966ff627c2be3e8a7a5c1db5d", 0x78, 0xa4a2}], 0x40, &(0x7f00000005c0)="2c21637075736574ec292c2b707070306367726f75701e7070703100") 03:39:16 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0xfffffffffffff2c3) getsockopt$IP6T_SO_GET_INFO(r0, 0x29, 0x4e, &(0x7f00000000c0)={'nat\x00'}, &(0x7f0000000140)=0x54) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000180)={{{@in=@local, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast1}, 0x0, @in=@broadcast}}, &(0x7f0000000000)=0xe8) setsockopt$sock_void(r0, 0x1, 0x3f, 0x0, 0x0) ioctl$sock_inet6_SIOCDIFADDR(r0, 0x8936, &(0x7f0000000040)={@remote={0xfe, 0x80, [], 0xbb}, 0x7a, r1}) 03:39:16 executing program 2: pipe2(&(0x7f0000989000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000000)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = creat(&(0x7f000009aff8)='./file0\x00', 0x0) write$sndseq(r3, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) syz_mount_image$vfat(&(0x7f00000000c0)='vfat\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x1149002, &(0x7f0000000000)=ANY=[]) mount(&(0x7f0000434ff8)='./file0\x00', &(0x7f0000abf000)='./file0\x00', &(0x7f0000f4c000)='jfs\x00', 0x1023402, 0x0) unlink(&(0x7f0000000140)='./file0\x00') execveat(r1, &(0x7f0000000080)='./file0\x00', &(0x7f0000000180)=[&(0x7f0000000100)='\x00'], &(0x7f0000000240)=[&(0x7f0000000200)='jfs\x00'], 0x100) dup2(r0, r2) setsockopt$bt_hci_HCI_FILTER(r1, 0x0, 0x2, &(0x7f0000000040)={0x3ff, 0xfffffffffffffbff, 0x6, 0x100}, 0x10) 03:39:16 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000002380)='/dev/vcs\x00', 0x4000, 0x0) getsockopt$inet_sctp_SCTP_MAXSEG(0xffffffffffffff9c, 0x84, 0xd, &(0x7f00000023c0)=@assoc_id=0x0, &(0x7f0000002400)=0x4) getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000002440)={r2, 0x4}, &(0x7f0000002480)=0x8) socket$key(0xf, 0x3, 0x2) r3 = socket$inet_sctp(0x2, 0x5, 0x84) getsockopt$inet_buf(r3, 0x0, 0x0, &(0x7f0000000000)=""/246, &(0x7f0000000100)=0xf6) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") fcntl$getown(r1, 0x9) r4 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r4, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x0) [ 863.654860] ? check_same_owner+0x340/0x340 [ 863.659187] ? rcu_note_context_switch+0x730/0x730 [ 863.664135] __should_failslab+0x124/0x180 [ 863.668373] should_failslab+0x9/0x14 [ 863.672176] kmem_cache_alloc_trace+0x2cb/0x780 [ 863.676881] ? kasan_kmalloc+0xc4/0xe0 [ 863.680776] __memcg_init_list_lru_node+0x185/0x2d0 [ 863.685817] ? kvfree_rcu+0x20/0x20 [ 863.689481] ? __kmalloc_node+0x47/0x70 [ 863.693468] __list_lru_init+0x4d6/0x840 [ 863.697569] ? up_write+0x7b/0x220 [ 863.701127] ? list_lru_destroy+0x500/0x500 [ 863.705460] ? prealloc_shrinker+0x124/0x450 [ 863.709899] ? prealloc_shrinker+0x21c/0x450 [ 863.714327] ? inactive_list_is_low+0x850/0x850 [ 863.719022] ? __lockdep_init_map+0x105/0x590 [ 863.723553] alloc_super+0x976/0xb10 03:39:16 executing program 5: r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) shutdown(r0, 0x0) recvmmsg(r0, &(0x7f0000001300)=[{{&(0x7f0000001140)=@pppol2tpv3in6={0x0, 0x0, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, @mcast1}}}, 0x80, &(0x7f0000000580), 0x0, &(0x7f0000000000)=""/130, 0x82}}], 0x1400, 0x0, &(0x7f00000013c0)={0x0, 0x1c9c380}) socket$inet_sctp(0x2, 0x5, 0x84) [ 863.723569] ? destroy_unused_super.part.11+0x110/0x110 03:39:16 executing program 7 (fault-call:0 fault-nth:50): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010a0200027400f801", 0x17}], 0x0, &(0x7f00000001c0)) 03:39:16 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020000006f786e6574302d232f70726f6300") 03:39:16 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa}, 0x1c) sendmmsg(r0, &(0x7f00000000c0)=[{{0x0, 0x0, &(0x7f0000000380), 0x100000d0, &(0x7f0000000140)}}, {{&(0x7f00000004c0)=@in6={0xa, 0x4e22, 0x0, @mcast2={0xff, 0x2, [], 0x1}}, 0x80, &(0x7f0000000680), 0x273, &(0x7f0000000080)=[{0x18, 0x29, 0x36, "8522"}], 0x18}}], 0x2, 0x0) [ 863.723584] ? lock_downgrade+0x8f0/0x8f0 03:39:16 executing program 1: openat$tun(0xffffffffffffff9c, &(0x7f0000000000)='/dev/net/tun\x00', 0x0, 0x0) io_setup(0xfe, &(0x7f0000000080)) mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) utimes(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={{0x0, 0x2710}, {0x77359400}}) [ 863.723602] ? kasan_check_read+0x11/0x20 [ 863.723615] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 863.723628] ? kasan_check_write+0x14/0x20 [ 863.723638] ? do_raw_spin_lock+0xc1/0x200 [ 863.723653] sget_userns+0x276/0x860 [ 863.723663] ? kill_litter_super+0x60/0x60 03:39:16 executing program 7 (fault-call:0 fault-nth:51): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010a0200027400f801", 0x17}], 0x0, &(0x7f00000001c0)) 03:39:16 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020000006f786e6574302d232f70726f6300") [ 863.723676] ? test_single_super+0x10/0x10 [ 863.723687] ? vfs_get_super+0x270/0x270 [ 863.723697] ? kasan_check_read+0x11/0x20 [ 863.723709] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 863.723722] ? kasan_check_write+0x14/0x20 03:39:16 executing program 3: mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) setsockopt$bt_l2cap_L2CAP_OPTIONS(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000000), 0xc) 03:39:16 executing program 1: openat$tun(0xffffffffffffff9c, &(0x7f0000000000)='/dev/net/tun\x00', 0x0, 0x0) io_setup(0xfe, &(0x7f0000000080)) mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) utimes(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={{0x0, 0x2710}, {0x77359400}}) [ 863.723731] ? do_raw_spin_lock+0xc1/0x200 [ 863.723762] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 863.723774] ? ns_capable_common+0x13f/0x170 [ 863.723787] ? kill_litter_super+0x60/0x60 [ 863.723798] sget+0x10b/0x150 [ 863.723808] ? test_single_super+0x10/0x10 [ 863.723822] mount_bdev+0x115/0x3e0 [ 863.723833] ? msdos_mount+0x50/0x50 [ 863.723846] msdos_mount+0x3c/0x50 [ 863.723856] ? setup+0xe0/0xe0 [ 863.723868] legacy_get_tree+0x118/0x440 [ 863.723882] vfs_get_tree+0x1cb/0x5c0 [ 863.723892] ? vfs_set_fs_source+0x12c/0x180 [ 863.723905] do_mount+0x6c1/0x1fb0 [ 863.723916] ? check_same_owner+0x340/0x340 [ 863.723926] ? lock_release+0xa30/0xa30 [ 863.723940] ? copy_mount_string+0x40/0x40 [ 863.723952] ? kasan_kmalloc+0xc4/0xe0 [ 863.723966] ? kmem_cache_alloc_trace+0x318/0x780 [ 863.723980] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 863.723990] ? _copy_from_user+0xdf/0x150 [ 863.724004] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 863.724015] ? copy_mount_options+0x285/0x380 [ 863.724029] ksys_mount+0x12d/0x140 [ 863.724042] __x64_sys_mount+0xbe/0x150 [ 863.724056] do_syscall_64+0x1b9/0x820 [ 863.724065] ? finish_task_switch+0x1d3/0x870 [ 863.724077] ? syscall_return_slowpath+0x5e0/0x5e0 [ 863.724089] ? syscall_return_slowpath+0x31d/0x5e0 [ 863.724101] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 863.724112] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 863.724126] ? prepare_exit_to_usermode+0x291/0x3b0 [ 863.724142] ? perf_trace_sys_enter+0xb10/0xb10 [ 863.724157] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 863.724173] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 863.724182] RIP: 0033:0x45885a [ 863.724185] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 863.724402] RSP: 002b:00007f413f26ea88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 863.724413] RAX: ffffffffffffffda RBX: 00007f413f26eb30 RCX: 000000000045885a [ 863.724420] RDX: 00007f413f26ead0 RSI: 00000000200000c0 RDI: 00007f413f26eaf0 [ 863.724427] RBP: 00000000200000c0 R08: 00007f413f26eb30 R09: 00007f413f26ead0 [ 863.724433] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014 [ 863.724439] R13: 0000000000000000 R14: 00000000004d3f40 R15: 0000000000000031 [ 863.816071] FAULT_INJECTION: forcing a failure. [ 863.816071] name failslab, interval 1, probability 0, space 0, times 0 [ 863.816091] CPU: 0 PID: 15514 Comm: syz-executor7 Not tainted 4.18.0-rc3-next-20180709+ #2 [ 863.816100] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 863.816105] Call Trace: [ 863.816129] dump_stack+0x1c9/0x2b4 [ 863.816149] ? dump_stack_print_info.cold.2+0x52/0x52 [ 863.816168] ? __kernel_text_address+0xd/0x40 [ 863.816191] should_fail.cold.4+0xa/0x11 [ 863.816209] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 863.816229] ? save_stack+0xa9/0xd0 [ 863.816245] ? save_stack+0x43/0xd0 [ 863.816260] ? kasan_kmalloc+0xc4/0xe0 [ 863.816275] ? kmem_cache_alloc_trace+0x152/0x780 [ 863.816289] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 863.816302] ? __list_lru_init+0x4d6/0x840 [ 863.816317] ? alloc_super+0x976/0xb10 [ 863.816331] ? sget+0x10b/0x150 [ 863.816345] ? mount_bdev+0x115/0x3e0 [ 863.816359] ? msdos_mount+0x3c/0x50 [ 863.816374] ? legacy_get_tree+0x118/0x440 [ 863.816388] ? vfs_get_tree+0x1cb/0x5c0 [ 863.816402] ? do_mount+0x6c1/0x1fb0 [ 863.816416] ? ksys_mount+0x12d/0x140 [ 863.816432] ? do_syscall_64+0x1b9/0x820 [ 863.816447] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 863.816465] ? save_stack+0xa9/0xd0 [ 863.816485] ? lock_acquire+0x1e4/0x540 [ 863.816500] ? fs_reclaim_acquire+0x20/0x20 [ 863.816515] ? lock_downgrade+0x8f0/0x8f0 [ 863.816535] ? check_same_owner+0x340/0x340 [ 863.816553] ? rcu_note_context_switch+0x730/0x730 [ 863.816571] __should_failslab+0x124/0x180 [ 863.816588] should_failslab+0x9/0x14 [ 863.816604] kmem_cache_alloc_trace+0x2cb/0x780 [ 863.816619] ? kasan_kmalloc+0xc4/0xe0 [ 863.816641] __memcg_init_list_lru_node+0x185/0x2d0 [ 863.816656] ? kvfree_rcu+0x20/0x20 [ 863.816672] ? __kmalloc_node+0x47/0x70 [ 863.816691] __list_lru_init+0x4d6/0x840 [ 863.816704] ? up_write+0x7b/0x220 [ 863.816721] ? list_lru_destroy+0x500/0x500 [ 863.816736] ? prealloc_shrinker+0x124/0x450 [ 863.816754] ? prealloc_shrinker+0x21c/0x450 [ 863.816777] ? inactive_list_is_low+0x850/0x850 [ 863.816798] ? __lockdep_init_map+0x105/0x590 [ 863.816817] alloc_super+0x976/0xb10 [ 863.816839] ? destroy_unused_super.part.11+0x110/0x110 [ 863.816858] ? lock_downgrade+0x8f0/0x8f0 [ 863.816879] ? kasan_check_read+0x11/0x20 [ 863.816901] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 863.816918] ? kasan_check_write+0x14/0x20 [ 863.816930] ? do_raw_spin_lock+0xc1/0x200 [ 863.816949] sget_userns+0x276/0x860 [ 863.816964] ? kill_litter_super+0x60/0x60 [ 863.816980] ? test_single_super+0x10/0x10 [ 863.816996] ? vfs_get_super+0x270/0x270 [ 863.817010] ? kasan_check_read+0x11/0x20 [ 863.817026] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 863.817042] ? kasan_check_write+0x14/0x20 [ 863.817055] ? do_raw_spin_lock+0xc1/0x200 [ 863.817087] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 863.817103] ? ns_capable_common+0x13f/0x170 [ 863.817118] ? kill_litter_super+0x60/0x60 [ 863.817131] sget+0x10b/0x150 [ 863.817145] ? test_single_super+0x10/0x10 [ 863.817160] mount_bdev+0x115/0x3e0 [ 863.817174] ? msdos_mount+0x50/0x50 [ 863.817190] msdos_mount+0x3c/0x50 [ 863.817204] ? setup+0xe0/0xe0 [ 863.817218] legacy_get_tree+0x118/0x440 [ 863.817234] vfs_get_tree+0x1cb/0x5c0 [ 863.817248] ? vfs_set_fs_source+0x12c/0x180 [ 863.817263] do_mount+0x6c1/0x1fb0 [ 863.817277] ? check_same_owner+0x340/0x340 [ 863.817291] ? lock_release+0xa30/0xa30 [ 863.817310] ? copy_mount_string+0x40/0x40 [ 863.817327] ? retint_kernel+0x10/0x10 [ 863.817347] ? copy_mount_options+0x1e3/0x380 [ 863.817364] ? __sanitizer_cov_trace_pc+0x11/0x50 [ 863.817381] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 863.817396] ? copy_mount_options+0x285/0x380 [ 863.817415] ksys_mount+0x12d/0x140 [ 863.817432] __x64_sys_mount+0xbe/0x150 [ 863.817450] do_syscall_64+0x1b9/0x820 [ 863.817464] ? finish_task_switch+0x1d3/0x870 [ 863.817481] ? syscall_return_slowpath+0x5e0/0x5e0 [ 863.817497] ? syscall_return_slowpath+0x31d/0x5e0 [ 863.817514] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 863.817530] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 863.817546] ? prepare_exit_to_usermode+0x291/0x3b0 [ 863.817562] ? perf_trace_sys_enter+0xb10/0xb10 [ 863.817579] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 863.817599] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 863.817611] RIP: 0033:0x45885a 03:39:17 executing program 6: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000740)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000013e95), 0x4) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000140)={0x0, @in6={{0x2, 0x0, 0x0, @mcast1={0xff, 0x1, [], 0x1}}}}, 0x98) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000140)=0xd) close(r0) 03:39:17 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) mount$9p_virtio(&(0x7f00000000c0)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='9p\x00', 0x40, &(0x7f0000000240)={'trans=virtio,', {[{@afid={'afid', 0x3d, 0x9}, 0x2c}, {@cache_loose='cache=loose', 0x2c}, {@privport='privport', 0x2c}, {@cachetag={'cachetag', 0x3d, '/proc/sys/net/ipv4/vs/sync_qlen_max\x00'}, 0x2c}]}}) ioctl(r0, 0x8912, &(0x7f0000000040)="025cc83d6d345f8f762070") r1 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/autofs\x00', 0x98a00, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000380)={r1, &(0x7f0000000300)="002514ea9cfe63346c2835b840f47d775ea7bec8da01664a18d411f0307810de6326f0edfb9776d5bf8636fc5add4b3722e7dcb8fdb1fff4ce4762cbb9d59543e3fc6b54a65041e1d17fd6d5f2bcb661fdb2ac0eae5005ea6795d4fe59ceb19e88ca204a586de0ec19e4d6c2"}, 0x10) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) write$cgroup_pid(r2, &(0x7f0000000100), 0x12) 03:39:17 executing program 7 (fault-call:0 fault-nth:52): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010a0200027400f801", 0x17}], 0x0, &(0x7f00000001c0)) 03:39:17 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020000006f786e6574302d232f70726f6300") 03:39:17 executing program 3: r0 = socket(0xa, 0x1, 0x0) recvfrom$inet6(r0, &(0x7f0000000000)=""/55, 0x37, 0x12003, 0x0, 0x0) setsockopt$inet_int(r0, 0x0, 0xc, &(0x7f0000000040)=0xc, 0x4) getsockopt$inet_opts(r0, 0x0, 0x9, &(0x7f00000002c0)=""/249, &(0x7f0000000080)=0xf9) 03:39:17 executing program 1: openat$tun(0xffffffffffffff9c, &(0x7f0000000000)='/dev/net/tun\x00', 0x0, 0x0) io_setup(0xfe, &(0x7f0000000080)) mount(&(0x7f000000a000)='./file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='configfs\x00', 0x0, &(0x7f0000000040)) utimes(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={{0x0, 0x2710}, {0x77359400}}) [ 863.817614] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 863.817898] RSP: 002b:00007f413f26ea88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 863.817913] RAX: ffffffffffffffda RBX: 00007f413f26eb30 RCX: 000000000045885a [ 863.817922] RDX: 00007f413f26ead0 RSI: 00000000200000c0 RDI: 00007f413f26eaf0 [ 863.817930] RBP: 00000000200000c0 R08: 00007f413f26eb30 R09: 00007f413f26ead0 [ 863.817939] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014 [ 863.817948] R13: 0000000000000000 R14: 00000000004d3f40 R15: 0000000000000032 [ 863.893386] FAULT_INJECTION: forcing a failure. [ 863.893386] name failslab, interval 1, probability 0, space 0, times 0 [ 863.893402] CPU: 0 PID: 15526 Comm: syz-executor7 Not tainted 4.18.0-rc3-next-20180709+ #2 [ 863.893414] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 863.893419] Call Trace: [ 863.893439] dump_stack+0x1c9/0x2b4 [ 863.893459] ? dump_stack_print_info.cold.2+0x52/0x52 [ 863.893481] should_fail.cold.4+0xa/0x11 [ 863.893496] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 863.893518] ? save_stack+0xa9/0xd0 [ 863.893531] ? save_stack+0x43/0xd0 [ 863.893544] ? kasan_kmalloc+0xc4/0xe0 [ 863.893556] ? __kmalloc+0x14e/0x760 [ 863.893567] ? __list_lru_init+0x151/0x840 [ 863.893581] ? alloc_super+0x976/0xb10 [ 863.893594] ? sget_userns+0x276/0x860 [ 863.893607] ? sget+0x10b/0x150 [ 863.893620] ? mount_bdev+0x115/0x3e0 [ 863.893633] ? msdos_mount+0x3c/0x50 [ 863.893647] ? legacy_get_tree+0x118/0x440 [ 863.893660] ? vfs_get_tree+0x1cb/0x5c0 [ 863.893673] ? do_mount+0x6c1/0x1fb0 [ 863.893686] ? ksys_mount+0x12d/0x140 [ 863.893699] ? __x64_sys_mount+0xbe/0x150 [ 863.893713] ? do_syscall_64+0x1b9/0x820 [ 863.893730] ? lock_acquire+0x1e4/0x540 [ 863.893743] ? fs_reclaim_acquire+0x20/0x20 [ 863.893757] ? lock_downgrade+0x8f0/0x8f0 [ 863.893782] ? check_same_owner+0x340/0x340 [ 863.893798] ? rcu_note_context_switch+0x730/0x730 [ 863.893813] __should_failslab+0x124/0x180 [ 863.893832] should_failslab+0x9/0x14 [ 863.893847] kmem_cache_alloc_node_trace+0x26f/0x770 [ 863.893861] ? kasan_kmalloc+0xc4/0xe0 [ 863.893876] __kmalloc_node+0x33/0x70 [ 863.893891] kvmalloc_node+0x65/0xf0 [ 863.893904] __list_lru_init+0x5d9/0x840 [ 863.893915] ? up_write+0x7b/0x220 [ 863.893929] ? list_lru_destroy+0x500/0x500 [ 863.893942] ? prealloc_shrinker+0x124/0x450 [ 863.893957] ? prealloc_shrinker+0x21c/0x450 [ 863.893969] ? inactive_list_is_low+0x850/0x850 [ 863.893982] ? __lockdep_init_map+0x105/0x590 [ 863.893997] alloc_super+0x976/0xb10 [ 863.894014] ? destroy_unused_super.part.11+0x110/0x110 [ 863.894029] ? lock_downgrade+0x8f0/0x8f0 [ 863.894046] ? kasan_check_read+0x11/0x20 [ 863.894059] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 863.894074] ? kasan_check_write+0x14/0x20 [ 863.894087] ? do_raw_spin_lock+0xc1/0x200 [ 863.894103] sget_userns+0x276/0x860 [ 863.894116] ? kill_litter_super+0x60/0x60 [ 863.894130] ? test_single_super+0x10/0x10 [ 863.894145] ? vfs_get_super+0x270/0x270 [ 863.894158] ? kasan_check_read+0x11/0x20 [ 863.894172] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 863.894187] ? kasan_check_write+0x14/0x20 [ 863.894198] ? do_raw_spin_lock+0xc1/0x200 [ 863.894222] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 863.894236] ? ns_capable_common+0x13f/0x170 [ 863.894251] ? kill_litter_super+0x60/0x60 [ 863.894264] sget+0x10b/0x150 [ 863.894277] ? test_single_super+0x10/0x10 [ 863.894290] mount_bdev+0x115/0x3e0 [ 863.894302] ? msdos_mount+0x50/0x50 [ 863.894314] msdos_mount+0x3c/0x50 [ 863.894325] ? setup+0xe0/0xe0 [ 863.894337] legacy_get_tree+0x118/0x440 [ 863.894352] vfs_get_tree+0x1cb/0x5c0 [ 863.894362] ? vfs_set_fs_source+0x12c/0x180 [ 863.894377] do_mount+0x6c1/0x1fb0 [ 863.894388] ? check_same_owner+0x340/0x340 [ 863.894400] ? lock_release+0xa30/0xa30 [ 863.894413] ? copy_mount_string+0x40/0x40 [ 863.894427] ? kasan_kmalloc+0xc4/0xe0 [ 863.894442] ? kmem_cache_alloc_trace+0x318/0x780 [ 863.894458] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 863.894470] ? _copy_from_user+0xdf/0x150 [ 863.894487] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 863.894502] ? copy_mount_options+0x285/0x380 [ 863.894517] ksys_mount+0x12d/0x140 [ 863.894530] __x64_sys_mount+0xbe/0x150 [ 863.894545] do_syscall_64+0x1b9/0x820 [ 863.894556] ? finish_task_switch+0x1d3/0x870 [ 863.894567] ? syscall_return_slowpath+0x5e0/0x5e0 [ 863.894578] ? syscall_return_slowpath+0x31d/0x5e0 [ 863.894589] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 863.894600] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 863.894613] ? prepare_exit_to_usermode+0x291/0x3b0 [ 863.894628] ? perf_trace_sys_enter+0xb10/0xb10 [ 863.894641] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 863.894657] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 863.894665] RIP: 0033:0x45885a [ 863.894670] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 863.894921] RSP: 002b:00007f413f26ea88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 863.894936] RAX: ffffffffffffffda RBX: 00007f413f26eb30 RCX: 000000000045885a [ 863.894944] RDX: 00007f413f26ead0 RSI: 00000000200000c0 RDI: 00007f413f26eaf0 [ 863.894953] RBP: 00000000200000c0 R08: 00007f413f26eb30 R09: 00007f413f26ead0 [ 863.894961] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014 [ 863.894968] R13: 0000000000000000 R14: 00000000004d3f40 R15: 0000000000000033 [ 864.711294] FAULT_INJECTION: forcing a failure. [ 864.711294] name failslab, interval 1, probability 0, space 0, times 0 [ 864.711316] CPU: 0 PID: 15546 Comm: syz-executor7 Not tainted 4.18.0-rc3-next-20180709+ #2 [ 864.711323] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 864.711328] Call Trace: [ 864.711351] dump_stack+0x1c9/0x2b4 [ 864.711371] ? dump_stack_print_info.cold.2+0x52/0x52 [ 864.711389] ? __kernel_text_address+0xd/0x40 [ 864.711410] should_fail.cold.4+0xa/0x11 [ 864.711427] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 864.711447] ? save_stack+0xa9/0xd0 [ 864.711462] ? save_stack+0x43/0xd0 [ 864.711476] ? kasan_kmalloc+0xc4/0xe0 [ 864.711490] ? kmem_cache_alloc_trace+0x152/0x780 [ 864.711501] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 864.711511] ? __list_lru_init+0x4d6/0x840 [ 864.711523] ? alloc_super+0x976/0xb10 [ 864.711533] ? sget+0x10b/0x150 [ 864.711545] ? mount_bdev+0x115/0x3e0 [ 864.711559] ? msdos_mount+0x3c/0x50 [ 864.711573] ? legacy_get_tree+0x118/0x440 [ 864.711585] ? vfs_get_tree+0x1cb/0x5c0 [ 864.711596] ? do_mount+0x6c1/0x1fb0 [ 864.711607] ? ksys_mount+0x12d/0x140 [ 864.711622] ? do_syscall_64+0x1b9/0x820 [ 864.711637] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 864.711654] ? save_stack+0xa9/0xd0 [ 864.711672] ? lock_acquire+0x1e4/0x540 [ 864.711687] ? fs_reclaim_acquire+0x20/0x20 [ 864.711710] ? lock_downgrade+0x8f0/0x8f0 [ 864.711730] ? check_same_owner+0x340/0x340 [ 864.711745] ? rcu_note_context_switch+0x730/0x730 [ 864.711761] __should_failslab+0x124/0x180 [ 864.711774] should_failslab+0x9/0x14 [ 864.711786] kmem_cache_alloc_trace+0x2cb/0x780 [ 864.711801] ? kasan_kmalloc+0xc4/0xe0 [ 864.711821] __memcg_init_list_lru_node+0x185/0x2d0 [ 864.711834] ? kvfree_rcu+0x20/0x20 [ 864.711847] ? __kmalloc_node+0x47/0x70 [ 864.711863] __list_lru_init+0x4d6/0x840 [ 864.711877] ? up_write+0x7b/0x220 [ 864.711893] ? list_lru_destroy+0x500/0x500 [ 864.711907] ? prealloc_shrinker+0x124/0x450 [ 864.711925] ? prealloc_shrinker+0x21c/0x450 [ 864.711940] ? inactive_list_is_low+0x850/0x850 [ 864.711958] ? __lockdep_init_map+0x105/0x590 [ 864.711976] alloc_super+0x976/0xb10 [ 864.711995] ? destroy_unused_super.part.11+0x110/0x110 [ 864.712012] ? lock_downgrade+0x8f0/0x8f0 [ 864.712032] ? kasan_check_read+0x11/0x20 [ 864.712047] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 864.712065] ? kasan_check_write+0x14/0x20 [ 864.712078] ? do_raw_spin_lock+0xc1/0x200 [ 864.712096] sget_userns+0x276/0x860 [ 864.712109] ? kill_litter_super+0x60/0x60 [ 864.712125] ? test_single_super+0x10/0x10 [ 864.712138] ? vfs_get_super+0x270/0x270 [ 864.712152] ? kasan_check_read+0x11/0x20 [ 864.712165] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 864.712182] ? kasan_check_write+0x14/0x20 [ 864.712194] ? do_raw_spin_lock+0xc1/0x200 [ 864.712225] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 864.712240] ? ns_capable_common+0x13f/0x170 [ 864.712257] ? kill_litter_super+0x60/0x60 [ 864.712272] sget+0x10b/0x150 [ 864.712286] ? test_single_super+0x10/0x10 [ 864.712304] mount_bdev+0x115/0x3e0 [ 864.712319] ? msdos_mount+0x50/0x50 [ 864.712335] msdos_mount+0x3c/0x50 [ 864.712349] ? setup+0xe0/0xe0 [ 864.712364] legacy_get_tree+0x118/0x440 [ 864.712382] vfs_get_tree+0x1cb/0x5c0 [ 864.712397] ? vfs_set_fs_source+0x12c/0x180 [ 864.712413] do_mount+0x6c1/0x1fb0 [ 864.712428] ? check_same_owner+0x340/0x340 [ 864.712442] ? lock_release+0xa30/0xa30 [ 864.712460] ? copy_mount_string+0x40/0x40 [ 864.712476] ? kasan_kmalloc+0xc4/0xe0 [ 864.712495] ? kmem_cache_alloc_trace+0x318/0x780 [ 864.712512] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 864.712527] ? _copy_from_user+0xdf/0x150 [ 864.712545] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 864.712559] ? copy_mount_options+0x285/0x380 [ 864.712577] ksys_mount+0x12d/0x140 [ 864.712594] __x64_sys_mount+0xbe/0x150 [ 864.712612] do_syscall_64+0x1b9/0x820 [ 864.712626] ? finish_task_switch+0x1d3/0x870 [ 864.712642] ? syscall_return_slowpath+0x5e0/0x5e0 [ 864.712659] ? syscall_return_slowpath+0x31d/0x5e0 [ 864.712675] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 864.712698] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 864.712716] ? prepare_exit_to_usermode+0x291/0x3b0 [ 864.712734] ? perf_trace_sys_enter+0xb10/0xb10 [ 864.712753] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 864.712775] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 864.712787] RIP: 0033:0x45885a [ 864.712792] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 864.713056] RSP: 002b:00007f413f26ea88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 864.713073] RAX: ffffffffffffffda RBX: 00007f413f26eb30 RCX: 000000000045885a [ 864.713083] RDX: 00007f413f26ead0 RSI: 00000000200000c0 RDI: 00007f413f26eaf0 [ 864.713093] RBP: 00000000200000c0 R08: 00007f413f26eb30 R09: 00007f413f26ead0 [ 864.713103] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014 03:39:18 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ff0a00000000000003001300020000000000fcffffff0000030006000000000002004e20e000000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x0) 03:39:18 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bridge0\x00', 0x0}) ioctl$sock_inet6_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000100)={@loopback={0x0, 0x1}, 0x8, r1}) syz_mount_image$bfs(&(0x7f0000000180)='bfs\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, &(0x7f0000000240), 0x0, 0x0) 03:39:18 executing program 3: r0 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0x9, 0x210440) setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000040)={0xbb4b, 0x6, 0x3, 0x769, 0x9}, 0x14) r1 = socket$inet6(0xa, 0x5, 0x1) ioctl(r1, 0x3, &(0x7f0000000340)="025cc83d6d345f8f7620700fb9a60bc0a03999ae27d0b5b1747cfc002a7b500354ecc4bdc17408c62924cb8bf8d6d94503f51a36b155320082fa04e2a7874a87993f385b12998d674cfe45e8e2d80023811b785a600aa90591e439abac682c9ccc8bb5a8449b80f5dc45a3047451df44ed6abc5a80ddce95c13e71452f1c85df948804f7be34116d1955b334ab6ebbf3de0e7aa8455a00bb74a20000000000000000a0b32554bf7e3eee678ff3fc3c54c830cd65cd9e32efd5fa9a1cd4deed605db1a0937facd03350da50b02e1ca580b01945f2d10e8d5effd19d3239118b8cc8f3aa0d70a49e705aabd1b0d4fb69788201cca3663698cb2b3f236b67cc6119a7f48e7b9823611dd3445add70f6d42842a860357d98a3f3a776921a78a3be6d2c2fd58b093b12719f8fb01d663df270eb75463a2665994a9602d93efa350b978f361cf8bbe417a9410d96b3a15ebbd10e8b1a101e82fd6c85ea52909b73e77502e0b189f42fc6fe3ee634350f964556684a2f6e578d1a03e77bb9e69ea151dfcf2244db5d9e4e56b6ab2d440632abf60d3de829743bd19801a30dc4a939d186bba0eed7015ac006ad8d9a5305ebff5b9c6af9706a2ceae3d0cd49a7e03a069dc13ed64c8c70b97e8c7f370920d66c4a3df16c6136c8672709994a1ac05d00be7492bcde80492af06ef22f6fa5704218859d7db64ca87689807a169916b55e3f8084424f145413140d31f3fc61415560d337d1017d2ed48d99e12a008b28013148c2bd3f3f620875780d7d29b3b68cfa6d78e61ac006acb4b78056821f292b8ade36b9691c04a88ccf") 03:39:18 executing program 5: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000002480)={0x1, 0x3, 0x7a, 0x2}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000180)={r0, &(0x7f0000000040)="2f0f86467d5f3e1a9fe65eb10e9705af5d576d5fc2942189a7073312adc76e8b520a4f9faf5329ab0d619282ec03fd4c68d9c0ac", &(0x7f0000000080)=""/220}, 0x18) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000000)={r0, &(0x7f0000ab2000), &(0x7f0000da1000)}, 0x20) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00004f1ff0)={r0, &(0x7f0000068000)}, 0x10) r1 = syz_open_dev$dspn(&(0x7f0000000200)='/dev/dsp#\x00', 0xffffffffffff4d33, 0x40) setsockopt$inet6_MCAST_JOIN_GROUP(r1, 0x29, 0x2a, &(0x7f0000000240)={0x3, {{0xa, 0x4e22, 0x4, @remote={0xfe, 0x80, [], 0xbb}, 0xffffffff}}}, 0x88) syz_open_dev$vcsa(&(0x7f00000001c0)='/dev/vcsa#\x00', 0x20, 0x20000) 03:39:18 executing program 1: openat$tun(0xffffffffffffff9c, &(0x7f0000000000)='/dev/net/tun\x00', 0x0, 0x0) mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) mount(&(0x7f000000a000)='./file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='configfs\x00', 0x0, &(0x7f0000000040)) utimes(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={{0x0, 0x2710}, {0x77359400}}) 03:39:18 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020000006f786e6574302d232f70726f6300") 03:39:18 executing program 7 (fault-call:0 fault-nth:53): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010a0200027400f801", 0x17}], 0x0, &(0x7f00000001c0)) 03:39:18 executing program 6: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000740)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000013e95), 0x4) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000140)={0x0, @in6={{0x2, 0x0, 0x0, @mcast1={0xff, 0x1, [], 0x1}}}}, 0x98) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000140)=0xd) close(r0) [ 864.713112] R13: 0000000000000000 R14: 00000000004d3f40 R15: 0000000000000034 [ 865.807764] FAULT_INJECTION: forcing a failure. [ 865.807764] name failslab, interval 1, probability 0, space 0, times 0 [ 865.819129] CPU: 0 PID: 15579 Comm: syz-executor7 Not tainted 4.18.0-rc3-next-20180709+ #2 [ 865.827638] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 865.837004] Call Trace: [ 865.839693] dump_stack+0x1c9/0x2b4 [ 865.843332] ? dump_stack_print_info.cold.2+0x52/0x52 [ 865.848528] ? __kernel_text_address+0xd/0x40 [ 865.853035] should_fail.cold.4+0xa/0x11 [ 865.857137] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 865.862251] ? save_stack+0xa9/0xd0 [ 865.865917] ? save_stack+0x43/0xd0 [ 865.869550] ? kasan_kmalloc+0xc4/0xe0 [ 865.873463] ? kmem_cache_alloc_trace+0x152/0x780 [ 865.878306] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 865.883584] ? __list_lru_init+0x4d6/0x840 [ 865.887833] ? alloc_super+0x976/0xb10 [ 865.891740] ? sget+0x10b/0x150 [ 865.895036] ? mount_bdev+0x115/0x3e0 [ 865.898869] ? msdos_mount+0x3c/0x50 [ 865.903131] ? legacy_get_tree+0x118/0x440 [ 865.907979] ? vfs_get_tree+0x1cb/0x5c0 [ 865.911981] ? do_mount+0x6c1/0x1fb0 [ 865.915697] ? ksys_mount+0x12d/0x140 [ 865.919614] ? do_syscall_64+0x1b9/0x820 [ 865.923682] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 865.929229] ? save_stack+0xa9/0xd0 [ 865.932868] ? lock_acquire+0x1e4/0x540 [ 865.936858] ? fs_reclaim_acquire+0x20/0x20 [ 865.941299] ? lock_downgrade+0x8f0/0x8f0 [ 865.945457] ? check_same_owner+0x340/0x340 [ 865.949890] ? rcu_note_context_switch+0x730/0x730 [ 865.955022] __should_failslab+0x124/0x180 [ 865.959267] should_failslab+0x9/0x14 [ 865.963082] kmem_cache_alloc_trace+0x2cb/0x780 [ 865.967757] ? kasan_kmalloc+0xc4/0xe0 [ 865.971676] __memcg_init_list_lru_node+0x185/0x2d0 [ 865.976697] ? kvfree_rcu+0x20/0x20 [ 865.980325] ? __kmalloc_node+0x47/0x70 [ 865.984307] __list_lru_init+0x4d6/0x840 [ 865.988372] ? up_write+0x7b/0x220 [ 865.993061] ? list_lru_destroy+0x500/0x500 [ 865.997384] ? prealloc_shrinker+0x124/0x450 [ 866.001826] ? prealloc_shrinker+0x21c/0x450 [ 866.006238] ? inactive_list_is_low+0x850/0x850 [ 866.010943] ? __lockdep_init_map+0x105/0x590 [ 866.015469] alloc_super+0x976/0xb10 [ 866.019189] ? destroy_unused_super.part.11+0x110/0x110 [ 866.025616] ? lock_downgrade+0x8f0/0x8f0 [ 866.029770] ? kasan_check_read+0x11/0x20 [ 866.033927] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 866.038685] ? kasan_check_write+0x14/0x20 [ 866.042918] ? do_raw_spin_lock+0xc1/0x200 [ 866.047159] sget_userns+0x276/0x860 [ 866.051148] ? kill_litter_super+0x60/0x60 [ 866.055384] ? test_single_super+0x10/0x10 [ 866.059617] ? vfs_get_super+0x270/0x270 [ 866.063702] ? kasan_check_read+0x11/0x20 [ 866.067853] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 866.072439] ? kasan_check_write+0x14/0x20 [ 866.076675] ? do_raw_spin_lock+0xc1/0x200 [ 866.080931] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 866.086470] ? ns_capable_common+0x13f/0x170 [ 866.090897] ? kill_litter_super+0x60/0x60 [ 866.095141] sget+0x10b/0x150 [ 866.098334] ? test_single_super+0x10/0x10 [ 866.102577] mount_bdev+0x115/0x3e0 [ 866.106659] ? msdos_mount+0x50/0x50 [ 866.110478] msdos_mount+0x3c/0x50 [ 866.114029] ? setup+0xe0/0xe0 [ 866.117223] legacy_get_tree+0x118/0x440 [ 866.121288] vfs_get_tree+0x1cb/0x5c0 [ 866.125088] ? vfs_set_fs_source+0x12c/0x180 [ 866.129502] do_mount+0x6c1/0x1fb0 [ 866.133045] ? check_same_owner+0x340/0x340 [ 866.137367] ? lock_release+0xa30/0xa30 [ 866.141446] ? copy_mount_string+0x40/0x40 [ 866.145709] ? retint_kernel+0x10/0x10 [ 866.149604] ? copy_mount_options+0x1f0/0x380 [ 866.154113] ? copy_mount_options+0x1f6/0x380 [ 866.158623] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 866.164160] ? copy_mount_options+0x285/0x380 [ 866.168659] ksys_mount+0x12d/0x140 [ 866.172287] __x64_sys_mount+0xbe/0x150 [ 866.176268] do_syscall_64+0x1b9/0x820 [ 866.180154] ? finish_task_switch+0x1d3/0x870 [ 866.184664] ? syscall_return_slowpath+0x5e0/0x5e0 [ 866.189604] ? syscall_return_slowpath+0x31d/0x5e0 [ 866.194623] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 866.199651] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 866.205211] ? prepare_exit_to_usermode+0x291/0x3b0 [ 866.210251] ? perf_trace_sys_enter+0xb10/0xb10 [ 866.214920] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 866.219770] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 866.224955] RIP: 0033:0x45885a [ 866.228311] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 866.247643] RSP: 002b:00007f413f26ea88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 03:39:18 executing program 2: socket$l2tp(0x18, 0x1, 0x1) r0 = socket$netlink(0x10, 0x3, 0x4) write(r0, &(0x7f00000001c0)="23000000140013ef70361b98c3c7621617a3be9d11f3e98bde7fd12e39b03914a8060000000000000012ff00000007a715077508003ce2bcb3dcf2756e7cbfd1b52e272bf3265508d5de84d5da446263ae9ef951680bcd2afbfcefbde490a2814d497a6fb00e5aac760c4752280e3a0c9be1eaa97276b4901d7bb2cfe5cf90f8e82e051d16deb35185731c8da438e90d4bbfed0f16dde74dd2844230e55223fbe2c7494e8c6d75fa726cea0840d14742653834458050ef9797861d84086f53c4ea735390725baaee9f8b96394d1b3fbe98d41d59efbb38cf075163a9871b41899eca694fc6ae527ab5a8fee1746b50ed7df22c372a359f5556", 0xfffffceb) 03:39:19 executing program 5: sched_setattr(0x0, &(0x7f0000000080), 0x0) mmap(&(0x7f0000000000/0x19000)=nil, 0x19000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000e53fe8)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000007fe0)={{&(0x7f0000000000/0x4000)=nil, 0x4000}, 0x1}) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) r2 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000cd8ff4)) r3 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x10202, 0x0) ioctl$KVM_GET_DEVICE_ATTR(r3, 0x4018aee2, &(0x7f0000000180)={0x0, 0x6, 0x0, &(0x7f0000000140)=0xcb2}) r4 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r2, &(0x7f0000007000)={0xffffffffc0000001}) epoll_wait(r2, &(0x7f0000000040)=[{}], 0x104, 0x0) epoll_wait(r4, &(0x7f0000cd8ff4)=[{}], 0x2c2, 0x0) r5 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x41, 0x0) ioctl$SCSI_IOCTL_GET_BUS_NUMBER(r5, 0x5386, &(0x7f00000000c0)) ioctl$UFFDIO_UNREGISTER(r0, 0xc020aa04, &(0x7f0000007ffc)={&(0x7f0000000000/0x2000)=nil, 0x2000}) 03:39:19 executing program 1: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) mount(&(0x7f000000a000)='./file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='configfs\x00', 0x0, &(0x7f0000000040)) utimes(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={{0x0, 0x2710}, {0x77359400}}) 03:39:19 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020000006f786e6574302d232f70726f6300") [ 866.255612] RAX: ffffffffffffffda RBX: 00007f413f26eb30 RCX: 000000000045885a [ 866.262899] RDX: 00007f413f26ead0 RSI: 00000000200000c0 RDI: 00007f413f26eaf0 [ 866.270891] RBP: 00000000200000c0 R08: 00007f413f26eb30 R09: 00007f413f26ead0 [ 866.278637] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014 [ 866.285912] R13: 0000000000000000 R14: 00000000004d3f40 R15: 0000000000000035 03:39:19 executing program 7 (fault-call:0 fault-nth:54): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010a0200027400f801", 0x17}], 0x0, &(0x7f00000001c0)) 03:39:19 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0x0, 0x381000) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r1, 0x40045542, &(0x7f0000000180)=0x5) syz_mount_image$msdos(&(0x7f0000000040)='msdos\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="74696d655f070024bda0da2a35ea0001eebdf2fb7b196f7a7487928b932d7de0013dd4e925c2c7c75e6625ff524921f72c6b999e1247e96999151a978d7bc918890828ecf3bbb1e7840e4daef88ea1e2056a3f8d17f773fddb68ec3cf63550ae677466658c5b2505f2685a46e5239a8ff2cdff738e725ec499f4283b4431385184ac5cd9d62db13a3f400b056fac11d9a969d621f3c6ce918e0e4f814523ca4d84461e7154ba94bda63033cdf09cf38e852617f7fd8c07300efb64"]) [ 866.384405] FAULT_INJECTION: forcing a failure. [ 866.384405] name failslab, interval 1, probability 0, space 0, times 0 [ 866.396374] CPU: 1 PID: 15602 Comm: syz-executor7 Not tainted 4.18.0-rc3-next-20180709+ #2 [ 866.403755] FAT-fs (loop3): Unrecognized mount option "time_" or missing value [ 866.404867] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 866.404873] Call Trace: [ 866.404894] dump_stack+0x1c9/0x2b4 [ 866.404917] ? dump_stack_print_info.cold.2+0x52/0x52 [ 866.433735] ? __kernel_text_address+0xd/0x40 [ 866.438245] should_fail.cold.4+0xa/0x11 [ 866.442316] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 866.447427] ? save_stack+0xa9/0xd0 [ 866.451063] ? save_stack+0x43/0xd0 [ 866.454694] ? kasan_kmalloc+0xc4/0xe0 [ 866.458604] ? kmem_cache_alloc_trace+0x152/0x780 [ 866.463447] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 866.468651] ? __list_lru_init+0x4d6/0x840 [ 866.472886] ? alloc_super+0x976/0xb10 [ 866.476774] ? sget+0x10b/0x150 [ 866.480074] ? mount_bdev+0x115/0x3e0 [ 866.483876] ? msdos_mount+0x3c/0x50 [ 866.487748] ? legacy_get_tree+0x118/0x440 [ 866.491991] ? vfs_get_tree+0x1cb/0x5c0 [ 866.495968] ? do_mount+0x6c1/0x1fb0 [ 866.499945] ? ksys_mount+0x12d/0x140 [ 866.503752] ? do_syscall_64+0x1b9/0x820 [ 866.507902] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 866.513273] ? save_stack+0xa9/0xd0 [ 866.516909] ? lock_acquire+0x1e4/0x540 [ 866.520909] ? fs_reclaim_acquire+0x20/0x20 [ 866.525236] ? lock_downgrade+0x8f0/0x8f0 [ 866.529394] ? check_same_owner+0x340/0x340 03:39:19 executing program 2: r0 = syz_open_dev$sndmidi(&(0x7f0000000380)='/dev/snd/midiC#D#\x00', 0x2, 0x1) r1 = syz_open_dev$sndpcmc(&(0x7f00000002c0)='/dev/snd/pcmC#D#c\x00', 0xfff, 0x200000) r2 = syz_genetlink_get_family_id$team(&(0x7f0000000340)='team\x00') getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffff9c, 0x29, 0x22, &(0x7f0000000480)={{{@in=@rand_addr, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast2}, 0x0, @in=@multicast1}}, &(0x7f0000000580)=0xe8) getpeername$packet(0xffffffffffffff9c, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, &(0x7f0000001b40)=0x14) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000001b80)={{{@in, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@local}, 0x0, @in6}}, &(0x7f0000001c80)=0xe8) getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000001dc0)={0x0, @loopback, @broadcast}, &(0x7f0000001e00)=0xc) getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000001e80)={0x0, @local, @broadcast}, &(0x7f0000001ec0)=0xc) getsockopt$inet_pktinfo(0xffffffffffffff9c, 0x0, 0x8, &(0x7f0000001f00)={0x0, @dev, @remote}, &(0x7f0000001f40)=0xc) ioctl$sock_SIOCGIFINDEX(0xffffffffffffff9c, 0x8933, &(0x7f0000001f80)={'teql0\x00', 0x0}) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffff9c, 0x0, 0x10, &(0x7f0000001fc0)={{{@in6, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{}, 0x0, @in6=@local}}, &(0x7f00000020c0)=0xe8) getpeername$packet(0xffffffffffffffff, &(0x7f0000002100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f0000002140)=0x14) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffff9c, 0x0, 0x10, &(0x7f00000024c0)={{{@in=@remote, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast1}, 0x0, @in6=@local}}, &(0x7f00000025c0)=0xe8) accept$packet(0xffffffffffffff9c, &(0x7f0000002600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, &(0x7f0000002640)=0x14) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000002680)={'syzkaller0\x00', 0x0}) getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, &(0x7f00000026c0)={@empty, 0x0}, &(0x7f0000002700)=0x14) getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1c, &(0x7f0000002840)={@mcast2, 0x0}, &(0x7f0000002880)=0x14) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f00000028c0)={{{@in=@rand_addr, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@broadcast}, 0x0, @in6=@dev}}, &(0x7f00000029c0)=0xe8) getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x27, &(0x7f0000002b80)={@loopback, @multicast2, 0x0}, &(0x7f0000002bc0)=0xc) getpeername$packet(0xffffffffffffff9c, &(0x7f0000005640)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000005680)=0x14) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000056c0)={{{@in6=@ipv4={[], [], @rand_addr}, @in6=@ipv4={[], [], @multicast2}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@dev}, 0x0, @in6}}, &(0x7f00000057c0)=0xe8) recvmsg(0xffffffffffffffff, &(0x7f0000005a80)={&(0x7f0000005800)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @link_local}, 0x80, &(0x7f0000005940)=[{&(0x7f0000005880)=""/61, 0x3d}, {&(0x7f00000058c0)=""/81, 0x51}], 0x2, &(0x7f0000005980)=""/242, 0xf2, 0x4}, 0x40000000) setsockopt$IP_VS_SO_SET_ADD(r1, 0x0, 0x482, &(0x7f00000003c0)={0x3b, @broadcast=0xffffffff, 0x4e23, 0x4, 'wrr\x00', 0x28, 0x1, 0x35}, 0x2c) getdents64(r1, &(0x7f00000005c0)=""/200, 0xc8) getsockopt$IP_VS_SO_GET_INFO(r1, 0x0, 0x481, &(0x7f0000000400), &(0x7f0000000440)=0xc) sendmsg$TEAM_CMD_NOOP(r1, &(0x7f0000006340)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000006300)={&(0x7f0000005ac0)={0x828, r2, 0x402, 0x70bd29, 0x25dfdbff, {}, [{{0x8, 0x1, r3}, {0x190, 0x2, [{0x40, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x8, 0x3, 0x5}, {0x10, 0x4, 'loadbalance\x00'}}}, {0x4c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x8, 0x3, 0x5}, {0x1c, 0x4, 'hash_to_port_mapping\x00'}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8, 0x3, 0x6}, {0x4, 0x4}}, {0x8, 0x6, r4}}}, {0x4c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x8, 0x3, 0x5}, {0x1c, 0x4, 'hash_to_port_mapping\x00'}}}, {0x38, 0x1, @notify_peers_interval={{0x24, 0x1, 'notify_peers_interval\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x1}}}, {0x40, 0x1, @queue_id={{{0x24, 0x1, 'queue_id\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x200}}, {0x8, 0x6, r5}}}]}}, {{0x8, 0x1, r6}, {0x140, 0x2, [{0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8, 0x3, 0x6}, {0x4, 0x4}}, {0x8, 0x6, r7}}}, {0x54, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8, 0x3, 0xb}, {0x24, 0x4, [{0x9, 0x6, 0x9, 0x7f}, {0x43, 0x0, 0x89, 0x8}, {0x5, 0x1, 0x800, 0xb7}, {0xc1, 0x0, 0x0, 0xf5}]}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24, 0x1, 'mcast_rejoin_count\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x6fa}}}, {0x3c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x8, 0x3, 0x5}, {0xc, 0x4, 'hash\x00'}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24, 0x1, 'lb_stats_refresh_interval\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x3}}}]}}, {{0x8, 0x1, r8}, {0xb4, 0x2, [{0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x1000}}}, {0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8, 0x3, 0x6}, {0x4, 0x4}}, {0x8, 0x6, r9}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8, 0x3, 0x6}, {0x4, 0x4}}, {0x8, 0x6, r10}}}]}}, {{0x8, 0x1, r11}, {0x1f8, 0x2, [{0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, r12}}, {0x8, 0x7}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8, 0x3, 0x6}, {0x4, 0x4}}, {0x8, 0x6, r13}}}, {0x4c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x8, 0x3, 0x5}, {0x1c, 0x4, 'hash_to_port_mapping\x00'}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, r14}}, {0x8, 0x7}}}, {0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8, 0x3, 0x6}, {0x4, 0x4}}, {0x8, 0x6, r15}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24, 0x1, 'lb_stats_refresh_interval\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x4}}}, {0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x8, 0x3, 0xe}, {0x8, 0x4, 0x9}}, {0x8, 0x6, r16}}}, {0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x100000000}}}]}}, {{0x8, 0x1, r17}, {0xc8, 0x2, [{0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x8, 0x3, 0xb}, {0x8, 0x4}}, {0x8, 0x7}}}, {0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x8, 0x3, 0xe}, {0x8, 0x4, 0xfffffffffffff800}}, {0x8, 0x6, r18}}}, {0x44, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8, 0x3, 0xb}, {0x14, 0x4, [{0x8, 0x4, 0x80000000, 0xe0000000}, {0x0, 0x3, 0x1, 0x2}]}}}]}}, {{0x8, 0x1, r19}, {0x1a0, 0x2, [{0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, r20}}, {0x8, 0x7}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8, 0x3, 0xb}, {0x8, 0x4, 0x100000001}}, {0x8, 0x6, r21}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24, 0x1, 'lb_stats_refresh_interval\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x1}}}, {0x3c, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8, 0x3, 0xb}, {0xc, 0x4, [{0x2000000, 0x5, 0x5, 0x3}]}}}, {0x6c, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8, 0x3, 0xb}, {0x3c, 0x4, [{0x3, 0x0, 0x3bdd, 0x8}, {0x5, 0x4, 0x9}, {0x4, 0x6, 0x20, 0x4}, {0xffff, 0x7, 0x0, 0x1}, {0x7fffffff, 0xffffffff80000000, 0x0, 0x8}, {0x1, 0x5, 0xfffffffffffffffc, 0x3}, {0x7, 0x5, 0x790}]}}}, {0x3c, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8, 0x3, 0xb}, {0xc, 0x4, [{0x2, 0x5, 0xfff, 0x7fff}]}}}]}}]}, 0x828}, 0x1, 0x0, 0x0, 0x4000}, 0x80) r22 = syz_open_procfs(0x0, &(0x7f0000000000)='mountstats\x00') getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(0xffffffffffffff9c, 0x84, 0x70, &(0x7f00000000c0)={0x0, @in6={{0xa, 0x4e21, 0x35a, @empty, 0x9}}, [0x0, 0x8, 0x33d4bcc0, 0xfffffffffffffffe, 0x6, 0x9, 0xfffffffffffffff8, 0xa7a0, 0x1, 0x401, 0x1, 0x80, 0x8, 0x7fffffff]}, &(0x7f0000000040)=0x100) prctl$void(0x27) getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r22, 0x84, 0x6, &(0x7f00000001c0)={r23, @in={{0x2, 0x4e22, @remote={0xac, 0x14, 0x14, 0xbb}}}}, &(0x7f0000000280)=0x84) 03:39:19 executing program 0: r0 = socket$inet6(0xa, 0x3, 0x800000020) r1 = socket$key(0xf, 0x3, 0x2) ioctl(r1, 0x10008914, &(0x7f00000000c0)="b01a0effc92c5db511e4b65743d14cb88e00ff") ioctl$sock_SIOCGIFCONF(r0, 0x8910, &(0x7f0000000080)=@buf={0x85, &(0x7f0000000100)="0f8e7cfd39b23e1643544c9e583488ea730a366ad363c2e2f790cf236f4930dcd77c59fc46aee7cf9f6889bebc30ba8e4ab2a12953e8eca5ddbfd5962a1f96c6a22526ee7b6ddc1914d7ff1f2f1a4fbcba1348de3d3e55ef242dee439389c7aee0701f2d316350d3fa041690910ab2eecc0027da47eb2050f3d5bbd009f1253ed052417ac9"}) r2 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r2, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000000000)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff00030006000000000002004e20e0000001e6ff0000fdffff2302000100f8ffffff0000000002004e20e00000a0ea863accd2ce5ea200097dc7f6833473e4d4a2971f000000000500000000000000"], 0x60}, 0x1}, 0x0) getsockname$packet(r0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, &(0x7f0000000200)=0x14) 03:39:19 executing program 1 (fault-call:2 fault-nth:0): mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) mount(&(0x7f000000a000)='./file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='configfs\x00', 0x0, &(0x7f0000000040)) utimes(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={{0x0, 0x2710}, {0x77359400}}) [ 866.533741] ? rcu_note_context_switch+0x730/0x730 [ 866.538702] __should_failslab+0x124/0x180 [ 866.542964] should_failslab+0x9/0x14 [ 866.546768] kmem_cache_alloc_trace+0x2cb/0x780 [ 866.551469] ? kasan_kmalloc+0xc4/0xe0 [ 866.555376] __memcg_init_list_lru_node+0x185/0x2d0 [ 866.560410] ? kvfree_rcu+0x20/0x20 [ 866.564056] ? __kmalloc_node+0x47/0x70 [ 866.568134] __list_lru_init+0x4d6/0x840 [ 866.572418] ? up_write+0x7b/0x220 [ 866.575988] ? list_lru_destroy+0x500/0x500 [ 866.580757] ? prealloc_shrinker+0x124/0x450 [ 866.585260] ? prealloc_shrinker+0x21c/0x450 [ 866.589692] ? inactive_list_is_low+0x850/0x850 [ 866.594371] ? __lockdep_init_map+0x105/0x590 [ 866.598873] alloc_super+0x976/0xb10 [ 866.602594] ? destroy_unused_super.part.11+0x110/0x110 [ 866.607976] ? lock_downgrade+0x8f0/0x8f0 [ 866.612131] ? kasan_check_read+0x11/0x20 [ 866.616286] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 866.620879] ? kasan_check_write+0x14/0x20 [ 866.625122] ? do_raw_spin_lock+0xc1/0x200 [ 866.629369] sget_userns+0x276/0x860 [ 866.633127] ? kill_litter_super+0x60/0x60 [ 866.637471] ? test_single_super+0x10/0x10 [ 866.641716] ? vfs_get_super+0x270/0x270 [ 866.645872] ? kasan_check_read+0x11/0x20 [ 866.650030] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 866.654623] ? kasan_check_write+0x14/0x20 [ 866.658895] ? do_raw_spin_lock+0xc1/0x200 [ 866.663257] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 866.668808] ? ns_capable_common+0x13f/0x170 [ 866.673224] ? kill_litter_super+0x60/0x60 [ 866.677461] sget+0x10b/0x150 [ 866.680580] ? test_single_super+0x10/0x10 03:39:19 executing program 6: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000740)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000013e95), 0x4) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000140)={0x0, @in6={{0x2, 0x0, 0x0, @mcast1={0xff, 0x1, [], 0x1}}}}, 0x98) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000140)=0xd) close(r0) [ 866.684861] mount_bdev+0x115/0x3e0 [ 866.688493] ? msdos_mount+0x50/0x50 [ 866.692209] msdos_mount+0x3c/0x50 [ 866.695753] ? setup+0xe0/0xe0 [ 866.698950] legacy_get_tree+0x118/0x440 [ 866.703024] vfs_get_tree+0x1cb/0x5c0 [ 866.706826] ? vfs_set_fs_source+0x12c/0x180 [ 866.711242] do_mount+0x6c1/0x1fb0 [ 866.714794] ? check_same_owner+0x340/0x340 [ 866.719123] ? lock_release+0xa30/0xa30 [ 866.723213] ? copy_mount_string+0x40/0x40 [ 866.727459] ? kasan_kmalloc+0xc4/0xe0 [ 866.731364] ? kmem_cache_alloc_trace+0x318/0x780 [ 866.737271] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 866.742820] ? _copy_from_user+0xdf/0x150 [ 866.747160] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 866.752742] ? copy_mount_options+0x285/0x380 [ 866.757257] ksys_mount+0x12d/0x140 [ 866.760898] __x64_sys_mount+0xbe/0x150 [ 866.764974] do_syscall_64+0x1b9/0x820 [ 866.768898] ? finish_task_switch+0x1d3/0x870 [ 866.773405] ? syscall_return_slowpath+0x5e0/0x5e0 [ 866.778374] ? syscall_return_slowpath+0x31d/0x5e0 [ 866.783319] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 866.788442] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 866.793998] ? prepare_exit_to_usermode+0x291/0x3b0 [ 866.799322] ? perf_trace_sys_enter+0xb10/0xb10 [ 866.804013] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 866.808881] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 866.814097] RIP: 0033:0x45885a 03:39:19 executing program 2: ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000000)={0xffffffffffffff9c}) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r2 = openat$ion(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ion\x00', 0x100, 0x0) setsockopt$IP_VS_SO_SET_DEL(r0, 0x0, 0x484, &(0x7f0000000180)={0x3c, @loopback=0x7f000001, 0x4e22, 0x4, 'lblc\x00', 0x0, 0x5, 0x29}, 0x2c) r3 = dup2(r2, r2) ioctl$SNDRV_TIMER_IOCTL_STATUS(r3, 0x80605414, &(0x7f00000001c0)=""/69) r4 = socket$key(0xf, 0x3, 0x2) ppoll(&(0x7f00000000c0)=[{r0, 0x100}, {r1, 0x1410}, {r2, 0xa074}, {r4, 0x81}], 0x4, &(0x7f0000000100)={0x0, 0x989680}, &(0x7f0000000140)={0x5}, 0x8) syz_emit_ethernet(0x2a, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaaaaaaaaaa04427d3dccada38ee600001c00000071aa0f00aa001c9078ffffffff0000000000000000"], &(0x7f00000002c0)) [ 866.817283] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 866.837779] RSP: 002b:00007f413f26ea88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 866.846326] RAX: ffffffffffffffda RBX: 00007f413f26eb30 RCX: 000000000045885a [ 866.853603] RDX: 00007f413f26ead0 RSI: 00000000200000c0 RDI: 00007f413f26eaf0 [ 866.861175] RBP: 00000000200000c0 R08: 00007f413f26eb30 R09: 00007f413f26ead0 [ 866.868623] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014 [ 866.875898] R13: 0000000000000000 R14: 00000000004d3f40 R15: 0000000000000036 03:39:19 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020000006f786e6574302d232f70726f6397") 03:39:19 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r1, &(0x7f0000deb000)={0x2, 0x4e23, @broadcast=0xffffffff}, 0x10) setsockopt$inet_icmp_ICMP_FILTER(r1, 0x1, 0x1, &(0x7f0000000080)={0x1}, 0x4) r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x40000, 0x0) socket$inet(0x2, 0x3, 0x6) ioctl$sock_kcm_SIOCKCMUNATTACH(r2, 0x89e1, &(0x7f00000000c0)={r1}) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000100)=0x0) setpriority(0x3, r3, 0x7f) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000180)='ip6gretap0\x00', 0x10) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f00006dc000)=[{0x6, 0x0, 0x0, 0xa1}]}, 0x10) sendto$inet(r1, &(0x7f0000000140), 0x0, 0x200007ff, &(0x7f0000deaff0)={0x2, 0x4e23}, 0x10) sendto$inet(r1, &(0x7f00006fd000)="c3401c344654f3c7d9b41ba48c8e319aa4eedc3d6bd8ebd65c856a27d61154adc2b2a9763ae0001c0d32e11f38e9dd18c58f6bd779650fc30f93653bdaecf323c9f6502ceab47e58114347b289546465a5eb278de12b1989f64cc99412e36880d20c34d91051b22f6c8acc9d082b7bcdec844f667da0867d08d4154004997e317b79", 0x82, 0x0, &(0x7f0000e66000)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r2, 0x40045532, &(0x7f00000001c0)=0x1000) setsockopt$inet_sctp6_SCTP_EVENTS(r2, 0x84, 0xb, &(0x7f0000000140)={0x10000, 0x1, 0x4, 0x9f25, 0x6, 0xab4a, 0x1, 0x6, 0x2, 0x4, 0x8}, 0xb) shutdown(r1, 0x1) 03:39:19 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x73, &(0x7f0000000140)={0x0, 0x4, 0x0, 0xb7d7, 0x86c}, &(0x7f0000000180)=0x18) setsockopt$inet_sctp6_SCTP_AUTH_DEACTIVATE_KEY(r0, 0x84, 0x23, &(0x7f00000001c0)={r1, 0x4}, 0x8) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r2 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r2, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x0) r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x800, 0x0) ioctl$BLKREPORTZONE(r3, 0xc0101282, &(0x7f0000000040)={0x20, 0x3, 0x0, [{0x8d, 0x7, 0x4, 0xfff, 0xfffffffffffffffd, 0x3ff, 0xc5}, {0x4, 0x3, 0x7, 0xce, 0x7f, 0x9, 0x7}, {0x3, 0x5, 0x5, 0x1, 0x4, 0xfffffffffffffe01}]}) [ 866.939354] FAT-fs (loop3): Unrecognized mount option "time_" or missing value [ 866.953384] FAULT_INJECTION: forcing a failure. [ 866.953384] name failslab, interval 1, probability 0, space 0, times 0 [ 866.965247] CPU: 1 PID: 15628 Comm: syz-executor1 Not tainted 4.18.0-rc3-next-20180709+ #2 [ 866.973768] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 866.983143] Call Trace: [ 866.985771] dump_stack+0x1c9/0x2b4 [ 866.989399] ? dump_stack_print_info.cold.2+0x52/0x52 [ 866.994598] should_fail.cold.4+0xa/0x11 [ 866.998671] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 867.003782] ? _kstrtoull+0x188/0x250 [ 867.007572] ? _parse_integer+0x190/0x190 [ 867.011722] ? lock_release+0xa30/0xa30 [ 867.015687] ? check_same_owner+0x340/0x340 [ 867.020012] ? lock_acquire+0x1e4/0x540 [ 867.023978] ? get_pid_task+0xd8/0x1a0 [ 867.027863] ? lock_downgrade+0x8f0/0x8f0 [ 867.032180] ? lock_acquire+0x1e4/0x540 [ 867.036148] ? fs_reclaim_acquire+0x20/0x20 [ 867.040475] ? lock_downgrade+0x8f0/0x8f0 [ 867.044630] ? check_same_owner+0x340/0x340 [ 867.049133] ? __f_unlock_pos+0x19/0x20 [ 867.053111] ? rcu_note_context_switch+0x730/0x730 [ 867.058037] __should_failslab+0x124/0x180 [ 867.062265] should_failslab+0x9/0x14 [ 867.066055] kmem_cache_alloc+0x2af/0x760 [ 867.070204] ? lock_acquire+0x1e4/0x540 [ 867.074167] ? __might_fault+0x12b/0x1e0 [ 867.078221] ? lock_downgrade+0x8f0/0x8f0 [ 867.082377] getname_flags+0xd0/0x5a0 [ 867.086277] user_path_at_empty+0x2d/0x50 [ 867.090418] do_utimes+0x1d0/0x380 [ 867.093955] ? utimes_common.isra.1+0x8e0/0x8e0 [ 867.098709] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 867.104377] ? _copy_from_user+0xdf/0x150 [ 867.108517] do_futimesat+0x249/0x350 [ 867.112397] ? __ia32_sys_utime+0x290/0x290 [ 867.116723] __x64_sys_utimes+0x59/0x80 [ 867.120970] do_syscall_64+0x1b9/0x820 [ 867.124853] ? syscall_return_slowpath+0x5e0/0x5e0 [ 867.129797] ? syscall_return_slowpath+0x31d/0x5e0 [ 867.134715] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 867.139720] ? prepare_exit_to_usermode+0x291/0x3b0 [ 867.144761] ? perf_trace_sys_enter+0xb10/0xb10 [ 867.149598] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 867.154464] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 867.159640] RIP: 0033:0x455e29 [ 867.162817] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 867.182097] RSP: 002b:00007ff54338cc68 EFLAGS: 00000246 ORIG_RAX: 00000000000000eb 03:39:20 executing program 7 (fault-call:0 fault-nth:55): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010a0200027400f801", 0x17}], 0x0, &(0x7f00000001c0)) [ 867.189880] RAX: ffffffffffffffda RBX: 00007ff54338d6d4 RCX: 0000000000455e29 [ 867.197140] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000020000140 [ 867.204408] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 867.211663] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013 [ 867.218928] R13: 00000000004c2af0 R14: 00000000004d4600 R15: 0000000000000000 [ 867.253611] FAULT_INJECTION: forcing a failure. [ 867.253611] name failslab, interval 1, probability 0, space 0, times 0 [ 867.265141] CPU: 0 PID: 15637 Comm: syz-executor7 Not tainted 4.18.0-rc3-next-20180709+ #2 [ 867.273568] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 867.282932] Call Trace: [ 867.285547] dump_stack+0x1c9/0x2b4 [ 867.289878] ? dump_stack_print_info.cold.2+0x52/0x52 [ 867.295078] should_fail.cold.4+0xa/0x11 [ 867.299172] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 867.304289] ? save_stack+0xa9/0xd0 [ 867.307915] ? save_stack+0x43/0xd0 [ 867.311545] ? kasan_kmalloc+0xc4/0xe0 [ 867.315440] ? __list_lru_init+0x151/0x840 [ 867.319696] ? alloc_super+0x9a6/0xb10 [ 867.323671] ? sget_userns+0x276/0x860 [ 867.327559] ? sget+0x10b/0x150 [ 867.330839] ? mount_bdev+0x115/0x3e0 [ 867.334646] ? msdos_mount+0x3c/0x50 [ 867.338360] ? legacy_get_tree+0x118/0x440 [ 867.342597] ? do_mount+0x6c1/0x1fb0 [ 867.346311] ? ksys_mount+0x12d/0x140 [ 867.350216] ? __x64_sys_mount+0xbe/0x150 [ 867.354370] ? do_syscall_64+0x1b9/0x820 [ 867.358524] ? lock_acquire+0x1e4/0x540 [ 867.362499] ? fs_reclaim_acquire+0x20/0x20 [ 867.366822] ? lock_downgrade+0x8f0/0x8f0 [ 867.371062] ? check_same_owner+0x340/0x340 [ 867.375409] ? rcu_note_context_switch+0x730/0x730 [ 867.380343] __should_failslab+0x124/0x180 [ 867.384596] should_failslab+0x9/0x14 [ 867.388469] kmem_cache_alloc_node_trace+0x26f/0x770 [ 867.393576] ? kasan_kmalloc+0xc4/0xe0 [ 867.397648] __kmalloc_node+0x33/0x70 [ 867.401476] kvmalloc_node+0x65/0xf0 [ 867.405191] __list_lru_init+0x5d9/0x840 [ 867.409251] ? up_write+0x7b/0x220 [ 867.412803] ? list_lru_destroy+0x500/0x500 [ 867.417125] ? prealloc_shrinker+0x124/0x450 [ 867.421546] ? prealloc_shrinker+0x21c/0x450 [ 867.425970] ? inactive_list_is_low+0x850/0x850 [ 867.430656] ? __lockdep_init_map+0x105/0x590 [ 867.435157] alloc_super+0x9a6/0xb10 [ 867.438888] ? destroy_unused_super.part.11+0x110/0x110 [ 867.444690] ? lock_downgrade+0x8f0/0x8f0 [ 867.448859] ? kasan_check_read+0x11/0x20 [ 867.453034] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 867.457621] ? kasan_check_write+0x14/0x20 [ 867.461957] ? do_raw_spin_lock+0xc1/0x200 [ 867.466570] sget_userns+0x276/0x860 [ 867.470302] ? kill_litter_super+0x60/0x60 [ 867.474561] ? test_single_super+0x10/0x10 [ 867.478797] ? vfs_get_super+0x270/0x270 [ 867.483221] ? kasan_check_read+0x11/0x20 [ 867.487370] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 867.491953] ? kasan_check_write+0x14/0x20 [ 867.496189] ? do_raw_spin_lock+0xc1/0x200 [ 867.500439] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 867.506071] ? ns_capable_common+0x13f/0x170 [ 867.510495] ? kill_litter_super+0x60/0x60 [ 867.514819] sget+0x10b/0x150 [ 867.517924] ? test_single_super+0x10/0x10 [ 867.522176] mount_bdev+0x115/0x3e0 [ 867.525817] ? msdos_mount+0x50/0x50 [ 867.529555] msdos_mount+0x3c/0x50 [ 867.533095] ? setup+0xe0/0xe0 [ 867.536308] legacy_get_tree+0x118/0x440 [ 867.540395] vfs_get_tree+0x1cb/0x5c0 [ 867.544198] ? vfs_set_fs_source+0x12c/0x180 [ 867.548626] do_mount+0x6c1/0x1fb0 [ 867.552524] ? check_same_owner+0x340/0x340 [ 867.556933] ? lock_release+0xa30/0xa30 [ 867.560911] ? copy_mount_string+0x40/0x40 [ 867.565163] ? retint_kernel+0x10/0x10 [ 867.569071] ? copy_mount_options+0x1f0/0x380 [ 867.573569] ? __sanitizer_cov_trace_pc+0x48/0x50 [ 867.578414] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 867.584004] ? copy_mount_options+0x285/0x380 [ 867.588601] ksys_mount+0x12d/0x140 [ 867.592264] __x64_sys_mount+0xbe/0x150 [ 867.596250] do_syscall_64+0x1b9/0x820 [ 867.600141] ? syscall_slow_exit_work+0x500/0x500 [ 867.604991] ? syscall_return_slowpath+0x5e0/0x5e0 [ 867.609930] ? syscall_return_slowpath+0x31d/0x5e0 [ 867.614949] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 867.620753] ? prepare_exit_to_usermode+0x291/0x3b0 [ 867.625784] ? perf_trace_sys_enter+0xb10/0xb10 [ 867.630468] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 867.635325] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 867.640546] RIP: 0033:0x45885a [ 867.643727] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 867.663044] RSP: 002b:00007f413f26ea88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 867.670759] RAX: ffffffffffffffda RBX: 00007f413f26eb30 RCX: 000000000045885a [ 867.678042] RDX: 00007f413f26ead0 RSI: 00000000200000c0 RDI: 00007f413f26eaf0 [ 867.685787] RBP: 00000000200000c0 R08: 00007f413f26eb30 R09: 00007f413f26ead0 [ 867.693052] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014 03:39:20 executing program 6: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000740)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000013e95), 0x4) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000140)={0x0, @in6={{0x2, 0x0, 0x0, @mcast1={0xff, 0x1, [], 0x1}}}}, 0x98) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000140)=0xd) close(r0) 03:39:20 executing program 1 (fault-call:2 fault-nth:1): mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) mount(&(0x7f000000a000)='./file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='configfs\x00', 0x0, &(0x7f0000000040)) utimes(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={{0x0, 0x2710}, {0x77359400}}) [ 867.700600] R13: 0000000000000000 R14: 00000000004d3f40 R15: 0000000000000037 [ 867.741461] FAULT_INJECTION: forcing a failure. [ 867.741461] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 867.753673] CPU: 1 PID: 15646 Comm: syz-executor1 Not tainted 4.18.0-rc3-next-20180709+ #2 [ 867.762173] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 867.771538] Call Trace: [ 867.774158] dump_stack+0x1c9/0x2b4 [ 867.777796] ? dump_stack_print_info.cold.2+0x52/0x52 [ 867.782997] ? perf_trace_lock_acquire+0xeb/0x9a0 [ 867.787848] should_fail.cold.4+0xa/0x11 [ 867.791951] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 867.797063] ? perf_trace_lock_acquire+0xeb/0x9a0 [ 867.801911] ? active_load_balance_cpu_stop+0x1030/0x1030 [ 867.807729] ? trace_hardirqs_on+0x10/0x10 [ 867.811970] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 867.817510] ? __perf_event_task_sched_in+0x24f/0xbb0 [ 867.822781] ? perf_sched_cb_inc+0x2e0/0x2e0 [ 867.827198] ? perf_trace_lock_acquire+0xeb/0x9a0 [ 867.832064] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 867.837636] ? should_fail+0x246/0xd86 [ 867.841534] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 867.846674] __alloc_pages_nodemask+0x36e/0xdb0 [ 867.851367] ? compat_start_thread+0x80/0x80 [ 867.855871] ? __alloc_pages_slowpath+0x2d00/0x2d00 [ 867.860980] ? trace_hardirqs_on+0xd/0x10 [ 867.865144] ? _raw_spin_unlock_irq+0x27/0x70 [ 867.869647] ? perf_trace_lock_acquire+0xeb/0x9a0 [ 867.874500] ? trace_find_filtered_pid.part.61+0x50/0x50 [ 867.879986] ? preempt_notifier_register+0x200/0x200 [ 867.885099] ? lock_acquire+0x1e4/0x540 [ 867.889100] ? fs_reclaim_acquire+0x20/0x20 [ 867.893514] ? lock_downgrade+0x8f0/0x8f0 [ 867.897665] ? lock_release+0xa30/0xa30 [ 867.901645] ? check_same_owner+0x340/0x340 [ 867.905977] cache_grow_begin+0x91/0x710 [ 867.910135] kmem_cache_alloc+0x689/0x760 [ 867.914306] ? lock_acquire+0x1e4/0x540 [ 867.918284] ? __might_fault+0x12b/0x1e0 [ 867.922364] getname_flags+0xd0/0x5a0 [ 867.926174] user_path_at_empty+0x2d/0x50 [ 867.930334] do_utimes+0x1d0/0x380 [ 867.933879] ? utimes_common.isra.1+0x8e0/0x8e0 [ 867.938734] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 867.944271] ? _copy_from_user+0xdf/0x150 [ 867.948417] do_futimesat+0x249/0x350 [ 867.952221] ? __ia32_sys_utime+0x290/0x290 [ 867.956549] ? syscall_slow_exit_work+0x500/0x500 [ 867.961397] __x64_sys_utimes+0x59/0x80 [ 867.965374] do_syscall_64+0x1b9/0x820 [ 867.969260] ? finish_task_switch+0x1d3/0x870 [ 867.973771] ? syscall_return_slowpath+0x5e0/0x5e0 [ 867.978703] ? syscall_return_slowpath+0x31d/0x5e0 [ 867.983644] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 867.988664] ? prepare_exit_to_usermode+0x291/0x3b0 [ 867.993694] ? perf_trace_sys_enter+0xb10/0xb10 [ 867.998367] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 868.003231] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 868.008435] RIP: 0033:0x455e29 [ 868.011629] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 868.031039] RSP: 002b:00007ff54338cc68 EFLAGS: 00000246 ORIG_RAX: 00000000000000eb [ 868.038793] RAX: ffffffffffffffda RBX: 00007ff54338d6d4 RCX: 0000000000455e29 [ 868.046147] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000020000140 [ 868.053413] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 868.060768] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013 [ 868.068137] R13: 00000000004c2af0 R14: 00000000004d4600 R15: 0000000000000001 03:39:22 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f00000000c0)="c4824da82b66ba2100b801000000efb9270900000f323640a7650f30c4e2899c8e02000000f02046452ef3440f6fb800f0ff7fc42101dbc40f2047", 0x3b}], 0x1, 0x0, &(0x7f0000000080), 0x0) ioctl$KVM_SET_CPUID(r3, 0x4008ae8a, &(0x7f00000002c0)=ANY=[@ANYBLOB="0100000000000000010000000000000018000000ff"]) io_setup(0x2, &(0x7f0000000080)=0x0) io_destroy(r4) ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1) ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="01000000001e00fb034d564b0000000001"]) ioctl$KVM_ENABLE_CAP_CPU(r3, 0x4008ae89, &(0x7f00000001c0)={0x2, 0x0, [0x48b, 0x0, 0x400000b7]}) 03:39:22 executing program 3: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000001c0)={0x0, 0x1c, &(0x7f0000000180)=[@in6={0xa, 0x4e20, 0x0, @dev={0xfe, 0x80}, 0x1}]}, &(0x7f0000000200)=0x10) listen(r0, 0x43) r1 = accept4(r0, &(0x7f0000c71ff0)=@llc={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f0000000440)=0x80, 0x0) recvfrom$packet(r1, &(0x7f0000000080)=""/89, 0x59, 0x0, &(0x7f00000002c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6}, 0x709000) setsockopt$inet_sctp_SCTP_EVENTS(r1, 0x84, 0xb, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc43}, 0xb) syz_mount_image$btrfs(&(0x7f0000000000)='btrfs\x00', &(0x7f0000000040)='./file0\x00', 0x172e7266, 0x0, &(0x7f0000000100), 0x80000, &(0x7f0000000140)={[{@noflushoncommit='noflushoncommit', 0x2c}, {@ssd_spread='ssd_spread', 0x2c}, {@datasum='datasum', 0x2c}, {@check_int_print_mask={'check_int_print_mask', 0x3d, [0x78, 0x37, 0x2d, 0x7f]}, 0x2c}]}) 03:39:22 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r1, &(0x7f0000deb000)={0x2, 0x4e23, @broadcast=0xffffffff}, 0x10) setsockopt$inet_icmp_ICMP_FILTER(r1, 0x1, 0x1, &(0x7f0000000080)={0x1}, 0x4) r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x40000, 0x0) socket$inet(0x2, 0x3, 0x6) ioctl$sock_kcm_SIOCKCMUNATTACH(r2, 0x89e1, &(0x7f00000000c0)={r1}) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000100)=0x0) setpriority(0x3, r3, 0x7f) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000180)='ip6gretap0\x00', 0x10) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f00006dc000)=[{0x6, 0x0, 0x0, 0xa1}]}, 0x10) sendto$inet(r1, &(0x7f0000000140), 0x0, 0x200007ff, &(0x7f0000deaff0)={0x2, 0x4e23}, 0x10) sendto$inet(r1, &(0x7f00006fd000)="c3401c344654f3c7d9b41ba48c8e319aa4eedc3d6bd8ebd65c856a27d61154adc2b2a9763ae0001c0d32e11f38e9dd18c58f6bd779650fc30f93653bdaecf323c9f6502ceab47e58114347b289546465a5eb278de12b1989f64cc99412e36880d20c34d91051b22f6c8acc9d082b7bcdec844f667da0867d08d4154004997e317b79", 0x82, 0x0, &(0x7f0000e66000)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r2, 0x40045532, &(0x7f00000001c0)=0x1000) setsockopt$inet_sctp6_SCTP_EVENTS(r2, 0x84, 0xb, &(0x7f0000000140)={0x10000, 0x1, 0x4, 0x9f25, 0x6, 0xab4a, 0x1, 0x6, 0x2, 0x4, 0x8}, 0xb) shutdown(r1, 0x1) 03:39:22 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0xfed, &(0x7f0000000000)="3463ff7ddf8e0000000000") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000000040)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff0000130002000000003875d78cd2ed0a1600060000004e20e000000100000000080000241000585fdc1ec0cbc1710100f8ffffff000000020000000003000502000000000000a0ea863accd2ce5ea2bf5bb9360d5fadd08f62bf697ee989c3cf469cb9ebf532143910622761bee6b7f16e9aace416b550e9a8617ee1881a65a0fe52771d1d3b649f830ea0ce1b924d433b4565751efcaae48df4bda57e05fbc77ba461c114513c4b38141872a198bbcd7cb5f58ee2ef3d6bd7482729ca913660bc5d3282d75f963d41000000000000000000000000008000000000000000155560834e00c4742b5e04282e826e006b4bb817d216a1a73277a5b8f900ba0ef269f6c22e168b8b44aca09ffb613d8e6049e9beaf946755b793c2b7205bf5f641a4786c99307be66871b080cb93794ffb889b778fd06e7600d61682070fcb333052e4248844afb83e391d9927ecfabc75d3957c4fc9ceb0482c3bd86f114e4dc0c05ccfb03c77d27e434cab1f18503f62e27dc13f3b19edea4365af9d2598ba5231fac96f280030e60df163fc3ddbb06260771d70ad3381d2f81d3b79b629b781237948430279035f2bf5dbed6d519a63d3136b30539f368bb69ca97924f02b2398a308e2c4d4e4a018a50d4d0867128c61d6c6a54e9d2bace387e3baf884d9f80d5cccf6d2635d278d57329cfe"], 0x60}, 0x1}, 0x0) 03:39:22 executing program 7 (fault-call:0 fault-nth:56): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010a0200027400f801", 0x17}], 0x0, &(0x7f00000001c0)) 03:39:22 executing program 1 (fault-call:2 fault-nth:2): mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) mount(&(0x7f000000a000)='./file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='configfs\x00', 0x0, &(0x7f0000000040)) utimes(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={{0x0, 0x2710}, {0x77359400}}) 03:39:22 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020000006f786e6574302d232f70726f6368") 03:39:22 executing program 6: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000740)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000013e95), 0x4) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000140)={0x0, @in6={{0x2, 0x0, 0x0, @mcast1={0xff, 0x1, [], 0x1}}}}, 0x98) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000140)=0xd) close(r0) [ 869.439392] FAULT_INJECTION: forcing a failure. [ 869.439392] name failslab, interval 1, probability 0, space 0, times 0 [ 869.450841] CPU: 0 PID: 15663 Comm: syz-executor7 Not tainted 4.18.0-rc3-next-20180709+ #2 [ 869.459254] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 869.468618] Call Trace: [ 869.471211] dump_stack+0x1c9/0x2b4 [ 869.474845] ? dump_stack_print_info.cold.2+0x52/0x52 [ 869.480031] ? __kernel_text_address+0xd/0x40 [ 869.484529] should_fail.cold.4+0xa/0x11 [ 869.488579] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 869.493671] ? save_stack+0xa9/0xd0 [ 869.497297] ? save_stack+0x43/0xd0 [ 869.500922] ? kasan_kmalloc+0xc4/0xe0 [ 869.504796] ? kmem_cache_alloc_trace+0x152/0x780 [ 869.509624] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 869.514810] ? __list_lru_init+0x4d6/0x840 [ 869.519044] ? alloc_super+0x976/0xb10 [ 869.522934] ? sget+0x10b/0x150 [ 869.526461] ? mount_bdev+0x115/0x3e0 [ 869.530249] ? msdos_mount+0x3c/0x50 [ 869.533955] ? legacy_get_tree+0x118/0x440 [ 869.538192] ? vfs_get_tree+0x1cb/0x5c0 [ 869.542178] ? do_mount+0x6c1/0x1fb0 [ 869.545964] ? ksys_mount+0x12d/0x140 [ 869.549765] ? do_syscall_64+0x1b9/0x820 [ 869.553824] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 869.559188] ? save_stack+0xa9/0xd0 [ 869.562806] ? lock_acquire+0x1e4/0x540 [ 869.566766] ? fs_reclaim_acquire+0x20/0x20 [ 869.571076] ? lock_downgrade+0x8f0/0x8f0 [ 869.575229] ? check_same_owner+0x340/0x340 [ 869.579540] ? rcu_note_context_switch+0x730/0x730 [ 869.584458] __should_failslab+0x124/0x180 [ 869.588688] should_failslab+0x9/0x14 [ 869.592488] kmem_cache_alloc_trace+0x2cb/0x780 [ 869.597156] ? kasan_kmalloc+0xc4/0xe0 [ 869.601124] __memcg_init_list_lru_node+0x185/0x2d0 [ 869.606141] ? kvfree_rcu+0x20/0x20 [ 869.609775] ? __kmalloc_node+0x47/0x70 [ 869.613932] __list_lru_init+0x4d6/0x840 [ 869.617988] ? up_write+0x7b/0x220 [ 869.621513] ? list_lru_destroy+0x500/0x500 [ 869.625820] ? prealloc_shrinker+0x124/0x450 [ 869.630303] ? prealloc_shrinker+0x21c/0x450 [ 869.634712] ? inactive_list_is_low+0x850/0x850 [ 869.639370] ? __lockdep_init_map+0x105/0x590 [ 869.643869] alloc_super+0x976/0xb10 [ 869.647571] ? destroy_unused_super.part.11+0x110/0x110 [ 869.652953] ? lock_downgrade+0x8f0/0x8f0 [ 869.657196] ? kasan_check_read+0x11/0x20 [ 869.661332] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 869.665901] ? kasan_check_write+0x14/0x20 [ 869.670123] ? do_raw_spin_lock+0xc1/0x200 [ 869.674468] sget_userns+0x276/0x860 [ 869.678168] ? kill_litter_super+0x60/0x60 [ 869.682403] ? test_single_super+0x10/0x10 [ 869.686646] ? vfs_get_super+0x270/0x270 [ 869.690714] ? kasan_check_read+0x11/0x20 [ 869.695022] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 869.699678] ? kasan_check_write+0x14/0x20 [ 869.703911] ? do_raw_spin_lock+0xc1/0x200 [ 869.708153] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 869.713678] ? ns_capable_common+0x13f/0x170 [ 869.718081] ? kill_litter_super+0x60/0x60 [ 869.722319] sget+0x10b/0x150 [ 869.725413] ? test_single_super+0x10/0x10 [ 869.729643] mount_bdev+0x115/0x3e0 [ 869.733272] ? msdos_mount+0x50/0x50 [ 869.736973] msdos_mount+0x3c/0x50 [ 869.740603] ? setup+0xe0/0xe0 [ 869.743791] legacy_get_tree+0x118/0x440 [ 869.747950] vfs_get_tree+0x1cb/0x5c0 [ 869.751921] ? vfs_set_fs_source+0x12c/0x180 [ 869.756338] do_mount+0x6c1/0x1fb0 [ 869.759879] ? check_same_owner+0x340/0x340 [ 869.764210] ? lock_release+0xa30/0xa30 [ 869.768184] ? copy_mount_string+0x40/0x40 [ 869.772420] ? kasan_kmalloc+0xc4/0xe0 [ 869.776308] ? kmem_cache_alloc_trace+0x318/0x780 [ 869.781230] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 869.786774] ? _copy_from_user+0xdf/0x150 [ 869.791009] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 869.796988] ? copy_mount_options+0x285/0x380 [ 869.801489] ksys_mount+0x12d/0x140 [ 869.805118] __x64_sys_mount+0xbe/0x150 [ 869.809091] do_syscall_64+0x1b9/0x820 [ 869.812973] ? finish_task_switch+0x1d3/0x870 [ 869.817464] ? syscall_return_slowpath+0x5e0/0x5e0 [ 869.822477] ? syscall_return_slowpath+0x31d/0x5e0 [ 869.827406] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 869.832426] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 869.838126] ? prepare_exit_to_usermode+0x291/0x3b0 [ 869.843147] ? perf_trace_sys_enter+0xb10/0xb10 [ 869.847804] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 869.852637] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 869.857902] RIP: 0033:0x45885a [ 869.861089] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 869.880992] RSP: 002b:00007f413f26ea88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 03:39:22 executing program 1: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) mount(&(0x7f000000a000)='./file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='configfs\x00', 0x0, &(0x7f0000000040)) utimes(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={{0x0, 0x2710}, {0x77359400}}) 03:39:22 executing program 7 (fault-call:0 fault-nth:57): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010a0200027400f801", 0x17}], 0x0, &(0x7f00000001c0)) [ 869.888689] RAX: ffffffffffffffda RBX: 00007f413f26eb30 RCX: 000000000045885a [ 869.896119] RDX: 00007f413f26ead0 RSI: 00000000200000c0 RDI: 00007f413f26eaf0 [ 869.903749] RBP: 00000000200000c0 R08: 00007f413f26eb30 R09: 00007f413f26ead0 [ 869.911352] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014 [ 869.918626] R13: 0000000000000000 R14: 00000000004d3f40 R15: 0000000000000038 03:39:22 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020000006f786e6574302d232f70726f63fc") 03:39:22 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r1, &(0x7f0000deb000)={0x2, 0x4e23, @broadcast=0xffffffff}, 0x10) setsockopt$inet_icmp_ICMP_FILTER(r1, 0x1, 0x1, &(0x7f0000000080)={0x1}, 0x4) r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x40000, 0x0) socket$inet(0x2, 0x3, 0x6) ioctl$sock_kcm_SIOCKCMUNATTACH(r2, 0x89e1, &(0x7f00000000c0)={r1}) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000100)=0x0) setpriority(0x3, r3, 0x7f) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000180)='ip6gretap0\x00', 0x10) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f00006dc000)=[{0x6, 0x0, 0x0, 0xa1}]}, 0x10) sendto$inet(r1, &(0x7f0000000140), 0x0, 0x200007ff, &(0x7f0000deaff0)={0x2, 0x4e23}, 0x10) sendto$inet(r1, &(0x7f00006fd000)="c3401c344654f3c7d9b41ba48c8e319aa4eedc3d6bd8ebd65c856a27d61154adc2b2a9763ae0001c0d32e11f38e9dd18c58f6bd779650fc30f93653bdaecf323c9f6502ceab47e58114347b289546465a5eb278de12b1989f64cc99412e36880d20c34d91051b22f6c8acc9d082b7bcdec844f667da0867d08d4154004997e317b79", 0x82, 0x0, &(0x7f0000e66000)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r2, 0x40045532, &(0x7f00000001c0)=0x1000) setsockopt$inet_sctp6_SCTP_EVENTS(r2, 0x84, 0xb, &(0x7f0000000140)={0x10000, 0x1, 0x4, 0x9f25, 0x6, 0xab4a, 0x1, 0x6, 0x2, 0x4, 0x8}, 0xb) shutdown(r1, 0x1) 03:39:22 executing program 0: r0 = socket$inet6(0xa, 0x1000000000000, 0x10000000) socket$key(0xf, 0x3, 0x2) r1 = gettid() r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snapshot\x00', 0x0, 0x0) ioctl$TCSETSF(r2, 0x5404, &(0x7f0000000100)={0xdb9, 0x800, 0x101, 0xe5c2, 0x9, 0x6, 0x3, 0x3, 0x1, 0x3, 0x9ec}) ioctl$sock_SIOCSPGRP(r0, 0x8902, &(0x7f0000000000)=r1) setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000080)=@req3={0x8e, 0xfffffffffffffe00, 0x81, 0xffffffffffffffc1, 0x1, 0x4, 0xaa}, 0x1c) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r3 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r3, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[]}, 0x1}, 0x0) ioctl$sock_SIOCBRDELBR(r0, 0x89a1, &(0x7f0000000040)='ip6tnl0\x00') socketpair$inet6(0xa, 0x6, 0x40000000003f, &(0x7f0000000180)) 03:39:22 executing program 1: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) mount(&(0x7f000000a000)='./file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='configfs\x00', 0x0, &(0x7f0000000040)) utimes(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={{0x0, 0x2710}, {0x77359400}}) socketpair$inet_udp(0x2, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000280)='/dev/vga_arbiter\x00', 0x2000, 0x0) recvmsg(r0, &(0x7f0000000200)={&(0x7f00000000c0)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, 0x80, &(0x7f00000001c0), 0x0, 0x0, 0x0, 0x3}, 0x41) r2 = getpid() perf_event_open(&(0x7f0000000300)={0x1, 0x70, 0xff, 0x9, 0x5, 0xfffffffffffffffc, 0x0, 0x6, 0x4400, 0xe7cc7bcb77121a72, 0x94a, 0x3, 0x4, 0x8, 0x0, 0x81, 0x23c2, 0xffffffffffffffc1, 0x6, 0x8001, 0x100000000, 0xda, 0x5, 0x6, 0xfffffffffffffffa, 0x89d, 0x9, 0x8001, 0x6, 0xa53, 0x1000, 0x101, 0x6, 0x879, 0xd08, 0x6, 0x1, 0xdb, 0x0, 0x9, 0x2, @perf_bp={&(0x7f00000002c0), 0x3}, 0x0, 0x0, 0x7f, 0x3, 0x7, 0x0, 0x382b}, r2, 0xc, r1, 0x1) r3 = syz_open_dev$amidi(&(0x7f00000001c0)='/dev/amidi#\x00', 0x80000000, 0x0) ioctl$KDDELIO(r3, 0x4b35, 0x30b) ioctl$SNDRV_CTL_IOCTL_PVERSION(r3, 0x80045500, &(0x7f0000000240)) [ 870.009441] FAULT_INJECTION: forcing a failure. [ 870.009441] name failslab, interval 1, probability 0, space 0, times 0 [ 870.020892] CPU: 1 PID: 15675 Comm: syz-executor7 Not tainted 4.18.0-rc3-next-20180709+ #2 [ 870.029318] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 870.038954] Call Trace: [ 870.041637] dump_stack+0x1c9/0x2b4 [ 870.045291] ? dump_stack_print_info.cold.2+0x52/0x52 [ 870.050504] should_fail.cold.4+0xa/0x11 [ 870.054592] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 870.059715] ? save_stack+0xa9/0xd0 [ 870.063391] ? save_stack+0x43/0xd0 [ 870.067129] ? kasan_kmalloc+0xc4/0xe0 [ 870.071019] ? kmem_cache_alloc_trace+0x152/0x780 [ 870.076295] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 870.081481] ? __list_lru_init+0x4d6/0x840 [ 870.085706] ? alloc_super+0x976/0xb10 [ 870.089588] ? sget+0x10b/0x150 [ 870.092852] ? mount_bdev+0x115/0x3e0 [ 870.096652] ? msdos_mount+0x3c/0x50 [ 870.100354] ? legacy_get_tree+0x118/0x440 [ 870.104601] ? vfs_get_tree+0x1cb/0x5c0 [ 870.108562] ? do_mount+0x6c1/0x1fb0 [ 870.112486] ? ksys_mount+0x12d/0x140 [ 870.116285] ? __x64_sys_mount+0xbe/0x150 [ 870.120429] ? do_syscall_64+0x1b9/0x820 [ 870.124496] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 870.129945] ? save_stack+0xa9/0xd0 [ 870.133563] ? lock_acquire+0x1e4/0x540 [ 870.137526] ? fs_reclaim_acquire+0x20/0x20 [ 870.141835] ? lock_downgrade+0x8f0/0x8f0 [ 870.145989] ? do_mount+0x6c1/0x1fb0 [ 870.149703] ? kmem_cache_alloc_node_trace+0x5ce/0x770 [ 870.154971] ? check_same_owner+0x340/0x340 [ 870.159280] ? rcu_note_context_switch+0x730/0x730 [ 870.164470] __should_failslab+0x124/0x180 [ 870.168695] should_failslab+0x9/0x14 [ 870.172491] kmem_cache_alloc_trace+0x2cb/0x780 [ 870.177269] ? kasan_kmalloc+0xc4/0xe0 [ 870.181151] __memcg_init_list_lru_node+0x185/0x2d0 [ 870.186153] ? kvfree_rcu+0x20/0x20 [ 870.189764] ? __kmalloc_node+0x47/0x70 [ 870.193727] __list_lru_init+0x4d6/0x840 [ 870.197775] ? up_write+0x7b/0x220 [ 870.201386] ? list_lru_destroy+0x500/0x500 [ 870.205692] ? prealloc_shrinker+0x124/0x450 [ 870.210089] ? prealloc_shrinker+0x21c/0x450 [ 870.214483] ? inactive_list_is_low+0x850/0x850 [ 870.219154] ? __lockdep_init_map+0x105/0x590 [ 870.223640] alloc_super+0x976/0xb10 [ 870.227531] ? destroy_unused_super.part.11+0x110/0x110 [ 870.232893] ? lock_downgrade+0x8f0/0x8f0 [ 870.237144] ? kasan_check_read+0x11/0x20 [ 870.241288] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 870.247420] ? kasan_check_write+0x14/0x20 [ 870.251651] ? do_raw_spin_lock+0xc1/0x200 [ 870.255959] sget_userns+0x276/0x860 [ 870.259680] ? kill_litter_super+0x60/0x60 [ 870.263904] ? test_single_super+0x10/0x10 [ 870.268136] ? vfs_get_super+0x270/0x270 [ 870.272209] ? kasan_check_read+0x11/0x20 [ 870.276355] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 870.280935] ? kasan_check_write+0x14/0x20 [ 870.285547] ? do_raw_spin_lock+0xc1/0x200 [ 870.289880] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 870.295519] ? ns_capable_common+0x13f/0x170 [ 870.299927] ? kill_litter_super+0x60/0x60 [ 870.304158] sget+0x10b/0x150 [ 870.307249] ? test_single_super+0x10/0x10 [ 870.311471] mount_bdev+0x115/0x3e0 [ 870.315093] ? msdos_mount+0x50/0x50 [ 870.318793] msdos_mount+0x3c/0x50 [ 870.322355] ? setup+0xe0/0xe0 [ 870.326922] legacy_get_tree+0x118/0x440 [ 870.330978] vfs_get_tree+0x1cb/0x5c0 [ 870.334763] ? vfs_set_fs_source+0x12c/0x180 [ 870.339157] do_mount+0x6c1/0x1fb0 [ 870.342684] ? check_same_owner+0x340/0x340 [ 870.346998] ? lock_release+0xa30/0xa30 [ 870.350974] ? copy_mount_string+0x40/0x40 [ 870.355200] ? kasan_kmalloc+0xc4/0xe0 [ 870.359087] ? kmem_cache_alloc_trace+0x318/0x780 [ 870.364006] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 870.369528] ? _copy_from_user+0xdf/0x150 [ 870.373753] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 870.379455] ? copy_mount_options+0x285/0x380 [ 870.383936] ksys_mount+0x12d/0x140 [ 870.387561] __x64_sys_mount+0xbe/0x150 [ 870.391798] do_syscall_64+0x1b9/0x820 [ 870.395682] ? finish_task_switch+0x1d3/0x870 [ 870.400269] ? syscall_return_slowpath+0x5e0/0x5e0 [ 870.405190] ? syscall_return_slowpath+0x31d/0x5e0 [ 870.410323] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 870.415341] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 870.420862] ? prepare_exit_to_usermode+0x291/0x3b0 [ 870.425865] ? perf_trace_sys_enter+0xb10/0xb10 [ 870.430519] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 870.435364] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 870.440549] RIP: 0033:0x45885a 03:39:22 executing program 1: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) mount(&(0x7f000000a000)='./file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='configfs\x00', 0x0, &(0x7f0000000040)) chroot(&(0x7f00000003c0)='./file0\x00') utimes(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={{0x0, 0x2710}, {0x77359400}}) llistxattr(&(0x7f0000000000)='./file1\x00', &(0x7f00000001c0)=""/206, 0xce) r0 = request_key(&(0x7f00000000c0)='logon\x00', &(0x7f0000000100)={0x73, 0x79, 0x7a, 0x1}, &(0x7f00000002c0)='configfs\x00', 0xfffffffffffffff8) keyctl$describe(0x6, r0, &(0x7f0000000300)=""/188, 0xbc) 03:39:23 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$can_raw(0x1d, 0x3, 0x1) socketpair(0x0, 0x0, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000040)={'vcan0\x00', 0x0}) bind$can_raw(r1, &(0x7f0000000080)={0x1d, r3}, 0x10) setsockopt(r1, 0x65, 0x1, &(0x7f0000000080), 0x1d0) close(r1) ioctl$RTC_WIE_ON(r2, 0x700f) [ 870.443720] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 870.462981] RSP: 002b:00007f413f26ea88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 870.470701] RAX: ffffffffffffffda RBX: 00007f413f26eb30 RCX: 000000000045885a [ 870.477979] RDX: 00007f413f26ead0 RSI: 00000000200000c0 RDI: 00007f413f26eaf0 [ 870.485928] RBP: 00000000200000c0 R08: 00007f413f26eb30 R09: 00007f413f26ead0 [ 870.493196] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014 [ 870.500537] R13: 0000000000000000 R14: 00000000004d3f40 R15: 0000000000000039 03:39:23 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020000006f786e6574302d232f70726f6300") 03:39:23 executing program 3: pipe2(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_INFO(r1, 0x40bc5311, &(0x7f0000000180)={0x8, 0x1, 'client1\x00', 0xffffffff80000000, "2d2bf572bd6ca30e", "f339a565329f8f83c946e4ae5d382e6aa11ae3c82f9a805504ed700ea94b6388"}) mmap(&(0x7f0000012000/0x4000)=nil, 0x4000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000140)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = creat(&(0x7f000009aff8)='./file0\x00', 0x0) write$sndseq(r3, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw8={"410f44be5f55ea719cbb6635"}}], 0x30) rename(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)="2e2f66696c653110") lsetxattr(&(0x7f0000000240)='./file0\x00', &(0x7f00000003c0)=ANY=[@ANYBLOB="737973a6914485dd3685d801c03a636300004447da2290eff0c77b78ca345d09ad3dd0f1879ad5ed2474f06ce08eb8f9d9b5a3a3b7eb3bccbcb5da9a5e5461bb5f0851719d8499a02b0256f40e86c207d1fce52ce9d304404fdce27a4f4179008041d2b11ca3575cc0633187f6ae2fd825ac5a7301228dc6d33f6e0f077775dd5ae747158b7a682a57bb8ae0cc864d1cdfe9da51f50e366a6a0a54eca66ffa9ec9a7f8a716709166b559d9b0391419fff402496cd45eb20d1496a0fda86476cf3f2dcf3cce000000000000000000"], &(0x7f0000000300)='lo\x00', 0x3, 0x0) dup2(r2, r0) 03:39:23 executing program 1: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) mount(&(0x7f000000a000)='./file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='configfs\x00', 0x0, &(0x7f0000000040)) pause() utimes(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={{0x0, 0x2710}, {0x77359400}}) 03:39:23 executing program 6: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000740)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000013e95), 0x4) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000140)={0x0, @in6={{0x2, 0x0, 0x0, @mcast1={0xff, 0x1, [], 0x1}}}}, 0x98) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000140)=0xd) close(r0) 03:39:23 executing program 5: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x1}, 0x0) mkdir(&(0x7f000082f000)='./control\x00', 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000e4c000)={0xaa}) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000043fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r2 = creat(&(0x7f0000000280)='./control/file0\x00', 0x0) write$sndseq(r2, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) unlink(&(0x7f00000001c0)='./control/file0\x00') rmdir(&(0x7f00000000c0)='./control\x00') syz_fuse_mount(&(0x7f0000000240)='./control\x00', 0x406000, 0x0, 0x0, 0x0, 0x0) close(r1) socketpair$inet6_sctp(0xa, 0x1, 0x84, &(0x7f0000000000)) 03:39:23 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl$KVM_SET_SIGNAL_MASK(r0, 0x4004ae8b, &(0x7f0000001340)=ANY=[@ANYBLOB="00100000e7f72fd9901a172a3a389aa2164e1656876b6bfc9c85418808eb2e4dd40eaee0069ce31518b4e174d5cdeb57218eca7e8bef0dec15b0519b1c631b0713247f73401579aa031bfbb5dfc748c6d419ff0e75ea124ca550dbf6e2ace06f872e7d56c463341e7752f5dcf99f5fae8b347d4c5c5d702fe765db51cb5237625f1ce0867e389e75ee84be49c5ad1169100e94a7cfc520ef0ea6a40d3ec31dae877a0a3419a9e218fd4877426706bf31972984b5c9bc5138ef73d4e3f88a930277b644fe90f4944a7ec278df3381b2a88e9b132556753368b78966c3c6a7ad78f3cf0cc96756ae0cfff52b2e826b6dec727edc86a9ae809b55f6ef644746b9f987f69ddc109bce4e59c77cc9f6e319fdcefb355730571c81e7a2a6790100dee93f41fafadd6a2563800c395780d4e100b132353b373938e1787bf916ceb6b108ef11ece49d1105ac7cee7b628d836424d48b1b36751ca228979b02015049c6eec7d540e82a71c12362d0549ef6ad12edb21b7d0267c3da41cd75820ace5006df85a0c8a92a32e7953cd6e19f727229ce818873384f94d464b911a2ce722f8d3328790b111febf08a6294d8d0221ad1fc3056a2f6d967b2be0d022c949a06c5bf7e90a2bc9db4f4fed607218df36eeef38c299e004d3c1569c09b4b4d808b43737c750e0995090d088e817b7ec25ddee81f446bf46b43390999fef782508e6adc1df64ccf68b89ec4882bfe15fb0dcefcd3675e31277faaeb074cf325632bf0e218d71631d46e5623c432210923fff04ec913cd633b97d0b7bb9b8cb8693211d4269c326a97e2630b3839bb5e0bf458078d25143baa84b4ebbac0c6c454090312d96372022ea4f63243aec53d3aebecdc3dde2bc754956d5ea8a4595d8924fae7fc61fb839e4ad8f2f6afe958d7baa8286e501e5498381efc458e71fe038d793df200fbb34ec83ed880b4c68195bbf5614c288780fc323796db3e8abb7d028a592badac665a0e852a1003df2634fab451f3fbdcff1a0ee4db63b159ede02ad14d0f6db01d39ebb103ed7fe510fb91f55482101cddcfb6f91cae328fba41e00c66622a79859d4d5b365111405f8910c00105a2ac158bbaf18d375c0ef69f8f0f46b21865ef26bbca28ae7f2b27a616d47f7d2bfd6ca708d60dac2af6e8b1d077e31dd6dc35b9e9a3cface7ca0f24d71e84520323db19187db802279e03a4c4ede0fe2a0224d779d20db23689bca86d06d20e0ebba2594a26ddd5e928c63d19d52b1d38d908327af9eed427f33e316a25ac1a319c33bdd62b506ef0c6b80e89c397395a34bc669ee49aeac1f0ff8167b14dc80e3771d0f0f1d57483b617cb5ba9bd378c10b2f2be5599662fdc80688ff03c74a8af132a3550539f930dad763bda3af1bca4073101a421b24551cb5f09f852d683a5ffb10e506a15904e573f88c51dce8d223cc8bf405cb08703b1d413dd3cbc052152ec500b69397ea6db664fd03e92a75f4aca7fb8c79559e901658d829b6f5118b22b3b248bc4f9ccacb2ea8a50f48b349376b410658f27a9b8458fb8972889ca4778f3f23d86a9865ebe00523b6acea46a1a9d8eb33c7a9fd28c94b8dc06e4013d9a1073c0c1475d5b29a48165d959a65cede8984f1fa924408f11b06eea0ff6f34bc62d679f3feb9b15a00331b48a61df5d71433e4c484c9c341520e2648a2a4ed1ac679150bd4d96de401a8a9e5bb1864408857a8bb13b106515c622348439c0f103b838e69c62546447601cfe3dbf8c65a56377ec9d702c4e5d0328460289ebe5681e63488a10113d3f4ffee9b024445459d946eb53d236f3c8efe7d11fdc11e41235ea1246560e1e6e00551b9a3a4280b45e6d09ea686c7b60727a1c6c18a4dad51aa0c43a6ea67958af5b1b79ef47ca2c37db92091f6e529edc3f120ba90ac73ea83e0c61116904496fd0bf971ee2eb9851f51bc1a10e6895d429444f0e03f32b5e90b9de27b55e4685451462f2f8dc291fb972d9ad4c82e46faa135885cd0203bc17cc4aa691e798e8bd1a1505dea41c3e1185751b2055ff44d2de9b547003348fc791506c27b64c93d9e58b292df2959a488f7abf726d5712283dd5e56e2eb20f5788996cde69b03ca3f71eac00fd0ad9e3551e766b87de414ef12531febed0cb0f911e3aa3e92589539636c942fa6e2bb69da3becd77dc24eae9aba023c6bc0a270ff98a4306e3b9c55b54d5f4dd3fbcf3219e560801dcc499bc4b77bbab10a59be1b19a7c96b1b1c51aaf7ac61b15b0559280df76d87bfcd00d61cabba6d3248ab115ae1f1f61ef4754a25901495003c50c9a834e32c38acb80479ad0b6fe758eb120e3f3fbb8a13e62c2f5e96942fb9c22613d717fddfe4ddb6e4cf45d6aabbb29c3f26078be09fb6e0c243180ec8e0d0c587f3a079ba84d4c42bebe2434d5d5390e3f639949f282a083066e0e92e8cb423022f8bc6e2999bde6c8c33e66565c8fedd6e817eebcec82e331d256c7012f01add9fcef191e27b3ee12f8c62b72782340ba8c0b8a10f5d852058e6f010f1758debb6eb90a07eedec0849aee62ff7c73eb399d0d9166c2469a31e52c4b3695d84a09f059cd06ee4a9514c7f79577a38f83f3bb5061f9c2d77cd7dd600e87923952dee8da99d9f7c8a39b5f2e3a79f9dfa2911db52779e68031a51f14801910dd844ca2e70f48c16730b43d137f3a150c62a8a2bc3219a666bb8a1a84156c7e781a8c5e546d33bdab7a67d0bf84e3bfd79107b7ca2e391ac7cbb5162094453dc4493245ff54fd1b061816ec6f292a9a6e1dc28383766c68e56b24a9567629f197da1ca7f96d7237d1af87f99a6c22a1aa69e5813e42b43dfcafdea5ec5e1fc8363d3958cd8699d04407b134d613dece7aa83ec194d8d7383cb9ccb715043df7ed3e61108c505def912dc308c3ffc8a067c40672bb4de3ed7907ee773089aa8ff6325da7f520baa3982b085f973ca3bf2f452973a09571fe0df79512d2d079cdc106ef7b9a91b0eae7097b96ae2b1d19b173f6c80d64ed6f2e91e595ce5af0179c9e7008f9d912629121556bdb1fa7290a68c75385a1d5a4163d24927dd0725cb4626aa97f80ccd5f1de76352a2ab14e301296231005324d6d254082e66fd97540b607e032c7ff467b91875ce9451ff753736851a6ef9c52be6019603c72ee3734f26bf4470d42edaf803bdba8cc04db117ace17609aacd5fac698f03b95094502e7da645e3d8f90ab48a33c0f9819488c289db216d68207dc693832206420eb27f9e2455d3d26247afb77f1ebebda76052ca2fa597ed2fe72979bd19babcb0ad08abdc2e1e4e7a0d442ca2cdd86e53a7dcc1b7596b20d3d86cafd5f26996ba46c0941198dbebc24ec20f05b3e44499c0e7c92fb06ab87893dec98eb97bd4376f86ce2b0d31552cb30b32bd4f8cdd66302d63c7e9a5f9c58fdc30682b712b57f74145821208c901f392b041c28d57302e0a81ebb0b7843a451c9bbd743b2bceaa00ffb71bce9fdfbf108846fbc5f68b918d2d3bd08acad807821b19bdc0355fc7b9f155060efb00382729e2ce07787fa99dd95282660b4a9a83a9bbff0144b7df59ed9228593585750619758751e55e0d60a9fa4939757565b615fc4d155d6de92be6e9d0714f1891ff355a75b4bfe8f09e97d66bcc9a50b8f9fa5ce6715dc715122d49b68ccb6a4adf991363dbd4d7574b50bfb049522e350b2e8b78afd4f1b77b725e8fc2f82514438fed4720568e54daacad5f165f7f9deb8d806607b3b36db6f8d1e4b639a19b600f55bea605daa3bfedf9dfdb602cbd31e2a5b5ea25dcc96607d319f5403358406229ebf5ad1e5c59d87f9b7918a9e17ce3ed6eda2c33508cf23b84dbb632badcd5f690361cc6d5e97d808d5aa582b8cd79e52c9ac77055888dacc961a0f3fa1cd8d8cbb832d5f6543f29bf13593c640a7041bfd52d35b5d048714a9f236a5871f6fc6eaa1627c908cc2e928b8e1c57c91e47dc84f949596deead16b93ded3e8e3bd4909f04c2a51fa10148ca366b0e93854921a4a82338275ddc474feb6558bca7a4e9b6cf1eeeb1f3a343514a2b06a46eacdcb47024f5d4e1a6a389426cd2cf4eef750a446dc4415693bbf7e365fba7d6a1f3893f190df2fef2713178a71f556aac4f13af241637d69e69d1e620db152d29007b56b2d35f8c0c082e457d60e9d4b08e243dcda99b2d513e4ac918a00816549382aff3dee06b615b773b676be072a7c1a363ed2b19bca2964d444a01745b8f72746d8c4da4047ab1e277589deb8ac9620a01079dc9406752c33730c03a850459f7103a173be6413278255cdf145c42c117055b3e47cc0928dec96886f43f7b378a68c038c8bfd7fd225b3d2cd0101a0dd3108ac676a9bf27e191356f5997e9a4d5eecc8c9674a70043ca7e92288653409a2451c10179d042528a85f8f278a6b63e7eae78dc542bfc78d6bf312029f60eb2127d95afcf3ae0290eb822f8cb8bf4d2683d89ab2b27050b10756531025c56a3723fa795d96acf0b92319119a2512d9cdab43633718d2b353c210074288104e542adfe341f4c555a4c8a789f655d506315f5392be9bd14366fdd6c2ff56d84fa1104de7b8dca77aae6d942f960d8af8566c1a413eba168dfeeefaa10da1a25884f113c2b9de456121f349a709140a387e6da7da5ac6a5ca2f69f71326470fa07056c83efbb71ba4b2206c9b2f1bb1ced5a55e8208350d4ef0184455cfadfa154514ea9a6494d3292b5040aa6c54cb4d543660354237310d8d59b42482263a1e7abe520cbc023ca69803e89026a46287dddea320982c47f65bce2f7fffed740dc6647b744fae6a77a952e884f67f67af80b7beb745ce5f41e063d365edd5c1af9a50d4d3abc73e13b661f18ea7a23f0fed6aa56f57220aaba70eafe48be8c17fcbbc97629e6b4ee655042d56f20f545750a4882efdab2d597c72f59c78eea57a4c0da468fbfa5a5079c6b8532d1e8e6c4131f07dd7dfefbf052062ebd95affc4eb98d097ab255734f00c9f4c739ea958c3b2270c8379602ab9f801e6f211f64e1559065aaf6eaa515cb96979796f7f3aa0ad45cff4116e8f5a28df74c6ac36e70da757f94d3299e192902f8a0dc7d441ed09ef2ae210b3fa9fb42ef85602756b5ecd13f53bb86365819a5d5d75c8c6ac211b321070cf2abefc65f52d5453b5d2dc90c31fe02bb9348de43d7376b2661b99c9f10671ce818f2a7c20e986975c98b72c1f2852374c795437586de48722209c621a3c1d1ccc7bbb9f8379f4dcace154097bbd0d5b473253069ed66ff64ca969b2495ca45d33dc5148172ff652fb757f2afe8421acadbd44fea18154383bccfd25a8571b6b4a0b58cf19c978f289c58f3baa4d1384d0a8e21f31fd11ec34cd702efc07b07dd8abf60013e2d583ecfe83a395680148cf04f26081f83cc81828ad69ebc5f581b1114f327c68cf51bf214bed95fdab9b8b1dfcef58768250a58d5428e895b363c098d08d323d2caf1f593301cca8092872d4ede85c380d603bf4d806a86dbce18293ce78ad83a484683602ea592dc78c73dcdf6901254906228a783a13cb55ed79aa4cd1390d2071c7ab308364559b44f7ace06b268d3e51e5b1cf1862625f8445d9d3095cdb941ea59cdeef6ed73f5ac2647ea430aa1d576389c0f72a14ea5451a30082859dc3e403120ee426980b0fd4dc2f3acd0dae5d017c2d3de1435281ed8e2118638f5616e8d51dd2f8531f597f016c495ec16bb802773035ab01701d2f77b79103bde6d26bff8907919a72ff642eaf245705f229db3da20bd193132ea14b913e5fdb31d18115912524c094ba0b97b0a46fdaa5dbd508e30b5b0e502269522bccefcf4f4904af514dde6057db6733de4d37f227f324be08e447b94d3e"]) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x0) 03:39:23 executing program 7 (fault-call:0 fault-nth:58): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010a0200027400f801", 0x17}], 0x0, &(0x7f00000001c0)) 03:39:23 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020000006f786e6574302d232f70726f6300") 03:39:23 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r1, &(0x7f0000deb000)={0x2, 0x4e23, @broadcast=0xffffffff}, 0x10) setsockopt$inet_icmp_ICMP_FILTER(r1, 0x1, 0x1, &(0x7f0000000080)={0x1}, 0x4) r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x40000, 0x0) socket$inet(0x2, 0x3, 0x6) ioctl$sock_kcm_SIOCKCMUNATTACH(r2, 0x89e1, &(0x7f00000000c0)={r1}) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000100)=0x0) setpriority(0x3, r3, 0x7f) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000180)='ip6gretap0\x00', 0x10) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f00006dc000)=[{0x6, 0x0, 0x0, 0xa1}]}, 0x10) sendto$inet(r1, &(0x7f0000000140), 0x0, 0x200007ff, &(0x7f0000deaff0)={0x2, 0x4e23}, 0x10) sendto$inet(r1, &(0x7f00006fd000)="c3401c344654f3c7d9b41ba48c8e319aa4eedc3d6bd8ebd65c856a27d61154adc2b2a9763ae0001c0d32e11f38e9dd18c58f6bd779650fc30f93653bdaecf323c9f6502ceab47e58114347b289546465a5eb278de12b1989f64cc99412e36880d20c34d91051b22f6c8acc9d082b7bcdec844f667da0867d08d4154004997e317b79", 0x82, 0x0, &(0x7f0000e66000)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r2, 0x40045532, &(0x7f00000001c0)=0x1000) setsockopt$inet_sctp6_SCTP_EVENTS(r2, 0x84, 0xb, &(0x7f0000000140)={0x10000, 0x1, 0x4, 0x9f25, 0x6, 0xab4a, 0x1, 0x6, 0x2, 0x4, 0x8}, 0xb) shutdown(r1, 0x1) [ 870.859516] FAULT_INJECTION: forcing a failure. [ 870.859516] name failslab, interval 1, probability 0, space 0, times 0 [ 870.870863] CPU: 0 PID: 15726 Comm: syz-executor7 Not tainted 4.18.0-rc3-next-20180709+ #2 [ 870.880671] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 870.890580] Call Trace: [ 870.893182] dump_stack+0x1c9/0x2b4 [ 870.896812] ? dump_stack_print_info.cold.2+0x52/0x52 [ 870.902353] ? __kernel_text_address+0xd/0x40 [ 870.906845] ? unwind_get_return_address+0x61/0xa0 [ 870.911766] should_fail.cold.4+0xa/0x11 [ 870.915841] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 870.920937] ? save_stack+0xa9/0xd0 [ 870.924575] ? save_stack+0x43/0xd0 [ 870.928199] ? kasan_kmalloc+0xc4/0xe0 [ 870.932101] ? kmem_cache_alloc_trace+0x152/0x780 [ 870.936955] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 870.942133] ? __list_lru_init+0x4d6/0x840 [ 870.946373] ? alloc_super+0x976/0xb10 [ 870.950259] ? sget+0x10b/0x150 [ 870.953536] ? mount_bdev+0x115/0x3e0 [ 870.957322] ? msdos_mount+0x3c/0x50 [ 870.961107] ? legacy_get_tree+0x118/0x440 [ 870.965327] ? vfs_get_tree+0x1cb/0x5c0 [ 870.969289] ? do_mount+0x6c1/0x1fb0 [ 870.972989] ? ksys_mount+0x12d/0x140 [ 870.976775] ? __x64_sys_mount+0xbe/0x150 [ 870.980913] ? do_syscall_64+0x1b9/0x820 [ 870.984963] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 870.990322] ? save_stack+0xa9/0xd0 [ 870.993951] ? lock_acquire+0x1e4/0x540 [ 870.997913] ? fs_reclaim_acquire+0x20/0x20 [ 871.002224] ? lock_downgrade+0x8f0/0x8f0 [ 871.006359] ? do_mount+0x6c1/0x1fb0 [ 871.010062] ? check_same_owner+0x340/0x340 [ 871.014371] ? rcu_note_context_switch+0x730/0x730 [ 871.019293] __should_failslab+0x124/0x180 [ 871.023518] should_failslab+0x9/0x14 [ 871.027307] kmem_cache_alloc_trace+0x2cb/0x780 [ 871.031963] ? kasan_kmalloc+0xc4/0xe0 [ 871.036045] __memcg_init_list_lru_node+0x185/0x2d0 [ 871.041059] ? kvfree_rcu+0x20/0x20 [ 871.044672] ? __kmalloc_node+0x47/0x70 [ 871.048639] __list_lru_init+0x4d6/0x840 [ 871.052697] ? up_write+0x7b/0x220 [ 871.056225] ? list_lru_destroy+0x500/0x500 [ 871.060739] ? prealloc_shrinker+0x124/0x450 [ 871.065141] ? prealloc_shrinker+0x21c/0x450 [ 871.069547] ? inactive_list_is_low+0x850/0x850 [ 871.074212] ? __lockdep_init_map+0x105/0x590 [ 871.078702] alloc_super+0x976/0xb10 [ 871.082415] ? destroy_unused_super.part.11+0x110/0x110 [ 871.087779] ? lock_downgrade+0x8f0/0x8f0 [ 871.091929] ? kasan_check_read+0x11/0x20 [ 871.096088] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 871.100656] ? kasan_check_write+0x14/0x20 [ 871.104879] ? do_raw_spin_lock+0xc1/0x200 [ 871.109116] sget_userns+0x276/0x860 [ 871.112831] ? kill_litter_super+0x60/0x60 [ 871.117053] ? test_single_super+0x10/0x10 [ 871.121288] ? vfs_get_super+0x270/0x270 [ 871.125431] ? kasan_check_read+0x11/0x20 [ 871.129564] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 871.134140] ? kasan_check_write+0x14/0x20 [ 871.138372] ? do_raw_spin_lock+0xc1/0x200 [ 871.142607] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 871.148368] ? ns_capable_common+0x13f/0x170 [ 871.152966] ? kill_litter_super+0x60/0x60 [ 871.157186] sget+0x10b/0x150 [ 871.160289] ? test_single_super+0x10/0x10 [ 871.164510] mount_bdev+0x115/0x3e0 [ 871.168138] ? msdos_mount+0x50/0x50 [ 871.171926] msdos_mount+0x3c/0x50 [ 871.175455] ? setup+0xe0/0xe0 [ 871.178638] legacy_get_tree+0x118/0x440 [ 871.182771] vfs_get_tree+0x1cb/0x5c0 [ 871.186555] ? vfs_set_fs_source+0x12c/0x180 [ 871.190949] do_mount+0x6c1/0x1fb0 [ 871.194479] ? kasan_check_write+0x14/0x20 [ 871.198702] ? copy_mount_string+0x40/0x40 [ 871.202922] ? kasan_kmalloc+0xc4/0xe0 [ 871.206808] ? kmem_cache_alloc_trace+0x318/0x780 [ 871.211639] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 871.217165] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 871.222686] ? copy_mount_options+0x285/0x380 [ 871.227179] ksys_mount+0x12d/0x140 [ 871.230792] __x64_sys_mount+0xbe/0x150 [ 871.234851] do_syscall_64+0x1b9/0x820 [ 871.238721] ? finish_task_switch+0x1d3/0x870 [ 871.243215] ? syscall_return_slowpath+0x5e0/0x5e0 [ 871.248140] ? syscall_return_slowpath+0x31d/0x5e0 [ 871.255241] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 871.260243] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 871.265765] ? prepare_exit_to_usermode+0x291/0x3b0 [ 871.270954] ? perf_trace_sys_enter+0xb10/0xb10 [ 871.276999] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 871.281839] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 871.287028] RIP: 0033:0x45885a [ 871.290199] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 871.309682] RSP: 002b:00007f413f26ea88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 871.317411] RAX: ffffffffffffffda RBX: 00007f413f26eb30 RCX: 000000000045885a [ 871.326085] RDX: 00007f413f26ead0 RSI: 00000000200000c0 RDI: 00007f413f26eaf0 [ 871.333441] RBP: 00000000200000c0 R08: 00007f413f26eb30 R09: 00007f413f26ead0 [ 871.340708] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014 [ 871.348136] R13: 0000000000000000 R14: 00000000004d3f40 R15: 000000000000003a 03:39:24 executing program 7 (fault-call:0 fault-nth:59): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010a0200027400f801", 0x17}], 0x0, &(0x7f00000001c0)) 03:39:24 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x40, 0x0) r2 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82) ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r3 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r3, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000000040)=ANY=[@ANYBLOB="0202000966000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002cf004e20e00000a0ea863accd2ce5ec7b810ffdfa66919bfc974d184fed329401a8317"], 0x60}, 0x1}, 0x0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r1, 0x84, 0xf, &(0x7f00000000c0)={0x0, @in={{0x2, 0x4e21, @local={0xac, 0x14, 0x14, 0xaa}}}, 0x800, 0x5, 0x7, 0x1000, 0x1000}, &(0x7f0000000180)=0x98) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f00000001c0)={r4, @in={{0x2, 0x4e23, @rand_addr=0x4}}, 0x8000, 0x7, 0x5b17, 0x6, 0x2}, 0x98) 03:39:24 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020000006f786e6574302d232f70726f6300") [ 871.435041] FAULT_INJECTION: forcing a failure. [ 871.435041] name failslab, interval 1, probability 0, space 0, times 0 [ 871.446394] CPU: 0 PID: 15745 Comm: syz-executor7 Not tainted 4.18.0-rc3-next-20180709+ #2 [ 871.454886] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 871.464335] Call Trace: [ 871.466931] dump_stack+0x1c9/0x2b4 [ 871.470566] ? dump_stack_print_info.cold.2+0x52/0x52 [ 871.475761] ? __kernel_text_address+0xd/0x40 [ 871.480265] should_fail.cold.4+0xa/0x11 [ 871.484332] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 871.489446] ? save_stack+0xa9/0xd0 [ 871.493254] ? save_stack+0x43/0xd0 [ 871.496904] ? kasan_kmalloc+0xc4/0xe0 [ 871.500809] ? kmem_cache_alloc_trace+0x152/0x780 [ 871.505653] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 871.510843] ? __list_lru_init+0x4d6/0x840 [ 871.515080] ? alloc_super+0x976/0xb10 [ 871.518980] ? sget+0x10b/0x150 [ 871.522263] ? mount_bdev+0x115/0x3e0 [ 871.526072] ? msdos_mount+0x3c/0x50 [ 871.529896] ? legacy_get_tree+0x118/0x440 [ 871.534147] ? vfs_get_tree+0x1cb/0x5c0 [ 871.538139] ? do_mount+0x6c1/0x1fb0 [ 871.541866] ? ksys_mount+0x12d/0x140 [ 871.545778] ? do_syscall_64+0x1b9/0x820 [ 871.549936] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 871.555313] ? save_stack+0xa9/0xd0 [ 871.558948] ? lock_acquire+0x1e4/0x540 [ 871.562925] ? fs_reclaim_acquire+0x20/0x20 [ 871.567251] ? lock_downgrade+0x8f0/0x8f0 [ 871.571524] ? check_same_owner+0x340/0x340 [ 871.575849] ? rcu_note_context_switch+0x730/0x730 [ 871.580788] __should_failslab+0x124/0x180 [ 871.585029] should_failslab+0x9/0x14 [ 871.588831] kmem_cache_alloc_trace+0x2cb/0x780 [ 871.593518] ? kasan_kmalloc+0xc4/0xe0 [ 871.597418] __memcg_init_list_lru_node+0x185/0x2d0 [ 871.602451] ? kvfree_rcu+0x20/0x20 [ 871.606087] ? __kmalloc_node+0x47/0x70 [ 871.610086] __list_lru_init+0x4d6/0x840 [ 871.614166] ? up_write+0x7b/0x220 [ 871.617797] ? list_lru_destroy+0x500/0x500 [ 871.622122] ? prealloc_shrinker+0x124/0x450 [ 871.626534] ? prealloc_shrinker+0x21c/0x450 [ 871.630961] ? inactive_list_is_low+0x850/0x850 [ 871.639282] ? __lockdep_init_map+0x105/0x590 [ 871.643798] alloc_super+0x976/0xb10 [ 871.647519] ? destroy_unused_super.part.11+0x110/0x110 [ 871.652978] ? lock_downgrade+0x8f0/0x8f0 [ 871.657135] ? kasan_check_read+0x11/0x20 [ 871.661372] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 871.665986] ? kasan_check_write+0x14/0x20 [ 871.670220] ? do_raw_spin_lock+0xc1/0x200 [ 871.674470] sget_userns+0x276/0x860 [ 871.678197] ? kill_litter_super+0x60/0x60 [ 871.682447] ? test_single_super+0x10/0x10 [ 871.686685] ? vfs_get_super+0x270/0x270 [ 871.690747] ? kasan_check_read+0x11/0x20 [ 871.694896] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 871.699656] ? kasan_check_write+0x14/0x20 [ 871.704590] ? do_raw_spin_lock+0xc1/0x200 [ 871.708851] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 871.714389] ? ns_capable_common+0x13f/0x170 [ 871.718800] ? kill_litter_super+0x60/0x60 [ 871.723033] sget+0x10b/0x150 [ 871.726169] ? test_single_super+0x10/0x10 [ 871.730417] mount_bdev+0x115/0x3e0 [ 871.734045] ? msdos_mount+0x50/0x50 [ 871.737960] msdos_mount+0x3c/0x50 [ 871.741505] ? setup+0xe0/0xe0 [ 871.744717] legacy_get_tree+0x118/0x440 [ 871.748783] vfs_get_tree+0x1cb/0x5c0 [ 871.752673] ? vfs_set_fs_source+0x12c/0x180 [ 871.757100] do_mount+0x6c1/0x1fb0 [ 871.760644] ? check_same_owner+0x340/0x340 [ 871.764974] ? lock_release+0xa30/0xa30 [ 871.768953] ? copy_mount_string+0x40/0x40 [ 871.773189] ? kasan_kmalloc+0xc4/0xe0 [ 871.777082] ? kmem_cache_alloc_trace+0x318/0x780 [ 871.781935] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 871.787474] ? _copy_from_user+0xdf/0x150 [ 871.791655] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 871.797196] ? copy_mount_options+0x285/0x380 [ 871.801712] ksys_mount+0x12d/0x140 [ 871.805350] __x64_sys_mount+0xbe/0x150 [ 871.809327] do_syscall_64+0x1b9/0x820 [ 871.813215] ? finish_task_switch+0x1d3/0x870 [ 871.817812] ? syscall_return_slowpath+0x5e0/0x5e0 [ 871.822838] ? syscall_return_slowpath+0x31d/0x5e0 [ 871.827971] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 871.833099] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 871.838641] ? prepare_exit_to_usermode+0x291/0x3b0 [ 871.843662] ? perf_trace_sys_enter+0xb10/0xb10 [ 871.848332] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 871.853187] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 871.858463] RIP: 0033:0x45885a [ 871.861649] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 03:39:24 executing program 1: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) listxattr(&(0x7f0000001780)='./file0/file0\x00', &(0x7f00000017c0)=""/33, 0x21) mount(&(0x7f000000a000)='./file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='configfs\x00', 0x0, &(0x7f0000001800)) socketpair$inet6_udp(0xa, 0x2, 0x0, &(0x7f0000001800)) r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x400000, 0x0) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000001c0)={{{@in6=@mcast1, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@rand_addr}, 0x0, @in=@remote}}, &(0x7f00000000c0)=0xe8) sendmsg$kcm(r0, &(0x7f0000001740)={&(0x7f00000002c0)=@ll={0x11, 0x8, r1, 0x1, 0x1, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x80, &(0x7f0000001580)=[{&(0x7f0000000340)="a802025ab005fec2bf4a2a62e2892f4b08c3f423012b9744eda6defa0af525ab7eb273d383dc2143aba390247a16d8c539338fef09de1dc1e284333dbabce5270613f119b39edc44823fc688ac2b6392fee98166687deadf37912aabdf300ddb3ce1fddb1e48b12289fd14e7a54ab605716aa54a2a16a667d1475a89ce195e14c9d46c3df9be0beff3edac37f586b0e62cbd3393bf4ac5d02818fb0754a5a8e5e00c34d2ddf9ffbd0f18ae245e41a330974a3b19f852a7f44260cbc8406ff01912834e005ff2434193d359231c76cf", 0xcf}, {&(0x7f0000000440)="ed2ad0af94fcd796841a9be2554e88a902a00627a50334edc5fddc0541f12f9861f1452d7c5a08f3abd81e6338b80ae4797359dc5e936a380c8e3f5cb05ae01e62ebc0e67b985df8962d6131bfa2f886b83ffc97d0f5daea4ec78dcb2f044afe3b8cd6a30b84ebee36", 0x69}, {&(0x7f00000004c0)="5cd55ea4c1a3bdce0cad2dd8f62c59afa9d6e07b7ee045d79f522fe076b831db66f33224e175d4e814d2b74e7811e7fdc41d5b438f910e404191064e54a5132acc3c634d1b911e8ec5c505c71ad31155fb7f58f048fd0fa8962399c57ec49de64687e32b70a5221fe214e796ad73c04daccf822c48c6ee42573778271513445beda6ae513a4853bf88c9bf338e2dcd3390138583d503483cf9db9100f16f1f6c1a521f89c4c125053914a0002ca9d444649c5b55c83735a859505b8882cea107939c42d456667bc4be356c13de2925bfee51930a19497aa815e97b932a191fe3615fdc7b9a50ddd971d46d642545417116665cbc24a0ad4b528d3222d1322ffb164001a1fe76b338cf0e21a09a3a30f2dbc7f10895684b1073d3bcb02c0861e866a7a6887d813bf6dd9d14ef2aa01a1364963f3ae8d598d514ab17a4f5570cf2f3e9c9daf50364921c63d4b1f1e5c98d41a4029d80ab80286ce386e74b4e10cb11e0a65e033916c34772681c05444d4912aa19e214f20c8b9cccf41e27d81fa07db9aabe0e45a10c8b095a02242afbeaa6a3ac20bce0937dd62f30917be8b79b4cef274f57424042fb04ca84ed9ea614f2ca394b46f754e44ffee4c81928b128ea0d823c62fc0a12a2580e6ba130f3004837cdd91e918073176629af73a9f1652edf6ba58d684ad99b592b0e67833c3c59305b4669c5218c6e6eab03e840e024c764ef05bfc5a7d5f155c21fe8cf0f353d076f9903efbbe1b42916144b7259942a93d1d68208c1286f063ef4bdba47be99c187c5eb6942227175fa0d8657024cd2078ec5f327d230a6098602f3bce5d721f834c71582d9079ea04fc2e8969a25639f49c4403e798dd59abb7d13a5fdbaa2f25b253f4910b5157753ded4361fb43d44cffa57e8da205e531b6d300fd5e3bed8fd3a501d85e39d9157afa73854c82709f1c7b1db6e5943dbf74b648c3db31ba4df6f4d67ead66694ca48498a84ed9bd5f5a9f1691637f83795923bd9755df86c39ca02503f61491a7f247ee68ce0a7f78908227150083cd79ab8dd41dd8278b46341a8d6a444b42d591c7e86ef578e78ba20088eca5aa10e6ed8adbd8445c123bab73df46e00254dde45ee8ad6a2d27fdbc5007eb37a17213df53d703248e5bd9eeb20fcb1d711ea9a680ddc9ea91e753c2215c942b3f7dfd92052c7c918b22ec4b265a17325bed92c583422b8fb182299323dc8bba915bf40e9fd188876ed55a8de2c8b4eec61924be886758d6462497bd9a67a3fee5329667e7fef49844a7c7fb7d0f0beeecc75f810c43c01c9cd87b2f23db4b0a2477243489570c5966c2aa771723204db3dc9c2439975584f93c203e3a9632a3249ceb0cf8d97d49797b5b7099bfdf4b303ec56bc6a5b7af316a22b4810a45cca6aa41ca44e7ad13384531745e9b6ef26386d6816a194dd29729f04ba83e9189f497fb147bb249be221c7c400175c731a5985d787005ee56f52435f1cb44706105834b88076e18a1fd99f59fa5780f1cbe041d0b09e2fd5602751632c546bd64c303df901ec4a19f7da7abca6e73755b122a3e2c26033ec917da13483770c76647a81f915284357f50388bc9c21f9a96fd32cd38b5c57adb30abe2b2be7eeb4bdf39f8608a2ce342625e90e6743e99db1634e36ecd6823b1c8bd84172dfa22164f85277ebcda91423c1014fc87517bc4e4296342bdf30962936b6eee7afecbfd975f847d6e8962ffb41efe7422cba1940a99cad8505ac4b12db66af0ff1751e52071e5986cb403f38cc13dd7b669688fa5cc253c4dca342f83c751bc920570f32022fb8cda2df47f8ce520f51226ebf7e3413c7fbd23f1137b71771b6692e936b51ee18126176bbdddc8c0e626cf3a9502ad858376603c2321762a87b6ca8892ea27bf9adf27bb24d158a920c02f9af8b7989597788dca1a770949ac435b291f6c0907b907fe578adb437597178e50c9cb159c7e8a0ffe62a75de4dbd1bd573c191102111fc8e9f9270a8aa4c2898c5c5a88d0894e54077529c620b2430869d94903c6e89b49f9aee4b4f8ba61452c7df3e25abac0e85a52c465b348c9031c1d10d8380324468a6837ede941b73fdd9206bc0e0cd4b76fb9144bdc98ebd6ca86d6a0f1b2d744f31958e5a1e8000af64eac8ff2f1ec2cd0a0cbf7f061a301638d06d9f0be834a239af22e4e78dfb24334cfcc4725142fb2edbbad235b9b54da0094de5e35493a7d6a9ec6f200cb45ee19758a7ab826edb69d28007d51e07c9be14f4477ca7b1373646852ea891315bcec19c0b919b42cfa524ed194515f51b99f80a2bd1159b23bec36f3495b121a8cceb7c97187bef6554cbf013530db87ff664d06ad93ec92a1fbfcaced9a53e0da1540261c1c041d1efc6e4d4d4ffb7fee4f602a18ff4dffe3852cc5908f35b8637bf3773ffcfbca03118907fd303b38ab74260383bd3ef667ba8b402f855863aa194fee10fdd89f11bb042aa0a7c0927bbccc0f2c9839b7f9c207b53240d775b1d0bbca1fcf1afaf6cbd6ecfcdfd2321145d3d40ebfcc7d6f0cb0d0e477c32ec647b67a2cbea19cbcb706511cb9679bbfea945439a5be872f670cba2146274cf8d49a6fa6ae901dfb9b20f9c7f1282d2b1e8b6b12d76c3ad1335e65d833bb48fc41bd6480b584af43073bba0f8c9e9418dd1f154d8347b8ac87476fd6b6883b59ace0cd227a354ad5b75dae1ebffdfb5141dd994aa7af1aa433058fe75c00162cf213d29a13f418b5d3622724a454dc73b43cffc0fb33cf41e055176e0d7f9678a5e7f5c1817d180a6a8e7661d3ea5ed7df750b2037eb4354de54fe9f04be8bf27699b2820dbd2d590f08702c0132bf9fb32a41ff20b6b28848c59edf63214ceed635ac887aec413d139828777549314efad482a2ab1914a9db70cfa76e150eb005382e8ecf9816c033626429bd8adf4be71fee7d40f52bf4e494efa2c3f9452db6a6a2611e6d1e3043b2e9530d2ce1d3cf859c128de383375470c2d1c7fc2e7bd79e8e5d0f044cdb9d3b5ec78b452ed6031bae13140fb84a45357a32ef3ee1c8e8a9563a61b2fa9668246acb720b623bee7b4ef27ba4a2b5647e5fbed9f5dc14c6cc5841718555b7dc3382d1d7c8ac076c468b9d0527778d2e365ca047ca11c89d74f60975282e2180c1e978bd5f2926095895171b43b8f4416dd7c173fe772d8f98f682ef2e309013ef9a3f7a9cbdf24f7d37466ea06f1955abf60a7fe20cc4efd9465e034dc5bef68602decae30f9c5f005e9bd66adfd669e928b7ad3dacad3262047fae751c2622d37e0fd296c072d618bbebcdc5ffd14b8391f9722124e88bc530dc55e006e6f90f3597735674f1f9b5d33aaad666d037f8e52a2a72deb28f89955b3d78ea5f0e317da2b3fa0d744fbb9d3e297c73599c7e2fc68aba0b668c7d386cc4a0cc6f40a652339a8aeecc6d4cd30be8e8d261a32245b0f2bef436d64e21fd8299903de66e4640d70720eaa031ef3fbdac669916321bc69d20c4fdb4d0d74121a47a8ec8e845d94edbe2eed7b2c279412dc4a568f0989ff0f8a8c616c67b1f4c66197051ef7c97bf7f4fb8fb18e39e2209d2739593d6e64f90b9b00612074b4a8766328b8cd0aa6f5c65c101dfaa4181d28fb6040de4005e516bb58454d1d018ee653a64d04b0ca20c057c223d923c6ae1d9fa7b217282ce6e99471c989ac998fb1f0ee9bbafa32c31c0e802ddc4619308684fac97dea8b8c0454b37964e4e16fc138a7860705a636bb1d987123c30644212b5dfdde8dbc7b2aa12ac7e4a5cd6404ca6bbf097ed5169f5e2866afa8951f095a1043049162cefb8a5730fbdf169071916148c7552ddd482b3bc6260afd115c0e4bea9401e4d057308892e8eee340a8803d464f9a70bbbf6c80962f3eb50d9febfc4431b250820a4cb982dfd242c4bc43cd9c3cc0aab5334974155b8f6b3ef2b8dfea19e468d9b841675536a651387c1aeb71875aebefba825f691bf1c72c2148468d83d186471150345f7e91f69bff41087fd76a16f8787650e296bfd23d1d2a6984ca1cefb1929851518c0816a9b71edea0560fd1f7c50d8b443ef0969f81474aadfc62f953906a0c1592bd7af68c76ed5af66a99bc86c945b863214a8e6d27d6391282d881008f44b9b81dab5807845994dddbb729825803b685a0812d611882a5dfa1a0e864271b7b747406968d79eb039c7cc7ca1e1b25b463a58c7dfd7511ef9b6afc5bc97124d51cd9e18cb64df262c5bf4185a79b2b4166cb85aa7541471f43b84510722734541cfb89c1d393f561676a5bff6fd02186b39e61d0ead775f2f74bec99f9a0ad563434b80542d01ec34f2755dbe863448648328118a20d7e0c2df02df83e96cf6ddd2d0c0ed40dd6caeb17bf4476fecb618712a4d3e555d01209d779a185d9e2b8938a8634d42349614d4613e4ac224ae08b6f29b4d1f1781b0fba08dd92c56facb9f2980c02a90018b8a257bfb0a08806b9abdaa3f1ecb7cb9bfc50af77de0e92d665b031e21375dbeadca298d8c3b21ddd7fcbc8f8af3671bc0ac2a0bdf4228d631e30331d4fb43d9f1165bcf6e555f8c18ea58d1b884269ee2708cc1ed1948a9945154eb5a5fc18f442a0b87862e24798231d03b8134ad0f0813a6b26d2630fe7332f8a75e101519e18cfe46f9a8ee3fcb21b931ce3d7faf2ca395689c6001c66c92ed3624b203d47252934c53567d460324515148dbbb2c434f7ac0b70f52d742b722998df54cea69eacec65bf2cfeac933babf9d151077d3b99c9912f81aa33cad66016b2f20dd3b38cadeaf9ef3e47ffc978ecb30e6246b51fcc2614778186dda8a5cebc63ff76fba9c260f22e8a9e801fba55493683e93fe96810e4000698af46d9e4fa6c8e36b2f4c826c7c0a552a8a2ce5c4c973ff7d98d34312a153f26f32983e7d6508c808e0188ad4938607df9beb17b68fdb09f9865f52703fae7b53c84310308e339d488e48e966489f8abe3d482758cde0f9bcdc3a147bc1b9b65447c258811a828aca7aabdc42989e8b0696090a2f886e0f33e00340c8b1603580348a90c07e77376ba945771af7b64c2f2472c49743abba74381f2a6ea0a84ad42befc6207f0807205b99f4836b25cf8fad6e76be0ff9887ecae1e14991349fa35550e3fee32b972d83b089ab2b53449949bc0388ba5e958bf4d864e984f237300040c490b775e8a9b91082f6a9abfb308f54ab34dc991f0a3f4e858305f0cb7aa8ef4c72b13219aa8845f67dc4588183c832c2fb50c7566b05479a2087f532fd8dc77f1a5ade4850abe3a577c0aa0ae4fa8fa745ff25f47886c934d1cf6f2531606c05a7b80b552f7581596af0ab4938fe0761ebad47f3524375b6ca5f7605e5c15b695eb67c8eb3d669c65fadaf81a310c75d4be8365326f4868b1e6b6ec07e09c7edf573526f259fbf71a6183d891fd9163314f71d69b7e87b328063914a9d741fdd1458c2ffd48fcfa548831a3a8cb467610acd8e102ac71df72ab46998f27844bc86c319db156d11eb9a37d10fc15c871f216e82584ab2fc5cf9bcf1cfe7768fd0c58c8ec0f81f413bbb66db056b915199a04be3b9282479c7925980feb25328d2a081b702f9d9059a7852f0ba0f25588c51933915d3471158ee8877953ef9d99de21c2df29f35d3e729147c752f951c82aff08f39aa5d7e44ecefd917d56f577b6d75f695bf14bcd867ca7947272d05b0a91fe69f53c5f69f996b5a263da68c4708a490a312aec5d232d4a4908012a72022d2a5ea2797298c67a3901ec43b4f34b244b03", 0x1000}, {&(0x7f0000000100)="f7f6b1ea4634e6c59118e6dd07d5bf574e22fb15493814152f946b1489455e7f0d1d18b2ffe5f87d5ab789af5427fdc1e943b7", 0x33}, {&(0x7f00000014c0)="96e725f0cf88b8d48589ad6a3609fc94f602f0b827444f4c25dcb28adeaacfa7d51344be", 0x24}, {&(0x7f0000001500)="da8a5fdf1902a0744aff910f45a3b1714614703090749afdc63b1af315b577208a8530414b2190d22b81910ac10d9d6d2aa1a25cdebba5f3bacf2941f6019577f7d3a669993c0cc8441cd00eeeb0d525830a1b9e7779acd7c2b5bbc757059ad4a15e938e2bad064fe98eb09972a1a9c47f68500c4fd9a4fde6", 0x79}], 0x6, &(0x7f0000001600)=[{0xb0, 0x0, 0x81, "c6463f1fcedfe606977a7c00b0bb85a38f66a3807921e4781c18b012af6961b3c914d11be751943d29533e84928c60c74512a8dc9a4aed86ec9366925acc186ce4d105c9ddc7f58b4d4f4093bf6996db79c20f125d410d34efa2f1784065635d4e3e92683fc7f49ac48d0b1d07f4d1151b1cbfe89bd79f6e977e7a763e7ed7aaa5402da738d3a5a8f025ebb026dd66cd2ba7ae5ea969504274f7fe"}, {0x80, 0x107, 0x0, "e3e63a8bc624f96c88ddb22b943b18c511b88e0dd6099fc852f92efc744970cbcb3f0968f4ab601d5852985e0ba798601b4776ebbc2eed701a9d928a356244730b74dc709f9f93ddf015d6c8262ce7f879d6cb00cbb2dfef97ed9da980292cf12a51948a2cb1baaf11cd"}, {0x10, 0x0, 0x1}], 0x140}, 0x80) ioctl$RTC_AIE_OFF(r0, 0x7002) utimes(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={{0x0, 0x2710}, {0x77359400}}) 03:39:24 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r1, &(0x7f0000deb000)={0x2, 0x4e23, @broadcast=0xffffffff}, 0x10) setsockopt$inet_icmp_ICMP_FILTER(r1, 0x1, 0x1, &(0x7f0000000080)={0x1}, 0x4) r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x40000, 0x0) socket$inet(0x2, 0x3, 0x6) ioctl$sock_kcm_SIOCKCMUNATTACH(r2, 0x89e1, &(0x7f00000000c0)={r1}) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000100)=0x0) setpriority(0x3, r3, 0x7f) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000180)='ip6gretap0\x00', 0x10) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f00006dc000)=[{0x6, 0x0, 0x0, 0xa1}]}, 0x10) sendto$inet(r1, &(0x7f0000000140), 0x0, 0x200007ff, &(0x7f0000deaff0)={0x2, 0x4e23}, 0x10) sendto$inet(r1, &(0x7f00006fd000)="c3401c344654f3c7d9b41ba48c8e319aa4eedc3d6bd8ebd65c856a27d61154adc2b2a9763ae0001c0d32e11f38e9dd18c58f6bd779650fc30f93653bdaecf323c9f6502ceab47e58114347b289546465a5eb278de12b1989f64cc99412e36880d20c34d91051b22f6c8acc9d082b7bcdec844f667da0867d08d4154004997e317b79", 0x82, 0x0, &(0x7f0000e66000)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r2, 0x40045532, &(0x7f00000001c0)=0x1000) setsockopt$inet_sctp6_SCTP_EVENTS(r2, 0x84, 0xb, &(0x7f0000000140)={0x10000, 0x1, 0x4, 0x9f25, 0x6, 0xab4a, 0x1, 0x6, 0x2, 0x4, 0x8}, 0xb) [ 871.880969] RSP: 002b:00007f413f26ea88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 871.888770] RAX: ffffffffffffffda RBX: 00007f413f26eb30 RCX: 000000000045885a [ 871.896036] RDX: 00007f413f26ead0 RSI: 00000000200000c0 RDI: 00007f413f26eaf0 [ 871.903313] RBP: 00000000200000c0 R08: 00007f413f26eb30 R09: 00007f413f26ead0 [ 871.910590] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014 [ 871.917859] R13: 0000000000000000 R14: 00000000004d3f40 R15: 000000000000003b 03:39:24 executing program 0: r0 = socket$inet6(0xa, 0x1, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x2, 0x600080) ioctl$KVM_SET_VCPU_EVENTS(r1, 0x4040aea0, &(0x7f0000000040)={0xdb3d, 0x0, 0x1000, 0x0, 0xadf7, 0x7249, 0x0, 0x9, 0x7f, 0x4, 0x5, 0x3579, 0x0, 0x2, 0x100000000, 0x6, 0x2, 0x8, 0x367b1782}) r2 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r2, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x0) 03:39:24 executing program 7 (fault-call:0 fault-nth:60): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010a0200027400f801", 0x17}], 0x0, &(0x7f00000001c0)) 03:39:24 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020000006f786e6574302d232f70726f6300") [ 872.064633] FAULT_INJECTION: forcing a failure. [ 872.064633] name failslab, interval 1, probability 0, space 0, times 0 [ 872.076095] CPU: 1 PID: 15772 Comm: syz-executor7 Not tainted 4.18.0-rc3-next-20180709+ #2 [ 872.084495] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 872.093847] Call Trace: [ 872.096454] dump_stack+0x1c9/0x2b4 [ 872.100085] ? dump_stack_print_info.cold.2+0x52/0x52 [ 872.105288] ? kasan_check_write+0x14/0x20 [ 872.109632] should_fail.cold.4+0xa/0x11 [ 872.113698] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 872.118807] ? vfs_get_tree+0x1cb/0x5c0 [ 872.122794] ? do_mount+0x6c1/0x1fb0 [ 872.126508] ? ksys_mount+0x12d/0x140 [ 872.130347] ? __x64_sys_mount+0xbe/0x150 [ 872.134494] ? do_syscall_64+0x1b9/0x820 [ 872.138557] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 872.144024] ? __list_lru_init+0x409/0x840 [ 872.148288] ? lock_downgrade+0x8f0/0x8f0 [ 872.152437] ? lock_acquire+0x1e4/0x540 [ 872.156412] ? fs_reclaim_acquire+0x20/0x20 [ 872.160823] ? lock_downgrade+0x8f0/0x8f0 [ 872.164970] ? do_mount+0x6c1/0x1fb0 [ 872.168688] ? lock_acquire+0x1e4/0x540 [ 872.173015] ? lock_acquire+0x1e4/0x540 [ 872.177013] ? fs_reclaim_acquire+0x20/0x20 [ 872.181350] ? lock_downgrade+0x8f0/0x8f0 [ 872.185506] ? check_same_owner+0x340/0x340 [ 872.189847] ? check_same_owner+0x340/0x340 [ 872.194188] ? rcu_note_context_switch+0x730/0x730 [ 872.199123] __should_failslab+0x124/0x180 [ 872.203369] should_failslab+0x9/0x14 [ 872.207228] __kmalloc+0x2c8/0x760 [ 872.210944] ? kvfree_rcu+0x20/0x20 [ 872.214749] ? __list_lru_init+0x151/0x840 [ 872.219510] __list_lru_init+0x151/0x840 [ 872.223662] ? up_write+0x7b/0x220 [ 872.227857] ? list_lru_destroy+0x500/0x500 [ 872.232188] ? prealloc_shrinker+0x124/0x450 [ 872.236601] ? prealloc_shrinker+0x21c/0x450 [ 872.241027] ? inactive_list_is_low+0x850/0x850 [ 872.245701] ? __lockdep_init_map+0x105/0x590 [ 872.250211] alloc_super+0x9a6/0xb10 [ 872.253932] ? destroy_unused_super.part.11+0x110/0x110 [ 872.259321] ? lock_downgrade+0x8f0/0x8f0 [ 872.263490] ? kasan_check_read+0x11/0x20 [ 872.267657] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 872.272262] ? kasan_check_write+0x14/0x20 [ 872.276496] ? do_raw_spin_lock+0xc1/0x200 [ 872.280750] sget_userns+0x276/0x860 [ 872.284463] ? kill_litter_super+0x60/0x60 [ 872.288696] ? test_single_super+0x10/0x10 [ 872.292960] ? vfs_get_super+0x270/0x270 [ 872.297047] ? kasan_check_read+0x11/0x20 [ 872.301198] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 872.305788] ? kasan_check_write+0x14/0x20 [ 872.310116] ? do_raw_spin_lock+0xc1/0x200 [ 872.314375] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 872.319915] ? ns_capable_common+0x13f/0x170 [ 872.324327] ? kill_litter_super+0x60/0x60 [ 872.328575] sget+0x10b/0x150 [ 872.331682] ? test_single_super+0x10/0x10 [ 872.335921] mount_bdev+0x115/0x3e0 [ 872.339552] ? msdos_mount+0x50/0x50 [ 872.343281] msdos_mount+0x3c/0x50 [ 872.346819] ? setup+0xe0/0xe0 [ 872.350014] legacy_get_tree+0x118/0x440 [ 872.354080] vfs_get_tree+0x1cb/0x5c0 [ 872.357876] ? vfs_set_fs_source+0x12c/0x180 [ 872.362286] do_mount+0x6c1/0x1fb0 [ 872.365824] ? check_same_owner+0x340/0x340 [ 872.370232] ? lock_release+0xa30/0xa30 [ 872.374206] ? copy_mount_string+0x40/0x40 [ 872.378441] ? retint_kernel+0x10/0x10 [ 872.382333] ? copy_mount_options+0x1f0/0x380 [ 872.386912] ? copy_mount_options+0x1f6/0x380 [ 872.391406] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 872.396940] ? copy_mount_options+0x285/0x380 [ 872.401442] ksys_mount+0x12d/0x140 [ 872.405085] __x64_sys_mount+0xbe/0x150 [ 872.409062] do_syscall_64+0x1b9/0x820 [ 872.412948] ? finish_task_switch+0x1d3/0x870 [ 872.417444] ? syscall_return_slowpath+0x5e0/0x5e0 [ 872.422480] ? syscall_return_slowpath+0x31d/0x5e0 [ 872.427419] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 872.432449] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 872.437993] ? prepare_exit_to_usermode+0x291/0x3b0 [ 872.443016] ? perf_trace_sys_enter+0xb10/0xb10 [ 872.447684] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 872.452538] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 872.457732] RIP: 0033:0x45885a [ 872.460913] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 872.480188] RSP: 002b:00007f413f26ea88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 872.487900] RAX: ffffffffffffffda RBX: 00007f413f26eb30 RCX: 000000000045885a [ 872.495429] RDX: 00007f413f26ead0 RSI: 00000000200000c0 RDI: 00007f413f26eaf0 [ 872.504273] RBP: 00000000200000c0 R08: 00007f413f26eb30 R09: 00007f413f26ead0 [ 872.511571] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014 [ 872.518853] R13: 0000000000000000 R14: 00000000004d3f40 R15: 000000000000003c 03:39:25 executing program 3: sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f00000001c0)={0x10}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="fc"], 0x1}, 0x1}, 0x0) r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getsockopt$inet6_tcp_int(r0, 0x6, 0xf, &(0x7f0000000000), &(0x7f0000000040)=0x4) poll(&(0x7f0000000080)=[{}], 0x1d0, 0x3b9ac9ff) 03:39:25 executing program 6: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000740)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000013e95), 0x4) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000140)={0x0, @in6={{0x2, 0x0, 0x0, @mcast1={0xff, 0x1, [], 0x1}}}}, 0x98) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000140)=0xd) close(r0) 03:39:25 executing program 5: mmap(&(0x7f0000000000/0xb3c000)=nil, 0xb3c000, 0x0, 0x100000000032, 0xffffffffffffffff, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000000), 0x20) r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040)='/dev/uinput\x00', 0x84200, 0x0) mmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x3000007, 0x11, r1, 0x0) ioctl$sock_inet6_tcp_SIOCOUTQNSD(r1, 0x894b, &(0x7f0000000180)) getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(0xffffffffffffff9c, 0x84, 0x1b, &(0x7f0000000240)=ANY=[@ANYRES32=0x0, @ANYBLOB="90000000d3fc4e1f339a6b3f137f67e33d68c1b06716921e88641927835346e8d25eeb8aa325118e1704b257ab629862a7143a0f65349325ab52fa5d3c5481765d2b16cfb35927f5b05e576c7c755cb529ef0441adc10bda2bea051eacfa4e547c5d634dcd7f29b82b349c1c096cc1342700d856bf0ea03a36ec2478730a2b1f2e1bb01c017a5200ada19b1e82e5fd97c45813ea550c4b9e9ed1fab91ae95632f2a04634bbfed00acb8e0f40a7cddc6c411fef11c53ad8f7b36fae5f060d8611a7186c78ce7f65077d14be1178d892ea4b9830b658e966ba3317be0b6669592a07eef9f278e8af87bcd1b9b38ce028587fc3c504d67c6835bfa100006e7ab6400de45228a6c3eb093a02b6f7615fe608a64511ca1132bb25ef6c2c20df4bb57107a4a487da3f113ab40e0f"], &(0x7f0000000080)=0x80) getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(r0, 0x84, 0x1a, &(0x7f00000000c0)={r2, 0x50, "dbbe4fd3cbd70cda2254a4fdc7362db0058a4f9954b3b726690f5812e09d6e618bbc867ffa308be63e38239502e8200628c35311705608015be1a3f04f9ed16e682cbacc5eb7ca1f03373ea7c5c12088"}, &(0x7f0000000140)=0x58) setsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f00000001c0)=@assoc_value={r3, 0x2}, 0x8) 03:39:25 executing program 1: mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) clock_nanosleep(0x2, 0x0, &(0x7f0000000140)={0x77359400}, &(0x7f0000000100)) r0 = gettid() clock_nanosleep(0x2, 0x1, &(0x7f00000000c0)={0x77359400}, &(0x7f0000000180)) timer_create(0x0, &(0x7f0000000080)={0x0, 0x12}, &(0x7f0000000640)) r1 = openat$zero(0xffffffffffffff9c, &(0x7f00000019c0)='/dev/zero\x00', 0x48000, 0x0) ioctl$HDIO_GETGEO(r1, 0x301, &(0x7f0000001a00)) r2 = socket$inet6(0xa, 0x1, 0x0) vmsplice(r2, &(0x7f0000001780)=[{&(0x7f0000000680)="1b5e6c7f371dcc4f1bbad7fc24c9779354827ce7e6e9d90f113aebc7c70663f4cf6169b75574864f3695cdfaa5ba8965bc4e02391304ae300fa6ea84e5dea7935627c307cc244b2673d3a270423847c65108d709147ef97ef53547e93490d00fc70170b6512656c5a405840ca643f046df10fedfe2cf36bffc715539d356a6296f60ea275d03425ea0aa112d87fc9d5f66202a54912925c31f3c37669a52ad78023ae3686df553824c76a9439c3bf956332053290124856118aa0a90586ecc9dc7606e53a569c359f9a11dc59cd9d569322a770d82457ab432d9024794eb26c2fc0bdff0cf736903b42f5d7c2b344b187b5173b3d0ae312be20132f3c8a59a548713bec73478d949064a8de55aa2278679ffd78897e72f7bb97d6da110f5e45fe4e9c0a53b246d6c9b720231da6fe2fd3ebce8564abc07e11c4f02b2cbab83662db1da4f8954986e9aa5816446f4f004d5645bb3a9bd9c8c8bd731f0aed4a0878d45a39c97209c0072c74b6306f4796be767700835cb9c94437caf294cd4eb291984b8ee04cd805c9d633e80e181b44f93bfa35f1e5b795516cd35da50b6668145a0acf0798a96ada0d168cba2b317be319147ba720cbea57b7a721d8c0d06c5953c8848d56141ddb3b1091637f0cee7e53e4c2b8193d9ddf68c2b5227e14ce1de0e9b17ad15236ac908a129737ce49f98c70caba2af6301f151d8dda65825766a10dba0648b5d43f966905ca2955e0d120593a38071d303ed1f0fa406090cfaf9ecad7aa4b88bddd0fac26f3922587d9e2bf5b5a6eecb4df073a050f394ac320a590579d4dc8c8f7848d1682d5253af1e5d6bd628239f5d58f199800b534c0b6341e492d0750db84663d355ba2567f50a0a2d8985702fae3b5e8f136969e948cd501ec57dbc1bd32a117655e3d639a8771cbeccf2b3fe8f0287e8245e88140b7756c670836a82ed28b93d7712987cb88a1da9c16f73088be3e8bb9d5b72c3dfc0a24899e0c8d162abff8619617c54e6d5931b6a170b203e4e08eadc6cde1a3e48d066a92ec4f17a8808b9b34fc541b20108632c40d2d842a6006f3c7b21f5e6d97c3079a1f631af779a9575199faf5996be39dcc4eaec76ee03f6e8ca6e33266d8158390c43cacda50ae4ac7ddc733e2571f92fbf1e6dbdb6d241575b5fe454897d1cc42910f17f7c4defcc843fad28837e0cd52706086e90ab3b990ec8a7dbc3dc249f4e026da5a8e5d6f42233dac60b3ac97c7a00f1c635b405e34b9e854cdfcaaf68adf2dcca203e8f6a824c672704b5a66981849d37222dc34200663d6759526b48208a21993484ec2e184f8de970d209702e1ff70ec459aaeb4cb31f0afe2db940e10b747a522e4bc191d5deaa4630aa7d657d5d15df5a29d3ed4da56e6a8e8220389767bda28d89cc5d212eadfdeb2f8505a8190847bee20a6ab5468753aef9ddb7d68079130ecc11ef93df26782136a2865f9cad2aeab821831f6444951f060f3e06c7a027f71a2ed899551964baacdacce621c159d15d0c8dc9bd514dc188a744e28836c657fbb5d43fff7d1c9529bf748c11e2d1552b9524aab518385e1e7161854901d52007dd2f6cd5b9e05780a51121055ac4b78addfe2f2ed3b3b8b56d3505ddc1c0f8243e06a31b2378d48056567940cd3ec18e82fe2f7e72810a2e7b460e141680f495f09453165bc4c528946bbfe7798ace05f882655bf12b5465dae53bd83d7298af6411b3a929142bb63eb110baafd9e141b42b7a1dabfb65f628398150882655af0ca927f51d8a295a74d336276a458ab1e754722da503c45cb2ef889542c18436f5a2e66dd0a4fd6f6850bf626362cfac2883b3729fc8c0bb166a58c247adb0041a9ed7063ad8b18a1d1a5e4416a812d4870cf2d79de9ca64db9fbe61aac91384acd1ce7cbf5ab1edc9791d242f37359377d7c926d8fa4c0ecab5a63c897c66cb4434d3034cd6723ae35b4dfc3805cc09d24b6393433b39908de9dbefab64a96407b9716e5345ade8758ca2c2939302507f9eeaf8a4a19599a96648f9bd1a2d8d13c1ac5701f18de056814e7ca4c2bb8ea3b93b2fda38e9647796d865905f61c2282b5c2c662cf4d1e0dad6020df1777bfb02960088f4c49464318edbdaee684bc40092a22261a2ce77add7b873b5ea97b073e68f4f6ff6717bfff4d05cee32b9ca37e25c9d780c358ad2e7965a9c6b6f82a9c2f16cfd5d3e5074c43ab592ad903dfd615eb9d0733e2094c76da1a1d684f267444570c85ad1c2b5821ce6a331de31a93aa0d589194f6a83b8c7a869ac1eee611755d06d538ea5a0f997383e0446830ab6f09efa30ef942a5153667435884e649918996bdc8178e922ed232f20fae16ca17cf7fde7135c730b9d497cc1b5f1d177c3bc15cd542c5815d988eb8fb824bf9d68143aca540d36782aca1245c2b2bd77c4906010ff41dccb5052c5ca99bd108ef51031b88e75989c322a48e93ec1575930df1fe16206e5b898c30616b6829e1eb9785d741bebde715b199b7dea4af37f05232c8f1d1586c1ee39674adb2b038a415314988adc3be76d5a2af32a3b3092d387f2dde71ac6ab2408f24bd0813653ec0698b49bef612e741397d362bbb81b0c591ec69b78a2e44f94f751e32d195d61cf9923cfa5f9ddec6271551932a4d6e0a39ae5cc3ff219fb882d9fa2c1d5cfe8facdddbcde65035df908ea2cc9377d56b85fb54759edec980117784f26266ad4f14bf5fa9cd72d38963503a707d4433e66c261c3b21bd4b5675c006d87c04e361d6d0397cd497d4510bd7e068fede576626148940ab47202a731de8af786c1c39b029bf35a8fd803551ece9ce420a3d13049c1457851884797d3acf0f832c6ad758c0756eea8a84b2cc65695556c97c35a0ef61d8133d72e76472990acf74b80f6b10ce69e630366b0f4f5ee946733647a3d790f21b5a077ccbbed1c56985cf9ff7cc3bdc1f1c8b916806e46d21737dce0cb2c19cc7e3d09627ce398624e5b3d6efbed3e48505b58047e8e015613a8acd1c50a9ece99c939da942a205115007458b0cf6f9f26897397f49d224c83c73be5570c2d31a29fb8efa698282a2a9536262c9ed6dc215a8d3ad89b6ab66a6bda9c4c1cb7af1ef414dcc8133551427418c87f12cb466be27d1e147befcf9e161ea471fba838c7e0b6841504021146dd83719350ddbe5b08d976dcb92cee919e5a2e778414dd7d7cfb337618b008869d9bcf185c1eb883eed1c359899dc26ff582c243e034ae04813137bb7e7a54f3d5acfd25620453fa5ea241bc09db4e23bcdbe006b04dc26ab4552b7a8db3fe235c439532cceea8bde8cabfb6faae73afc83b19e0dfcaa3798a8cbf2d36f0e5f1d1b03955e618f73ed957a5df662e8ce1537f69fd1902c40a3f94bf4f59ba05e155fcc16950e7d9b6072364cebe6550e4e888673597e9354a4b9166e3c51e599f6fcdd49af2fc8f6016b34fc30853e14537ef54edc81678c071ef848cbbc98414cc3b74bf1cc2b18d0a568532e146d9272218b2ad4b52be60666baabeb73cc49f8610ec812eda0d3b25dabe6f42cd398e9d96e327dbaacaabf409f1ef2be052586590a5247120eb0bb51331371d20854cc5035e31db0e398d38562ec4c6105e10a513efc5dbae7e2b4992efb6c20e683a69370d46ba6cb8c6fd06d31f4601610fe657dd7bf90bdc9b6d0a73fa1772d4a2f48c8d5777444030057f9e6ba7f2e1395d3ec72137ce724bc5b65215c28b5d7db42cbe2f73684cce6d4f9ece6f1325d762493076e4b866c770f088b53dee213945cf393a79719c7a2dd4df52ea14feaddde7042bf358dbfe036211d42a9735907b509900b3bf7acc69792f325c6ba13d82a5eb422b1167d319766e138e12dc2dc09e017f5eeb5b7ac6e5eaaf52325bda9c7ac8821dea7847d3fe5f47e103c08cdb6c67f9ae5f7dadf3158056976cf8cfc4c3c381feb7cb25392fe18c59e24bbe3302ddc2dc213edf1f92db456c6e62fa658d8371fd227a1c0b576aa9b396af742f4a85eb6e13765fe1cda7f3b8d35546bedbcb5d2478c8c09f73e28d4c3493006a15ce618fd7885997a1808cab20f8713ec4a5e97630c72f01c9d828096961d7bc2081a855e6d2f47cfc72d190177e3229b2512134c763aa70ae0ca8a9bd36e1b34350e1c4a7221a1c9c6b16693c117e7cdb010629212f8445ed8ad9015ec4c6e8f7c8e3f596d2658ac28f48c510890741b5a58019abfe54230f589661e84df4bceca30444ef1ba667d9c6c8ce93f3322a8108516738a1639d2ab4a915a317446204b0606b5335c4d93ae224663ba3305aaf075af53ebf936143d889aa79b22fbe19b18b9876783d14bebb9c55def618faa7c2f9848dae4836a5c4bc8b46968412183bcec3bb82e187b51621e5783636851ccbb4c57b4e9b39a03ceac0f262f2dda102a608ef24bcca90620e6e9f8cf8900f3a40827be23e6cc8d89dac306cbe759cf580f8afbeff852f8d9f39677a07ebabe65d56d3121b866cb234e0f951e86a36f80b8ded8d60b044ce52aa0bcd1d3991bf49eca1429024909782883dde060b0a32794a69523404e45931cce2982205b01800b268e2971bdcd852d3228d3d33ffe518e965796ba4c2ddc7a986c0b03eed6387bcaab78c96f08e04b6f0cd390164bb81c303b2cf377d7d9fbe1450f52c6730a4b947523826eb0e0cbc9bcc1f80f3b0bb196f0a290d917635f44bb735d4a95cdc9cff4a91b483d14aaf320bb7b6fb2720e5e007752e205516efe72133ffdb9a58b93c0356dfe7fdf825a60411a2ec157a13422842b0baf6d457b9c127b6a023005ed4155decab1dbcf1b95ebffb6ed21662c05b01d0480d450c0e2bd14bf80df2a373cbc957efd94136e9dcaa5170965570cc33f4e92e5f6b08353f0fc336941d8456ad2dd493d21b863d0b373308f34f2075fbda31a41d42a381af1ccab0f3a8a9119853fedd0c629b2eb9544387586ee6845c5f948eae696a5255b6f0852019e04c10ea19b06a8785e06874f38ecf272fdec4d3280106f840c76e4a14036ae4a2f288f7bdc2567efd83db39ecf54b253b8bacdcfbb634d31d45a30dd42674c96618c32e386527d71d4240742278ada0ccb7a5b26a7a4b9fdea2643539be4d8e588643a5a0e2ca6bb9062b8338af3b06acee00dd90c10c6333c8d65ec1aa460bb8d3d68a868943a04e09e88041672bbb77d6112a1ba748739ae8d25867bd6757a4100991a79504998ca3933de986c7d0ae2554527f6e11bfba6c1f61c61d245cd0bf676c942518205d6a281db1c6dd9c0ca91277be37a240bb13359c476d4875cb03b367a20a42ca730f3f24b9c031ec5867101e838b7c46ca1636a5ff2ae4af42f8a0e3cb47c28e62bb3abfede891ae066dadc12ee802159253fda205b3d8bcc8726fe964bf848f351fce7954467cb44ef4278ddb16f3236096a6e0e905f5fd8e1d23c8b9d40807f6aa83d70cb93f5d2ee08368f1162dd15edef27f6185ff6a4a83443ca3f97e0190abdc6699f54010920b567b221d81887f0afb57ea6853f54dfe2727c99fcec8ffffe756527165607ac3fce31bfcbe38ec053ebd299d43c8bac268c5adedf1f8a5a69f88548ede4d37ac8537b2fcacf481add7921983df800db17c33397c663665be7ec24edc97389ef90118268afa70d91f91debdd4c63b702106fe23dcf394fa19d2300a1984aa36260484afb04f4fd89ee18b1dc6b2d45f2431680e5ccdb22fa7c08815967f547b75ec89112bb2cbc4a2cbfef581061504b49b8154010489529d8a30aaf802", 0x1000}, {&(0x7f00000001c0)="c34ca18d81022710e53c982948ef26c5e748256ae8798f511aeae9674273db82ea7db857673d725a4b61735c2dd31faa3e", 0x31}, {&(0x7f0000000240)="185c9db3b2c752e60d31ac2f490f566d3daaf1bec9fef5f06903d9e2021b02133d799b7f0c5a43e84d358e8f81fada23defd73eb0ea20dbb7dc63bcb783ef2354843d4dc7a2c796035d73d0f806075d33ff88dcf9b0adbd947a11d37d37b52251a7c6766fbac300f4155898b6f0e8f0cf546e09afe3b1d3f6c95e7500b758387a1692b4879c2a0d246e9903e12814b22a66c4f8e7dcc7239ee727029bb", 0x9d}, {&(0x7f0000000300)="ab1ab44adcf36cdbcb11e49761fab377b0d61f1c871f4e0887a53af25013e3e180af2a4c1036ecbf7dc4d21d12be172c59b8f741bf9c8739d19ef26ecefce52befabd04b7537500af5595b34478ed605ccb1e62e43a588bfea144bf1b5d322cd49ff19f69f2e940b4e5ceddcd98c57fff9851a713006af695899e6ed75a1b8f9bb2cc13927dd97774937e5b728d729a8de2a319dfc16b23a2ded42331cada4c394f7e6056996927a1975bc246aabfca6e34b761433ba6cac", 0xb8}, {&(0x7f00000003c0)="35418892c49c18ccbdfa1d7b777075ce87b1af422af675439c05e770f7041b77954ad789963658acc40edf99e69270b1d1f6621408589e845fa1174eb87fc9708ab14b007a47f90f9864f5341d55c6c8ccbfa7d541766ba8c6a9cb89cafef54ff165a51277e7b12d3d5681469d1056643d73914915fb080ba99a2630c8cb7d518b0e8d34c5165035ac8c3cd86fb844ea229da4f4016adb9ffb20241318db27bc0c30946cbf3e14297e995dea6510d58193a06c2ac0acdf75b1e5ba42fa9201cf6203e08e28d954fa89a3c3cd90e013519cdf1f39ee59873c2fe84a0c1a30a191260c7d0f204f", 0xe6}, {&(0x7f00000004c0)="a3c0ef17009ba26f601db5062a5d1afc35595fb5f705d64748dbcea97699bf40e829c6fa0d52b90c92648a98e931dac2be7cc31b7067d979a86ab3ca453e34eede1b1141b3df51510625cbd164ba14551fb01d82a6a20f37ec9d6ea1063da1e1593c1c44c819b4a1ad9a32ab764e86f19c68ffff10f69c67e5039323276791e80f2ca477bad9404ad97cd4b3a284ddf70dd755bd64dc7deb4b8d7f06cd9d9d7136f214e8d09b1166e1ca200f80e7bdbc853b09094ba9a7b65b4b58e3adad8490ead71390efe3", 0xc6}, {&(0x7f00000005c0)="546d2a47e36f15344506b8", 0xb}, {&(0x7f0000001680)="edb61073e3b3500c405b0ac1c21ba7017757d4ec75c2f8ba82914c3c49404b07627e05bf6adc0464dd055788a41f9a160f89fcc66e9a5315ec00f9f4e76577d7ebb0ed6116f1d7d4745c34f2d488f3c04562c423226825a96f1fd9b11830766365eca0fa08064391a45e9bfce55a5b93b99ebf30d042dd722368658cdb31c37ce1cc948422d27095f9b1fb5a8946affcc018cb5b57486b48ea8917f68cf688f0a3ffe9e2352df6488e1a44ebb9e3766f86c423199546bd1a9caa2dedf69c9b7cd651d695b0066be9fa30a105ed713b50d48e4ee1aea1875e6c21fd134e40cc67990b9b182dca9b5679f655207a6f265e117174", 0xf3}, {&(0x7f0000000600)="21995a", 0x3}], 0x9, 0x2) ioctl(r2, 0x4000008912, &(0x7f0000000040)="0700e1311f16f477671070") setsockopt$inet_sctp_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f0000001a40)=0xffffffffffffffe0, 0x4) timer_settime(0x0, 0x0, &(0x7f0000000200)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x2, 0x31, 0xffffffffffffffff, 0x0) getresgid(&(0x7f0000001840), &(0x7f0000001880), &(0x7f00000018c0)=0x0) getgroups(0x3, &(0x7f0000001900)=[0x0, 0x0, 0xee00]) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000001940)={0x0, 0x0, 0x0}, &(0x7f0000001980)=0xc) setresgid(r3, r4, r5) tkill(r0, 0x1000000000013) mount(&(0x7f000000a000)='./file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='configfs\x00', 0x0, &(0x7f0000000040)) r6 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x1, 0x0) ioctl$VT_WAITACTIVE(r6, 0x5607) ioctl$FIDEDUPERANGE(r1, 0xc0189436, &(0x7f0000001a80)={0xffffffffffff638f, 0x9, 0x4, 0x0, 0x0, [{r6, 0x0, 0x9}, {r6, 0x0, 0x402}, {r2, 0x0, 0x7}, {r1, 0x0, 0x6}]}) utimes(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={{0x0, 0x2710}, {0x77359400}}) 03:39:25 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r1, &(0x7f0000deb000)={0x2, 0x4e23, @broadcast=0xffffffff}, 0x10) setsockopt$inet_icmp_ICMP_FILTER(r1, 0x1, 0x1, &(0x7f0000000080)={0x1}, 0x4) r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x40000, 0x0) socket$inet(0x2, 0x3, 0x6) ioctl$sock_kcm_SIOCKCMUNATTACH(r2, 0x89e1, &(0x7f00000000c0)={r1}) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000100)=0x0) setpriority(0x3, r3, 0x7f) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000180)='ip6gretap0\x00', 0x10) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f00006dc000)=[{0x6, 0x0, 0x0, 0xa1}]}, 0x10) sendto$inet(r1, &(0x7f0000000140), 0x0, 0x200007ff, &(0x7f0000deaff0)={0x2, 0x4e23}, 0x10) sendto$inet(r1, &(0x7f00006fd000)="c3401c344654f3c7d9b41ba48c8e319aa4eedc3d6bd8ebd65c856a27d61154adc2b2a9763ae0001c0d32e11f38e9dd18c58f6bd779650fc30f93653bdaecf323c9f6502ceab47e58114347b289546465a5eb278de12b1989f64cc99412e36880d20c34d91051b22f6c8acc9d082b7bcdec844f667da0867d08d4154004997e317b79", 0x82, 0x0, &(0x7f0000e66000)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r2, 0x40045532, &(0x7f00000001c0)=0x1000) 03:39:25 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020000006f786e6574302d232f70726f6300") 03:39:25 executing program 0: r0 = socket$inet_udp(0x2, 0x2, 0x0) getsockopt$IP_VS_SO_GET_TIMEOUT(r0, 0x0, 0x486, &(0x7f0000000000), &(0x7f0000000040)=0xc) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) socket$key(0xf, 0x3, 0x2) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r2 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r2, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffff90ceb1113ec76cffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff000000000002004e20e00000a0ea0000000000000000000000"], 0x60}, 0x1}, 0x0) 03:39:25 executing program 7 (fault-call:0 fault-nth:61): syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f00000000c0)='./file0\x00', 0x8000, 0x1, &(0x7f0000000200)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010a0200027400f801", 0x17}], 0x0, &(0x7f00000001c0)) 03:39:25 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020000006f786e6574302d232f70726f6307") 03:39:25 executing program 5: r0 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0xa3c2, 0x208000) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000000c0)={r0, 0x50, &(0x7f0000000040)}, 0x10) r1 = msgget(0x0, 0x9) msgctl$IPC_INFO(r1, 0x3, &(0x7f0000000100)=""/243) r2 = getpgrp(0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000240)={0x0, 0x0}) sendmsg$nl_netfilter(r0, &(0x7f00000015c0)={&(0x7f0000000200)={0x10}, 0xc, &(0x7f0000001580)={&(0x7f0000000280)={0x12e4, 0x4, 0xb, 0x8, 0x70bd2a, 0x25dfdbfc, {0x5, 0x0, 0x5}, [@nested={0x168, 0x83, [@generic="61e06b571763a2c1a60e5c281eb7a908bc1307ee3560d6b605fab75d999a40b6b326f2ef380c009ba0a7e2d0e06df676772eda342125007483965646b29b83c291d24fd2bf", @typed={0xc, 0x84, @u64=0x3ff}, @generic="c59981f46124f429a6852174a549fa0234d734c476726a790bb9946bcaa298b79664fa43775bbead3466571f6241a26b735bd96fa8b1f39f8309fb4ab050db91f766cf94931e72ff0915f783", @generic="7979b0cb7ed716b9137652ff89b3eaeffb0a755680ebe67793b50d9ff1670abb8a85d4f17761fbff05ed256ceb06123a68620a978f079fba954d05ea7dd96560a77a9bab989d700fd409545f516d07328323f2e1eba90ae4f10c0af0db51e3c349d68f8fabd6743d645196b768840fe7f2a2b3fb5a1c6bc95b34484cedcd368e5212dc4cff09da7f43811341cefe10554fb2cec5a2327047cd55adcba5e5303b0bb7b1916b7f401d8b3a2f06e8115db6720bdce19f3fd7b4551fa7ca", @typed={0x8, 0x3b, @pid=r2}]}, @nested={0x150, 0x4d, [@generic="d6410df5728155ee821c600ff56138def3d6cdf7f254cd5e12bc570b81a4266e41cf359d5daaf4e791b5e0f802d798f0eb725e72310387d23cef19de174788b300f1056a0601f5a04216201635e0531017cca97d72cac556aba8b2e795b3ce44347692dc0bd02d2b0fa5c25fdbf2208e6118298ca4387a450313f2aad9dac2ebefddc79a9243d226c90951c5e85fa6b1d9cbe0837e31801ad9cc9ff5f70aa635afd08462c2dd0175eae06125d8a5", @typed={0x8, 0x66, @ipv4=@remote={0xac, 0x14, 0x14, 0xbb}}, @generic="576f691d62c49cf6d8db6f69266376198fc21c6bb58ab99d9e1ed40f75731bd9880546ffd19b0f714029c05833b1ea3ec75d8f5e5edbbad284eb5863187e98b4982acf6f33e0ecdeb04c6a967b1c1a8c7b7172c2e805dcb0752f1a72f6d885d96312aa7824cab043a88dfcfb102fa3ab4230bef0261cc2a55dedea234375dbf3d9d522a85cb96590bc597466dabb97b3628457"]}, @typed={0x8, 0x4, @pid=r3}, @generic="4be9e6269ec5535aa58618bcc9", @generic="6d6d0237fdbfa3c4345ee5071811dd36e5051de845c3db2aabbe4f2cc175a2c7b7969cb828a6b4efc8589d6c45a340d59b0d030672913bc89efae42f1321b6e2bfcb25e79805f1801cba25abd7b03752a944af7c7385770467437372c11509fd0a5e925b074f202473b42876a5660b816268aa9f051ef14dc66a979689049381281b630c2e0c06a990b9c4a6aac88808133d6b40657da18f176d508375aeebee059b1d6440be4dfcc33fc770b4abc2e1b13bd22488430419819ee5a72bb3c1a05eff08d7f2cee282f785dd98f1b2779deb4e62c140b06c2708524f6e487a79ee5238f0d9856729b72ef7e6d0d75e2dc0061f778ce70c44c86741fd483a82fd7000a0b644385a1d5edc4aad87fe99c482241862eac8b2a09bc60cf7d5f28b6f4f68e88df02435ddb941f246032db37a0cceb88c3dfa3ec7cb25a8acae83124cbe4866d25ab11b43225d52c9296489b392ed90f850f73ec7515b0edbb30cf0dac3f6e1bff480877722dd41065f629edda48f4e31b92411a0e50dd35ada4f70478eff93e8c478d2bee645d010cd455989f644051cd9f70f6e2c8136a6f7049711253df4055819f9d510f935cf151f6c87c75e6ec280db5a4d0f192ff4522a5149e1b6c0b1453f62cc095f807081b79df4ea61b732b9c23096401255e4b952c33762f64e67e059f54896f777862f5b272ac559e9b40df411e29b29f0dfecad88d45cda79164f11c16f5773e065c8f87d2a8a6dfcb0e6e7e49c4d1dcd70c94aa3f7b16c475cd7c6bb8c76bd6e68b03a8347c9c4cfc34887d897621164f36223f847182e6b1d7b21b4b0a6908fef57defd2098a72e8c70200575e9a8760f92b8484f2100f0c7f6109a02fcb04115f4c5ea27bfc913ca04b85bb122e02d6ec8d40466943b2c065960d900693eaa409f7e8f46e29c03995a56b39a5ce12a0024eefb3c49c169edb5dfe98f8ae6a7e17ea83ce9bb6aec7179dd90fd3c546da8912b29699226f0cac9d0fb7fc1c341a59ab836d2ab49605fb66430af9373f716f9864a1e1c06c5c461c6c9d927f9d6fc8e82dbcc4a9f628fcc5efb85600448fbfcde47153061764ef4cb410ea6daf0619397706a8598ad9d9e9315daf1f65888917cba1e898a76d4a3b4ca6694d3fa65627cc141e200cf099d8833e394c80cddb12bb3719a02b5a948afb08fc559f735cac050b84e38a6f70588667c18e78dd72ad9dc6e21385e72c5cb3d63523356fe0d2c7ccb743962db90a8b136c808a717087f35398fa85603ef3a9615f21426309c7b4f11344dc76a019827a52611ea58c3b2cb4d8e496f5e4b7599d6f7afaa5364aea28e2ad9babae4f3a63aeb99c25aee6f82ffe09c29e1f10055b3da7e5acd0a2f08cef9e057aaefdb71e08c941e1bf40bffc4d23f3225d8882217f56484c45c530f416321239ebb7134f55b5ea0ce002594000a3ea5bba9c5330b7e96d45d1a68650e739f23f7294f195127d5cf428ce5e151204549f3dc01601f3a7266da3f2e70a57f41bd3096d34b0a79eab7b3b825b323373167af6392d1c9db0c4f3b39d85679ca83b6c29e5a924bb9b639e4e25394ad93c74ef508c7f8bef0f84d56cfa70467dc1de9445aa9688b801fa42048b0232d38bb953aa14c3527f3377158528bc7fefe5f6b9f8bc7d1f8265608895495c367409f6b438cb549ce35b5014237c1d263f5bcd5e07e50eb837f6ebe3d0badfec38e1aa1b0cb7ef5a3ea2daeb61fd89641c9f4662e9a4db1779308ed22a20f959d0926e6b10ac9dbda1f36d4bd998451e261d6d98d7b8b227ff81f65a9b3588f5902cd0ed87ea501bfdb023f1e763c0f4f6bf7b01f983ac27060eb3e658844d2f7356469edc724ceda15697b69fbc2b88d9b81a5ff570db1f393318860608a4d8cab44061ff65fad72044fe6453593f2fdc39ac0330d5e1732ce23074b1a81ee87db41d1ab8edf683925aa18cd7b53bd19454164ed881ea2e9b44981ded28ac68ef152f18cf92410fc5e7b85069c09f1052e07c532c2d42fc9f00015238305fd6201b308b34f3b5697521e8cd24aa44d11a0e69771cbf23261b6c38c2b1c1330f49c532f9babbbb43db7d56ccb69887972fdf1f531597db4beac9144b736551226e920f855683063a48cba39899ef121c9ead090e849326e02ec098f987065d1e02bd034250315621a2ea373ca5755e6b932bd87f2cb24dfed589e5d2e8df93cefeb94d8a220eded9deebbb849949112ccd78c0f59c838055a6f33846f74fb878bcccda67d887a25a65818f6e5b370cbb0aecfe3c2902b5409d1a41de76bc994fc3c695569f8416a96c8a28122b37f8f6226fe38fafaa731900ef5eca4b25ca5de5f8e3441eee83edc5b1b23c00d423045d0af838860442f89e6162e3d2c502d293795b728c5949e0ad63f3c4ffbda7fc8e5b776a60de187104d8c026e26de52e1d8efdca038c3b1235a031a5cd3217a0c11859889441346355d5bf5b47b8cb6b12e932c977d8ea4a8f61de99743fe53108555bf831d3a298afb94448d1e6159616956141c9e9300a4b7ed4cc65a43c8c79d01b0b275ee98e188ece07f77561975d4d36e5371c1c8ca1a07547d06233b06e452c373efd26580a5dcdd5a592a2f1cf2bd3d1a22a413249143f11ef4c6dee861a65b2209abfa1dc6bdc2a93d42c9ce7ebca7616791eb300c10c294247a18fff3ec89eea3bbb1cb8107070a668676c5c790ec001fc98247f98a5ee8666bea405f048e8c4f9fdcd20ee47b834a5acedc8ad6ce79e80db733d9cd5b64d11e4ef1c3f7c8c487ddc66c2edd8a56d0ea615a09b6630486761aadba65597ec2e3f897223ddc64bedaad666cdce1ece799b06c5f031291ae5510a5b0e26191be6c92e4b8f3c6ef6bad5895a80c406d9c406054c38d080ebf74d17ca887678e316c72f94801c7df0fd0f4b667431969d98a37641acc9c5b6e292c50b6f5b84908f1c81666ca04c7d02680745c5fbe8ad218492426dca82ca45377f23bde657b4c7af419ed83a6874c90a6ff2e21dc6183c6a709b896cb5e376bc629c039881aff23fcfb8b05af7386477e43ce693f508d606a0494cc8ea9dc91589f863a519c9b79524d51d6e9b5382423f17a7dfad3e4edf6b70e06811706744635ea04ca2ef3160b7cab6e995ea53c1688d8f7b4c72e651b8a5b1961c105f2738e0fafff3ed5604c875942b15eabb80629a2a70a0bdb67c25726577ecb4dfdb709828f9cef2f17df811be28c72d6dddef7bbdf208ee2ec96c97a6f1c8b830ab82ed5e55b3c471c09450c393416f046841f08abf68e6d844e4be824a100a3c1f34fba81a0ec8a549649eab356e16eb55e8aabacaa33d6bea2f7a99261825675cf769245f602892628cf7ae560c566cddd72877f6b84dda6db5e7001a0441a4d345eed7ae736a44c8d440b6949414dd04c4e16a1b900701898d1cff95821344f11994b23e74574c8664e57573f7e7c4112fe7b6395aac6ca95450b8ff00b5a4c48b5356c9cee9ac2d6585d6a288ac201920cf3adae0771bde4893952cf00f0916d22999b8bd84147650e77e507057cb7bdf59616b966c44b2513184642d0272effffb3018f7077c5a8215cb5e3ce6b2acfc5edfd13e749fef36958ea5c747f8e11b8c41743f1ac30de5ac14234a3694977e60b603b2c26a87612fc703ebb8c0bf33e85612ab871661c7188c5895fda5027602b9c6e87863bc0f64dfc4404367f5a0f6d0d3e69a068a35bea6f81cd2fae0a7882d3b39343e97bec5d82f41f39384a86faef0e9df1509f245f37e0af150f049ca206e3c1c0dcb1a810a8c4b76a7a200344ceeac1f1392eff9bd3c02948b5c36df90aadba5dbeed8d2aff84e3d1f3344ddce1dfe224bbe482c8b1163d9c014b76d611ce20b441cc8eef29c860f6882a52467bc7ad2b6db86f8fe9c556476fd43b8cd8eb1939ab4bf9da068fe496d556432fe7b355df179877ea01fb7bf54b1f7a7daed5745e6e7cb727deccea42b25fbacab82c07fd557a9ed7f14802b19617e9af78de7257c7ba3a7323043a95dcd886960b9e108c7330d055aeceea73933595e58f6d052033bd43c80791d65d9259a9efc88b9d9e66bcdcd8d96e1be2157615ee8d9b205536321dcb07fb05d8e7dcdf5dde10fab04c2e88269199e465be575331f17d7b223f9b884800378370095fbe1e42f36e1657259b5b6689336cc904ccb0ee02c1809330d892fd56179e172b56b3f00c37e0868d67728bc5eab1af66bbcd4866bd880019548368f5318ad15f39f1be47736d4185d7f8386a163142d740f3007b37c5c43f8768e80afaa55808205e731e5fe2a0faa3511a850b25a8d3d2a7c5917920755ca406da0d55c73d0054e61a9c6f3635c6da2150688febd4bf536778bf9dc4e1deb4f1a7f139931eb9b1843b511fb9bcd6321f7b2981f153d16e9c4f71635cb2874816977ef5187292e9977500e4cbc9551af8acd5fd012c5747a702b0d59b91cf14c6354eeea9f4ce3a2c327f48503490f460ffab644e4fcee83f980a36a3265f2bf8644c26ef59fcdcb45caaefe13eb1244ed16012d498698b5b8dca7aa9d74d7297a06bc0b2c6d871d9ee58a22a23ee1b4714cb85c5a990ae2966834f205c73eaea66aaff23fb3560aadbe6580d2724788c64180b408f6d013fd480084f1eea9680bcefd59152461b0fdec16c71f4c3da5b291153af69c6022a0c2e7c1dcf2d25a2d5fd57fe59f6b0b486a7b53404f824551d17aa5612b4d766b43a50b103c3b503eab15e17162706ce2f25ea0b7d516e9db6fe39a8685a458a70558acb05b6b138ae5fc0574896015550a5517af429714a1112734037ec0f976ce95f5248807df8c59618af61e721ffd309ad2a1630a7060f37ff84c0de7eb30aa4d6100b6e0417653a414126d564f4dea996aad4f7b4d9c64ec0b924efe26b2262ca239f81792bdfa8bda42e415853e62a68e066b3254b06bb4dd628dcc7ff750eaed95c41b9224319a36da288ed8c3961339c4ee4997b844b10bd7a4e675127570897a8b06c78c4e889149f4e8c443343965f74b945fd09f05c9e951ef60a119f4200a1cc55d8b141b06adbc079f237430e03ab379fb068c0af066415c4f91b442fb54e597c8d4b4ea27bb64ca596ad28a79236dbbcee6e01e2a1ef571b064a66ebae4b04ba56a8b1a492b188b9b9a8d0372bc6a807cbbeb985692a1b3dc7e6c9c5c7d699304b5867d9b1418cd32933dc20941922a2cd615482ec6eb44f99bf71ce8f09cb214ff848ca1d3d7262ba052a5e92e63d8e8041e62b94129572b466410549311c0d4b58bb67324b0d86586c072d9378b97a2500dca9eafc76e95b03bbc6fab07a7a5a99f46441a46308f97ebd5ee26a51a1b9cda767f23c8bc8869770055afb7adcfec8aa3b6aba5703c3fc16384749ccfe3dd8d7bd217d2aa9190eadec6eace651e568caa3237707f8e462b4c965efbd146aa3370659fb8aeae07587646a769521065b67e3ab3cc5bfa0e0735157d9c6e6e0a5568f32e9b78b7a16b677c57ccd5b78de439234e80b66fac8b7d8e0722560e468fb610e58b3b3c6e724ee0658eb4bddc915b8df5fdbcfc46e9cfecabffbee4e6302beec6618f28864848d2358cf268c7fc06c981474837ebfaa7d4be07769d84e31f1327883fcd30f8ff6634897753cdf013d732a14eac259b7bcfa72a2671f5dcbfc9f1f5ba5f341cb5a7614f5b240bc198c0ad11d75bd65b1e5dd2b578089929979251f2316139e54cd69516e6906f30ee88ec8a07fa72f2e1bd952b053a24d886360599dc22626c639d8c8c2f8dd"]}, 0x12e4}, 0x1, 0x0, 0x0, 0x8050}, 0x1) ioctl$TIOCLINUX3(r0, 0x541c, &(0x7f0000001600)=0x3) fchmod(r0, 0x100) r4 = add_key$keyring(&(0x7f0000001640)='keyring\x00', &(0x7f0000001680)={0x73, 0x79, 0x7a, 0x0}, 0x0, 0x0, 0xfffffffffffffffc) r5 = request_key(&(0x7f00000016c0)='keyring\x00', &(0x7f0000001700)={0x73, 0x79, 0x7a, 0x3}, &(0x7f0000001740)='/dev/dsp#\x00', 0xfffffffffffffffe) keyctl$link(0x8, r4, r5) timerfd_gettime(r0, &(0x7f0000001780)) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000001800)={{{@in6=@mcast1, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@rand_addr}, 0x0, @in=@dev}}, &(0x7f0000001900)=0xe8) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000001940)={0x0, 0x0, 0x0}, &(0x7f0000001980)=0xc) fchownat(r0, &(0x7f00000017c0)='./file0\x00', r6, r7, 0x100) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f00000019c0)={0x0, 0xffffffffe569781b}, &(0x7f0000001a00)=0x8) getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000001a40)={r8, 0x7f}, &(0x7f0000001a80)=0x8) setsockopt$inet6_MRT6_DEL_MFC(r0, 0x29, 0xcd, &(0x7f0000001ac0)={{0xa, 0x4e24, 0x8, @mcast1={0xff, 0x1, [], 0x1}, 0xc4}, {0xa, 0x4e21, 0x7, @mcast1={0xff, 0x1, [], 0x1}, 0x9}, 0x98e, [0x5, 0x1f, 0xfffffffffffffffe, 0xf6, 0x8, 0x4000000000000000, 0x4, 0x20000000]}, 0x5c) ioctl$KVM_ASSIGN_SET_INTX_MASK(r0, 0x4040aea4, &(0x7f0000001b40)={0x20, 0x10000, 0x7, 0x1, 0xbb84}) ioctl$KVM_S390_UCAS_UNMAP(r0, 0x4018ae51, &(0x7f0000001b80)={0x9, 0xcd, 0x20}) r9 = msgget(0x1, 0x462) ioctl$KVM_SET_VCPU_EVENTS(r0, 0x4040aea0, &(0x7f0000001bc0)={0x5, 0x80000001, 0x7, 0x0, 0x3, 0x10000, 0x8, 0x800, 0x8001, 0x800000000, 0x2, 0x4, 0x0, 0x7, 0xffffffffffff1cb2, 0x9, 0x4, 0x100000000, 0x9}) msgctl$MSG_STAT(r9, 0xb, &(0x7f0000001c00)=""/146) getsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f0000001cc0), &(0x7f0000001d00)=0x4) ioctl$TUNDETACHFILTER(r0, 0x401054d6, 0x0) mq_timedreceive(r0, &(0x7f0000001d40)=""/198, 0xc6, 0x10000, &(0x7f0000001e40)) ioctl$sock_inet6_tcp_SIOCATMARK(r0, 0x8905, &(0x7f0000001e80)) getsockopt$IP_VS_SO_GET_SERVICE(r0, 0x0, 0x483, &(0x7f0000001ec0), &(0x7f0000001f40)=0x68) ioctl$sock_proto_private(r0, 0x89ea, &(0x7f0000001f80)="9837b8b789b98b174f1719b6e8efd4534adddcf3c49420b0af4005516241e01dfcf99bbb9e6954fc7153b5e45efc5bb9dd288344736c1451565cbef6d6ba48e8297ccdc44e3c373994ecc2a44e7528cfeefb580119f22b8b0b440bcba4") 03:39:25 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8915, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = eventfd(0x2) ioctl$KVM_IRQFD(r2, 0x4020ae76, &(0x7f00000015c0)={r3}) dup2(r2, r3) 03:39:25 executing program 0: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) r1 = socket$key(0xf, 0x3, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") ioctl$sock_SIOCSIFBR(r1, 0x8941, &(0x7f0000000080)=@generic={0x1, 0x3, 0x20}) r2 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r2, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f36000)={&(0x7f0000333f88)=ANY=[@ANYBLOB="020200090c000000ffffffffffffffff02001300020000000000fcffffff0000030006000000000002004e20e0000001000000000000002402000100f8ffffff0000000200000000030005000000000002004e20e00000a0ea863accd2ce5ea2"], 0x60}, 0x1}, 0x0) 03:39:25 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r1, &(0x7f0000deb000)={0x2, 0x4e23, @broadcast=0xffffffff}, 0x10) setsockopt$inet_icmp_ICMP_FILTER(r1, 0x1, 0x1, &(0x7f0000000080)={0x1}, 0x4) r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x40000, 0x0) socket$inet(0x2, 0x3, 0x6) ioctl$sock_kcm_SIOCKCMUNATTACH(r2, 0x89e1, &(0x7f00000000c0)={r1}) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000100)=0x0) setpriority(0x3, r3, 0x7f) setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000180)='ip6gretap0\x00', 0x10) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f00006dc000)=[{0x6, 0x0, 0x0, 0xa1}]}, 0x10) sendto$inet(r1, &(0x7f0000000140), 0x0, 0x200007ff, &(0x7f0000deaff0)={0x2, 0x4e23}, 0x10) sendto$inet(r1, &(0x7f00006fd000)="c3401c344654f3c7d9b41ba48c8e319aa4eedc3d6bd8ebd65c856a27d61154adc2b2a9763ae0001c0d32e11f38e9dd18c58f6bd779650fc30f93653bdaecf323c9f6502ceab47e58114347b289546465a5eb278de12b1989f64cc99412e36880d20c34d91051b22f6c8acc9d082b7bcdec844f667da0867d08d4154004997e317b79", 0x82, 0x0, &(0x7f0000e66000)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) 03:39:25 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs(&(0x7f0000000000)='nfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)="020000006f786e6574302d232f70726f6300") [ 872.832302] FAULT_INJECTION: forcing a failure. [ 872.832302] name failslab, interval 1, probability 0, space 0, times 0 [ 872.842476] ================================================================== [ 872.843640] CPU: 0 PID: 15818 Comm: syz-executor7 Not tainted 4.18.0-rc3-next-20180709+ #2 [ 872.851523] BUG: KASAN: use-after-free in irq_bypass_register_consumer+0x51e/0x550 [ 872.860004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 872.867728] Write of size 8 at addr ffff8801a95d5668 by task syz-executor3/15812 [ 872.877088] Call Trace: [ 872.884705] [ 872.887288] dump_stack+0x1c9/0x2b4 [ 872.892515] ? dump_stack_print_info.cold.2+0x52/0x52 [ 872.897715] should_fail.cold.4+0xa/0x11 [ 872.901770] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 872.906960] ? save_stack+0xa9/0xd0 [ 872.910612] ? save_stack+0x43/0xd0 [ 872.914245] ? kasan_kmalloc+0xc4/0xe0 [ 872.918121] ? __kmalloc+0x14e/0x760 [ 872.921912] ? __list_lru_init+0x151/0x840 [ 872.926148] ? alloc_super+0x9a6/0xb10 [ 872.930024] ? sget_userns+0x276/0x860 [ 872.933904] ? sget+0x10b/0x150 [ 872.937792] ? mount_bdev+0x115/0x3e0 [ 872.941599] ? msdos_mount+0x3c/0x50 [ 872.945303] ? legacy_get_tree+0x118/0x440 [ 872.949533] ? vfs_get_tree+0x1cb/0x5c0 [ 872.953549] ? do_mount+0x6c1/0x1fb0 [ 872.957257] ? ksys_mount+0x12d/0x140 [ 872.961144] ? __x64_sys_mount+0xbe/0x150 [ 872.965285] ? do_syscall_64+0x1b9/0x820 [ 872.969341] ? lock_acquire+0x1e4/0x540 [ 872.973318] ? fs_reclaim_acquire+0x20/0x20 [ 872.977645] ? lock_downgrade+0x8f0/0x8f0 [ 872.981787] ? check_same_owner+0x340/0x340 [ 872.986099] ? rcu_note_context_switch+0x730/0x730 [ 872.991106] __should_failslab+0x124/0x180 [ 872.995336] should_failslab+0x9/0x14 [ 872.999227] kmem_cache_alloc_node_trace+0x26f/0x770 [ 873.004321] ? kasan_kmalloc+0xc4/0xe0 [ 873.008204] __kmalloc_node+0x33/0x70 [ 873.012027] kvmalloc_node+0x65/0xf0 [ 873.015743] __list_lru_init+0x5d9/0x840 [ 873.019792] ? up_write+0x7b/0x220 [ 873.023328] ? list_lru_destroy+0x500/0x500 [ 873.027727] ? prealloc_shrinker+0x124/0x450 [ 873.032302] ? prealloc_shrinker+0x21c/0x450 [ 873.036700] ? inactive_list_is_low+0x850/0x850 [ 873.041360] ? __lockdep_init_map+0x105/0x590 [ 873.045860] alloc_super+0x9a6/0xb10 [ 873.050005] ? destroy_unused_super.part.11+0x110/0x110 [ 873.055375] ? lock_downgrade+0x8f0/0x8f0 [ 873.059614] ? kasan_check_read+0x11/0x20 [ 873.063774] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 873.068436] ? kasan_check_write+0x14/0x20 [ 873.072672] ? do_raw_spin_lock+0xc1/0x200 [ 873.076931] sget_userns+0x276/0x860 [ 873.080644] ? kill_litter_super+0x60/0x60 [ 873.084897] ? test_single_super+0x10/0x10 [ 873.089128] ? vfs_get_super+0x270/0x270 [ 873.093207] ? kasan_check_read+0x11/0x20 [ 873.097346] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 873.102008] ? kasan_check_write+0x14/0x20 [ 873.106255] ? do_raw_spin_lock+0xc1/0x200 [ 873.111122] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 873.116660] ? ns_capable_common+0x13f/0x170 [ 873.121060] ? kill_litter_super+0x60/0x60 [ 873.125284] sget+0x10b/0x150 [ 873.128398] ? test_single_super+0x10/0x10 [ 873.132643] mount_bdev+0x115/0x3e0 [ 873.136270] ? msdos_mount+0x50/0x50 [ 873.139992] msdos_mount+0x3c/0x50 [ 873.143530] ? setup+0xe0/0xe0 [ 873.146729] legacy_get_tree+0x118/0x440 [ 873.150801] vfs_get_tree+0x1cb/0x5c0 [ 873.155199] ? vfs_set_fs_source+0x12c/0x180 [ 873.160051] do_mount+0x6c1/0x1fb0 [ 873.163592] ? check_same_owner+0x340/0x340 [ 873.167903] ? lock_release+0xa30/0xa30 [ 873.171893] ? copy_mount_string+0x40/0x40 [ 873.176128] ? kasan_kmalloc+0xc4/0xe0 [ 873.180018] ? kmem_cache_alloc_trace+0x318/0x780 [ 873.184859] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 873.190389] ? _copy_from_user+0xdf/0x150 [ 873.194541] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 873.200264] ? copy_mount_options+0x285/0x380 [ 873.204771] ksys_mount+0x12d/0x140 [ 873.208388] __x64_sys_mount+0xbe/0x150 [ 873.212355] do_syscall_64+0x1b9/0x820 [ 873.216231] ? finish_task_switch+0x1d3/0x870 [ 873.220727] ? syscall_return_slowpath+0x5e0/0x5e0 [ 873.225647] ? syscall_return_slowpath+0x31d/0x5e0 [ 873.230567] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 873.235574] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 873.241204] ? prepare_exit_to_usermode+0x291/0x3b0 [ 873.246209] ? perf_trace_sys_enter+0xb10/0xb10 [ 873.250870] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 873.255707] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 873.260883] RIP: 0033:0x45885a [ 873.264056] Code: b8 a6 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 dd 8f fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ba 8f fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 873.283367] RSP: 002b:00007f413f26ea88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 [ 873.291207] RAX: ffffffffffffffda RBX: 00007f413f26eb30 RCX: 000000000045885a [ 873.298705] RDX: 00007f413f26ead0 RSI: 00000000200000c0 RDI: 00007f413f26eaf0 [ 873.305975] RBP: 00000000200000c0 R08: 00007f413f26eb30 R09: 00007f413f26ead0 [ 873.313240] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000014 [ 873.320517] R13: 0000000000000000 R14: 00000000004d3f40 R15: 000000000000003d [ 873.327802] CPU: 1 PID: 15812 Comm: syz-executor3 Not tainted 4.18.0-rc3-next-20180709+ #2 [ 873.336209] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 873.345659] Call Trace: [ 873.348273] dump_stack+0x1c9/0x2b4 [ 873.352030] ? dump_stack_print_info.cold.2+0x52/0x52 [ 873.357216] ? printk+0xa7/0xcf [ 873.360495] ? kmsg_dump_rewind_nolock+0xe4/0xe4 [ 873.365272] ? irq_bypass_register_consumer+0x51e/0x550 [ 873.370650] print_address_description+0x6c/0x20b [ 873.375814] ? irq_bypass_register_consumer+0x51e/0x550 [ 873.381266] kasan_report.cold.7+0x242/0x30d [ 873.385677] __asan_report_store8_noabort+0x17/0x20 [ 873.390797] irq_bypass_register_consumer+0x51e/0x550 [ 873.396074] ? __disconnect+0x1b0/0x1b0 [ 873.400068] kvm_irqfd+0x198e/0x1ef0 [ 873.403788] ? check_same_owner+0x340/0x340 [ 873.408118] ? do_raw_spin_unlock+0xa7/0x2f0 [ 873.412545] ? kvm_eventfd_init+0x2c0/0x2c0 [ 873.416869] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 873.422431] ? futex_wait_queue_me+0x553/0x830 [ 873.427192] ? refill_pi_state_cache.part.8+0x320/0x320 [ 873.432560] ? kasan_check_write+0x14/0x20 [ 873.437006] ? do_raw_spin_lock+0xc1/0x200 [ 873.441355] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 873.446984] ? lock_acquire+0x1e4/0x540 [ 873.450957] ? __might_fault+0x12b/0x1e0 [ 873.455037] ? lock_downgrade+0x8f0/0x8f0 [ 873.459197] ? lock_release+0xa30/0xa30 [ 873.463179] ? check_same_owner+0x340/0x340 [ 873.467499] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 873.472692] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 873.478256] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 873.483787] ? _copy_from_user+0xdf/0x150 [ 873.487933] kvm_vm_ioctl+0xf80/0x1d80 [ 873.491830] ? drop_futex_key_refs.isra.14+0x6d/0xe0 [ 873.497186] ? futex_wake+0x304/0x760 [ 873.500976] ? kvm_set_memory_region+0x50/0x50 [ 873.505559] ? kvm_dev_ioctl+0x18a/0x1b10 [ 873.510134] ? do_futex+0x249/0x27d0 [ 873.513853] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 873.519139] ? exit_robust_list+0x290/0x290 [ 873.523463] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 873.529012] ? lock_acquire+0x1e4/0x540 [ 873.532977] ? __fget+0x4ac/0x740 [ 873.536438] ? lock_downgrade+0x8f0/0x8f0 [ 873.540573] ? compat_ifr_data_ioctl+0x170/0x170 [ 873.545325] ? lock_release+0xa30/0xa30 [ 873.549290] ? kasan_kmalloc+0xc4/0xe0 [ 873.553184] ? __fget+0x4d5/0x740 [ 873.556729] ? ksys_dup3+0x690/0x690 [ 873.560454] ? __fd_install+0x2db/0x880 [ 873.564964] ? kvm_set_memory_region+0x50/0x50 [ 873.570160] do_vfs_ioctl+0x1de/0x1720 [ 873.574300] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 873.579838] ? alloc_file+0x49/0x3e0 [ 873.583545] ? ioctl_preallocate+0x300/0x300 [ 873.587941] ? __fget_light+0x2f7/0x440 [ 873.591907] ? fget_raw+0x20/0x20 [ 873.595448] ? get_unused_fd_flags+0x122/0x1a0 [ 873.600029] ? __alloc_fd+0x710/0x710 [ 873.603836] ? __x64_sys_futex+0x47f/0x6a0 [ 873.608064] ? fd_install+0x4d/0x60 [ 873.611698] ? do_futex+0x27d0/0x27d0 [ 873.616653] ? security_file_ioctl+0x94/0xc0 [ 873.621084] ksys_ioctl+0xa9/0xd0 [ 873.624542] __x64_sys_ioctl+0x73/0xb0 [ 873.628438] do_syscall_64+0x1b9/0x820 [ 873.632315] ? finish_task_switch+0x1d3/0x870 [ 873.636816] ? syscall_return_slowpath+0x5e0/0x5e0 [ 873.641753] ? syscall_return_slowpath+0x31d/0x5e0 [ 873.646680] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 873.651817] ? prepare_exit_to_usermode+0x291/0x3b0 [ 873.656822] ? perf_trace_sys_enter+0xb10/0xb10 [ 873.661494] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 873.666344] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 873.671533] RIP: 0033:0x455e29 [ 873.674721] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 873.694526] RSP: 002b:00007fa08c1f8c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 873.702238] RAX: ffffffffffffffda RBX: 00007fa08c1f96d4 RCX: 0000000000455e29 [ 873.709504] RDX: 00000000200015c0 RSI: 000000004020ae76 RDI: 0000000000000019 [ 873.716781] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 873.724051] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 873.731774] R13: 00000000004bdf94 R14: 00000000004cc800 R15: 0000000000000000 [ 873.739042] [ 873.740684] Allocated by task 15812: [ 873.744411] save_stack+0x43/0xd0 [ 873.747866] kasan_kmalloc+0xc4/0xe0 [ 873.751585] kmem_cache_alloc_trace+0x152/0x780 [ 873.756253] kvm_irqfd+0x18f/0x1ef0 [ 873.759880] kvm_vm_ioctl+0xf80/0x1d80 [ 873.763769] do_vfs_ioctl+0x1de/0x1720 [ 873.767640] ksys_ioctl+0xa9/0xd0 [ 873.771602] __x64_sys_ioctl+0x73/0xb0 [ 873.775489] do_syscall_64+0x1b9/0x820 [ 873.779383] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 873.784581] [ 873.786285] Freed by task 2006: [ 873.789735] save_stack+0x43/0xd0 [ 873.793205] __kasan_slab_free+0x11a/0x170 [ 873.797432] kasan_slab_free+0xe/0x10 [ 873.801400] kfree+0xd9/0x260 [ 873.804738] irqfd_shutdown+0x144/0x1c0 [ 873.808985] process_one_work+0xc73/0x1ba0 [ 873.813387] worker_thread+0x189/0x13c0 [ 873.817351] kthread+0x345/0x410 [ 873.820904] ret_from_fork+0x3a/0x50 [ 873.824712] [ 873.826330] The buggy address belongs to the object at ffff8801a95d5500 [ 873.826330] which belongs to the cache kmalloc-512 of size 512 [ 873.840475] The buggy address is located 360 bytes inside of [ 873.840475] 512-byte region [ffff8801a95d5500, ffff8801a95d5700) [ 873.852513] The buggy address belongs to the page: [ 873.857799] page:ffffea0006a57540 count:1 mapcount:0 mapping:ffff8801da800940 index:0x0 [ 873.866222] flags: 0x2fffc0000000100(slab) [ 873.870464] raw: 02fffc0000000100 ffffea0006b611c8 ffffea0006799708 ffff8801da800940 [ 873.878465] raw: 0000000000000000 ffff8801a95d5000 0000000100000006 0000000000000000 [ 873.886967] page dumped because: kasan: bad access detected [ 873.892758] [ 873.894372] Memory state around the buggy address: [ 873.899596] ffff8801a95d5500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 873.906947] ffff8801a95d5580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 873.914504] >ffff8801a95d5600: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 873.921863] ^ [ 873.928602] ffff8801a95d5680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 873.936232] ffff8801a95d5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 873.943575] ================================================================== [ 873.951367] Kernel panic - not syncing: panic_on_warn set ... [ 873.951367] [ 873.958762] CPU: 1 PID: 15812 Comm: syz-executor3 Tainted: G B 4.18.0-rc3-next-20180709+ #2 [ 873.969102] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 873.978463] Call Trace: [ 873.981062] dump_stack+0x1c9/0x2b4 [ 873.984699] ? dump_stack_print_info.cold.2+0x52/0x52 [ 873.989906] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 873.994690] panic+0x238/0x4e7 [ 873.997889] ? add_taint.cold.5+0x16/0x16 [ 874.002041] ? do_raw_spin_unlock+0xa7/0x2f0 [ 874.006452] ? do_raw_spin_unlock+0xa7/0x2f0 [ 874.010963] ? irq_bypass_register_consumer+0x51e/0x550 [ 874.017035] kasan_end_report+0x47/0x4f [ 874.021018] kasan_report.cold.7+0x76/0x30d [ 874.025359] __asan_report_store8_noabort+0x17/0x20 [ 874.030411] irq_bypass_register_consumer+0x51e/0x550 [ 874.035610] ? __disconnect+0x1b0/0x1b0 [ 874.039600] kvm_irqfd+0x198e/0x1ef0 [ 874.043338] ? check_same_owner+0x340/0x340 [ 874.047685] ? do_raw_spin_unlock+0xa7/0x2f0 [ 874.052468] ? kvm_eventfd_init+0x2c0/0x2c0 [ 874.057526] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 874.063100] ? futex_wait_queue_me+0x553/0x830 [ 874.067846] ? refill_pi_state_cache.part.8+0x320/0x320 [ 874.073316] ? kasan_check_write+0x14/0x20 [ 874.077563] ? do_raw_spin_lock+0xc1/0x200 [ 874.081800] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 874.087338] ? lock_acquire+0x1e4/0x540 [ 874.091321] ? __might_fault+0x12b/0x1e0 [ 874.095488] ? lock_downgrade+0x8f0/0x8f0 [ 874.099642] ? lock_release+0xa30/0xa30 [ 874.103635] ? check_same_owner+0x340/0x340 [ 874.107947] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 874.113135] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 874.118842] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 874.124462] ? _copy_from_user+0xdf/0x150 [ 874.128606] kvm_vm_ioctl+0xf80/0x1d80 [ 874.132480] ? drop_futex_key_refs.isra.14+0x6d/0xe0 [ 874.137577] ? futex_wake+0x304/0x760 [ 874.141391] ? kvm_set_memory_region+0x50/0x50 [ 874.146419] ? kvm_dev_ioctl+0x18a/0x1b10 [ 874.150567] ? do_futex+0x249/0x27d0 [ 874.154270] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 874.159462] ? exit_robust_list+0x290/0x290 [ 874.163791] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 874.169342] ? lock_acquire+0x1e4/0x540 [ 874.173319] ? __fget+0x4ac/0x740 [ 874.176770] ? lock_downgrade+0x8f0/0x8f0 [ 874.180918] ? compat_ifr_data_ioctl+0x170/0x170 [ 874.185674] ? lock_release+0xa30/0xa30 [ 874.189637] ? kasan_kmalloc+0xc4/0xe0 [ 874.193515] ? __fget+0x4d5/0x740 [ 874.196979] ? ksys_dup3+0x690/0x690 [ 874.200858] ? __fd_install+0x2db/0x880 [ 874.204909] ? kvm_set_memory_region+0x50/0x50 [ 874.209485] do_vfs_ioctl+0x1de/0x1720 [ 874.213373] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 874.219016] ? alloc_file+0x49/0x3e0 [ 874.222736] ? ioctl_preallocate+0x300/0x300 [ 874.227131] ? __fget_light+0x2f7/0x440 [ 874.231187] ? fget_raw+0x20/0x20 [ 874.234714] ? get_unused_fd_flags+0x122/0x1a0 [ 874.239281] ? __alloc_fd+0x710/0x710 [ 874.243082] ? __x64_sys_futex+0x47f/0x6a0 [ 874.247302] ? fd_install+0x4d/0x60 [ 874.250929] ? do_futex+0x27d0/0x27d0 [ 874.254782] ? security_file_ioctl+0x94/0xc0 [ 874.259178] ksys_ioctl+0xa9/0xd0 [ 874.262631] __x64_sys_ioctl+0x73/0xb0 [ 874.266520] do_syscall_64+0x1b9/0x820 [ 874.270397] ? finish_task_switch+0x1d3/0x870 [ 874.274881] ? syscall_return_slowpath+0x5e0/0x5e0 [ 874.279819] ? syscall_return_slowpath+0x31d/0x5e0 [ 874.284822] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 874.289829] ? prepare_exit_to_usermode+0x291/0x3b0 [ 874.294849] ? perf_trace_sys_enter+0xb10/0xb10 [ 874.299522] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 874.304373] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 874.309547] RIP: 0033:0x455e29 [ 874.312823] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 874.332112] RSP: 002b:00007fa08c1f8c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 874.339856] RAX: ffffffffffffffda RBX: 00007fa08c1f96d4 RCX: 0000000000455e29 [ 874.347125] RDX: 00000000200015c0 RSI: 000000004020ae76 RDI: 0000000000000019 [ 874.354394] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 874.361670] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 874.368939] R13: 00000000004bdf94 R14: 00000000004cc800 R15: 0000000000000000 [ 874.376850] Dumping ftrace buffer: [ 874.380373] (ftrace buffer empty) [ 874.384064] Kernel Offset: disabled [ 874.387688] Rebooting in 86400 seconds..