[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [ 58.468515][ T26] audit: type=1800 audit(1562192708.114:25): pid=8632 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0 [ 58.516978][ T26] audit: type=1800 audit(1562192708.114:26): pid=8632 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 58.565396][ T26] audit: type=1800 audit(1562192708.124:27): pid=8632 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.183' (ECDSA) to the list of known hosts. 2019/07/03 22:25:19 fuzzer started 2019/07/03 22:25:23 dialing manager at 10.128.0.26:39581 2019/07/03 22:25:23 syscalls: 2465 2019/07/03 22:25:23 code coverage: enabled 2019/07/03 22:25:23 comparison tracing: enabled 2019/07/03 22:25:23 extra coverage: extra coverage is not supported by the kernel 2019/07/03 22:25:23 setuid sandbox: enabled 2019/07/03 22:25:23 namespace sandbox: enabled 2019/07/03 22:25:23 Android sandbox: /sys/fs/selinux/policy does not exist 2019/07/03 22:25:23 fault injection: enabled 2019/07/03 22:25:23 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2019/07/03 22:25:23 net packet injection: enabled 2019/07/03 22:25:23 net device setup: enabled 22:26:48 executing program 0: syzkaller login: [ 159.422843][ T8800] IPVS: ftp: loaded support on port[0] = 21 22:26:49 executing program 1: creat(&(0x7f00000001c0)='./bus\x00', 0x0) creat(&(0x7f0000000000)='./bus\x00', 0x0) [ 159.534917][ T8800] chnl_net:caif_netlink_parms(): no params data found [ 159.629735][ T8800] bridge0: port 1(bridge_slave_0) entered blocking state [ 159.638703][ T8800] bridge0: port 1(bridge_slave_0) entered disabled state [ 159.648239][ T8800] device bridge_slave_0 entered promiscuous mode [ 159.656785][ T8800] bridge0: port 2(bridge_slave_1) entered blocking state [ 159.665673][ T8800] bridge0: port 2(bridge_slave_1) entered disabled state [ 159.674286][ T8800] device bridge_slave_1 entered promiscuous mode [ 159.701370][ T8800] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 159.714392][ T8800] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link 22:26:49 executing program 2: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0xffffffffffffffff) mount(&(0x7f0000000000), &(0x7f0000000240)='./file0\x00', 0x0, 0x1000, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x200c024, &(0x7f0000000140)={[{@data_err_ignore='data_err=ignore'}]}) [ 159.754527][ T8804] IPVS: ftp: loaded support on port[0] = 21 [ 159.772154][ T8800] team0: Port device team_slave_0 added [ 159.785773][ T8800] team0: Port device team_slave_1 added [ 159.890045][ T8800] device hsr_slave_0 entered promiscuous mode [ 159.927780][ T8800] device hsr_slave_1 entered promiscuous mode 22:26:49 executing program 3: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0xffffffffffffffff) mount(&(0x7f0000000000), &(0x7f0000000240)='./file0\x00', 0x0, 0x1000, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x200c024, &(0x7f0000000080)={[{@max_dir_size_kb={'max_dir_size_kb'}}]}) [ 160.026055][ T8806] IPVS: ftp: loaded support on port[0] = 21 [ 160.073973][ T8800] bridge0: port 2(bridge_slave_1) entered blocking state [ 160.081437][ T8800] bridge0: port 2(bridge_slave_1) entered forwarding state [ 160.089675][ T8800] bridge0: port 1(bridge_slave_0) entered blocking state [ 160.096955][ T8800] bridge0: port 1(bridge_slave_0) entered forwarding state 22:26:49 executing program 4: perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) seccomp(0x1, 0x0, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0xffffff7f7ffffffe}]}) [ 160.313826][ T8806] chnl_net:caif_netlink_parms(): no params data found [ 160.399054][ T8810] IPVS: ftp: loaded support on port[0] = 21 [ 160.400631][ T8804] chnl_net:caif_netlink_parms(): no params data found [ 160.431095][ T8806] bridge0: port 1(bridge_slave_0) entered blocking state [ 160.439356][ T8806] bridge0: port 1(bridge_slave_0) entered disabled state [ 160.452509][ T8806] device bridge_slave_0 entered promiscuous mode [ 160.462779][ T8806] bridge0: port 2(bridge_slave_1) entered blocking state [ 160.472404][ T8806] bridge0: port 2(bridge_slave_1) entered disabled state [ 160.480782][ T8806] device bridge_slave_1 entered promiscuous mode [ 160.523035][ T8813] IPVS: ftp: loaded support on port[0] = 21 [ 160.551904][ T8800] 8021q: adding VLAN 0 to HW filter on device bond0 22:26:50 executing program 5: perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x800000000000012, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_emit_ethernet(0x7a, &(0x7f0000000000)={@broadcast, @broadcast, [], {@ipv6={0x86dd, {0x0, 0x6, "5a34d5", 0x44, 0x0, 0x0, @mcast2, @empty, {[], @gre}}}}}, 0x0) [ 160.573066][ T17] bridge0: port 1(bridge_slave_0) entered disabled state [ 160.595986][ T17] bridge0: port 2(bridge_slave_1) entered disabled state [ 160.609183][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 160.634047][ T8806] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 160.650979][ T8806] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 160.711755][ T8800] 8021q: adding VLAN 0 to HW filter on device team0 [ 160.734670][ T8806] team0: Port device team_slave_0 added [ 160.742365][ T2994] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 160.751170][ T2994] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 160.764889][ T8804] bridge0: port 1(bridge_slave_0) entered blocking state [ 160.772267][ T8804] bridge0: port 1(bridge_slave_0) entered disabled state [ 160.780611][ T8804] device bridge_slave_0 entered promiscuous mode [ 160.789694][ T8804] bridge0: port 2(bridge_slave_1) entered blocking state [ 160.796771][ T8804] bridge0: port 2(bridge_slave_1) entered disabled state [ 160.806608][ T8804] device bridge_slave_1 entered promiscuous mode [ 160.823392][ T8806] team0: Port device team_slave_1 added [ 160.835285][ T2994] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 160.844386][ T2994] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 160.853046][ T2994] bridge0: port 1(bridge_slave_0) entered blocking state [ 160.860545][ T2994] bridge0: port 1(bridge_slave_0) entered forwarding state [ 160.883776][ T2994] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 160.893507][ T2994] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 160.904068][ T2994] bridge0: port 2(bridge_slave_1) entered blocking state [ 160.911185][ T2994] bridge0: port 2(bridge_slave_1) entered forwarding state [ 160.919571][ T2994] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 160.943549][ T8816] IPVS: ftp: loaded support on port[0] = 21 [ 160.962195][ T8804] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 160.974573][ T8804] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 161.040281][ T8806] device hsr_slave_0 entered promiscuous mode [ 161.098112][ T8806] device hsr_slave_1 entered promiscuous mode [ 161.192069][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 161.201424][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 161.210816][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 161.219993][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 161.259452][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 161.268893][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 161.279150][ T8804] team0: Port device team_slave_0 added [ 161.297874][ T8810] chnl_net:caif_netlink_parms(): no params data found [ 161.311879][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 161.321096][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 161.332370][ T8804] team0: Port device team_slave_1 added [ 161.439977][ T8804] device hsr_slave_0 entered promiscuous mode [ 161.478872][ T8804] device hsr_slave_1 entered promiscuous mode [ 161.531981][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 161.540378][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 161.550537][ T8813] chnl_net:caif_netlink_parms(): no params data found [ 161.593179][ T8810] bridge0: port 1(bridge_slave_0) entered blocking state [ 161.601349][ T8810] bridge0: port 1(bridge_slave_0) entered disabled state [ 161.609237][ T8810] device bridge_slave_0 entered promiscuous mode [ 161.655441][ T8810] bridge0: port 2(bridge_slave_1) entered blocking state [ 161.662968][ T8810] bridge0: port 2(bridge_slave_1) entered disabled state [ 161.671355][ T8810] device bridge_slave_1 entered promiscuous mode [ 161.692133][ T8810] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 161.717525][ T8813] bridge0: port 1(bridge_slave_0) entered blocking state [ 161.724692][ T8813] bridge0: port 1(bridge_slave_0) entered disabled state [ 161.735358][ T8813] device bridge_slave_0 entered promiscuous mode [ 161.744063][ T8813] bridge0: port 2(bridge_slave_1) entered blocking state [ 161.752566][ T8813] bridge0: port 2(bridge_slave_1) entered disabled state [ 161.760459][ T8813] device bridge_slave_1 entered promiscuous mode [ 161.774034][ T8810] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 161.811324][ T8800] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 161.820276][ T8816] chnl_net:caif_netlink_parms(): no params data found [ 161.836126][ T8806] 8021q: adding VLAN 0 to HW filter on device bond0 [ 161.860535][ T8810] team0: Port device team_slave_0 added [ 161.885748][ T8806] 8021q: adding VLAN 0 to HW filter on device team0 [ 161.895081][ T8810] team0: Port device team_slave_1 added [ 161.903177][ T8813] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 161.914267][ T8813] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 161.935558][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 161.943846][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 162.000238][ T8810] device hsr_slave_0 entered promiscuous mode [ 162.017480][ T8810] device hsr_slave_1 entered promiscuous mode [ 162.089097][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 162.098029][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 162.106713][ T17] bridge0: port 1(bridge_slave_0) entered blocking state [ 162.114231][ T17] bridge0: port 1(bridge_slave_0) entered forwarding state [ 162.122306][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 162.131021][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 162.139675][ T17] bridge0: port 2(bridge_slave_1) entered blocking state [ 162.146847][ T17] bridge0: port 2(bridge_slave_1) entered forwarding state [ 162.154752][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 162.165140][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 162.174441][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready 22:26:51 executing program 0: [ 162.205508][ T8813] team0: Port device team_slave_0 added 22:26:51 executing program 0: mknod$loop(&(0x7f0000000700)='./file0\x00', 0x0, 0xffffffffffffffff) mount(&(0x7f0000000040)=@filename='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='gfs2meta\x00', 0x0, 0x0) 22:26:51 executing program 0: syz_emit_ethernet(0x3e, &(0x7f0000000500)=ANY=[@ANYBLOB="0180c20000000180c200000086dd60093a0600083a00fe800000000000000000000000bbff020000fffffffffffffff20000008100000000000890780000"], 0x0) [ 162.291568][ T2994] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 162.305866][ T2994] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 162.323886][ T8829] gfs2: gfs2 mount does not exist [ 162.330845][ T2994] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready 22:26:52 executing program 0: perf_event_open$cgroup(&(0x7f0000000000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x0, 0x1}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) [ 162.356789][ T2994] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 162.383158][ T2994] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready 22:26:52 executing program 0: ioprio_set$pid(0x1, 0x0, 0x2001) [ 162.400810][ T2994] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 162.420115][ T8816] bridge0: port 1(bridge_slave_0) entered blocking state [ 162.433224][ T8816] bridge0: port 1(bridge_slave_0) entered disabled state 22:26:52 executing program 0: [ 162.452443][ T8816] device bridge_slave_0 entered promiscuous mode [ 162.476055][ T8813] team0: Port device team_slave_1 added [ 162.494930][ T8806] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 162.507399][ T8806] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 162.524020][ T8804] 8021q: adding VLAN 0 to HW filter on device bond0 [ 162.546981][ T2994] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready 22:26:52 executing program 0: [ 162.561794][ T2994] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 162.573828][ T2994] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 162.587069][ T8816] bridge0: port 2(bridge_slave_1) entered blocking state [ 162.608670][ T8816] bridge0: port 2(bridge_slave_1) entered disabled state [ 162.627321][ T8816] device bridge_slave_1 entered promiscuous mode [ 162.720042][ T8813] device hsr_slave_0 entered promiscuous mode [ 162.767632][ T8813] device hsr_slave_1 entered promiscuous mode [ 162.851096][ T8816] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 162.875662][ T8810] 8021q: adding VLAN 0 to HW filter on device bond0 [ 162.884694][ T8816] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 162.908077][ T8816] team0: Port device team_slave_0 added [ 162.927671][ T8816] team0: Port device team_slave_1 added [ 162.936347][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 162.944717][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 162.954034][ T8806] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 162.971533][ T8804] 8021q: adding VLAN 0 to HW filter on device team0 [ 162.982645][ T8810] 8021q: adding VLAN 0 to HW filter on device team0 [ 163.010526][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 163.024632][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 163.032625][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 163.042075][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 163.050773][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 163.057915][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 163.130604][ T8816] device hsr_slave_0 entered promiscuous mode [ 163.188251][ T8816] device hsr_slave_1 entered promiscuous mode [ 163.240735][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 163.253882][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 163.270589][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 163.279710][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 163.286781][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 163.294434][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 163.302958][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 163.311559][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 163.320235][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 163.329004][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 163.338312][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 163.346594][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 163.353696][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 163.376060][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 163.384032][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 163.391938][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 163.400504][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 163.409226][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 163.420605][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 163.429118][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 163.438229][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 163.446553][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 163.453646][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 163.482958][ T8813] 8021q: adding VLAN 0 to HW filter on device bond0 [ 163.493795][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 163.513815][ T8810] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 163.551554][ T8810] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 163.577953][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 163.586457][ T8850] EXT4-fs (sda1): re-mounted. Opts: data_err=ignore, [ 163.594026][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 163.634085][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 163.650171][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 163.666618][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 163.677529][ T8853] EXT4-fs (sda1): re-mounted. Opts: data_err=ignore, [ 163.682092][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 163.693747][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 163.702835][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 163.713173][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 163.731451][ T8804] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 163.744510][ T8804] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 163.753746][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 163.768831][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 163.777576][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 163.796841][ T8813] 8021q: adding VLAN 0 to HW filter on device team0 [ 163.825915][ T8810] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 163.859439][ T8804] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 163.867731][ T2994] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 163.876054][ T2994] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 163.922394][ T2994] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 163.942145][ T2994] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 163.956583][ T2994] bridge0: port 1(bridge_slave_0) entered blocking state [ 163.963978][ T2994] bridge0: port 1(bridge_slave_0) entered forwarding state [ 163.981083][ T2994] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 163.994030][ T2994] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 164.003232][ T2994] bridge0: port 2(bridge_slave_1) entered blocking state [ 164.010369][ T2994] bridge0: port 2(bridge_slave_1) entered forwarding state [ 164.019328][ T2994] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 164.034429][ T8816] 8021q: adding VLAN 0 to HW filter on device bond0 [ 164.049252][ T8817] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 164.089516][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 164.099098][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 164.115060][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 164.124798][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 164.134392][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 164.144472][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 164.155997][ T8816] 8021q: adding VLAN 0 to HW filter on device team0 [ 164.174991][ T8813] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 164.192651][ T8813] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 164.206632][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 164.216063][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 164.242491][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 164.261246][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 164.272835][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 164.281223][ T8871] EXT4-fs (sda1): re-mounted. Opts: max_dir_size_kb=0x0000000000000000, [ 164.290669][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 164.306525][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 164.340914][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 164.353435][ T8874] EXT4-fs (sda1): re-mounted. Opts: max_dir_size_kb=0x0000000000000000, [ 164.367940][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 164.376416][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 164.383525][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 164.393040][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 164.402537][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 164.417941][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 164.425071][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state 22:26:54 executing program 1: perf_event_open(&(0x7f0000000580)={0x2, 0x70, 0x5c64, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_emit_ethernet(0x66, &(0x7f0000000000)={@broadcast, @local={[], 0xffffffffffffffff}, [], {@ipv6={0x86dd, {0x0, 0x6, 'v`Q', 0x30, 0x2c, 0x0, @remote={0xfe, 0x80, [0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7], 0xffffffffffffffff}, @mcast2={0xff, 0x2, [0x0, 0xfffffffffffff000]}, {[], @icmpv6=@dest_unreach={0xffffff86, 0x0, 0x0, 0x0, [0x14, 0x5], {0x0, 0x6, "c5961e", 0x0, 0x0, 0x0, @mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x3, 0x689, 0x0, 0x4]}, @mcast2}}}}}}}, 0x0) 22:26:54 executing program 0: 22:26:54 executing program 3: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x2000, 0xffffffffffffffff) [ 164.461418][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 164.483453][ T8817] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 164.518908][ T2994] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 164.541673][ T2994] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 164.595277][ T2994] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 164.641748][ T8813] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 164.652541][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 164.664186][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 164.699407][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 164.710795][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 164.720070][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 164.729195][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 164.738602][ T12] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 164.748523][ T8816] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 164.804046][ T8816] 8021q: adding VLAN 0 to HW filter on device batadv0 22:26:54 executing program 4: perf_event_open$cgroup(&(0x7f0000000000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) 22:26:54 executing program 5: 22:26:54 executing program 2: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0xffffffffffffffff) mount(&(0x7f0000000000), &(0x7f0000000240)='./file0\x00', 0x0, 0x1000, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x200c024, &(0x7f0000000140)={[{@data_err_ignore='data_err=ignore'}]}) 22:26:54 executing program 0: clone(0x3ffd, 0x0, &(0x7f0000000400), 0x0, &(0x7f0000000300)="cf") 22:26:54 executing program 3: syz_emit_ethernet(0x66, &(0x7f0000000000)={@broadcast, @local={[], 0xffffffffffffffff}, [], {@ipv6={0x86dd, {0x0, 0x6, 'v`Q', 0x30, 0x2c, 0x0, @remote={0xfe, 0x80, [0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7], 0xffffffffffffffff}, @mcast2={0xff, 0x2, [0x0, 0xfffffffffffff000]}, {[], @icmpv6=@dest_unreach={0xffffff86, 0x0, 0x0, 0x0, [0x14, 0x5], {0x0, 0x6, "c5961e", 0x0, 0x0, 0x0, @mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x3, 0x689, 0x0, 0x4]}, @mcast2}}}}}}}, 0x0) 22:26:54 executing program 1: syz_mount_image$gfs2(&(0x7f0000000000)='gfs2\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)={[{@lockproto_dlm='lockproto=dlm'}]}) 22:26:54 executing program 4: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$IPT_SO_GET_REVISION_MATCH(0xffffffffffffffff, 0x0, 0x42, 0x0, 0x0) prctl$PR_TASK_PERF_EVENTS_ENABLE(0x20) 22:26:54 executing program 0: clone(0x3ffd, 0x0, &(0x7f0000000400), 0x0, &(0x7f0000000300)="cf") 22:26:54 executing program 3: [ 165.263388][ T8923] EXT4-fs (sda1): re-mounted. Opts: data_err=ignore, [ 165.276589][ T8917] gfs2: not a GFS2 filesystem 22:26:54 executing program 5: 22:26:54 executing program 4: 22:26:55 executing program 3: 22:26:55 executing program 0: clone(0x3ffd, 0x0, &(0x7f0000000400), 0x0, &(0x7f0000000300)="cf") [ 165.452886][ T8917] gfs2: not a GFS2 filesystem 22:26:55 executing program 2: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0xffffffffffffffff) mount(&(0x7f0000000000), &(0x7f0000000240)='./file0\x00', 0x0, 0x1000, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x200c024, &(0x7f0000000140)={[{@data_err_ignore='data_err=ignore'}]}) 22:26:55 executing program 3: 22:26:55 executing program 1: 22:26:55 executing program 5: 22:26:55 executing program 4: 22:26:55 executing program 0: clone(0x3ffd, 0x0, &(0x7f0000000400), 0x0, &(0x7f0000000300)="cf") [ 165.702654][ T8950] EXT4-fs (sda1): re-mounted. Opts: data_err=ignore, 22:26:55 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x61, 0x10, 0x4c}, [@ldst={0x6, 0x0, 0x6}]}, &(0x7f0000003ff6)='G\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x48) 22:26:55 executing program 3: 22:26:55 executing program 1: seccomp(0x1, 0x0, &(0x7f0000001980)={0x2, &(0x7f0000000580)=[{0x48000035}, {0x6, 0x0, 0x0, 0xfffffffffffffffd}]}) socket$inet_udplite(0x2, 0x2, 0x88) 22:26:55 executing program 5: futex(&(0x7f00000000c0)=0x1, 0x6, 0x0, &(0x7f0000000240), 0x0, 0x0) 22:26:55 executing program 2: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0xffffffffffffffff) mount(&(0x7f0000000000), &(0x7f0000000240)='./file0\x00', 0x0, 0x1000, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x200c024, &(0x7f0000000140)={[{@data_err_ignore='data_err=ignore'}]}) 22:26:55 executing program 0: clone(0x0, 0x0, &(0x7f0000000400), 0x0, &(0x7f0000000300)="cf") 22:26:55 executing program 3: bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0xb, 0x9, 0x200209e1c, 0x108000000001, 0x1}, 0x3c) bpf$MAP_CREATE(0x2, &(0x7f0000000100)={0x3, 0x0, 0x77fffb, 0x0, 0x820000, 0x0}, 0x2c) 22:26:55 executing program 4: 22:26:55 executing program 5: [ 166.025306][ T26] kauditd_printk_skb: 3 callbacks suppressed [ 166.025320][ T26] audit: type=1326 audit(1562192815.664:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=8975 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45c60a code=0xffff0000 [ 166.106251][ T8979] EXT4-fs (sda1): re-mounted. Opts: data_err=ignore, 22:26:55 executing program 4: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x50000}]}) sendto(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x20000004, &(0x7f0000000200)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @dev}}, 0x80) 22:26:55 executing program 2: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0xffffffffffffffff) syz_mount_image$ext4(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x200c024, &(0x7f0000000140)={[{@data_err_ignore='data_err=ignore'}]}) 22:26:55 executing program 3: perf_event_open(&(0x7f0000000240)={0x2, 0x70, 0x9c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$pfkey(0xffffffffffffff9c, 0x0, 0x0, 0x0) 22:26:55 executing program 5: perf_event_open(&(0x7f0000000240)={0x2, 0x70, 0x9c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$pfkey(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$EVIOCGBITKEY(0xffffffffffffffff, 0x80404521, &(0x7f0000000040)=""/1) 22:26:55 executing program 0: clone(0x0, 0x0, &(0x7f0000000400), 0x0, &(0x7f0000000300)="cf") 22:26:56 executing program 1: 22:26:56 executing program 5: quotactl(0x40000080000103, 0x0, 0x0, 0x0) 22:26:56 executing program 2: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0xffffffffffffffff) syz_mount_image$ext4(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x200c024, &(0x7f0000000140)={[{@data_err_ignore='data_err=ignore'}]}) 22:26:56 executing program 0: clone(0x0, 0x0, &(0x7f0000000400), 0x0, &(0x7f0000000300)="cf") 22:26:56 executing program 4: 22:26:56 executing program 3: [ 166.823082][ T26] audit: type=1326 audit(1562192816.464:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj==unconfined pid=8975 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=228 compat=0 ip=0x45c60a code=0xffff0000 22:26:56 executing program 3: 22:26:56 executing program 4: 22:26:56 executing program 5: syz_emit_ethernet(0x4a, &(0x7f0000000040)={@random="b100485caa2a", @link_local, [], {@ipv6={0x86dd, {0x0, 0x6, "e49d78", 0x14, 0xe82f, 0x0, @rand_addr="2293ca12379ead9c65dcd6bb64696744", @mcast1={0xff, 0x2}, {[], @tcp={{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0) 22:26:56 executing program 0: clone(0x3ffd, 0x0, 0x0, 0x0, &(0x7f0000000300)="cf") 22:26:56 executing program 2: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0xffffffffffffffff) syz_mount_image$ext4(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x200c024, &(0x7f0000000140)={[{@data_err_ignore='data_err=ignore'}]}) 22:26:56 executing program 1: perf_event_open(&(0x7f0000000240)={0x2, 0x70, 0x9c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x200000, 0x0) ioctl$EVIOCGBITKEY(0xffffffffffffffff, 0x80404521, &(0x7f0000000040)=""/1) 22:26:56 executing program 4: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0xffffffffffffffff) mount(&(0x7f0000000000), &(0x7f0000000240)='./file0\x00', 0x0, 0x1000, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000040)='./file0\x00', 0xf5ffffff00000000, 0x0, 0x0, 0x200c024, &(0x7f00000000c0)={[{@lazytime='lazytime'}]}) 22:26:56 executing program 3: 22:26:56 executing program 5: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x50000}]}) sendto(0xffffffffffffff9c, &(0x7f0000000100), 0xfffffffffffffe33, 0x844, &(0x7f0000000000)=@pptp, 0x213) 22:26:57 executing program 3: prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x50000}]}) sendto(0xffffffffffffff9c, &(0x7f0000000100), 0xfffffffffffffc95, 0x844, &(0x7f0000000200)=@pptp, 0x80) 22:26:57 executing program 2: mount(&(0x7f0000000000), &(0x7f0000000240)='./file0\x00', 0x0, 0x1000, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x200c024, &(0x7f0000000140)={[{@data_err_ignore='data_err=ignore'}]}) [ 167.367427][ T9053] EXT4-fs (sda1): re-mounted. Opts: lazytime, 22:26:57 executing program 0: clone(0x3ffd, 0x0, 0x0, 0x0, &(0x7f0000000300)="cf") 22:26:57 executing program 1: [ 167.503302][ T9068] EXT4-fs (sda1): re-mounted. Opts: lazytime, 22:26:57 executing program 5: 22:26:57 executing program 1: 22:26:57 executing program 0: clone(0x3ffd, 0x0, 0x0, 0x0, &(0x7f0000000300)="cf") 22:26:57 executing program 3: 22:26:57 executing program 4: 22:26:57 executing program 5: 22:26:57 executing program 2: mount(&(0x7f0000000000), &(0x7f0000000240)='./file0\x00', 0x0, 0x1000, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x200c024, &(0x7f0000000140)={[{@data_err_ignore='data_err=ignore'}]}) 22:26:57 executing program 0: clone(0x3ffd, 0x0, &(0x7f0000000400), 0x0, 0x0) 22:26:57 executing program 3: 22:26:57 executing program 5: 22:26:57 executing program 1: mkdir(&(0x7f0000000040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='proc\x00', 0x0, 0x0) mount$bpf(0x0, &(0x7f0000000200)='./file0\x00', 0x0, 0x20, &(0x7f0000000440)=ANY=[@ANYBLOB='m']) 22:26:57 executing program 4: 22:26:57 executing program 2: mount(&(0x7f0000000000), &(0x7f0000000240)='./file0\x00', 0x0, 0x1000, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x200c024, &(0x7f0000000140)={[{@data_err_ignore='data_err=ignore'}]}) 22:26:57 executing program 3: 22:26:57 executing program 5: 22:26:57 executing program 4: 22:26:57 executing program 0: clone(0x3ffd, 0x0, &(0x7f0000000400), 0x0, 0x0) [ 168.186406][ T9114] proc: Unknown parameter 'm' 22:26:57 executing program 3: [ 168.222905][ T9117] proc: Unknown parameter 'm' 22:26:57 executing program 1: 22:26:58 executing program 2: mknod$loop(0x0, 0x0, 0xffffffffffffffff) mount(&(0x7f0000000000), &(0x7f0000000240)='./file0\x00', 0x0, 0x1000, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x200c024, &(0x7f0000000140)={[{@data_err_ignore='data_err=ignore'}]}) 22:26:58 executing program 5: 22:26:58 executing program 0: clone(0x3ffd, 0x0, &(0x7f0000000400), 0x0, 0x0) 22:26:58 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x6, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x0, 0x1}]}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 22:26:58 executing program 3: perf_event_open(&(0x7f0000000580)={0x2, 0x70, 0x5c65, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$vfio(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$SCSI_IOCTL_BENCHMARK_COMMAND(0xffffffffffffffff, 0x3) syz_emit_ethernet(0x66, &(0x7f0000000000)={@broadcast, @local={[], 0xffffffffffffffff}, [], {@ipv6={0x86dd, {0x0, 0x6, 'v`Q', 0x30, 0x2c, 0x0, @remote={0xfe, 0x80, [0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7], 0xffffffffffffffff}, @mcast2={0xff, 0x2, [0x0, 0xfffffffffffff000]}, {[], @icmpv6=@dest_unreach={0xffffff86, 0x0, 0x0, 0x0, [0x14, 0x5], {0x0, 0x6, "c5961e", 0x0, 0x0, 0x0, @mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x3, 0x689, 0x0, 0x4]}, @mcast2}}}}}}}, 0x0) 22:26:58 executing program 5: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000008000)={0x1, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="b7000000000009000700000000000000950000000000000009c251372e4ed867fb9fb8900686ffcf0ba334887ff024b7dd67725f06d5e1c47c0ea3fb100a4f82e87400196885dc"], &(0x7f0000000140)='GPL\x00', 0x1, 0xc3, &(0x7f0000000240)=""/195}, 0x48) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$sock_int(r1, 0x1, 0x1000000000000f, &(0x7f0000000180)=0x57bb, 0x2ca) setsockopt$sock_attach_bpf(r1, 0x1, 0x34, &(0x7f0000009000)=r0, 0x4) 22:26:58 executing program 2: mknod$loop(0x0, 0x0, 0xffffffffffffffff) mount(&(0x7f0000000000), &(0x7f0000000240)='./file0\x00', 0x0, 0x1000, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x200c024, &(0x7f0000000140)={[{@data_err_ignore='data_err=ignore'}]}) 22:26:58 executing program 0: clone(0x3ffd, 0x0, &(0x7f0000000400), 0x0, &(0x7f0000000300)) 22:26:58 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x6, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x0, 0x1}]}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 22:26:58 executing program 1: r0 = syz_open_dev$midi(&(0x7f0000000040)='/dev/midi#\x00', 0x3, 0x2000) r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000100)='TIPC\x00') sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r0, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x30, r1, 0x310, 0x70bd2c, 0x25dfdbfe, {{}, 0x0, 0x5, 0x0, {0x14, 0x19, {0x5, 0x6, 0x3, 0x600000000000}}}, ["", "", "", "", ""]}, 0x30}, 0x1, 0x0, 0x0, 0x4000}, 0x8004) r2 = syz_open_dev$video(&(0x7f0000000000)='/dev/video#\x00', 0x4c, 0x0) ioctl$VIDIOC_G_SELECTION(r2, 0xc040565e, &(0x7f00000000c0)={0xa, 0x3}) 22:26:58 executing program 3: perf_event_open(&(0x7f0000000580)={0x2, 0x70, 0x5c65, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$vfio(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$SCSI_IOCTL_BENCHMARK_COMMAND(0xffffffffffffffff, 0x3) syz_emit_ethernet(0x66, &(0x7f0000000000)={@broadcast, @local={[], 0xffffffffffffffff}, [], {@ipv6={0x86dd, {0x0, 0x6, 'v`Q', 0x30, 0x2c, 0x0, @remote={0xfe, 0x80, [0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7], 0xffffffffffffffff}, @mcast2={0xff, 0x2, [0x0, 0xfffffffffffff000]}, {[], @icmpv6=@dest_unreach={0xffffff86, 0x0, 0x0, 0x0, [0x14, 0x5], {0x0, 0x6, "c5961e", 0x0, 0x0, 0x0, @mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x3, 0x689, 0x0, 0x4]}, @mcast2}}}}}}}, 0x0) 22:26:58 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00003e0000)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc)) r1 = syz_open_pts(r0, 0x0) r2 = syz_open_pts(r1, 0x101000) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xb) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r2, 0x800c6613, &(0x7f0000000040)={0x0, @aes128, 0x0, "36e5d9b993bf98a1"}) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000000)) 22:26:58 executing program 0: clone(0x3ffd, 0x0, &(0x7f0000000400), 0x0, &(0x7f0000000300)) 22:26:58 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x6, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x0, 0x1}]}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 22:26:58 executing program 2: mknod$loop(0x0, 0x0, 0xffffffffffffffff) mount(&(0x7f0000000000), &(0x7f0000000240)='./file0\x00', 0x0, 0x1000, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x200c024, &(0x7f0000000140)={[{@data_err_ignore='data_err=ignore'}]}) 22:26:58 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) timerfd_create(0x7, 0x800) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040)='TIPCv2\x00') sendmsg$TIPC_NL_PEER_REMOVE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)={0x20, r1, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NET={0xc, 0x7, [@TIPC_NLA_NET_ADDR={0x8}]}]}, 0x20}}, 0x0) 22:26:58 executing program 0: clone(0x3ffd, 0x0, &(0x7f0000000400), 0x0, &(0x7f0000000300)) 22:26:58 executing program 3: perf_event_open(&(0x7f0000000580)={0x2, 0x70, 0x5c65, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$vfio(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$SCSI_IOCTL_BENCHMARK_COMMAND(0xffffffffffffffff, 0x3) syz_emit_ethernet(0x66, &(0x7f0000000000)={@broadcast, @local={[], 0xffffffffffffffff}, [], {@ipv6={0x86dd, {0x0, 0x6, 'v`Q', 0x30, 0x2c, 0x0, @remote={0xfe, 0x80, [0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7], 0xffffffffffffffff}, @mcast2={0xff, 0x2, [0x0, 0xfffffffffffff000]}, {[], @icmpv6=@dest_unreach={0xffffff86, 0x0, 0x0, 0x0, [0x14, 0x5], {0x0, 0x6, "c5961e", 0x0, 0x0, 0x0, @mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x3, 0x689, 0x0, 0x4]}, @mcast2}}}}}}}, 0x0) 22:26:58 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x6, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x0, 0x1}]}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 22:26:58 executing program 0 (fault-call:0 fault-nth:0): clone(0x3ffd, 0x0, &(0x7f0000000400), 0x0, &(0x7f0000000300)="cf") 22:26:58 executing program 2: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0xffffffffffffffff) mount(0x0, &(0x7f0000000240)='./file0\x00', 0x0, 0x1000, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x200c024, &(0x7f0000000140)={[{@data_err_ignore='data_err=ignore'}]}) 22:26:58 executing program 1: perf_event_open(&(0x7f0000000080)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca5055e0bcfec7be070") socket$inet_udplite(0x2, 0x2, 0x88) r1 = socket$inet6(0xa, 0x80003, 0xff) setsockopt$inet6_int(r1, 0x29, 0x16, &(0x7f0000fcb000), 0x4) prctl$PR_SET_THP_DISABLE(0x29, 0x1) 22:26:58 executing program 5: syz_open_dev$mice(&(0x7f0000000080)='/dev/input/mice\x00', 0x0, 0x0) syz_open_dev$mice(0x0, 0x0, 0x4000) socket$pptp(0x18, 0x1, 0x2) 22:26:59 executing program 3: perf_event_open(&(0x7f0000000580)={0x2, 0x70, 0x5c65, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$vfio(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$SCSI_IOCTL_BENCHMARK_COMMAND(0xffffffffffffffff, 0x3) syz_emit_ethernet(0x66, &(0x7f0000000000)={@broadcast, @local={[], 0xffffffffffffffff}, [], {@ipv6={0x86dd, {0x0, 0x6, 'v`Q', 0x30, 0x2c, 0x0, @remote={0xfe, 0x80, [0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7], 0xffffffffffffffff}, @mcast2={0xff, 0x2, [0x0, 0xfffffffffffff000]}, {[], @icmpv6=@dest_unreach={0xffffff86, 0x0, 0x0, 0x0, [0x14, 0x5], {0x0, 0x6, "c5961e", 0x0, 0x0, 0x0, @mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x3, 0x689, 0x0, 0x4]}, @mcast2}}}}}}}, 0x0) 22:26:59 executing program 4: bpf$PROG_LOAD(0x5, 0x0, 0x0) [ 169.462278][ T9219] FAULT_INJECTION: forcing a failure. [ 169.462278][ T9219] name failslab, interval 1, probability 0, space 0, times 1 [ 169.485349][ T9219] CPU: 1 PID: 9219 Comm: syz-executor.0 Not tainted 5.2.0-rc7-next-20190703 #28 [ 169.494407][ T9219] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 169.494422][ T9219] Call Trace: [ 169.494449][ T9219] dump_stack+0x172/0x1f0 [ 169.512256][ T9219] should_fail.cold+0xa/0x15 [ 169.516868][ T9219] ? fault_create_debugfs_attr+0x180/0x180 [ 169.522720][ T9219] ? ___might_sleep+0x163/0x280 [ 169.527572][ T9219] __should_failslab+0x121/0x190 [ 169.527591][ T9219] should_failslab+0x9/0x14 [ 169.527604][ T9219] kmem_cache_alloc_node+0x268/0x740 [ 169.527617][ T9219] ? lockdep_hardirqs_on+0x418/0x5d0 [ 169.527633][ T9219] ? trace_hardirqs_on+0x67/0x240 [ 169.527645][ T9219] ? kasan_check_read+0x11/0x20 [ 169.527664][ T9219] copy_process+0x46d1/0x6af0 [ 169.527684][ T9219] ? get_pid_task+0xc9/0x190 [ 169.566720][ T9219] ? find_held_lock+0x35/0x130 [ 169.571504][ T9219] ? get_pid_task+0xc9/0x190 [ 169.576119][ T9219] ? __cleanup_sighand+0x60/0x60 [ 169.581075][ T9219] ? __f_unlock_pos+0x19/0x20 [ 169.585773][ T9219] ? lock_downgrade+0x920/0x920 [ 169.590630][ T9219] ? vfs_write+0x34c/0x5d0 [ 169.595080][ T9219] _do_fork+0x146/0xfa0 [ 169.599253][ T9219] ? copy_init_mm+0x20/0x20 [ 169.603763][ T9219] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 169.609327][ T9219] ? wait_for_completion+0x440/0x440 [ 169.614619][ T9219] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 169.620853][ T9219] __x64_sys_clone+0x186/0x250 [ 169.620867][ T9219] ? ksys_write+0x1cf/0x290 [ 169.620880][ T9219] ? __ia32_sys_vfork+0xc0/0xc0 [ 169.620902][ T9219] ? lockdep_hardirqs_on+0x418/0x5d0 [ 169.620919][ T9219] ? trace_hardirqs_on+0x67/0x240 [ 169.620937][ T9219] do_syscall_64+0xfd/0x6a0 [ 169.620956][ T9219] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 169.620968][ T9219] RIP: 0033:0x4597c9 [ 169.620983][ T9219] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 169.620991][ T9219] RSP: 002b:00007f9300b6cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 169.687670][ T9219] RAX: ffffffffffffffda RBX: 00007f9300b6cc90 RCX: 00000000004597c9 [ 169.695654][ T9219] RDX: 0000000020000400 RSI: 0000000000000000 RDI: 0000000000003ffd [ 169.703676][ T9219] RBP: 000000000075bf20 R08: 0000000020000300 R09: 0000000000000000 22:26:59 executing program 4: bpf$PROG_LOAD(0x5, 0x0, 0x0) 22:26:59 executing program 2: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0xffffffffffffffff) mount(0x0, &(0x7f0000000240)='./file0\x00', 0x0, 0x1000, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x200c024, &(0x7f0000000140)={[{@data_err_ignore='data_err=ignore'}]}) [ 169.713207][ T9219] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f9300b6d6d4 [ 169.721193][ T9219] R13: 00000000004bfc7c R14: 00000000004d1718 R15: 0000000000000003 22:26:59 executing program 0 (fault-call:0 fault-nth:1): clone(0x3ffd, 0x0, &(0x7f0000000400), 0x0, &(0x7f0000000300)="cf") [ 169.873847][ T9238] FAULT_INJECTION: forcing a failure. [ 169.873847][ T9238] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 169.887092][ T9238] CPU: 0 PID: 9238 Comm: syz-executor.0 Not tainted 5.2.0-rc7-next-20190703 #28 [ 169.896120][ T9238] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 169.906188][ T9238] Call Trace: [ 169.909497][ T9238] dump_stack+0x172/0x1f0 [ 169.913880][ T9238] should_fail.cold+0xa/0x15 [ 169.918493][ T9238] ? fault_create_debugfs_attr+0x180/0x180 22:26:59 executing program 1: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='hugetl\x04\x00\x00\x00\x00\x00\x00\x00age_ir_Z\xa2\xf4es\x00', 0x275a, 0x0) write$cgroup_int(r0, &(0x7f0000000000), 0xffffff6a) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgpoup.events\x00>\xa5^\x10\xa8)\x9ds\xeemr\xda\x86\xf4\xdb\xed/\x19\xb5*H\xa9\x0ea\x87)\x89L\x91\x8aI\x85\xeb\x8fo,1h\x1f\x98\x87 \xc1u<\x87\xf1=\x03a\xb8%\xfe/J\xc4\xad\x9e\xdb\xd5^\xeb\xfe\f\xee$\x0f\xf8\x94\xa1J\xe0\xeb\xe6\xc8A\xb4\x9b\xed\xc1D\x02\xa1R\x88\x15\xb5\xafr5\xf0\xef\xce\xe6\xb1\xcb\xa8r\x81a\xd6\x1a\x1a\xb8\xa9\x17\xc2\xb5', 0x275a, 0x0) ioctl$KVM_IRQ_LINE_STATUS(r0, 0xc008ae67, &(0x7f0000000040)={0x6, 0x8}) write$cgroup_int(r1, &(0x7f0000000380), 0x10076) openat$uinput(0xffffffffffffff9c, &(0x7f0000000100)='/dev/uinput\x00', 0x0, 0x0) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r1, 0x660c) r2 = socket$inet(0x10, 0x3, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000001300)={0x2880008, r0}) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x0, 0x13, r2, 0x0) 22:26:59 executing program 4: bpf$PROG_LOAD(0x5, 0x0, 0x0) [ 169.924310][ T9238] ? rcu_read_unlock+0x16/0x60 [ 169.929090][ T9238] ? find_held_lock+0x35/0x130 [ 169.933874][ T9238] should_fail_alloc_page+0x50/0x60 [ 169.939087][ T9238] __alloc_pages_nodemask+0x1a1/0x8f0 [ 169.944467][ T9238] ? lock_downgrade+0x920/0x920 [ 169.949481][ T9238] ? __alloc_pages_slowpath+0x2520/0x2520 [ 169.955195][ T9238] ? rcu_read_unlock+0x33/0x60 [ 169.959941][ T9238] cache_grow_begin+0x90/0xd20 [ 169.964702][ T9238] ? copy_process+0x46d1/0x6af0 [ 169.969561][ T9238] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 169.975796][ T9238] kmem_cache_alloc_node+0x673/0x740 [ 169.981075][ T9238] ? lockdep_hardirqs_on+0x418/0x5d0 [ 169.986368][ T9238] ? trace_hardirqs_on+0x67/0x240 [ 169.991383][ T9238] copy_process+0x46d1/0x6af0 [ 169.996054][ T9238] ? get_pid_task+0xc9/0x190 [ 170.000625][ T9238] ? find_held_lock+0x35/0x130 [ 170.005376][ T9238] ? get_pid_task+0xc9/0x190 [ 170.009948][ T9238] ? __cleanup_sighand+0x60/0x60 [ 170.014870][ T9238] ? __f_unlock_pos+0x19/0x20 [ 170.019555][ T9238] ? lock_downgrade+0x920/0x920 [ 170.024391][ T9238] ? vfs_write+0x34c/0x5d0 [ 170.028790][ T9238] _do_fork+0x146/0xfa0 [ 170.032936][ T9238] ? copy_init_mm+0x20/0x20 [ 170.037428][ T9238] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 170.042979][ T9238] ? wait_for_completion+0x440/0x440 [ 170.048275][ T9238] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 170.054525][ T9238] __x64_sys_clone+0x186/0x250 [ 170.059301][ T9238] ? ksys_write+0x1cf/0x290 [ 170.063798][ T9238] ? __ia32_sys_vfork+0xc0/0xc0 [ 170.068650][ T9238] ? lockdep_hardirqs_on+0x418/0x5d0 [ 170.073937][ T9238] ? trace_hardirqs_on+0x67/0x240 [ 170.078945][ T9238] do_syscall_64+0xfd/0x6a0 [ 170.083430][ T9238] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 170.089299][ T9238] RIP: 0033:0x4597c9 [ 170.093176][ T9238] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 170.112870][ T9238] RSP: 002b:00007f9300b6cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 170.121278][ T9238] RAX: ffffffffffffffda RBX: 00007f9300b6cc90 RCX: 00000000004597c9 [ 170.129238][ T9238] RDX: 0000000020000400 RSI: 0000000000000000 RDI: 0000000000003ffd [ 170.137190][ T9238] RBP: 000000000075bf20 R08: 0000000020000300 R09: 0000000000000000 [ 170.145154][ T9238] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f9300b6d6d4 [ 170.153108][ T9238] R13: 00000000004bfc7c R14: 00000000004d1718 R15: 0000000000000003 22:26:59 executing program 2: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0xffffffffffffffff) mount(0x0, &(0x7f0000000240)='./file0\x00', 0x0, 0x1000, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x200c024, &(0x7f0000000140)={[{@data_err_ignore='data_err=ignore'}]}) 22:26:59 executing program 3: perf_event_open(&(0x7f0000000580)={0x2, 0x70, 0x5c65, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$vfio(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_emit_ethernet(0x66, &(0x7f0000000000)={@broadcast, @local={[], 0xffffffffffffffff}, [], {@ipv6={0x86dd, {0x0, 0x6, 'v`Q', 0x30, 0x2c, 0x0, @remote={0xfe, 0x80, [0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7], 0xffffffffffffffff}, @mcast2={0xff, 0x2, [0x0, 0xfffffffffffff000]}, {[], @icmpv6=@dest_unreach={0xffffff86, 0x0, 0x0, 0x0, [0x14, 0x5], {0x0, 0x6, "c5961e", 0x0, 0x0, 0x0, @mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x3, 0x689, 0x0, 0x4]}, @mcast2}}}}}}}, 0x0) 22:26:59 executing program 0 (fault-call:0 fault-nth:2): clone(0x3ffd, 0x0, &(0x7f0000000400), 0x0, &(0x7f0000000300)="cf") 22:26:59 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x0, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x0, 0x1}]}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 22:27:00 executing program 5: socket$inet_udplite(0x2, 0x2, 0x88) r0 = getpid() sched_setscheduler(r0, 0x5, &(0x7f0000000380)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000008c0)=[@textreal={0x8, &(0x7f0000000040)="26670f20c2bad104ec66b9430300000f32670f060f09e27666b8c850bedd0f23d80f21f86635400000e00f23f865f2801b000fc7b16a000fdb2b", 0x3a}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000004cb]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) stat(0x0, 0x0) fstat(0xffffffffffffffff, 0x0) mount$9p_fd(0x0, 0x0, 0x0, 0x0, 0x0) ioctl$VIDIOC_ENUMAUDIO(r3, 0xc0345641, &(0x7f0000000000)={0x5, "07f94523a7e967c7b11314ae84f084d1f7f22848dd5defca9ef77bb590dc5b1d", 0x2, 0x1}) ioctl$KVM_RUN(r3, 0xae80, 0x0) faccessat(0xffffffffffffffff, 0x0, 0x0, 0x500) ioctl(0xffffffffffffffff, 0x0, 0x0) mkdir(0x0, 0x0) 22:27:00 executing program 1: pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) prctl$PR_SET_FP_MODE(0x2d, 0xffffffffffffffff) ioctl$TUNGETDEVNETNS(r0, 0x54e3, 0x0) r2 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$int_in(r2, 0x5421, &(0x7f0000000080)=0x3bc) connect$inet(r2, &(0x7f0000000000)={0x2, 0x0, @remote}, 0x10) splice(r2, 0x0, r1, 0x0, 0x4, 0x0) 22:27:00 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x0, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x0, 0x1}]}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 170.471329][ T9266] FAULT_INJECTION: forcing a failure. [ 170.471329][ T9266] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 170.508101][ C0] hrtimer: interrupt took 45008 ns 22:27:00 executing program 3: perf_event_open(&(0x7f0000000580)={0x2, 0x70, 0x5c65, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_emit_ethernet(0x66, &(0x7f0000000000)={@broadcast, @local={[], 0xffffffffffffffff}, [], {@ipv6={0x86dd, {0x0, 0x6, 'v`Q', 0x30, 0x2c, 0x0, @remote={0xfe, 0x80, [0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7], 0xffffffffffffffff}, @mcast2={0xff, 0x2, [0x0, 0xfffffffffffff000]}, {[], @icmpv6=@dest_unreach={0xffffff86, 0x0, 0x0, 0x0, [0x14, 0x5], {0x0, 0x6, "c5961e", 0x0, 0x0, 0x0, @mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x3, 0x689, 0x0, 0x4]}, @mcast2}}}}}}}, 0x0) [ 170.552440][ T9265] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 170.586558][ T9266] CPU: 0 PID: 9266 Comm: syz-executor.0 Not tainted 5.2.0-rc7-next-20190703 #28 [ 170.595637][ T9266] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 170.605703][ T9266] Call Trace: [ 170.609008][ T9266] dump_stack+0x172/0x1f0 [ 170.613341][ T9266] should_fail.cold+0xa/0x15 [ 170.617948][ T9266] ? fault_create_debugfs_attr+0x180/0x180 [ 170.623768][ T9266] ? ___might_sleep+0x163/0x280 [ 170.628642][ T9266] should_fail_alloc_page+0x50/0x60 [ 170.633858][ T9266] __alloc_pages_nodemask+0x1a1/0x8f0 [ 170.639245][ T9266] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 170.645513][ T9266] ? __alloc_pages_slowpath+0x2520/0x2520 [ 170.651256][ T9266] ? copy_process+0x46d1/0x6af0 [ 170.656141][ T9266] ? lockdep_hardirqs_on+0x418/0x5d0 [ 170.661447][ T9266] ? trace_hardirqs_on+0x67/0x240 [ 170.666487][ T9266] copy_process+0x3f8/0x6af0 [ 170.671098][ T9266] ? get_pid_task+0xc9/0x190 [ 170.675701][ T9266] ? find_held_lock+0x35/0x130 [ 170.680468][ T9266] ? get_pid_task+0xc9/0x190 [ 170.685058][ T9266] ? __cleanup_sighand+0x60/0x60 [ 170.689984][ T9266] ? __f_unlock_pos+0x19/0x20 [ 170.694656][ T9266] ? lock_downgrade+0x920/0x920 [ 170.699512][ T9266] ? vfs_write+0x34c/0x5d0 [ 170.703915][ T9266] _do_fork+0x146/0xfa0 [ 170.708056][ T9266] ? copy_init_mm+0x20/0x20 [ 170.712543][ T9266] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 170.718073][ T9266] ? wait_for_completion+0x440/0x440 [ 170.723342][ T9266] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 170.729570][ T9266] __x64_sys_clone+0x186/0x250 [ 170.734315][ T9266] ? ksys_write+0x1cf/0x290 [ 170.738801][ T9266] ? __ia32_sys_vfork+0xc0/0xc0 [ 170.743640][ T9266] ? lockdep_hardirqs_on+0x418/0x5d0 [ 170.748910][ T9266] ? trace_hardirqs_on+0x67/0x240 [ 170.753921][ T9266] do_syscall_64+0xfd/0x6a0 [ 170.758409][ T9266] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 170.764281][ T9266] RIP: 0033:0x4597c9 [ 170.768159][ T9266] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 170.787833][ T9266] RSP: 002b:00007f9300b6cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 22:27:00 executing program 2: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0xffffffffffffffff) mount(&(0x7f0000000000), 0x0, 0x0, 0x1000, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x200c024, &(0x7f0000000140)={[{@data_err_ignore='data_err=ignore'}]}) [ 170.796223][ T9266] RAX: ffffffffffffffda RBX: 00007f9300b6cc90 RCX: 00000000004597c9 [ 170.804174][ T9266] RDX: 0000000020000400 RSI: 0000000000000000 RDI: 0000000000003ffd [ 170.812138][ T9266] RBP: 000000000075bf20 R08: 0000000020000300 R09: 0000000000000000 [ 170.820103][ T9266] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f9300b6d6d4 [ 170.828053][ T9266] R13: 00000000004bfc7c R14: 00000000004d1718 R15: 0000000000000003 22:27:00 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x0, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x0, 0x1}]}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 22:27:00 executing program 1: r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/mixer\x00', 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000080)={@in6={{0xa, 0x4e24, 0xf44, @ipv4={[], [], @remote}, 0xfff}}, 0x0, 0x80000001, 0x0, "f23cc10ba9955d05b59aebe49d4c08d81ac660bcb74c712948f4ee3505ed603ae3022497687ca0e0a765abe1ff9ff33b62dead3e36d1a4be28a79c4ebf9c342af25bc680d1b5f215f07ab8d0df88e238"}, 0xd8) r1 = socket$inet6_udp(0xa, 0x2, 0x0) socket$packet(0x11, 0x3, 0x300) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote, 0x3}, 0x1c) r2 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r2, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r1, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) sendmmsg(r2, &(0x7f0000005fc0), 0x800000000000059, 0x0) 22:27:00 executing program 0 (fault-call:0 fault-nth:3): clone(0x3ffd, 0x0, &(0x7f0000000400), 0x0, &(0x7f0000000300)="cf") 22:27:00 executing program 2: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0xffffffffffffffff) mount(&(0x7f0000000000), 0x0, 0x0, 0x1000, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x200c024, &(0x7f0000000140)={[{@data_err_ignore='data_err=ignore'}]}) 22:27:00 executing program 3: syz_emit_ethernet(0x66, &(0x7f0000000000)={@broadcast, @local={[], 0xffffffffffffffff}, [], {@ipv6={0x86dd, {0x0, 0x6, 'v`Q', 0x30, 0x2c, 0x0, @remote={0xfe, 0x80, [0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7], 0xffffffffffffffff}, @mcast2={0xff, 0x2, [0x0, 0xfffffffffffff000]}, {[], @icmpv6=@dest_unreach={0xffffff86, 0x0, 0x0, 0x0, [0x14, 0x5], {0x0, 0x6, "c5961e", 0x0, 0x0, 0x0, @mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x3, 0x689, 0x0, 0x4]}, @mcast2}}}}}}}, 0x0) [ 171.087922][ T9290] FAULT_INJECTION: forcing a failure. [ 171.087922][ T9290] name failslab, interval 1, probability 0, space 0, times 0 22:27:00 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x6, 0x0, 0x0, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 171.187664][ T9290] CPU: 0 PID: 9290 Comm: syz-executor.0 Not tainted 5.2.0-rc7-next-20190703 #28 [ 171.196742][ T9290] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 171.206809][ T9290] Call Trace: [ 171.210114][ T9290] dump_stack+0x172/0x1f0 [ 171.214538][ T9290] should_fail.cold+0xa/0x15 [ 171.219135][ T9290] ? fault_create_debugfs_attr+0x180/0x180 [ 171.224948][ T9290] ? ___might_sleep+0x163/0x280 [ 171.229813][ T9290] __should_failslab+0x121/0x190 [ 171.234762][ T9290] should_failslab+0x9/0x14 [ 171.239261][ T9290] kmem_cache_alloc+0x2aa/0x710 [ 171.244114][ T9290] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 171.250349][ T9290] ? __validate_process_creds+0x22d/0x380 [ 171.256065][ T9290] prepare_creds+0x3e/0x3f0 [ 171.260566][ T9290] copy_creds+0x7b/0x6c0 [ 171.264805][ T9290] copy_process+0xdd7/0x6af0 [ 171.269393][ T9290] ? get_pid_task+0xc9/0x190 [ 171.273990][ T9290] ? find_held_lock+0x35/0x130 [ 171.278752][ T9290] ? get_pid_task+0xc9/0x190 [ 171.283342][ T9290] ? __cleanup_sighand+0x60/0x60 [ 171.288371][ T9290] ? __f_unlock_pos+0x19/0x20 [ 171.293052][ T9290] ? lock_downgrade+0x920/0x920 [ 171.297900][ T9290] ? vfs_write+0x34c/0x5d0 [ 171.302329][ T9290] _do_fork+0x146/0xfa0 [ 171.306482][ T9290] ? copy_init_mm+0x20/0x20 [ 171.310982][ T9290] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 171.316525][ T9290] ? wait_for_completion+0x440/0x440 [ 171.321813][ T9290] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 171.328052][ T9290] __x64_sys_clone+0x186/0x250 [ 171.332809][ T9290] ? ksys_write+0x1cf/0x290 [ 171.337312][ T9290] ? __ia32_sys_vfork+0xc0/0xc0 [ 171.342159][ T9290] ? lockdep_hardirqs_on+0x418/0x5d0 [ 171.347442][ T9290] ? trace_hardirqs_on+0x67/0x240 [ 171.352473][ T9290] do_syscall_64+0xfd/0x6a0 [ 171.356978][ T9290] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 171.362868][ T9290] RIP: 0033:0x4597c9 [ 171.366760][ T9290] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 171.386357][ T9290] RSP: 002b:00007f9300b6cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 171.394848][ T9290] RAX: ffffffffffffffda RBX: 00007f9300b6cc90 RCX: 00000000004597c9 [ 171.402816][ T9290] RDX: 0000000020000400 RSI: 0000000000000000 RDI: 0000000000003ffd [ 171.410783][ T9290] RBP: 000000000075bf20 R08: 0000000020000300 R09: 0000000000000000 [ 171.418745][ T9290] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f9300b6d6d4 [ 171.426734][ T9290] R13: 00000000004bfc7c R14: 00000000004d1718 R15: 0000000000000003 [ 171.435223][ C0] protocol 88fb is buggy, dev hsr_slave_0 [ 171.437230][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 171.441230][ C0] protocol 88fb is buggy, dev hsr_slave_1 [ 171.446949][ C1] protocol 88fb is buggy, dev hsr_slave_1 22:27:01 executing program 2: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0xffffffffffffffff) mount(&(0x7f0000000000), 0x0, 0x0, 0x1000, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x200c024, &(0x7f0000000140)={[{@data_err_ignore='data_err=ignore'}]}) 22:27:01 executing program 5: listxattr(&(0x7f0000000080)='./file0\x00', &(0x7f0000000200)=""/234, 0xea) recvmmsg(0xffffffffffffffff, &(0x7f00000022c0)=[{{&(0x7f0000000180)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, 0x80, 0x0}}], 0x1, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000100)='sessionid\x00') ioctl$EVIOCSMASK(r0, 0x40104593, &(0x7f0000000140)={0x1f, 0x7, &(0x7f00000000c0)="16321847f3acf5"}) preadv(r0, &(0x7f00000017c0), 0x0, 0x2000000) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000040)={&(0x7f0000000000)='./file0\x00', r0}, 0x10) 22:27:01 executing program 0 (fault-call:0 fault-nth:4): clone(0x3ffd, 0x0, &(0x7f0000000400), 0x0, &(0x7f0000000300)="cf") 22:27:01 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x6, 0x0, 0x0, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 22:27:01 executing program 3: syz_emit_ethernet(0x0, 0x0, 0x0) [ 171.918165][ T9319] FAULT_INJECTION: forcing a failure. [ 171.918165][ T9319] name failslab, interval 1, probability 0, space 0, times 0 [ 171.967785][ T9319] CPU: 1 PID: 9319 Comm: syz-executor.0 Not tainted 5.2.0-rc7-next-20190703 #28 [ 171.976917][ T9319] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 171.986976][ T9319] Call Trace: [ 171.990290][ T9319] dump_stack+0x172/0x1f0 [ 171.990323][ T9319] should_fail.cold+0xa/0x15 [ 171.990342][ T9319] ? fault_create_debugfs_attr+0x180/0x180 [ 171.990364][ T9319] ? ___might_sleep+0x163/0x280 [ 171.990386][ T9319] __should_failslab+0x121/0x190 [ 172.014860][ T9319] should_failslab+0x9/0x14 [ 172.019362][ T9319] __kmalloc+0x2e0/0x770 [ 172.019378][ T9319] ? refcount_inc_not_zero_checked+0x144/0x200 [ 172.019393][ T9319] ? refcount_dec_and_mutex_lock+0x90/0x90 [ 172.019409][ T9319] ? security_prepare_creds+0x11d/0x190 [ 172.019424][ T9319] security_prepare_creds+0x11d/0x190 [ 172.019443][ T9319] prepare_creds+0x2f5/0x3f0 [ 172.019461][ T9319] copy_creds+0x7b/0x6c0 [ 172.055357][ T9319] copy_process+0xdd7/0x6af0 [ 172.059963][ T9319] ? get_pid_task+0xc9/0x190 [ 172.064569][ T9319] ? find_held_lock+0x35/0x130 [ 172.069521][ T9319] ? get_pid_task+0xc9/0x190 [ 172.074125][ T9319] ? __cleanup_sighand+0x60/0x60 [ 172.079071][ T9319] ? __f_unlock_pos+0x19/0x20 [ 172.083766][ T9319] ? lock_downgrade+0x920/0x920 [ 172.088634][ T9319] ? vfs_write+0x34c/0x5d0 [ 172.093073][ T9319] _do_fork+0x146/0xfa0 [ 172.097247][ T9319] ? copy_init_mm+0x20/0x20 [ 172.101757][ T9319] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 172.107303][ T9319] ? wait_for_completion+0x440/0x440 [ 172.112595][ T9319] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 172.112614][ T9319] __x64_sys_clone+0x186/0x250 [ 172.112633][ T9319] ? ksys_write+0x1cf/0x290 [ 172.128203][ T9319] ? __ia32_sys_vfork+0xc0/0xc0 [ 172.133078][ T9319] ? lockdep_hardirqs_on+0x418/0x5d0 [ 172.138380][ T9319] ? trace_hardirqs_on+0x67/0x240 [ 172.143426][ T9319] do_syscall_64+0xfd/0x6a0 [ 172.148039][ T9319] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 172.153940][ T9319] RIP: 0033:0x4597c9 22:27:01 executing program 1: r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/mixer\x00', 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000080)={@in6={{0xa, 0x4e24, 0xf44, @ipv4={[], [], @remote}, 0xfff}}, 0x0, 0x80000001, 0x0, "f23cc10ba9955d05b59aebe49d4c08d81ac660bcb74c712948f4ee3505ed603ae3022497687ca0e0a765abe1ff9ff33b62dead3e36d1a4be28a79c4ebf9c342af25bc680d1b5f215f07ab8d0df88e238"}, 0xd8) r1 = socket$inet6_udp(0xa, 0x2, 0x0) socket$packet(0x11, 0x3, 0x300) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote, 0x3}, 0x1c) r2 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r2, &(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r1, {0x2, 0x0, @multicast2}, 0x4}}, 0x26) sendmmsg(r2, &(0x7f0000005fc0), 0x800000000000059, 0x0) 22:27:01 executing program 3: syz_emit_ethernet(0x0, 0x0, 0x0) 22:27:01 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x6, 0x0, 0x0, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 172.157844][ T9319] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 172.177462][ T9319] RSP: 002b:00007f9300b6cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 172.185880][ T9319] RAX: ffffffffffffffda RBX: 00007f9300b6cc90 RCX: 00000000004597c9 [ 172.185889][ T9319] RDX: 0000000020000400 RSI: 0000000000000000 RDI: 0000000000003ffd [ 172.185898][ T9319] RBP: 000000000075bf20 R08: 0000000020000300 R09: 0000000000000000 [ 172.185907][ T9319] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f9300b6d6d4 22:27:01 executing program 2: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0xffffffffffffffff) mount(&(0x7f0000000000), &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x200c024, &(0x7f0000000140)={[{@data_err_ignore='data_err=ignore'}]}) 22:27:01 executing program 5: sendmsg(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0xfffffffffffffe59, &(0x7f0000000040), 0x1}, 0x0) r0 = socket(0x1000000010, 0x80002, 0x0) sendmmsg$alg(r0, &(0x7f00000000c0), 0x492492492492191, 0x0) accept4$alg(r0, 0x0, 0x0, 0x800) socket(0x5, 0x825c8fe7067dab70, 0xaab8) [ 172.185916][ T9319] R13: 00000000004bfc7c R14: 00000000004d1718 R15: 0000000000000003 22:27:01 executing program 3: syz_emit_ethernet(0x0, 0x0, 0x0) 22:27:01 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x6, 0x3, &(0x7f0000346fc8)=@framed, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 172.297862][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 172.304067][ C1] protocol 88fb is buggy, dev hsr_slave_1 22:27:02 executing program 0 (fault-call:0 fault-nth:5): clone(0x3ffd, 0x0, &(0x7f0000000400), 0x0, &(0x7f0000000300)="cf") 22:27:02 executing program 3: syz_emit_ethernet(0x66, &(0x7f0000000000)={@broadcast, @local={[], 0xffffffffffffffff}, [], {@ipv6={0x86dd, {0x0, 0x6, 'v`Q', 0x30, 0x0, 0x0, @remote={0xfe, 0x80, [0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7], 0xffffffffffffffff}, @mcast2={0xff, 0x2, [0x0, 0xfffffffffffff000]}, {[], @icmpv6=@dest_unreach={0xffffff86, 0x0, 0x0, 0x0, [0x14, 0x5], {0x0, 0x6, "c5961e", 0x0, 0x0, 0x0, @mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x3, 0x689, 0x0, 0x4]}, @mcast2}}}}}}}, 0x0) [ 172.457236][ C1] protocol 88fb is buggy, dev hsr_slave_0 [ 172.463084][ C1] protocol 88fb is buggy, dev hsr_slave_1 22:27:02 executing program 2: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0xffffffffffffffff) mount(&(0x7f0000000000), &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x200c024, &(0x7f0000000140)={[{@data_err_ignore='data_err=ignore'}]}) [ 172.628400][ T9353] FAULT_INJECTION: forcing a failure. [ 172.628400][ T9353] name failslab, interval 1, probability 0, space 0, times 0 22:27:02 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x6, 0x3, &(0x7f0000346fc8)=@framed, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 172.696217][ T9353] CPU: 0 PID: 9353 Comm: syz-executor.0 Not tainted 5.2.0-rc7-next-20190703 #28 [ 172.705291][ T9353] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 172.715362][ T9353] Call Trace: [ 172.718675][ T9353] dump_stack+0x172/0x1f0 [ 172.723033][ T9353] should_fail.cold+0xa/0x15 [ 172.727647][ T9353] ? fault_create_debugfs_attr+0x180/0x180 [ 172.733472][ T9353] ? ___might_sleep+0x163/0x280 [ 172.733496][ T9353] __should_failslab+0x121/0x190 22:27:02 executing program 3: syz_emit_ethernet(0x66, &(0x7f0000000000)={@broadcast, @local={[], 0xffffffffffffffff}, [], {@ipv6={0x86dd, {0x0, 0x6, 'v`Q', 0x30, 0x0, 0x0, @remote={0xfe, 0x80, [0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7], 0xffffffffffffffff}, @mcast2={0xff, 0x2, [0x0, 0xfffffffffffff000]}, {[], @icmpv6=@dest_unreach={0xffffff86, 0x0, 0x0, 0x0, [0x14, 0x5], {0x0, 0x6, "c5961e", 0x0, 0x0, 0x0, @mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x3, 0x689, 0x0, 0x4]}, @mcast2}}}}}}}, 0x0) [ 172.733514][ T9353] should_failslab+0x9/0x14 [ 172.743391][ T9353] kmem_cache_alloc+0x2aa/0x710 [ 172.743410][ T9353] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 172.743435][ T9353] __delayacct_tsk_init+0x20/0x80 [ 172.764065][ T9353] copy_process+0x4762/0x6af0 [ 172.768763][ T9353] ? get_pid_task+0xc9/0x190 [ 172.773372][ T9353] ? find_held_lock+0x35/0x130 [ 172.778153][ T9353] ? get_pid_task+0xc9/0x190 [ 172.782768][ T9353] ? __cleanup_sighand+0x60/0x60 [ 172.787711][ T9353] ? __f_unlock_pos+0x19/0x20 [ 172.792416][ T9353] ? lock_downgrade+0x920/0x920 [ 172.797289][ T9353] ? vfs_write+0x34c/0x5d0 [ 172.801737][ T9353] _do_fork+0x146/0xfa0 [ 172.805909][ T9353] ? copy_init_mm+0x20/0x20 [ 172.810422][ T9353] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 172.815978][ T9353] ? wait_for_completion+0x440/0x440 [ 172.821278][ T9353] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 172.827527][ T9353] __x64_sys_clone+0x186/0x250 [ 172.832291][ T9353] ? ksys_write+0x1cf/0x290 [ 172.836789][ T9353] ? __ia32_sys_vfork+0xc0/0xc0 [ 172.841633][ T9353] ? lockdep_hardirqs_on+0x418/0x5d0 [ 172.846929][ T9353] ? trace_hardirqs_on+0x67/0x240 [ 172.851942][ T9353] do_syscall_64+0xfd/0x6a0 [ 172.856431][ T9353] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 172.862335][ T9353] RIP: 0033:0x4597c9 [ 172.866234][ T9353] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 172.885828][ T9353] RSP: 002b:00007f9300b6cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 22:27:02 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="c0dca5055e0bcfec7be070") clock_gettime(0x6, &(0x7f0000000000)) ppoll(&(0x7f0000000080)=[{r0, 0x18}, {r0, 0x24}, {r0}], 0x3, &(0x7f00000000c0)={0x0, 0x989680}, &(0x7f0000000100)={0x4}, 0x8) syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x7fffffff, 0x0) 22:27:02 executing program 0 (fault-call:0 fault-nth:6): clone(0x3ffd, 0x0, &(0x7f0000000400), 0x0, &(0x7f0000000300)="cf") 22:27:02 executing program 5: bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x61, 0x10, 0x2c}, [@ldst={0x6, 0x0, 0x6}]}, &(0x7f0000003ff6)='G\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x48) r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x12000, 0x0) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000200)={{{@in=@local, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@dev}, 0x0, @in=@local}}, &(0x7f0000000300)=0xe8) r2 = syz_open_dev$radio(&(0x7f0000000340)='/dev/radio#\x00', 0x2, 0x2) bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x0, 0x9, &(0x7f00000000c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x8}, [@jmp={0x5, 0x35, 0xf, 0x9, 0xb, 0xfffffffffffffffc, 0xffffffffffffffff}, @map={0x18, 0x0, 0x1, 0x0, r0}, @jmp={0x5, 0x100000000, 0x3, 0x0, 0x9, 0x80, 0x10}, @alu={0x7, 0x200, 0xd, 0x4, 0x2, 0xffffffffffffffff, 0xffffffffffffffff}, @jmp={0x5, 0x1f, 0x3, 0xf, 0xf, 0xfffffffffffffff4, 0x10}]}, &(0x7f0000000140)='syzkaller\x00', 0x1, 0x7f, &(0x7f0000000180)=""/127, 0x40f00, 0x2, [], r1, 0x1f, r2, 0x8, &(0x7f0000000380)={0x9, 0x5}, 0x8, 0x10, &(0x7f00000003c0)={0x5, 0x0, 0x1, 0x3}, 0x10}, 0x70) [ 172.894226][ T9353] RAX: ffffffffffffffda RBX: 00007f9300b6cc90 RCX: 00000000004597c9 [ 172.902197][ T9353] RDX: 0000000020000400 RSI: 0000000000000000 RDI: 0000000000003ffd [ 172.910593][ T9353] RBP: 000000000075bf20 R08: 0000000020000300 R09: 0000000000000000 [ 172.918547][ T9353] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f9300b6d6d4 [ 172.926525][ T9353] R13: 00000000004bfc7c R14: 00000000004d1718 R15: 0000000000000003 22:27:02 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/capi/capi20ncci\x00', 0x400000, 0x0) stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0}) stat(&(0x7f0000000280)='./file0\x00', &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000440)={0x0, 0x0}, &(0x7f0000000480)=0xc) mount$fuseblk(&(0x7f0000000000)='/dev/loop0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='fuseblk\x00', 0x1000, &(0x7f00000004c0)={{'fd', 0x3d, r0}, 0x2c, {'rootmode'}, 0x2c, {'user_id', 0x3d, r1}, 0x2c, {'group_id', 0x3d, r2}, 0x2c, {[{@default_permissions='default_permissions'}, {@blksize={'blksize', 0x3d, 0x600}}, {@blksize={'blksize', 0x3d, 0x200}}, {@blksize={'blksize'}}, {@allow_other='allow_other'}, {@max_read={'max_read', 0x3d, 0x2}}, {@max_read={'max_read'}}, {@allow_other='allow_other'}, {@default_permissions='default_permissions'}], [{@appraise_type='appraise_type=imasig'}, {@pcr={'pcr', 0x3d, 0xc}}, {@fowner_lt={'fowner<', r3}}, {@smackfsdef={'smackfsdef', 0x3d, '-'}}, {@subj_type={'subj_type'}}, {@fscontext={'fscontext', 0x3d, 'root'}}, {@subj_type={'subj_type', 0x3d, 'proc'}}, {@obj_role={'obj_role', 0x3d, '/dev/vbi#\x00'}}, {@dont_measure='dont_measure'}, {@appraise_type='appraise_type=imasig'}]}}) r4 = syz_open_dev$vbi(&(0x7f00000002c0)='/dev/vbi#\x00', 0x1, 0x2) ioctl$sock_inet_SIOCADDRT(r4, 0x890b, 0x0) r5 = memfd_create(&(0x7f0000000180)='(\x00', 0x7) getsockopt$IPT_SO_GET_REVISION_TARGET(r4, 0x0, 0x43, &(0x7f0000000140)={'ipvs\x00'}, &(0x7f0000000200)=0x1e) ioctl$sock_inet_SIOCGIFNETMASK(0xffffffffffffffff, 0x891b, &(0x7f0000000100)={'tunl0\x00', {0x2, 0x4e20, @loopback}}) ftruncate(r5, 0x1000000) sendfile(r4, r5, &(0x7f00000000c0)=0xf18003, 0xeefffdef) ioctl$sock_SIOCGIFCONF(r4, 0x8912, 0x0) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x73, &(0x7f00000006c0)={0x0, 0x2, 0x20, 0x0, 0x843e}, &(0x7f0000000700)=0x18) setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r0, 0x84, 0x19, &(0x7f0000000740)={r6, 0x4}, 0x8) getsockopt$inet_sctp6_SCTP_HMAC_IDENT(r4, 0x84, 0x16, 0x0, &(0x7f0000000300)) 22:27:02 executing program 2: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0xffffffffffffffff) mount(&(0x7f0000000000), &(0x7f0000000240)='./file0\x00', 0x0, 0x0, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x200c024, &(0x7f0000000140)={[{@data_err_ignore='data_err=ignore'}]}) 22:27:02 executing program 3: syz_emit_ethernet(0x66, &(0x7f0000000000)={@broadcast, @local={[], 0xffffffffffffffff}, [], {@ipv6={0x86dd, {0x0, 0x6, 'v`Q', 0x30, 0x0, 0x0, @remote={0xfe, 0x80, [0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7], 0xffffffffffffffff}, @mcast2={0xff, 0x2, [0x0, 0xfffffffffffff000]}, {[], @icmpv6=@dest_unreach={0xffffff86, 0x0, 0x0, 0x0, [0x14, 0x5], {0x0, 0x6, "c5961e", 0x0, 0x0, 0x0, @mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x3, 0x689, 0x0, 0x4]}, @mcast2}}}}}}}, 0x0) 22:27:02 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x6, 0x3, &(0x7f0000346fc8)=@framed, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 173.186565][ T9381] FAULT_INJECTION: forcing a failure. [ 173.186565][ T9381] name failslab, interval 1, probability 0, space 0, times 0 22:27:02 executing program 5: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cpx.stat\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f00000005c0)=ANY=[@ANYBLOB="f8"], 0x1) mmap(&(0x7f0000a00000/0x600000)=nil, 0x600000, 0x300000a, 0x2011, r0, 0x0) mmap(&(0x7f0000a0c000/0x2000)=nil, 0x2000, 0x0, 0x2012, r0, 0x0) execveat(r0, &(0x7f0000000000)='./file0\x00', &(0x7f00000002c0)=[&(0x7f0000000040)='$vmnet0eth0self\xd8\x00', &(0x7f0000000080)='cpx.stat\x00', &(0x7f00000000c0)='\x00', &(0x7f0000000100)='cpx.stat\x00', &(0x7f0000000140)='cpx.stat\x00', &(0x7f0000000180)='\x00', &(0x7f00000001c0)='cpx.stat\x00', &(0x7f0000000200)='cpx.stat\x00', &(0x7f0000000280)='+\x00'], &(0x7f00000004c0)=[&(0x7f0000000340)=',\x00', &(0x7f0000000380)='+\x00', &(0x7f00000003c0)='selfbdevsecurity-/%trustedppp1xGPL\x06\x00', &(0x7f0000000400)='security,{+6!GPL/,@+systemwlan1+vboxnet1$#{\x00', &(0x7f0000000440)='\x00', &(0x7f0000000480)='nodev\x00'], 0x400) ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611) [ 173.334565][ T9381] CPU: 1 PID: 9381 Comm: syz-executor.0 Not tainted 5.2.0-rc7-next-20190703 #28 [ 173.343635][ T9381] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 173.353700][ T9381] Call Trace: [ 173.357008][ T9381] dump_stack+0x172/0x1f0 [ 173.361374][ T9381] should_fail.cold+0xa/0x15 [ 173.366080][ T9381] ? fault_create_debugfs_attr+0x180/0x180 [ 173.371916][ T9381] ? ___might_sleep+0x163/0x280 [ 173.376800][ T9381] __should_failslab+0x121/0x190 [ 173.381753][ T9381] should_failslab+0x9/0x14 [ 173.386284][ T9381] __kmalloc+0x2e0/0x770 [ 173.390552][ T9381] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 173.396804][ T9381] ? audit_alloc+0xae/0x770 [ 173.401303][ T9381] ? security_task_alloc+0x111/0x180 [ 173.406579][ T9381] security_task_alloc+0x111/0x180 [ 173.411683][ T9381] copy_process+0x1bc3/0x6af0 [ 173.416351][ T9381] ? get_pid_task+0xc9/0x190 [ 173.420937][ T9381] ? __cleanup_sighand+0x60/0x60 [ 173.425856][ T9381] ? __f_unlock_pos+0x19/0x20 [ 173.430519][ T9381] ? lock_downgrade+0x920/0x920 [ 173.435349][ T9381] ? vfs_write+0x34c/0x5d0 [ 173.439747][ T9381] _do_fork+0x146/0xfa0 [ 173.443895][ T9381] ? copy_init_mm+0x20/0x20 [ 173.448391][ T9381] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 173.453920][ T9381] ? wait_for_completion+0x440/0x440 [ 173.459193][ T9381] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 173.465416][ T9381] __x64_sys_clone+0x186/0x250 [ 173.470161][ T9381] ? ksys_write+0x1cf/0x290 [ 173.474645][ T9381] ? __ia32_sys_vfork+0xc0/0xc0 [ 173.479485][ T9381] ? lockdep_hardirqs_on+0x418/0x5d0 [ 173.484759][ T9381] ? trace_hardirqs_on+0x67/0x240 [ 173.489774][ T9381] do_syscall_64+0xfd/0x6a0 [ 173.494274][ T9381] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 173.500147][ T9381] RIP: 0033:0x4597c9 [ 173.504027][ T9381] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 173.523610][ T9381] RSP: 002b:00007f9300b6cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 22:27:03 executing program 3 (fault-call:0 fault-nth:0): syz_emit_ethernet(0x66, &(0x7f0000000000)={@broadcast, @local={[], 0xffffffffffffffff}, [], {@ipv6={0x86dd, {0x0, 0x6, 'v`Q', 0x30, 0x2c, 0x0, @remote={0xfe, 0x80, [0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7], 0xffffffffffffffff}, @mcast2={0xff, 0x2, [0x0, 0xfffffffffffff000]}, {[], @icmpv6=@dest_unreach={0xffffff86, 0x0, 0x0, 0x0, [0x14, 0x5], {0x0, 0x6, "c5961e", 0x0, 0x0, 0x0, @mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x3, 0x689, 0x0, 0x4]}, @mcast2}}}}}}}, 0x0) [ 173.532002][ T9381] RAX: ffffffffffffffda RBX: 00007f9300b6cc90 RCX: 00000000004597c9 [ 173.539954][ T9381] RDX: 0000000020000400 RSI: 0000000000000000 RDI: 0000000000003ffd [ 173.547909][ T9381] RBP: 000000000075bf20 R08: 0000000020000300 R09: 0000000000000000 [ 173.555863][ T9381] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f9300b6d6d4 [ 173.563815][ T9381] R13: 00000000004bfc7c R14: 00000000004d1718 R15: 0000000000000003 22:27:03 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x6, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x0, 0x0, 0x6, 0x0, 0x1}]}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 22:27:03 executing program 5: r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0xd, 0x4, &(0x7f0000000000)=@framed={{}, [@call={0x161, 0x11, 0x78}]}, &(0x7f00000000c0)='GPL\x00', 0x4, 0x1000, &(0x7f0000000200)=""/4096, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) r1 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x400000, 0x30) r2 = syz_open_dev$admmidi(&(0x7f0000000080)='/dev/admmidi#\x00', 0x5, 0x400000) ioctl$sock_kcm_SIOCKCMATTACH(r1, 0x89e0, &(0x7f0000000100)={r2, r0}) [ 173.686604][ T9405] FAULT_INJECTION: forcing a failure. [ 173.686604][ T9405] name failslab, interval 1, probability 0, space 0, times 0 [ 173.699520][ T9405] CPU: 1 PID: 9405 Comm: syz-executor.3 Not tainted 5.2.0-rc7-next-20190703 #28 [ 173.710097][ T9405] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 173.720161][ T9405] Call Trace: [ 173.723476][ T9405] dump_stack+0x172/0x1f0 [ 173.727826][ T9405] should_fail.cold+0xa/0x15 [ 173.732438][ T9405] ? fault_create_debugfs_attr+0x180/0x180 [ 173.738273][ T9405] ? __mutex_lock+0x3da/0x1340 [ 173.743060][ T9405] __should_failslab+0x121/0x190 [ 173.748015][ T9405] should_failslab+0x9/0x14 [ 173.752536][ T9405] kmem_cache_alloc+0x47/0x710 [ 173.757320][ T9405] ? __lock_acquire+0x8a2/0x4c20 [ 173.762276][ T9405] ? __lock_acquire+0x8a2/0x4c20 [ 173.767240][ T9405] ? kasan_check_read+0x11/0x20 [ 173.772196][ T9405] ? mark_lock+0xc0/0x11e0 [ 173.776605][ T9405] ? kasan_check_read+0x11/0x20 [ 173.781455][ T9405] __build_skb+0x26/0x70 [ 173.785693][ T9405] __napi_alloc_skb+0x1d2/0x300 [ 173.790534][ T9405] napi_get_frags+0x65/0x140 [ 173.795127][ T9405] tun_get_user+0x16bd/0x3fa0 [ 173.799787][ T9405] ? kasan_check_read+0x11/0x20 [ 173.804648][ T9405] ? tun_device_event+0x10e0/0x10e0 [ 173.809838][ T9405] ? lock_downgrade+0x920/0x920 [ 173.814682][ T9405] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 173.820925][ T9405] ? kasan_check_read+0x11/0x20 [ 173.825766][ T9405] tun_chr_write_iter+0xbd/0x156 [ 173.830698][ T9405] do_iter_readv_writev+0x5f8/0x8f0 [ 173.835885][ T9405] ? no_seek_end_llseek_size+0x70/0x70 [ 173.841329][ T9405] ? apparmor_file_permission+0x25/0x30 [ 173.846864][ T9405] ? rw_verify_area+0x126/0x360 [ 173.851700][ T9405] do_iter_write+0x184/0x610 [ 173.856306][ T9405] ? dup_iter+0x250/0x250 [ 173.860627][ T9405] vfs_writev+0x1b3/0x2f0 [ 173.864939][ T9405] ? vfs_iter_write+0xb0/0xb0 [ 173.869865][ T9405] ? kasan_check_read+0x11/0x20 [ 173.874709][ T9405] ? ksys_dup3+0x3e0/0x3e0 [ 173.879133][ T9405] ? wait_for_completion+0x440/0x440 [ 173.884404][ T9405] ? __fget_light+0x1a9/0x230 [ 173.889066][ T9405] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 173.895288][ T9405] do_writev+0x15b/0x330 [ 173.899512][ T9405] ? vfs_writev+0x2f0/0x2f0 [ 173.904003][ T9405] ? do_syscall_64+0x26/0x6a0 [ 173.908663][ T9405] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 173.914710][ T9405] ? do_syscall_64+0x26/0x6a0 [ 173.919378][ T9405] __x64_sys_writev+0x75/0xb0 [ 173.924037][ T9405] do_syscall_64+0xfd/0x6a0 [ 173.928526][ T9405] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 173.934400][ T9405] RIP: 0033:0x459681 [ 173.938366][ T9405] Code: 75 14 b8 14 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 34 b9 fb ff c3 48 83 ec 08 e8 fa 2c 00 00 48 89 04 24 b8 14 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 43 2d 00 00 48 89 d0 48 83 c4 08 48 3d 01 [ 173.957953][ T9405] RSP: 002b:00007f6cf7c73ba0 EFLAGS: 00000293 ORIG_RAX: 0000000000000014 [ 173.966364][ T9405] RAX: ffffffffffffffda RBX: 0000000000000066 RCX: 0000000000459681 [ 173.974319][ T9405] RDX: 0000000000000001 RSI: 00007f6cf7c73c00 RDI: 00000000000000f0 22:27:03 executing program 2: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0xffffffffffffffff) mount(&(0x7f0000000000), &(0x7f0000000240)='./file0\x00', 0x0, 0x1000, 0x0) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x200c024, &(0x7f0000000140)={[{@data_err_ignore='data_err=ignore'}]}) 22:27:03 executing program 0 (fault-call:0 fault-nth:7): clone(0x3ffd, 0x0, &(0x7f0000000400), 0x0, &(0x7f0000000300)="cf") [ 173.982274][ T9405] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 173.990229][ T9405] R10: 0000000000000064 R11: 0000000000000293 R12: 00007f6cf7c746d4 [ 173.998182][ T9405] R13: 00000000004c8555 R14: 00000000004df080 R15: 0000000000000003 [ 174.082591][ T9416] FAULT_INJECTION: forcing a failure. [ 174.082591][ T9416] name failslab, interval 1, probability 0, space 0, times 0 [ 174.121822][ T9416] CPU: 1 PID: 9416 Comm: syz-executor.0 Not tainted 5.2.0-rc7-next-20190703 #28 [ 174.130898][ T9416] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 174.141050][ T9416] Call Trace: [ 174.144362][ T9416] dump_stack+0x172/0x1f0 [ 174.148724][ T9416] should_fail.cold+0xa/0x15 [ 174.153337][ T9416] ? fault_create_debugfs_attr+0x180/0x180 [ 174.159171][ T9416] ? ___might_sleep+0x163/0x280 [ 174.164023][ T9416] __should_failslab+0x121/0x190 [ 174.168949][ T9416] should_failslab+0x9/0x14 [ 174.173437][ T9416] kmem_cache_alloc+0x2aa/0x710 [ 174.178280][ T9416] copy_process+0x1f2d/0x6af0 [ 174.183032][ T9416] ? get_pid_task+0xc9/0x190 [ 174.187617][ T9416] ? __cleanup_sighand+0x60/0x60 [ 174.192538][ T9416] ? __f_unlock_pos+0x19/0x20 [ 174.197211][ T9416] ? lock_downgrade+0x920/0x920 [ 174.202054][ T9416] ? vfs_write+0x34c/0x5d0 [ 174.206457][ T9416] _do_fork+0x146/0xfa0 [ 174.210597][ T9416] ? copy_init_mm+0x20/0x20 [ 174.215084][ T9416] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 174.220615][ T9416] ? wait_for_completion+0x440/0x440 [ 174.225890][ T9416] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 174.232119][ T9416] __x64_sys_clone+0x186/0x250 [ 174.236875][ T9416] ? ksys_write+0x1cf/0x290 [ 174.241361][ T9416] ? __ia32_sys_vfork+0xc0/0xc0 [ 174.246213][ T9416] ? lockdep_hardirqs_on+0x418/0x5d0 [ 174.251486][ T9416] ? trace_hardirqs_on+0x67/0x240 [ 174.256499][ T9416] do_syscall_64+0xfd/0x6a0 [ 174.260991][ T9416] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 174.266865][ T9416] RIP: 0033:0x4597c9 [ 174.270745][ T9416] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 174.290331][ T9416] RSP: 002b:00007f9300b6cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 174.298733][ T9416] RAX: ffffffffffffffda RBX: 00007f9300b6cc90 RCX: 00000000004597c9 [ 174.306692][ T9416] RDX: 0000000020000400 RSI: 0000000000000000 RDI: 0000000000003ffd [ 174.314644][ T9416] RBP: 000000000075bf20 R08: 0000000020000300 R09: 0000000000000000 [ 174.322604][ T9416] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f9300b6d6d4 22:27:03 executing program 3 (fault-call:0 fault-nth:1): syz_emit_ethernet(0x66, &(0x7f0000000000)={@broadcast, @local={[], 0xffffffffffffffff}, [], {@ipv6={0x86dd, {0x0, 0x6, 'v`Q', 0x30, 0x2c, 0x0, @remote={0xfe, 0x80, [0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7], 0xffffffffffffffff}, @mcast2={0xff, 0x2, [0x0, 0xfffffffffffff000]}, {[], @icmpv6=@dest_unreach={0xffffff86, 0x0, 0x0, 0x0, [0x14, 0x5], {0x0, 0x6, "c5961e", 0x0, 0x0, 0x0, @mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x3, 0x689, 0x0, 0x4]}, @mcast2}}}}}}}, 0x0) [ 174.330572][ T9416] R13: 00000000004bfc7c R14: 00000000004d1718 R15: 0000000000000003 22:27:04 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x6, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x0, 0x0, 0x6, 0x0, 0x1}]}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 22:27:04 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/capi/capi20ncci\x00', 0x400000, 0x0) stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0}) stat(&(0x7f0000000280)='./file0\x00', &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000440)={0x0, 0x0}, &(0x7f0000000480)=0xc) mount$fuseblk(&(0x7f0000000000)='/dev/loop0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='fuseblk\x00', 0x1000, &(0x7f00000004c0)={{'fd', 0x3d, r0}, 0x2c, {'rootmode'}, 0x2c, {'user_id', 0x3d, r1}, 0x2c, {'group_id', 0x3d, r2}, 0x2c, {[{@default_permissions='default_permissions'}, {@blksize={'blksize', 0x3d, 0x600}}, {@blksize={'blksize', 0x3d, 0x200}}, {@blksize={'blksize'}}, {@allow_other='allow_other'}, {@max_read={'max_read', 0x3d, 0x2}}, {@max_read={'max_read'}}, {@allow_other='allow_other'}, {@default_permissions='default_permissions'}], [{@appraise_type='appraise_type=imasig'}, {@pcr={'pcr', 0x3d, 0xc}}, {@fowner_lt={'fowner<', r3}}, {@smackfsdef={'smackfsdef', 0x3d, '-'}}, {@subj_type={'subj_type'}}, {@fscontext={'fscontext', 0x3d, 'root'}}, {@subj_type={'subj_type', 0x3d, 'proc'}}, {@obj_role={'obj_role', 0x3d, '/dev/vbi#\x00'}}, {@dont_measure='dont_measure'}, {@appraise_type='appraise_type=imasig'}]}}) r4 = syz_open_dev$vbi(&(0x7f00000002c0)='/dev/vbi#\x00', 0x1, 0x2) ioctl$sock_inet_SIOCADDRT(r4, 0x890b, 0x0) r5 = memfd_create(&(0x7f0000000180)='(\x00', 0x7) getsockopt$IPT_SO_GET_REVISION_TARGET(r4, 0x0, 0x43, &(0x7f0000000140)={'ipvs\x00'}, &(0x7f0000000200)=0x1e) ioctl$sock_inet_SIOCGIFNETMASK(0xffffffffffffffff, 0x891b, &(0x7f0000000100)={'tunl0\x00', {0x2, 0x4e20, @loopback}}) ftruncate(r5, 0x1000000) sendfile(r4, r5, &(0x7f00000000c0)=0xf18003, 0xeefffdef) ioctl$sock_SIOCGIFCONF(r4, 0x8912, 0x0) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x73, &(0x7f00000006c0)={0x0, 0x2, 0x20, 0x0, 0x843e}, &(0x7f0000000700)=0x18) setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r0, 0x84, 0x19, &(0x7f0000000740)={r6, 0x4}, 0x8) getsockopt$inet_sctp6_SCTP_HMAC_IDENT(r4, 0x84, 0x16, 0x0, &(0x7f0000000300)) 22:27:04 executing program 2: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0xffffffffffffffff) mount(&(0x7f0000000000), &(0x7f0000000240)='./file0\x00', 0x0, 0x1000, 0x0) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x200c024, &(0x7f0000000140)={[{@data_err_ignore='data_err=ignore'}]}) 22:27:04 executing program 3: syz_emit_ethernet(0x66, &(0x7f0000000000)={@broadcast, @local={[], 0xffffffffffffffff}, [], {@ipv6={0x86dd, {0x0, 0x6, 'v`Q', 0x30, 0x2c, 0x0, @remote={0xfe, 0x80, [0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7], 0xffffffffffffffff}, @mcast2={0xff, 0x2, [0x0, 0xfffffffffffff000]}, {[], @icmpv6=@dest_unreach={0xffffff86, 0x0, 0x0, 0x0, [0x14, 0x5], {0x0, 0x6, "c5961e", 0x0, 0x0, 0x0, @mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x3, 0x689, 0x0, 0x4]}, @mcast2}}}}}}}, 0x0) 22:27:04 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x6, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x0, 0x0, 0x6, 0x0, 0x1}]}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 22:27:04 executing program 0 (fault-call:0 fault-nth:8): clone(0x3ffd, 0x0, &(0x7f0000000400), 0x0, &(0x7f0000000300)="cf") 22:27:04 executing program 3: syz_emit_ethernet(0xd, &(0x7f0000000000)={@broadcast, @local={[], 0xffffffffffffffff}, [], {@ipv6={0x86dd, {0x0, 0x6, 'v`Q', 0x30, 0x2c, 0x0, @remote={0xfe, 0x80, [0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7], 0xffffffffffffffff}, @mcast2={0xff, 0x2, [0x0, 0xfffffffffffff000]}, {[], @icmpv6=@dest_unreach={0xffffff86, 0x0, 0x0, 0x0, [0x14, 0x5], {0x0, 0x6, "c5961e", 0x0, 0x0, 0x0, @mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x3, 0x689, 0x0, 0x4]}, @mcast2}}}}}}}, 0x0) 22:27:04 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x6, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x0, 0x0, 0x1}]}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 174.764232][ T9448] FAULT_INJECTION: forcing a failure. [ 174.764232][ T9448] name failslab, interval 1, probability 0, space 0, times 0 [ 174.816953][ T9448] CPU: 1 PID: 9448 Comm: syz-executor.0 Not tainted 5.2.0-rc7-next-20190703 #28 [ 174.826022][ T9448] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 174.836089][ T9448] Call Trace: [ 174.839413][ T9448] dump_stack+0x172/0x1f0 [ 174.843794][ T9448] should_fail.cold+0xa/0x15 [ 174.848407][ T9448] ? fault_create_debugfs_attr+0x180/0x180 [ 174.854232][ T9448] ? ___might_sleep+0x163/0x280 [ 174.859099][ T9448] __should_failslab+0x121/0x190 [ 174.864050][ T9448] should_failslab+0x9/0x14 [ 174.868566][ T9448] kmem_cache_alloc+0x2aa/0x710 [ 174.873437][ T9448] ? copy_thread_tls+0x746/0xbc0 [ 174.878385][ T9448] ? lockdep_hardirqs_on+0x418/0x5d0 [ 174.883772][ T9448] alloc_pid+0x55/0x910 [ 174.887949][ T9448] ? copy_thread_tls+0x63e/0xbc0 [ 174.893082][ T9448] copy_process+0x2af2/0x6af0 [ 174.897771][ T9448] ? get_pid_task+0xc9/0x190 [ 174.902378][ T9448] ? __cleanup_sighand+0x60/0x60 [ 174.907312][ T9448] ? __f_unlock_pos+0x19/0x20 [ 174.911998][ T9448] ? lock_downgrade+0x920/0x920 [ 174.916852][ T9448] ? vfs_write+0x34c/0x5d0 [ 174.921270][ T9448] _do_fork+0x146/0xfa0 [ 174.925422][ T9448] ? copy_init_mm+0x20/0x20 [ 174.929920][ T9448] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 174.929938][ T9448] ? wait_for_completion+0x440/0x440 [ 174.929958][ T9448] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 174.929976][ T9448] __x64_sys_clone+0x186/0x250 [ 174.929990][ T9448] ? ksys_write+0x1cf/0x290 [ 174.930005][ T9448] ? __ia32_sys_vfork+0xc0/0xc0 [ 174.930026][ T9448] ? lockdep_hardirqs_on+0x418/0x5d0 [ 174.930045][ T9448] ? trace_hardirqs_on+0x67/0x240 [ 174.947069][ T9448] do_syscall_64+0xfd/0x6a0 [ 174.947091][ T9448] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 174.947103][ T9448] RIP: 0033:0x4597c9 [ 174.947118][ T9448] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 174.947126][ T9448] RSP: 002b:00007f9300b6cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 22:27:04 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/capi/capi20ncci\x00', 0x400000, 0x0) stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0}) stat(&(0x7f0000000280)='./file0\x00', &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000440)={0x0, 0x0}, &(0x7f0000000480)=0xc) mount$fuseblk(&(0x7f0000000000)='/dev/loop0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='fuseblk\x00', 0x1000, &(0x7f00000004c0)={{'fd', 0x3d, r0}, 0x2c, {'rootmode'}, 0x2c, {'user_id', 0x3d, r1}, 0x2c, {'group_id', 0x3d, r2}, 0x2c, {[{@default_permissions='default_permissions'}, {@blksize={'blksize', 0x3d, 0x600}}, {@blksize={'blksize', 0x3d, 0x200}}, {@blksize={'blksize'}}, {@allow_other='allow_other'}, {@max_read={'max_read', 0x3d, 0x2}}, {@max_read={'max_read'}}, {@allow_other='allow_other'}, {@default_permissions='default_permissions'}], [{@appraise_type='appraise_type=imasig'}, {@pcr={'pcr', 0x3d, 0xc}}, {@fowner_lt={'fowner<', r3}}, {@smackfsdef={'smackfsdef', 0x3d, '-'}}, {@subj_type={'subj_type'}}, {@fscontext={'fscontext', 0x3d, 'root'}}, {@subj_type={'subj_type', 0x3d, 'proc'}}, {@obj_role={'obj_role', 0x3d, '/dev/vbi#\x00'}}, {@dont_measure='dont_measure'}, {@appraise_type='appraise_type=imasig'}]}}) r4 = syz_open_dev$vbi(&(0x7f00000002c0)='/dev/vbi#\x00', 0x1, 0x2) ioctl$sock_inet_SIOCADDRT(r4, 0x890b, 0x0) r5 = memfd_create(&(0x7f0000000180)='(\x00', 0x7) getsockopt$IPT_SO_GET_REVISION_TARGET(r4, 0x0, 0x43, &(0x7f0000000140)={'ipvs\x00'}, &(0x7f0000000200)=0x1e) ioctl$sock_inet_SIOCGIFNETMASK(0xffffffffffffffff, 0x891b, &(0x7f0000000100)={'tunl0\x00', {0x2, 0x4e20, @loopback}}) ftruncate(r5, 0x1000000) sendfile(r4, r5, &(0x7f00000000c0)=0xf18003, 0xeefffdef) ioctl$sock_SIOCGIFCONF(r4, 0x8912, 0x0) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x73, &(0x7f00000006c0)={0x0, 0x2, 0x20, 0x0, 0x843e}, &(0x7f0000000700)=0x18) setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r0, 0x84, 0x19, &(0x7f0000000740)={r6, 0x4}, 0x8) getsockopt$inet_sctp6_SCTP_HMAC_IDENT(r4, 0x84, 0x16, 0x0, &(0x7f0000000300)) 22:27:04 executing program 2: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0xffffffffffffffff) mount(&(0x7f0000000000), &(0x7f0000000240)='./file0\x00', 0x0, 0x1000, 0x0) syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x200c024, &(0x7f0000000140)={[{@data_err_ignore='data_err=ignore'}]}) 22:27:04 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x6, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x0, 0x0, 0x1}]}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 22:27:04 executing program 3: syz_emit_ethernet(0x3e, &(0x7f0000000000)={@broadcast, @local={[], 0xffffffffffffffff}, [], {@ipv6={0x86dd, {0x0, 0x6, 'v`Q', 0x30, 0x2c, 0x0, @remote={0xfe, 0x80, [0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7], 0xffffffffffffffff}, @mcast2={0xff, 0x2, [0x0, 0xfffffffffffff000]}, {[], @icmpv6=@dest_unreach={0xffffff86, 0x0, 0x0, 0x0, [0x14, 0x5], {0x0, 0x6, "c5961e", 0x0, 0x0, 0x0, @mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x3, 0x689, 0x0, 0x4]}, @mcast2}}}}}}}, 0x0) [ 174.947139][ T9448] RAX: ffffffffffffffda RBX: 00007f9300b6cc90 RCX: 00000000004597c9 [ 174.947148][ T9448] RDX: 0000000020000400 RSI: 0000000000000000 RDI: 0000000000003ffd [ 174.947156][ T9448] RBP: 000000000075bf20 R08: 0000000020000300 R09: 0000000000000000 [ 174.947169][ T9448] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f9300b6d6d4 [ 175.045630][ T9448] R13: 00000000004bfc7c R14: 00000000004d1718 R15: 0000000000000003 22:27:04 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x6, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x0, 0x0, 0x1}]}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 22:27:05 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/capi/capi20ncci\x00', 0x400000, 0x0) stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0}) stat(&(0x7f0000000280)='./file0\x00', &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000440)={0x0, 0x0}, &(0x7f0000000480)=0xc) mount$fuseblk(&(0x7f0000000000)='/dev/loop0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='fuseblk\x00', 0x1000, &(0x7f00000004c0)={{'fd', 0x3d, r0}, 0x2c, {'rootmode'}, 0x2c, {'user_id', 0x3d, r1}, 0x2c, {'group_id', 0x3d, r2}, 0x2c, {[{@default_permissions='default_permissions'}, {@blksize={'blksize', 0x3d, 0x600}}, {@blksize={'blksize', 0x3d, 0x200}}, {@blksize={'blksize'}}, {@allow_other='allow_other'}, {@max_read={'max_read', 0x3d, 0x2}}, {@max_read={'max_read'}}, {@allow_other='allow_other'}, {@default_permissions='default_permissions'}], [{@appraise_type='appraise_type=imasig'}, {@pcr={'pcr', 0x3d, 0xc}}, {@fowner_lt={'fowner<', r3}}, {@smackfsdef={'smackfsdef', 0x3d, '-'}}, {@subj_type={'subj_type'}}, {@fscontext={'fscontext', 0x3d, 'root'}}, {@subj_type={'subj_type', 0x3d, 'proc'}}, {@obj_role={'obj_role', 0x3d, '/dev/vbi#\x00'}}, {@dont_measure='dont_measure'}, {@appraise_type='appraise_type=imasig'}]}}) r4 = syz_open_dev$vbi(&(0x7f00000002c0)='/dev/vbi#\x00', 0x1, 0x2) ioctl$sock_inet_SIOCADDRT(r4, 0x890b, 0x0) r5 = memfd_create(&(0x7f0000000180)='(\x00', 0x7) getsockopt$IPT_SO_GET_REVISION_TARGET(r4, 0x0, 0x43, &(0x7f0000000140)={'ipvs\x00'}, &(0x7f0000000200)=0x1e) ioctl$sock_inet_SIOCGIFNETMASK(0xffffffffffffffff, 0x891b, &(0x7f0000000100)={'tunl0\x00', {0x2, 0x4e20, @loopback}}) ftruncate(r5, 0x1000000) sendfile(r4, r5, &(0x7f00000000c0)=0xf18003, 0xeefffdef) ioctl$sock_SIOCGIFCONF(r4, 0x8912, 0x0) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x73, &(0x7f00000006c0)={0x0, 0x2, 0x20, 0x0, 0x843e}, &(0x7f0000000700)=0x18) setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r0, 0x84, 0x19, &(0x7f0000000740)={r6, 0x4}, 0x8) getsockopt$inet_sctp6_SCTP_HMAC_IDENT(r4, 0x84, 0x16, 0x0, &(0x7f0000000300)) 22:27:05 executing program 0 (fault-call:0 fault-nth:9): clone(0x3ffd, 0x0, &(0x7f0000000400), 0x0, &(0x7f0000000300)="cf") 22:27:05 executing program 2: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0xffffffffffffffff) mount(&(0x7f0000000000), &(0x7f0000000240)='./file0\x00', 0x0, 0x1000, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)={[{@data_err_ignore='data_err=ignore'}]}) 22:27:05 executing program 3: syz_emit_ethernet(0x140, &(0x7f0000000000)={@broadcast, @local={[], 0xffffffffffffffff}, [], {@ipv6={0x86dd, {0x0, 0x6, 'v`Q', 0x30, 0x2c, 0x0, @remote={0xfe, 0x80, [0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7], 0xffffffffffffffff}, @mcast2={0xff, 0x2, [0x0, 0xfffffffffffff000]}, {[], @icmpv6=@dest_unreach={0xffffff86, 0x0, 0x0, 0x0, [0x14, 0x5], {0x0, 0x6, "c5961e", 0x0, 0x0, 0x0, @mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x3, 0x689, 0x0, 0x4]}, @mcast2}}}}}}}, 0x0) 22:27:05 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x6, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6}]}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 175.447947][ T9479] FAULT_INJECTION: forcing a failure. [ 175.447947][ T9479] name failslab, interval 1, probability 0, space 0, times 0 [ 175.468181][ T9479] CPU: 0 PID: 9479 Comm: syz-executor.0 Not tainted 5.2.0-rc7-next-20190703 #28 [ 175.477256][ T9479] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 175.487323][ T9479] Call Trace: [ 175.490639][ T9479] dump_stack+0x172/0x1f0 [ 175.494989][ T9479] should_fail.cold+0xa/0x15 [ 175.499602][ T9479] ? fault_create_debugfs_attr+0x180/0x180 [ 175.505435][ T9479] ? ___might_sleep+0x163/0x280 [ 175.510309][ T9479] __should_failslab+0x121/0x190 [ 175.515257][ T9479] should_failslab+0x9/0x14 [ 175.519778][ T9479] kmem_cache_alloc+0x2aa/0x710 [ 175.519794][ T9479] ? rwlock_bug.part.0+0x90/0x90 [ 175.519811][ T9479] ? lock_downgrade+0x920/0x920 [ 175.519828][ T9479] __alloc_file+0x27/0x300 [ 175.519846][ T9479] alloc_empty_file+0x72/0x170 [ 175.544115][ T9479] alloc_file+0x5e/0x4d0 [ 175.548383][ T9479] alloc_file_pseudo+0x189/0x280 [ 175.553346][ T9479] ? alloc_file+0x4d0/0x4d0 [ 175.557878][ T9479] ? _raw_spin_unlock+0x2d/0x50 [ 175.562746][ T9479] anon_inode_getfile+0xda/0x200 [ 175.567698][ T9479] copy_process+0x5e20/0x6af0 [ 175.572394][ T9479] ? get_pid_task+0xc9/0x190 [ 175.577003][ T9479] ? __cleanup_sighand+0x60/0x60 [ 175.581957][ T9479] ? __f_unlock_pos+0x19/0x20 [ 175.586654][ T9479] ? lock_downgrade+0x920/0x920 [ 175.591516][ T9479] ? vfs_write+0x34c/0x5d0 [ 175.595947][ T9479] _do_fork+0x146/0xfa0 [ 175.600127][ T9479] ? copy_init_mm+0x20/0x20 [ 175.604643][ T9479] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 175.610299][ T9479] ? wait_for_completion+0x440/0x440 [ 175.615608][ T9479] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 175.621867][ T9479] __x64_sys_clone+0x186/0x250 [ 175.626645][ T9479] ? ksys_write+0x1cf/0x290 [ 175.631156][ T9479] ? __ia32_sys_vfork+0xc0/0xc0 [ 175.636032][ T9479] ? lockdep_hardirqs_on+0x418/0x5d0 [ 175.641334][ T9479] ? trace_hardirqs_on+0x67/0x240 22:27:05 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x6, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6}]}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 22:27:05 executing program 3: syz_emit_ethernet(0xfdef, &(0x7f0000000000)={@broadcast, @local={[], 0xffffffffffffffff}, [], {@ipv6={0x86dd, {0x0, 0x6, 'v`Q', 0x30, 0x2c, 0x0, @remote={0xfe, 0x80, [0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7], 0xffffffffffffffff}, @mcast2={0xff, 0x2, [0x0, 0xfffffffffffff000]}, {[], @icmpv6=@dest_unreach={0xffffff86, 0x0, 0x0, 0x0, [0x14, 0x5], {0x0, 0x6, "c5961e", 0x0, 0x0, 0x0, @mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x3, 0x689, 0x0, 0x4]}, @mcast2}}}}}}}, 0x0) [ 175.646377][ T9479] do_syscall_64+0xfd/0x6a0 [ 175.650900][ T9479] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 175.656806][ T9479] RIP: 0033:0x4597c9 [ 175.660709][ T9479] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 175.680328][ T9479] RSP: 002b:00007f9300b6cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 175.688758][ T9479] RAX: ffffffffffffffda RBX: 00007f9300b6cc90 RCX: 00000000004597c9 [ 175.696745][ T9479] RDX: 0000000020000400 RSI: 0000000000000000 RDI: 0000000000003ffd [ 175.704719][ T9479] RBP: 000000000075bf20 R08: 0000000020000300 R09: 0000000000000000 [ 175.713945][ T9479] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f9300b6d6d4 [ 175.713954][ T9479] R13: 00000000004bfc7c R14: 00000000004d1718 R15: 0000000000000003 [ 175.740046][ T9479] kasan: CONFIG_KASAN_INLINE enabled [ 175.745653][ T9479] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 175.753976][ T9479] general protection fault: 0000 [#1] PREEMPT SMP KASAN [ 175.761030][ T9479] CPU: 0 PID: 9479 Comm: syz-executor.0 Not tainted 5.2.0-rc7-next-20190703 #28 [ 175.770051][ T9479] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 175.780122][ T9479] RIP: 0010:get_task_pid+0xa7/0x2e0 [ 175.785315][ T9479] Code: e8 de 18 26 00 85 db 0f 85 fa 00 00 00 e8 51 17 26 00 49 8d bd 40 05 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 0a 02 00 00 4d 8b a5 40 05 00 00 e8 23 17 26 00 [ 175.804901][ T9479] RSP: 0018:ffff8880664dfcf8 EFLAGS: 00010203 [ 175.810951][ T9479] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffc90005de9000 [ 175.818909][ T9479] RDX: 00000000000000a8 RSI: ffffffff814c3c5f RDI: 0000000000000544 [ 175.826860][ T9479] RBP: ffff8880664dfd10 R08: ffff8880999ae1c0 R09: ffffed1015d06c84 [ 175.834811][ T9479] R10: ffffed1015d06c83 R11: ffff8880ae83641b R12: 0000000000000001 [ 175.843129][ T9479] R13: 0000000000000004 R14: 0000000000000000 R15: 0000000000000000 [ 175.851104][ T9479] FS: 00007f9300b6d700(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000 [ 175.860017][ T9479] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 175.866601][ T9479] CR2: 0000000000738000 CR3: 00000000984ff000 CR4: 00000000001506f0 [ 175.874564][ T9479] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 175.882514][ T9479] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600 [ 175.890473][ T9479] Call Trace: [ 175.893747][ T9479] _do_fork+0x1f7/0xfa0 [ 175.897891][ T9479] ? copy_init_mm+0x20/0x20 [ 175.902371][ T9479] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 175.907903][ T9479] ? wait_for_completion+0x440/0x440 [ 175.913197][ T9479] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 175.919509][ T9479] __x64_sys_clone+0x186/0x250 [ 175.924252][ T9479] ? ksys_write+0x1cf/0x290 [ 175.928732][ T9479] ? __ia32_sys_vfork+0xc0/0xc0 [ 175.933586][ T9479] ? lockdep_hardirqs_on+0x418/0x5d0 [ 175.938854][ T9479] ? trace_hardirqs_on+0x67/0x240 [ 175.943864][ T9479] do_syscall_64+0xfd/0x6a0 [ 175.948374][ T9479] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 175.954270][ T9479] RIP: 0033:0x4597c9 [ 175.958145][ T9479] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 175.977850][ T9479] RSP: 002b:00007f9300b6cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 175.987571][ T9479] RAX: ffffffffffffffda RBX: 00007f9300b6cc90 RCX: 00000000004597c9 [ 175.995525][ T9479] RDX: 0000000020000400 RSI: 0000000000000000 RDI: 0000000000003ffd [ 176.003475][ T9479] RBP: 000000000075bf20 R08: 0000000020000300 R09: 0000000000000000 [ 176.011542][ T9479] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f9300b6d6d4 [ 176.019692][ T9479] R13: 00000000004bfc7c R14: 00000000004d1718 R15: 0000000000000003 [ 176.027666][ T9479] Modules linked in: [ 176.032944][ T9481] kobject: 'loop2' (00000000be500fac): kobject_uevent_env [ 176.040753][ T9481] kobject: 'loop2' (00000000be500fac): fill_kobj_path: path = '/devices/virtual/block/loop2' [ 176.050983][ T9479] ---[ end trace 8bfa112bec01689b ]--- [ 176.056459][ T9479] RIP: 0010:get_task_pid+0xa7/0x2e0 [ 176.061795][ T9479] Code: e8 de 18 26 00 85 db 0f 85 fa 00 00 00 e8 51 17 26 00 49 8d bd 40 05 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 0a 02 00 00 4d 8b a5 40 05 00 00 e8 23 17 26 00 [ 176.081589][ T9479] RSP: 0018:ffff8880664dfcf8 EFLAGS: 00010203 [ 176.087743][ T9479] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffc90005de9000 22:27:05 executing program 5: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/capi/capi20ncci\x00', 0x400000, 0x0) stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0}) stat(&(0x7f0000000280)='./file0\x00', &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000440)={0x0, 0x0}, &(0x7f0000000480)=0xc) mount$fuseblk(&(0x7f0000000000)='/dev/loop0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='fuseblk\x00', 0x1000, &(0x7f00000004c0)={{'fd', 0x3d, r0}, 0x2c, {'rootmode'}, 0x2c, {'user_id', 0x3d, r1}, 0x2c, {'group_id', 0x3d, r2}, 0x2c, {[{@default_permissions='default_permissions'}, {@blksize={'blksize', 0x3d, 0x600}}, {@blksize={'blksize', 0x3d, 0x200}}, {@blksize={'blksize'}}, {@allow_other='allow_other'}, {@max_read={'max_read', 0x3d, 0x2}}, {@max_read={'max_read'}}, {@allow_other='allow_other'}, {@default_permissions='default_permissions'}], [{@appraise_type='appraise_type=imasig'}, {@pcr={'pcr', 0x3d, 0xc}}, {@fowner_lt={'fowner<', r3}}, {@smackfsdef={'smackfsdef', 0x3d, '-'}}, {@subj_type={'subj_type'}}, {@fscontext={'fscontext', 0x3d, 'root'}}, {@subj_type={'subj_type', 0x3d, 'proc'}}, {@obj_role={'obj_role', 0x3d, '/dev/vbi#\x00'}}, {@dont_measure='dont_measure'}, {@appraise_type='appraise_type=imasig'}]}}) r4 = syz_open_dev$vbi(&(0x7f00000002c0)='/dev/vbi#\x00', 0x1, 0x2) ioctl$sock_inet_SIOCADDRT(r4, 0x890b, 0x0) r5 = memfd_create(&(0x7f0000000180)='(\x00', 0x7) getsockopt$IPT_SO_GET_REVISION_TARGET(r4, 0x0, 0x43, &(0x7f0000000140)={'ipvs\x00'}, &(0x7f0000000200)=0x1e) ioctl$sock_inet_SIOCGIFNETMASK(0xffffffffffffffff, 0x891b, &(0x7f0000000100)={'tunl0\x00', {0x2, 0x4e20, @loopback}}) ftruncate(r5, 0x1000000) sendfile(r4, r5, &(0x7f00000000c0)=0xf18003, 0xeefffdef) ioctl$sock_SIOCGIFCONF(r4, 0x8912, 0x0) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x73, &(0x7f00000006c0)={0x0, 0x2, 0x20, 0x0, 0x843e}, &(0x7f0000000700)=0x18) setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r0, 0x84, 0x19, &(0x7f0000000740)={r6, 0x4}, 0x8) getsockopt$inet_sctp6_SCTP_HMAC_IDENT(r4, 0x84, 0x16, 0x0, &(0x7f0000000300)) 22:27:05 executing program 3: syz_emit_ethernet(0x20000066, &(0x7f0000000000)={@broadcast, @local={[], 0xffffffffffffffff}, [], {@ipv6={0x86dd, {0x0, 0x6, 'v`Q', 0x30, 0x2c, 0x0, @remote={0xfe, 0x80, [0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7], 0xffffffffffffffff}, @mcast2={0xff, 0x2, [0x0, 0xfffffffffffff000]}, {[], @icmpv6=@dest_unreach={0xffffff86, 0x0, 0x0, 0x0, [0x14, 0x5], {0x0, 0x6, "c5961e", 0x0, 0x0, 0x0, @mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x3, 0x689, 0x0, 0x4]}, @mcast2}}}}}}}, 0x0) 22:27:05 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x6, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6}]}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) 22:27:05 executing program 2: mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0xffffffffffffffff) mount(&(0x7f0000000000), &(0x7f0000000240)='./file0\x00', 0x0, 0x1000, 0x0) syz_mount_image$ext4(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)={[{@data_err_ignore='data_err=ignore'}]}) [ 176.092897][ T3878] kobject: 'loop4' (00000000245b62e0): kobject_uevent_env [ 176.095766][ T9479] RDX: 00000000000000a8 RSI: ffffffff814c3c5f RDI: 0000000000000544 [ 176.111743][ T9479] RBP: ffff8880664dfd10 R08: ffff8880999ae1c0 R09: ffffed1015d06c84 22:27:05 executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x6, 0x4, &(0x7f0000346fc8)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x0, 0x1}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70) [ 176.147993][ T3878] kobject: 'loop4' (00000000245b62e0): fill_kobj_path: path = '/devices/virtual/block/loop4' [ 176.170340][ T9479] R10: ffffed1015d06c83 R11: ffff8880ae83641b R12: 0000000000000001 [ 176.184007][ T3878] kobject: 'loop5' (00000000fd1e9c03): kobject_uevent_env [ 176.186736][ T9479] R13: 0000000000000004 R14: 0000000000000000 R15: 0000000000000000 [ 176.205775][ T3878] kobject: 'loop5' (00000000fd1e9c03): fill_kobj_path: path = '/devices/virtual/block/loop5' [ 176.214442][ T9479] FS: 00007f9300b6d700(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000 [ 176.234922][ T3878] kobject: 'loop3' (00000000b99a49aa): kobject_uevent_env [ 176.241767][ T9479] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 22:27:05 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/capi/capi20ncci\x00', 0x400000, 0x0) stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0}) stat(&(0x7f0000000280)='./file0\x00', &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000440)={0x0, 0x0}, &(0x7f0000000480)=0xc) mount$fuseblk(&(0x7f0000000000)='/dev/loop0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='fuseblk\x00', 0x1000, &(0x7f00000004c0)={{'fd', 0x3d, r0}, 0x2c, {'rootmode'}, 0x2c, {'user_id', 0x3d, r1}, 0x2c, {'group_id', 0x3d, r2}, 0x2c, {[{@default_permissions='default_permissions'}, {@blksize={'blksize', 0x3d, 0x600}}, {@blksize={'blksize', 0x3d, 0x200}}, {@blksize={'blksize'}}, {@allow_other='allow_other'}, {@max_read={'max_read', 0x3d, 0x2}}, {@max_read={'max_read'}}, {@allow_other='allow_other'}, {@default_permissions='default_permissions'}], [{@appraise_type='appraise_type=imasig'}, {@pcr={'pcr', 0x3d, 0xc}}, {@fowner_lt={'fowner<', r3}}, {@smackfsdef={'smackfsdef', 0x3d, '-'}}, {@subj_type={'subj_type'}}, {@fscontext={'fscontext', 0x3d, 'root'}}, {@subj_type={'subj_type', 0x3d, 'proc'}}, {@obj_role={'obj_role', 0x3d, '/dev/vbi#\x00'}}, {@dont_measure='dont_measure'}, {@appraise_type='appraise_type=imasig'}]}}) r4 = syz_open_dev$vbi(&(0x7f00000002c0)='/dev/vbi#\x00', 0x1, 0x2) ioctl$sock_inet_SIOCADDRT(r4, 0x890b, 0x0) r5 = memfd_create(&(0x7f0000000180)='(\x00', 0x7) getsockopt$IPT_SO_GET_REVISION_TARGET(r4, 0x0, 0x43, &(0x7f0000000140)={'ipvs\x00'}, &(0x7f0000000200)=0x1e) ioctl$sock_inet_SIOCGIFNETMASK(0xffffffffffffffff, 0x891b, &(0x7f0000000100)={'tunl0\x00', {0x2, 0x4e20, @loopback}}) ftruncate(r5, 0x1000000) sendfile(r4, r5, &(0x7f00000000c0)=0xf18003, 0xeefffdef) ioctl$sock_SIOCGIFCONF(r4, 0x8912, 0x0) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x73, &(0x7f00000006c0)={0x0, 0x2, 0x20, 0x0, 0x843e}, &(0x7f0000000700)=0x18) setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r0, 0x84, 0x19, &(0x7f0000000740)={r6, 0x4}, 0x8) getsockopt$inet_sctp6_SCTP_HMAC_IDENT(r4, 0x84, 0x16, 0x0, &(0x7f0000000300)) [ 176.251448][ T3878] kobject: 'loop3' (00000000b99a49aa): fill_kobj_path: path = '/devices/virtual/block/loop3' [ 176.256995][ T9479] CR2: 0000000000738000 CR3: 00000000984ff000 CR4: 00000000001506f0 [ 176.270452][ T9479] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 176.278556][ T9479] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600 [ 176.288919][ T9479] Kernel panic - not syncing: Fatal exception [ 176.296048][ T9479] Kernel Offset: disabled [ 176.300569][ T9479] Rebooting in 86400 seconds..