fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x6b880100, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) [ 540.803551] should_failslab+0x9/0x14 [ 540.807364] __kmalloc_track_caller+0x2c4/0x760 [ 540.812038] ? save_stack+0xa9/0xd0 [ 540.815669] ? save_stack+0x43/0xd0 [ 540.819303] ? kasan_kmalloc+0xc4/0xe0 [ 540.823198] ? kmem_cache_alloc_trace+0x152/0x780 [ 540.828044] ? v9fs_session_init+0x501/0x1a80 [ 540.832546] kstrdup+0x39/0x70 [ 540.835746] v9fs_session_init+0x501/0x1a80 [ 540.840071] ? rcu_note_context_switch+0x730/0x730 [ 540.845007] ? do_mount+0x69e/0x1fb0 [ 540.848759] ? lock_acquire+0x1e4/0x540 [ 540.852745] ? v9fs_show_options+0x7e0/0x7e0 03:33:27 executing program 2: r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x1, 0x104) perf_event_open(&(0x7f0000000100)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$SG_NEXT_CMD_LEN(r0, 0x2287, &(0x7f0000000000)) 03:33:27 executing program 4: setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(0xffffffffffffffff, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001}, 0x10) [ 540.857193] ? lock_release+0xa30/0xa30 [ 540.861177] ? check_same_owner+0x340/0x340 [ 540.865508] ? lock_downgrade+0x8f0/0x8f0 [ 540.869668] ? kasan_unpoison_shadow+0x35/0x50 [ 540.874258] ? kasan_kmalloc+0xc4/0xe0 [ 540.878155] ? kmem_cache_alloc_trace+0x318/0x780 [ 540.883006] ? kasan_unpoison_shadow+0x35/0x50 [ 540.887598] ? kasan_kmalloc+0xc4/0xe0 [ 540.891496] v9fs_mount+0x7c/0x900 [ 540.895044] ? v9fs_drop_inode+0x150/0x150 [ 540.899284] legacy_get_tree+0x118/0x440 [ 540.903389] vfs_get_tree+0x1cb/0x5c0 [ 540.907196] do_mount+0x6c1/0x1fb0 [ 540.910740] ? check_same_owner+0x340/0x340 [ 540.915059] ? lock_release+0xa30/0xa30 [ 540.919028] ? copy_mount_string+0x40/0x40 [ 540.923251] ? retint_kernel+0x10/0x10 [ 540.927130] ? copy_mount_options+0x1f0/0x380 [ 540.931612] ? copy_mount_options+0x1f6/0x380 [ 540.936094] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 540.941614] ? copy_mount_options+0x285/0x380 [ 540.946094] ksys_mount+0x12d/0x140 [ 540.949707] __x64_sys_mount+0xbe/0x150 [ 540.953664] do_syscall_64+0x1b9/0x820 [ 540.957534] ? syscall_slow_exit_work+0x500/0x500 [ 540.962359] ? syscall_return_slowpath+0x5e0/0x5e0 [ 540.967284] ? syscall_return_slowpath+0x31d/0x5e0 [ 540.972200] ? prepare_exit_to_usermode+0x291/0x3b0 [ 540.977204] ? perf_trace_sys_enter+0xb10/0xb10 [ 540.981858] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 540.986687] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 540.991864] RIP: 0033:0x455ab9 [ 540.995032] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 541.014201] RSP: 002b:00007ff52b1d3c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 541.021893] RAX: ffffffffffffffda RBX: 00007ff52b1d46d4 RCX: 0000000000455ab9 [ 541.029145] RDX: 0000000020000900 RSI: 0000000020000000 RDI: 0000000000000000 [ 541.036397] RBP: 000000000072bea0 R08: 0000000020000140 R09: 0000000000000000 [ 541.043649] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 541.050899] R13: 00000000004c0201 R14: 00000000004cfe50 R15: 000000000000001c 03:33:27 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x8035], 0x1}}, 0x1c) 03:33:27 executing program 7: r0 = socket$kcm(0xa, 0x2, 0x11) setsockopt$sock_attach_bpf(r0, 0x29, 0x3c, &(0x7f0000000700), 0x3) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x89e2, &(0x7f0000000000)={r0}) connect$pppoe(r1, &(0x7f0000000040)={0x18, 0x0, {0x3, @empty, 'bridge0\x00'}}, 0x1e) 03:33:27 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x689], 0x1}}, 0x1c) 03:33:27 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$team(&(0x7f0000000080)='team\x00') ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f00000014c0)={'team0\x00', 0x0}) sendmsg$TEAM_CMD_OPTIONS_GET(r0, &(0x7f0000004fc0)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000004f80)={&(0x7f0000000280)=ANY=[@ANYBLOB="94000000", @ANYRES16=r1, @ANYBLOB="010000000036f7ad3d00e302000008000100", @ANYRES32=r2, @ANYBLOB="9103020051000100240001006e6f746966795f70656572735f636f756e740000000000000000000000000000080003000300000008000400000000003c000100240001006c625f74785f6d6574686f64000000000000000000000000000000000000000008000300050000000c0004006861736800000000"], 0x94}, 0x1}, 0x0) 03:33:27 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x8000000, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:27 executing program 4: r0 = socket(0x0, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001}, 0x10) 03:33:27 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x6f010000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:27 executing program 0 (fault-call:8 fault-nth:29): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) 03:33:27 executing program 2: r0 = syz_open_dev$sndpcmc(&(0x7f0000000040)='/dev/snd/pcmC#D#c\x00', 0x3f, 0x200000) ioctl$PIO_UNIMAPCLR(r0, 0x4b68, &(0x7f0000000080)={0x1, 0x362a, 0x5}) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r2 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x10003, 0x80011, r2, 0x0) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='comm\x00') ptrace$getregset(0x4204, 0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000380)=""/126, 0x7e}) writev(r3, &(0x7f0000000080), 0x1a6) 03:33:27 executing program 7: r0 = shmget$private(0x0, 0x4000, 0x2, &(0x7f0000ffc000/0x4000)=nil) shmctl$IPC_RMID(r0, 0xffffffffffffffff) 03:33:27 executing program 5: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup\x00', 0x200002, 0x0) socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="024ec83d6d345f8f762070") mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x2, 0x32, 0xffffffffffffffff, 0x0) r1 = openat$cgroup_type(r0, &(0x7f0000000040)='cgroup.type\x00', 0x2, 0x0) r2 = socket$packet(0x11, 0x0, 0x300) setsockopt$packet_fanout_data(r2, 0x107, 0x16, &(0x7f00000000c0)={0x3, &(0x7f0000000000)=[{0x9, 0x0, 0x3ff, 0xa34}, {0x101, 0x4, 0x1, 0x2}, {0xd6b2, 0xa2, 0x100000000, 0x4}]}, 0x10) preadv(r1, &(0x7f00000002c0)=[{&(0x7f0000001400)=""/252, 0xfc}], 0x1, 0x0) 03:33:27 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x6f01], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) [ 541.213932] FAULT_INJECTION: forcing a failure. [ 541.213932] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 541.225781] CPU: 1 PID: 7254 Comm: syz-executor0 Not tainted 4.18.0-rc4-next-20180713+ #7 [ 541.234096] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 541.243448] Call Trace: [ 541.246047] dump_stack+0x1c9/0x2b4 [ 541.249688] ? dump_stack_print_info.cold.2+0x52/0x52 [ 541.254887] ? is_bpf_text_address+0xae/0x170 [ 541.259399] should_fail.cold.4+0xa/0x11 03:33:28 executing program 7: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x1, 0xffffffffffffffff, 0x0) keyctl$update(0x2, 0x0, &(0x7f0000000540)="2e754661d51c59b5b90afd5d536eec", 0xf) r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zero\x00', 0x2, 0x0) bind$bt_rfcomm(r0, &(0x7f0000000080)={0x1f, {0x6, 0x1, 0x8, 0x100000000, 0x8, 0x2}, 0x3}, 0xa) syz_open_dev$loop(&(0x7f00000000c0)='/dev/loop#\x00', 0x400, 0x8000) socketpair$inet6_tcp(0xa, 0x1, 0x0, &(0x7f0000000100)) 03:33:28 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x3d6], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:28 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f0000000580)=0x1, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x4000000000014, &(0x7f0000000040)=0x80000000001, 0x4) connect$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x16}}, 0x10) write$binfmt_elf64(r0, &(0x7f00000005c0)=ANY=[@ANYBLOB="7f454c4602050107934700000000000003000000060000005902000000000000400000000000000067010000000000000700000000083800010008000300ff000400000008000000f9ffffffffffffff06000000000040000300000000000000020000000000000001000080000000000010000000000000502b13b7a162b1970636e6c9fc66074a1ed2c336661705e1482b383395db74fa285bc1c9360186dcc5d3b3496a95e924ebe01abedea8585dc51d6048fdd893865bc4571dc66e34c9f21bf70612b8a2f1c55f143883631296fe0ec08780813590a434448bda9f7bf7b4020a8032352e4b36de64508828fd2053e477d056d07205fb4b0930e0c41966d2accf64cbaf6b9d16629c8a164645603426a74b3826f5274d673b9e074f49075825fc64d91f0f1c9cff7853b42f0b9fb68d60cb09981d4581d27901b2dd0686d9433926e1dac8fb08dc4f5900000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000038aa9e78754335e5000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000900000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"], 0x6c1) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4) sendto$inet(r0, &(0x7f0000000240)="8e", 0x1, 0x0, &(0x7f0000000280)={0x2, 0x0, @multicast2=0xe0000002}, 0x10) [ 541.263468] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 541.268580] ? lock_acquire+0x1e4/0x540 [ 541.272560] ? is_bpf_text_address+0xae/0x170 [ 541.277067] ? lock_release+0xa30/0xa30 [ 541.281049] ? kasan_check_read+0x11/0x20 [ 541.285204] ? rcu_is_watching+0x8c/0x150 [ 541.289356] ? rcu_cleanup_dead_rnp+0x200/0x200 [ 541.294027] ? is_bpf_text_address+0xd7/0x170 [ 541.298527] ? kernel_text_address+0x79/0xf0 [ 541.302939] ? unwind_get_return_address+0x61/0xa0 [ 541.307875] ? __save_stack_trace+0x8d/0xf0 [ 541.312204] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 541.317747] ? should_fail+0x246/0xd86 [ 541.321639] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 541.326751] __alloc_pages_nodemask+0x36e/0xdb0 [ 541.331412] ? save_stack+0x43/0xd0 [ 541.335032] ? kasan_kmalloc+0xc4/0xe0 [ 541.338910] ? __kmalloc+0x14e/0x760 [ 541.342619] ? p9_fcall_alloc+0x1e/0x90 [ 541.346587] ? __alloc_pages_slowpath+0x2d00/0x2d00 [ 541.351590] ? vfs_get_tree+0x1cb/0x5c0 [ 541.355548] ? ksys_mount+0x12d/0x140 [ 541.359338] ? __x64_sys_mount+0xbe/0x150 [ 541.363480] ? do_syscall_64+0x1b9/0x820 [ 541.367527] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 541.372875] ? __x64_sys_mount+0xbe/0x150 [ 541.377095] ? do_syscall_64+0x1b9/0x820 [ 541.381150] ? lock_downgrade+0x8f0/0x8f0 [ 541.385293] ? kasan_check_read+0x11/0x20 [ 541.389429] ? do_raw_spin_unlock+0xa7/0x2f0 [ 541.393825] ? check_same_owner+0x340/0x340 [ 541.398134] cache_grow_begin+0x91/0x710 [ 541.402187] __kmalloc+0x688/0x760 [ 541.405711] ? __init_waitqueue_head+0x9e/0x150 [ 541.410362] ? init_wait_entry+0x1c0/0x1c0 [ 541.414580] ? p9_fcall_alloc+0x1e/0x90 [ 541.418542] p9_fcall_alloc+0x1e/0x90 [ 541.422329] p9_client_prepare_req.part.9+0x754/0xcd0 [ 541.427511] ? p9_free_req.isra.8+0x140/0x140 [ 541.431991] ? __fget+0x4ac/0x740 [ 541.435433] ? p9_pollwait+0x83/0x230 [ 541.439222] ? p9_conn_create+0x730/0x730 [ 541.443363] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 541.448885] p9_client_rpc+0x1bd/0x1400 [ 541.452843] ? p9_fd_poll+0x1e0/0x2b0 [ 541.456629] ? p9_conn_create+0x55b/0x730 [ 541.460765] ? p9_client_prepare_req.part.9+0xcd0/0xcd0 [ 541.466118] ? ksys_dup3+0x690/0x690 [ 541.469819] ? check_same_owner+0x340/0x340 [ 541.474127] ? p9_fd_poll+0x2b0/0x2b0 [ 541.477920] ? kasan_kmalloc+0xc4/0xe0 [ 541.481800] ? kasan_unpoison_shadow+0x35/0x50 [ 541.486376] ? p9_fd_show_options+0x1c0/0x1c0 [ 541.490859] ? __raw_spin_lock_init+0x2d/0x100 [ 541.495431] p9_client_create+0xdb0/0x1770 [ 541.499656] ? p9_client_read+0xc60/0xc60 [ 541.503788] ? kasan_check_read+0x11/0x20 [ 541.507936] ? lock_acquire+0x1e4/0x540 [ 541.511900] ? fs_reclaim_acquire+0x20/0x20 [ 541.516213] ? lock_release+0xa30/0xa30 [ 541.520172] ? __lockdep_init_map+0x105/0x590 [ 541.524673] ? kasan_check_write+0x14/0x20 [ 541.528892] ? __init_rwsem+0x1cc/0x2a0 [ 541.532851] ? do_raw_write_unlock.cold.8+0x49/0x49 [ 541.537858] ? __kmalloc_track_caller+0x311/0x760 [ 541.542686] ? save_stack+0xa9/0xd0 [ 541.546302] ? save_stack+0x43/0xd0 [ 541.549917] ? kasan_kmalloc+0xc4/0xe0 [ 541.553788] ? kmem_cache_alloc_trace+0x152/0x780 [ 541.558618] ? memcpy+0x45/0x50 [ 541.561896] v9fs_session_init+0x21a/0x1a80 [ 541.566205] ? rcu_note_context_switch+0x730/0x730 [ 541.571119] ? do_mount+0x69e/0x1fb0 [ 541.574826] ? lock_acquire+0x1e4/0x540 [ 541.578787] ? v9fs_show_options+0x7e0/0x7e0 [ 541.583194] ? lock_release+0xa30/0xa30 [ 541.587157] ? check_same_owner+0x340/0x340 [ 541.591481] ? kasan_unpoison_shadow+0x35/0x50 [ 541.596059] ? kasan_kmalloc+0xc4/0xe0 [ 541.599937] ? kmem_cache_alloc_trace+0x318/0x780 [ 541.604776] ? kasan_unpoison_shadow+0x35/0x50 [ 541.609347] ? kasan_kmalloc+0xc4/0xe0 [ 541.613223] v9fs_mount+0x7c/0x900 [ 541.616752] ? v9fs_drop_inode+0x150/0x150 [ 541.620974] legacy_get_tree+0x118/0x440 [ 541.625028] vfs_get_tree+0x1cb/0x5c0 [ 541.628827] do_mount+0x6c1/0x1fb0 [ 541.632356] ? kasan_check_write+0x14/0x20 [ 541.636581] ? copy_mount_string+0x40/0x40 [ 541.640814] ? kasan_kmalloc+0xc4/0xe0 [ 541.644691] ? kmem_cache_alloc_trace+0x318/0x780 [ 541.649522] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 541.655050] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 541.660572] ? copy_mount_options+0x285/0x380 [ 541.665058] ksys_mount+0x12d/0x140 [ 541.668674] __x64_sys_mount+0xbe/0x150 [ 541.672638] do_syscall_64+0x1b9/0x820 [ 541.676512] ? finish_task_switch+0x1d3/0x870 [ 541.680992] ? syscall_return_slowpath+0x5e0/0x5e0 [ 541.685921] ? syscall_return_slowpath+0x31d/0x5e0 [ 541.690854] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 541.695856] ? prepare_exit_to_usermode+0x291/0x3b0 [ 541.700866] ? perf_trace_sys_enter+0xb10/0xb10 [ 541.705524] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 541.710359] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 541.715532] RIP: 0033:0x455ab9 [ 541.718701] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 541.737991] RSP: 002b:00007ff52b1d3c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 541.745688] RAX: ffffffffffffffda RBX: 00007ff52b1d46d4 RCX: 0000000000455ab9 [ 541.753054] RDX: 0000000020000900 RSI: 0000000020000000 RDI: 0000000000000000 03:33:28 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x900000000000000, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:28 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x30000], 0x1}}, 0x1c) [ 541.760309] RBP: 000000000072bea0 R08: 0000000020000140 R09: 0000000000000000 [ 541.767561] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 541.774821] R13: 00000000004c0201 R14: 00000000004cfe50 R15: 000000000000001d 03:33:28 executing program 0 (fault-call:8 fault-nth:30): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) 03:33:28 executing program 2: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) clock_gettime(0x0, &(0x7f0000000800)={0x0}) shmget$private(0x0, 0x4000, 0x78000000, &(0x7f0000ff9000/0x4000)=nil) r2 = syz_open_dev$adsp(&(0x7f0000000180)='/dev/adsp#\x00', 0x4, 0x90000) ioctl$EVIOCGKEY(r2, 0x80404518, &(0x7f0000000880)=""/4096) recvmmsg(r0, &(0x7f0000000780)=[{{&(0x7f00000000c0)=@pppol2tpv3in6={0x0, 0x0, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, @mcast2}}}, 0x80, &(0x7f0000000400), 0x0, &(0x7f0000000480)=""/62, 0x3e}}, {{0x0, 0x0, &(0x7f0000000700), 0x0, &(0x7f0000000740)=""/18, 0x12}}], 0x2, 0x0, &(0x7f0000000840)={r1}) setsockopt$inet6_int(r3, 0x29, 0xf1, &(0x7f0000000140)=0x4, 0x4) r4 = fcntl$dupfd(r0, 0x0, r0) userfaultfd(0x800) bind$bt_rfcomm(r4, &(0x7f0000000080)={0x1f, {0xffffffffffffffff, 0xffffffff, 0x2}}, 0xa) setsockopt$inet_sctp6_SCTP_NODELAY(r4, 0x84, 0x3, &(0x7f0000000040)=0x1, 0x4) getegid() ioctl$SCSI_IOCTL_GET_PCI(r4, 0x5387, &(0x7f0000000000)) 03:33:28 executing program 4: r0 = socket(0x2, 0x0, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001}, 0x10) 03:33:28 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xff07000000000000, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:28 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x3f00], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:28 executing program 5: r0 = socket$can_bcm(0x1d, 0x2, 0x2) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0xfffffffffffffffd, 0x30}, &(0x7f0000000400)=0xc) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000440)={r2, 0x80}, 0x8) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") connect$can_bcm(r0, &(0x7f0000000200)={0x1d}, 0x10) sendmsg$can_bcm(r0, &(0x7f00000003c0)={&(0x7f0000000280)={0x1d}, 0x10, &(0x7f0000000380)={&(0x7f0000000300)={0x5, 0x0, 0x0, {}, {0x0, 0x7530}, {}, 0x1, @can={{}, 0x0, 0x0, 0x0, 0x0, "388dbba2b150d176"}}, 0x48}, 0x1}, 0x0) recvmmsg(r0, &(0x7f0000000080)=[{{&(0x7f0000000180)=@nfc, 0x80, &(0x7f00000008c0), 0x0, &(0x7f0000000940)=""/79, 0x4f}}], 0x1, 0x0, &(0x7f0000000240)) sendmsg$can_bcm(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x1d}, 0x10, &(0x7f0000000040)={&(0x7f00000000c0)={0x7, 0x0, 0x0, {0x0, 0x2710}, {0x77359400}, {}, 0x1, @can={{}, 0x0, 0x0, 0x0, 0x0, "c4d981aeb150d176"}}, 0x48}, 0x1}, 0x0) 03:33:28 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x1300000000000000], 0x1}}, 0x1c) 03:33:28 executing program 7: r0 = creat(&(0x7f0000000000)='./file0\x00', 0x24) getsockopt$inet_sctp_SCTP_PR_STREAM_STATUS(r0, 0x84, 0x74, &(0x7f0000000040)=""/144, &(0x7f0000000100)=0x90) r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0) r2 = gettid() ioctl$SNDRV_CTL_IOCTL_ELEM_INFO(r0, 0xc1105511, &(0x7f00000001c0)={{0xa, 0x0, 0x5, 0x9, '\x00', 0x8}, 0x4, 0x200, 0x205b924e, r2, 0x3, 0x309ea831, 'syz0\x00', &(0x7f0000000180)=['vboxnet0-mime_type*\x00', '\x00', '$selfuser(\x00'], 0x20, [], [0x7, 0x8000, 0x1ff, 0x81]}) seccomp(0x0, 0x1, &(0x7f0000000340)={0x6, &(0x7f0000000300)=[{0xff, 0xffffffff80000001, 0x101, 0xa9}, {0x1, 0x3f, 0xfff, 0x2}, {0x10000, 0xffffffffffff65b8, 0x44089b92, 0x3}, {0x9, 0xa83, 0xfff, 0x357}, {0x5, 0x1, 0xfff, 0x10001}, {0xffff, 0x8, 0x1, 0x4}]}) r3 = fanotify_init(0x0, 0x0) ioctl$TIOCGSID(r1, 0x5429, &(0x7f0000000380)) r4 = fcntl$dupfd(r0, 0x0, r3) write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000400)={0x0, 0x18, 0xfa00, {0x4, &(0x7f00000003c0)={0xffffffffffffffff}, 0x106, 0x1006}}, 0x20) write$RDMA_USER_CM_CMD_BIND_IP(r1, &(0x7f0000000440)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x4e21, 0x73, @loopback={0x0, 0x1}, 0x7}, r5}}, 0x30) setsockopt$bt_BT_POWER(r1, 0x112, 0x9, &(0x7f0000000480)=0x6, 0x1) r6 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000500)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r0, &(0x7f0000000640)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000600)={&(0x7f0000000540)={0x90, r6, 0x100, 0x70bd29, 0x25dfdbfd, {0x10}, [@IPVS_CMD_ATTR_DEST={0x50, 0x2, [@IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x3}, @IPVS_DEST_ATTR_PORT={0x8, 0x2, 0x4e22}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x400}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x9}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0xbf42}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x100000000}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv6=@remote={0xfe, 0x80, [], 0xbb}}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x6}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x7}, @IPVS_CMD_ATTR_SERVICE={0x24, 0x1, [@IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'lc\x00'}, @IPVS_SVC_ATTR_PORT={0x8, 0x4, 0x4e21}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x41}]}]}, 0x90}, 0x1}, 0x4000801) syz_genetlink_get_family_id$ipvs(&(0x7f0000000680)='IPVS\x00') connect$rds(r4, &(0x7f00000006c0)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x11}}, 0x10) ioctl$BLKFRASET(r1, 0x1264, &(0x7f0000000700)=0x7fff) eventfd2(0x8, 0x800) setsockopt$inet6_mtu(r1, 0x29, 0x17, &(0x7f0000000740)=0x3, 0x4) r7 = getuid() r8 = getegid() mount$fuseblk(&(0x7f0000000780)='/dev/loop0\x00', &(0x7f00000007c0)='./file1\x00', &(0x7f0000000800)='fuseblk\x00', 0x28, &(0x7f0000000840)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x8000}, 0x2c, {'user_id', 0x3d, r7}, 0x2c, {'group_id', 0x3d, r8}, 0x2c, {[{@blksize={'blksize', 0x3d, 0x1000}, 0x2c}, {@allow_other='allow_other', 0x2c}, {@allow_other='allow_other', 0x2c}]}}) setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r1, 0x6, 0x21, &(0x7f0000000900)="e41c84794ff9ddff0c27055b52543f1b", 0x10) semget(0x3, 0x3, 0x100) setsockopt$inet_tcp_TLS_RX(r4, 0x6, 0x2, &(0x7f0000000940)={0x303, 0x33}, 0x4) ioctl$VHOST_SET_VRING_NUM(r0, 0x4008af10, &(0x7f0000000980)={0x3, 0x6}) openat$rfkill(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/rfkill\x00', 0x0, 0x0) setsockopt$nfc_llcp_NFC_LLCP_RW(r0, 0x118, 0x0, &(0x7f0000000a00)=0x3, 0x4) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r4, 0x40042409, 0x0) setsockopt$EBT_SO_SET_COUNTERS(r4, 0x0, 0x81, &(0x7f0000000a80)={'broute\x00', 0x0, 0x0, 0x0, [], 0x2, &(0x7f0000000a40)=[{}, {}], 0x0, [{}, {}]}, 0x98) [ 541.920221] FAULT_INJECTION: forcing a failure. [ 541.920221] name failslab, interval 1, probability 0, space 0, times 0 [ 541.931541] CPU: 1 PID: 7299 Comm: syz-executor0 Not tainted 4.18.0-rc4-next-20180713+ #7 [ 541.939860] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 541.949215] Call Trace: [ 541.951813] dump_stack+0x1c9/0x2b4 [ 541.955445] ? dump_stack_print_info.cold.2+0x52/0x52 [ 541.960641] ? kasan_check_read+0x11/0x20 [ 541.964806] should_fail.cold.4+0xa/0x11 03:33:28 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xffffff7f00000000, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) [ 541.968874] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 541.973988] ? finish_task_switch+0x1d3/0x870 [ 541.978494] ? finish_task_switch+0x18a/0x870 [ 541.983024] ? pdu_read+0x90/0xd0 [ 541.986506] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 541.992053] ? p9pdu_readf+0xb78/0x2170 [ 541.996039] ? p9pdu_writef+0xe0/0xe0 [ 541.999844] ? __schedule+0x884/0x1ed0 [ 542.003750] ? __sched_text_start+0x8/0x8 [ 542.007908] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 542.013453] ? check_same_owner+0x340/0x340 03:33:28 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x6f88010000000000, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) [ 542.017784] ? rcu_note_context_switch+0x730/0x730 [ 542.022721] ? trace_9p_protocol_dump+0xbe/0x3a0 [ 542.027479] __should_failslab+0x124/0x180 [ 542.031714] should_failslab+0x9/0x14 [ 542.035515] __kmalloc+0x2c8/0x760 [ 542.039057] ? memcpy+0x45/0x50 [ 542.042339] ? p9pdu_readf+0x526/0x2170 [ 542.046322] p9pdu_readf+0x526/0x2170 [ 542.050130] ? p9pdu_writef+0xe0/0xe0 [ 542.053934] ? ksys_dup3+0x690/0x690 [ 542.057650] ? check_same_owner+0x340/0x340 [ 542.061970] ? p9_fd_poll+0x2b0/0x2b0 [ 542.065775] ? kasan_kmalloc+0xc4/0xe0 03:33:28 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x18871, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:28 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x3, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) [ 542.069672] ? kasan_unpoison_shadow+0x35/0x50 [ 542.074255] ? p9_fd_show_options+0x1c0/0x1c0 [ 542.078743] ? __raw_spin_lock_init+0x2d/0x100 [ 542.083331] p9_client_create+0xe87/0x1770 [ 542.087574] ? p9_client_read+0xc60/0xc60 [ 542.091722] ? kasan_check_read+0x11/0x20 [ 542.095868] ? lock_acquire+0x1e4/0x540 [ 542.099845] ? fs_reclaim_acquire+0x20/0x20 [ 542.104167] ? lock_release+0xa30/0xa30 [ 542.108146] ? __lockdep_init_map+0x105/0x590 [ 542.112648] ? kasan_check_write+0x14/0x20 [ 542.116880] ? __init_rwsem+0x1cc/0x2a0 03:33:28 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x4000000000000000, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:28 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xe087ffffffff, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) [ 542.120850] ? do_raw_write_unlock.cold.8+0x49/0x49 [ 542.125868] ? __kmalloc_track_caller+0x311/0x760 [ 542.130712] ? save_stack+0xa9/0xd0 [ 542.135092] ? save_stack+0x43/0xd0 [ 542.138722] ? kasan_kmalloc+0xc4/0xe0 [ 542.142611] ? kmem_cache_alloc_trace+0x152/0x780 [ 542.147455] ? memcpy+0x45/0x50 [ 542.150740] v9fs_session_init+0x21a/0x1a80 [ 542.155061] ? rcu_note_context_switch+0x730/0x730 [ 542.159989] ? do_mount+0x69e/0x1fb0 [ 542.163708] ? lock_acquire+0x1e4/0x540 03:33:28 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x4000000, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) [ 542.167678] ? v9fs_show_options+0x7e0/0x7e0 [ 542.172087] ? lock_release+0xa30/0xa30 [ 542.176067] ? check_same_owner+0x340/0x340 [ 542.180395] ? kasan_unpoison_shadow+0x35/0x50 [ 542.184974] ? kasan_kmalloc+0xc4/0xe0 [ 542.188859] ? kmem_cache_alloc_trace+0x318/0x780 [ 542.193701] ? kasan_unpoison_shadow+0x35/0x50 [ 542.198285] ? kasan_kmalloc+0xc4/0xe0 [ 542.202183] v9fs_mount+0x7c/0x900 [ 542.205730] ? v9fs_drop_inode+0x150/0x150 [ 542.209979] legacy_get_tree+0x118/0x440 [ 542.214048] vfs_get_tree+0x1cb/0x5c0 [ 542.217850] do_mount+0x6c1/0x1fb0 03:33:28 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x5000000, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) [ 542.221395] ? kasan_check_write+0x14/0x20 [ 542.225631] ? copy_mount_string+0x40/0x40 [ 542.229885] ? kasan_kmalloc+0xc4/0xe0 [ 542.233780] ? kmem_cache_alloc_trace+0x318/0x780 [ 542.238630] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 542.244172] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 542.249717] ? copy_mount_options+0x285/0x380 [ 542.254217] ksys_mount+0x12d/0x140 [ 542.257851] __x64_sys_mount+0xbe/0x150 [ 542.261838] do_syscall_64+0x1b9/0x820 [ 542.265724] ? finish_task_switch+0x1d3/0x870 [ 542.270220] ? syscall_return_slowpath+0x5e0/0x5e0 [ 542.275151] ? syscall_return_slowpath+0x31d/0x5e0 [ 542.280065] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 542.285064] ? prepare_exit_to_usermode+0x291/0x3b0 [ 542.290075] ? perf_trace_sys_enter+0xb10/0xb10 [ 542.294732] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 542.299560] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 542.304729] RIP: 0033:0x455ab9 [ 542.307893] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 542.327212] RSP: 002b:00007ff52b1d3c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 542.334906] RAX: ffffffffffffffda RBX: 00007ff52b1d46d4 RCX: 0000000000455ab9 [ 542.342169] RDX: 0000000020000900 RSI: 0000000020000000 RDI: 0000000000000000 [ 542.349425] RBP: 000000000072bea0 R08: 0000000020000140 R09: 0000000000000000 [ 542.356680] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 542.363968] R13: 00000000004c0201 R14: 00000000004cfe50 R15: 000000000000001e 03:33:29 executing program 0 (fault-call:8 fault-nth:31): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) 03:33:29 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xe, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:29 executing program 2: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000300)='./cgroup\x00', 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f0000000040)='io.weight\x00', 0x2, 0x0) r2 = dup2(r1, r0) ioctl$KVM_ARM_SET_DEVICE_ADDR(r2, 0x4010aeab, &(0x7f0000000000)={0x7f, 0x6000}) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x6f}) sendfile(r1, r1, &(0x7f0000000080)=0x3, 0xd) 03:33:29 executing program 4: r0 = socket(0x2, 0x3, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001}, 0x10) 03:33:29 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x8035000000000000], 0x1}}, 0x1c) [ 542.511921] FAULT_INJECTION: forcing a failure. [ 542.511921] name failslab, interval 1, probability 0, space 0, times 0 [ 542.523160] CPU: 0 PID: 7367 Comm: syz-executor0 Not tainted 4.18.0-rc4-next-20180713+ #7 [ 542.531478] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 542.540830] Call Trace: [ 542.543426] dump_stack+0x1c9/0x2b4 [ 542.547066] ? dump_stack_print_info.cold.2+0x52/0x52 [ 542.552268] should_fail.cold.4+0xa/0x11 [ 542.556335] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 542.561446] ? trace_hardirqs_on+0x10/0x10 [ 542.565688] ? kasan_check_read+0x11/0x20 [ 542.569851] ? rcu_is_watching+0x8c/0x150 [ 542.574009] ? rcu_cleanup_dead_rnp+0x200/0x200 [ 542.578683] ? is_bpf_text_address+0xd7/0x170 [ 542.583190] ? kernel_text_address+0x79/0xf0 [ 542.587608] ? __kernel_text_address+0xd/0x40 [ 542.592110] ? unwind_get_return_address+0x61/0xa0 [ 542.597053] ? __save_stack_trace+0x8d/0xf0 [ 542.601393] ? trace_hardirqs_on+0x10/0x10 [ 542.605687] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 542.610732] ? bpf_prog_kallsyms_find+0xde/0x4c0 [ 542.615506] __should_failslab+0x124/0x180 [ 542.619757] should_failslab+0x9/0x14 [ 542.623568] kmem_cache_alloc+0x47/0x760 [ 542.627647] ? lock_acquire+0x1e4/0x540 [ 542.631629] ? is_bpf_text_address+0xae/0x170 [ 542.636141] radix_tree_node_alloc.constprop.19+0x1e6/0x310 [ 542.641864] idr_get_free+0x887/0x10d0 [ 542.645756] ? radix_tree_iter_tag_clear+0xd0/0xd0 [ 542.650681] ? __kernel_text_address+0xd/0x40 [ 542.655299] ? unwind_get_return_address+0x61/0xa0 [ 542.660214] ? __save_stack_trace+0x8d/0xf0 [ 542.664525] ? save_stack+0xa9/0xd0 [ 542.668137] ? save_stack+0x43/0xd0 [ 542.671777] ? kasan_kmalloc+0xc4/0xe0 [ 542.675653] ? kmem_cache_alloc_trace+0x152/0x780 [ 542.680508] ? p9_fid_create+0x98/0x4c0 [ 542.684461] ? p9_client_attach+0xbc/0x860 [ 542.688683] ? v9fs_mount+0x7c/0x900 [ 542.692382] ? legacy_get_tree+0x118/0x440 [ 542.696599] ? vfs_get_tree+0x1cb/0x5c0 [ 542.700562] ? do_mount+0x6c1/0x1fb0 [ 542.704263] ? ksys_mount+0x12d/0x140 [ 542.708050] ? __x64_sys_mount+0xbe/0x150 [ 542.712186] ? do_syscall_64+0x1b9/0x820 [ 542.716246] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 542.721605] ? kasan_check_read+0x11/0x20 [ 542.725734] ? rcu_is_watching+0x8c/0x150 [ 542.729864] ? rcu_cleanup_dead_rnp+0x200/0x200 [ 542.734520] idr_alloc_u32+0x1d4/0x3a0 [ 542.738389] ? __fprop_inc_percpu_max+0x2d0/0x2d0 [ 542.743211] ? p9_idpool_get+0x23/0x70 [ 542.747080] ? check_same_owner+0x340/0x340 [ 542.751385] idr_alloc+0x111/0x1b0 [ 542.754922] ? idr_alloc_u32+0x3a0/0x3a0 [ 542.758973] ? do_raw_spin_lock+0xc1/0x200 [ 542.763191] p9_idpool_get+0x3d/0x70 [ 542.766886] p9_fid_create+0xd3/0x4c0 [ 542.770670] ? kasan_check_read+0x11/0x20 [ 542.774804] ? p9_client_destroy+0x610/0x610 [ 542.779201] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 542.783764] ? kasan_check_write+0x14/0x20 [ 542.787979] p9_client_attach+0xbc/0x860 [ 542.792029] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 542.797115] ? debug_check_no_obj_freed+0x30b/0x595 [ 542.802113] ? p9_client_walk+0xab0/0xab0 [ 542.806246] ? trace_hardirqs_off+0xd/0x10 [ 542.810466] ? quarantine_put+0x10d/0x1b0 [ 542.814599] ? __kasan_slab_free+0x131/0x170 [ 542.818989] v9fs_session_init+0xf62/0x1a80 [ 542.823294] ? v9fs_session_init+0xf62/0x1a80 [ 542.827769] ? rcu_note_context_switch+0x730/0x730 [ 542.832690] ? v9fs_show_options+0x7e0/0x7e0 [ 542.837089] ? lock_release+0xa30/0xa30 [ 542.841049] ? check_same_owner+0x340/0x340 [ 542.845369] ? kasan_unpoison_shadow+0x35/0x50 [ 542.849934] ? kasan_kmalloc+0xc4/0xe0 [ 542.853814] ? kmem_cache_alloc_trace+0x318/0x780 [ 542.858646] ? kasan_unpoison_shadow+0x35/0x50 [ 542.863216] ? kasan_kmalloc+0xc4/0xe0 [ 542.867086] v9fs_mount+0x7c/0x900 [ 542.870630] ? v9fs_drop_inode+0x150/0x150 [ 542.874859] legacy_get_tree+0x118/0x440 [ 542.878905] vfs_get_tree+0x1cb/0x5c0 [ 542.882695] do_mount+0x6c1/0x1fb0 [ 542.886217] ? check_same_owner+0x340/0x340 [ 542.890517] ? lock_release+0xa30/0xa30 [ 542.894482] ? copy_mount_string+0x40/0x40 [ 542.898707] ? retint_kernel+0x10/0x10 [ 542.902582] ? copy_mount_options+0x1f0/0x380 [ 542.907057] ? copy_mount_options+0x1fa/0x380 [ 542.911533] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 542.917055] ? copy_mount_options+0x285/0x380 [ 542.921539] ksys_mount+0x12d/0x140 [ 542.925157] __x64_sys_mount+0xbe/0x150 [ 542.929122] do_syscall_64+0x1b9/0x820 [ 542.933000] ? finish_task_switch+0x1d3/0x870 [ 542.937485] ? syscall_return_slowpath+0x5e0/0x5e0 [ 542.942394] ? syscall_return_slowpath+0x31d/0x5e0 [ 542.947305] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 542.952316] ? prepare_exit_to_usermode+0x291/0x3b0 [ 542.957318] ? perf_trace_sys_enter+0xb10/0xb10 [ 542.961972] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 542.966801] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 542.971978] RIP: 0033:0x455ab9 [ 542.975151] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 542.994370] RSP: 002b:00007ff52b1d3c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 543.002064] RAX: ffffffffffffffda RBX: 00007ff52b1d46d4 RCX: 0000000000455ab9 03:33:29 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") mkdir(&(0x7f00000004c0)='./file0\x00', 0x0) mount$9p_virtio(&(0x7f0000000040)='rpc_pipefs\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x8, &(0x7f0000000500)=ANY=[@ANYBLOB="7472616e733d76697274696f2c706f73697861636c2c63616368657461673d706f7369785f61636c5f6163636573732c616e616d653d28705470306574683127657468312c6d6d61702c63616368653d6d0800008163612bc88a570000000070635f706970656673002c00165c310f62026d5dde7e1f2625ed40a885690c65af9e66d0554cfc5fbd2eaf39693682d2203c7b0c913f508d5b050d516ef2927d4321b4d9b18c08a43a3259"]) getsockname(r0, &(0x7f00000003c0)=@llc={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f0000000440)=0x80) mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='rpc_pipefs\x00', 0xc0ed0000, 0x0) prctl$setname(0xf, &(0x7f0000000240)='rpc_pipefs\x00') r1 = geteuid() r2 = getgid() chown(&(0x7f0000000000)='./file0\x00', r1, r2) clock_adjtime(0x1, &(0x7f00000002c0)={0x0, 0xcf, 0xfffffffffffffffd, 0x8, 0xfffffffffffffffb, 0xfc, 0x8, 0x7, 0x2800000000000000, 0x276, 0x5, 0xfffffffeffffffff, 0x100, 0x6, 0xda0, 0x7f, 0xfff, 0x400, 0x0, 0x100, 0xec, 0xae49, 0x7ff, 0x475c, 0x1, 0x89ec}) 03:33:29 executing program 7: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0xfffffffffffffffd, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) ioctl$KVM_ENABLE_CAP_CPU(r2, 0xc008ae88, &(0x7f00000001c0)={0x2, 0x0, [0x40000108]}) 03:33:29 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0xfffffff5], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:29 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x81000000], 0x1}}, 0x1c) 03:33:29 executing program 2: r0 = syz_open_dev$vcsa(&(0x7f0000e27000)='/dev/vcsa#\x00', 0x2, 0x1) write(r0, &(0x7f0000214ffb)="53000000ff", 0x5) fgetxattr(r0, &(0x7f0000000000)=@random={'system.', 'GPL&\x00'}, &(0x7f0000000080)=""/196, 0xc4) write(r0, &(0x7f0000000040)="b8", 0x1) 03:33:29 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001}, 0x10) 03:33:29 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x3d6, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:29 executing program 0 (fault-call:8 fault-nth:32): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) [ 543.009317] RDX: 0000000020000900 RSI: 0000000020000000 RDI: 0000000000000000 [ 543.016572] RBP: 000000000072bea0 R08: 0000000020000140 R09: 0000000000000000 [ 543.023830] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 543.031086] R13: 00000000004c0201 R14: 00000000004cfe50 R15: 000000000000001f 03:33:29 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x1000000], 0x1}}, 0x1c) [ 543.092513] 9pnet_virtio: no channels available for device rpc_pipefs [ 543.127706] FAULT_INJECTION: forcing a failure. [ 543.127706] name failslab, interval 1, probability 0, space 0, times 0 03:33:29 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001}, 0x10) 03:33:29 executing program 2: perf_event_open(&(0x7f0000000140)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0x19000)=nil, 0x19000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000e53fe8)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000007fe0)={{&(0x7f0000000000/0x4000)=nil, 0x4000}, 0x1}) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff}, 0x84000) ioctl$TIOCLINUX5(r2, 0x541c, &(0x7f0000000040)={0x5, 0x31, 0x721, 0x4, 0x800}) r3 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r1, &(0x7f0000cd8ff4)) epoll_wait(r3, &(0x7f00000000c0)=[{}], 0x15f60b4, 0x0) epoll_wait(r3, &(0x7f0000000100)=[{}], 0x1, 0xffffffffffff185d) ioctl$UFFDIO_UNREGISTER(r0, 0xc020aa04, &(0x7f0000007ffc)={&(0x7f0000000000/0x2000)=nil, 0x2000}) 03:33:29 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x10, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:29 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x8000000000000000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) [ 543.139081] CPU: 0 PID: 7401 Comm: syz-executor0 Not tainted 4.18.0-rc4-next-20180713+ #7 [ 543.147399] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 543.156757] Call Trace: [ 543.159351] dump_stack+0x1c9/0x2b4 [ 543.162989] ? dump_stack_print_info.cold.2+0x52/0x52 [ 543.168189] ? kernel_text_address+0x79/0xf0 [ 543.172165] 9pnet_virtio: no channels available for device rpc_pipefs [ 543.172608] should_fail.cold.4+0xa/0x11 [ 543.183222] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 543.188338] ? save_stack+0xa9/0xd0 [ 543.191972] ? save_stack+0x43/0xd0 [ 543.195609] ? kmem_cache_alloc_trace+0x152/0x780 [ 543.200453] ? p9_client_prepare_req.part.9+0x82a/0xcd0 [ 543.205819] ? p9_client_rpc+0x1bd/0x1400 [ 543.209972] ? p9_client_attach+0x19f/0x860 [ 543.214299] ? v9fs_session_init+0xf62/0x1a80 [ 543.218795] ? v9fs_mount+0x7c/0x900 [ 543.222513] ? legacy_get_tree+0x118/0x440 [ 543.226758] ? vfs_get_tree+0x1cb/0x5c0 [ 543.230753] ? do_mount+0x6c1/0x1fb0 [ 543.234482] ? ksys_mount+0x12d/0x140 [ 543.238284] ? __x64_sys_mount+0xbe/0x150 03:33:30 executing program 7: socket$nl_xfrm(0x10, 0x3, 0x6) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00005a1000), 0x0, 0x0) socketpair$inet6(0xa, 0x5, 0x2, &(0x7f00000001c0)={0xffffffffffffffff}) getsockopt$inet_sctp_SCTP_MAXSEG(0xffffffffffffffff, 0x84, 0xd, &(0x7f0000000280)=@assoc_value={0x0, 0x5}, &(0x7f00000002c0)=0x8) getsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000300)=@assoc_value={r1, 0x2}, &(0x7f0000000340)=0x8) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000200)=0x100000001, 0x4) connect$inet6(r2, &(0x7f0000000140)={0xa}, 0x1c) ioctl$int_in(r2, 0x5421, &(0x7f0000000380)=0x801) setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f0000000040)='tls\x00', 0x11a) setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x1, &(0x7f0000000100)={0x303, 0x33}, 0x28) r3 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00') sendto$inet6(0xffffffffffffffff, &(0x7f0000000080), 0x0, 0x0, 0x0, 0x0) getsockopt$sock_int(r3, 0x1, 0x2f, &(0x7f0000000080), &(0x7f00000000c0)=0x4) sendfile(r2, r3, &(0x7f0000000000), 0x10000) 03:33:30 executing program 5: mmap(&(0x7f0000000000/0xddf000)=nil, 0xddf000, 0x0, 0x32, 0xffffffffffffffff, 0x0) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/nat_icmp_send\x00', 0x2, 0x0) accept4$alg(r0, 0x0, 0x0, 0x800) getresuid(&(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000240)) [ 543.242435] ? do_syscall_64+0x1b9/0x820 [ 543.246497] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 543.251860] ? node_tag_clear+0xc0/0x1c0 [ 543.255924] ? radix_tree_iter_tag_clear+0x97/0xd0 [ 543.260854] ? radix_tree_iter_replace+0x49/0x60 [ 543.265611] ? idr_alloc_u32+0x208/0x3a0 [ 543.269677] ? check_same_owner+0x340/0x340 [ 543.274001] ? rcu_note_context_switch+0x730/0x730 [ 543.278932] __should_failslab+0x124/0x180 [ 543.283173] should_failslab+0x9/0x14 [ 543.286977] __kmalloc+0x2c8/0x760 [ 543.290506] ? __init_waitqueue_head+0x9e/0x150 [ 543.295166] ? init_wait_entry+0x1c0/0x1c0 [ 543.299388] ? p9_fcall_alloc+0x1e/0x90 [ 543.303976] p9_fcall_alloc+0x1e/0x90 [ 543.307762] p9_client_prepare_req.part.9+0x7c9/0xcd0 [ 543.312945] ? p9_free_req.isra.8+0x140/0x140 [ 543.317427] ? __radix_tree_replace+0x188/0x2f0 [ 543.322084] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 543.327612] ? node_tag_clear+0xc0/0x1c0 [ 543.331662] p9_client_rpc+0x1bd/0x1400 [ 543.335623] ? idr_alloc_u32+0x208/0x3a0 [ 543.339671] ? p9_client_prepare_req.part.9+0xcd0/0xcd0 [ 543.345029] ? lock_acquire+0x1e4/0x540 [ 543.348987] ? p9_fid_create+0x37f/0x4c0 [ 543.353038] ? lock_downgrade+0x8f0/0x8f0 [ 543.357180] ? kasan_check_read+0x11/0x20 [ 543.361309] ? do_raw_spin_unlock+0xa7/0x2f0 [ 543.365702] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 543.370271] ? kasan_check_write+0x14/0x20 [ 543.374491] ? do_raw_spin_lock+0xc1/0x200 [ 543.378712] ? trace_hardirqs_on+0xd/0x10 [ 543.382852] ? kasan_check_read+0x11/0x20 [ 543.386985] ? p9_client_destroy+0x610/0x610 [ 543.391395] p9_client_attach+0x19f/0x860 [ 543.395532] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 543.400640] ? debug_check_no_obj_freed+0x30b/0x595 [ 543.405643] ? p9_client_walk+0xab0/0xab0 [ 543.409779] ? trace_hardirqs_off+0xd/0x10 [ 543.413998] ? quarantine_put+0x10d/0x1b0 [ 543.418141] ? __kasan_slab_free+0x131/0x170 [ 543.422546] v9fs_session_init+0xf62/0x1a80 [ 543.426863] ? v9fs_session_init+0xf62/0x1a80 [ 543.431348] ? rcu_note_context_switch+0x730/0x730 [ 543.436272] ? v9fs_show_options+0x7e0/0x7e0 [ 543.440670] ? lock_release+0xa30/0xa30 [ 543.444634] ? check_same_owner+0x340/0x340 [ 543.448947] ? kasan_unpoison_shadow+0x35/0x50 [ 543.453513] ? kasan_kmalloc+0xc4/0xe0 [ 543.457389] ? kmem_cache_alloc_trace+0x318/0x780 [ 543.462216] ? kasan_unpoison_shadow+0x35/0x50 [ 543.466795] ? kasan_kmalloc+0xc4/0xe0 [ 543.470671] v9fs_mount+0x7c/0x900 [ 543.474209] ? v9fs_drop_inode+0x150/0x150 [ 543.478428] legacy_get_tree+0x118/0x440 [ 543.482478] vfs_get_tree+0x1cb/0x5c0 [ 543.486270] do_mount+0x6c1/0x1fb0 [ 543.489797] ? check_same_owner+0x340/0x340 [ 543.494101] ? lock_release+0xa30/0xa30 [ 543.498066] ? copy_mount_string+0x40/0x40 [ 543.502290] ? retint_kernel+0x10/0x10 [ 543.506184] ? copy_mount_options+0x1f0/0x380 [ 543.510665] ? copy_mount_options+0x1f6/0x380 [ 543.515146] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 543.520669] ? copy_mount_options+0x285/0x380 [ 543.525162] ksys_mount+0x12d/0x140 [ 543.528778] __x64_sys_mount+0xbe/0x150 [ 543.532743] do_syscall_64+0x1b9/0x820 [ 543.536613] ? finish_task_switch+0x1d3/0x870 [ 543.541099] ? syscall_return_slowpath+0x5e0/0x5e0 [ 543.546020] ? syscall_return_slowpath+0x31d/0x5e0 [ 543.550936] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 543.555946] ? prepare_exit_to_usermode+0x291/0x3b0 [ 543.560948] ? perf_trace_sys_enter+0xb10/0xb10 [ 543.565603] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 543.570440] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 543.575615] RIP: 0033:0x455ab9 03:33:30 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001}, 0x10) 03:33:30 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0xc8030000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) [ 543.578786] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 543.598067] RSP: 002b:00007ff52b1d3c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 543.605764] RAX: ffffffffffffffda RBX: 00007ff52b1d46d4 RCX: 0000000000455ab9 [ 543.613029] RDX: 0000000020000900 RSI: 0000000020000000 RDI: 0000000000000000 [ 543.620284] RBP: 000000000072bea0 R08: 0000000020000140 R09: 0000000000000000 [ 543.627538] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 543.634793] R13: 00000000004c0201 R14: 00000000004cfe50 R15: 0000000000000020 03:33:30 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xf6ffffff00000000, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:30 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x6558], 0x1}}, 0x1c) 03:33:30 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(0xffffffffffffffff, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001}, 0x10) 03:33:30 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000180)="11d408b141e8d1aa0b2f835bfd05ced48fbc2644d871f279679295fce62fd4d5bd921dae7f20027e96e798134713b0d0f141694071d623f26b851547400d280761427bf1ba4b39cf206491ac17196b33f84cf2f5fdc2d6c020cd73e49f06ddb2650f7b9ad307dececc8fef6250514cbc6de97c532e57fa88a9491e6499da515573d99ff76c6fc51ea2edb8338b8772119127ad5ce3ea849a4f8228c16b3fe041e18bf5cdb7979f990ab06697ba90dcb6f5cacb6e1df7bb3dce88121e415b3600563ed85dd63932fe0000000000000000000000") mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000003fe8)={0xaa}) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) r3 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x8, 0x40) ioctl$SNDRV_CTL_IOCTL_CARD_INFO(r3, 0x81785501, &(0x7f0000000080)=""/12) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r2, 0x84, 0x8, &(0x7f0000013e95), 0x2f84) ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000040)={'veth1_to_bond\x00', &(0x7f0000000140)=@ethtool_link_settings={0x4c}}) close(r2) setsockopt$inet6_MRT6_DEL_MFC_PROXY(r0, 0x29, 0xd3, &(0x7f00000000c0)={{0xa, 0x4e23, 0xd0c, @ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0x14, 0xaa}}, 0x6}, {0xa, 0x4e20, 0x1, @mcast1={0xff, 0x1, [], 0x1}, 0x5}, 0x6, [0x7, 0x6f68, 0x7fff, 0x9, 0x2, 0xd1, 0x5, 0x10001]}, 0x5c) write$FUSE_POLL(r3, &(0x7f0000000280)={0x18, 0x0, 0x8, {0xd190}}, 0x18) close(r1) 03:33:30 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x6488], 0x1}}, 0x1c) 03:33:30 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x1000000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) [ 543.770162] 9pnet: Couldn't grow tag array 03:33:30 executing program 0 (fault-call:8 fault-nth:33): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) 03:33:30 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x6000000, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:30 executing program 4 (fault-call:2 fault-nth:0): r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001}, 0x10) [ 543.871007] FAULT_INJECTION: forcing a failure. [ 543.871007] name failslab, interval 1, probability 0, space 0, times 0 [ 543.882379] CPU: 1 PID: 7465 Comm: syz-executor4 Not tainted 4.18.0-rc4-next-20180713+ #7 [ 543.890699] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 543.900052] Call Trace: [ 543.901644] FAULT_INJECTION: forcing a failure. [ 543.901644] name failslab, interval 1, probability 0, space 0, times 0 [ 543.902649] dump_stack+0x1c9/0x2b4 [ 543.917443] ? dump_stack_print_info.cold.2+0x52/0x52 [ 543.922629] ? trace_hardirqs_on+0x10/0x10 [ 543.926859] should_fail.cold.4+0xa/0x11 [ 543.930907] ? __d_alloc+0xc8/0xd50 [ 543.934523] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 543.939613] ? do_syscall_64+0x1b9/0x820 [ 543.943666] ? trace_hardirqs_on+0x10/0x10 [ 543.947894] ? trace_hardirqs_on+0x10/0x10 [ 543.952124] ? lock_acquire+0x1e4/0x540 [ 543.956094] ? fib4_rule_action+0x27b/0x380 [ 543.960405] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 543.965970] ? fib_get_table+0x274/0x350 [ 543.970018] ? fib_rules_lookup+0x527/0xcd0 [ 543.974355] ? lock_acquire+0x1e4/0x540 [ 543.978347] ? inet_select_addr+0x7d8/0xdf0 [ 543.982655] ? lock_downgrade+0x8f0/0x8f0 [ 543.986790] ? lock_release+0xa30/0xa30 [ 543.990752] ? fib4_rule_action+0x7c/0x380 [ 543.994976] __should_failslab+0x124/0x180 [ 543.999200] should_failslab+0x9/0x14 [ 544.002988] kmem_cache_alloc+0x47/0x760 [ 544.007036] ? inet_rtm_deladdr+0x780/0x780 [ 544.011345] dst_alloc+0xbb/0x1d0 [ 544.014789] rt_dst_alloc+0x102/0x520 [ 544.018577] ? fnhe_flush_routes+0x480/0x480 [ 544.022977] ? fib4_rule_nlmsg_payload+0x10/0x10 [ 544.027721] ? kasan_check_write+0x14/0x20 [ 544.031951] ? __init_rwsem+0x1cc/0x2a0 [ 544.035915] ip_route_output_key_hash_rcu+0xa5b/0x3500 [ 544.041185] ? ip_route_input_noref+0x270/0x270 [ 544.045841] ? lock_release+0xa30/0xa30 [ 544.049801] ? xas_descend+0x20c/0x5f0 [ 544.053684] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 544.058697] ? check_pgprot+0xdf/0x180 [ 544.062573] ? put_page+0x280/0x280 [ 544.066198] ? kasan_check_write+0x14/0x20 [ 544.070422] ? lock_acquire+0x1e4/0x540 [ 544.074471] ? ip_route_output_key_hash+0x1ab/0x3b0 [ 544.079479] ? alloc_set_pte+0xaf6/0x1790 [ 544.083617] ? lock_release+0xa30/0xa30 [ 544.087580] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 544.092587] ip_route_output_key_hash+0x242/0x3b0 [ 544.097419] ? ip_route_output_key_hash_rcu+0x3500/0x3500 [ 544.102950] ip_route_output_flow+0x28/0xc0 [ 544.107268] raw_sendmsg+0xf8f/0x43f0 [ 544.111061] ? raw_getsockopt+0x100/0x100 [ 544.115197] ? do_raw_spin_lock+0xc1/0x200 [ 544.119418] ? lock_acquire+0x1e4/0x540 [ 544.123381] ? __fget+0x4ac/0x740 [ 544.126820] ? lock_downgrade+0x8f0/0x8f0 [ 544.130954] ? lock_release+0xa30/0xa30 [ 544.135445] ? __fget+0x4d5/0x740 [ 544.138889] ? ksys_dup3+0x690/0x690 [ 544.142592] ? _parse_integer+0x190/0x190 [ 544.146731] ? lock_release+0xa30/0xa30 [ 544.150695] ? check_same_owner+0x340/0x340 [ 544.155006] ? __check_object_size+0xa3/0x5d7 [ 544.159492] ? lock_acquire+0x1e4/0x540 [ 544.163457] ? __might_fault+0x12b/0x1e0 [ 544.167505] ? lock_downgrade+0x8f0/0x8f0 [ 544.171642] ? lock_release+0xa30/0xa30 [ 544.175604] ? check_same_owner+0x340/0x340 [ 544.179915] inet_sendmsg+0x1a1/0x690 [ 544.183704] ? raw_getsockopt+0x100/0x100 [ 544.187850] ? inet_sendmsg+0x1a1/0x690 [ 544.191812] ? ipip_gro_receive+0x100/0x100 [ 544.196127] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 544.201653] ? security_socket_sendmsg+0x94/0xc0 [ 544.206395] ? ipip_gro_receive+0x100/0x100 [ 544.210704] sock_sendmsg+0xd5/0x120 [ 544.214413] __sys_sendto+0x3d7/0x670 [ 544.218202] ? __ia32_sys_getpeername+0xb0/0xb0 [ 544.222854] ? vfs_write+0x2f3/0x560 [ 544.226554] ? wait_for_completion+0x8d0/0x8d0 [ 544.231124] ? lock_release+0xa30/0xa30 [ 544.235088] ? fsnotify_first_mark+0x350/0x350 [ 544.239656] ? __fsnotify_parent+0xcc/0x420 [ 544.243964] ? fsnotify+0x14e0/0x14e0 [ 544.247756] ? __sb_end_write+0xac/0xe0 [ 544.251719] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 544.257242] ? fput+0x130/0x1a0 [ 544.260506] ? ksys_write+0x1ae/0x260 [ 544.264298] ? __ia32_sys_read+0xb0/0xb0 [ 544.268346] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 544.273880] __x64_sys_sendto+0xe1/0x1a0 [ 544.277930] do_syscall_64+0x1b9/0x820 [ 544.281806] ? finish_task_switch+0x1d3/0x870 [ 544.286293] ? syscall_return_slowpath+0x5e0/0x5e0 [ 544.291213] ? syscall_return_slowpath+0x31d/0x5e0 [ 544.296138] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 544.301153] ? prepare_exit_to_usermode+0x291/0x3b0 [ 544.306159] ? perf_trace_sys_enter+0xb10/0xb10 [ 544.310818] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 544.315656] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 544.320829] RIP: 0033:0x455ab9 [ 544.323998] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 544.343226] RSP: 002b:00007fd8996a8c68 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 544.350920] RAX: ffffffffffffffda RBX: 00007fd8996a96d4 RCX: 0000000000455ab9 [ 544.358174] RDX: 00000000000002e2 RSI: 00000000200002c0 RDI: 0000000000000013 [ 544.365427] RBP: 000000000072bea0 R08: 0000000020000040 R09: 0000000000000010 [ 544.372681] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014 [ 544.379938] R13: 00000000004c1158 R14: 00000000004d1848 R15: 0000000000000000 [ 544.387207] CPU: 0 PID: 7471 Comm: syz-executor0 Not tainted 4.18.0-rc4-next-20180713+ #7 [ 544.395517] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 544.404869] Call Trace: [ 544.407440] dump_stack+0x1c9/0x2b4 [ 544.411052] ? dump_stack_print_info.cold.2+0x52/0x52 [ 544.416227] should_fail.cold.4+0xa/0x11 [ 544.420271] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 544.425354] ? trace_hardirqs_on+0x10/0x10 [ 544.429610] ? kasan_check_read+0x11/0x20 [ 544.433741] ? rcu_is_watching+0x8c/0x150 [ 544.437869] ? rcu_cleanup_dead_rnp+0x200/0x200 [ 544.442523] ? is_bpf_text_address+0xd7/0x170 [ 544.447009] ? kernel_text_address+0x79/0xf0 [ 544.451401] ? __kernel_text_address+0xd/0x40 [ 544.455876] ? unwind_get_return_address+0x61/0xa0 [ 544.460817] ? __save_stack_trace+0x8d/0xf0 [ 544.465125] ? trace_hardirqs_on+0x10/0x10 [ 544.469341] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 544.474338] ? bpf_prog_kallsyms_find+0xde/0x4c0 [ 544.479076] __should_failslab+0x124/0x180 [ 544.483293] should_failslab+0x9/0x14 [ 544.487076] kmem_cache_alloc+0x47/0x760 [ 544.491121] ? lock_acquire+0x1e4/0x540 [ 544.495106] ? is_bpf_text_address+0xae/0x170 [ 544.499587] radix_tree_node_alloc.constprop.19+0x1e6/0x310 [ 544.505279] idr_get_free+0x887/0x10d0 [ 544.509153] ? radix_tree_iter_tag_clear+0xd0/0xd0 [ 544.514065] ? __kernel_text_address+0xd/0x40 [ 544.518546] ? unwind_get_return_address+0x61/0xa0 [ 544.523459] ? __save_stack_trace+0x8d/0xf0 [ 544.527766] ? save_stack+0xa9/0xd0 [ 544.531375] ? save_stack+0x43/0xd0 [ 544.534983] ? kasan_kmalloc+0xc4/0xe0 [ 544.538852] ? kmem_cache_alloc_trace+0x152/0x780 [ 544.543676] ? p9_fid_create+0x98/0x4c0 [ 544.547631] ? p9_client_attach+0xbc/0x860 [ 544.551850] ? v9fs_mount+0x7c/0x900 [ 544.555555] ? legacy_get_tree+0x118/0x440 [ 544.559771] ? vfs_get_tree+0x1cb/0x5c0 [ 544.563727] ? do_mount+0x6c1/0x1fb0 [ 544.567420] ? ksys_mount+0x12d/0x140 [ 544.571202] ? __x64_sys_mount+0xbe/0x150 [ 544.575330] ? do_syscall_64+0x1b9/0x820 [ 544.579383] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 544.584730] ? kasan_check_read+0x11/0x20 [ 544.588870] ? rcu_is_watching+0x8c/0x150 [ 544.593000] ? rcu_cleanup_dead_rnp+0x200/0x200 [ 544.597654] idr_alloc_u32+0x1d4/0x3a0 [ 544.601528] ? __fprop_inc_percpu_max+0x2d0/0x2d0 [ 544.606352] ? p9_idpool_get+0x23/0x70 [ 544.610224] ? check_same_owner+0x340/0x340 [ 544.614532] idr_alloc+0x111/0x1b0 [ 544.618053] ? idr_alloc_u32+0x3a0/0x3a0 [ 544.622093] ? do_raw_spin_lock+0xc1/0x200 [ 544.626311] p9_idpool_get+0x3d/0x70 [ 544.630019] p9_fid_create+0xd3/0x4c0 [ 544.633803] ? kasan_check_read+0x11/0x20 [ 544.637940] ? p9_client_destroy+0x610/0x610 [ 544.642330] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 544.646896] ? kasan_check_write+0x14/0x20 [ 544.651123] p9_client_attach+0xbc/0x860 [ 544.655168] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 544.660341] ? debug_check_no_obj_freed+0x30b/0x595 [ 544.665337] ? p9_client_walk+0xab0/0xab0 [ 544.669470] ? trace_hardirqs_off+0xd/0x10 [ 544.673683] ? quarantine_put+0x10d/0x1b0 [ 544.677816] ? __kasan_slab_free+0x131/0x170 [ 544.682206] v9fs_session_init+0xf62/0x1a80 [ 544.686510] ? v9fs_session_init+0xf62/0x1a80 [ 544.690990] ? rcu_note_context_switch+0x730/0x730 [ 544.695905] ? v9fs_show_options+0x7e0/0x7e0 [ 544.700307] ? lock_release+0xa30/0xa30 [ 544.704263] ? check_same_owner+0x340/0x340 [ 544.708569] ? kasan_unpoison_shadow+0x35/0x50 [ 544.713131] ? kasan_kmalloc+0xc4/0xe0 [ 544.717000] ? kmem_cache_alloc_trace+0x318/0x780 [ 544.721829] ? kasan_unpoison_shadow+0x35/0x50 [ 544.726395] ? kasan_kmalloc+0xc4/0xe0 [ 544.730264] v9fs_mount+0x7c/0x900 [ 544.733786] ? v9fs_drop_inode+0x150/0x150 [ 544.738003] legacy_get_tree+0x118/0x440 [ 544.742052] vfs_get_tree+0x1cb/0x5c0 [ 544.745833] do_mount+0x6c1/0x1fb0 [ 544.749357] ? kasan_check_write+0x14/0x20 [ 544.753577] ? copy_mount_string+0x40/0x40 [ 544.757795] ? kasan_kmalloc+0xc4/0xe0 [ 544.761665] ? kmem_cache_alloc_trace+0x318/0x780 [ 544.766506] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 544.772035] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 544.777552] ? copy_mount_options+0x285/0x380 [ 544.782033] ksys_mount+0x12d/0x140 [ 544.785642] __x64_sys_mount+0xbe/0x150 [ 544.789600] do_syscall_64+0x1b9/0x820 [ 544.793471] ? syscall_slow_exit_work+0x500/0x500 [ 544.798294] ? syscall_return_slowpath+0x5e0/0x5e0 [ 544.803204] ? syscall_return_slowpath+0x31d/0x5e0 [ 544.808114] ? prepare_exit_to_usermode+0x291/0x3b0 [ 544.813113] ? perf_trace_sys_enter+0xb10/0xb10 [ 544.817764] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 544.822591] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 544.827762] RIP: 0033:0x455ab9 [ 544.830930] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 544.850112] RSP: 002b:00007ff52b1d3c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 544.857803] RAX: ffffffffffffffda RBX: 00007ff52b1d46d4 RCX: 0000000000455ab9 [ 544.865054] RDX: 0000000020000900 RSI: 0000000020000000 RDI: 0000000000000000 [ 544.872304] RBP: 000000000072bea0 R08: 0000000020000140 R09: 0000000000000000 [ 544.879555] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 544.886814] R13: 00000000004c0201 R14: 00000000004cfe50 R15: 0000000000000021 03:33:32 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0xf5ffffff], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:32 executing program 7: mkdir(&(0x7f0000000240)='./file0\x00', 0x0) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00000000c0)='cgroup\x00', 0x0, &(0x7f0000000000)) 03:33:32 executing program 2: 03:33:32 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x4305000000000000], 0x1}}, 0x1c) 03:33:32 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x1886e, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:32 executing program 0 (fault-call:8 fault-nth:34): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) 03:33:32 executing program 4 (fault-call:2 fault-nth:1): r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001}, 0x10) 03:33:32 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x0) r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vsock\x00', 0x40, 0x0) write$P9_RMKDIR(r1, &(0x7f0000000180)={0x14, 0x49, 0x1, {0x40, 0x1, 0x1}}, 0x14) writev(r0, &(0x7f00000004c0)=[{&(0x7f0000001f8d)="390000001300090468fe0000810000000700004003000000450001070000001419001a000400020007000012020000080001010c00f41ee400", 0x39}], 0x1) r2 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x7fffffff, 0x1) getsockopt$inet_sctp_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, &(0x7f0000000040)={0x0, 0x5}, &(0x7f0000000080)=0x8) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r2, 0x84, 0x18, &(0x7f00000000c0)={r3, 0x10001}, &(0x7f0000000100)=0x8) [ 546.237616] FAULT_INJECTION: forcing a failure. [ 546.237616] name failslab, interval 1, probability 0, space 0, times 0 [ 546.248261] FAULT_INJECTION: forcing a failure. [ 546.248261] name failslab, interval 1, probability 0, space 0, times 0 [ 546.248903] CPU: 1 PID: 7481 Comm: syz-executor0 Not tainted 4.18.0-rc4-next-20180713+ #7 [ 546.268340] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 546.277682] Call Trace: [ 546.280264] dump_stack+0x1c9/0x2b4 [ 546.283882] ? dump_stack_print_info.cold.2+0x52/0x52 [ 546.289065] ? __kernel_text_address+0xd/0x40 [ 546.293549] ? unwind_get_return_address+0x61/0xa0 [ 546.298468] should_fail.cold.4+0xa/0x11 [ 546.302543] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 546.307636] ? save_stack+0xa9/0xd0 [ 546.311252] ? save_stack+0x43/0xd0 [ 546.314868] ? kasan_kmalloc+0xc4/0xe0 [ 546.318745] ? __kmalloc+0x14e/0x760 [ 546.322445] ? p9_fcall_alloc+0x1e/0x90 [ 546.326416] ? p9_client_prepare_req.part.9+0x7c9/0xcd0 [ 546.331765] ? p9_client_rpc+0x1bd/0x1400 [ 546.335905] ? v9fs_session_init+0xf62/0x1a80 [ 546.340390] ? v9fs_mount+0x7c/0x900 [ 546.344089] ? legacy_get_tree+0x118/0x440 [ 546.348311] ? vfs_get_tree+0x1cb/0x5c0 [ 546.352274] ? do_mount+0x6c1/0x1fb0 [ 546.355973] ? ksys_mount+0x12d/0x140 [ 546.359762] ? __x64_sys_mount+0xbe/0x150 [ 546.363898] ? do_syscall_64+0x1b9/0x820 [ 546.367981] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 546.373333] ? __x64_sys_mount+0xbe/0x150 [ 546.377466] ? do_syscall_64+0x1b9/0x820 [ 546.381554] ? lock_acquire+0x1e4/0x540 [ 546.385519] ? cache_grow_end.part.37+0x95/0x170 [ 546.390261] ? lock_downgrade+0x8f0/0x8f0 [ 546.394407] ? radix_tree_iter_tag_clear+0x97/0xd0 [ 546.399333] ? kasan_check_read+0x11/0x20 [ 546.403503] ? do_raw_spin_unlock+0xa7/0x2f0 [ 546.407903] ? check_same_owner+0x340/0x340 [ 546.412211] ? kasan_check_write+0x14/0x20 [ 546.416434] ? rcu_note_context_switch+0x730/0x730 [ 546.421353] __should_failslab+0x124/0x180 [ 546.425583] should_failslab+0x9/0x14 [ 546.429377] __kmalloc+0x2c8/0x760 [ 546.432903] ? __init_waitqueue_head+0x9e/0x150 [ 546.437589] ? init_wait_entry+0x1c0/0x1c0 [ 546.441815] ? p9_fcall_alloc+0x1e/0x90 [ 546.445775] p9_fcall_alloc+0x1e/0x90 [ 546.449573] p9_client_prepare_req.part.9+0x754/0xcd0 [ 546.454769] ? p9_free_req.isra.8+0x140/0x140 [ 546.459253] ? __radix_tree_replace+0x188/0x2f0 [ 546.463914] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 546.469437] ? node_tag_clear+0xc0/0x1c0 [ 546.473494] p9_client_rpc+0x1bd/0x1400 [ 546.477455] ? idr_alloc_u32+0x208/0x3a0 [ 546.481504] ? p9_client_prepare_req.part.9+0xcd0/0xcd0 [ 546.486857] ? lock_acquire+0x1e4/0x540 [ 546.490821] ? p9_fid_create+0x37f/0x4c0 [ 546.494872] ? lock_downgrade+0x8f0/0x8f0 [ 546.499022] ? kasan_check_read+0x11/0x20 [ 546.503160] ? do_raw_spin_unlock+0xa7/0x2f0 [ 546.507555] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 546.512124] ? kasan_check_write+0x14/0x20 [ 546.516349] ? do_raw_spin_lock+0xc1/0x200 [ 546.520573] ? trace_hardirqs_on+0xd/0x10 [ 546.524710] ? kasan_check_read+0x11/0x20 [ 546.528842] ? p9_client_destroy+0x610/0x610 [ 546.533242] p9_client_attach+0x19f/0x860 [ 546.537378] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 546.542471] ? debug_check_no_obj_freed+0x30b/0x595 [ 546.547471] ? p9_client_walk+0xab0/0xab0 [ 546.551609] ? trace_hardirqs_off+0xd/0x10 [ 546.555840] ? quarantine_put+0x10d/0x1b0 [ 546.559990] ? __kasan_slab_free+0x131/0x170 [ 546.564391] v9fs_session_init+0xf62/0x1a80 [ 546.568701] ? v9fs_session_init+0xf62/0x1a80 [ 546.573186] ? rcu_note_context_switch+0x730/0x730 [ 546.578118] ? v9fs_show_options+0x7e0/0x7e0 [ 546.582515] ? lock_release+0xa30/0xa30 [ 546.586477] ? check_same_owner+0x340/0x340 [ 546.590784] ? lock_downgrade+0x8f0/0x8f0 [ 546.594920] ? kasan_unpoison_shadow+0x35/0x50 [ 546.599491] ? kasan_kmalloc+0xc4/0xe0 [ 546.603368] ? kmem_cache_alloc_trace+0x318/0x780 [ 546.608200] ? kasan_unpoison_shadow+0x35/0x50 [ 546.612780] ? kasan_kmalloc+0xc4/0xe0 [ 546.616667] v9fs_mount+0x7c/0x900 [ 546.620195] ? v9fs_drop_inode+0x150/0x150 [ 546.624425] legacy_get_tree+0x118/0x440 [ 546.628479] vfs_get_tree+0x1cb/0x5c0 [ 546.632277] do_mount+0x6c1/0x1fb0 [ 546.635802] ? check_same_owner+0x340/0x340 [ 546.640108] ? lock_release+0xa30/0xa30 [ 546.644074] ? copy_mount_string+0x40/0x40 [ 546.648299] ? kasan_kmalloc+0xc4/0xe0 [ 546.652177] ? kmem_cache_alloc_trace+0x318/0x780 [ 546.657018] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 546.662543] ? _copy_from_user+0xdf/0x150 [ 546.666681] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 546.672225] ? copy_mount_options+0x285/0x380 [ 546.676719] ksys_mount+0x12d/0x140 [ 546.680339] __x64_sys_mount+0xbe/0x150 [ 546.684313] do_syscall_64+0x1b9/0x820 [ 546.688185] ? finish_task_switch+0x1d3/0x870 [ 546.692671] ? syscall_return_slowpath+0x5e0/0x5e0 [ 546.697589] ? syscall_return_slowpath+0x31d/0x5e0 [ 546.702507] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 546.707511] ? prepare_exit_to_usermode+0x291/0x3b0 [ 546.712515] ? perf_trace_sys_enter+0xb10/0xb10 [ 546.717172] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 546.722005] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 546.727184] RIP: 0033:0x455ab9 [ 546.730356] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 546.749577] RSP: 002b:00007ff52b1d3c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 546.757280] RAX: ffffffffffffffda RBX: 00007ff52b1d46d4 RCX: 0000000000455ab9 [ 546.764536] RDX: 0000000020000900 RSI: 0000000020000000 RDI: 0000000000000000 [ 546.771792] RBP: 000000000072bea0 R08: 0000000020000140 R09: 0000000000000000 [ 546.779047] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 03:33:33 executing program 2: [ 546.786301] R13: 00000000004c0201 R14: 00000000004cfe50 R15: 0000000000000022 [ 546.793568] CPU: 0 PID: 7487 Comm: syz-executor4 Not tainted 4.18.0-rc4-next-20180713+ #7 [ 546.793714] 9pnet: Couldn't grow tag array [ 546.801904] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 546.801908] Call Trace: [ 546.801925] dump_stack+0x1c9/0x2b4 [ 546.801942] ? dump_stack_print_info.cold.2+0x52/0x52 [ 546.826859] ? lock_downgrade+0x8f0/0x8f0 [ 546.831029] should_fail.cold.4+0xa/0x11 [ 546.835112] ? fault_create_debugfs_attr+0x1f0/0x1f0 03:33:33 executing program 7: 03:33:33 executing program 0 (fault-call:8 fault-nth:35): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) 03:33:33 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x40000000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:33 executing program 5: [ 546.840290] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 546.845828] ? kernel_poison_pages+0x136/0x220 [ 546.850409] ? kasan_unpoison_shadow+0x35/0x50 [ 546.854995] ? kasan_alloc_pages+0x38/0x40 [ 546.859235] ? get_page_from_freelist+0xfe4/0x4620 [ 546.864171] ? trace_hardirqs_on+0x10/0x10 [ 546.868420] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 546.873963] ? __isolate_free_page+0x690/0x690 [ 546.878552] ? trace_hardirqs_on+0x10/0x10 [ 546.882789] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 546.887801] ? gup_pgd_range+0x40f/0x3410 [ 546.891939] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 546.896687] __should_failslab+0x124/0x180 [ 546.900944] should_failslab+0x9/0x14 [ 546.904752] kmem_cache_alloc+0x47/0x760 [ 546.908801] ? trace_hardirqs_on+0x10/0x10 [ 546.913038] dst_alloc+0xbb/0x1d0 [ 546.916477] rt_dst_alloc+0x102/0x520 [ 546.920259] ? fnhe_flush_routes+0x480/0x480 [ 546.924650] ? rb_next+0x140/0x140 [ 546.928183] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 546.933710] ? trace_hardirqs_on+0x10/0x10 [ 546.937931] ip_route_output_key_hash_rcu+0xa5b/0x3500 [ 546.943203] ? ip_route_input_noref+0x270/0x270 [ 546.947862] ? unwind_get_return_address+0x61/0xa0 [ 546.952776] ? trace_hardirqs_on+0x10/0x10 [ 546.957003] ? __isolate_free_page+0x690/0x690 [ 546.961587] ? lock_acquire+0x1e4/0x540 [ 546.965541] ? ip_route_output_key_hash+0x1ab/0x3b0 [ 546.970538] ? trace_hardirqs_on+0x10/0x10 [ 546.974756] ? lock_release+0xa30/0xa30 [ 546.978712] ? trace_hardirqs_on+0x10/0x10 [ 546.982927] ? d_alloc_parallel+0x15a/0x1ea0 [ 546.987315] ? __lookup_slow+0x1e6/0x540 [ 546.991365] ? lookup_slow+0x57/0x80 [ 546.995061] ? walk_component+0x94a/0x2630 [ 546.999281] ? lock_acquire+0x1e4/0x540 [ 547.003238] ? __xfrm4_dst_lookup.isra.5+0x18e/0x400 [ 547.008323] ip_route_output_key_hash+0x242/0x3b0 [ 547.013153] ? ip_route_output_key_hash_rcu+0x3500/0x3500 [ 547.018671] ? xfrm_policy_get_afinfo+0x7c/0x340 [ 547.023413] __xfrm4_dst_lookup.isra.5+0x2ad/0x400 [ 547.028335] xfrm4_get_saddr+0xad/0x190 [ 547.032292] ? __xfrm4_dst_lookup.isra.5+0x400/0x400 [ 547.037379] ? lock_downgrade+0x8f0/0x8f0 [ 547.041507] xfrm_tmpl_resolve+0x68a/0xe10 [ 547.045730] ? __xfrm_decode_session+0x390/0x390 [ 547.050467] ? kernel_text_address+0x79/0xf0 [ 547.054877] ? __kernel_text_address+0xd/0x40 [ 547.059357] ? unwind_get_return_address+0x61/0xa0 [ 547.064269] ? __save_stack_trace+0x8d/0xf0 [ 547.068589] xfrm_resolve_and_create_bundle+0x184/0x27e0 [ 547.074041] ? kasan_kmalloc+0xc4/0xe0 [ 547.077927] ? xfrm_policy_lookup_bytype+0x538/0xa30 [ 547.083037] ? lock_downgrade+0x8f0/0x8f0 [ 547.087171] ? refcount_inc_not_zero+0x1e5/0x2f0 [ 547.091910] ? refcount_add_not_zero+0x330/0x330 [ 547.096651] ? xfrm_migrate+0x19d0/0x19d0 [ 547.100781] ? security_xfrm_policy_lookup+0x9e/0xd0 [ 547.105871] ? xfrm_policy_match+0x287/0x320 [ 547.110272] ? xfrm_policy_lookup_bytype+0x119/0xa30 [ 547.115364] ? xfrm_policy_match+0x320/0x320 [ 547.119756] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 547.125276] ? rt_set_nexthop.constprop.55+0x57e/0x13e0 [ 547.130620] ? dst_init+0x45e/0x620 [ 547.134233] ? rt_add_uncached_list+0x280/0x280 [ 547.138883] ? inet_rtm_deladdr+0x780/0x780 [ 547.143190] ? dst_alloc+0xe6/0x1d0 [ 547.146811] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 547.152340] ? rt_dst_alloc+0x3f8/0x520 [ 547.156299] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 547.161326] xfrm_lookup+0xaaa/0x2b80 [ 547.165128] ? xfrm_lookup+0xaaa/0x2b80 [ 547.169096] ? xfrm_policy_lookup+0x70/0x70 [ 547.173400] ? ip_route_input_noref+0x270/0x270 [ 547.178053] ? xas_descend+0x20c/0x5f0 [ 547.181926] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 547.186926] ? check_pgprot+0xdf/0x180 [ 547.190815] ? put_page+0x280/0x280 [ 547.194448] ? kasan_check_write+0x14/0x20 [ 547.198676] ? lock_acquire+0x1e4/0x540 [ 547.202637] ? ip_route_output_key_hash+0x272/0x3b0 [ 547.207635] ? lock_downgrade+0x8f0/0x8f0 [ 547.211773] ? alloc_set_pte+0xaf6/0x1790 [ 547.215913] ? lock_release+0xa30/0xa30 [ 547.219870] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 547.224884] ? ip_route_output_key_hash+0x29b/0x3b0 [ 547.229884] ? ip_route_output_key_hash_rcu+0x3500/0x3500 [ 547.235405] xfrm_lookup_route+0x39/0x1f0 [ 547.239551] ip_route_output_flow+0xb1/0xc0 [ 547.243855] raw_sendmsg+0xf8f/0x43f0 [ 547.247640] ? raw_getsockopt+0x100/0x100 [ 547.251770] ? do_raw_spin_lock+0xc1/0x200 [ 547.255987] ? lock_acquire+0x1e4/0x540 [ 547.259941] ? __fget+0x4ac/0x740 [ 547.263377] ? lock_downgrade+0x8f0/0x8f0 [ 547.267612] ? lock_release+0xa30/0xa30 [ 547.271585] ? __fget+0x4d5/0x740 [ 547.275030] ? ksys_dup3+0x690/0x690 [ 547.278734] ? _parse_integer+0x190/0x190 [ 547.282872] ? lock_release+0xa30/0xa30 [ 547.286827] ? check_same_owner+0x340/0x340 [ 547.291130] ? __check_object_size+0xa3/0x5d7 [ 547.295612] ? lock_acquire+0x1e4/0x540 [ 547.299568] ? __might_fault+0x12b/0x1e0 [ 547.303612] ? lock_downgrade+0x8f0/0x8f0 [ 547.307743] ? lock_release+0xa30/0xa30 [ 547.312326] ? check_same_owner+0x340/0x340 [ 547.316635] inet_sendmsg+0x1a1/0x690 [ 547.320430] ? raw_getsockopt+0x100/0x100 [ 547.324569] ? inet_sendmsg+0x1a1/0x690 [ 547.328534] ? ipip_gro_receive+0x100/0x100 [ 547.332867] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 547.338399] ? security_socket_sendmsg+0x94/0xc0 [ 547.343136] ? ipip_gro_receive+0x100/0x100 [ 547.347436] sock_sendmsg+0xd5/0x120 [ 547.351133] __sys_sendto+0x3d7/0x670 [ 547.354917] ? __ia32_sys_getpeername+0xb0/0xb0 [ 547.359571] ? vfs_write+0x2f3/0x560 [ 547.363269] ? wait_for_completion+0x8d0/0x8d0 [ 547.367852] ? lock_release+0xa30/0xa30 [ 547.371810] ? fsnotify_first_mark+0x350/0x350 [ 547.376373] ? __fsnotify_parent+0xcc/0x420 [ 547.380678] ? fsnotify+0x14e0/0x14e0 [ 547.384466] ? __sb_end_write+0xac/0xe0 [ 547.388436] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 547.393963] ? fput+0x130/0x1a0 [ 547.397235] ? ksys_write+0x1ae/0x260 [ 547.401026] ? __ia32_sys_read+0xb0/0xb0 [ 547.405079] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 547.410613] __x64_sys_sendto+0xe1/0x1a0 [ 547.414665] do_syscall_64+0x1b9/0x820 [ 547.418534] ? finish_task_switch+0x1d3/0x870 [ 547.423016] ? syscall_return_slowpath+0x5e0/0x5e0 [ 547.427936] ? syscall_return_slowpath+0x31d/0x5e0 [ 547.432856] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 547.437854] ? prepare_exit_to_usermode+0x291/0x3b0 [ 547.442860] ? perf_trace_sys_enter+0xb10/0xb10 [ 547.447511] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 547.452336] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 547.457523] RIP: 0033:0x455ab9 [ 547.460707] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 547.479883] RSP: 002b:00007fd8996a8c68 EFLAGS: 00000246 ORIG_RAX: 000000000000002c 03:33:34 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x4, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) [ 547.487581] RAX: ffffffffffffffda RBX: 00007fd8996a96d4 RCX: 0000000000455ab9 [ 547.494831] RDX: 00000000000002e2 RSI: 00000000200002c0 RDI: 0000000000000013 [ 547.502084] RBP: 000000000072bea0 R08: 0000000020000040 R09: 0000000000000010 [ 547.509333] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014 [ 547.516580] R13: 00000000004c1158 R14: 00000000004d1848 R15: 0000000000000001 [ 547.580195] FAULT_INJECTION: forcing a failure. [ 547.580195] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 547.592070] CPU: 1 PID: 7507 Comm: syz-executor0 Not tainted 4.18.0-rc4-next-20180713+ #7 [ 547.600391] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 547.609744] Call Trace: [ 547.612344] dump_stack+0x1c9/0x2b4 [ 547.615989] ? dump_stack_print_info.cold.2+0x52/0x52 [ 547.621196] should_fail.cold.4+0xa/0x11 [ 547.625267] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 547.630374] ? lock_acquire+0x1e4/0x540 [ 547.634346] ? is_bpf_text_address+0xae/0x170 [ 547.638851] ? lock_release+0xa30/0xa30 [ 547.642834] ? kasan_check_read+0x11/0x20 [ 547.646986] ? rcu_is_watching+0x8c/0x150 [ 547.651140] ? rcu_cleanup_dead_rnp+0x200/0x200 [ 547.655815] ? is_bpf_text_address+0xd7/0x170 [ 547.660345] ? kernel_text_address+0x79/0xf0 [ 547.664760] ? unwind_get_return_address+0x61/0xa0 [ 547.669699] ? __save_stack_trace+0x8d/0xf0 [ 547.674029] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 547.679572] ? should_fail+0x246/0xd86 [ 547.683470] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 547.688583] __alloc_pages_nodemask+0x36e/0xdb0 [ 547.693260] ? save_stack+0x43/0xd0 [ 547.696895] ? kasan_kmalloc+0xc4/0xe0 [ 547.700793] ? __kmalloc+0x14e/0x760 [ 547.704511] ? p9_fcall_alloc+0x1e/0x90 [ 547.708491] ? __alloc_pages_slowpath+0x2d00/0x2d00 [ 547.713514] ? vfs_get_tree+0x1cb/0x5c0 [ 547.717494] ? ksys_mount+0x12d/0x140 [ 547.721302] ? __x64_sys_mount+0xbe/0x150 [ 547.725453] ? do_syscall_64+0x1b9/0x820 [ 547.729524] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 547.734893] ? __x64_sys_mount+0xbe/0x150 [ 547.739045] ? do_syscall_64+0x1b9/0x820 [ 547.743116] ? lock_downgrade+0x8f0/0x8f0 [ 547.747271] ? radix_tree_iter_tag_clear+0x97/0xd0 [ 547.752207] ? kasan_check_read+0x11/0x20 [ 547.756357] ? do_raw_spin_unlock+0xa7/0x2f0 [ 547.760771] ? check_same_owner+0x340/0x340 [ 547.765093] cache_grow_begin+0x91/0x710 [ 547.769158] __kmalloc+0x688/0x760 [ 547.772700] ? __init_waitqueue_head+0x9e/0x150 [ 547.777369] ? init_wait_entry+0x1c0/0x1c0 [ 547.781607] ? p9_fcall_alloc+0x1e/0x90 [ 547.785582] p9_fcall_alloc+0x1e/0x90 [ 547.789381] p9_client_prepare_req.part.9+0x754/0xcd0 [ 547.794577] ? p9_free_req.isra.8+0x140/0x140 [ 547.799081] ? __radix_tree_replace+0x188/0x2f0 [ 547.803755] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 547.809302] ? node_tag_clear+0xc0/0x1c0 [ 547.813372] p9_client_rpc+0x1bd/0x1400 [ 547.817349] ? idr_alloc_u32+0x208/0x3a0 [ 547.821410] ? p9_client_prepare_req.part.9+0xcd0/0xcd0 [ 547.826785] ? lock_acquire+0x1e4/0x540 03:33:34 executing program 5: 03:33:34 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001}, 0x10) 03:33:34 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x8906000000000000], 0x1}}, 0x1c) 03:33:34 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x500000000000000, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:34 executing program 7: 03:33:34 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x2000000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:34 executing program 7: 03:33:34 executing program 5: 03:33:34 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xfffffe00, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:34 executing program 7: [ 547.830767] ? p9_fid_create+0x37f/0x4c0 [ 547.834833] ? lock_downgrade+0x8f0/0x8f0 [ 547.838992] ? kasan_check_read+0x11/0x20 [ 547.843143] ? do_raw_spin_unlock+0xa7/0x2f0 [ 547.847556] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 547.852149] ? kasan_check_write+0x14/0x20 [ 547.856386] ? do_raw_spin_lock+0xc1/0x200 [ 547.860633] ? trace_hardirqs_on+0xd/0x10 [ 547.864794] ? kasan_check_read+0x11/0x20 [ 547.868946] ? p9_client_destroy+0x610/0x610 [ 547.873358] p9_client_attach+0x19f/0x860 [ 547.877510] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 547.882616] ? debug_check_no_obj_freed+0x30b/0x595 [ 547.887634] ? p9_client_walk+0xab0/0xab0 [ 547.891796] ? trace_hardirqs_off+0xd/0x10 [ 547.896039] ? quarantine_put+0x10d/0x1b0 [ 547.900203] ? __kasan_slab_free+0x131/0x170 [ 547.904620] v9fs_session_init+0xf62/0x1a80 [ 547.908945] ? v9fs_session_init+0xf62/0x1a80 [ 547.913447] ? rcu_note_context_switch+0x730/0x730 [ 547.918387] ? v9fs_show_options+0x7e0/0x7e0 [ 547.922798] ? lock_release+0xa30/0xa30 [ 547.926780] ? check_same_owner+0x340/0x340 [ 547.931109] ? lock_downgrade+0x8f0/0x8f0 [ 547.935266] ? kasan_unpoison_shadow+0x35/0x50 [ 547.939857] ? kasan_kmalloc+0xc4/0xe0 [ 547.943755] ? kmem_cache_alloc_trace+0x318/0x780 [ 547.948597] ? kasan_unpoison_shadow+0x35/0x50 [ 547.953186] ? kasan_kmalloc+0xc4/0xe0 [ 547.957081] v9fs_mount+0x7c/0x900 [ 547.960628] ? v9fs_drop_inode+0x150/0x150 [ 547.964867] legacy_get_tree+0x118/0x440 [ 547.968934] vfs_get_tree+0x1cb/0x5c0 [ 547.972737] do_mount+0x6c1/0x1fb0 [ 547.976279] ? check_same_owner+0x340/0x340 [ 547.980609] ? lock_release+0xa30/0xa30 [ 547.984568] ? copy_mount_string+0x40/0x40 [ 547.988784] ? kasan_kmalloc+0xc4/0xe0 [ 547.992659] ? kmem_cache_alloc_trace+0x318/0x780 [ 547.997497] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 548.003021] ? _copy_from_user+0xdf/0x150 [ 548.007156] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 548.012677] ? copy_mount_options+0x285/0x380 [ 548.017155] ksys_mount+0x12d/0x140 [ 548.020763] __x64_sys_mount+0xbe/0x150 [ 548.024727] do_syscall_64+0x1b9/0x820 [ 548.028602] ? finish_task_switch+0x1d3/0x870 [ 548.033078] ? syscall_return_slowpath+0x5e0/0x5e0 [ 548.037995] ? syscall_return_slowpath+0x31d/0x5e0 [ 548.042914] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 548.047911] ? prepare_exit_to_usermode+0x291/0x3b0 [ 548.052917] ? perf_trace_sys_enter+0xb10/0xb10 [ 548.057566] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 548.062392] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 548.067566] RIP: 0033:0x455ab9 [ 548.070747] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 548.089903] RSP: 002b:00007ff52b1d3c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 548.097597] RAX: ffffffffffffffda RBX: 00007ff52b1d46d4 RCX: 0000000000455ab9 [ 548.104863] RDX: 0000000020000900 RSI: 0000000020000000 RDI: 0000000000000000 [ 548.112130] RBP: 000000000072bea0 R08: 0000000020000140 R09: 0000000000000000 [ 548.119405] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 03:33:34 executing program 2: 03:33:34 executing program 5: [ 548.126657] R13: 00000000004c0201 R14: 00000000004cfe50 R15: 0000000000000023 03:33:34 executing program 0 (fault-call:8 fault-nth:36): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) 03:33:34 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xedc000000000, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:34 executing program 7: 03:33:34 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x200005a2, 0x0, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001}, 0x10) 03:33:34 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x1ab], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:34 executing program 2: 03:33:34 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0xffffffff00000000], 0x1}}, 0x1c) 03:33:34 executing program 5: 03:33:34 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x13, 0x0, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001}, 0x10) 03:33:34 executing program 7: [ 548.255835] FAULT_INJECTION: forcing a failure. [ 548.255835] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 548.267684] CPU: 0 PID: 7567 Comm: syz-executor0 Not tainted 4.18.0-rc4-next-20180713+ #7 [ 548.276004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 548.285360] Call Trace: [ 548.287960] dump_stack+0x1c9/0x2b4 [ 548.291599] ? dump_stack_print_info.cold.2+0x52/0x52 [ 548.296802] ? rcu_cleanup_dead_rnp+0x200/0x200 [ 548.301485] should_fail.cold.4+0xa/0x11 [ 548.305559] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 548.310673] ? is_bpf_text_address+0xae/0x170 [ 548.315180] ? lock_downgrade+0x8f0/0x8f0 [ 548.319348] ? lock_release+0xa30/0xa30 [ 548.323330] ? kasan_check_read+0x11/0x20 [ 548.327486] ? rcu_is_watching+0x8c/0x150 [ 548.331638] ? rcu_cleanup_dead_rnp+0x200/0x200 [ 548.336317] ? is_bpf_text_address+0xd7/0x170 [ 548.340821] ? kernel_text_address+0x79/0xf0 [ 548.345241] ? __kernel_text_address+0xd/0x40 [ 548.349746] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 03:33:35 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xe087, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:35 executing program 7: 03:33:35 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0xab01], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:35 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x88480000], 0x1}}, 0x1c) 03:33:35 executing program 5: 03:33:35 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0xfffffdef, 0x0, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001}, 0x10) [ 548.355295] ? should_fail+0x246/0xd86 [ 548.359191] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 548.364309] __alloc_pages_nodemask+0x36e/0xdb0 [ 548.368985] ? save_stack+0xa9/0xd0 [ 548.372620] ? __alloc_pages_slowpath+0x2d00/0x2d00 [ 548.377645] ? p9_client_attach+0x19f/0x860 [ 548.381976] ? v9fs_mount+0x7c/0x900 [ 548.385700] ? legacy_get_tree+0x118/0x440 [ 548.389944] ? vfs_get_tree+0x1cb/0x5c0 [ 548.393928] ? do_mount+0x6c1/0x1fb0 [ 548.397651] ? ksys_mount+0x12d/0x140 [ 548.401459] ? __x64_sys_mount+0xbe/0x150 [ 548.405614] ? do_syscall_64+0x1b9/0x820 [ 548.409681] ? node_tag_clear+0xc0/0x1c0 [ 548.413759] ? radix_tree_iter_tag_clear+0x97/0xd0 [ 548.418703] ? radix_tree_iter_replace+0x49/0x60 [ 548.423468] ? idr_alloc_u32+0x208/0x3a0 [ 548.427537] ? check_same_owner+0x340/0x340 [ 548.431868] cache_grow_begin+0x91/0x710 [ 548.435937] __kmalloc+0x688/0x760 [ 548.439487] ? __init_waitqueue_head+0x9e/0x150 [ 548.444159] ? init_wait_entry+0x1c0/0x1c0 [ 548.448401] ? p9_fcall_alloc+0x1e/0x90 [ 548.452379] p9_fcall_alloc+0x1e/0x90 [ 548.456183] p9_client_prepare_req.part.9+0x7c9/0xcd0 [ 548.461385] ? p9_free_req.isra.8+0x140/0x140 [ 548.465883] ? __radix_tree_replace+0x188/0x2f0 [ 548.470554] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 548.476089] ? node_tag_clear+0xc0/0x1c0 [ 548.480153] p9_client_rpc+0x1bd/0x1400 [ 548.484137] ? idr_alloc_u32+0x208/0x3a0 [ 548.488215] ? p9_client_prepare_req.part.9+0xcd0/0xcd0 [ 548.493589] ? lock_acquire+0x1e4/0x540 [ 548.497571] ? p9_fid_create+0x37f/0x4c0 [ 548.501641] ? lock_downgrade+0x8f0/0x8f0 [ 548.505804] ? kasan_check_read+0x11/0x20 [ 548.509962] ? do_raw_spin_unlock+0xa7/0x2f0 [ 548.514375] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 548.518965] ? kasan_check_write+0x14/0x20 [ 548.523213] ? do_raw_spin_lock+0xc1/0x200 [ 548.527455] ? trace_hardirqs_on+0xd/0x10 [ 548.531612] ? kasan_check_read+0x11/0x20 [ 548.535757] ? p9_client_destroy+0x610/0x610 [ 548.540156] p9_client_attach+0x19f/0x860 [ 548.544288] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 548.549374] ? debug_check_no_obj_freed+0x30b/0x595 [ 548.554369] ? p9_client_walk+0xab0/0xab0 [ 548.558500] ? trace_hardirqs_off+0xd/0x10 [ 548.562743] ? quarantine_put+0x10d/0x1b0 [ 548.566891] ? __kasan_slab_free+0x131/0x170 [ 548.571287] v9fs_session_init+0xf62/0x1a80 [ 548.575588] ? v9fs_session_init+0xf62/0x1a80 [ 548.580066] ? rcu_note_context_switch+0x730/0x730 [ 548.584979] ? v9fs_show_options+0x7e0/0x7e0 [ 548.589368] ? lock_release+0xa30/0xa30 [ 548.593330] ? check_same_owner+0x340/0x340 [ 548.597635] ? kasan_unpoison_shadow+0x35/0x50 [ 548.602201] ? kasan_kmalloc+0xc4/0xe0 [ 548.606068] ? kmem_cache_alloc_trace+0x318/0x780 [ 548.610898] ? kasan_unpoison_shadow+0x35/0x50 [ 548.615471] ? kasan_kmalloc+0xc4/0xe0 [ 548.619360] v9fs_mount+0x7c/0x900 [ 548.622886] ? v9fs_drop_inode+0x150/0x150 [ 548.627125] legacy_get_tree+0x118/0x440 [ 548.631178] vfs_get_tree+0x1cb/0x5c0 [ 548.634965] do_mount+0x6c1/0x1fb0 [ 548.638486] ? kasan_check_write+0x14/0x20 [ 548.642706] ? copy_mount_string+0x40/0x40 [ 548.646928] ? retint_kernel+0x10/0x10 [ 548.650798] ? copy_mount_options+0x1f0/0x380 [ 548.655270] ? copy_mount_options+0x1fa/0x380 [ 548.659750] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 548.665264] ? copy_mount_options+0x285/0x380 [ 548.669739] ksys_mount+0x12d/0x140 [ 548.673345] __x64_sys_mount+0xbe/0x150 [ 548.677300] do_syscall_64+0x1b9/0x820 [ 548.681165] ? finish_task_switch+0x1d3/0x870 [ 548.685817] ? syscall_return_slowpath+0x5e0/0x5e0 [ 548.690744] ? syscall_return_slowpath+0x31d/0x5e0 [ 548.695662] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 548.700663] ? prepare_exit_to_usermode+0x291/0x3b0 [ 548.705660] ? perf_trace_sys_enter+0xb10/0xb10 [ 548.710331] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 548.715157] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 548.720333] RIP: 0033:0x455ab9 [ 548.723498] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 548.742617] RSP: 002b:00007ff52b1d3c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 548.750312] RAX: ffffffffffffffda RBX: 00007ff52b1d46d4 RCX: 0000000000455ab9 03:33:35 executing program 0 (fault-call:8 fault-nth:37): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) 03:33:35 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x600000000000000, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:35 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x4], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:35 executing program 7: 03:33:35 executing program 5: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) io_setup(0x8, &(0x7f0000000100)=0x0) close(r0) socket$alg(0x26, 0x5, 0x0) io_submit(r1, 0x1, &(0x7f0000000600)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x800000000001, 0x0, r0, &(0x7f0000000200)}]) 03:33:35 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x13, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001}, 0x10) 03:33:35 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_emit_ethernet(0x4a, &(0x7f0000000200)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @random="a29ab0893fde", [], {@ipv6={0x86dd, {0x0, 0x6, '?:T', 0x14, 0x6, 0x0, @remote={0xfe, 0x80, [], 0xbb}, @mcast2={0xff, 0x2, [], 0x1}, {[], @tcp={{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, &(0x7f00000004c0)) [ 548.757561] RDX: 0000000020000900 RSI: 0000000020000000 RDI: 0000000000000000 [ 548.764808] RBP: 000000000072bea0 R08: 0000000020000140 R09: 0000000000000000 [ 548.772060] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 548.779316] R13: 00000000004c0201 R14: 00000000004cfe50 R15: 0000000000000024 03:33:35 executing program 7: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10) r1 = accept$alg(r0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f00000004c0)=[@op={0x18, 0x117, 0x3, 0x1}, @assoc={0x18, 0x117, 0x4, 0x200}], 0x30}, 0x0) write$binfmt_script(r1, &(0x7f0000000300)=ANY=[], 0xffffffaa) bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(cast6)\x00'}, 0x58) set_mempolicy(0x3, &(0x7f0000000780)=0x5155, 0x3) recvmsg(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f00000013c0)=""/4096, 0x1000}], 0x1, &(0x7f0000000100)=""/123, 0x7b}, 0x0) r2 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000200)='/dev/qat_adf_ctl\x00', 0x80000, 0x0) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000000240)={{{@in=@remote, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@dev}, 0x0, @in6}}, &(0x7f0000000340)=0xe8) r4 = getgid() getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r2, 0x84, 0x75, &(0x7f0000000600)={0x0, 0x1800000000000}, &(0x7f0000000640)=0x8) getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r2, 0x84, 0x6, &(0x7f0000000680)={r5, @in={{0x2, 0x4e23, @rand_addr=0x5}}}, &(0x7f0000000740)=0x84) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000380)={{{@in6=@remote, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@remote}, 0x0, @in6=@mcast2}}, &(0x7f0000000500)=0xe8) write$P9_RSTATu(r2, &(0x7f0000000540)={0x88, 0x7d, 0x1, {{0x0, 0x65, 0x18d, 0x6db, {0x40, 0x4, 0x3}, 0x80000, 0x3, 0x7, 0xb4, 0x12, 'aegis128l-generic\x00', 0x11, "7b7bcb216d643573756d776c616e302b21", 0x1, '[', 0xe, 'lovmnet0cgroup'}, 0xe, '-md5sum}ppp0%-', r3, r4, r6}}, 0x88) 03:33:35 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x1100], 0x1}}, 0x1c) 03:33:35 executing program 2: r0 = socket$inet6(0xa, 0x100000002, 0x0) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") ioctl$FS_IOC_GETFSLABEL(r1, 0x81009431, &(0x7f0000000180)) sendto$inet6(r0, &(0x7f0000000300), 0xfd1a, 0x400806e, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @mcast2={0xff, 0x2, [], 0x1}}, 0x1c) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x400, 0x0) syz_open_dev$vcsn(&(0x7f0000000100)='/dev/vcs#\x00', 0x5, 0x20040) ioctl$KDENABIO(r2, 0x4b36) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={[], [0xff, 0xff]}}, 0x1c) sendto$inet6(r0, &(0x7f0000000100), 0x0, 0xfffffffffffffffd, &(0x7f0000000140)={0xa, 0x4e24, 0x0, @ipv4={[], [0xff, 0xff], @remote={0xac, 0x14, 0x14, 0xbb}}}, 0x1c) 03:33:35 executing program 5: r0 = syz_open_dev$sndtimer(&(0x7f0000014000)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000001000)={{0x3}}) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl$SNDRV_TIMER_IOCTL_START(r0, 0x54a0) ioctl(r1, 0x4000008912, &(0x7f00000002c0)="295ee1311f16f477671070") ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000040)={0xffffffffffffffff, 0x2, 0x5, 0x3, 0x100000001}) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000000)={{0x0, 0x1}}) 03:33:35 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x500, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001}, 0x10) 03:33:35 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x5101], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:35 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x300, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) [ 548.855559] FAULT_INJECTION: forcing a failure. [ 548.855559] name failslab, interval 1, probability 0, space 0, times 0 [ 548.866894] CPU: 1 PID: 7615 Comm: syz-executor0 Not tainted 4.18.0-rc4-next-20180713+ #7 [ 548.875208] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 548.884558] Call Trace: [ 548.887153] dump_stack+0x1c9/0x2b4 [ 548.890792] ? dump_stack_print_info.cold.2+0x52/0x52 [ 548.896000] should_fail.cold.4+0xa/0x11 [ 548.900069] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 548.905185] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 548.910215] ? bpf_prog_kallsyms_find+0xde/0x4c0 [ 548.914982] ? lock_acquire+0x1e4/0x540 [ 548.918958] ? is_bpf_text_address+0xae/0x170 [ 548.923460] ? lock_downgrade+0x8f0/0x8f0 [ 548.927615] ? lock_acquire+0x1e4/0x540 [ 548.931595] ? fs_reclaim_acquire+0x20/0x20 [ 548.935923] ? lock_downgrade+0x8f0/0x8f0 [ 548.940074] ? rcu_is_watching+0x8c/0x150 [ 548.944230] ? check_same_owner+0x340/0x340 [ 548.948557] ? rcu_note_context_switch+0x730/0x730 03:33:35 executing program 5: r0 = socket$inet6(0xa, 0x80007, 0x1) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) dup2(r1, r0) mount$9p_xen(&(0x7f0000000000)='posix_acl_accessvboxnet1\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='9p\x00', 0x20, &(0x7f0000000140)={'trans=xen,', {[{@cache_none='cache=none', 0x2c}, {@mmap='mmap', 0x2c}, {@msize={'msize', 0x3d, 0x7}, 0x2c}, {@posixacl='posixacl', 0x2c}, {@loose='loose', 0x2c}, {@access_any='access=any', 0x2c}]}}) 03:33:35 executing program 2: bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xb, 0x2, &(0x7f0000000180)=ANY=[@ANYRESOCT], &(0x7f0000000340)='syzkaller\x00'}, 0x48) accept4$packet(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @random}, &(0x7f0000000780)=0x14, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x10000000000000f, 0xd, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x100}, [@generic={0x4, 0x4e, 0x240000000, 0xff9}, @initr0={0x18, 0x0, 0x0, 0x0, 0x8b5, 0x0, 0x0, 0x0, 0x1}, @jmp={0x5, 0x9a, 0x3, 0x9, 0x9, 0x30, 0x8}, @alu={0x4, 0x9, 0x0, 0xa, 0x2, 0x80, 0x4}, @ldst={0x1, 0x1, 0x0, 0xf, 0x6, 0xfffffffffffffff0, 0xffffffffffffffff}], {0x95}}, &(0x7f0000000080)='syzkaller\x00', 0xeed, 0x0, 0x0, 0x41100, 0x5, [], 0x0, 0x3}, 0x307) [ 548.953493] ? kernel_text_address+0x79/0xf0 [ 548.957907] __should_failslab+0x124/0x180 [ 548.962150] should_failslab+0x9/0x14 [ 548.965958] kmem_cache_alloc+0x2af/0x760 [ 548.970115] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 548.975664] fscache_alloc_cookie+0xcb/0x800 [ 548.980079] ? fscache_cookie_init_once+0x80/0x80 [ 548.984922] ? put_dec+0xf0/0xf0 [ 548.988290] ? format_decode+0x1b1/0xaf0 [ 548.992355] ? set_precision+0xe0/0xe0 [ 548.996259] __fscache_acquire_cookie+0x230/0xb00 [ 549.001104] ? fscache_cookie_put+0x850/0x850 [ 549.005600] ? pointer+0x990/0x990 [ 549.009150] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 549.014166] ? scnprintf+0xc9/0x130 [ 549.017800] ? snprintf+0xe0/0xe0 [ 549.021266] v9fs_cache_session_get_cookie+0xc4/0x270 [ 549.026464] v9fs_session_init+0x1013/0x1a80 [ 549.030874] ? rcu_note_context_switch+0x730/0x730 [ 549.035813] ? v9fs_show_options+0x7e0/0x7e0 [ 549.040226] ? lock_release+0xa30/0xa30 [ 549.044203] ? check_same_owner+0x340/0x340 [ 549.048527] ? lock_downgrade+0x8f0/0x8f0 [ 549.052681] ? kasan_unpoison_shadow+0x35/0x50 [ 549.057262] ? kasan_kmalloc+0xc4/0xe0 [ 549.061152] ? kmem_cache_alloc_trace+0x318/0x780 [ 549.065994] ? kasan_unpoison_shadow+0x35/0x50 [ 549.070577] ? kasan_kmalloc+0xc4/0xe0 [ 549.074468] v9fs_mount+0x7c/0x900 [ 549.078010] ? v9fs_drop_inode+0x150/0x150 [ 549.082249] legacy_get_tree+0x118/0x440 [ 549.086328] vfs_get_tree+0x1cb/0x5c0 [ 549.090132] do_mount+0x6c1/0x1fb0 [ 549.093689] ? check_same_owner+0x340/0x340 [ 549.098024] ? lock_release+0xa30/0xa30 [ 549.102003] ? copy_mount_string+0x40/0x40 [ 549.106244] ? retint_kernel+0x10/0x10 [ 549.110140] ? copy_mount_options+0x1e3/0x380 [ 549.114642] ? __sanitizer_cov_trace_pc+0x14/0x50 [ 549.119495] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 549.125035] ? copy_mount_options+0x285/0x380 [ 549.129535] ksys_mount+0x12d/0x140 [ 549.133169] __x64_sys_mount+0xbe/0x150 [ 549.137149] do_syscall_64+0x1b9/0x820 [ 549.141033] ? finish_task_switch+0x1d3/0x870 [ 549.145530] ? syscall_return_slowpath+0x5e0/0x5e0 [ 549.150460] ? syscall_return_slowpath+0x31d/0x5e0 [ 549.155391] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 549.160408] ? prepare_exit_to_usermode+0x291/0x3b0 [ 549.165429] ? perf_trace_sys_enter+0xb10/0xb10 [ 549.170104] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 549.174957] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 549.180142] RIP: 0033:0x455ab9 [ 549.183320] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 03:33:36 executing program 0 (fault-call:8 fault-nth:38): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) 03:33:36 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x2000, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:36 executing program 2: r0 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x8, 0x800) getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000040)={0x0, @in={{0x2, 0x4e22, @rand_addr=0x100000000}}}, &(0x7f0000000100)=0x84) getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x73, &(0x7f0000000140)={r1, 0x1f, 0x20, 0x1, 0x4}, &(0x7f0000000180)=0x18) socketpair(0x7, 0xa, 0xfffffffffffff800, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f00000001c0)='posix_acl_access(\'\x00', r3}, 0x10) r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) writev(r6, &(0x7f0000000400)=[{&(0x7f0000000280)="ec5bd1c35a42f618edf32abf4cd9fdec5d34538b502200085ffc3d46c2b8bcb7ed1175c64bf66ba88cbda406e924de6a610e9ab114d59786f024b8d2309fbbf01adcd7449f73da0cb77a2ebe3b90694e34c9ecb00c9aa934922748740b5fbe81348fe410b3ec48df78beba9dd19d7dab9676023fde3862cf6cbe56fbf016d64463e1961645d142737badcd36a2d9161a66728ffa35fb32df37ff3844026aabf71e981ba699f3861e7098d0b961f00adde2bd4be22321ac524ed6350b99b273fb7ac149d44dc72908a1f43b4e3632c867a4e91f130de61fe49ee945262bad08e62c7fee4044aa", 0xe6}, {&(0x7f0000000380)="b333b97fbcaff702f5998a64f48284420de21d4bc46776bbcc98c1a1caf9f2a13a2114aaa6fb30eb79b4dd7e1c5a04181250342529096b7ac2add78a5e14b35e97a0", 0x42}], 0x2) write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f00000004c0)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000480)={0xffffffffffffffff}, 0x2, 0x3}}, 0x20) write$RDMA_USER_CM_CMD_JOIN_MCAST(r5, &(0x7f0000000500)={0x16, 0x98, 0xfa00, {&(0x7f0000000440), 0x3, r7, 0x3c, 0x1, @ib={0x1b, 0x4, 0x401, {"59e14b28fdc81d5635a4f5fceef69105"}, 0x7, 0x0, 0x1d25}}}, 0xa0) setsockopt$inet_sctp_SCTP_RECVNXTINFO(r3, 0x84, 0x21, &(0x7f00000005c0)=0x1, 0x4) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r3, 0x84, 0x78, &(0x7f0000000600)=r2, 0x4) getsockopt$IP_VS_SO_GET_VERSION(r6, 0x0, 0x480, &(0x7f0000000640), &(0x7f0000000680)=0x40) epoll_create(0x8) getsockopt$IP_VS_SO_GET_SERVICE(r6, 0x0, 0x483, &(0x7f00000006c0), &(0x7f0000000740)=0x68) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, &(0x7f0000000780)={r2, @in={{0x2, 0x4e24, @remote={0xac, 0x14, 0x14, 0xbb}}}, 0x101, 0xffffffff, 0x0, 0xfffffffffffffffb}, &(0x7f0000000840)=0x98) ioctl$SCSI_IOCTL_GET_PCI(r4, 0x5387, &(0x7f0000000880)) ioctl$SIOCGIFMTU(r4, 0x8921, &(0x7f00000008c0)) getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r5, 0x84, 0x6, &(0x7f0000000900)={r1, @in6={{0xa, 0x4e24, 0x4, @ipv4={[], [0xff, 0xff], @rand_addr=0x6}, 0x401}}}, &(0x7f00000009c0)=0x84) renameat(r5, &(0x7f0000000a00)='./file0\x00', r0, &(0x7f0000000a40)='./file0\x00') setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r3, 0x84, 0x78, &(0x7f0000000a80)=r2, 0x4) ioctl$EVIOCGPHYS(r5, 0x80404507, &(0x7f0000000ac0)) getsockopt$bt_BT_SNDMTU(r5, 0x112, 0xc, &(0x7f0000000b00)=0x3, &(0x7f0000000b40)=0x2) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000bc0)={r0, 0x28, &(0x7f0000000b80)}, 0x10) ioctl$sock_inet_SIOCSIFBRDADDR(r0, 0x891a, &(0x7f0000000c00)={'bcsh0\x00', {0x2, 0x4e22}}) ioctl$KDSKBLED(r4, 0x4b65, 0x1) ioctl$SG_GET_RESERVED_SIZE(r0, 0x2272, &(0x7f0000000c40)) getsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r5, 0x84, 0x1e, &(0x7f0000000c80), &(0x7f0000000cc0)=0x4) memfd_create(&(0x7f0000000d00)='.cpuset&loeth0@\x00', 0x1) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r4, 0x84, 0x65, &(0x7f0000000d40)=[@in={0x2, 0x4e23, @remote={0xac, 0x14, 0x14, 0xbb}}, @in6={0xa, 0x4e20, 0x4, @loopback={0x0, 0x1}, 0x5}, @in={0x2, 0x4e23, @rand_addr}], 0x3c) getsockopt$ARPT_SO_GET_INFO(r5, 0x0, 0x60, &(0x7f0000000d80)={'filter\x00'}, &(0x7f0000000e00)=0x44) 03:33:36 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0xa02], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:36 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0xfffffffd, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001}, 0x10) 03:33:36 executing program 5: r0 = socket$inet6(0xa, 0x2, 0x0) sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000080)=@in={0x2, 0xc67a}, 0x80, &(0x7f0000000240), 0x0, &(0x7f0000000280)}}, {{&(0x7f0000001c00)=@in={0x2, 0x4e23, @broadcast=0xffffffff}, 0x80, &(0x7f0000000280), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="10000000000010000000000075a00000"], 0x10}}], 0x2, 0x0) r1 = add_key$user(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={0x73, 0x79, 0x7a, 0x2}, &(0x7f0000000100)="4ba24ca9c1fe96940c7fe61fc2cc47114c7eae079ce2073fae358c6befd0ef72f4661c859c57fee453a2018961156d48782e73868368fff56bfdca43015c6366fd487c283273beebfb626e84af6428b5fb40afd52f39b0a0738080ad4d2af3620f735cd04c71242a80c9eb2fbc9f73c4313cc2e0b75fd7fc3a484584676648bf8307e6235f919f4eb9e56e9e866a1c93cec11daa637d0995527d9c7ef533027cd89df2c9ed59c45757c0d01da73768b48bde0febca8546b353e459dfca5a95a4501595880bffdc17de09a9b79eb311ae981ffe168cf5f158b3ccec84336b3ebccac2178d2b14545655fe319d7d31", 0xee, 0xfffffffffffffffd) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000200)={0x0, 0x0}, &(0x7f0000000240)=0xc) getresgid(&(0x7f0000000280)=0x0, &(0x7f0000000300), &(0x7f0000000340)) keyctl$chown(0x4, r1, r2, r3) 03:33:36 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x543], 0x1}}, 0x1c) [ 549.202576] RSP: 002b:00007ff52b1d3c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 549.210280] RAX: ffffffffffffffda RBX: 00007ff52b1d46d4 RCX: 0000000000455ab9 [ 549.217536] RDX: 0000000020000900 RSI: 0000000020000000 RDI: 0000000000000000 [ 549.224786] RBP: 000000000072bea0 R08: 0000000020000140 R09: 0000000000000000 [ 549.232040] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 549.239313] R13: 00000000004c0201 R14: 00000000004cfe50 R15: 0000000000000025 [ 549.340189] FAULT_INJECTION: forcing a failure. [ 549.340189] name failslab, interval 1, probability 0, space 0, times 0 [ 549.351563] CPU: 0 PID: 7682 Comm: syz-executor0 Not tainted 4.18.0-rc4-next-20180713+ #7 [ 549.359880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 549.369233] Call Trace: [ 549.371830] dump_stack+0x1c9/0x2b4 [ 549.375465] ? dump_stack_print_info.cold.2+0x52/0x52 [ 549.380659] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 549.386034] should_fail.cold.4+0xa/0x11 [ 549.390104] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 549.395215] ? fs_reclaim_acquire+0x20/0x20 [ 549.399532] ? lock_downgrade+0x8f0/0x8f0 [ 549.403662] ? rcu_is_watching+0x8c/0x150 [ 549.407815] ? lock_release+0xa30/0xa30 [ 549.411773] ? trace_hardirqs_on+0x10/0x10 [ 549.415989] ? trace_hardirqs_on+0x10/0x10 [ 549.420207] ? fscache_hash_cookie+0x640/0x1400 [ 549.424858] ? kasan_kmalloc+0xc4/0xe0 [ 549.428727] ? fscache_alloc_cookie+0x800/0x800 [ 549.433375] ? lock_acquire+0x1e4/0x540 [ 549.437331] ? fs_reclaim_acquire+0x20/0x20 [ 549.441631] ? lock_downgrade+0x8f0/0x8f0 [ 549.445770] ? check_same_owner+0x340/0x340 [ 549.450083] ? rcu_note_context_switch+0x730/0x730 [ 549.454996] __should_failslab+0x124/0x180 [ 549.459221] should_failslab+0x9/0x14 [ 549.463006] kmem_cache_alloc_trace+0x2cb/0x780 [ 549.467684] alloc_super+0xd4/0xb10 [ 549.471307] ? destroy_unused_super.part.11+0x110/0x110 [ 549.476653] ? sget_userns+0x17c/0x860 [ 549.480535] ? lock_downgrade+0x8f0/0x8f0 [ 549.484664] ? lock_acquire+0x1e4/0x540 [ 549.488620] ? kasan_check_read+0x11/0x20 [ 549.492754] ? do_raw_spin_unlock+0xa7/0x2f0 [ 549.497151] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 549.501716] ? kasan_check_write+0x14/0x20 [ 549.507581] ? do_raw_spin_lock+0xc1/0x200 [ 549.511799] sget_userns+0x276/0x860 [ 549.515495] ? v9fs_kill_super+0xa0/0xa0 [ 549.519548] ? vfs_get_super+0x270/0x270 [ 549.523601] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 549.529126] ? ns_capable_common+0x13f/0x170 [ 549.533517] ? v9fs_kill_super+0xa0/0xa0 [ 549.537565] sget+0x10b/0x150 [ 549.540654] v9fs_mount+0xe2/0x900 [ 549.544177] ? v9fs_drop_inode+0x150/0x150 [ 549.548397] legacy_get_tree+0x118/0x440 [ 549.552440] vfs_get_tree+0x1cb/0x5c0 [ 549.556231] do_mount+0x6c1/0x1fb0 [ 549.559750] ? check_same_owner+0x340/0x340 [ 549.564053] ? lock_release+0xa30/0xa30 [ 549.568021] ? copy_mount_string+0x40/0x40 [ 549.572246] ? kasan_kmalloc+0xc4/0xe0 [ 549.576136] ? kmem_cache_alloc_trace+0x318/0x780 [ 549.580961] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 549.586479] ? _copy_from_user+0xdf/0x150 [ 549.590617] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 549.596134] ? copy_mount_options+0x285/0x380 [ 549.600612] ksys_mount+0x12d/0x140 [ 549.604219] __x64_sys_mount+0xbe/0x150 [ 549.608177] do_syscall_64+0x1b9/0x820 [ 549.612044] ? finish_task_switch+0x1d3/0x870 [ 549.616520] ? syscall_return_slowpath+0x5e0/0x5e0 [ 549.621429] ? syscall_return_slowpath+0x31d/0x5e0 [ 549.626343] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 549.631346] ? prepare_exit_to_usermode+0x291/0x3b0 [ 549.636351] ? perf_trace_sys_enter+0xb10/0xb10 [ 549.641000] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 549.645830] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 549.651003] RIP: 0033:0x455ab9 [ 549.654174] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 549.673352] RSP: 002b:00007ff52b1d3c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 549.681050] RAX: ffffffffffffffda RBX: 00007ff52b1d46d4 RCX: 0000000000455ab9 [ 549.688306] RDX: 0000000020000900 RSI: 0000000020000000 RDI: 0000000000000000 [ 549.695552] RBP: 000000000072bea0 R08: 0000000020000140 R09: 0000000000000000 [ 549.702801] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 549.710055] R13: 00000000004c0201 R14: 00000000004cfe50 R15: 0000000000000026 03:33:36 executing program 7: r0 = socket$inet_sctp(0x2, 0x5, 0x84) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SG_SET_COMMAND_Q(r1, 0x2271, &(0x7f0000000040)) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r0, 0x84, 0x7c, &(0x7f0000000480), &(0x7f00000004c0)=0x8) 03:33:36 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x3f000000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:36 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xfffffff6, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:36 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x400300, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001}, 0x10) 03:33:36 executing program 5: r0 = syz_open_dev$adsp(&(0x7f0000000000)='/dev/adsp#\x00', 0x100000000, 0x2) getsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f0000000100)={@broadcast, @loopback}, &(0x7f0000000180)=0xc) r1 = open(&(0x7f0000000140)='./file0\x00', 0x80000000004d40, 0x0) setxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000380)=@known='security.capability\x00', &(0x7f0000000140), 0x0, 0x0) ioctl$fiemap(r1, 0xc020660b, &(0x7f0000000080)={0x0, 0x4216, 0x2, 0x0, 0x1, [{}]}) 03:33:36 executing program 2: r0 = syz_open_dev$evdev(&(0x7f0000000080)='/dev/input/event#\x00', 0x3, 0x80) ioctl$EVIOCSFF(r0, 0x40304580, &(0x7f00000000c0)={0x51, 0x0, 0x4ea782bc, {0xffffffffffffff01, 0x8}, {0xa8a, 0x80000001}, @cond=[{0xfffffffffffffff8, 0x100000001, 0xc1, 0x8, 0x6, 0x2}, {0xfffffffffffffc00, 0x3, 0xffffffffffffffe1, 0x80, 0xffffffff, 0x100000000}]}) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000100), 0x0) 03:33:36 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0xa00000000000000], 0x1}}, 0x1c) 03:33:36 executing program 0 (fault-call:8 fault-nth:39): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) [ 550.056245] FAULT_INJECTION: forcing a failure. [ 550.056245] name failslab, interval 1, probability 0, space 0, times 0 [ 550.067533] CPU: 1 PID: 7707 Comm: syz-executor0 Not tainted 4.18.0-rc4-next-20180713+ #7 [ 550.075852] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 550.085204] Call Trace: [ 550.087795] dump_stack+0x1c9/0x2b4 [ 550.091430] ? dump_stack_print_info.cold.2+0x52/0x52 [ 550.096628] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 550.102175] should_fail.cold.4+0xa/0x11 03:33:36 executing program 5: clone(0x4000000000002, &(0x7f0000000080), &(0x7f0000000200), &(0x7f0000000100), &(0x7f0000000140)="b0b30f598e9990ba9c7c0789baba54cbc89b5eadb721920a6f8a0a6d4a875b4ff48887b41762a80795b3b7e66221f67940c8d45e13dd7c9c877ef2b4eed723970ae5f9a108a0e732b90e239d840c3bd28f56d3b8af8119fe299f69373cf8286426a910584b997b85f4e3b3dfdad294b9e45cea2dcd97ab7bb67f314a1a6e77666e7333cca1be2222ebc37952fd717e1fa37ac404e9ced80bd8db888300ea2563f98d4b1bd0f969eb30b288055551daf3b9eea0b182e036165e590628f1ca4d") r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x400200, 0xc1) ioctl$ASHMEM_GET_SIZE(r0, 0x7704, 0x0) waitid(0x0, 0x0, &(0x7f00000000c0), 0x80000002, 0x0) 03:33:36 executing program 2: r0 = socket$inet6(0xa, 0x40000080806, 0x0) getsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r0, 0x84, 0x12, &(0x7f0000000000), &(0x7f0000000040)=0x4) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x4}, 0x1c) listen(r0, 0x0) 03:33:36 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0xe202, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001}, 0x10) 03:33:36 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x43050000], 0x1}}, 0x1c) 03:33:36 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x6f01000000000000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:36 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x5, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) [ 550.106244] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 550.111357] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 550.116894] ? replace_slot+0xc9/0x4c0 [ 550.120784] ? __save_stack_trace+0x8d/0xf0 [ 550.125116] ? plist_requeue+0x650/0x650 [ 550.129182] ? save_stack+0xa9/0xd0 [ 550.132808] ? save_stack+0x43/0xd0 [ 550.136830] ? lock_acquire+0x1e4/0x540 [ 550.140804] ? fs_reclaim_acquire+0x20/0x20 [ 550.145129] ? lock_downgrade+0x8f0/0x8f0 [ 550.149284] ? check_same_owner+0x340/0x340 03:33:36 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x5101000000000000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) [ 550.153612] ? check_same_owner+0x340/0x340 [ 550.157942] ? rcu_note_context_switch+0x730/0x730 [ 550.162877] __should_failslab+0x124/0x180 [ 550.167127] should_failslab+0x9/0x14 [ 550.170929] __kmalloc+0x2c8/0x760 [ 550.174473] ? rcu_note_context_switch+0x730/0x730 [ 550.179403] ? __list_lru_init+0x151/0x840 [ 550.183642] __list_lru_init+0x151/0x840 [ 550.187706] ? list_lru_destroy+0x500/0x500 [ 550.192033] ? prealloc_shrinker+0x124/0x480 [ 550.196454] ? prealloc_shrinker+0x213/0x480 [ 550.200859] ? __init_waitqueue_head+0x9e/0x150 03:33:36 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x1300, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001}, 0x10) [ 550.205540] ? inactive_list_is_low+0x850/0x850 [ 550.210222] ? __lockdep_init_map+0x105/0x590 [ 550.214725] alloc_super+0x976/0xb10 [ 550.218449] ? destroy_unused_super.part.11+0x110/0x110 [ 550.223817] ? lock_downgrade+0x8f0/0x8f0 [ 550.227966] ? lock_acquire+0x1e4/0x540 [ 550.231949] ? kasan_check_read+0x11/0x20 [ 550.236100] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 550.240689] ? kasan_check_write+0x14/0x20 [ 550.244923] ? do_raw_spin_lock+0xc1/0x200 [ 550.249161] sget_userns+0x276/0x860 [ 550.252875] ? v9fs_kill_super+0xa0/0xa0 [ 550.256940] ? vfs_get_super+0x270/0x270 [ 550.261020] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 550.266565] ? ns_capable_common+0x13f/0x170 [ 550.270980] ? v9fs_kill_super+0xa0/0xa0 [ 550.275041] sget+0x10b/0x150 [ 550.278149] v9fs_mount+0xe2/0x900 [ 550.281691] ? v9fs_drop_inode+0x150/0x150 [ 550.285924] legacy_get_tree+0x118/0x440 [ 550.289996] vfs_get_tree+0x1cb/0x5c0 [ 550.293796] do_mount+0x6c1/0x1fb0 [ 550.297338] ? check_same_owner+0x340/0x340 [ 550.301664] ? lock_release+0xa30/0xa30 [ 550.305646] ? copy_mount_string+0x40/0x40 [ 550.309886] ? kasan_kmalloc+0xc4/0xe0 [ 550.313781] ? kmem_cache_alloc_trace+0x318/0x780 [ 550.318629] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 550.324177] ? _copy_from_user+0xdf/0x150 [ 550.328339] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 550.333880] ? copy_mount_options+0x285/0x380 [ 550.338378] ksys_mount+0x12d/0x140 [ 550.342008] __x64_sys_mount+0xbe/0x150 [ 550.345991] do_syscall_64+0x1b9/0x820 [ 550.349888] ? finish_task_switch+0x1d3/0x870 03:33:37 executing program 7: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="020e0000100000000000000000000000030006000000000002000800120004000000000000000000000006000000000000000000000000000000e00000010000000000000000000000ad008000000000000000000000000000bb030005000000000002000000e00000010000000000000000fffcfb5b10fbe7a20000000000000000000000000000"], 0x80}, 0x1}, 0x0) 03:33:37 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x3f00000000000000, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:37 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x151], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:37 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x11, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001}, 0x10) 03:33:37 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000080)={0x2, 0x0, [{0x0, 0x5, 0x1, 0x5938, 0x80000000, 0x5, 0x200}, {0xc000001f, 0x10001, 0x5, 0x6, 0x4, 0x101, 0x2}]}) ioctl$KVM_SET_XCRS(r2, 0x4188aea7, &(0x7f0000000040)={0x0, 0x100000001}) 03:33:37 executing program 2: r0 = socket$inet6(0xa, 0x802, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000000)="295ee1311f16f477671070") [ 550.354388] ? syscall_return_slowpath+0x5e0/0x5e0 [ 550.359322] ? syscall_return_slowpath+0x31d/0x5e0 [ 550.364253] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 550.369268] ? prepare_exit_to_usermode+0x291/0x3b0 [ 550.374289] ? perf_trace_sys_enter+0xb10/0xb10 [ 550.378968] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 550.383815] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 550.389001] RIP: 0033:0x455ab9 03:33:37 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x4305], 0x1}}, 0x1c) [ 550.392184] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 550.411447] RSP: 002b:00007ff52b1d3c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 550.419149] RAX: ffffffffffffffda RBX: 00007ff52b1d46d4 RCX: 0000000000455ab9 [ 550.426407] RDX: 0000000020000900 RSI: 0000000020000000 RDI: 0000000000000000 [ 550.433660] RBP: 000000000072bea0 R08: 0000000020000140 R09: 0000000000000000 [ 550.440913] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 550.448161] R13: 00000000004c0201 R14: 00000000004cfe50 R15: 0000000000000027 03:33:37 executing program 0 (fault-call:8 fault-nth:40): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) 03:33:37 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0xc803000000000000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:37 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x8cffffff00000000, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:37 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x2, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001}, 0x10) 03:33:37 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000040)) r1 = socket$inet_sctp(0x2, 0x5, 0x84) r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x400, 0x0) dup3(r1, r2, 0x80000) openat$rtc(0xffffffffffffff9c, &(0x7f0000000080)='/dev/rtc0\x00', 0x80, 0x0) r3 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = socket$vsock_dgram(0x28, 0x2, 0x0) fdatasync(r1) dup3(r3, r4, 0x0) 03:33:37 executing program 7: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) sendto$inet6(r0, &(0x7f00005a0fff)='8', 0x1, 0x0, &(0x7f00007bcfe4)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c) r1 = socket$inet6(0xa, 0x1, 0x0) ioctl(r1, 0x4000008912, &(0x7f00000000c0)="295ee1311f16f477671070") getsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000000), &(0x7f0000000040)=0x4) setsockopt$sock_int(r0, 0x1, 0x7, &(0x7f0000f0cffc), 0x4) [ 550.597773] FAULT_INJECTION: forcing a failure. [ 550.597773] name failslab, interval 1, probability 0, space 0, times 0 [ 550.609114] CPU: 0 PID: 7787 Comm: syz-executor0 Not tainted 4.18.0-rc4-next-20180713+ #7 [ 550.617436] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 550.626789] Call Trace: [ 550.629381] dump_stack+0x1c9/0x2b4 [ 550.633013] ? dump_stack_print_info.cold.2+0x52/0x52 [ 550.638222] should_fail.cold.4+0xa/0x11 [ 550.642290] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 550.647392] ? save_stack+0xa9/0xd0 [ 550.651006] ? save_stack+0x43/0xd0 [ 550.654622] ? kasan_kmalloc+0xc4/0xe0 [ 550.658490] ? __list_lru_init+0x151/0x840 [ 550.662707] ? alloc_super+0x976/0xb10 [ 550.666578] ? sget_userns+0x276/0x860 [ 550.670450] ? sget+0x10b/0x150 [ 550.673712] ? v9fs_mount+0xe2/0x900 [ 550.677410] ? legacy_get_tree+0x118/0x440 [ 550.681629] ? vfs_get_tree+0x1cb/0x5c0 [ 550.685585] ? ksys_mount+0x12d/0x140 [ 550.689366] ? __x64_sys_mount+0xbe/0x150 [ 550.693496] ? do_syscall_64+0x1b9/0x820 [ 550.697543] ? lock_acquire+0x1e4/0x540 [ 550.701504] ? fs_reclaim_acquire+0x20/0x20 [ 550.705810] ? lock_downgrade+0x8f0/0x8f0 [ 550.709946] ? check_same_owner+0x340/0x340 [ 550.714252] ? rcu_note_context_switch+0x730/0x730 [ 550.719165] __should_failslab+0x124/0x180 [ 550.723389] should_failslab+0x9/0x14 [ 550.727175] kmem_cache_alloc_node_trace+0x26f/0x770 [ 550.732303] ? kasan_kmalloc+0xc4/0xe0 [ 550.736212] __kmalloc_node+0x33/0x70 [ 550.740000] kvmalloc_node+0x65/0xf0 [ 550.743721] __list_lru_init+0x5d9/0x840 [ 550.747764] ? list_lru_destroy+0x500/0x500 [ 550.752075] ? prealloc_shrinker+0x213/0x480 [ 550.756465] ? __init_waitqueue_head+0x9e/0x150 [ 550.761117] ? inactive_list_is_low+0x850/0x850 [ 550.765770] ? __lockdep_init_map+0x105/0x590 [ 550.770287] alloc_super+0x976/0xb10 [ 550.773986] ? destroy_unused_super.part.11+0x110/0x110 [ 550.779340] ? lock_downgrade+0x8f0/0x8f0 [ 550.783475] ? kasan_check_read+0x11/0x20 [ 550.787632] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 550.792200] ? kasan_check_write+0x14/0x20 [ 550.796414] ? do_raw_spin_lock+0xc1/0x200 [ 550.800633] sget_userns+0x276/0x860 [ 550.804328] ? v9fs_kill_super+0xa0/0xa0 [ 550.808375] ? vfs_get_super+0x270/0x270 [ 550.812437] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 550.817957] ? ns_capable_common+0x13f/0x170 [ 550.822349] ? v9fs_kill_super+0xa0/0xa0 [ 550.826394] sget+0x10b/0x150 [ 550.829484] v9fs_mount+0xe2/0x900 [ 550.833031] ? v9fs_drop_inode+0x150/0x150 [ 550.837248] legacy_get_tree+0x118/0x440 [ 550.841292] vfs_get_tree+0x1cb/0x5c0 [ 550.845076] do_mount+0x6c1/0x1fb0 [ 550.848598] ? check_same_owner+0x340/0x340 [ 550.852899] ? lock_release+0xa30/0xa30 [ 550.856857] ? copy_mount_string+0x40/0x40 [ 550.861077] ? kasan_kmalloc+0xc4/0xe0 [ 550.864948] ? kmem_cache_alloc_trace+0x318/0x780 [ 550.869776] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 550.875304] ? _copy_from_user+0xdf/0x150 [ 550.879435] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 550.884952] ? copy_mount_options+0x285/0x380 [ 550.889429] ksys_mount+0x12d/0x140 [ 550.893039] __x64_sys_mount+0xbe/0x150 [ 550.896997] do_syscall_64+0x1b9/0x820 [ 550.900875] ? syscall_slow_exit_work+0x500/0x500 [ 550.905701] ? syscall_return_slowpath+0x5e0/0x5e0 [ 550.910621] ? syscall_return_slowpath+0x31d/0x5e0 [ 550.915533] ? prepare_exit_to_usermode+0x291/0x3b0 [ 550.920536] ? perf_trace_sys_enter+0xb10/0xb10 [ 550.925187] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 550.930030] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 550.935200] RIP: 0033:0x455ab9 [ 550.938365] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 550.957563] RSP: 002b:00007ff52b1d3c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 550.965254] RAX: ffffffffffffffda RBX: 00007ff52b1d46d4 RCX: 0000000000455ab9 [ 550.972504] RDX: 0000000020000900 RSI: 0000000020000000 RDI: 0000000000000000 [ 550.979764] RBP: 000000000072bea0 R08: 0000000020000140 R09: 0000000000000000 [ 550.987018] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 03:33:37 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x100000000000000], 0x1}}, 0x1c) 03:33:37 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x9) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_dev$binder(&(0x7f0000d59ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) r2 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r2, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000040)={0x44, 0x0, &(0x7f0000000080)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3000, &(0x7f0000000140), &(0x7f00000001c0)=[0x0]}}], 0x0, 0x0, &(0x7f0000000300)}) 03:33:37 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0xfd00000000000000, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001}, 0x10) 03:33:37 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x4000000000000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:37 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xf6ffffff, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) [ 550.994269] R13: 00000000004c0201 R14: 00000000004cfe50 R15: 0000000000000028 [ 551.003502] sctp: [Deprecated]: syz-executor7 (pid 7783) Use of int in max_burst socket option. [ 551.003502] Use struct sctp_assoc_value instead 03:33:37 executing program 0 (fault-call:8 fault-nth:41): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) [ 551.050905] sctp: [Deprecated]: syz-executor7 (pid 7798) Use of int in max_burst socket option. [ 551.050905] Use struct sctp_assoc_value instead 03:33:37 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000002c80)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000180)={0x6000}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fd7000/0x18000)=nil, &(0x7f0000002b40)=[@text64={0x40, &(0x7f0000002ac0)="66b839010f00d8460f0666baa000ec470ff5b671000000c421f913b24ea5f4b80f32f240dff066410f744de2400f01f848b801000000000000000f23c80f21f835000020000f23f8", 0x48}], 0x1, 0x0, &(0x7f0000002b80), 0x1e4) ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000000)) r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dsp\x00', 0x80, 0x0) name_to_handle_at(r3, &(0x7f0000000280)='./file0\x00', &(0x7f00000002c0)={0x67, 0x4, "6cf3a9328429db42e797ddb3fe3398bcf68e9e266a0ad4e6b848e68b5842924a0bb5d57cc25a0b962777d6a63ee075d6a6885722f06b45a5ba2edb27eb73b2ca086afab15c1f27b103f12a544640c871ae6933cb9db6610892890b39b36507"}, &(0x7f0000000340), 0x1000) r4 = accept$inet6(0xffffffffffffff9c, &(0x7f0000000040), &(0x7f0000000080)=0x1c) accept4$inet6(r4, &(0x7f00000001c0), &(0x7f0000000200)=0x1c, 0x800) ioctl$KVM_RUN(r2, 0xae80, 0x0) 03:33:37 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x8b00], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:37 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x8864000000000000], 0x1}}, 0x1c) 03:33:37 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x97ffffff, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:37 executing program 7: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = open(&(0x7f0000000080)='./file0\x00', 0x8040, 0x0) fcntl$setsig(r0, 0xa, 0x11) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000040)={0x0, 0x7}, &(0x7f00000000c0)=0x8) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000100)={0xffffffff, 0x80000001, 0x0, 0x620, 0x101, 0x8001, 0x1f, 0x7, r1}, &(0x7f0000000140)=0x20) fcntl$setlease(r0, 0x400, 0x0) truncate(&(0x7f000037eff8)='./file0\x00', 0x0) fcntl$setlease(r0, 0x400, 0x2) ioctl$TCFLSH(r0, 0x540b, 0x1) [ 551.116832] FAULT_INJECTION: forcing a failure. [ 551.116832] name failslab, interval 1, probability 0, space 0, times 0 [ 551.128127] CPU: 1 PID: 7814 Comm: syz-executor0 Not tainted 4.18.0-rc4-next-20180713+ #7 [ 551.136443] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 551.145791] Call Trace: [ 551.148385] dump_stack+0x1c9/0x2b4 [ 551.152022] ? dump_stack_print_info.cold.2+0x52/0x52 [ 551.157223] should_fail.cold.4+0xa/0x11 [ 551.161291] ? fault_create_debugfs_attr+0x1f0/0x1f0 03:33:37 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x500000000000000, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001}, 0x10) [ 551.166403] ? save_stack+0xa9/0xd0 [ 551.170036] ? save_stack+0x43/0xd0 [ 551.173670] ? kasan_kmalloc+0xc4/0xe0 [ 551.177555] ? __kmalloc+0x14e/0x760 [ 551.181270] ? __list_lru_init+0x151/0x840 [ 551.185511] ? alloc_super+0x976/0xb10 [ 551.189405] ? sget_userns+0x276/0x860 [ 551.193293] ? sget+0x10b/0x150 [ 551.196577] ? v9fs_mount+0xe2/0x900 [ 551.200299] ? legacy_get_tree+0x118/0x440 [ 551.204541] ? vfs_get_tree+0x1cb/0x5c0 [ 551.208520] ? do_mount+0x6c1/0x1fb0 [ 551.212240] ? ksys_mount+0x12d/0x140 [ 551.216042] ? __x64_sys_mount+0xbe/0x150 [ 551.220190] ? do_syscall_64+0x1b9/0x820 [ 551.224271] ? lock_acquire+0x1e4/0x540 [ 551.228242] ? fs_reclaim_acquire+0x20/0x20 [ 551.232557] ? lock_downgrade+0x8f0/0x8f0 [ 551.236704] ? check_same_owner+0x340/0x340 [ 551.241021] ? rcu_note_context_switch+0x730/0x730 [ 551.245947] __should_failslab+0x124/0x180 [ 551.250173] should_failslab+0x9/0x14 [ 551.253963] kmem_cache_alloc_node_trace+0x26f/0x770 [ 551.259052] ? kasan_kmalloc+0xc4/0xe0 [ 551.262931] __kmalloc_node+0x33/0x70 [ 551.266718] kvmalloc_node+0x65/0xf0 [ 551.270424] __list_lru_init+0x5d9/0x840 [ 551.274477] ? list_lru_destroy+0x500/0x500 [ 551.278789] ? prealloc_shrinker+0x213/0x480 [ 551.283182] ? __init_waitqueue_head+0x9e/0x150 [ 551.287837] ? inactive_list_is_low+0x850/0x850 [ 551.292497] ? __lockdep_init_map+0x105/0x590 [ 551.296982] alloc_super+0x976/0xb10 [ 551.300688] ? destroy_unused_super.part.11+0x110/0x110 [ 551.306051] ? lock_downgrade+0x8f0/0x8f0 [ 551.310183] ? lock_acquire+0x1e4/0x540 [ 551.314148] ? kasan_check_read+0x11/0x20 [ 551.318282] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 551.322851] ? kasan_check_write+0x14/0x20 [ 551.327083] ? do_raw_spin_lock+0xc1/0x200 [ 551.331311] sget_userns+0x276/0x860 [ 551.335016] ? v9fs_kill_super+0xa0/0xa0 [ 551.339071] ? vfs_get_super+0x270/0x270 [ 551.343141] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 551.348661] ? ns_capable_common+0x13f/0x170 [ 551.353058] ? v9fs_kill_super+0xa0/0xa0 [ 551.357103] sget+0x10b/0x150 [ 551.360197] v9fs_mount+0xe2/0x900 [ 551.363724] ? v9fs_drop_inode+0x150/0x150 [ 551.367945] legacy_get_tree+0x118/0x440 [ 551.371995] vfs_get_tree+0x1cb/0x5c0 [ 551.375791] do_mount+0x6c1/0x1fb0 [ 551.379315] ? check_same_owner+0x340/0x340 [ 551.383620] ? lock_release+0xa30/0xa30 [ 551.387585] ? copy_mount_string+0x40/0x40 [ 551.391807] ? retint_kernel+0x10/0x10 [ 551.395691] ? __sanitizer_cov_trace_const_cmp2+0x20/0x20 [ 551.401213] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 551.406734] ? copy_mount_options+0x285/0x380 [ 551.411218] ksys_mount+0x12d/0x140 [ 551.414834] __x64_sys_mount+0xbe/0x150 [ 551.418795] do_syscall_64+0x1b9/0x820 [ 551.422666] ? finish_task_switch+0x1d3/0x870 [ 551.427146] ? syscall_return_slowpath+0x5e0/0x5e0 [ 551.432062] ? syscall_return_slowpath+0x31d/0x5e0 [ 551.436977] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 551.441978] ? prepare_exit_to_usermode+0x291/0x3b0 [ 551.446979] ? perf_trace_sys_enter+0xb10/0xb10 [ 551.451633] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 551.456470] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 551.461682] RIP: 0033:0x455ab9 [ 551.464851] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 551.484130] RSP: 002b:00007ff52b1d3c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 551.491821] RAX: ffffffffffffffda RBX: 00007ff52b1d46d4 RCX: 0000000000455ab9 [ 551.499081] RDX: 0000000020000900 RSI: 0000000020000000 RDI: 0000000000000000 [ 551.506332] RBP: 000000000072bea0 R08: 0000000020000140 R09: 0000000000000000 03:33:38 executing program 2: r0 = syz_open_dev$vcsn(&(0x7f0000000100)='/dev/vcs#\x00', 0x8, 0x400) getsockopt$IP_VS_SO_GET_SERVICE(r0, 0x0, 0x483, &(0x7f0000000240), &(0x7f0000000140)=0x68) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0xfffffffffffffffe}, 0xfffffffffffffda4, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="cc0000001b00010a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000", @ANYRES32=0x0, @ANYRES64=r1, @ANYRES32=r1], 0x4}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) setsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f00000001c0)=@int=0x9d9, 0x4) openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x400800, 0x84) socket$nl_xfrm(0x10, 0x3, 0x6) 03:33:38 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0xd603], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) [ 551.513586] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 551.520851] R13: 00000000004c0201 R14: 00000000004cfe50 R15: 0000000000000029 [ 551.541704] binder: 7790:7791 got transaction with invalid offsets ptr 03:33:38 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x18872, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:38 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0xffffa888], 0x1}}, 0x1c) 03:33:38 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0xfd000000, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001}, 0x10) [ 551.577125] binder: 7790:7791 transaction failed 29201/-14, size 0-12288 line 2995 [ 551.626337] binder_alloc: binder_alloc_mmap_handler: 7790 20001000-20004000 already mapped failed -16 [ 551.674268] binder: BINDER_SET_CONTEXT_MGR already set [ 551.680381] binder_alloc: 7790: binder_alloc_buf, no vma [ 551.685955] binder: 7790:7849 transaction failed 29189/-3, size 0-12288 line 2967 [ 551.688659] binder: 7790:7848 ioctl 40046207 0 returned -16 03:33:38 executing program 0 (fault-call:8 fault-nth:42): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) 03:33:38 executing program 2: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) semget$private(0x0, 0x3, 0x20) semget$private(0x0, 0x2, 0x100) bpf$BPF_MAP_GET_NEXT_ID(0xc, &(0x7f0000000100), 0x4) 03:33:38 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x4000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:38 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x4000000], 0x1}}, 0x1c) 03:33:38 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x2000000, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001}, 0x10) 03:33:38 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x10000000, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:38 executing program 5: r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x107283, 0x0) ioctl$KVM_RUN(r0, 0xae80, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) r1 = signalfd(r0, &(0x7f0000000080)={0x3}, 0x6) ioctl$KVM_GET_ONE_REG(r0, 0x4010aeab, &(0x7f0000000000)={0x3, 0xfffffffffffffffa}) pwrite64(r1, &(0x7f00000000c0)="8c27632d75df73a96d095b7b705f7b00c4a9e272085696fc0f665792d954fadc1e5af12b792a05245a69e438ebdfacd725ef68797cbebb5d2fbfceef83b73b2afc9e327ca26a2f75aa453188657051853047b9bc86a871bf74f9dd9aaec6b241b10db15779d148078f451ee21d2c1d3676c6ccc77a4c458d", 0x78, 0x0) [ 551.715224] binder: undelivered TRANSACTION_ERROR: 29189 [ 551.726162] binder: undelivered TRANSACTION_ERROR: 29201 03:33:38 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x16f], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:38 executing program 2: mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) [ 551.783218] FAULT_INJECTION: forcing a failure. [ 551.783218] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 551.795066] CPU: 0 PID: 7874 Comm: syz-executor0 Not tainted 4.18.0-rc4-next-20180713+ #7 [ 551.803381] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 551.812734] Call Trace: [ 551.815333] dump_stack+0x1c9/0x2b4 [ 551.818971] ? dump_stack_print_info.cold.2+0x52/0x52 [ 551.824174] ? rcu_cleanup_dead_rnp+0x200/0x200 [ 551.828855] should_fail.cold.4+0xa/0x11 [ 551.832914] ? is_bpf_text_address+0xd7/0x170 [ 551.837429] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 551.842537] ? __kernel_text_address+0xd/0x40 [ 551.847036] ? unwind_get_return_address+0x61/0xa0 [ 551.851968] ? __save_stack_trace+0x8d/0xf0 [ 551.856305] ? trace_hardirqs_on+0x10/0x10 [ 551.860547] ? save_stack+0xa9/0xd0 [ 551.864186] ? save_stack+0x43/0xd0 [ 551.867819] ? kasan_kmalloc+0xc4/0xe0 [ 551.871705] ? kasan_slab_alloc+0x12/0x20 [ 551.875852] ? kmem_cache_alloc+0x12e/0x760 [ 551.880178] ? fscache_alloc_cookie+0xcb/0x800 [ 551.884765] ? __fscache_acquire_cookie+0x230/0xb00 [ 551.889789] ? v9fs_cache_session_get_cookie+0xc4/0x270 [ 551.895158] ? v9fs_session_init+0x1013/0x1a80 [ 551.899755] ? v9fs_mount+0x7c/0x900 [ 551.903474] ? legacy_get_tree+0x118/0x440 [ 551.907705] ? vfs_get_tree+0x1cb/0x5c0 [ 551.911661] ? do_mount+0x6c1/0x1fb0 [ 551.915353] ? ksys_mount+0x12d/0x140 [ 551.919137] ? __x64_sys_mount+0xbe/0x150 [ 551.923266] ? do_syscall_64+0x1b9/0x820 [ 551.927310] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 551.932654] ? perf_trace_lock_acquire+0xeb/0x9a0 [ 551.937480] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 551.942999] ? should_fail+0x246/0xd86 [ 551.946877] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 551.951964] __alloc_pages_nodemask+0x36e/0xdb0 [ 551.956613] ? lock_release+0xa30/0xa30 [ 551.960583] ? __alloc_pages_slowpath+0x2d00/0x2d00 [ 551.965583] ? fscache_hash_cookie+0x640/0x1400 [ 551.970237] ? kasan_kmalloc+0xc4/0xe0 [ 551.974111] ? fscache_alloc_cookie+0x800/0x800 [ 551.978935] ? lock_acquire+0x1e4/0x540 [ 551.982890] ? fs_reclaim_acquire+0x20/0x20 [ 551.987201] ? lock_downgrade+0x8f0/0x8f0 [ 551.991330] ? lock_release+0xa30/0xa30 [ 551.995293] ? check_same_owner+0x340/0x340 [ 551.999606] cache_grow_begin+0x91/0x710 [ 552.003651] kmem_cache_alloc_trace+0x6a5/0x780 [ 552.008303] alloc_super+0xd4/0xb10 [ 552.011913] ? destroy_unused_super.part.11+0x110/0x110 [ 552.017256] ? sget_userns+0x17c/0x860 [ 552.021123] ? lock_downgrade+0x8f0/0x8f0 [ 552.025255] ? kasan_check_read+0x11/0x20 [ 552.029384] ? do_raw_spin_unlock+0xa7/0x2f0 [ 552.033779] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 552.038351] ? kasan_check_write+0x14/0x20 [ 552.042570] ? do_raw_spin_lock+0xc1/0x200 [ 552.046787] sget_userns+0x276/0x860 [ 552.050484] ? v9fs_kill_super+0xa0/0xa0 [ 552.054538] ? vfs_get_super+0x270/0x270 [ 552.058599] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 552.064116] ? ns_capable_common+0x13f/0x170 [ 552.068513] ? v9fs_kill_super+0xa0/0xa0 [ 552.072554] sget+0x10b/0x150 [ 552.075643] v9fs_mount+0xe2/0x900 [ 552.079165] ? v9fs_drop_inode+0x150/0x150 [ 552.083379] legacy_get_tree+0x118/0x440 [ 552.087423] vfs_get_tree+0x1cb/0x5c0 [ 552.091205] do_mount+0x6c1/0x1fb0 [ 552.094724] ? kasan_check_write+0x14/0x20 [ 552.098938] ? copy_mount_string+0x40/0x40 [ 552.103155] ? retint_kernel+0x10/0x10 [ 552.107035] ? copy_mount_options+0x1a1/0x380 [ 552.111513] ? copy_mount_options+0x1a4/0x380 [ 552.115990] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 552.121518] ? copy_mount_options+0x285/0x380 [ 552.126001] ksys_mount+0x12d/0x140 [ 552.129617] __x64_sys_mount+0xbe/0x150 [ 552.133582] do_syscall_64+0x1b9/0x820 [ 552.137460] ? finish_task_switch+0x1d3/0x870 [ 552.141937] ? syscall_return_slowpath+0x5e0/0x5e0 [ 552.146845] ? syscall_return_slowpath+0x31d/0x5e0 [ 552.151764] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 552.156769] ? prepare_exit_to_usermode+0x291/0x3b0 [ 552.161766] ? perf_trace_sys_enter+0xb10/0xb10 [ 552.166417] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 552.171245] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 552.176421] RIP: 0033:0x455ab9 [ 552.179586] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 552.198734] RSP: 002b:00007ff52b1d3c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 552.206422] RAX: ffffffffffffffda RBX: 00007ff52b1d46d4 RCX: 0000000000455ab9 [ 552.213672] RDX: 0000000020000900 RSI: 0000000020000000 RDI: 0000000000000000 [ 552.220925] RBP: 000000000072bea0 R08: 0000000020000140 R09: 0000000000000000 [ 552.228181] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 03:33:39 executing program 7: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0x100, 0x0) ioctl$TIOCMBIC(r1, 0x5417, &(0x7f00000001c0)=0x5) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000200)='/dev/zero\x00', 0x0, 0x0) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r3, 0x6, 0x16, &(0x7f0000000240)=[{0x3, 0x7}, {0x2, 0x9}, {0xb, 0x9}], 0x3) pread64(r0, &(0x7f0000000300)=""/211, 0xd3, 0x0) sendmsg$IPVS_CMD_NEW_SERVICE(r0, &(0x7f0000000400)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xfffffffffffffe1c, &(0x7f0000000180)={&(0x7f0000000100)={0x60, r2, 0x400, 0x70bd26, 0x25dfdbfc, {0x1}}, 0x60}, 0x1, 0x0, 0x0, 0x11}, 0x44000) sendmsg$nl_generic(r0, &(0x7f0000000040)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x3}, 0xc, &(0x7f0000000000)={&(0x7f00000002c0)={0x20, 0x27, 0x1ff307543bf68163, 0x0, 0x0, {0x14}, [@nested={0xc, 0x7, [@typed={0x8, 0x2, @ipv4=@multicast2=0xe0000014}]}]}, 0x20}, 0x1}, 0x0) 03:33:39 executing program 5: socketpair(0x1f, 0xa, 0x7f, &(0x7f0000000180)) r0 = openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x4080, 0x0) accept$unix(r0, &(0x7f00000002c0), &(0x7f0000000080)=0x6e) r1 = socket$inet6(0xa, 0x3, 0x3c) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2={0xff, 0x2, [], 0x1}, 0x9}, 0x1c) connect$inet6(r1, &(0x7f0000000040)={0xa, 0x4e24, 0xe28, @remote={0xfe, 0x80, [], 0xbb}, 0x100000001}, 0x1c) sendmmsg(r1, &(0x7f0000000240)=[{{0x0, 0x0, &(0x7f0000002d40)}}, {{0x0, 0x0, &(0x7f0000000100), 0x0, &(0x7f0000000140), 0x11d}}], 0x107, 0x0) 03:33:39 executing program 2: r0 = syz_open_dev$mice(&(0x7f0000000080)='/dev/input/mice\x00', 0x0, 0x80) getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(0xffffffffffffff9c, 0x84, 0x1b, &(0x7f0000000140)={0x0, 0xf4, "b0054f55d0011a1940eeb0be4677547a48a9e533d1e2f807f783233c2d0df55dd7f3eaf2d70dc4d37fb1644198b2f22260e7f501e6fb5c6b7d6799b6eda4a149b9864dda263253aafbbac441f286017c068aa6132f5e290934ed2aa5dd19c5751c6114b5f20b7861bc583778a5d367451405f47b1bb21f5204c355fa3e20c764a36648ede5259118d78f2beaaea4c2979f1f1d6ec86e79c46488183c655abe655b979420db9feaf9935aacaa50c30812b0b290fa023e0f4ac911c3b43f3f3a02032a75cabfcd20ae07df479370d8832fdb6bfc4dbc40961b6ccd1bc4f12c1de9ec1dec7243e8a0c23786f3a0afa4c1ac5adcd8f3"}, &(0x7f00000000c0)=0xfc) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000240)=@assoc_value={r1, 0x4}, &(0x7f0000000280)=0x8) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x3, 0x24, &(0x7f0000001000)=ANY=[@ANYBLOB="611230000000000061138c0000000000bf200000000000000700000008000000ad03010000000000950000000000000071260000000000006706000002000000bf25000000000000070500000e0000000f65000000000000bf5400000000000007040000040000003d4301000000000095000000000000006154000000000000bf250000000000000f65000000000000070500000e000008bf5400000000000007040000040000003d4301000000000095000000000000006154000000000000bf25000000000000070500000e0000000f6500000000000007050000040000000f65000000000000bf5400000000000007040000040000003d4301000000000095000000000000006154000000000000b7000000000000009500e80000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48) 03:33:39 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x3c8], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) [ 552.235432] R13: 00000000004c0201 R14: 00000000004cfe50 R15: 000000000000002a 03:33:39 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xa402000000000000, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:39 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x1100, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001}, 0x10) 03:33:39 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0xa00], 0x1}}, 0x1c) 03:33:39 executing program 0 (fault-call:8 fault-nth:43): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) 03:33:39 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0xf5ffffff00000000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:39 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="025cc83d6d345f8f762070") mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000040)={0xaa}) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r0, 0x84, 0x8, &(0x7f0000000080), 0x66) close(r1) close(r1) 03:33:39 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x8100], 0x1}}, 0x1c) 03:33:39 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$sock_int(r0, 0x1, 0x9, &(0x7f0000279ffc)=0x7fff, 0x4) setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f000039c000)=0x400000000000001, 0x4) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r2 = openat$md(0xffffffffffffff9c, &(0x7f0000000100)='/dev/md0\x00', 0x480000, 0x0) ioctl$BLKIOMIN(r2, 0x1278, &(0x7f0000000240)) connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x4, &(0x7f0000e4d000)=0x77a1, 0xfffffe86) r3 = openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x101801, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'\x00', 0x0}) syz_open_dev$audion(&(0x7f0000000140)='/dev/audio#\x00', 0x7, 0x80000) ioctl$HCIINQUIRY(r3, 0x800448f0, &(0x7f00000000c0)={r4, 0x0, 0x1ff, 0xfffffffffffffff9, 0x2, 0x9, 0x8a6}) 03:33:39 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0xfdffffff00000000, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001}, 0x10) 03:33:39 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x1f000000, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:39 executing program 7: pipe(&(0x7f00000000c0)={0xffffffffffffffff}) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000001340)='/dev/hwrng\x00', 0x400000, 0x0) r2 = syz_open_dev$adsp(&(0x7f0000001380)='/dev/adsp#\x00', 0x10000, 0x20200) r3 = socket$inet_tcp(0x2, 0x1, 0x0) r4 = memfd_create(&(0x7f00000013c0)="23757365728f00", 0x0) r5 = signalfd4(0xffffffffffffff9c, &(0x7f0000001400)={0xfffffffffffffbff}, 0x8, 0x80800) r6 = getpid() r7 = geteuid() r8 = getgid() r9 = getpgrp(0xffffffffffffffff) lstat(&(0x7f0000001440)='./file0\x00', &(0x7f0000001480)={0x0, 0x0, 0x0, 0x0, 0x0}) getresgid(&(0x7f0000001500), &(0x7f0000001540), &(0x7f0000001580)=0x0) r12 = socket$xdp(0x2c, 0x3, 0x0) socketpair(0x5, 0xb, 0x3, &(0x7f0000003cc0)={0xffffffffffffffff}) r14 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000003d00)='/dev/snapshot\x00', 0x4000, 0x0) r15 = openat$vnet(0xffffffffffffff9c, &(0x7f0000003d40)='/dev/vhost-net\x00', 0x2, 0x0) r16 = openat$cuse(0xffffffffffffff9c, &(0x7f0000003d80)='/dev/cuse\x00', 0x0, 0x0) r17 = syz_init_net_socket$llc(0x1a, 0x0, 0x0) r18 = dup(0xffffffffffffffff) r19 = accept$nfc_llcp(0xffffffffffffffff, &(0x7f0000005200), &(0x7f0000005280)=0x60) r20 = getpid() r21 = getuid() getresgid(&(0x7f00000052c0)=0x0, &(0x7f0000005300), &(0x7f0000005340)) r23 = accept(0xffffffffffffffff, 0x0, &(0x7f0000005380)) sendmmsg$unix(r0, &(0x7f0000005440)=[{&(0x7f0000000100)=@abs={0x0, 0x0, 0x4e23}, 0x6e, &(0x7f0000001300)=[{&(0x7f0000000180)="2a161540cd0296298139861b7569710af9a57b9ae381d90b568883a14e2d6f35c0495b02dacfeeb39813a0aeca12141ab30c855ff491a4cef8721dcd", 0x3c}, {&(0x7f0000001280)="7e04ac45db901ef43591d1ee4af55bf478c1c2bbba416ff56a5b93057c1669cc60b3ae607d462623aa080fdd149d20aa9654199f0abab56ff05738432ea79625ddc12d3c6fc03276090a5362b13000", 0x4f}, {&(0x7f00000001c0)="7008707c7c4882b10e023888095093e2ccf6987c390bf36b47994da2e1383fc5034e262d66ba64e542e5753dbfa6520f", 0x30}], 0x3, &(0x7f00000015c0)=[@rights={0x28, 0x1, 0x1, [r1, r2, r3, r4, r5]}, @cred={0x20, 0x1, 0x2, r6, r7, r8}, @cred={0x20, 0x1, 0x2, r9, r10, r11}], 0x68, 0x20000000}, {&(0x7f0000001640)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000002880)=[{&(0x7f00000016c0)="40f5cc60be6f8d7c376a7c310e4121287b1b22f238c007f17effc06fb1d8a94535afc591051e45eeb3a32b135aad56dbc6f85523bc6f9b803bbb7ddcc58d48363361cf83e299cb3253c6f17ef341ed6e2473b2e88db4c29b95748b99d465d39d3bc09b4e7de4b791d8931001fd674b8cb73dfcb45eada0245503dbd9c7c4b1b1fc531e5522936049216270f647a54a80eb2b5e5bb7f8ddaeb2698252c1eba480469518239f45a7e7e5c572f9bec06b5b73320210d41beb48c1b2fb56da50260aa8b7f17d676ff64bd098b429d887d329f6ae7a598ef8817e7ea6adbe0ed666a29fedd58da7ee51f385a5eed4c46c229950c757cf95487387756d4a6c0a050a2c5fcc57d7665120cdee9d67a2e32a0a477d776aaa67953393f58edb7cf9957cb7f32698649e74eb1d07bfccc206db5ae2cc50242e031018ea6a4d86adec6503df5f67478392f130e5dc3d964dca79255bd7e22be197fd4dd7b7b2bb8323c1395f8cf20b02679261077626927fce6636c2e8301c90c63fa7724b1a03066c58fa5009cea6c915125c00a29b29ff84d0d48ec69a74c9eb77adff54db18dfe69fde8eaf92c2833978251a1d739cf95ccc3e06327795ea530f4e1863610ef4abccc3a3e47c8295f2a01183c4fbbdefc221ea73ad89f031436bbd1d783753180e1a6c4866b555cc69ab91903a3fcd16286df1b979cd3a9cdaebab8f8aa221ed704c58b769570b73675a8de844058ee7bbeb66566dfba5e64e08ccfd192d8e19fcb604ecf9b6b7f91bc37ec8d4fff9c91a6e8c25bfc76cf8c50d8089c416e1b71d7539b3daa9b798d462a5623b39f6c32511a16b1e045651bb2e03ddad9569cb8868146550a442ea50247a844234e3c9c444e9b47baee443c26e83df073795445877ac6c71adc221af0b2e5a15772e5db3c334c1495ff16238b09397bc1f77ef8ccc0707ef951d5762b7a900c5455a0b21d40d0201617b5038fc13bb8ea80c715e2f6a7ac7cec513cf0aa027ab73630c5bf6597be0e031e14292c56687a0d585b373d3e6c7ccde13c4a3b5de80e92d9bbd599a5774c5110cc5465943f9bc918f01ccee374e92f0d9e181d29155fc9bdfaedca7cce96b67e08e52a34f9a405c6837e2f60e0e5e780d5645539d96ce5666a0cfdffa9b731046f29d41fc6f82be07a081112b13945514e71700052fb2eaa6233f0f8a7a32784ce147e91bcf85a600c82f3d003875dcbda3dbfcf17a14384df693af91dcbb4faa7f83b870121db0dd5f41fcddda131382b7ae8c8a9fd3fa9b20b25a78bc96dcc532c8f698a89b241bc2b7a2932990e2845469966fd5536c4269b228dfea1b77b454af8f61b381c87dcc5a3399f40c63e2e299048ae12128dbd795f152abe45e8c52767deb41ae79d0645646634987aa46f49f936702b09f595687019a803c95ca8a72a209ba98c8143a9be749e936484a84ea6177b795b6ed5c40d320afe47c44e8309936f264f147ac727f8b486b005a80a0d5684a582f1e8a2256a397fe8fbc781363ccd5e9e665810d1846aff04079f2832d7b3b3d98e675913a8af84d302fff93a68ba750a05bf27cf779e186a5dfa76e302e205e6d62eb2e86abfcdd5c2ac56fd9161f092e3403fa7fa94894b56b6dfd4c8c6f0ce7cb4beb66bca4470cd98f383750a0818a17115a653521732fb028d82a31d29e5f4a2c6322c09880e29eb3574743043f1ef4aa7d1879832d05c8d8cf34d195974a8cc2b60faf47d94f265165790bc276668053830163006d060e9880d092636f0b2d93991790c23beae2f787374f877aa02c265d8ff1309d93f8813472684e14a3e9e8479ee9ab6586814798a5ef20c307141dc6ba9bef74f74b4f895745a956704c3d05ed606b7a4c43ec45075c0820dde3915e091d6f7611545f2df1e3b50284a4bf1b648d0bc0fd05c04bc72738cdcc9ab264c9891ce92612b1d224fc88432f4e379948e0e4496634324abdcb6e7cc7a544e13c940975eab36f190d6fe47670cf04e3f51a1c58daa708aefabb0f2e13874c5c177a50f95bf4f0903d67028b27ae5721e4e0679ac010f811f3fab7789e277a6a645b36743d857aaf49c1583c8c15885a0ff435d2d7844b903f47ee4675a9cebf93eac25b5c07d4ddef18debd128632adfbbdf9dc3338d68e19792e878acde4352c4121a4bf3e4c8df60ca2f3bc0adf4f3d7a0ca751e8a8119526e9179270441ce093f50e48691a4b238611489edfaa0e19667f4d014ac2cc7598f32326d5a3846836e715c140e280ad0a0da879336b93f8895905409cc60136ac7b7e16bf40a6654ec3540b81f021c37ebdefba28db8684786e992d0f424b081760798adbc1b724914be5a3e7d407b207239e9a51c79a85d493993163c6d2e6e259cadbf1dc1c2aa40b5dd1cc2a362a36f8a714891987e710c781295a87971ce5b7a2e7192b4e9ac6670d7a677e283f135824db8a5600156138939e03f553c668cb8671900f07045889ea3d4482981daf53d511c095347b3831cf34ec3f0c2d8f9969d424e098e31d31298d5b1001bfec188ed2b73107f6c5c10342729693d1fb4cc1e86788f7c8c1a7126f2ab7dce22bbd33a4552654cb286c453499ce9456e5fd77c9f162ab7219d3855c99ca925fd808ff50ba6eba142b71d1f8b8c819d03484aed5a091fb852927edfec2d0396a85c11f68ff06de8f11b34ad5521a9610e442c403d7ef962174ed65e57c989a90b26dd1c6c8e1ae17900b9829902cdb64bb2701812cb0d0b8f54aa4ee9090b8b69ce5de6f9a0d40aa366508629118f25d6303c542c7ede21004f9ee94da2dab93a429e7f11fb2732f7f0fce41acb23bf4ae8f1fc91f6c92951fd623460e1d03c2aadf3c567573052220b0639146f37c532cdd675d5e1dacafcc328cc3247d7d73301bc0172c45c5794bb7f239856d03fb7764b7b54c2196622c39ff88bc22df552938d8d670c298ecfd947e96bbbbf624d17132dd7214ba3e8e84c94d0976bdac35a210fefc9f5e696cf607bd3228e30c8e6093cd35f09bfc35cf31104446bf26722741b8b4f0ce7592d079d5a6d3665f539c548fad1ce7728520fcb3f09d3d1d222de1a3aee608fca0c1eeafa7480d3284d694a6694c4ae4ffa6cdd90c10d9e57264a134edbfa95a12fb8a40b492c664321bfc9daf41738f6d8a708a53b3dc701a52bdee1e4d725b7e9e26fdd62535c3f41db4c3b2d6d7057b65b2b515b36543174c2a7191b9f26729b908860ce103e61c75ba2e32929da92e7d8230bc7c1eb24cd4f1f076e505bc764d5be74bbc99632bd202da427be08be1583159b8aead17549b3f410b4d37f89ac0d8037d10e84820b0a968e678c6f075e8d2c31953d9a677a782f372a790f26f5db8b58d15a44d469e7734df95837c9b958363ce34e8cf241c324aff3ce660be3912a3a6d818ba723410a941abb9901ca440a48d83b6911d8740a9b501e710dfca55958184f4221a99f6d2065a5922d0251e887a3aa8e53b84274e1523617556d09f86a226e00d6a203942c6e844d281fff94c11edfc4b265184fca38ed18542b860c3a4e9c4c0b3df5695ddb46ee648e483a39570b6e730c5e37ca560ee6711148f42e2f118216b18ce56226272e8b1cda79916c597a0cbfae4553b733cd30f36e01449aeda81b51217b9de59f50ab564e13514f7503d8d13c4218db6aa5f9baf99de0cf4a25ba674655fae9ee356cebe06e72080d292275c061fdbeb9ae7a0d97918b796a70583de05e0111e565c24fc20dd320a89d46807b6a47aa40ece348dce09d1d2305f34dbd17e6c959f139abec1cfc6862d41f34a0b816cd997b7249b3bfb5f83a788024f64b2be703f7594a8175e0c3f3129c52a97f37265c3c519d7e351b15e463645ce515c3eb020974588e1e3cc614c5335acd9ed33955ed6a3fbd5a020774d50e87ae131188b0056a53e6c5061e206e6ee9482047ce6b00fa837942aeba2a33bbdc46c4cc8ef45ed0edeed9b52bbd78a850d4dbb15cbbd84e33b0e5b2bdd2ac9bbc8979497af02aa5e80c133c7251ff5d47300350650b474a8dc62b85b4aba455b41d676f864bb26c54d64af917237baa8d1e6f719a0060c10d64413c82467ee08e28b39b27995c86522093595d649f4da75cf7bc617dbcca97fe46c99cb6eb4a76be1f81f5a30f02666e786b77ee985fb741dddcca38d3ad472c13fdfaecf4df29db3f2f933c90d9ff65f544f392a1f2f8543d6594e62afd34c5ea573b18c78c83c5f7688f5e15f5a9c3bb185992e6b52781951992511ded0572b88bce41bbf8746561a99ec257a7ae39f6224d7086ad728239732ff9bdf21fad4eed55505217fe567895ed5088034c6c00e659488dfbfe51381702a659cbead648fc132c942aabe5013a45a9e3f84dd8820492829501b3fc43b2268344563be43661d8be6d2d42a09deea7536fd582c7ff7291232ea0a3fbd7cd7e6cccc3a548f47a0aa93a3d27627085a8b88b7dab7705bd95fc432e9ed38c6adef4da4ff463652e47057ff06f22eadd5bc2190318bb5f963ea09fbc86b8d6eaecabacb9fc044f37a5ada90fa61d4cc7caffa5cf8da59e1c0b241f6aaf8bc8fdd941a6ae6180f17ebf73fadfe356655f5afab86acf32a90b0fd86f57f7ee0d91b97c315ec28a60c83b5f9634724f785e63838ab9c9127f10ee9260e0a92c7c3f431a34916b6dfffe6cb5f0bba3bdae20772752f873858e12d077fca4c17d8d9ee229a21581818716dabcaceae1141513291c1aa249f9131f00e86ffef84ac83a80231413a597da997967811cafc70dcc622bed984cf0fa4482471d467572f85c49b84df34ed566b9acd4ef0af778c866b1dd4daab28efe203783418b120323dd417106cf3e8139b38032980fa8081cf76af99ab24c07afd7804652c72062735fd8930ca6d934411431d2f653d9fe285d36af17f18046fd665b2148261e059ed6d82bb0a333cee220627a049d936326f08735d808cf04ea4ed34eb1923cdb02c6cd07c5506905fc45c1eb12d61617700344c87ea7cd4af5e8b6c3af5d86502c32874720c1e5dd006a0dd3718acbd84c0f6bd3e4240760a2e3810eb8f90fe1234316922487ce6decc92ba7f4706ab8e61cfcf81f4be94ca9d0b9b171c46c762da76436f910250274d160ccd0d45459e456fcd7dac24d9bca180a0014f3aee93a3dc6102dfd458bde5fa4d45f1bacee08d5bcc1bb9a5f5fcbbff23ac0ed5c2f8fcb0d1b992870fb7b115cdbadfd60233d697725694497c085dc4625344bfbfbca437aaf4fd6a682697895ed639567ce512aa348789f6ec8b6d2475083aa4fa1bb96c9f372bd4a84b1080f956e7f988e9b378f53a95c2a398c882ca5a8a3711fcdf5e55185cc6c34233144533f20b517a85e88e61ade0bb89c3ae661a7a99eecf26cbee1727aac0c72ab865fc3456ac317f7223d16be7783f91b8e1d4e211684c62541127255b4f8ef52577bee9c4f65307e3dcf0ce3ca6768ec918afffc6e785a9f893e56e1d64a14d5304fe5e413d4c4913afee0c22294236363d1bd7a00d0892761317946203d9a26ddfabbb8b14d19a1651918a182c39eaec7917910893a8ceb0f5ee74d1bd666967c9f15a1f16142a8d727bde321841a8bf9bcca9638385dcd9c8b390eec725a0f43c741e41309b83c7f58479cc790c6fbbfa333d918502a9ad2f13bc764d58253b7266b7b1308187d64079e253c48b4e89b41107072bc5beca88622d7ed53fd0cbab4a550ab8e0738ef8003c1d40c1ba377a71a6f93387780f1958cf4124cdcde0ddcb57197b74a290bc6e302c", 0x1000}, {&(0x7f00000026c0)="2ddccde85e15b0999e022d2d04a8d69a45b8592bae1843d854d6b191b415aaf37b2a1191e1b77523c0d86031f65f9c6ad3ac7b4511603de8b9f5807e6242ccc32cba8efad7c3430075be86bc0c6af330e2146e56c79525cdff50b555570a6c3211b2596f3cb99d480203399a0d70f6f9cba56cc11e3d96f4789e31eaac099b5b71047ee6382282f18b6dfd037e2e5a6657b58da912ef02", 0x97}, {&(0x7f0000002780)="aa5674d86aaa68a640f58cae0dd4d478e5c9d558d1895f06bc01eced0c71135d75c9e8b9b172095749e8803b7aa92d325890d301f20b75a01b4394e8093b025d30201dabaa873203331ff00a14c75c181e83f56ba444d84a190eb4c822de4531ad96a34fbbcc92f143e81870523434e042c7e742d9772b172632b4e1e6ff6312943cc3f0a8409e1c1012e362bf152237aaee0e587858dd08c15d039d3332fb0c4e390e12b2e85f193ac7f6deff2f63b3a70da828220af67b92b7c35083f5c273988ff1a485aa85e8c4e9506730e188221078dab1a698625889714233330da42cdef307d6b4e784c3e4556b8706c240ed0b83a00811", 0xf5}], 0x3, 0x0, 0x0, 0x80}, {&(0x7f00000028c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e, &(0x7f0000003c40)=[{&(0x7f0000002940)="644a20f8953f09c2ead7dc434cd685ecb118c3de6eeac97653ed850b744c80d492f480b43fc353633eba7717dc71213a42a0528fd4bba4d46e051a33b4353ce8edf76b8f18db26e4b10b72d0272640a83e313ab04a230ea2fcc2e5b1b394454c4b454e2587f261c0521a9c14f2cd63a9a0c9a0d3bb0b21bcaa3b0764c6b4cc383abc0dacbd2d9bf66a42c5e8106ac85b68ee1ba088b12fab2b2c993a1314833304fdd0baaa0a25a7084f367fb640f7051e0f5a73d2f370163ed443b938d3497a15d9001d94c5a1c694997a1ff03d42f097", 0xd1}, {&(0x7f0000002a40)="09365ed4a22df05b9a148c6a1a52faa856cd7d8c10ea66721eba313f2a66cbc4ee7b366e89e6e3d4d4d7a43d70dba16b76e48a8bf769741ad854a50bea98fa6feef7e5f55e19f5440f55ff2ff4286ab50ce072236484c4e47fd719b841f2d08b752cddf53d104756d289e1f008726523441b42b8a8529d60808a69c2e5fbddf93485c2329bbd1bb6db76681ccd564b060e282fede3fbce4b44b87095323a57b66182fdbb4a7a048ca66c3b", 0xab}, {&(0x7f0000002b00)="e51b73cd05149bf4bd9c467d05e2f7602144f8100aee4eb8a215c9f8eb4489b8657cb578b8a6352516d07171852c2237fb26db16ec58a1c8f7c41bc970fa280f7670438e5415bb5758184c6ed15f06fd5bfcd8642f280164b63dd9193b00502553567ece40e04de3fba54839a3d6ea6eb8862ca3631bb69a229c4fd238f4f8350965fb28a1234416b208edcb50695b00c15e962ee97d1a7d9bee1e9fc1198e5b52c9dbf810085dd010c08ea667de7172285c775a39bf662b3a38ab6942bb6e24c8f892cb623861964521f2408100e5cd30e8d4ef49569ec2cffa0ff01d1f3a272f1bd58e748e841c729a5f02b1fb55cde51a2974f9f2a641d181d9c09038442826ba0cf625d561f904f11b69178d76f88437ab4789aae80afad7cffab241cbe5578cd410ec30d300c414e5f11f2cecc7eaa02c009cc74932e7fb812505cb796e7c4a4b63094d18f4e293d90e96d4a3c9d81644ff9a76d16593607c12229d9840ba69a99692ca1f6ca67c25ea83045cb9146ef706806f8b781094df5c4e2609ee6b8940d7ae88c3bfea591c06122ffa174463d9ce1c113982eaf6c2269f99e471d9c27b2af38b44af17160e0edd030925c4fdd21157e5ab8bc06c5ba233d1f9c46cd0b245d7c5cf5092ad57669a81e5d4ef8de70e01d0c147791af6c9e4bf71c06e9b5fb87ad54e0837e9d36396280ad3229f09cd7469ed9e11b6a9b402e1f07d389a2609e71d562a05b600b0da497937f8b22f39d41b1371415bc4a54a0796e85da77cc68a41533aa85a585a647526c7c251c15ad31ecc911c7af05b5a3bfa4313f0af553089ab450033403a959bfdb3c633acce60c59792f86f3a45494cb889e54be44a13356a8e01d9dd82f51afeb985b379b385e083c1817075112f0dbdc235cae7b0adb595a24981066488715d0515479f2d2f5051ba8406228c003b3e708788f22de3d769929a36649485a5973f6eb226ab53f5effbecf12f4a0f2e295c7b43cc12f2a4c9a63009a5fe791e3fb14a987415618e60f1ece17f8f5b93b6ee3aebb5883146e6745067e6473340bf321e05ca49369453eaf75689947c24845c9dfd981ad6d239fe5f9f5d1093735319dab0f55fc84d499062b01f426c486d42308a7d927136b15993339b46a52fd5c6d13296c61d28042235b74b75799f9d56e298e035e8583a3e2b7b7da157af09df5d3c65a847d6cb7cc6daf4d072dac3246dd32ad2a4c1bf9c8414d951d3bf443cc090936df4fb406566d1d490c3c100554659c365e458e148d66661943d1bd5a76262ca8377f7e77d9dcaa60c2f01dfda5061aaa97a4844344e5d14b860a4051787cb878ca3b43dfcf2174987311de652a81748b9757262967711dbb24e6be73dcb734a4c827e1dd93b1065f324830cab3b8b70239e244d4b4a08e892bf55aafb5113b9d19a6ac8d06a138d85e017b199f59a30bed47a436a00056467978649495a6f0fef00815dfa6aba4290e28c38bfe98cf5cc25989ddb3eba17bac4511d5dd017997f62337e2a748afd800517ef436231eb109b6b313c0b081ae29e8473bff6ec65549ed6f74cf5d42f8082472d417a84464dc69d00d032c78bce1aec12bbd69d0cfeedb73300f748b9235969a8a2e33d571daf4736e8c0be2b3806ea88c3a707b49783b1e9fdc2c6c1bbd0375fe89811b7fb0d223ce8b0dd053ca72db4a60efc300a6e12db3da488a25d05192dea636b159bc10e423ed6cf993ea230d66b0522cbce99f934e406ec230bc00b2d1d07b223f7011720665a4275ee64828822f2dbb89f73f0dfd2516c95e8cdfdc6328343419da904fd6307cfa7122b7857204b1c4584b4c475305b304f7495c0e3c58c26820194c9288e030fb9bcaf223e82585ea2565a868a8abdbe49724d7a40574985a0cac649a7ce915bd131c0c54a0e492c7a21a5ef552892959d970623e110bd8e063b26d8d456ec52e5c3f4d66007f16fe30e9a0f2e6381520af717882e4246542f7d349e11c734938f5f522e2f7ad47a037446b46a6c9f0c34a5d8a3416b5b873c9df0bdf014784068196ad917bc24febaffd1d89f03c3a5ae77166b51227938ced4cc2eae5f517dda751d4955ed7bf7d90a970274a90faa605d00a3851cc5c987b0267b410a4b6881602695b3907fd2359aefe995be31014ea5ef445cd8839c8433e8b8242d2f6525f68cd2154dfe0bd0e451e601ef7b5057d93011ca003794d5bbf7165aed4237e39ddf7dfeaf38d7730480b1a2639f6802dd3fbbcd790dc982417aa8d1d493a55008c7f875926b03573b358e1a12e21fe1b149725f3fa87aeb4e9ce95a562df7fc341e506c3b80cc7d06bd84d23f112ee3c74f2c964a94e63c09a738eb6c1e980cce4834e5fe59dfd491b0b2c9865132149577427292abbf8b9edf77f07575baeed2294b633757c1dcdb73e70ae5e9a8c0eb61981a91406a4b809cd2a8d2cb4e73c963282627bf8536bb8cff2fa6a80ba033dfc5ec382ad2148852ceea35673be3664888662d2479600a61107804d10d245198867d4ca137ce43bc2cd2469c363df6d2a4ea6ad5b3a7f345c3f6c9b6d2c32a0fb9bd78b914a691f39425d7bf158ffa09077dcf2203626fb42bfb61da6542a3a80d9a06615bcf741ca118fda614576760c7dec054c668f531597a2241298d1e068e2bf9d6aca0003f33f221e28a320c2aa092ab5cedfe9f12121ab6867c6b92f40215f96202ce12d0e512d64ecaea92ea8eaeefa9373c968f31c2a82a670a5a49898c2f84faaa9adb58815be12264d45ac150bbbf25e1308e35a0820a1252f5f50b5b21c55efd02b4483ef638ce6bb4c1c19f0c012479e690cb362a24d5468a51926b6d7cef036b5a9dc6633a386bf3620f3fc1b32d475b3dbc3a89429be0bb0a89f3c1b5611650c85125f04439268f2baf42a14a5b369f1b5c3096eb4bae546123c764a3a3887321f42347469148e07464a7386f931f3e93683e348120728f9d8f244399a9b389eaf63646ca5bc669385c9d1ad997f6be5eb25f4afef4ba46abbda0615cd9fa50ae5687a988671f1af01bdc2a04a691f2e740236d713964621ef4a1ca3f31a8f5b66dff5ced691a4b0ff3b14ed0d5074ec47249b13f51a82a4eb808bcb82b78b73e6106564d7b70d253bf1bf832dc35e029f56b647ac2d4ad47ba00f836aa737d1ae88bcd79074670456246dbed4365ba86878750251c96bbe0570c33f23d2d201e7b3854c230a48fbf3791c54c5081b41e242318964ecde235d4a1eb813ecc26d32d32af44316d0a076dc04b82913c8a38d2370e99052487274641830c96dcd372c42efbe45e14127d884b87e9d95f1472509bcb53e7c427a6619dd20b841c720c7e9da5706586bb1803bd48bcf9b4149a62fb0753eead5eefb5a83f51a7dab3ea31f8fc803beb8deb9628751503cc4014a41f3e7c4b912fd3ae94963eab3885870c17e38201336d6a9bc4c3cda2a15c21b1cedac2300cc259aaf913a99f4a24efdc6fefc696b809f12c785d822121aa11b984477fdb9977617eb8f1a5d3dd74131b164defadcefe4ed9655ce5344a868f349e124ae5993b725b5ba9debc5535a0995dd61a10af804a8f47b66a2fd4bd52e12463bccd8bed184c6615bff7ea5c0ca080053bfa2328a385906010636f5b5c73b03dc296266315628e85aa8094f1d376c96fdd05b9e649c65243a7867c6d9ea8ee52d12ae965a4e8f5c776ed45bab139b4d604beda2636e622510052df592e4608df41502190440cc572aad34a7c66bf534041797dd90e3257f39b8747f60f1ac7e3472f904cb0b3facb199d76ee3437ec66cfc42c06947be703295de9ccedc5419903f590d1fd8ede5d6d802c8b5358f79936889a451ff6c5d2aba05ea9d64f266de481dd64c6928ed4367d72cf0198630caf9ff58a933da8bd9736c6c4b536888886530fecf3efa4a58e8d2a00f38f918c7b6430a92e24a92c7fe50b19a8ea4b9d27c33afd38524bffe1e3e7131e583772de2da0deac334499f2f4d714517705fbc710a86ae2a47ec60b84e08a43e8412a4408076bc55c3e7cc80f3a1a785bc6ee8c73c09a3e55fa4580d5a79ae9d6fcb18375b9a89d35ad4218f7a164dfd5524a24d1a110fbd8d1a48fcd79b28761f64c10ae5b28fe04574803e75e834f9dceed456600a41f4fb56489775ab9ba3d16ac425c410dd4fc3ae4a578b1e93ed0033f4d93ecd267324df28845cff64a8b6bb1ff89b0a8d4bad79b572195c6ee4e604a87e3e78afbc7361679855348dbce4ba7a9cf0ec9faee08a4d803bd867420d7df5840cec93827d3e768d0bc4dd1cd190b89bac17a88b7b371472fea4cb1c26954bc88278953273753ccc909fbf517da1233e0cc2c2ab0afce20028df8cca3a0b74e77a5015d6525e96ccf69eb2f67c5f4a8950ef644470163fa550a70bfe1fa8b0fdd447ac621051c381d45dbb4d631e1fe3bf40a29850c64755592f97c0d39b97f0e62d2f4044b6d390353ae045fda8d4548f945968b39e107ff28d626379eb8e23712708a8d8a01c897d831f9180dabf2ff4c4a6b72925dea06e5f962a98fe7d72bc1e5f6c9c4b1d1ea336323f3a707fe28ba23b88a834d45679efe3c526bac02201af4b49a2d816fa19efb85428fa1c404bdf5bc53bbd19ec07c6263a2b293d63a1cbf7cf5b921414ff1f2bd6087a6a3844763441f2bfd45529ca91312661c01198bbe08661520f273bb3da4a95b9fdc57ce468019f9e2f32a73df4a1c85be93114593beb885e64b92d28e912fb04f564301383f0522bd2032941f22b8f04b47b88202e6e8ec8ff12555fe00506e76f04087739e704e85024437edc5007358a538392c5d7584ed485c68b151b38017e61fec0f05399d3e621117a5250a5aa19dedb3dce914514466e8896bbe6761e3c1e9a3d8cdc909531103b2518cc007991fb2998aa065b8133291a0cecf5f5a135c91d35f1ba40cdca9724f1239753dcbd8a038b6fb892e121abe1a2660339e7b5b5d4818f90ce33068cd25ed98542fd507c5a9dc4572b74549f979369f7a4ff4ef1847f1bbb7d95e9af3382fc2c1a0d53a9057ae959112b4421448e6347ec366a6b2c26079e0026c41873aaa8c04f4e383c3e1c90eb630736846734eae96c42f8ea1da4081c65c5de9081947af680e0890250d3a6012ec8b8ddc8065ec3bc4790608320aba995a34bfdb7107c169a42aff17c9db9bd6c31a4f0b3f2c059f12a739726463dd0d43a5f0d6543455f26bce8f8b2049742b230a0dcbfd460cebfe0337ace3f723eb774c997058484db9f371c1066469f9d3e6427156de6727bea205d413bdc310acca2d68c58b1ddc0918d921bf63c863671145dffd21547214038314d2e5ce41346b35114294405dfeec81b36dced3a5840eabc841ff1e06a5ff22d4540f144fd8cfa24b2ef3dcdf2f61261fb1fe3ebb7f68ab49cd575c2269c89ffdf5b30f3918df581ce11385399f2ac586c0a777fba762710edf82bfed1ca6b8e840b99e1dca88cf33e4a9d6f160299b69aa6156353be89eacdafad6a8370eb28dd78851598c0f32de298593775358c59392c73b71cfb94ca87b1915b01d098182ce5e4af495b9b644c2eb8a498b5da5b87e05231c63f38f38c364e5640541c21290c45f4f97e8433ca1ea1ffefc3645bbbaaecae0107b6871ee6f5999bb30e3b1487902d94758e887a844a3679a17473e0e401b3895991289d176ddd15c21fff80ecf690200a57357f6a2465ecdb6a170c7afcfe39278d11d9bae53a8bfe2ae6b56459b9cafd71fae7a928cdf0d3f1ed56edfaf7a07eb01", 0x1000}, {&(0x7f0000003b00)="fdc33b3a42beb7f3101ae2c75b111e98e090d26035a13f36abae99672af916360773b9d71b8522ced8a083ded7cb3f33cd1b141cf1ae7d911dfe11d50fd1c8ad1b4951405419b3b19c1c0d0f998291e50abd98480c4942e4861de36c405247270fba113bb9ff7755f2411b733bfad3e226a61aa4008d4564976d00240821fdb8119a200ebaec4792be86ea79c0dd98510a144e730ed1e81fca24723c23751fbd06d75bc3763d4eedc569633b443b44e2f631c23de630fb7b2314d99d62a7f4c6d54942794150b9a2711d287c3a8ae8de06cbcf3c2ab08a19584394250ab33f543caf325cd0ed4d54bfd3bb5b", 0xec}, {&(0x7f0000003c00)="4276e3fb0c9b31a3b4cfbf3f6e82f248768d", 0x12}], 0x5, &(0x7f00000053c0)=[@rights={0x20, 0x1, 0x1, [r12, r13, r14]}, @rights={0x28, 0x1, 0x1, [r15, r16, r17, r18, r19]}, @cred={0x20, 0x1, 0x2, r20, r21, r22}, @rights={0x18, 0x1, 0x1, [r23]}], 0x80, 0x20000800}], 0x3, 0x4000) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clock_getres(0x8000000000000009, &(0x7f0000000040)) r24 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a, 0x3}, 0x0, 0x0, 0x0) keyctl$read(0xb, r24, &(0x7f0000000280)=""/4096, 0x1000) [ 552.381822] FAULT_INJECTION: forcing a failure. [ 552.381822] name failslab, interval 1, probability 0, space 0, times 0 [ 552.393092] CPU: 1 PID: 7915 Comm: syz-executor0 Not tainted 4.18.0-rc4-next-20180713+ #7 [ 552.401413] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 552.410768] Call Trace: [ 552.413366] dump_stack+0x1c9/0x2b4 [ 552.417008] ? dump_stack_print_info.cold.2+0x52/0x52 [ 552.422212] should_fail.cold.4+0xa/0x11 [ 552.426284] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 552.431403] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 552.436425] ? do_raw_spin_unlock+0xa7/0x2f0 [ 552.440835] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 552.445424] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 552.450449] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 552.455466] ? find_next_bit+0x104/0x130 [ 552.459528] ? cpumask_next+0x24/0x30 [ 552.463335] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 552.468881] ? pcpu_alloc+0x190/0x13a0 [ 552.472774] ? kmem_cache_alloc_trace+0x152/0x780 [ 552.477639] ? lock_acquire+0x1e4/0x540 [ 552.481628] ? fs_reclaim_acquire+0x20/0x20 [ 552.485953] ? lock_downgrade+0x8f0/0x8f0 [ 552.490096] ? pcpu_balance_workfn+0x1700/0x1700 [ 552.494850] ? check_same_owner+0x340/0x340 [ 552.499166] ? rcu_note_context_switch+0x730/0x730 [ 552.504138] ? lock_acquire+0x1e4/0x540 [ 552.508104] __should_failslab+0x124/0x180 [ 552.512327] should_failslab+0x9/0x14 [ 552.516113] __kmalloc+0x2c8/0x760 [ 552.519639] ? kasan_check_write+0x14/0x20 [ 552.523861] ? __init_rwsem+0x1cc/0x2a0 [ 552.527823] ? do_raw_write_unlock.cold.8+0x49/0x49 [ 552.532824] ? prealloc_shrinker+0x124/0x480 [ 552.537220] ? __lockdep_init_map+0x105/0x590 [ 552.541744] prealloc_shrinker+0x124/0x480 [ 552.545965] ? __init_waitqueue_head+0x9e/0x150 [ 552.550623] ? inactive_list_is_low+0x850/0x850 [ 552.555315] ? __lockdep_init_map+0x105/0x590 [ 552.559799] alloc_super+0x8dd/0xb10 [ 552.563503] ? destroy_unused_super.part.11+0x110/0x110 [ 552.568863] ? lock_downgrade+0x8f0/0x8f0 [ 552.572994] ? lock_acquire+0x1e4/0x540 [ 552.576971] ? kasan_check_read+0x11/0x20 [ 552.581105] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 552.585676] ? kasan_check_write+0x14/0x20 [ 552.589896] ? do_raw_spin_lock+0xc1/0x200 [ 552.594122] sget_userns+0x276/0x860 [ 552.597831] ? v9fs_kill_super+0xa0/0xa0 [ 552.601882] ? vfs_get_super+0x270/0x270 [ 552.605956] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 552.611479] ? ns_capable_common+0x13f/0x170 [ 552.615875] ? v9fs_kill_super+0xa0/0xa0 [ 552.619922] sget+0x10b/0x150 [ 552.623026] v9fs_mount+0xe2/0x900 [ 552.626554] ? v9fs_drop_inode+0x150/0x150 [ 552.630777] legacy_get_tree+0x118/0x440 [ 552.634829] vfs_get_tree+0x1cb/0x5c0 [ 552.638623] do_mount+0x6c1/0x1fb0 [ 552.642149] ? kasan_check_write+0x14/0x20 [ 552.646373] ? copy_mount_string+0x40/0x40 [ 552.650593] ? kasan_kmalloc+0xc4/0xe0 [ 552.654471] ? kmem_cache_alloc_trace+0x318/0x780 [ 552.659301] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 552.664826] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 552.670349] ? copy_mount_options+0x285/0x380 [ 552.674837] ksys_mount+0x12d/0x140 [ 552.678454] __x64_sys_mount+0xbe/0x150 [ 552.682417] do_syscall_64+0x1b9/0x820 [ 552.686288] ? finish_task_switch+0x1d3/0x870 [ 552.690772] ? syscall_return_slowpath+0x5e0/0x5e0 [ 552.695691] ? syscall_return_slowpath+0x31d/0x5e0 [ 552.700607] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 552.705609] ? prepare_exit_to_usermode+0x291/0x3b0 [ 552.710614] ? perf_trace_sys_enter+0xb10/0xb10 [ 552.715270] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 552.720104] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 552.725279] RIP: 0033:0x455ab9 [ 552.728448] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 552.747719] RSP: 002b:00007ff52b1d3c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 552.755417] RAX: ffffffffffffffda RBX: 00007ff52b1d46d4 RCX: 0000000000455ab9 [ 552.762679] RDX: 0000000020000900 RSI: 0000000020000000 RDI: 0000000000000000 [ 552.769932] RBP: 000000000072bea0 R08: 0000000020000140 R09: 0000000000000000 03:33:39 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x2000000000000000, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001}, 0x10) [ 552.777187] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 552.784452] R13: 00000000004c0201 R14: 00000000004cfe50 R15: 000000000000002b 03:33:39 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x67880100, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:39 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x2000000], 0x1}}, 0x1c) 03:33:39 executing program 2: setsockopt$inet6_buf(0xffffffffffffffff, 0x29, 0x0, &(0x7f0000002000)="24b38b20d0ef3254115223ef6cf758327575c041e002a8089496079b1b45009349041eca724fdec73fab9b04e4a4a5af1d03000000000000007faa62b9c0d263274f4a010c4f93ef85516b042511f32764171ba9bd278cbe360c22f184073fe215dee02fe37161246323ee9c82c790add905b90a64adab9fef855d72abb637d460fc6fb5a9eec5535b119c9dfbde3f76323a5af634e4235a33d57e226460104ca0dedf1f0e8365cd43d106c41d009976034d6557bf8917cad630598f6e58fd1770012d78aabb64ffffffed0000464caeedf840d001fe92b08c3f7b8e1596417d7dcd645413be450000000000000001c122283846253398a04d99ca8680deb20632834bc027c44d4cf3fd102724d6748de61eebb06801048dea7636f3a248a9bf3123882ca9fc66b4e70b06d43045", 0x12e) setsockopt$inet6_MRT6_DEL_MFC_PROXY(0xffffffffffffffff, 0x29, 0xd3, &(0x7f0000002000)={{0xa}, {0xa, 0x0, 0x0, @mcast2={0xff, 0x2, [], 0x1}}}, 0xfffffc99) setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000002000)={0x0, 0x0, 0x9}, 0x14) r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x501842, 0x0) ioctl$sock_inet_SIOCSIFBRDADDR(r0, 0x891a, &(0x7f0000000040)={'bridge0\x00', {0x2, 0x4e20, @multicast2=0xe0000002}}) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_int(r1, 0x29, 0x40, &(0x7f0000001fde), 0x4) 03:33:39 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0xd603000000000000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:39 executing program 5: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x11, &(0x7f0000000100), 0x0) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000600)='/dev/vga_arbiter\x00', 0x301000, 0x0) setsockopt$inet6_tcp_TLS_RX(r1, 0x6, 0x2, &(0x7f0000000640)={0x303, 0x33}, 0x4) ioctl$KVM_SET_XSAVE(r0, 0x5000aea5, &(0x7f0000000000)={"8c53e615f9fedd7c3b10df94f729e44a3ac7105d41052ce534005a4f58a6c2a59bfe666bb9c516380a107572d367f6b089062271541c9bcc834b4dd06e8965b5a938441e12bd9132429c684d860fc295f29d714c7b09fe99001ff6f934453a7f5c5d7801cda1f2d3d6108ef829312a55186b8af2495f7229060bfda7536e0b0ea3e6c7cbd143533388dee87d55ecfb150d5428484a3d7b2b6c47daaec3ffac3d43018bab9c4e4371606b6bc0369f35292bfb9bc21a862b240ec54c630c8bf9c1029f6c241fb2a62b822a9d74119b2911fb71ac98271796487b7aa0aff3ca435e440de9321b4a2e616d66860c2c2b074b2fde5806729ac216182098b16f6b6d8155b3aff18b88eef803e36258952790949ad40ca29ba26f9df034ed7a43bddc25fc487867d6124d34747a1e3c6c85c4f91c61ca2ee5060aa3023f3d89800899e3fe19a4e2fdfe1a271bd657b0421602b09348e260d5abba61f42f5699ab7407a1e935bbe6936302509a3db7ca0dbe6255a39c1b71798b6a5dbbf0c626aa93bf476ee577caf93fd07ae7c3e4eb3fc7001729be4f5fb0dba31b651a7f9f49ca568a35b16d442fb49059220aa183e71e45eb25058c5b5aeb334779ff76a74bf7df7826f6285cc13fb4b91d4b72bf0e7bc9f6223382be268717558f01addf0329f22a96ae4f08b57b8afd3ef4cc28f4542494a2c35b3e97e8051ce4f5b6dab8482c86a9d309c702f67103e09b0cccf9b8e2e58a4c5c82240c9d103bfc849f06a65e595fc0f2cda2e80e84e60c4e63c2c4e38f1d03ea998f13254ad648bb6a97e18fb2e8a958a6349eee6b6dc52bf1bcd761ad5f7302c2a18057b858eb070eee52818f037a5edc5fb328f671d3c44dc28fbe4168f992fcebbf483751f48d1070d064fd530a08d5378fc4746e3162998da144484d9157cbe7950c54c534935275a57daa4f6ddc621c420ee6b8cd6706af0b5f4927a6fde84e2e4d91781803d6c9229ea1499d0659fd4dbe095807f8a0d9764df7e3b0e972bc3369bac41bf3c52d1a896cdde9ff54017aba9f33777e03cbff3eff7ebff79a4631a6f74418a29027a09268962e6ff88ddb5966874fb6ec7aed7157814596234d2d1b7fc92cff1858f27ae584f7707b34ca37203bd971963b30b75aca0b581ae5393189fe87bc412e0522279c063505e4bd7493b15d55e8959f2cbe9141b0ca40f7b5068c05769b5d2a58b6600f648d4b90795a9bbb439d367fe61b63101cfa7ece50182b5f4d080b9fb4ba89e161690e38f3bcb27031fa9535c9815f1d38eddb4233c6b4abbbe2a126844262f17454c901bd272b1de5d669785511f232ceb10ed7a302150e67127ab6ad497ee28c904b517ee8ce30e311952b77423e650f80e567ab7af91f2da33499bdbcdc5a7be3b18dad507da807328d2d31b32b2c48af2fa4951fb9b317c7cd218973"}) r2 = openat(0xffffffffffffffff, &(0x7f0000000540)='./file0\x00', 0x0, 0x40) getsockopt$inet_mtu(r2, 0x0, 0xa, &(0x7f0000000580), &(0x7f00000005c0)=0x4) getsockopt$inet_sctp6_SCTP_STATUS(r0, 0x84, 0xe, &(0x7f0000000400)={0x0, 0x7, 0x0, 0xb0, 0x4, 0x9, 0x2, 0x8000, {0x0, @in6={{0xa, 0x4e21, 0x9, @empty, 0x4}}, 0x7, 0xdcf6, 0x7, 0x5, 0x7fffffff}}, &(0x7f00000004c0)=0xb0) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r0, 0x84, 0x78, &(0x7f0000000500)=r3, 0x4) 03:33:39 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0xe202000000000000, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001}, 0x10) 03:33:39 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x11000000], 0x1}}, 0x1c) 03:33:39 executing program 0 (fault-call:8 fault-nth:44): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) 03:33:39 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0xfdffffff, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001}, 0x10) 03:33:39 executing program 5: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000140)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001480)={{&(0x7f0000ffc000/0x4000)=nil, 0x4000}, 0x1}) recvmmsg(0xffffffffffffffff, &(0x7f00000011c0)=[{{&(0x7f0000000000)=@nfc_llcp, 0x80, &(0x7f0000000100)=[{&(0x7f0000000080)=""/21, 0x15}, {&(0x7f00000000c0)=""/50, 0x32}, {&(0x7f0000000180)=""/212, 0xd4}, {&(0x7f0000000280)=""/234, 0xea}], 0x4, &(0x7f0000000380)=""/139, 0x8b, 0x5}, 0xc424}, {{&(0x7f0000000440)=@nfc, 0x80, &(0x7f0000000740)=[{&(0x7f00000004c0)=""/17, 0x11}, {&(0x7f0000000500)=""/120, 0x78}, {&(0x7f0000000580)=""/147, 0x93}, {&(0x7f0000000640)=""/208, 0xd0}], 0x4, 0x0, 0x0, 0x6959873d}, 0x7fffffff}, {{&(0x7f0000000780)=@hci, 0x80, &(0x7f0000000940)=[{&(0x7f0000000800)=""/187, 0xbb}, {&(0x7f00000008c0)=""/120, 0x78}], 0x2, &(0x7f00000014c0)=""/4096, 0x1000, 0xd67}, 0x6}, {{&(0x7f0000000980)=@ax25, 0x80, &(0x7f0000000ac0)=[{&(0x7f0000000a00)=""/101, 0x65}, {&(0x7f0000000a80)=""/61, 0x3d}], 0x2, &(0x7f0000000b00)=""/237, 0xed, 0x5}, 0x1}, {{&(0x7f0000000c00)=@in6={0x0, 0x0, 0x0, @remote}, 0x80, &(0x7f0000000d00)=[{&(0x7f0000000c80)=""/3, 0x3}, {&(0x7f0000000cc0)=""/6, 0x6}], 0x2, &(0x7f0000000d40)=""/172, 0xac, 0x1f}, 0xfffffffffffffffb}, {{&(0x7f0000000e00)=@un=@abs, 0x80, &(0x7f0000000e80), 0x0, &(0x7f0000000ec0)=""/80, 0x50, 0x8}, 0x1}, {{&(0x7f0000000f40)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff}}, 0x80, &(0x7f0000001100)=[{&(0x7f0000000fc0)=""/29, 0x1d}, {&(0x7f0000001000)=""/198, 0xc6}], 0x2, &(0x7f0000001140)=""/90, 0x5a, 0x5}, 0x7}], 0x7, 0x22, &(0x7f0000001380)={0x77359400}) getsockopt$inet_sctp_SCTP_CONTEXT(0xffffffffffffff9c, 0x84, 0x11, &(0x7f00000013c0)={0x0, 0x7fffffff}, &(0x7f0000001400)=0x8) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f0000001440)={0x400, 0x0, 0x1, 0x7ff, r2}, &(0x7f00000024c0)=0x10) setsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(r1, 0x84, 0x12, &(0x7f0000000e80)=0x9, 0x4) madvise(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x4) 03:33:39 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xff070000, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:39 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0xd6030000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:39 executing program 2: r0 = gettid() rt_sigprocmask(0x0, &(0x7f0000032ff8)={0xfffffffffffffffe}, 0x0, 0x8) timer_create(0x0, &(0x7f00009cefa8)={0x0, 0x12, 0x4, @tid=r0}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f0000040fe0)={{0x0, 0x989680}, {0x0, 0x9}}, &(0x7f0000040000)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x77359400}, {0x77359400}}, &(0x7f0000000040)) r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x2000, 0x0) mmap$xdp(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x1, 0x10, r1, 0x180000000) ppoll(&(0x7f0000ae7000), 0x0, &(0x7f0000845ff0), &(0x7f000079dff8), 0x8) 03:33:39 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x5865], 0x1}}, 0x1c) [ 553.103266] FAULT_INJECTION: forcing a failure. [ 553.103266] name failslab, interval 1, probability 0, space 0, times 0 [ 553.114557] CPU: 0 PID: 8005 Comm: syz-executor0 Not tainted 4.18.0-rc4-next-20180713+ #7 [ 553.122878] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 553.132236] Call Trace: [ 553.134841] dump_stack+0x1c9/0x2b4 [ 553.138542] ? dump_stack_print_info.cold.2+0x52/0x52 [ 553.143745] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 553.149292] should_fail.cold.4+0xa/0x11 [ 553.153361] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 553.158471] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 553.164018] ? replace_slot+0xc9/0x4c0 [ 553.167917] ? __save_stack_trace+0x8d/0xf0 [ 553.172246] ? plist_requeue+0x650/0x650 [ 553.176316] ? save_stack+0xa9/0xd0 [ 553.179946] ? save_stack+0x43/0xd0 [ 553.183584] ? lock_acquire+0x1e4/0x540 [ 553.187562] ? fs_reclaim_acquire+0x20/0x20 [ 553.191887] ? lock_downgrade+0x8f0/0x8f0 [ 553.196033] ? check_same_owner+0x340/0x340 [ 553.200350] ? check_same_owner+0x340/0x340 [ 553.204782] ? rcu_note_context_switch+0x730/0x730 [ 553.209722] __should_failslab+0x124/0x180 [ 553.213950] should_failslab+0x9/0x14 [ 553.217732] __kmalloc+0x2c8/0x760 [ 553.221251] ? rcu_note_context_switch+0x730/0x730 [ 553.226161] ? __list_lru_init+0x151/0x840 [ 553.230375] __list_lru_init+0x151/0x840 [ 553.234416] ? list_lru_destroy+0x500/0x500 [ 553.238716] ? prealloc_shrinker+0x124/0x480 [ 553.243103] ? prealloc_shrinker+0x213/0x480 [ 553.247489] ? __init_waitqueue_head+0x9e/0x150 [ 553.252138] ? inactive_list_is_low+0x850/0x850 [ 553.256797] ? __lockdep_init_map+0x105/0x590 [ 553.261288] alloc_super+0x976/0xb10 [ 553.264998] ? destroy_unused_super.part.11+0x110/0x110 [ 553.270349] ? lock_downgrade+0x8f0/0x8f0 [ 553.274477] ? lock_acquire+0x1e4/0x540 [ 553.278440] ? kasan_check_read+0x11/0x20 [ 553.282579] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 553.287149] ? kasan_check_write+0x14/0x20 [ 553.291374] ? do_raw_spin_lock+0xc1/0x200 [ 553.295591] sget_userns+0x276/0x860 [ 553.299286] ? v9fs_kill_super+0xa0/0xa0 [ 553.303724] ? vfs_get_super+0x270/0x270 [ 553.307779] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 553.313474] ? ns_capable_common+0x13f/0x170 [ 553.317863] ? v9fs_kill_super+0xa0/0xa0 [ 553.321906] sget+0x10b/0x150 [ 553.325007] v9fs_mount+0xe2/0x900 [ 553.328538] ? v9fs_drop_inode+0x150/0x150 [ 553.332766] legacy_get_tree+0x118/0x440 [ 553.336812] vfs_get_tree+0x1cb/0x5c0 [ 553.340606] do_mount+0x6c1/0x1fb0 [ 553.344129] ? kasan_check_write+0x14/0x20 [ 553.348346] ? copy_mount_string+0x40/0x40 [ 553.352563] ? retint_kernel+0x10/0x10 [ 553.356439] ? copy_mount_options+0x1f0/0x380 [ 553.360918] ? __sanitizer_cov_trace_pc+0x44/0x50 [ 553.365741] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 553.371267] ? copy_mount_options+0x285/0x380 [ 553.376272] ksys_mount+0x12d/0x140 [ 553.379890] __x64_sys_mount+0xbe/0x150 [ 553.383849] do_syscall_64+0x1b9/0x820 [ 553.387717] ? finish_task_switch+0x1d3/0x870 [ 553.392204] ? syscall_return_slowpath+0x5e0/0x5e0 [ 553.397126] ? syscall_return_slowpath+0x31d/0x5e0 [ 553.402043] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 553.407044] ? prepare_exit_to_usermode+0x291/0x3b0 [ 553.412045] ? perf_trace_sys_enter+0xb10/0xb10 [ 553.416705] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 553.421533] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 553.426701] RIP: 0033:0x455ab9 [ 553.429868] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 03:33:40 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000000)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) r2 = socket(0xa, 0x1, 0x0) setsockopt$inet_MCAST_JOIN_GROUP(r2, 0x0, 0x2a, &(0x7f0000000040)={0x2, {{0x2, 0x0, @multicast2=0xe0000002}}}, 0x88) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000100)={0x0, 0x9}, &(0x7f0000000180)=0x8) getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000001c0)={r3, 0xd0, &(0x7f00000002c0)=[@in6={0xa, 0x4e23, 0x5, @remote={0xfe, 0x80, [], 0xbb}, 0xe6}, @in={0x2, 0x4e21, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e21, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e22, @multicast2=0xe0000002}, @in6={0xa, 0x4e23, 0x20, @local={0xfe, 0x80, [], 0xaa}, 0x100000001}, @in={0x2, 0x4e21}, @in={0x2, 0x4e24}, @in6={0xa, 0x4e22, 0x3, @remote={0xfe, 0x80, [], 0xbb}, 0x101}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x18}}, @in6={0xa, 0x4e24, 0xef9, @empty, 0x200}]}, &(0x7f0000000200)=0x10) setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x35, &(0x7f0000000140)=0x1, 0x12f) 03:33:40 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x400000000000000], 0x1}}, 0x1c) 03:33:40 executing program 5: io_setup(0x4, &(0x7f0000000000)=0x0) io_pgetevents(r0, 0x2, 0x2, &(0x7f0000000040)=[{}, {}], 0x0, &(0x7f00000000c0)={&(0x7f0000000080), 0x8}) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$EVIOCGABS0(r2, 0x80184540, &(0x7f0000000140)=""/4096) getsockopt$inet_sctp6_SCTP_STATUS(r2, 0x84, 0xe, &(0x7f0000001140)={0x0, 0x44, 0x1000, 0x19, 0x6, 0x1e, 0x8, 0x0, {0x0, @in={{0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}}, 0x20, 0x3, 0x4, 0x3ff, 0x100000001}}, &(0x7f0000001200)=0xb0) setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000001240)={r3, 0x5, 0x30}, 0xc) pause() getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000001280)={0x0, 0x0}, &(0x7f00000012c0)=0xc) ptrace$poke(0x5, r4, &(0x7f0000001300), 0xffffffffffffdb3c) r6 = openat$full(0xffffffffffffff9c, &(0x7f0000001340)='/dev/full\x00', 0x200, 0x0) r7 = syz_open_dev$adsp(&(0x7f0000001380)='/dev/adsp#\x00', 0x100, 0x800) r8 = openat$vcs(0xffffffffffffff9c, &(0x7f00000013c0)='/dev/vcs\x00', 0x800, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(r7, 0x1, &(0x7f0000001400)={0x68, 0x4, 0x4, "b9a6fd71ddc511270331cb056a6225ab0a44dee129537d25d493cc1ab65f9f42380a603a6752bd802059c716fdfeadb1454c4c6a3e9a900b3c1173992bc5473d75c3d449f8bd664305352f84941d6e925244b0b502c21ec16648874a519b5f6885328ede7513fd8e"}) recvfrom$unix(r7, &(0x7f0000001480)=""/177, 0xb1, 0x22, &(0x7f0000001540)=@file={0x0, './file0\x00'}, 0x6e) getsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f00000015c0), &(0x7f0000001600)=0x4) accept4$bt_l2cap(r6, &(0x7f0000001640), &(0x7f0000001680)=0xe, 0x0) sendmsg$nl_route(r8, &(0x7f00000017c0)={&(0x7f00000016c0)={0x10, 0x0, 0x0, 0x200c000}, 0xc, &(0x7f0000001780)={&(0x7f0000001700)=@ipv4_newrule={0x68, 0x20, 0x0, 0x70bd27, 0x25dfdbfc, {0x2, 0x14, 0x10, 0x6, 0x1, 0x0, 0x0, 0x8, 0x10}, [@FRA_FLOW={0x8, 0xb, 0x80000001}, @FRA_SRC={0x8, 0x2, @remote={0xac, 0x14, 0x14, 0xbb}}, @FRA_DST={0x8, 0x1, @broadcast=0xffffffff}, @FRA_GENERIC_POLICY=@FRA_FWMASK={0x8, 0x10, 0x100000000}, @FRA_DST={0x8, 0x1, @local={0xac, 0x14, 0x14, 0xaa}}, @FRA_DST={0x8, 0x1, @broadcast=0xffffffff}, @FRA_DST={0x8, 0x1, @broadcast=0xffffffff}, @FRA_DST={0x8, 0x1, @loopback=0x7f000001}, @FRA_SRC={0x8, 0x2, @remote={0xac, 0x14, 0x14, 0xbb}}]}, 0x68}, 0x1, 0x0, 0x0, 0x80}, 0x800) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r7, 0x6, 0x1d, &(0x7f0000001800)={0x9, 0x6, 0x101, 0x7fffffff, 0x8}, 0x14) ioctl$SG_GET_TIMEOUT(r6, 0x2202, 0x0) fcntl$F_GET_FILE_RW_HINT(r6, 0x40d, &(0x7f0000001840)) connect$unix(r1, &(0x7f0000001880)=@file={0x1, './file0\x00'}, 0x6e) ioctl$INOTIFY_IOC_SETNEXTWD(r2, 0x40044900, 0x200) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000001900)='./cgroup.cpu/syz0\x00', 0x200002, 0x0) ioprio_get$uid(0x3, r5) ioctl$EVIOCGID(r6, 0x80084502, &(0x7f0000001940)=""/4096) getsockopt$inet_udp_int(r2, 0x11, 0xb, &(0x7f0000002940), &(0x7f0000002980)=0x4) semget$private(0x0, 0x2, 0x41) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r6, 0x84, 0x18, &(0x7f00000029c0)={r3, 0xff}, &(0x7f0000002a00)=0x8) setsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r7, 0x84, 0x12, &(0x7f0000002a40)=0x6, 0x4) setsockopt$l2tp_PPPOL2TP_SO_SENDSEQ(r1, 0x111, 0x3, 0x0, 0x4) 03:33:40 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x13000000, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001}, 0x10) 03:33:40 executing program 2: r0 = syz_open_dev$audion(&(0x7f00000000c0)='/dev/audio#\x00', 0x9, 0x0) setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r0, 0x6, 0x21, &(0x7f0000000140)="a71bad5e1194c0b36e1cf17534850e47", 0x10) r1 = socket$inet6(0xa, 0x202000000802, 0x0) socket$rds(0x15, 0x5, 0x0) r2 = getpgrp(0x0) r3 = syz_open_procfs(r2, &(0x7f0000000100)='net/ip_vs\x00') sendfile(r1, r3, &(0x7f0000000340)=0xd00, 0x7ffffffe) sendto$inet6(r1, &(0x7f0000000000)="75f5f73346cd7dc082230dd8deea57a8bc374ad4bfdc0ecfbf7e803063ecc0432986455a7d301dcb92ac9a42197d7e62bc3f61ac3fb97ab6acfd24def57bb22457df77ec2fa259b6aa6f0189624c2f1316ceda6ded4b4ec7da59e9d9c4ca35f5ec0bf8c8e17169d39df96a528bdb8dca011a385f23247ee55468069c368232", 0x7f, 0x4, &(0x7f0000000080)={0xa, 0x4e23, 0x3, @mcast1={0xff, 0x1, [], 0x1}, 0x7}, 0x1c) ioctl$TIOCSWINSZ(r3, 0x5414, &(0x7f0000000180)={0x7, 0x17eb0000000, 0x4, 0x4}) 03:33:40 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xfffffff0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:40 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x20a], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) [ 553.449031] RSP: 002b:00007ff52b1d3c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 553.456721] RAX: ffffffffffffffda RBX: 00007ff52b1d46d4 RCX: 0000000000455ab9 [ 553.463971] RDX: 0000000020000900 RSI: 0000000020000000 RDI: 0000000000000000 [ 553.471226] RBP: 000000000072bea0 R08: 0000000020000140 R09: 0000000000000000 [ 553.478478] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 553.485735] R13: 00000000004c0201 R14: 00000000004cfe50 R15: 000000000000002c 03:33:40 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x18000000, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001}, 0x10) 03:33:40 executing program 0 (fault-call:8 fault-nth:45): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) 03:33:40 executing program 7: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id', 0x3d}, 0x2c, {'group_id', 0x3d}, 0x2c}) read$FUSE(r0, &(0x7f00000020c0), 0x1000) r1 = syz_open_dev$mice(&(0x7f00000003c0)='/dev/input/mice\x00', 0x0, 0x2000) ioctl$SNDRV_TIMER_IOCTL_START(r1, 0x54a0) write$FUSE_INIT(r0, &(0x7f0000000280)={0x50, 0x0, 0x1, {0x7, 0x1b, 0x0, 0x100001}}, 0x50) getxattr(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000500)=@known='system.posix_acl_default\x00', &(0x7f00000001c0)=""/162, 0xffffffffffffffe5) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/sync_retries\x00', 0x2, 0x0) getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, &(0x7f0000000140)={0x0, 0x46, "fd7fc435bb711e67dbccd21ef887d97c3079138e5d022840e9a58e2660bcdb933bce662076c1230e98bf50cbc048257da771b630b36edb7aebfd148a475abce922efe0434f63"}, &(0x7f0000000340)=0x4e) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r2, 0x84, 0x1f, &(0x7f0000000540)={r3, @in6={{0xa, 0x4e22, 0xffffffff, @local={0xfe, 0x80, [], 0xaa}, 0xbe9}}, 0x1f, 0x2}, &(0x7f0000000380)=0x90) read$FUSE(r0, &(0x7f0000001000), 0x1000) write$FUSE_ENTRY(r0, &(0x7f0000002000)={0x90, 0x0, 0x2}, 0x90) 03:33:40 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x88640000], 0x1}}, 0x1c) 03:33:40 executing program 2: write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080)={0xffffffffffffffff}, 0x13f}}, 0x20) r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) epoll_create1(0x80000) write$RDMA_USER_CM_CMD_DESTROY_ID(r1, &(0x7f00000001c0)={0x1, 0x10, 0xfa00, {&(0x7f0000000040), r0}}, 0x18) 03:33:40 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x70880100, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:40 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x100000000000000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) [ 553.629858] FAULT_INJECTION: forcing a failure. [ 553.629858] name failslab, interval 1, probability 0, space 0, times 0 [ 553.641149] CPU: 0 PID: 8033 Comm: syz-executor0 Not tainted 4.18.0-rc4-next-20180713+ #7 [ 553.649464] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 553.658820] Call Trace: [ 553.661409] dump_stack+0x1c9/0x2b4 [ 553.665036] ? dump_stack_print_info.cold.2+0x52/0x52 [ 553.670222] ? __kernel_text_address+0xd/0x40 [ 553.674709] ? unwind_get_return_address+0x61/0xa0 [ 553.679636] should_fail.cold.4+0xa/0x11 [ 553.683692] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 553.688789] ? save_stack+0xa9/0xd0 [ 553.692401] ? save_stack+0x43/0xd0 [ 553.696015] ? kasan_kmalloc+0xc4/0xe0 [ 553.699892] ? kmem_cache_alloc_trace+0x152/0x780 [ 553.704722] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 553.709983] ? __list_lru_init+0x4d6/0x840 [ 553.714207] ? alloc_super+0x976/0xb10 [ 553.718096] ? sget+0x10b/0x150 [ 553.721370] ? v9fs_mount+0xe2/0x900 [ 553.725077] ? legacy_get_tree+0x118/0x440 [ 553.729297] ? vfs_get_tree+0x1cb/0x5c0 [ 553.733256] ? do_mount+0x6c1/0x1fb0 [ 553.736954] ? ksys_mount+0x12d/0x140 [ 553.740740] ? __x64_sys_mount+0xbe/0x150 [ 553.744878] ? do_syscall_64+0x1b9/0x820 [ 553.748925] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 553.754289] ? save_stack+0xa9/0xd0 [ 553.757907] ? lock_acquire+0x1e4/0x540 [ 553.761882] ? fs_reclaim_acquire+0x20/0x20 [ 553.766194] ? lock_downgrade+0x8f0/0x8f0 [ 553.770326] ? ksys_mount+0x12d/0x140 [ 553.774381] ? check_same_owner+0x340/0x340 [ 553.778692] ? rcu_note_context_switch+0x730/0x730 [ 553.783613] __should_failslab+0x124/0x180 [ 553.787836] should_failslab+0x9/0x14 [ 553.791623] kmem_cache_alloc_trace+0x2cb/0x780 [ 553.796276] ? kasan_kmalloc+0xc4/0xe0 [ 553.800155] __memcg_init_list_lru_node+0x185/0x2d0 [ 553.805157] ? kvfree_rcu+0x20/0x20 [ 553.808776] ? __kmalloc_node+0x47/0x70 [ 553.812738] __list_lru_init+0x4d6/0x840 [ 553.816793] ? list_lru_destroy+0x500/0x500 [ 553.821106] ? prealloc_shrinker+0x213/0x480 [ 553.825498] ? __init_waitqueue_head+0x9e/0x150 [ 553.830152] ? inactive_list_is_low+0x850/0x850 [ 553.834808] ? __lockdep_init_map+0x105/0x590 [ 553.839295] alloc_super+0x976/0xb10 [ 553.843094] ? destroy_unused_super.part.11+0x110/0x110 [ 553.848442] ? lock_downgrade+0x8f0/0x8f0 [ 553.852764] ? lock_acquire+0x1e4/0x540 [ 553.856728] ? kasan_check_read+0x11/0x20 [ 553.860881] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 553.865452] ? kasan_check_write+0x14/0x20 [ 553.869672] ? do_raw_spin_lock+0xc1/0x200 [ 553.873898] sget_userns+0x276/0x860 [ 553.877597] ? v9fs_kill_super+0xa0/0xa0 [ 553.881649] ? vfs_get_super+0x270/0x270 [ 553.885814] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 553.891343] ? ns_capable_common+0x13f/0x170 [ 553.895746] ? v9fs_kill_super+0xa0/0xa0 [ 553.899797] sget+0x10b/0x150 [ 553.902893] v9fs_mount+0xe2/0x900 [ 553.906422] ? v9fs_drop_inode+0x150/0x150 [ 553.910642] legacy_get_tree+0x118/0x440 [ 553.914702] vfs_get_tree+0x1cb/0x5c0 [ 553.918490] do_mount+0x6c1/0x1fb0 [ 553.922027] ? check_same_owner+0x340/0x340 [ 553.926333] ? lock_release+0xa30/0xa30 [ 553.930294] ? copy_mount_string+0x40/0x40 [ 553.934516] ? kasan_kmalloc+0xc4/0xe0 [ 553.938391] ? kmem_cache_alloc_trace+0x318/0x780 [ 553.943229] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 553.948757] ? _copy_from_user+0xdf/0x150 [ 553.952896] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 553.958431] ? copy_mount_options+0x285/0x380 [ 553.962922] ksys_mount+0x12d/0x140 [ 553.966535] __x64_sys_mount+0xbe/0x150 [ 553.970506] do_syscall_64+0x1b9/0x820 [ 553.974383] ? syscall_return_slowpath+0x5e0/0x5e0 [ 553.979299] ? syscall_return_slowpath+0x31d/0x5e0 [ 553.984216] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 553.989229] ? prepare_exit_to_usermode+0x291/0x3b0 [ 553.994234] ? perf_trace_sys_enter+0xb10/0xb10 [ 553.998895] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 554.003743] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 554.008918] RIP: 0033:0x455ab9 [ 554.012086] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 554.031370] RSP: 002b:00007ff52b1d3c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 554.039064] RAX: ffffffffffffffda RBX: 00007ff52b1d46d4 RCX: 0000000000455ab9 [ 554.046319] RDX: 0000000020000900 RSI: 0000000020000000 RDI: 0000000000000000 [ 554.053573] RBP: 000000000072bea0 R08: 0000000020000140 R09: 0000000000000000 [ 554.060826] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 554.068081] R13: 00000000004c0201 R14: 00000000004cfe50 R15: 000000000000002d 03:33:40 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x300], 0x1}}, 0x1c) 03:33:40 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x51010000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:40 executing program 2: r0 = socket$can_raw(0x1d, 0x3, 0x1) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000004c0)={0x0, 0x0, 0x0}, &(0x7f0000000380)=0xc) r2 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x4, 0x8000) setregid(0x0, r1) getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(r2, 0x84, 0x1b, &(0x7f0000000040)={0x0, 0x8a, "398d10d2fff6c97080894f03076e78143914dd291654de2537ff0e03061a93ebdcee3f00b5b92ba7d0c0b9fd43757d992ef7d7da8641b053ccf03f42d78086ef89536fa5857790f4cd8c590bee1dc11edba64697b80965103fdd6219ebcb9cf3176f0751d2923c279763f32f4e6aaec24b419a0df1c657cee9682169654be940f6eb29850cb2dbad2d6b"}, &(0x7f0000000100)=0x92) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r2, 0x84, 0x18, &(0x7f0000000140)={r3, 0x9}, &(0x7f0000000180)=0x8) 03:33:40 executing program 0 (fault-call:8 fault-nth:46): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) [ 554.213646] FAULT_INJECTION: forcing a failure. [ 554.213646] name failslab, interval 1, probability 0, space 0, times 0 [ 554.224952] CPU: 1 PID: 8072 Comm: syz-executor0 Not tainted 4.18.0-rc4-next-20180713+ #7 [ 554.233444] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 554.242798] Call Trace: [ 554.245400] dump_stack+0x1c9/0x2b4 [ 554.249034] ? dump_stack_print_info.cold.2+0x52/0x52 [ 554.254237] should_fail.cold.4+0xa/0x11 [ 554.258315] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 554.263422] ? is_bpf_text_address+0xd7/0x170 [ 554.267960] ? kernel_text_address+0x79/0xf0 [ 554.272355] ? __kernel_text_address+0xd/0x40 [ 554.276863] ? unwind_get_return_address+0x61/0xa0 [ 554.281777] ? __save_stack_trace+0x8d/0xf0 [ 554.286087] ? save_stack+0xa9/0xd0 [ 554.289707] ? lock_acquire+0x1e4/0x540 [ 554.293835] ? fs_reclaim_acquire+0x20/0x20 [ 554.298171] ? lock_downgrade+0x8f0/0x8f0 [ 554.302303] ? check_same_owner+0x340/0x340 [ 554.306607] ? rcu_note_context_switch+0x730/0x730 [ 554.311518] __should_failslab+0x124/0x180 [ 554.315738] should_failslab+0x9/0x14 [ 554.319527] kmem_cache_alloc_trace+0x2cb/0x780 [ 554.324180] ? kasan_kmalloc+0xc4/0xe0 [ 554.328060] __memcg_init_list_lru_node+0x185/0x2d0 [ 554.333073] ? kvfree_rcu+0x20/0x20 [ 554.336687] ? __kmalloc_node+0x47/0x70 [ 554.340658] __list_lru_init+0x4d6/0x840 [ 554.344715] ? list_lru_destroy+0x500/0x500 [ 554.349043] ? prealloc_shrinker+0x213/0x480 [ 554.353432] ? __init_waitqueue_head+0x9e/0x150 [ 554.358090] ? inactive_list_is_low+0x850/0x850 [ 554.362789] ? __lockdep_init_map+0x105/0x590 [ 554.367279] alloc_super+0x976/0xb10 [ 554.370985] ? destroy_unused_super.part.11+0x110/0x110 [ 554.376359] ? lock_downgrade+0x8f0/0x8f0 [ 554.376380] ? kasan_check_read+0x11/0x20 [ 554.384670] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 554.389234] ? kasan_check_write+0x14/0x20 [ 554.393466] ? do_raw_spin_lock+0xc1/0x200 [ 554.397696] sget_userns+0x276/0x860 [ 554.401404] ? v9fs_kill_super+0xa0/0xa0 [ 554.405461] ? vfs_get_super+0x270/0x270 [ 554.409519] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 554.415047] ? ns_capable_common+0x13f/0x170 [ 554.419446] ? v9fs_kill_super+0xa0/0xa0 [ 554.423490] sget+0x10b/0x150 [ 554.426584] v9fs_mount+0xe2/0x900 [ 554.430109] ? v9fs_drop_inode+0x150/0x150 [ 554.434339] legacy_get_tree+0x118/0x440 [ 554.438387] vfs_get_tree+0x1cb/0x5c0 [ 554.442168] do_mount+0x6c1/0x1fb0 [ 554.445702] ? kasan_check_write+0x14/0x20 [ 554.449931] ? copy_mount_string+0x40/0x40 [ 554.454154] ? kasan_kmalloc+0xc4/0xe0 [ 554.458036] ? kmem_cache_alloc_trace+0x318/0x780 [ 554.462874] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 554.468402] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 554.473926] ? copy_mount_options+0x285/0x380 [ 554.478406] ksys_mount+0x12d/0x140 [ 554.482020] __x64_sys_mount+0xbe/0x150 [ 554.485987] do_syscall_64+0x1b9/0x820 [ 554.489856] ? finish_task_switch+0x1d3/0x870 [ 554.494335] ? syscall_return_slowpath+0x5e0/0x5e0 [ 554.499252] ? syscall_return_slowpath+0x31d/0x5e0 [ 554.504176] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 554.509211] ? prepare_exit_to_usermode+0x291/0x3b0 [ 554.514210] ? perf_trace_sys_enter+0xb10/0xb10 [ 554.518862] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 554.523694] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 554.528862] RIP: 0033:0x455ab9 [ 554.532032] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 554.551208] RSP: 002b:00007ff52b1d3c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 554.558917] RAX: ffffffffffffffda RBX: 00007ff52b1d46d4 RCX: 0000000000455ab9 [ 554.566173] RDX: 0000000020000900 RSI: 0000000020000000 RDI: 0000000000000000 [ 554.573424] RBP: 000000000072bea0 R08: 0000000020000140 R09: 0000000000000000 [ 554.580683] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 554.587937] R13: 00000000004c0201 R14: 00000000004cfe50 R15: 000000000000002e 03:33:41 executing program 5: r0 = socket$inet(0x2, 0x200000002, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21}, 0x10) connect$inet(r0, &(0x7f0000000000)={0x2, 0x4e24, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000080)={0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, &(0x7f00000000c0)=0x20) syz_emit_ethernet(0x2a, &(0x7f0000000180)={@random="cb9672fb8a00", @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty=0xac1414bb, @multicast1=0xac14140a}, @udp={0x4e24, 0x4e21, 0x8}}}}}, 0x0) 03:33:41 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x18867, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:41 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0xffffffff00000000, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001}, 0x10) 03:33:41 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0xa020000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:41 executing program 2: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f000044f000)={0xa, 0x4e20}, 0x1c) listen(r0, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0xa}}}}}}}, &(0x7f00000002c0)) 03:33:41 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x400300], 0x1}}, 0x1c) 03:33:41 executing program 0 (fault-call:8 fault-nth:47): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) 03:33:41 executing program 7: syz_mount_image$reiserfs(&(0x7f0000000000)='reiserfs\x00', &(0x7f0000000100)='./file0\x00', 0xfffffffffffbfffc, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="00080000998681ff130200001200000000008000000200000001000084811f4ce10000001e001e00000000000010ec0302008100526549734572334673", 0x3d, 0x10000}], 0x0, &(0x7f0000000040)) syz_open_dev$mice(&(0x7f0000000080)='/dev/input/mice\x00', 0x0, 0x40) 03:33:41 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_procfs(0x0, &(0x7f0000002640)="6e65742f736f636b7374617436004404d9f18c0606d312bf9f2e49559dea0d1e74036a1e96d6d9880540e1502003cf85b22ec322a83b8800cf80605c65a0ba7341c381e5a33f81453e13f3b952e38c973dae5ff14f01e1dc69a587864ae41b34dfbd9681793111459b279efff5c72cf72d6457afc4862c5fa2f208b39f3c701aa51b") r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') sendmsg$IPVS_CMD_DEL_SERVICE(r1, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000140)={&(0x7f0000000080)={0xb4, r2, 0x200, 0x70bd26, 0x25dfdbfc, {0x3}, [@IPVS_CMD_ATTR_DAEMON={0xc, 0x3, [@IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @local={0xac, 0x14, 0x14, 0xaa}}]}, @IPVS_CMD_ATTR_SERVICE={0x34, 0x1, [@IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@mcast1={0xff, 0x1, [], 0x1}}, @IPVS_SVC_ATTR_AF={0x8, 0x1}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x100000001}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0xb, 0x38}}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x6}, @IPVS_CMD_ATTR_DEST={0x40, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x8}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x2}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x2}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0xfffffffffffffffa}]}, 0xb4}, 0x1, 0x0, 0x0, 0x40080}, 0x8000) socket$inet6(0xa, 0x800, 0x4000000000) preadv(r1, &(0x7f00000024c0)=[{&(0x7f0000000340)=""/43, 0x2b}], 0x1, 0x0) 03:33:41 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0xa4ffffff], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) [ 554.679290] TCP: request_sock_TCPv6: Possible SYN flooding on port 20000. Sending cookies. Check SNMP counters. [ 554.696851] REISERFS (device loop7): found reiserfs format "3.5" with non-standard journal [ 554.705650] FAULT_INJECTION: forcing a failure. [ 554.705650] name failslab, interval 1, probability 0, space 0, times 0 [ 554.716952] CPU: 1 PID: 8086 Comm: syz-executor0 Not tainted 4.18.0-rc4-next-20180713+ #7 03:33:41 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x8b], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) [ 554.725275] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 554.734640] Call Trace: [ 554.737238] dump_stack+0x1c9/0x2b4 [ 554.740871] ? dump_stack_print_info.cold.2+0x52/0x52 [ 554.746070] ? __kernel_text_address+0xd/0x40 [ 554.750576] ? unwind_get_return_address+0x61/0xa0 [ 554.755517] should_fail.cold.4+0xa/0x11 [ 554.759585] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 554.764695] ? save_stack+0xa9/0xd0 [ 554.768331] ? save_stack+0x43/0xd0 [ 554.771976] ? kasan_kmalloc+0xc4/0xe0 03:33:41 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x51010000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:41 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x151], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) [ 554.775870] ? kmem_cache_alloc_trace+0x152/0x780 [ 554.780718] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 554.785914] ? __list_lru_init+0x4d6/0x840 [ 554.790158] ? alloc_super+0x976/0xb10 [ 554.794053] ? sget+0x10b/0x150 [ 554.797333] ? v9fs_mount+0xe2/0x900 [ 554.801048] ? legacy_get_tree+0x118/0x440 [ 554.805287] ? vfs_get_tree+0x1cb/0x5c0 [ 554.809265] ? do_mount+0x6c1/0x1fb0 [ 554.812981] ? ksys_mount+0x12d/0x140 [ 554.816785] ? __x64_sys_mount+0xbe/0x150 [ 554.820936] ? do_syscall_64+0x1b9/0x820 03:33:41 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x16f], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) [ 554.825001] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 554.830457] ? save_stack+0xa9/0xd0 [ 554.834093] ? lock_acquire+0x1e4/0x540 [ 554.838074] ? fs_reclaim_acquire+0x20/0x20 [ 554.842401] ? lock_downgrade+0x8f0/0x8f0 [ 554.846553] ? ksys_mount+0x12d/0x140 [ 554.850361] ? check_same_owner+0x340/0x340 [ 554.854685] ? rcu_note_context_switch+0x730/0x730 [ 554.859622] __should_failslab+0x124/0x180 [ 554.863861] should_failslab+0x9/0x14 [ 554.867665] kmem_cache_alloc_trace+0x2cb/0x780 [ 554.872336] ? kasan_kmalloc+0xc4/0xe0 03:33:41 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0xa02000000000000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:41 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x1000000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) [ 554.876232] __memcg_init_list_lru_node+0x185/0x2d0 [ 554.881250] ? kvfree_rcu+0x20/0x20 [ 554.884878] ? __kmalloc_node+0x47/0x70 [ 554.888851] __list_lru_init+0x4d6/0x840 [ 554.892910] ? list_lru_destroy+0x500/0x500 [ 554.897240] ? prealloc_shrinker+0x213/0x480 [ 554.901647] ? __init_waitqueue_head+0x9e/0x150 [ 554.906314] ? inactive_list_is_low+0x850/0x850 [ 554.910982] ? __lockdep_init_map+0x105/0x590 [ 554.915481] alloc_super+0x976/0xb10 [ 554.919190] ? destroy_unused_super.part.11+0x110/0x110 [ 554.924553] ? lock_downgrade+0x8f0/0x8f0 [ 554.928717] ? lock_acquire+0x1e4/0x540 [ 554.932701] ? kasan_check_read+0x11/0x20 [ 554.936858] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 554.941441] ? kasan_check_write+0x14/0x20 [ 554.945676] ? do_raw_spin_lock+0xc1/0x200 [ 554.949916] sget_userns+0x276/0x860 [ 554.953624] ? v9fs_kill_super+0xa0/0xa0 [ 554.957682] ? vfs_get_super+0x270/0x270 [ 554.961760] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 554.967300] ? ns_capable_common+0x13f/0x170 [ 554.971715] ? v9fs_kill_super+0xa0/0xa0 [ 554.975780] sget+0x10b/0x150 [ 554.978889] v9fs_mount+0xe2/0x900 [ 554.982434] ? v9fs_drop_inode+0x150/0x150 [ 554.986669] legacy_get_tree+0x118/0x440 [ 554.987829] REISERFS (device loop7): using ordered data mode [ 554.990778] vfs_get_tree+0x1cb/0x5c0 [ 554.990796] do_mount+0x6c1/0x1fb0 [ 554.990816] ? check_same_owner+0x340/0x340 [ 554.996600] reiserfs: using flush barriers [ 555.000374] ? lock_release+0xa30/0xa30 [ 555.000398] ? copy_mount_string+0x40/0x40 [ 555.020608] ? retint_kernel+0x10/0x10 [ 555.024042] REISERFS warning (device loop7): sh-458 journal_init_dev: cannot init journal device 'unknown-block(0,2048)': -6 [ 555.024520] ? __sanitizer_cov_trace_const_cmp2+0x20/0x20 [ 555.024537] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 555.024550] ? copy_mount_options+0x285/0x380 [ 555.024568] ksys_mount+0x12d/0x140 [ 555.035921] REISERFS warning (device loop7): sh-462 journal_init: unable to initialize journal device [ 555.041459] __x64_sys_mount+0xbe/0x150 [ 555.041481] do_syscall_64+0x1b9/0x820 03:33:41 executing program 5: r0 = openat$vnet(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/vhost-net\x00', 0x2, 0x0) ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000e4e000)=0x200000000) write$vnet(r0, &(0x7f00000003c0)={0x1, {&(0x7f00000002c0)=""/207, 0xcf, &(0x7f0000000100)=""/50, 0x0, 0x2402}}, 0x68) write$vnet(r0, &(0x7f0000a8d000)={0x1, {&(0x7f0000000000)=""/24, 0xffffffc7, &(0x7f0000b4cf9b)=""/101, 0x0, 0x2}}, 0x68) write$vnet(r0, &(0x7f0000000140)={0x1, {&(0x7f00000000c0)=""/28, 0xfffffeae, &(0x7f0000e9afb7)=""/73, 0x0, 0x7}}, 0x68) 03:33:41 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x4000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:41 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x1f00000000000000, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001}, 0x10) 03:33:41 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xffffff8c, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) [ 555.048067] REISERFS warning (device loop7): sh-2022 reiserfs_fill_super: unable to initialize journal space [ 555.051592] ? finish_task_switch+0x1d3/0x870 [ 555.051609] ? syscall_return_slowpath+0x5e0/0x5e0 [ 555.051625] ? syscall_return_slowpath+0x31d/0x5e0 [ 555.051640] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 555.051657] ? prepare_exit_to_usermode+0x291/0x3b0 [ 555.106682] ? perf_trace_sys_enter+0xb10/0xb10 [ 555.111356] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 555.116209] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 555.121400] RIP: 0033:0x455ab9 03:33:41 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x8b00], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) [ 555.124582] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 555.143852] RSP: 002b:00007ff52b1d3c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 555.151572] RAX: ffffffffffffffda RBX: 00007ff52b1d46d4 RCX: 0000000000455ab9 [ 555.158848] RDX: 0000000020000900 RSI: 0000000020000000 RDI: 0000000000000000 [ 555.166122] RBP: 000000000072bea0 R08: 0000000020000140 R09: 0000000000000000 [ 555.173395] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 555.180665] R13: 00000000004c0201 R14: 00000000004cfe50 R15: 000000000000002f 03:33:42 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x88470000], 0x1}}, 0x1c) 03:33:42 executing program 0 (fault-call:8 fault-nth:48): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) [ 555.226652] REISERFS (device loop7): found reiserfs format "3.5" with non-standard journal [ 555.267839] REISERFS (device loop7): using ordered data mode [ 555.273724] reiserfs: using flush barriers [ 555.278593] REISERFS warning (device loop7): sh-458 journal_init_dev: cannot init journal device 'unknown-block(0,2048)': -6 [ 555.290092] REISERFS warning (device loop7): sh-462 journal_init: unable to initialize journal device [ 555.315769] FAULT_INJECTION: forcing a failure. [ 555.315769] name failslab, interval 1, probability 0, space 0, times 0 [ 555.327047] CPU: 1 PID: 8180 Comm: syz-executor0 Not tainted 4.18.0-rc4-next-20180713+ #7 [ 555.328312] REISERFS warning (device loop7): sh-2022 reiserfs_fill_super: unable to initialize journal space [ 555.335358] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 555.335364] Call Trace: [ 555.335385] dump_stack+0x1c9/0x2b4 [ 555.335402] ? dump_stack_print_info.cold.2+0x52/0x52 [ 555.335420] ? __kernel_text_address+0xd/0x40 [ 555.335435] ? unwind_get_return_address+0x61/0xa0 [ 555.335450] should_fail.cold.4+0xa/0x11 [ 555.335469] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 555.384665] ? save_stack+0xa9/0xd0 [ 555.388275] ? save_stack+0x43/0xd0 [ 555.391892] ? kasan_kmalloc+0xc4/0xe0 [ 555.395768] ? kmem_cache_alloc_trace+0x152/0x780 [ 555.400591] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 555.405771] ? __list_lru_init+0x4d6/0x840 [ 555.409985] ? alloc_super+0x976/0xb10 [ 555.413866] ? sget+0x10b/0x150 [ 555.417127] ? v9fs_mount+0xe2/0x900 [ 555.420830] ? legacy_get_tree+0x118/0x440 [ 555.425056] ? vfs_get_tree+0x1cb/0x5c0 [ 555.429010] ? do_mount+0x6c1/0x1fb0 [ 555.432711] ? ksys_mount+0x12d/0x140 [ 555.436488] ? __x64_sys_mount+0xbe/0x150 [ 555.440614] ? do_syscall_64+0x1b9/0x820 [ 555.444663] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 555.450020] ? save_stack+0xa9/0xd0 [ 555.453636] ? lock_acquire+0x1e4/0x540 [ 555.457596] ? fs_reclaim_acquire+0x20/0x20 [ 555.461915] ? lock_downgrade+0x8f0/0x8f0 [ 555.466049] ? ksys_mount+0x12d/0x140 [ 555.469829] ? check_same_owner+0x340/0x340 [ 555.474134] ? rcu_note_context_switch+0x730/0x730 [ 555.479050] __should_failslab+0x124/0x180 [ 555.483277] should_failslab+0x9/0x14 [ 555.487064] kmem_cache_alloc_trace+0x2cb/0x780 [ 555.491713] ? kasan_kmalloc+0xc4/0xe0 [ 555.495583] __memcg_init_list_lru_node+0x185/0x2d0 [ 555.500579] ? kvfree_rcu+0x20/0x20 [ 555.504187] ? __kmalloc_node+0x47/0x70 [ 555.508140] __list_lru_init+0x4d6/0x840 [ 555.512183] ? list_lru_destroy+0x500/0x500 [ 555.516484] ? prealloc_shrinker+0x213/0x480 [ 555.520874] ? __init_waitqueue_head+0x9e/0x150 [ 555.525530] ? inactive_list_is_low+0x850/0x850 [ 555.530185] ? __lockdep_init_map+0x105/0x590 [ 555.534659] alloc_super+0x976/0xb10 [ 555.538362] ? destroy_unused_super.part.11+0x110/0x110 [ 555.543705] ? lock_downgrade+0x8f0/0x8f0 [ 555.547836] ? lock_acquire+0x1e4/0x540 [ 555.551793] ? kasan_check_read+0x11/0x20 [ 555.555928] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 555.560490] ? kasan_check_write+0x14/0x20 [ 555.564701] ? do_raw_spin_lock+0xc1/0x200 [ 555.568917] sget_userns+0x276/0x860 [ 555.572614] ? v9fs_kill_super+0xa0/0xa0 [ 555.576656] ? vfs_get_super+0x270/0x270 [ 555.580705] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 555.586223] ? ns_capable_common+0x13f/0x170 [ 555.590611] ? v9fs_kill_super+0xa0/0xa0 [ 555.594650] sget+0x10b/0x150 [ 555.597750] v9fs_mount+0xe2/0x900 [ 555.601275] ? v9fs_drop_inode+0x150/0x150 [ 555.605499] legacy_get_tree+0x118/0x440 [ 555.609551] vfs_get_tree+0x1cb/0x5c0 [ 555.613332] do_mount+0x6c1/0x1fb0 [ 555.616851] ? kasan_check_write+0x14/0x20 [ 555.621064] ? copy_mount_string+0x40/0x40 [ 555.625278] ? kasan_kmalloc+0xc4/0xe0 [ 555.629149] ? kmem_cache_alloc_trace+0x318/0x780 [ 555.633976] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 555.639505] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 555.645029] ? copy_mount_options+0x285/0x380 [ 555.649512] ksys_mount+0x12d/0x140 [ 555.653122] __x64_sys_mount+0xbe/0x150 [ 555.657078] do_syscall_64+0x1b9/0x820 [ 555.660954] ? finish_task_switch+0x1d3/0x870 [ 555.665431] ? syscall_return_slowpath+0x5e0/0x5e0 [ 555.670343] ? syscall_return_slowpath+0x31d/0x5e0 [ 555.675260] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 555.680256] ? prepare_exit_to_usermode+0x291/0x3b0 [ 555.685253] ? perf_trace_sys_enter+0xb10/0xb10 [ 555.689905] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 555.694742] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 555.699909] RIP: 0033:0x455ab9 03:33:42 executing program 7: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, &(0x7f0000000000)) ioctl$VHOST_GET_VRING_BASE(r0, 0x4008af24, &(0x7f0000000500)) 03:33:42 executing program 2: r0 = eventfd2(0x0, 0x0) r1 = epoll_create1(0x0) syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0xfffffffffffffffb, 0xc0000) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000d4a000)={0x6000000c}) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f0000cd5000)={0x80000014}) 03:33:42 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x20000000, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001}, 0x10) 03:33:42 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xe4ffffff00000000, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:42 executing program 5: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='net/sctp\x00') getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000001bc0)={{{@in6=@remote, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast1}, 0x0, @in=@remote}}, &(0x7f0000001cc0)=0xe8) setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000001d00)={r1, 0x1, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x10) r2 = syz_open_dev$sndpcmp(&(0x7f0000000080)='/dev/snd/pcmC#D#p\x00', 0x81, 0x800) getpeername(0xffffffffffffffff, &(0x7f00000003c0)=@can={0x0, 0x0}, &(0x7f0000000440)=0x80) sendto$packet(r2, &(0x7f00000001c0)="8bc971d93c0d33b4ccf5b3ea8ee27a206f4f08875120faf69bbc5efa4132cbb9084f24cf03ad88721c7be69eef9d9232f4ff9521e2fd17d2dbf259874b47ba3d07440850c8c6ab8d0e33349506bf1f7fa2c4d7a1cf2f336b71aee4ce73692077f24f47080d3260838ac35c28342683888436c74f4893d4281cc361b389b81ef1ae3636e62146c8c9f02209a0df623c685b68f81de9d9d9a387ef59df8c0c5a37418dc6c4be19ea7f6cfb546f842068d41aca343a049619", 0x86, 0x4010, &(0x7f0000000180)={0x11, 0x2, r3, 0x1, 0x20, 0x6, @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0x1e}}, 0x14) syz_emit_ethernet(0x3e, &(0x7f0000000040)={@broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}, @dev={0xac, 0x14, 0x14}}, @icmp=@parameter_prob={0x6, 0x3, 0x0, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @local={0xac, 0x14, 0x14, 0xaa}, @dev={0xac, 0x14, 0x14}}}}}}}, &(0x7f0000000000)={0x1}) 03:33:42 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0xab01000000000000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:42 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x800000000000000], 0x1}}, 0x1c) 03:33:42 executing program 0 (fault-call:8 fault-nth:49): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) [ 555.703075] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 555.722287] RSP: 002b:00007ff52b1d3c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 555.729981] RAX: ffffffffffffffda RBX: 00007ff52b1d46d4 RCX: 0000000000455ab9 [ 555.737245] RDX: 0000000020000900 RSI: 0000000020000000 RDI: 0000000000000000 [ 555.744491] RBP: 000000000072bea0 R08: 0000000020000140 R09: 0000000000000000 [ 555.751740] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 555.758990] R13: 00000000004c0201 R14: 00000000004cfe50 R15: 0000000000000030 [ 555.805071] FAULT_INJECTION: forcing a failure. [ 555.805071] name failslab, interval 1, probability 0, space 0, times 0 [ 555.816377] CPU: 1 PID: 8186 Comm: syz-executor0 Not tainted 4.18.0-rc4-next-20180713+ #7 [ 555.824697] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 555.834052] Call Trace: [ 555.836636] dump_stack+0x1c9/0x2b4 [ 555.840256] ? dump_stack_print_info.cold.2+0x52/0x52 [ 555.845439] ? __kernel_text_address+0xd/0x40 [ 555.849922] ? unwind_get_return_address+0x61/0xa0 [ 555.854842] should_fail.cold.4+0xa/0x11 [ 555.858894] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 555.863987] ? save_stack+0xa9/0xd0 [ 555.867602] ? save_stack+0x43/0xd0 [ 555.871211] ? kasan_kmalloc+0xc4/0xe0 [ 555.875090] ? kmem_cache_alloc_trace+0x152/0x780 [ 555.879948] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 555.885123] ? __list_lru_init+0x4d6/0x840 [ 555.889383] ? alloc_super+0x976/0xb10 [ 555.893257] ? sget+0x10b/0x150 [ 555.896523] ? v9fs_mount+0xe2/0x900 [ 555.900222] ? legacy_get_tree+0x118/0x440 [ 555.904443] ? vfs_get_tree+0x1cb/0x5c0 [ 555.908406] ? do_mount+0x6c1/0x1fb0 [ 555.912104] ? ksys_mount+0x12d/0x140 [ 555.915889] ? __x64_sys_mount+0xbe/0x150 [ 555.920023] ? do_syscall_64+0x1b9/0x820 [ 555.924074] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 555.929431] ? save_stack+0xa9/0xd0 [ 555.933048] ? lock_acquire+0x1e4/0x540 [ 555.937015] ? fs_reclaim_acquire+0x20/0x20 [ 555.941325] ? lock_downgrade+0x8f0/0x8f0 [ 555.945460] ? ksys_mount+0x12d/0x140 [ 555.949254] ? check_same_owner+0x340/0x340 [ 555.953565] ? rcu_note_context_switch+0x730/0x730 [ 555.958483] __should_failslab+0x124/0x180 [ 555.962709] should_failslab+0x9/0x14 [ 555.966495] kmem_cache_alloc_trace+0x2cb/0x780 [ 555.971152] ? kasan_kmalloc+0xc4/0xe0 [ 555.975044] __memcg_init_list_lru_node+0x185/0x2d0 [ 555.980056] ? kvfree_rcu+0x20/0x20 [ 555.983688] ? __kmalloc_node+0x47/0x70 [ 555.987651] __list_lru_init+0x4d6/0x840 [ 555.991703] ? list_lru_destroy+0x500/0x500 [ 555.996017] ? prealloc_shrinker+0x213/0x480 [ 556.000410] ? __init_waitqueue_head+0x9e/0x150 [ 556.005066] ? inactive_list_is_low+0x850/0x850 [ 556.009728] ? __lockdep_init_map+0x105/0x590 [ 556.014214] alloc_super+0x976/0xb10 [ 556.017935] ? destroy_unused_super.part.11+0x110/0x110 [ 556.023286] ? lock_downgrade+0x8f0/0x8f0 [ 556.027419] ? lock_acquire+0x1e4/0x540 [ 556.031386] ? kasan_check_read+0x11/0x20 [ 556.035520] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 556.040094] ? kasan_check_write+0x14/0x20 [ 556.044315] ? do_raw_spin_lock+0xc1/0x200 [ 556.048541] sget_userns+0x276/0x860 [ 556.052241] ? v9fs_kill_super+0xa0/0xa0 [ 556.056290] ? vfs_get_super+0x270/0x270 [ 556.060363] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 556.065896] ? ns_capable_common+0x13f/0x170 [ 556.070303] ? v9fs_kill_super+0xa0/0xa0 [ 556.074350] sget+0x10b/0x150 [ 556.077444] v9fs_mount+0xe2/0x900 [ 556.080972] ? v9fs_drop_inode+0x150/0x150 [ 556.085190] legacy_get_tree+0x118/0x440 [ 556.089240] vfs_get_tree+0x1cb/0x5c0 [ 556.093040] do_mount+0x6c1/0x1fb0 [ 556.096572] ? check_same_owner+0x340/0x340 [ 556.100877] ? lock_release+0xa30/0xa30 [ 556.104840] ? copy_mount_string+0x40/0x40 [ 556.109060] ? kasan_kmalloc+0xc4/0xe0 [ 556.112938] ? kmem_cache_alloc_trace+0x318/0x780 [ 556.117768] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 556.123291] ? _copy_from_user+0xdf/0x150 [ 556.127435] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 556.132965] ? copy_mount_options+0x285/0x380 [ 556.137950] ksys_mount+0x12d/0x140 [ 556.141568] __x64_sys_mount+0xbe/0x150 [ 556.145530] do_syscall_64+0x1b9/0x820 [ 556.149402] ? finish_task_switch+0x1d3/0x870 [ 556.153897] ? syscall_return_slowpath+0x5e0/0x5e0 [ 556.158812] ? syscall_return_slowpath+0x31d/0x5e0 [ 556.163729] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 556.168732] ? prepare_exit_to_usermode+0x291/0x3b0 [ 556.173734] ? perf_trace_sys_enter+0xb10/0xb10 [ 556.178389] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 556.183223] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 556.188395] RIP: 0033:0x455ab9 03:33:43 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x7, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001}, 0x10) [ 556.191569] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 556.210847] RSP: 002b:00007ff52b1d3c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 556.218543] RAX: ffffffffffffffda RBX: 00007ff52b1d46d4 RCX: 0000000000455ab9 [ 556.225796] RDX: 0000000020000900 RSI: 0000000020000000 RDI: 0000000000000000 [ 556.233055] RBP: 000000000072bea0 R08: 0000000020000140 R09: 0000000000000000 [ 556.240307] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 556.247558] R13: 00000000004c0201 R14: 00000000004cfe50 R15: 0000000000000031 03:33:43 executing program 2: keyctl$session_to_parent(0x12) r0 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x80000, 0x0) openat$cgroup_int(r0, &(0x7f0000000040)='cgroup.max.descendants\x00', 0x2, 0x0) 03:33:43 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x6d88010000000000, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:43 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x88caffff], 0x1}}, 0x1c) 03:33:43 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x4000000000000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:43 executing program 7: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={'tunl0\x00'}) r2 = accept(0xffffffffffffffff, &(0x7f0000000240)=@llc={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f00000002c0)=0x80) setsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(r2, 0x84, 0x12, &(0x7f0000000300)=0x51be, 0x4) r3 = syz_open_dev$dspn(&(0x7f0000000200)='/dev/dsp#\x00', 0x2, 0x2200) syz_kvm_setup_cpu$x86(r1, r3, &(0x7f0000006000/0x18000)=nil, &(0x7f00000001c0)=[@textreal={0x8, &(0x7f00000000c0)="0f0f1ba00873850f01d1ba4000b8a989ef660f2ac3ba4000b85700eff3cfbad00466b8b200000066ef3e0f38003abaf80c66b8a206ef8766efbafc0cec", 0x3d}], 0x1, 0x0, &(0x7f0000000240), 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000100)={0x6, 0x8001}) ioctl$KVM_SET_IDENTITY_MAP_ADDR(r4, 0x4008ae48, &(0x7f0000000080)=0x2000) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$SNDRV_TIMER_IOCTL_STATUS(r2, 0x80605414, &(0x7f0000000340)=""/4096) ioctl$KVM_RUN(r4, 0xae80, 0x0) 03:33:43 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x4000000, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001}, 0x10) 03:33:43 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$netlink(0x10, 0x3, 0x0) r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp\x00', 0x10400, 0x0) sendmsg$nl_route(r1, &(0x7f0000000000)={&(0x7f0000002ff4)={0x10}, 0xc, &(0x7f0000000080)={&(0x7f0000000200)=@ipv4_delroute={0x3c, 0x19, 0x200, 0x70bd2b, 0x25dfdbfe, {0x2, 0x0, 0x10, 0x4, 0xff, 0x0, 0xfe, 0x0, 0x900}, [@RTA_DST={0x8, 0x1, @dev={0xac, 0x14, 0x14, 0x10}}, @RTA_FLOW={0x8, 0xb, 0x923}, @RTA_ENCAP_TYPE={0x8, 0x15, 0x4}, @RTA_DST={0x8, 0x1, @remote={0xac, 0x14, 0x14, 0xbb}}]}, 0x3c}, 0x1}, 0x0) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00') sendmsg$IPVS_CMD_SET_SERVICE(r1, &(0x7f0000000400)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000300)={0x84, r3, 0x0, 0x70bd2b, 0x25dfdbfb, {0x2}, [@IPVS_CMD_ATTR_SERVICE={0x44, 0x1, [@IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x17}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x5, 0x10}}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x6d}, @IPVS_SVC_ATTR_AF={0x8, 0x1, 0x2}, @IPVS_SVC_ATTR_AF={0x8, 0x1, 0xa}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0xc}}]}, @IPVS_CMD_ATTR_SERVICE={0x24, 0x1, [@IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'sed\x00'}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x20, 0x20}}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x3}}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6}]}, 0x84}, 0x1, 0x0, 0x0, 0x20004000}, 0x40) write$binfmt_elf32(r0, &(0x7f0000000600)={{0x7f, 0x45, 0x4c, 0x46, 0x1, 0xb647, 0x6a5, 0x3, 0x3, 0x3, 0x3e, 0xffffffff, 0x248, 0x38, 0x2fc, 0xff, 0xe85, 0x20, 0x2, 0xffff, 0x85c, 0x36}, [{0x1, 0x3, 0x40, 0x8000, 0x0, 0x1, 0x7, 0x1ff}], "2785183f23f8f381dcb91c7c8da2e4686f25b97395d2caf9173bae2bb8d0cd6b68d8189d08d1a963284f110bc26287e92bb07d9ea225c6d6ec3b5b22dd029fda33c17b6732593720bf940360b97c1adf82edffb72c0d36dc6ee41572674dae1cd660613cba17534b1d", [[], [], [], [], []]}, 0x5c1) write(r1, &(0x7f0000000440)="83adcd7def75df9bf246967bdb3907b683e8ca9b5b00b05e8fb28c05c0d34ae586b8c5adef9bd4d7dc62914e8b589a966ba11de8968e4b4cf06074c49296c709ec5c165010c07887046844be30b13babf21387a03a9c185efcd91dc5a8bd639e619229e09bd526b953936fc15dd30d953cb61af4870965d973d800e5ab1c5a8fff1bbe8bf5b1a0b6b17165579f3c5e5c7f66cc497c6ced3fd485eb5d", 0x9c) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r2, 0x84, 0x10, &(0x7f00000000c0)=@sack_info={0x0, 0x219e, 0x3f}, &(0x7f0000000100)=0xc) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000180), &(0x7f00000001c0)=0xc) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r2, 0x84, 0x7c, &(0x7f0000000140)={r4, 0x10001, 0x5}, 0x8) 03:33:43 executing program 0 (fault-call:8 fault-nth:50): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) 03:33:43 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x40000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) [ 556.404379] FAULT_INJECTION: forcing a failure. [ 556.404379] name failslab, interval 1, probability 0, space 0, times 0 [ 556.415694] CPU: 1 PID: 8234 Comm: syz-executor0 Not tainted 4.18.0-rc4-next-20180713+ #7 [ 556.424013] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 556.433373] Call Trace: [ 556.435971] dump_stack+0x1c9/0x2b4 [ 556.439628] ? dump_stack_print_info.cold.2+0x52/0x52 [ 556.444838] ? __kernel_text_address+0xd/0x40 [ 556.449338] ? unwind_get_return_address+0x61/0xa0 [ 556.454281] should_fail.cold.4+0xa/0x11 [ 556.458351] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 556.463459] ? save_stack+0xa9/0xd0 [ 556.467079] ? save_stack+0x43/0xd0 [ 556.470724] ? kasan_kmalloc+0xc4/0xe0 [ 556.474604] ? kmem_cache_alloc_trace+0x152/0x780 [ 556.479780] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 556.484955] ? __list_lru_init+0x4d6/0x840 [ 556.489173] ? alloc_super+0x976/0xb10 [ 556.493048] ? sget+0x10b/0x150 [ 556.496315] ? v9fs_mount+0xe2/0x900 [ 556.500018] ? legacy_get_tree+0x118/0x440 [ 556.504242] ? vfs_get_tree+0x1cb/0x5c0 [ 556.508199] ? do_mount+0x6c1/0x1fb0 [ 556.511896] ? ksys_mount+0x12d/0x140 [ 556.515683] ? __x64_sys_mount+0xbe/0x150 [ 556.519816] ? do_syscall_64+0x1b9/0x820 [ 556.523863] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 556.529218] ? save_stack+0xa9/0xd0 [ 556.532835] ? lock_acquire+0x1e4/0x540 [ 556.536796] ? fs_reclaim_acquire+0x20/0x20 [ 556.541103] ? lock_downgrade+0x8f0/0x8f0 [ 556.545236] ? ksys_mount+0x12d/0x140 [ 556.549037] ? check_same_owner+0x340/0x340 [ 556.553349] ? rcu_note_context_switch+0x730/0x730 [ 556.558277] __should_failslab+0x124/0x180 [ 556.562514] should_failslab+0x9/0x14 [ 556.566303] kmem_cache_alloc_trace+0x2cb/0x780 [ 556.570957] ? kasan_kmalloc+0xc4/0xe0 [ 556.574838] __memcg_init_list_lru_node+0x185/0x2d0 [ 556.579847] ? kvfree_rcu+0x20/0x20 [ 556.583468] ? __kmalloc_node+0x47/0x70 [ 556.587431] __list_lru_init+0x4d6/0x840 [ 556.591480] ? list_lru_destroy+0x500/0x500 [ 556.595802] ? prealloc_shrinker+0x213/0x480 [ 556.600196] ? __init_waitqueue_head+0x9e/0x150 [ 556.604853] ? inactive_list_is_low+0x850/0x850 [ 556.609513] ? __lockdep_init_map+0x105/0x590 [ 556.613998] alloc_super+0x976/0xb10 [ 556.617712] ? destroy_unused_super.part.11+0x110/0x110 [ 556.623069] ? lock_downgrade+0x8f0/0x8f0 [ 556.627205] ? lock_acquire+0x1e4/0x540 [ 556.631171] ? kasan_check_read+0x11/0x20 [ 556.635304] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 556.639872] ? kasan_check_write+0x14/0x20 [ 556.644091] ? do_raw_spin_lock+0xc1/0x200 [ 556.648315] sget_userns+0x276/0x860 [ 556.652189] ? v9fs_kill_super+0xa0/0xa0 [ 556.656237] ? vfs_get_super+0x270/0x270 [ 556.660320] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 556.665842] ? ns_capable_common+0x13f/0x170 [ 556.670238] ? v9fs_kill_super+0xa0/0xa0 [ 556.674294] sget+0x10b/0x150 [ 556.677389] v9fs_mount+0xe2/0x900 [ 556.680917] ? v9fs_drop_inode+0x150/0x150 [ 556.685140] legacy_get_tree+0x118/0x440 [ 556.689192] vfs_get_tree+0x1cb/0x5c0 [ 556.692984] do_mount+0x6c1/0x1fb0 [ 556.696511] ? check_same_owner+0x340/0x340 [ 556.700819] ? lock_release+0xa30/0xa30 [ 556.704781] ? copy_mount_string+0x40/0x40 [ 556.709005] ? kasan_kmalloc+0xc4/0xe0 [ 556.712887] ? kmem_cache_alloc_trace+0x318/0x780 [ 556.717719] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 556.723254] ? _copy_from_user+0xdf/0x150 [ 556.727389] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 556.732914] ? copy_mount_options+0x285/0x380 [ 556.737399] ksys_mount+0x12d/0x140 [ 556.741020] __x64_sys_mount+0xbe/0x150 [ 556.744995] do_syscall_64+0x1b9/0x820 [ 556.748876] ? finish_task_switch+0x1d3/0x870 [ 556.753368] ? syscall_return_slowpath+0x5e0/0x5e0 [ 556.758283] ? syscall_return_slowpath+0x31d/0x5e0 [ 556.763199] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 556.768200] ? prepare_exit_to_usermode+0x291/0x3b0 [ 556.773211] ? perf_trace_sys_enter+0xb10/0xb10 [ 556.777876] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 556.782724] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 556.787906] RIP: 0033:0x455ab9 03:33:43 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x10000004e20, @multicast1=0xe0000001}, 0x10) connect$inet(r0, &(0x7f0000ccb000)={0x2, 0x4000004e20, @loopback=0x7f000001}, 0x10) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x3, &(0x7f00000011c0)=ANY=[@ANYBLOB="180000000300000000000000000000009500000000000000"], &(0x7f00002bf000)='syzkaller\x00', 0x1, 0xb7, &(0x7f0000000440)=""/183}, 0x48) write$binfmt_aout(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB='\x00\x00\x00'], 0x3) ioctl$sock_kcm_SIOCKCMATTACH(0xffffffffffffffff, 0x89e0, &(0x7f00000000c0)={r0, r1}) clock_gettime(0x0, &(0x7f0000004cc0)={0x0, 0x0}) recvmmsg(0xffffffffffffffff, &(0x7f0000004b00)=[{{&(0x7f0000003600)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @remote}}}, 0x1cd, &(0x7f0000003780)=[{&(0x7f00000036c0)=""/172, 0xac}], 0x1, &(0x7f00000037c0)=""/4096, 0x1000}}, {{&(0x7f00000047c0)=@ipx, 0x80, &(0x7f0000004a80), 0x2c3, &(0x7f0000004ac0)=""/38, 0x26}}], 0x2, 0x2, &(0x7f0000004d00)={0x0, r2+10000000}) [ 556.791076] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 556.810348] RSP: 002b:00007ff52b1d3c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 556.818044] RAX: ffffffffffffffda RBX: 00007ff52b1d46d4 RCX: 0000000000455ab9 [ 556.825309] RDX: 0000000020000900 RSI: 0000000020000000 RDI: 0000000000000000 [ 556.832561] RBP: 000000000072bea0 R08: 0000000020000140 R09: 0000000000000000 [ 556.839828] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 556.847083] R13: 00000000004c0201 R14: 00000000004cfe50 R15: 0000000000000032 03:33:43 executing program 5: r0 = socket$inet6(0xa, 0x1000000000003, 0x7) splice(r0, &(0x7f00000000c0), r0, &(0x7f0000000180)=0x5, 0x9, 0x1) ioctl(r0, 0x8912, &(0x7f0000000080)="025cc83d6d345f8f762070") r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sloppy_sctp\x00', 0x2, 0x0) write$P9_RXATTRCREATE(r1, &(0x7f0000000040)={0x7, 0x21, 0x2}, 0x7) r2 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1) bind$nfc_llcp(r2, &(0x7f0000000100)={0x27, 0x0, 0x0, 0x0, 0x0, 0x0, "8811e78754a539d39c2bd6a40fa8c8aa024d86cdc834bc921c0525fec2541e21ccf67e1d7b55cabe9e068dd58ce565aa9a9d325ebac7627ffe7a54cdbd77b3", 0x2b}, 0x60) listen(r2, 0x0) close(r2) 03:33:43 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x8848], 0x1}}, 0x1c) 03:33:43 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xff00000000000000, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:43 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0xa4ffffff], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:43 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x1f000000, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001}, 0x10) 03:33:43 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x200000000000000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:43 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x80350000], 0x1}}, 0x1c) 03:33:43 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0xfd, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001}, 0x10) 03:33:43 executing program 0 (fault-call:8 fault-nth:51): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) 03:33:43 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$jfs(&(0x7f0000000000)='jfs\x00', &(0x7f0000000040)='./file0\x00', 0x7, 0x9, &(0x7f0000000680)=[{&(0x7f0000000080)="e3c1605df03ce47627634fda8c8e1f", 0xf, 0x9}, {&(0x7f00000000c0)="3a482eaf056140dd6617ada3a7bab6075f0dabe3cadca7a5c0ffcb2efc1780e87ae44a5ec02a18ba9495733c5e8a4782597129ac62838f8a6f1118ebe6e29fc51837b70817350ec7e3bf82c9a66fcd62149ec55742711fb54d70cf557ce8bee55e9db29e3b621f21bd7da9812ed16326cce17f1dc5da", 0x76, 0x8957}, {&(0x7f00000001c0)="75d897ce54a657b091b4b5ca4c2179b2bccf3d74efa0236b7f21fefaa3b26c12821cde491eeb4b768c9d30c8253c8c8c7cf5953f8f88773ea8c9da0d73dc037edf21a80b084517833f6e0f7c00521d7eb1e1321fc8ad23b484a1a6b9a404d8f64bbe1b24a27a23df24918a6dc8f3708b23dae6cd09381acecf43dfb395cbde043c6a824cb5b9f23790989f046845b28ce6d46d8187fd44adb5fb3dbd6d5497f26b698cd5d5649e1f2521efd15fe797", 0xaf, 0x1}, {&(0x7f00000002c0)="b58e84d52638a0e226ae4c962aa50ddf817297f50eed3b59faf600f7033336d08b88024816ca638b630b71e7725061daf03e9da4c3506a47c27f3ac098a56922232dba7cbd2d0711e05d69e69f2b64a47ea0c999180190eb834aa33bcd722e3af6c33f4620ff01bbad963d44529747614bb6747c3f9a86fe0cf72a4234588a3b3272ecb129b58ec4fe5951343a5934a022b158da7ef09460064cc4dcb22f3e47bf600c0a48d3e9efd852022ace3bc21ee36baea935415c6b16693096881c77a409466d5b917fc9414edeceb7fcce1a0d066c161f5a0de79b40ee6bb4bc96ad3c9068dba66d3a299c0bd5a60c034e942b1951f951e4fbd0e6410e04b6", 0xfc, 0x4}, {&(0x7f00000003c0)="94442fa3be8b048f7844487cb80a9c829447e40af9013f17ea310d52085dba0d01b7cdc4447a1f71304826b338981168ef1af6ba721d416a6b7f92561a3d8195", 0x40, 0xd376}, {&(0x7f0000000400)="0bf665933bddc24feffa8c915863b7da104c8ee733090fdab203e7728b48", 0x1e, 0x1}, {&(0x7f0000000440)="a6fec9e9a6718910aadc09aadab8810004e54b94166fbdf156c7f4d293ed5b5330695aabe36028242632b3571f0ebbcc2e84938e114db5b6c29c738084e49f6ff1c0bf13200a688b0fd267422b63424febcfa830e50fd728ec4c75d13b63f07fd20a8b59a405ceda5bc34d3b5da3854415e0f96880c49fbfcd8c5cc79ef25313a849b6e93b7bba8a87883e2216424eced59af89da0d4bf385ac3d149388378966526ce9c6cb2fb8fb3522b1586f0256b51d827989fc5e0435355b35907c1", 0xbe, 0x6}, {&(0x7f0000000500)="2d892dac5805b6a73a35dcbf1eeb57b328c6b533d6d40b682c7edca1bb218c4250341ae49065c884f31a21c0b3e88890dcb340a5fae17f1e2b0f59cbff1dc7ee5de2688b40670e29a615ec4b06bdc92c75097cfaf71d2c6b85caf71ea5c735b6dcd8eff8b2ee6c5df5b61a16d0ee9761bcc4bd910bc65e18fb9dae84664786237a949858f1900ea2ba7ba8deb611c0c1cecea1a5cf626aaea4761ab6cc2a692f2ef107016a20a4ff0d6ed6dd31fcc01a1da35f1f0f951d81db8055dd1f94d08dc88711639b7fbc9b0e5e53601ef11d9fd914", 0xd2, 0x3}, {&(0x7f0000000600)='A', 0x1}], 0x84060, &(0x7f0000000780)={[{@discard='discard', 0x2c}]}) syz_mount_image$reiserfs(&(0x7f0000000140)='reiserfs\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x0, &(0x7f0000000580), 0x0, &(0x7f0000000640)={[{@grpjquota='grpjquota', 0x2c}]}) [ 557.080315] FAULT_INJECTION: forcing a failure. [ 557.080315] name failslab, interval 1, probability 0, space 0, times 0 [ 557.091727] CPU: 1 PID: 8282 Comm: syz-executor0 Not tainted 4.18.0-rc4-next-20180713+ #7 [ 557.100060] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 557.109422] Call Trace: [ 557.112020] dump_stack+0x1c9/0x2b4 [ 557.115677] ? dump_stack_print_info.cold.2+0x52/0x52 [ 557.120876] ? perf_trace_lock_acquire+0xeb/0x9a0 [ 557.125728] ? kasan_check_write+0x14/0x20 [ 557.129969] should_fail.cold.4+0xa/0x11 [ 557.134033] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 557.139128] ? mutex_trylock+0x2b0/0x2b0 [ 557.143198] ? __x64_sys_mount+0xbe/0x150 [ 557.147345] ? do_syscall_64+0x1b9/0x820 [ 557.151397] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 557.156751] ? __list_lru_init+0x409/0x840 [ 557.160989] ? lock_downgrade+0x8f0/0x8f0 [ 557.165123] ? lock_acquire+0x1e4/0x540 [ 557.169095] ? lock_downgrade+0x8f0/0x8f0 [ 557.173233] ? lock_acquire+0x1e4/0x540 [ 557.177193] ? fs_reclaim_acquire+0x20/0x20 [ 557.181497] ? lock_downgrade+0x8f0/0x8f0 [ 557.185645] ? check_same_owner+0x340/0x340 [ 557.189952] ? rcu_note_context_switch+0x730/0x730 [ 557.194872] __should_failslab+0x124/0x180 [ 557.199092] should_failslab+0x9/0x14 [ 557.202890] __kmalloc+0x2c8/0x760 [ 557.206424] ? kvfree_rcu+0x20/0x20 [ 557.210040] ? __list_lru_init+0x151/0x840 [ 557.214259] __list_lru_init+0x151/0x840 [ 557.218317] ? list_lru_destroy+0x500/0x500 [ 557.222627] ? prealloc_shrinker+0x213/0x480 [ 557.227024] ? __init_waitqueue_head+0x9e/0x150 [ 557.231677] ? inactive_list_is_low+0x850/0x850 [ 557.236341] ? __lockdep_init_map+0x105/0x590 [ 557.240823] alloc_super+0x9a6/0xb10 [ 557.244525] ? destroy_unused_super.part.11+0x110/0x110 [ 557.249870] ? lock_downgrade+0x8f0/0x8f0 [ 557.254005] ? kasan_check_read+0x11/0x20 [ 557.258141] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 557.262716] ? kasan_check_write+0x14/0x20 [ 557.266942] ? do_raw_spin_lock+0xc1/0x200 [ 557.271170] sget_userns+0x276/0x860 [ 557.274868] ? v9fs_kill_super+0xa0/0xa0 [ 557.278914] ? vfs_get_super+0x270/0x270 [ 557.282985] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 557.288510] ? ns_capable_common+0x13f/0x170 [ 557.292901] ? v9fs_kill_super+0xa0/0xa0 [ 557.296945] sget+0x10b/0x150 [ 557.300039] v9fs_mount+0xe2/0x900 [ 557.303574] ? v9fs_drop_inode+0x150/0x150 [ 557.307793] legacy_get_tree+0x118/0x440 [ 557.311841] vfs_get_tree+0x1cb/0x5c0 [ 557.315628] do_mount+0x6c1/0x1fb0 [ 557.319153] ? kasan_check_read+0x11/0x20 [ 557.323288] ? copy_mount_string+0x40/0x40 [ 557.327506] ? retint_kernel+0x10/0x10 [ 557.331380] ? copy_mount_options+0x1e3/0x380 [ 557.335860] ? write_comp_data+0x6c/0x70 [ 557.339905] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 557.345426] ? copy_mount_options+0x285/0x380 [ 557.349904] ksys_mount+0x12d/0x140 [ 557.353523] __x64_sys_mount+0xbe/0x150 [ 557.357482] do_syscall_64+0x1b9/0x820 [ 557.361351] ? finish_task_switch+0x1d3/0x870 [ 557.365832] ? syscall_return_slowpath+0x5e0/0x5e0 [ 557.370744] ? syscall_return_slowpath+0x31d/0x5e0 [ 557.375658] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 557.380658] ? prepare_exit_to_usermode+0x291/0x3b0 [ 557.385656] ? perf_trace_sys_enter+0xb10/0xb10 [ 557.390309] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 557.395157] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 557.400337] RIP: 0033:0x455ab9 [ 557.403509] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 557.422710] RSP: 002b:00007ff52b1d3c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 557.430401] RAX: ffffffffffffffda RBX: 00007ff52b1d46d4 RCX: 0000000000455ab9 [ 557.437662] RDX: 0000000020000900 RSI: 0000000020000000 RDI: 0000000000000000 [ 557.444913] RBP: 000000000072bea0 R08: 0000000020000140 R09: 0000000000000000 [ 557.452178] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 557.459605] R13: 00000000004c0201 R14: 00000000004cfe50 R15: 0000000000000033 [ 557.472812] kvm: pic: single mode not supported [ 557.472825] pic_ioport_write: 1 callbacks suppressed 03:33:44 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000000)={'bond_slave_0\x00', &(0x7f0000000100)=ANY=[@ANYBLOB="2f0000000b00000001000000000000000a000000e01414bb4e234e2406000000000000000000000000000000000000000000000000000000000000000000000000000000274f0000000000000003000300000006000006c8000000dfb30000000000ff00000000001a4e214e20080000d4ffffffffffff49e600080000000700010000000000000800000000000000000300000003000000a7000000030000000000000000000000000000000000000000000000000000000000000000"]}) socket$inet6(0xa, 0x1, 0x0) setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x2000000000000004, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr}, 0xc) r1 = socket$inet6(0xa, 0x1000000000002, 0x200000) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") getsockopt$inet_sctp6_SCTP_RECVNXTINFO(r1, 0x84, 0x21, &(0x7f0000000000), &(0x7f0000000040)=0x4) socket$packet(0x11, 0x3, 0x300) r2 = socket$bt_hidp(0x1f, 0x3, 0x6) write$binfmt_aout(r0, &(0x7f0000000380)={{0xcc, 0x7, 0x7fffffff, 0x55, 0x38f, 0xbe, 0xde, 0x4}, "3d6fd5a08ffb8cb1bf9fc445c7bc1969dfcf8304eae8fad3362efd0bc88e13a43cb27dc727b77c45c7efdc16c3fe0f82f1e1fd96fbf185f0ec9881701b302e04eec9041032c0995c11e21fc348f9f4b15973eb0fa5d6b5303f480f5c0fbaa05084735e6cb8c01d8f8dbbd1407bcd2cfcbbc71afe5168ff880747eaa8b50c4e", [[]]}, 0x19f) getsockopt$bt_BT_DEFER_SETUP(r2, 0x112, 0x7, &(0x7f0000000140)=0x631, &(0x7f00000001c0)=0x4) socket$packet(0x11, 0x3, 0x300) r3 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSARP(r3, 0x8955, &(0x7f0000000080)={{0x2, 0x4e22, @rand_addr=0x3}, {0x0, @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}}, 0x24, {0x2, 0x4e24}, 'veth1\x00'}) sendto$inet(r3, &(0x7f0000000100)="07b8729bf511c2d33292a378042c7376b58552b01d25f4172f", 0x19, 0x4010, &(0x7f0000000240)={0x2, 0x4e20, @multicast2=0xe0000002}, 0x10) bind$inet(r3, &(0x7f00000002c0)={0x2, 0x4e20, @rand_addr}, 0x10) setsockopt$sock_int(r3, 0x1, 0x3c, &(0x7f0000d4effc)=0x1, 0x4) setsockopt$inet6_MRT6_ADD_MFC(r2, 0x29, 0xcc, &(0x7f0000000540)={{0xa, 0x4e21, 0x8, @dev={0xfe, 0x80, [], 0xb}, 0x2}, {0xa, 0x4e22, 0x0, @empty, 0x1}, 0x9, [0x2, 0x5, 0x9, 0x5, 0xffff, 0x4, 0x3f0, 0x2]}, 0x5c) sendto$inet(r3, &(0x7f000099bf26), 0x0, 0x20000000, &(0x7f0000000340)={0x2, 0x4e20}, 0x10) sendto$inet(r3, &(0x7f0000000200)="a5", 0x1, 0xe000000, &(0x7f0000000180)={0x2}, 0x10) 03:33:44 executing program 2: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$bfs(&(0x7f0000000040)='bfs\x00', &(0x7f0000000080)='./file0\x00', 0x4, 0x2, &(0x7f0000000140)=[{&(0x7f00000003c0)="674e76d26be820c3292cb8763e48e21398aa8b9eeac880bc8a01b146263e97ad7400fcaa00187fd4b7779d6fe6deb76a14b0ba20aba4a9bf0abde162201ee775f6601d9ed1705626112177e48cb561f42b4d10c737e0a2dafefd953a18fb7d348afe940b3bbf2fa358ee2f58dcb1425fdc7012c9ad294c54a6fd4d7951b35803d4c274205496c48f1825894dd8dc610d2a39988d3b3a0517e8ac7e0635501baf42f3b027b167333bde648008b8fc0220344fdeadc86c1ec10b4b5ab79e5845b534f605811a0f9ad0b19a84bfd30cfeb8dffdc3f3fc8698097a0f78bc4e6de349e52b4b73f304e0374834d0b144b8ae526a91ab5806c0824ffc4d1bac88732cde51ff7a06a652eb3275b492ddd97cf26c31a925f6585a727332cfb2300732166e6da399a85f08a4260321babbab367e74108decc847f330efdc084a30ac0e761a5e43fe24cf6df0eb5a18aea7b9ee0750975fc6688812674250962d29c03ae3cd07cac6577d85c7bea5136d49363853e1609a5ccac1d2f7507cb636d4c99aa58fea550009145b9f498199017aeb9223aad8f73506fa6612e00cbd4400c695cf045053cec567016991665be0cb462e10717df112b2ba54c220517c0e84a2e06b4bf4605ad566d18b19ba49a1730dcf0f9ffcafa4cffb54e1141a766784ea409f507a8294b3eb35b5311500d76fe75fabe193b7525fb94a0371f4e19630dbe1baf422381433a3fd971f8164d415c0314b1a6a9da958be3d6a988c0ace7acac98939131cea2155d4c4aeebf854ae93c7c83eb2711d894f8273afe05f864e32fe920c1a4d00c26da8b07e54cf65168cc9a67851ee6cb7e10a0bc9f7f640d7cd34e06e9e0d323150a8d5906f080c6b72a24d7b779368b11ffe4151bf56599388cee6c8e25c445de340a7aec71a261db28105ba40a575acadbe1aa90662fb2198d2081a0bf6950776518d230183a1d1b6288afb52601a05a609db678efb95f9c6c4629b7012fd4e72e9f81b0e80d5ea35e54047bc062907feb226311608c3f22765d2e46170d0f965c0e3fa39a3c33f604c4ec98a130fcfeef14d9dde94070dc0020feed544df04c7ec85e2d674e94f2cdd02ef4400e5dc9fc1bfa36adb1c736d05e67f116f1ec368580d1b3211c9a287c9826836d610e7a7eedd3fbd63b5a21c7711ae6afde4118e2fbabbe4b011ca07e151fc9ec6a50682f0f7adcb707bed89b8a7f877cbf5120acc3c817d89d31a53bfa11118c4048a8bc21c075f2138139e8911ba1e103bc8b9c32444727a1105ca0643f655cf258c50133083b7124bd22b299b63fe3ec9451a9da975c2b40ab510a0229f7ad15e1e19dd93ddb92fac620b99f591c619b8988a6dc7817bfb45cc311aa5c335ccdcbe216a3a74d245549f85db742b9dbc0f3e639dfca8cb1883ae854b10abdb9777cb6077a0efb77ea38ad530519e1d58d977d15782b4f8be5f4d3bd1748cdfe8f699588a0dd75ee4f98c2f9829f64f9ed54cae2bdb7aec0c4f29427ca4e22fb53f1a17496d27929995b4e22619fdeacb8afb1c5c20f33f95d39c02c859a466bc5d9e5b91a0ae9c7ae1ecacc2d67334b2f9480419107811a0853b1ed4d211962024b3507464c88b4b049ee4ddf8b42e02e65a5f50710800b3d0ccdb67c7c32c3c9a8b4a2d7205a4f9c844045c125d4355919234019184521c28d79cd2a1ec526af6ab4f2566a16b028cd7eaf10ec1acac03aec6ee6e03e6c69b1e0459146d242ecad797ccbf87d7d58fcd9b17e287207a29bfffc818028ff96307208b95b4d01269bdfc7d47020ac73a1c808d651ca1719eed1ded9ba172594f5ab25f2ca3ff385e8080adbf11b08eb826119e6ce49fdd36698351a51b5834ce2e7170e0e5fc79a6d3ffd45df182affe778f1560065300afa5dafb44a6cb56d9f60031f0a410fa9b78ec6afafe8747a2949e11b62ee845c1248be173772386ca0dcaaeb11a731a8f9909c3bc7b542e13f2410553e381b4e48c0c5d9097da54ed8b6766452f8b3ee98e483d902f6cb556ec44ec1532c1114d28ba04e856b6b5c4cf255558b023e85c13832cae5df5ce0ab18f43cb18b8477d00788ca7e42a3f1cdf978b022786b0368e71e2f6cd241eda39a71613327e60f7849bbb113102e9db5ad3de0d385645067ad32f4bd014dacc8e31bcef93f39a58835ba6f209b7157c4abca32cdfee008fb8cbb0cb54d11fbc5bf3a8f1f2bdb7d1e9ee482e3b0df55ae941b761a2b07b9b57d3bdc67861add4530ae69b7da20cb70971fb7c290a065d84c29fc13b9ecacb0f1d7beafb246fe0af2651cf0efdea716cd06f1ff2bde794de65129e9616dfde19ae98b9d25b1c12faa6f3a401b949663dc4e53ea987a457556fe5e88399c1cffcd6798522306f08d0b1816430fb153a06eb6830d0c43f5158b49d907cee1fafa9ba5bb385d197a27091fcc98d631d30602d93a5c0fd7a0a288562556139dcfbcd74dd55332f2fde00bd903f31296c0a96dfe3eaf681f4ebb5a06fda3f6f18eb41b10ec1b62aca2ddfb6e63c508ee8d83b7c65b49eec3cb16861d2a941fee945a8a9c1475e0c43ec673bca64d98bf1af55a739b3b11b6c3ec0b408151521878f68b5add005109cc2f501243e821cda3b9b20ebc05571c4b5f4df9f9b6b900bc9b487b8fd87f04422de1127bc63ac3db8e8fcb81d5d5573c9930e52f5ce465b6af2198f80cf81750ea67cd2f63d734d48616b54b41207294b846a86d9a17a601c651222d7c159861be76ad0ec3b834867aaf71a1f51790a650901a126752a968e2771e567b81767d3ef6a6acc79c1af443b8a2ed2d70b9ca56c1f43163ca7f2b63a24e90ef9ee116d4b2ed946d6161d69082b04742f881dba466702c0cb6f13fa53d3701256abd7e12fa1b6a19b51bc41a6469965776cef9a53340f976039eafb5b672ac2a96cf7ee41ab2deb61897ceabd3450a6729d292383f23ef1ea8ac28021389d07d8cff5a5e6d7c73b9376180c2a24c7dfd2efebf796d40e5c95c723550eca6bbcd5303d52e6b1ce338e05e88f245a7ac2b49c6d8ede813e07aa633cf58499c70dee7d11cfbd3cff44b2861844583a48ca8dc5db5e4f5ede74a7b90fa51b1f31cd15bfdb7d556a05047cad32698e608f4be1c7b70add872b0b8a064f578425e21644c059b98c5ad1af235f9b025e9690d8249fac4538020901e2589fc9f3d344002df41e974b60c444cf860d2f7a1f6293959e4666dc31165ce098e61a4081b127a59e91ee6bc7cb32bbe0aa19e6bc0340d796fd3095cd323290bb0065fb01fa1e360f0f5f2c4ffe9cfa7d6a4b28ef0debc024771f73a3008e243e85495e9a8a83d5a17c2ae014326f1b5794595f04239389ccbbab4655b107aaac615abd38e57e0a9d1dcbad7d105feb7da05fd1737f09a912e1a6b4b95a1031784b9138e6a2d9cef789d4caa9e618939b12919cbe4d78285abbd283c55115653a1580fa060b4edb2a88d15f739d609081f4aac507df873ed975d05cf40671948777e7f1465e163b25e9951c05438eb8c7bf38543d43406cb889edc8df50a0f67fca8d1cee16605999ad53c10af8467430a1013547875608573fa201d23965bf30a373429cf623ec1bb92dd1ac1e52e028ff90115ba102a0af049af00dee405d516fd18bcc23bc573e69ec9b009aacf440ff3cf029d3d22ad3b47b7f70663a44ec33a56f12fe06dad291c24d4ce9d7a542a88d75630fb90bf35bc291e2d4fddf2e52e82cd0167a3f61aeeb4dfcf74d5867ed08a0579d5deaf9387000bd147099d579fcc6fc362976a0002251e1a4bc99ae6209c5888c1477f71a0dc6089bd0a2551b33ca39c626481e00a2a94b00e58b7e4640a5c2e5dd3dc7211ea56ed03228b4d7027530c3b4b77c2c5b812a2895767d169c416c0813b3a8b4c8175a0cedf2f4bd43d11c4a31bd7d87462ac82402260ec322c864b9a42535f8fdb19f7fa00084d5bc2066149d15e3d5940d07d6b513f29a31d4d1e8d8eba32697b4fcb8a8582f8083b6f472e5c2fa6891f5c1bd11a0f854ce671ca4475b0483a2efa4017d05930af20f342a01c6486a00dc43b536c1521cadc5d2a594a420386df464a9c96f8b5ce90f268ab4589de2c6895d158fde894838a43010ed103c9143b97f2f870859cce8099b76d46df95864c0fe5a0fed0321a1ebd4e8f74dedc073c65270c8fb1ff7c1a4500c62b5f321fb21f978b62836ae7b38edcd4ff304c946f75b52ab91edd804798b40ef7b5a93cf9cb6cebbb0c813a876f53a6dc79922e014dc3a5a0dc20e4f82e445d70b3d7d7f71fd72a08904865a011f95738c79500a0c7bdd8a3c3c8fbe28d3b295cfad0658704e000f22f42e9ac400ee53768bb4328914786b3d8bd98b7833e823fdd439429cf78b71701767d5c1fa34de9e4ce831704561b3916a8670bd7e7cfee1095744ade8eb76ada6953f3a978a325905eb6cd315a9756664c65f4abcf692b05e4e091a12b689f26f1c6e44b0282b635d37d2d4789e73e04d5bd304c7ec682c7a292d44532c23c80896bd11dd6da1a82275d7d526399efc20a991b4e9dac2c9deb00ec0b02a150aa4ac6c24b309185610b5b3ddf5f657e57a1fdb4b4e670cb0a1ef1643efa9ab127ef5795c16e82ae8b3cb938cb127679129c4daa5ac1eb00dc7bc74c2b999d40870cbd4d70ff8bcce264a43880cce15f5a4385093c845dd928c1bfa550d616908837d34800db1ef5cf0ccacc7408128c4f9f7a4cb87b5a5d0a3e6365cb2a9efe854271bf781469cccb29c509da9e57d662e5b39f10b2bf25c259312f9954888c2548d4ed47623a233d90609e42d88ebfa8263b5a64e34a0162e9af973a9cbbc6700959a303294e136d6f50306d2bb0eb873f2d262b696ea26ccee2c9491893e6b351cc3efa90f486daf1d18d145d031b7d2faa5f13bdf34e91222511b8a5dfaf119ce6e645a7d7fe3014ca572697a9aa0668dbb92af6762b538d73f11f384d4e12db2c30b5c3c784842e4a8967376b205df67ff14d2eb562441188b91e7c0156bb2cbb0ae8da36b9dcd3a82c7328195f400316f24e472adafef216b3c00c3f64ca420703e611738e25cd21355a8b8f356e087f6bfc0fd2c49efc0686395fc31f1d7a16d9905f47c3ef384fb12970cb6b2f6a3aaff3d5851d949310e4e0f496e82ec885d58867fb76cac309f8ed61f85c55213b522860bf24f3a317758e53caadf291d27b694a2ab2bca60240dec140948418c0ecd195692b66f1892fb91442c262048b3cc979434360efd5f72f6451aa9f2a5d9426ba7f051c4f4cb00bcbc7dd74c11343d7c6e3839d57ef567c4ffc35eb778192a5aec2dde310b66b728f36d09bcd5d26cbbdbcabfed0bacb7af6665223c01b78bf8c468f2716f28fbc2963fba9b9c79dc827493789919edb2cb86bd3614447f99894f6d494edbfb33f2488c39a06c56222efcc8be65a3ff613358a8706b806cbfa56dc7d9d1731602ff54ca724c59e30da8ebe5df15834c1a8afc8d5bb6b14719b7b60243fa6846b5ac6c14277dcb7bbaf7f92778248db91a1d243f13bb3d1c259d64114488a685acef402808428693c3d37568e31ce7f9b7d90e00a3d6cde8ae6b39724e1200bdd6b6dcfd5e6f5c838f14b5234453c0b53ce00faa5a81593abff88af05ac920f6f4ba7e086f36417950650ddbc958ced8f889a7b7003a02b783721d8467d4cff29f338166c4f452a94cbe3c2204d43412397337ace0fc8f388803a50197ad1a9f3d41eed29a3ffff0609a403118108a406eccf34e11b5418eb5bcb65da69beb347710c577d7", 0x1000, 0x6}, {&(0x7f0000000100)="336f95f34e65ad8c", 0x8, 0x6}], 0x40, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)={0x80000000000a, 0x6, 0xe8c, 0x2}, 0x2c) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r0, &(0x7f0000000300), &(0x7f0000000280), 0x2}, 0x20) 03:33:44 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0xf5ffffff00000000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:44 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x600, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:44 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x900000000000000, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001}, 0x10) 03:33:44 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x65580000], 0x1}}, 0x1c) 03:33:44 executing program 0 (fault-call:8 fault-nth:52): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) [ 557.472829] kvm: pic: level sensitive irq not supported [ 557.524789] REISERFS warning (device loop5): super-6504 reiserfs_getopt: the option "grpjquota" requires an argument [ 557.524789] [ 557.613765] FAULT_INJECTION: forcing a failure. [ 557.613765] name failslab, interval 1, probability 0, space 0, times 0 [ 557.625160] CPU: 0 PID: 8314 Comm: syz-executor0 Not tainted 4.18.0-rc4-next-20180713+ #7 [ 557.633479] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 557.642837] Call Trace: [ 557.644079] BFS-fs: bfs_fill_super(): No BFS filesystem on loop2 (magic=00000000) [ 557.645431] dump_stack+0x1c9/0x2b4 [ 557.645456] ? dump_stack_print_info.cold.2+0x52/0x52 [ 557.645476] ? perf_trace_lock+0xde/0x920 [ 557.645495] should_fail.cold.4+0xa/0x11 [ 557.670170] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 557.675288] ? save_stack+0xa9/0xd0 [ 557.678926] ? save_stack+0x43/0xd0 [ 557.682562] ? kasan_kmalloc+0xc4/0xe0 [ 557.686464] ? kmem_cache_alloc_trace+0x152/0x780 [ 557.691316] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 557.696511] ? __list_lru_init+0x4d6/0x840 [ 557.700755] ? alloc_super+0x976/0xb10 [ 557.704646] ? sget+0x10b/0x150 [ 557.707929] ? v9fs_mount+0xe2/0x900 [ 557.711650] ? vfs_get_tree+0x1cb/0x5c0 [ 557.715629] ? do_mount+0x6c1/0x1fb0 [ 557.719342] ? ksys_mount+0x12d/0x140 [ 557.723146] ? __x64_sys_mount+0xbe/0x150 [ 557.727296] ? do_syscall_64+0x1b9/0x820 [ 557.731362] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 557.736739] ? lock_acquire+0x1e4/0x540 [ 557.740722] ? fs_reclaim_acquire+0x20/0x20 [ 557.745047] ? lock_downgrade+0x8f0/0x8f0 [ 557.749198] ? ksys_mount+0x12d/0x140 [ 557.753009] ? check_same_owner+0x340/0x340 [ 557.757342] ? rcu_note_context_switch+0x730/0x730 03:33:44 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xf801, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:44 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x3f000000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:44 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x608], 0x1}}, 0x1c) 03:33:44 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x200000000000000, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001}, 0x10) 03:33:44 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0xfeffffff00000000, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001}, 0x10) 03:33:44 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0xc803], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) [ 557.762282] __should_failslab+0x124/0x180 [ 557.766616] should_failslab+0x9/0x14 [ 557.770428] kmem_cache_alloc_trace+0x2cb/0x780 [ 557.775102] ? kasan_kmalloc+0xc4/0xe0 [ 557.779002] __memcg_init_list_lru_node+0x185/0x2d0 [ 557.784027] ? kvfree_rcu+0x20/0x20 [ 557.787661] ? __kmalloc_node+0x47/0x70 [ 557.791644] __list_lru_init+0x4d6/0x840 [ 557.795716] ? list_lru_destroy+0x500/0x500 [ 557.800047] ? prealloc_shrinker+0x213/0x480 [ 557.804459] ? __init_waitqueue_head+0x9e/0x150 [ 557.809134] ? inactive_list_is_low+0x850/0x850 03:33:44 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xa, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) [ 557.813822] ? __lockdep_init_map+0x105/0x590 [ 557.818325] alloc_super+0x976/0xb10 [ 557.822050] ? destroy_unused_super.part.11+0x110/0x110 [ 557.827429] ? lock_downgrade+0x8f0/0x8f0 [ 557.831583] ? lock_acquire+0x1e4/0x540 [ 557.835572] ? kasan_check_read+0x11/0x20 [ 557.839733] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 557.844336] ? kasan_check_write+0x14/0x20 [ 557.848585] ? do_raw_spin_lock+0xc1/0x200 [ 557.852832] sget_userns+0x276/0x860 [ 557.856551] ? v9fs_kill_super+0xa0/0xa0 [ 557.860636] ? vfs_get_super+0x270/0x270 03:33:44 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0xab01], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) [ 557.864723] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 557.870265] ? ns_capable_common+0x13f/0x170 [ 557.874682] ? v9fs_kill_super+0xa0/0xa0 [ 557.878747] sget+0x10b/0x150 [ 557.881860] v9fs_mount+0xe2/0x900 [ 557.885406] ? v9fs_drop_inode+0x150/0x150 [ 557.889648] legacy_get_tree+0x118/0x440 [ 557.893717] vfs_get_tree+0x1cb/0x5c0 [ 557.897628] do_mount+0x6c1/0x1fb0 [ 557.901180] ? kasan_check_read+0x11/0x20 [ 557.905333] ? do_raw_spin_unlock+0xa7/0x2f0 [ 557.909753] ? copy_mount_string+0x40/0x40 [ 557.913990] ? retint_kernel+0x10/0x10 [ 557.917889] ? copy_mount_options+0x1e3/0x380 [ 557.922385] ? copy_mount_options+0x1f0/0x380 [ 557.926892] ? __sanitizer_cov_trace_pc+0x20/0x50 [ 557.931742] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 557.937373] ? copy_mount_options+0x285/0x380 [ 557.941873] ksys_mount+0x12d/0x140 [ 557.945504] __x64_sys_mount+0xbe/0x150 [ 557.949485] do_syscall_64+0x1b9/0x820 [ 557.953372] ? finish_task_switch+0x1d3/0x870 [ 557.957871] ? syscall_return_slowpath+0x5e0/0x5e0 [ 557.962815] ? syscall_return_slowpath+0x31d/0x5e0 [ 557.967754] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 557.972777] ? prepare_exit_to_usermode+0x291/0x3b0 [ 557.977800] ? perf_trace_sys_enter+0xb10/0xb10 [ 557.982482] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 557.987362] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 557.992557] RIP: 0033:0x455ab9 [ 557.995745] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 558.015048] RSP: 002b:00007ff52b1d3c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 558.022757] RAX: ffffffffffffffda RBX: 00007ff52b1d46d4 RCX: 0000000000455ab9 [ 558.030040] RDX: 0000000020000900 RSI: 0000000020000000 RDI: 0000000000000000 [ 558.037297] RBP: 000000000072bea0 R08: 0000000020000140 R09: 0000000000000000 [ 558.044554] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 558.051827] R13: 00000000004c0201 R14: 00000000004cfe50 R15: 0000000000000034 03:33:44 executing program 5: r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/qat_adf_ctl\x00', 0x400240, 0x0) ioctl$BLKROGET(r0, 0x125e, &(0x7f0000000140)) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'ip6gre0\x00', 0x0}) r3 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r3, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_emit_ethernet(0x3e, &(0x7f0000000480)={@dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0x13}, @link_local={0x1, 0x80, 0xc2}, [], {@ipv6={0x86dd, {0x0, 0x6, "dcd50f", 0x8, 0x0, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffc0, 0x0, 0x800e], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, {[], @icmpv6=@echo_reply={0x81}}}}}}, &(0x7f00000002c0)) bind$packet(r1, &(0x7f00000000c0)={0x11, 0x0, r2, 0x1, 0x0, 0x6}, 0x14) setsockopt$packet_int(r1, 0x107, 0xa, &(0x7f0000000000)=0x2, 0x4) setsockopt$packet_tx_ring(r1, 0x107, 0x5, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c) 03:33:44 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x9000000, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001}, 0x10) 03:33:44 executing program 2: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x200, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000300)="ba848d65102878e675cc20b86cf6465228f12a8c77aa3fe453dfba98d67c84a600e8242b6ca1ac79b021c1c37b0181af101d5cf5640eba98f1fd128784dc64a0eb21eb04af18e02d9efb822f55e3637345ee3fa6dfd4dbf09fd58b4167b5898c5e1ea4a62b73ce19c3c0c2f7940cbf7dd454ba0edeb3fa2f7c2beac6624dd5ff044f2551f47f4310159e0d3c4886e116b03676c43b79fdf48700cc36d65eae06102385996c5c5085ce93bbb19b3904d4913479c6954752d2a310b328fbdf256470555a0e92a6308c0147148bcbce06b969a76ae353ebc5e5d414", 0xda) r1 = syz_open_dev$evdev(&(0x7f0000000100)='/dev/input/event#\x00', 0x3, 0x10000) r2 = syz_open_dev$mice(&(0x7f0000000040)='/dev/input/mice\x00', 0x0, 0x200) ioctl$EVIOCGKEYCODE_V2(r2, 0x80284504, &(0x7f0000000200)=""/200) write$binfmt_elf64(r1, &(0x7f00000000c0)=ANY=[@ANYRES64=r2, @ANYRESHEX=0x0, @ANYPTR64=&(0x7f0000000080)=ANY=[@ANYRES16=r2], @ANYPTR64=&(0x7f0000000140)=ANY=[@ANYRESOCT=r1, @ANYRES16=r2, @ANYRESOCT=r1, @ANYRES64=0x0, @ANYBLOB="5d15fbcf26be353387e01e61b84b261e494fc7f8dddfb43cc9a8500220c3a351f3921c662fa37da05dcc29b05cd01d37dc0f950c8c95835b97c54018415c088a92f60cdb8bfd2b4acb9a22e97f0b23f4f033249152f876d3", @ANYRES64=r2], @ANYRES32], 0x2e) 03:33:44 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x9, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:44 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x20a], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:44 executing program 0 (fault-call:8 fault-nth:53): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) 03:33:44 executing program 7: r0 = socket$alg(0x26, 0x5, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f00000028c0)="b7", 0x1) ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f00000000c0)={0xfff, 0xe286, 0xab9a, 0x2, 0x9}) syz_emit_ethernet(0x2a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa0008004523001c0000000000009078ac75efc41856141400ac1414aa00009078e0000002"], &(0x7f0000000040)) 03:33:44 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x2], 0x1}}, 0x1c) [ 558.171254] FAULT_INJECTION: forcing a failure. [ 558.171254] name failslab, interval 1, probability 0, space 0, times 0 [ 558.182540] CPU: 0 PID: 8384 Comm: syz-executor0 Not tainted 4.18.0-rc4-next-20180713+ #7 [ 558.190858] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 558.200215] Call Trace: [ 558.202813] dump_stack+0x1c9/0x2b4 [ 558.206450] ? dump_stack_print_info.cold.2+0x52/0x52 [ 558.211650] ? __kernel_text_address+0xd/0x40 [ 558.216151] ? unwind_get_return_address+0x61/0xa0 03:33:44 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x1f00000000000000, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:44 executing program 7: r0 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0x175) r2 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/qat_adf_ctl\x00', 0x101400, 0x0) ioctl$TIOCNXCL(r2, 0x540d) futex(&(0x7f0000000000), 0x9, 0x0, &(0x7f0000000040), &(0x7f0000000080), 0x0) get_thread_area(&(0x7f00000000c0)={0xffffffffffffdd5b, 0x20001000, 0x0, 0x40000, 0x8, 0x4, 0x5, 0x40, 0x0, 0x7fffffff}) setresuid(0x0, r1, 0x0) mknod(&(0x7f0000000040)='./file1\x00', 0x0, 0x0) r3 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0xa000, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f00000001c0)={@in6={{0xa, 0x4e21, 0x5759, @empty, 0xff}}, 0x8000, 0x8d20, 0x7fff, "32fc83ad53a440cb97d8ade858f738532304c82a09db98a95af497bbd40ca87fd6230ca3ce04041625d431e244de3c18325fdd320cde7c7c000ab53b98232820794284b31201e4d547a9ecd8dce6cec1"}, 0xd8) ioctl$sock_inet6_tcp_SIOCOUTQ(r3, 0x5411, &(0x7f0000000140)) 03:33:44 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x6f010000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:44 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0xfd00, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001}, 0x10) [ 558.221096] should_fail.cold.4+0xa/0x11 [ 558.225172] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 558.230286] ? save_stack+0xa9/0xd0 [ 558.233917] ? save_stack+0x43/0xd0 [ 558.237607] ? kasan_kmalloc+0xc4/0xe0 [ 558.241499] ? kmem_cache_alloc_trace+0x152/0x780 [ 558.246346] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 558.251549] ? __list_lru_init+0x4d6/0x840 [ 558.255792] ? alloc_super+0x976/0xb10 [ 558.259686] ? sget+0x10b/0x150 [ 558.262988] ? v9fs_mount+0xe2/0x900 [ 558.263233] QAT: Invalid ioctl 03:33:45 executing program 2: r0 = memfd_create(&(0x7f0000041000)="b8c0a9b7", 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000000080)='/dev/snd/seq\x00', 0x0, 0x8000) r2 = dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f0000041f74)={0x0, 0x0, 0x0, 'queue1\x00'}) write$sndseq(r0, &(0x7f0000000e50)=[{0x9, 0x100000001, 0x0, 0x0, @tick=0x5da36b38, {}, {}, @result}], 0x30) ioctl$SNDRV_SEQ_IOCTL_CLIENT_ID(r0, 0x80045301, &(0x7f0000000040)) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f00000002c0)={0x5a}) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x20000, 0x0) [ 558.266704] ? legacy_get_tree+0x118/0x440 [ 558.266721] ? vfs_get_tree+0x1cb/0x5c0 [ 558.266735] ? do_mount+0x6c1/0x1fb0 [ 558.266748] ? ksys_mount+0x12d/0x140 [ 558.266759] ? __x64_sys_mount+0xbe/0x150 [ 558.266778] ? do_syscall_64+0x1b9/0x820 [ 558.293807] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 558.299182] ? save_stack+0xa9/0xd0 [ 558.302819] ? lock_acquire+0x1e4/0x540 [ 558.306796] ? fs_reclaim_acquire+0x20/0x20 [ 558.311124] ? lock_downgrade+0x8f0/0x8f0 [ 558.315273] ? ksys_mount+0x12d/0x140 03:33:45 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x8b000000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:45 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x18, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001}, 0x10) [ 558.319081] ? check_same_owner+0x340/0x340 [ 558.319970] QAT: Invalid ioctl [ 558.323423] ? rcu_note_context_switch+0x730/0x730 [ 558.323442] __should_failslab+0x124/0x180 [ 558.323459] should_failslab+0x9/0x14 [ 558.323477] kmem_cache_alloc_trace+0x2cb/0x780 [ 558.344226] ? kasan_kmalloc+0xc4/0xe0 [ 558.348122] __memcg_init_list_lru_node+0x185/0x2d0 [ 558.353138] ? kvfree_rcu+0x20/0x20 [ 558.356768] ? __kmalloc_node+0x47/0x70 [ 558.360745] __list_lru_init+0x4d6/0x840 [ 558.364810] ? list_lru_destroy+0x500/0x500 03:33:45 executing program 7: r0 = socket$inet_dccp(0x2, 0x6, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000000c0)={'syz_tun\x00', &(0x7f0000000200)=ANY=[@ANYBLOB="0300000033029b79f765e1a102b0fc2bbcba0f562c4538dc234648aea88b38d29127a424e34dd1add3998d9b4c21769798438625066f460d158dc00a4f26c30c0ef76c4da82a1f0af59e8427d2b6c2d89a436e0beee0a96712a9640be799aeaa334a39f3969118e7a1b23625e119419d6868c5707d6a6a245f905144faf380592875ab80f2d4fc9e1a9b2c83ae00e0e0d6043d8b0739ef272cebdbfca6495f0c29bc844527e25a380564a463e610385d0000000000000000000000000000000000000000"]}) [ 558.369138] ? prealloc_shrinker+0x213/0x480 [ 558.373552] ? __init_waitqueue_head+0x9e/0x150 [ 558.378223] ? inactive_list_is_low+0x850/0x850 [ 558.382899] ? __lockdep_init_map+0x105/0x590 [ 558.387432] alloc_super+0x976/0xb10 [ 558.391158] ? destroy_unused_super.part.11+0x110/0x110 [ 558.396528] ? lock_downgrade+0x8f0/0x8f0 [ 558.400676] ? lock_acquire+0x1e4/0x540 [ 558.404651] ? kasan_check_read+0x11/0x20 [ 558.408799] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 558.413391] ? kasan_check_write+0x14/0x20 [ 558.417628] ? do_raw_spin_lock+0xc1/0x200 [ 558.421868] sget_userns+0x276/0x860 [ 558.425586] ? v9fs_kill_super+0xa0/0xa0 [ 558.429656] ? vfs_get_super+0x270/0x270 [ 558.433731] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 558.439271] ? ns_capable_common+0x13f/0x170 [ 558.443691] ? v9fs_kill_super+0xa0/0xa0 [ 558.447755] sget+0x10b/0x150 [ 558.450875] v9fs_mount+0xe2/0x900 [ 558.454429] ? v9fs_drop_inode+0x150/0x150 [ 558.458668] legacy_get_tree+0x118/0x440 [ 558.462736] vfs_get_tree+0x1cb/0x5c0 [ 558.466543] do_mount+0x6c1/0x1fb0 [ 558.470088] ? kasan_check_write+0x14/0x20 [ 558.474325] ? copy_mount_string+0x40/0x40 [ 558.478565] ? kasan_kmalloc+0xc4/0xe0 [ 558.482458] ? kmem_cache_alloc_trace+0x318/0x780 [ 558.487311] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 558.492853] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 558.498402] ? copy_mount_options+0x285/0x380 [ 558.502903] ksys_mount+0x12d/0x140 [ 558.506534] __x64_sys_mount+0xbe/0x150 [ 558.510513] do_syscall_64+0x1b9/0x820 [ 558.514394] ? finish_task_switch+0x1d3/0x870 [ 558.518889] ? syscall_return_slowpath+0x5e0/0x5e0 [ 558.523819] ? syscall_return_slowpath+0x31d/0x5e0 [ 558.528754] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 558.533764] ? prepare_exit_to_usermode+0x291/0x3b0 [ 558.538770] ? perf_trace_sys_enter+0xb10/0xb10 [ 558.543428] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 558.548253] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 558.553423] RIP: 0033:0x455ab9 [ 558.556599] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 558.575728] RSP: 002b:00007ff52b1d3c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 558.583423] RAX: ffffffffffffffda RBX: 00007ff52b1d46d4 RCX: 0000000000455ab9 [ 558.590673] RDX: 0000000020000900 RSI: 0000000020000000 RDI: 0000000000000000 [ 558.597933] RBP: 000000000072bea0 R08: 0000000020000140 R09: 0000000000000000 [ 558.605183] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 558.612437] R13: 00000000004c0201 R14: 00000000004cfe50 R15: 0000000000000035 03:33:45 executing program 5: r0 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x96c, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x7fff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$nfs4(&(0x7f0000000040)='nfs4\x00', &(0x7f00000000c0)='./file0\x00', 0x7fffffff, 0x2, &(0x7f0000000100)=[{&(0x7f0000000280)="9228d8e1808e8f9cb60797f282911bca2bd60734877be51d5b82cde20c687c5399d4661a46c2b87edc65fc783b4ab674e77a8a7446a90760f6bb15b98239a484ea16bde5d2f03094dc65c0e824f31527746b1b12ec002fa7be5f184b6d9505ddfb33e466990603394fdd80fb663358df4c81d90c446725771f9b17bf809fece35dc95ff337ec69c206478ba7a47a45c78552c3ed3c90964c8362b222e1da7e3ed3000f004180aece4420de043eaa419fdd901c98ef65834a99cd203bc265e0df2a3b43b4", 0xc4, 0x6}, {&(0x7f0000000380)="7d4f4a9dac95ec8d95eb7ee9a7d1731b831466d3d29f81d854d78a53e9abd2744df60ffb29c4e65cf77e698d22225b7009a087fd5aa32f7dbc44a49737792497b48730fdc9e478e454ee6871b4faed8e2e309247715f1e8089603b49cbd7bbf4d99f10959529ab9e8b0e547c9e789cc7bdb0a102ffea4bbc86f3a0c585a81b1748570ab75389154fdf42d8ed12f047c5ed50c4d733ba2256eb3a3efc5afaa6dc2606a84ffe901d63410d0daef24e400ca7ad7070af53d769ae44920e5e441ce6d1ce9b598ee4964b36bce8ed077f92f5deed636838d7d34bb1dbe9da3e1bb2cae8d59d7573d62f630fb1bbbc288d8556e1", 0xf1, 0xfffffffffffffff7}], 0x4, &(0x7f0000000140)='mime_type]+C!GPL\x00') fcntl$getownex(r0, 0x10, &(0x7f0000000500)) r1 = epoll_create1(0x0) r2 = epoll_create1(0x0) r3 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000540)='/dev/autofs\x00', 0x10040, 0x0) setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000580)=r3, 0x4) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f000001aff4)) r4 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000480)='/dev/vga_arbiter\x00', 0x2000, 0x0) ioctl$EVIOCSCLOCKID(r4, 0x400445a0, &(0x7f00000004c0)=0x7) getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(r3, 0x84, 0x6c, &(0x7f00000005c0)={0x0, 0x89, "c9f8dfb76fe2e0a15e91298b73b52419b57c74bf336f25a39865847d88cfc52cceb33c84e2f727e497cd61def5ed996e55ff32a0540740dd79fb533109ad1982e3e453dd03e07890ac43ef5e9edc1881fd7acb15566ba2536e0a13c9a8b7bef5776a055248d32bec9868484c3e3262de9ed62d82b7ef5697c9aca93e172f2a4c8a037e3f5512b3b583"}, &(0x7f0000000680)=0x91) setsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r4, 0x84, 0x6, &(0x7f00000006c0)={r5, @in={{0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0xd}}}}, 0x84) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000080)) 03:33:45 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x300000000000000, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:45 executing program 7: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f00000002c0)={@multicast2=0xe0000002, @loopback=0x7f000001}, 0xc) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000100)="025cc83d6d345f8f762070430929418eb7921037878a385fe64e11b5bee5056a3ee982b87ed3029de9649ff1dbef54ba011269a0491c0f886a2852ee96f527ee7375ba60fcfbec9f8b576b89d3cb8bd2fda82ec83bf55e26484b025810e166ae93f13bb6b796f57a12b5e8308cd9fce66808432a0139cb662cb8150dfa0369f1744071") r2 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r2, &(0x7f0000000080)={0x2, 0x0, @loopback=0x7f000001}, 0x10) sendto$inet(r2, &(0x7f0000000000), 0x0, 0x0, &(0x7f00000000c0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) 03:33:45 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0xff00], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:45 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x1000000, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001}, 0x10) 03:33:45 executing program 2: r0 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) unshare(0x24020400) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000080)) fcntl$getown(r0, 0x9) getpid() ioctl$TIOCGPGRP(0xffffffffffffff9c, 0x540f, &(0x7f0000000140)) r1 = getpid() syz_open_procfs$namespace(r1, &(0x7f0000000200)='ns/user\x00') 03:33:45 executing program 0 (fault-call:8 fault-nth:54): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) 03:33:45 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0xffffdd86], 0x1}}, 0x1c) [ 558.716917] FAULT_INJECTION: forcing a failure. [ 558.716917] name failslab, interval 1, probability 0, space 0, times 0 [ 558.728235] CPU: 0 PID: 8434 Comm: syz-executor0 Not tainted 4.18.0-rc4-next-20180713+ #7 [ 558.736555] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 558.745904] Call Trace: [ 558.748494] dump_stack+0x1c9/0x2b4 [ 558.752118] ? dump_stack_print_info.cold.2+0x52/0x52 [ 558.757346] ? perf_trace_lock+0xde/0x920 [ 558.761493] should_fail.cold.4+0xa/0x11 [ 558.765557] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 558.770659] ? save_stack+0xa9/0xd0 [ 558.774277] ? save_stack+0x43/0xd0 [ 558.777891] ? kasan_kmalloc+0xc4/0xe0 [ 558.781763] ? __kmalloc+0x14e/0x760 [ 558.785462] ? __list_lru_init+0x151/0x840 [ 558.789684] ? alloc_super+0x9a6/0xb10 [ 558.793561] ? sget+0x10b/0x150 [ 558.796825] ? v9fs_mount+0xe2/0x900 [ 558.800560] ? legacy_get_tree+0x118/0x440 [ 558.804784] ? vfs_get_tree+0x1cb/0x5c0 [ 558.808750] ? do_mount+0x6c1/0x1fb0 [ 558.812448] ? ksys_mount+0x12d/0x140 [ 558.816245] ? lock_acquire+0x1e4/0x540 [ 558.820206] ? fs_reclaim_acquire+0x20/0x20 [ 558.824514] ? lock_downgrade+0x8f0/0x8f0 [ 558.828655] ? check_same_owner+0x340/0x340 [ 558.832965] ? rcu_note_context_switch+0x730/0x730 [ 558.837887] __should_failslab+0x124/0x180 [ 558.842111] should_failslab+0x9/0x14 [ 558.845902] kmem_cache_alloc_node_trace+0x26f/0x770 [ 558.850992] ? kasan_kmalloc+0xc4/0xe0 [ 558.854873] __kmalloc_node+0x33/0x70 [ 558.858667] kvmalloc_node+0x65/0xf0 [ 558.862378] __list_lru_init+0x5d9/0x840 [ 558.866428] ? list_lru_destroy+0x500/0x500 [ 558.870740] ? prealloc_shrinker+0x213/0x480 [ 558.875135] ? __init_waitqueue_head+0x9e/0x150 [ 558.879791] ? inactive_list_is_low+0x850/0x850 [ 558.884448] ? __lockdep_init_map+0x105/0x590 [ 558.888940] alloc_super+0x9a6/0xb10 [ 558.892646] ? destroy_unused_super.part.11+0x110/0x110 [ 558.897998] ? lock_downgrade+0x8f0/0x8f0 [ 558.902135] ? lock_acquire+0x1e4/0x540 [ 558.906101] ? kasan_check_read+0x11/0x20 [ 558.910237] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 558.914806] ? kasan_check_write+0x14/0x20 [ 558.919030] ? do_raw_spin_lock+0xc1/0x200 [ 558.923267] sget_userns+0x276/0x860 [ 558.926976] ? v9fs_kill_super+0xa0/0xa0 [ 558.931032] ? vfs_get_super+0x270/0x270 [ 558.935109] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 558.940635] ? ns_capable_common+0x13f/0x170 [ 558.945036] ? v9fs_kill_super+0xa0/0xa0 [ 558.949082] sget+0x10b/0x150 [ 558.952180] v9fs_mount+0xe2/0x900 [ 558.955711] ? v9fs_drop_inode+0x150/0x150 [ 558.959938] legacy_get_tree+0x118/0x440 [ 558.963989] vfs_get_tree+0x1cb/0x5c0 [ 558.967783] do_mount+0x6c1/0x1fb0 [ 558.971311] ? check_same_owner+0x340/0x340 [ 558.975622] ? lock_release+0xa30/0xa30 [ 558.979586] ? copy_mount_string+0x40/0x40 [ 558.983810] ? retint_kernel+0x10/0x10 [ 558.987690] ? copy_mount_options+0x1a1/0x380 [ 558.992172] ? __sanitizer_cov_trace_pc+0x44/0x50 [ 558.997006] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 559.002533] ? copy_mount_options+0x285/0x380 [ 559.007031] ksys_mount+0x12d/0x140 [ 559.010647] __x64_sys_mount+0xbe/0x150 [ 559.014610] do_syscall_64+0x1b9/0x820 [ 559.018493] ? finish_task_switch+0x1d3/0x870 [ 559.022974] ? syscall_return_slowpath+0x5e0/0x5e0 [ 559.027890] ? syscall_return_slowpath+0x31d/0x5e0 [ 559.032808] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 559.037814] ? prepare_exit_to_usermode+0x291/0x3b0 [ 559.042830] ? perf_trace_sys_enter+0xb10/0xb10 [ 559.047499] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 559.052338] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 559.057512] RIP: 0033:0x455ab9 [ 559.060682] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 559.079996] RSP: 002b:00007ff52b1d3c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 559.087697] RAX: ffffffffffffffda RBX: 00007ff52b1d46d4 RCX: 0000000000455ab9 [ 559.094966] RDX: 0000000020000900 RSI: 0000000020000000 RDI: 0000000000000000 [ 559.102224] RBP: 000000000072bea0 R08: 0000000020000140 R09: 0000000000000000 [ 559.109480] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 03:33:45 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x88a8ffff00000000], 0x1}}, 0x1c) 03:33:45 executing program 2: r0 = creat(&(0x7f0000000080)='./file0\x00', 0x0) r1 = request_key(&(0x7f00000000c0)='logon\x00', &(0x7f00000001c0)={0x73, 0x79, 0x7a, 0x2}, &(0x7f0000000200)='-vboxnet0trustedeth0\x00', 0xfffffffffffffffa) keyctl$revoke(0x3, r1) r2 = socket$inet6(0xa, 0x1000000000002, 0xdf) ioctl(r2, 0x8912, &(0x7f0000000100)="025cc83d6d345f8f762070") linkat(r0, &(0x7f0000000240)='./file0\x00', r0, &(0x7f0000000280)='./file0\x00', 0x1400) r3 = perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) semctl$SEM_INFO(0x0, 0x6, 0x13, &(0x7f0000000000)=""/81) fdatasync(r3) 03:33:45 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x7000000, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001}, 0x10) 03:33:45 executing program 7: r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000180)="2f70726f632f76657273696f6e005aa2ac0000b8b5a28a29aecbf843385a51250398ce12d984f52a149eaf9866f3c33828fe73d4f319528bbd89fcefb625adac46df7522ebb23c98ad69bdc82509df6f43791702000000ca02988905b672c3a20d10f890b9f57724340b384eca6136eae4fd4a015e073076b8f1cde45eea0f0f0c3ca64ebdd0cefc0d9e8ea91d0bbba500000000000000000000000000000000", 0x2, 0x0) sendfile(r0, r0, &(0x7f0000000000)=0x8d, 0x8) getsockopt$sock_buf(r0, 0x1, 0x0, &(0x7f0000000240)=""/193, &(0x7f0000000140)=0xc1) getsockopt$IPT_SO_GET_INFO(r0, 0x0, 0x40, &(0x7f0000000040)={'security\x00'}, &(0x7f00000000c0)=0x54) 03:33:45 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xa00000000000000, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) [ 559.116734] R13: 00000000004c0201 R14: 00000000004cfe50 R15: 0000000000000036 03:33:45 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x6f01000000000000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:45 executing program 0 (fault-call:8 fault-nth:55): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) 03:33:46 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x8100000000000000], 0x1}}, 0x1c) [ 559.307465] FAULT_INJECTION: forcing a failure. [ 559.307465] name failslab, interval 1, probability 0, space 0, times 0 [ 559.318782] CPU: 1 PID: 8482 Comm: syz-executor0 Not tainted 4.18.0-rc4-next-20180713+ #7 [ 559.327106] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 559.336463] Call Trace: [ 559.339061] dump_stack+0x1c9/0x2b4 [ 559.342709] ? dump_stack_print_info.cold.2+0x52/0x52 [ 559.347911] ? __kernel_text_address+0xd/0x40 [ 559.352411] ? unwind_get_return_address+0x61/0xa0 [ 559.357383] should_fail.cold.4+0xa/0x11 [ 559.361453] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 559.366562] ? save_stack+0xa9/0xd0 [ 559.370193] ? save_stack+0x43/0xd0 [ 559.373831] ? kasan_kmalloc+0xc4/0xe0 [ 559.377724] ? kmem_cache_alloc_trace+0x152/0x780 [ 559.382578] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 559.387774] ? __list_lru_init+0x4d6/0x840 [ 559.392083] ? alloc_super+0x976/0xb10 [ 559.396042] ? sget+0x10b/0x150 [ 559.399324] ? v9fs_mount+0xe2/0x900 [ 559.403026] ? legacy_get_tree+0x118/0x440 [ 559.407245] ? vfs_get_tree+0x1cb/0x5c0 [ 559.411205] ? do_mount+0x6c1/0x1fb0 [ 559.414902] ? ksys_mount+0x12d/0x140 [ 559.418687] ? __x64_sys_mount+0xbe/0x150 [ 559.422819] ? do_syscall_64+0x1b9/0x820 [ 559.426864] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 559.432243] ? save_stack+0xa9/0xd0 [ 559.435864] ? lock_acquire+0x1e4/0x540 [ 559.439821] ? fs_reclaim_acquire+0x20/0x20 [ 559.444124] ? lock_downgrade+0x8f0/0x8f0 [ 559.448258] ? ksys_mount+0x12d/0x140 [ 559.452042] ? check_same_owner+0x340/0x340 [ 559.456346] ? rcu_note_context_switch+0x730/0x730 [ 559.461260] __should_failslab+0x124/0x180 [ 559.465484] should_failslab+0x9/0x14 [ 559.469267] kmem_cache_alloc_trace+0x2cb/0x780 [ 559.473918] ? kasan_kmalloc+0xc4/0xe0 [ 559.477818] __memcg_init_list_lru_node+0x185/0x2d0 [ 559.482815] ? kvfree_rcu+0x20/0x20 [ 559.486423] ? __kmalloc_node+0x47/0x70 [ 559.490392] __list_lru_init+0x4d6/0x840 [ 559.494438] ? list_lru_destroy+0x500/0x500 [ 559.498745] ? prealloc_shrinker+0x213/0x480 [ 559.503136] ? __init_waitqueue_head+0x9e/0x150 [ 559.507788] ? inactive_list_is_low+0x850/0x850 [ 559.512440] ? __lockdep_init_map+0x105/0x590 [ 559.516922] alloc_super+0x976/0xb10 [ 559.520633] ? destroy_unused_super.part.11+0x110/0x110 [ 559.525979] ? lock_downgrade+0x8f0/0x8f0 [ 559.530108] ? lock_acquire+0x1e4/0x540 [ 559.534066] ? kasan_check_read+0x11/0x20 [ 559.538201] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 559.542766] ? kasan_check_write+0x14/0x20 [ 559.546985] ? do_raw_spin_lock+0xc1/0x200 [ 559.551208] sget_userns+0x276/0x860 [ 559.554906] ? v9fs_kill_super+0xa0/0xa0 [ 559.558950] ? vfs_get_super+0x270/0x270 [ 559.563014] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 559.568536] ? ns_capable_common+0x13f/0x170 [ 559.572929] ? v9fs_kill_super+0xa0/0xa0 [ 559.576971] sget+0x10b/0x150 [ 559.580061] v9fs_mount+0xe2/0x900 [ 559.583596] ? v9fs_drop_inode+0x150/0x150 [ 559.587813] legacy_get_tree+0x118/0x440 [ 559.591859] vfs_get_tree+0x1cb/0x5c0 [ 559.595644] do_mount+0x6c1/0x1fb0 [ 559.599168] ? kasan_check_write+0x14/0x20 [ 559.603387] ? copy_mount_string+0x40/0x40 [ 559.607606] ? retint_kernel+0x10/0x10 [ 559.611479] ? copy_mount_options+0x1f0/0x380 [ 559.615966] ? copy_mount_options+0x1f6/0x380 [ 559.620444] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 559.625972] ? copy_mount_options+0x285/0x380 [ 559.630450] ksys_mount+0x12d/0x140 [ 559.634061] __x64_sys_mount+0xbe/0x150 [ 559.638023] do_syscall_64+0x1b9/0x820 [ 559.641903] ? syscall_slow_exit_work+0x500/0x500 [ 559.646729] ? syscall_return_slowpath+0x5e0/0x5e0 [ 559.651641] ? syscall_return_slowpath+0x31d/0x5e0 [ 559.656554] ? prepare_exit_to_usermode+0x291/0x3b0 [ 559.661555] ? perf_trace_sys_enter+0xb10/0xb10 [ 559.666211] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 559.671047] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 559.676217] RIP: 0033:0x455ab9 [ 559.679392] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 559.698567] RSP: 002b:00007ff52b1d3c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 03:33:46 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_read_part_table(0x4, 0x1, &(0x7f0000000200)=[{&(0x7f0000010000)="0200eeffffff01000000ff07000000000000000000000000000000000000fffffff5", 0x22, 0x1c0}]) r1 = syz_open_dev$adsp(&(0x7f0000000040)='/dev/adsp#\x00', 0x3, 0x8000) recvmsg(r1, &(0x7f0000001340)={&(0x7f0000000180)=@in={0x0, 0x0, @remote}, 0x80, &(0x7f0000000240)=[{&(0x7f00000002c0)=""/107, 0x6b}], 0x1, &(0x7f0000002380)=""/4096, 0x1000, 0x7}, 0x42) ioctl$LOOP_GET_STATUS64(r1, 0x4c05, &(0x7f0000000080)) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000340)=0x49f437639ac8efb0, 0xffffffdf) 03:33:46 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x1f00, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001}, 0x10) 03:33:46 executing program 7: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000001c0)={'bond0\x00', &(0x7f00000000c0)=@ethtool_rxnfc={0x2d, 0x11, 0xdbd, {0x6, @hdata="43a37b5a956700cceb69fbcd70abab3b18664c19ff3949564c33aba6b6e89fa8dfcfa67058f5301292bbdf82a34d9d38948dabd1", {"bce8", @random="9190ed4701a1", 0x100, 0x23c, [0x80000000, 0x4]}, @tcp_ip6_spec={@mcast2={0xff, 0x2, [], 0x1}, @loopback={0x0, 0x1}, 0x4e24, 0x4e24, 0x3}, {"69e1", @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, 0x3, 0xfffffffffffffff9, [0x24000000, 0x1d3]}, 0xa9, 0x5}, 0x1, [0x10000]}}) mount(&(0x7f0000000240)='./file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='pipefs\x00', 0x0, 0x0) r1 = socket(0x5, 0x4, 0x77) mmap$xdp(&(0x7f0000ff8000/0x7000)=nil, 0x7000, 0x0, 0x30, r1, 0x180000000) 03:33:46 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xe4ffffff, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:46 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0xd6030000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:46 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x89060000], 0x1}}, 0x1c) [ 559.706264] RAX: ffffffffffffffda RBX: 00007ff52b1d46d4 RCX: 0000000000455ab9 [ 559.713514] RDX: 0000000020000900 RSI: 0000000020000000 RDI: 0000000000000000 [ 559.720769] RBP: 000000000072bea0 R08: 0000000020000140 R09: 0000000000000000 [ 559.728021] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 559.735282] R13: 00000000004c0201 R14: 00000000004cfe50 R15: 0000000000000037 03:33:46 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x6f01], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:46 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x400000000000000, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:46 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x1800000000000000, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001}, 0x10) [ 559.824496] Dev loop5: unable to read RDB block 1 [ 559.829436] loop5: AHDI p1 p3 [ 559.832658] loop5: partition table partially beyond EOD, truncated 03:33:46 executing program 2: r0 = socket(0x10, 0x20000000802, 0x0) write(r0, &(0x7f0000000180)="240000001a0025f00018000400edfc0e80080000000400000001bd337b6622c930b3bf0bd1254203f8eaf1278292deff0700", 0xe) getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f00000001c0)=@assoc_value={0x0}, &(0x7f0000000200)=0x8) setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r0, 0x84, 0x78, &(0x7f0000000240)=r1, 0x4) r2 = getpgid(0x0) connect$pptp(r0, &(0x7f0000000140)={0x18, 0x2, {0x0, @remote={0xac, 0x14, 0x14, 0xbb}}}, 0x1e) getsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f00000000c0)=""/104, &(0x7f0000000040)=0x68) r3 = syz_open_dev$audion(&(0x7f0000000280)='/dev/audio#\x00', 0x6, 0x10001) memfd_create(&(0x7f00000002c0)='vmnet0\x00', 0x3) r4 = dup3(r0, r0, 0x80000) ioctl$sock_inet_SIOCGARP(r3, 0x8954, &(0x7f0000000300)={{0x2, 0x4e23, @multicast2=0xe0000002}, {0x6, @random="9e1d0e7c7281"}, 0x20, {0x2, 0x4e23, @local={0xac, 0x14, 0x14, 0xaa}}, 'dummy0\x00'}) ioctl$TIOCMSET(r4, 0x5418, &(0x7f0000000080)=0x5) fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x0, r2}) 03:33:46 executing program 7: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet6(0xa, 0x2, 0x3a) r0 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0x0, 0x80080) ioctl$TIOCSCTTY(r0, 0x540e, 0x4) r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000100)='/dev/full\x00', 0x900, 0x0) openat$mixer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/mixer\x00', 0x20081, 0x0) ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r1, 0xc0505405, &(0x7f0000000080)={{0x0, 0x2, 0x5, 0x0, 0xbc}, 0x8000000}) 03:33:46 executing program 0 (fault-call:8 fault-nth:56): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) 03:33:46 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x8906], 0x1}}, 0x1c) 03:33:46 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x700000000000000, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001}, 0x10) [ 559.882351] Dev loop5: unable to read RDB block 1 [ 559.887308] loop5: AHDI p1 p3 [ 559.890529] loop5: partition table partially beyond EOD, truncated 03:33:46 executing program 5: mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) times(&(0x7f0000000000)) r0 = getpgid(0x0) rt_sigqueueinfo(r0, 0x24, &(0x7f0000000040)={0x24, 0x7fff, 0xe4, 0x93}) 03:33:46 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0xff00000000000000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) [ 559.972585] FAULT_INJECTION: forcing a failure. [ 559.972585] name failslab, interval 1, probability 0, space 0, times 0 [ 559.983883] CPU: 1 PID: 8538 Comm: syz-executor0 Not tainted 4.18.0-rc4-next-20180713+ #7 [ 559.992201] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 560.001557] Call Trace: [ 560.004157] dump_stack+0x1c9/0x2b4 [ 560.007799] ? dump_stack_print_info.cold.2+0x52/0x52 [ 560.012999] ? __kernel_text_address+0xd/0x40 [ 560.017502] ? unwind_get_return_address+0x61/0xa0 [ 560.022442] should_fail.cold.4+0xa/0x11 [ 560.026517] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 560.031632] ? save_stack+0xa9/0xd0 [ 560.035270] ? save_stack+0x43/0xd0 [ 560.038906] ? kasan_kmalloc+0xc4/0xe0 [ 560.042802] ? kmem_cache_alloc_trace+0x152/0x780 [ 560.047651] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 560.052848] ? __list_lru_init+0x4d6/0x840 [ 560.057089] ? alloc_super+0x9a6/0xb10 [ 560.060983] ? sget+0x10b/0x150 [ 560.064266] ? v9fs_mount+0xe2/0x900 [ 560.067980] ? legacy_get_tree+0x118/0x440 [ 560.072220] ? vfs_get_tree+0x1cb/0x5c0 [ 560.076200] ? do_mount+0x6c1/0x1fb0 [ 560.079922] ? ksys_mount+0x12d/0x140 [ 560.083733] ? __x64_sys_mount+0xbe/0x150 [ 560.087886] ? do_syscall_64+0x1b9/0x820 [ 560.091952] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 560.097355] ? save_stack+0xa9/0xd0 [ 560.101003] ? lock_acquire+0x1e4/0x540 [ 560.104982] ? fs_reclaim_acquire+0x20/0x20 [ 560.109321] ? lock_downgrade+0x8f0/0x8f0 [ 560.113470] ? ksys_mount+0x12d/0x140 [ 560.117278] ? check_same_owner+0x340/0x340 03:33:46 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x4000000000000, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:46 executing program 5: r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x400800, 0x0) setsockopt$bt_hci_HCI_FILTER(r0, 0x0, 0x2, &(0x7f0000000040)={0x5, 0x3b, 0x9, 0x2}, 0x10) setsockopt$inet6_tcp_buf(r0, 0x6, 0x1f, &(0x7f0000000080)="3eb549f6198bc9f66d4c7e2a9cebdee429490afdaa8dfd1e1d8716e6d245c0a02464c532f2ea731eef201a9598bdb2940667c4ca90f4f82181711dd1a0ed8d9f74e811cc6473bcb31197ed4a05809a31776a9d72af2119bd6f305629c8757b08e2c76844563831bdb0e6767cee07023f69d19049dcae0a89427be1f93a6772808901a9604285827c72c5dc8ea2dfc0b3eb8f9c99d441e3490298f54fd4f19c8278c07209f5aaeb9d1a4c24e00c7a78bbe7a62d25fc045feef7368247eb143f881a8e", 0xc2) r1 = syz_init_net_socket$nfc_llcp(0x27, 0x0, 0x1) listen(r1, 0x0) 03:33:46 executing program 2: r0 = socket$inet6(0xa, 0x80003, 0xef) r1 = fcntl$dupfd(r0, 0x406, r0) ioctl$sock_inet_SIOCRTMSG(r1, 0x890d, &(0x7f0000000040)={0x8, {0x2, 0x4e1c, @local={0xac, 0x14, 0x14, 0xaa}}, {0x2, 0x4e1f, @local={0xac, 0x14, 0x14, 0xaa}}, {0x2, 0x4e23, @rand_addr=0x7d6}, 0x28a, 0x3, 0x0, 0x81, 0x3f, 0x0, 0x80, 0x200000000000001, 0x2}) read(r0, &(0x7f0000004f45)=""/187, 0xbb) setsockopt$inet6_int(r0, 0x29, 0xb, &(0x7f0000013ffc)=0x6, 0x305) sync_file_range(r0, 0x1, 0xe0, 0x1) setsockopt$inet6_int(r0, 0x29, 0x46, &(0x7f0000000000), 0x4) sendto$inet6(r0, &(0x7f0000001ffe), 0x0, 0x0, &(0x7f0000003000)={0xa, 0x0, 0x0, @mcast2={0xff, 0x2, [], 0x1}}, 0x1c) 03:33:46 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0xa020000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:46 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x602000000000000, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:46 executing program 5: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c) r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000080)='/dev/null\x00', 0x200080, 0x0) getsockopt$EBT_SO_GET_INFO(r1, 0x0, 0x80, &(0x7f00000000c0)={'filter\x00'}, &(0x7f0000000140)=0x78) sendto$inet6(r0, &(0x7f0000000080), 0xff19, 0x20000004, &(0x7f000031e000)={0xa, 0x4e22}, 0x1c) r2 = socket$inet(0x10, 0x3, 0x4) getsockopt$inet6_mtu(r0, 0x29, 0x17, &(0x7f0000000000), &(0x7f0000000040)=0x4) sendmsg(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f000000d000)=[{&(0x7f00000001c0)="4c0000001200ff09fffefdb724a6006100000900000000000000150006001d001fc41180b598be593ab6821148a720bb1aa49868c62b2ca654a6613b6aabf35d0f1cbc882b079881e566f245", 0x4c}], 0x1}, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) 03:33:46 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0xc8030000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:46 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xf801000000000000, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) [ 560.121605] ? rcu_note_context_switch+0x730/0x730 [ 560.126539] __should_failslab+0x124/0x180 [ 560.130780] should_failslab+0x9/0x14 [ 560.134585] kmem_cache_alloc_trace+0x2cb/0x780 [ 560.139260] ? kasan_kmalloc+0xc4/0xe0 [ 560.143159] __memcg_init_list_lru_node+0x185/0x2d0 [ 560.148178] ? kvfree_rcu+0x20/0x20 [ 560.151804] ? __kmalloc_node+0x47/0x70 [ 560.155778] __list_lru_init+0x4d6/0x840 [ 560.159836] ? list_lru_destroy+0x500/0x500 [ 560.164158] ? prealloc_shrinker+0x213/0x480 [ 560.168568] ? __init_waitqueue_head+0x9e/0x150 03:33:46 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x2000000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) [ 560.173245] ? inactive_list_is_low+0x850/0x850 [ 560.177926] ? __lockdep_init_map+0x105/0x590 [ 560.182428] alloc_super+0x9a6/0xb10 [ 560.186150] ? destroy_unused_super.part.11+0x110/0x110 [ 560.191519] ? lock_downgrade+0x8f0/0x8f0 [ 560.195667] ? lock_acquire+0x1e4/0x540 [ 560.199648] ? kasan_check_read+0x11/0x20 [ 560.203802] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 560.208388] ? kasan_check_write+0x14/0x20 [ 560.212620] ? do_raw_spin_lock+0xc1/0x200 [ 560.216859] sget_userns+0x276/0x860 03:33:46 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x6020000, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) [ 560.220578] ? v9fs_kill_super+0xa0/0xa0 [ 560.224646] ? vfs_get_super+0x270/0x270 [ 560.228731] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 560.234274] ? ns_capable_common+0x13f/0x170 [ 560.238686] ? v9fs_kill_super+0xa0/0xa0 [ 560.242751] sget+0x10b/0x150 [ 560.245862] v9fs_mount+0xe2/0x900 [ 560.249404] ? v9fs_drop_inode+0x150/0x150 [ 560.253641] legacy_get_tree+0x118/0x440 [ 560.257707] vfs_get_tree+0x1cb/0x5c0 [ 560.261514] do_mount+0x6c1/0x1fb0 [ 560.265056] ? check_same_owner+0x340/0x340 [ 560.269376] ? lock_release+0xa30/0xa30 [ 560.273379] ? copy_mount_string+0x40/0x40 [ 560.277617] ? kasan_kmalloc+0xc4/0xe0 [ 560.281515] ? kmem_cache_alloc_trace+0x318/0x780 [ 560.286362] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 560.291898] ? _copy_from_user+0xdf/0x150 [ 560.296034] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 560.301553] ? copy_mount_options+0x285/0x380 [ 560.306034] ksys_mount+0x12d/0x140 [ 560.309650] __x64_sys_mount+0xbe/0x150 [ 560.313610] do_syscall_64+0x1b9/0x820 [ 560.317479] ? finish_task_switch+0x1d3/0x870 [ 560.321960] ? syscall_return_slowpath+0x5e0/0x5e0 [ 560.326874] ? syscall_return_slowpath+0x31d/0x5e0 [ 560.331787] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 560.336794] ? prepare_exit_to_usermode+0x291/0x3b0 [ 560.341795] ? perf_trace_sys_enter+0xb10/0xb10 [ 560.346449] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 560.351280] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 560.356451] RIP: 0033:0x455ab9 [ 560.359616] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 560.378787] RSP: 002b:00007ff52b1d3c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 560.386476] RAX: ffffffffffffffda RBX: 00007ff52b1d46d4 RCX: 0000000000455ab9 [ 560.393734] RDX: 0000000020000900 RSI: 0000000020000000 RDI: 0000000000000000 [ 560.400987] RBP: 000000000072bea0 R08: 0000000020000140 R09: 0000000000000000 [ 560.408341] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 560.415601] R13: 00000000004c0201 R14: 00000000004cfe50 R15: 0000000000000038 03:33:47 executing program 7: r0 = socket$inet6(0xa, 0x1, 0x101) r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x800, 0x0) r2 = geteuid() fstat(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) write$FUSE_ATTR(r1, &(0x7f00000001c0)={0x78, 0x0, 0x6, {0x1, 0x4, 0x0, {0x3, 0x1, 0xa91, 0x1, 0x802, 0x5, 0x7ff, 0xc61, 0x20, 0x9, 0x100000001, r2, r3, 0x80, 0x5}}}, 0x78) r4 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r4, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) sendto$inet(r4, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback=0x7f000001}, 0x10) setsockopt$sock_int(r4, 0x1, 0x29, &(0x7f0000000440)=0x9, 0x4) setsockopt$SO_TIMESTAMPING(r4, 0x1, 0x25, &(0x7f0000000180)=0x200, 0x4) write$binfmt_elf64(r4, &(0x7f0000002300)=ANY=[@ANYBLOB="d0"], 0x1) recvmsg(r4, &(0x7f0000000340)={&(0x7f0000000000)=@rc, 0x80, &(0x7f0000000280), 0x0, &(0x7f00000002c0)=""/105, 0x69}, 0x40002021) ioctl$KDSKBSENT(r1, 0x4b49, &(0x7f0000000140)="a629a7f5e3d40c797624e241e203110c7c466e34") 03:33:47 executing program 0 (fault-call:8 fault-nth:57): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) 03:33:47 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r3, 0x0, 0x2000000000000004, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr}, 0xc) setsockopt$inet_tcp_int(r3, 0x6, 0xa, &(0x7f0000000000)=0x20000000, 0x4) close(r3) r4 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vsock\x00', 0x0, 0x0) ioctl$sock_bt_hidp_HIDPGETCONNINFO(r4, 0x800448d3, &(0x7f0000000080)={{0x7f, 0x2a8a3821, 0x7fdf617c, 0x1ff, 0x4, 0x20}, 0x8, 0x7ff, 0x98a, 0x10000, 0x80000001, "2e517a07799ca132315524a653e17ff0c0a775aace30a644f34043601a78e2265b4b04582798340adc852d7a4667c85aa87939dee0c5e777004821efffe9f6151f576f9c4f7e0d81be920becd6f7e128b8aafad9c23b51e166556060bb8895e5b0689d47319839898822da5fdb4b0f31602fdaa1fccd6ea07a5ec6edbb4654ee"}) dup3(r1, r2, 0x0) 03:33:47 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x3c8], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:47 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x1f00, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:47 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x8864], 0x1}}, 0x1c) 03:33:47 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x1100000000000000, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001}, 0x10) 03:33:47 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0xffffffa4], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) [ 560.532262] FAULT_INJECTION: forcing a failure. [ 560.532262] name failslab, interval 1, probability 0, space 0, times 0 [ 560.543618] CPU: 0 PID: 8606 Comm: syz-executor0 Not tainted 4.18.0-rc4-next-20180713+ #7 [ 560.551936] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 560.561291] Call Trace: [ 560.563886] dump_stack+0x1c9/0x2b4 [ 560.567520] ? dump_stack_print_info.cold.2+0x52/0x52 [ 560.572725] should_fail.cold.4+0xa/0x11 [ 560.576797] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 560.581919] ? save_stack+0xa9/0xd0 [ 560.585555] ? save_stack+0x43/0xd0 [ 560.589455] ? kasan_kmalloc+0xc4/0xe0 [ 560.593346] ? __kmalloc+0x14e/0x760 [ 560.597068] ? __list_lru_init+0x151/0x840 [ 560.601308] ? alloc_super+0x9a6/0xb10 [ 560.605211] ? sget_userns+0x276/0x860 [ 560.609103] ? sget+0x10b/0x150 [ 560.612392] ? v9fs_mount+0xe2/0x900 [ 560.616113] ? legacy_get_tree+0x118/0x440 [ 560.620364] ? vfs_get_tree+0x1cb/0x5c0 [ 560.624342] ? do_mount+0x6c1/0x1fb0 [ 560.628064] ? ksys_mount+0x12d/0x140 [ 560.631872] ? __x64_sys_mount+0xbe/0x150 [ 560.636035] ? do_syscall_64+0x1b9/0x820 [ 560.640106] ? lock_acquire+0x1e4/0x540 [ 560.644087] ? fs_reclaim_acquire+0x20/0x20 [ 560.648422] ? lock_downgrade+0x8f0/0x8f0 [ 560.652578] ? check_same_owner+0x340/0x340 [ 560.656907] ? rcu_note_context_switch+0x730/0x730 [ 560.661836] __should_failslab+0x124/0x180 [ 560.666061] should_failslab+0x9/0x14 [ 560.669848] kmem_cache_alloc_node_trace+0x26f/0x770 [ 560.674932] ? kasan_kmalloc+0xc4/0xe0 [ 560.678812] __kmalloc_node+0x33/0x70 [ 560.682599] kvmalloc_node+0x65/0xf0 [ 560.686296] __list_lru_init+0x5d9/0x840 [ 560.690357] ? list_lru_destroy+0x500/0x500 [ 560.694662] ? prealloc_shrinker+0x213/0x480 [ 560.699052] ? __init_waitqueue_head+0x9e/0x150 [ 560.703702] ? inactive_list_is_low+0x850/0x850 [ 560.708354] ? __lockdep_init_map+0x105/0x590 [ 560.712832] alloc_super+0x9a6/0xb10 [ 560.716529] ? destroy_unused_super.part.11+0x110/0x110 [ 560.721873] ? lock_downgrade+0x8f0/0x8f0 [ 560.726002] ? lock_acquire+0x1e4/0x540 [ 560.729967] ? kasan_check_read+0x11/0x20 [ 560.734101] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 560.738664] ? kasan_check_write+0x14/0x20 [ 560.742877] ? do_raw_spin_lock+0xc1/0x200 [ 560.747094] sget_userns+0x276/0x860 [ 560.750796] ? v9fs_kill_super+0xa0/0xa0 [ 560.754846] ? vfs_get_super+0x270/0x270 [ 560.758898] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 560.764425] ? ns_capable_common+0x13f/0x170 [ 560.768816] ? v9fs_kill_super+0xa0/0xa0 [ 560.772868] sget+0x10b/0x150 [ 560.775972] v9fs_mount+0xe2/0x900 [ 560.779493] ? v9fs_drop_inode+0x150/0x150 [ 560.783711] legacy_get_tree+0x118/0x440 [ 560.787765] vfs_get_tree+0x1cb/0x5c0 [ 560.791558] do_mount+0x6c1/0x1fb0 [ 560.795083] ? kasan_check_write+0x14/0x20 [ 560.799297] ? copy_mount_string+0x40/0x40 [ 560.803513] ? kasan_kmalloc+0xc4/0xe0 [ 560.807382] ? kmem_cache_alloc_trace+0x318/0x780 [ 560.812207] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 560.817727] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 560.823255] ? copy_mount_options+0x285/0x380 [ 560.827746] ksys_mount+0x12d/0x140 [ 560.831356] __x64_sys_mount+0xbe/0x150 [ 560.835311] do_syscall_64+0x1b9/0x820 [ 560.839183] ? syscall_slow_exit_work+0x500/0x500 [ 560.844025] ? syscall_return_slowpath+0x5e0/0x5e0 [ 560.848955] ? syscall_return_slowpath+0x31d/0x5e0 [ 560.853876] ? prepare_exit_to_usermode+0x291/0x3b0 [ 560.859056] ? perf_trace_sys_enter+0xb10/0xb10 [ 560.863713] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 560.868548] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 560.873726] RIP: 0033:0x455ab9 [ 560.876903] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 560.896054] RSP: 002b:00007ff52b1d3c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 560.903750] RAX: ffffffffffffffda RBX: 00007ff52b1d46d4 RCX: 0000000000455ab9 [ 560.911000] RDX: 0000000020000900 RSI: 0000000020000000 RDI: 0000000000000000 [ 560.918266] RBP: 000000000072bea0 R08: 0000000020000140 R09: 0000000000000000 [ 560.925525] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 03:33:47 executing program 2: sched_setattr(0x0, &(0x7f0000000040)={0x0, 0x6, 0x0, 0x0, 0x0, 0x9917, 0xffff}, 0x0) clone(0x0, &(0x7f00000025c0), &(0x7f0000002580), &(0x7f00000012c0), &(0x7f0000002440)) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(0xffffffffffffff9c, 0x84, 0x1f, &(0x7f0000000080)={0x0, @in={{0x2, 0x4e24, @loopback=0x7f000001}}, 0xdb, 0x2e}, &(0x7f0000000140)=0x90) getsockopt$inet_sctp_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000180)={r1, 0xfff, 0x4, 0x19, 0xffffffffffffff81, 0x2}, &(0x7f00000001c0)=0x14) ioctl$IOC_PR_PREEMPT(r0, 0x401870cb, &(0x7f0000000200)={0x1, 0x0, 0xfff, 0x4}) 03:33:47 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x40030000000000, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001}, 0x10) 03:33:47 executing program 7: r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000100)='/dev/full\x00', 0x200, 0x0) pread64(r0, &(0x7f0000000280)=""/232, 0x63, 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='cmdline\x00') exit(0x0) setsockopt$packet_buf(r1, 0x107, 0x6, &(0x7f0000000040)="7bcffec74511a530642f84cec8abb355a18fc1c0cf503eb52ccdbaa91c349e088ca0d4ecb55a3600b04846601f568b84a691d0d7548952f56d5f0c9b94de0336771884e5f3c91c49db4891360213ad1552e874a69d0703435c5b61facde5e6b183060d007c2a5ff5", 0x68) preadv(r1, &(0x7f0000000240)=[{&(0x7f0000000140)=""/202, 0xca}], 0x1, 0x0) 03:33:47 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0xffffdd86], 0x1}}, 0x1c) 03:33:47 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xe00, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:47 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x1ab], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:47 executing program 0 (fault-call:8 fault-nth:58): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) [ 560.932784] R13: 00000000004c0201 R14: 00000000004cfe50 R15: 0000000000000039 03:33:47 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0xd603000000000000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:47 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x1300000000000000, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001}, 0x10) 03:33:47 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0x8864000000000000], 0x1}}, 0x1c) [ 561.001015] FAULT_INJECTION: forcing a failure. [ 561.001015] name failslab, interval 1, probability 0, space 0, times 0 [ 561.012359] CPU: 0 PID: 8644 Comm: syz-executor0 Not tainted 4.18.0-rc4-next-20180713+ #7 [ 561.020677] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 561.030032] Call Trace: [ 561.032629] dump_stack+0x1c9/0x2b4 [ 561.036265] ? dump_stack_print_info.cold.2+0x52/0x52 [ 561.041465] ? __kernel_text_address+0xd/0x40 [ 561.045970] ? unwind_get_return_address+0x61/0xa0 [ 561.050913] should_fail.cold.4+0xa/0x11 [ 561.054984] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 561.060094] ? save_stack+0xa9/0xd0 [ 561.063728] ? save_stack+0x43/0xd0 [ 561.067361] ? kasan_kmalloc+0xc4/0xe0 [ 561.071252] ? kmem_cache_alloc_trace+0x152/0x780 [ 561.076102] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 561.081298] ? __list_lru_init+0x4d6/0x840 [ 561.085541] ? alloc_super+0x9a6/0xb10 [ 561.089436] ? sget+0x10b/0x150 [ 561.092720] ? v9fs_mount+0xe2/0x900 [ 561.096437] ? legacy_get_tree+0x118/0x440 [ 561.100677] ? vfs_get_tree+0x1cb/0x5c0 [ 561.104652] ? do_mount+0x6c1/0x1fb0 [ 561.108370] ? ksys_mount+0x12d/0x140 [ 561.112182] ? __x64_sys_mount+0xbe/0x150 [ 561.116336] ? do_syscall_64+0x1b9/0x820 [ 561.120406] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 561.125781] ? save_stack+0xa9/0xd0 [ 561.129417] ? lock_acquire+0x1e4/0x540 [ 561.133392] ? fs_reclaim_acquire+0x20/0x20 [ 561.137722] ? lock_downgrade+0x8f0/0x8f0 [ 561.141872] ? ksys_mount+0x12d/0x140 [ 561.145682] ? check_same_owner+0x340/0x340 [ 561.150011] ? rcu_note_context_switch+0x730/0x730 [ 561.154952] __should_failslab+0x124/0x180 [ 561.159199] should_failslab+0x9/0x14 [ 561.163010] kmem_cache_alloc_trace+0x2cb/0x780 [ 561.167750] ? kasan_kmalloc+0xc4/0xe0 [ 561.171637] __memcg_init_list_lru_node+0x185/0x2d0 [ 561.176636] ? kvfree_rcu+0x20/0x20 [ 561.180246] ? __kmalloc_node+0x47/0x70 [ 561.184209] __list_lru_init+0x4d6/0x840 [ 561.188303] ? list_lru_destroy+0x500/0x500 [ 561.192634] ? prealloc_shrinker+0x213/0x480 [ 561.197028] ? __init_waitqueue_head+0x9e/0x150 [ 561.201684] ? inactive_list_is_low+0x850/0x850 [ 561.206342] ? __lockdep_init_map+0x105/0x590 [ 561.210833] alloc_super+0x9a6/0xb10 [ 561.214532] ? destroy_unused_super.part.11+0x110/0x110 [ 561.219877] ? lock_downgrade+0x8f0/0x8f0 [ 561.224007] ? lock_acquire+0x1e4/0x540 [ 561.227981] ? kasan_check_read+0x11/0x20 [ 561.232112] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 561.236679] ? kasan_check_write+0x14/0x20 [ 561.240893] ? do_raw_spin_lock+0xc1/0x200 [ 561.245110] sget_userns+0x276/0x860 [ 561.248807] ? v9fs_kill_super+0xa0/0xa0 [ 561.252846] ? vfs_get_super+0x270/0x270 [ 561.256913] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 561.262434] ? ns_capable_common+0x13f/0x170 [ 561.266831] ? v9fs_kill_super+0xa0/0xa0 [ 561.271054] sget+0x10b/0x150 [ 561.274150] v9fs_mount+0xe2/0x900 [ 561.277672] ? v9fs_drop_inode+0x150/0x150 [ 561.281895] legacy_get_tree+0x118/0x440 [ 561.285939] vfs_get_tree+0x1cb/0x5c0 [ 561.289726] do_mount+0x6c1/0x1fb0 [ 561.293256] ? check_same_owner+0x340/0x340 [ 561.297564] ? lock_release+0xa30/0xa30 [ 561.301927] ? copy_mount_string+0x40/0x40 [ 561.306159] ? retint_kernel+0x10/0x10 [ 561.310046] ? copy_mount_options+0x1f0/0x380 [ 561.314526] ? copy_mount_options+0x1f6/0x380 [ 561.316199] Unknown ioctl -2147202861 [ 561.319010] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 561.319025] ? copy_mount_options+0x285/0x380 [ 561.319040] ksys_mount+0x12d/0x140 [ 561.319057] __x64_sys_mount+0xbe/0x150 [ 561.335727] Unknown ioctl -2147202861 [ 561.336545] do_syscall_64+0x1b9/0x820 [ 561.336558] ? finish_task_switch+0x1d3/0x870 03:33:48 executing program 5: 03:33:48 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)="2f67726f1d562264702e7354cc74001679ea386bb71454d7004b9b49dce26a3d54c53364fc0d1a8f03548f", 0x2761, 0x0) restart_syscall() write$P9_RREADDIR(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="6800000029020002000000000200000007000000000000009e080000000000000907002e2f66696c65300001000000010000000000000000000000000000000607002e2f66696c65300400000000040000000000000001000000000000007807002e5bf0312f66696c6530"], 0x6b) ioctl$FIBMAP(r0, 0x1, &(0x7f0000000040)=0xfffffffffffff001) 03:33:48 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x900, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:48 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x5101], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:48 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x400000000000000, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001}, 0x10) 03:33:48 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x700, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001}, 0x10) [ 561.336577] ? syscall_return_slowpath+0x5e0/0x5e0 [ 561.357570] ? syscall_return_slowpath+0x31d/0x5e0 [ 561.362503] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 561.367521] ? prepare_exit_to_usermode+0x291/0x3b0 [ 561.372543] ? perf_trace_sys_enter+0xb10/0xb10 [ 561.377220] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 561.382077] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 561.387263] RIP: 0033:0x455ab9 03:33:48 executing program 5: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000100)='bpf\x00', 0x0, &(0x7f0000000380)=ANY=[]) bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x4}, 0x2c) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=@framed={{0x18}, [@alu={0x8000000201a7f19, 0x0, 0x7, 0x0, 0x1}], {0x95}}, &(0x7f0000f6bffb)='GPL\x00', 0x0, 0x299, &(0x7f00001a7f05)=""/251}, 0x18) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000001300)={&(0x7f0000001340)='./file0/file0\x00', r0}, 0x3bf) creat(&(0x7f0000000080)='./file0/file0\x00', 0x0) [ 561.390443] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 561.409707] RSP: 002b:00007ff52b1d3c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 561.417425] RAX: ffffffffffffffda RBX: 00007ff52b1d46d4 RCX: 0000000000455ab9 [ 561.424694] RDX: 0000000020000900 RSI: 0000000020000000 RDI: 0000000000000000 [ 561.431964] RBP: 000000000072bea0 R08: 0000000020000140 R09: 0000000000000000 [ 561.439256] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 03:33:48 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x2000, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001}, 0x10) [ 561.446527] R13: 00000000004c0201 R14: 00000000004cfe50 R15: 000000000000003a 03:33:48 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r3, 0x0, 0x2000000000000004, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr}, 0xc) setsockopt$inet_tcp_int(r3, 0x6, 0xc, &(0x7f0000000000), 0x4) close(r0) r4 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/qat_adf_ctl\x00', 0x200000, 0x0) sendmsg$key(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x2, 0xc, 0x0, 0x7, 0x10, 0x0, 0x70bd27, 0x25dfdbfb, [@sadb_lifetime={0x4, 0x6, 0x8, 0x80000001, 0x3eb, 0xa5}, @sadb_ident={0x2, 0xb, 0x9, 0x0, 0x8}, @sadb_x_nat_t_port={0x1, 0x17, 0x4e20}, @sadb_ident={0x2, 0xa, 0x2, 0x0, 0x3}, @sadb_address={0x5, 0x17, 0xff, 0xa0, 0x0, @in6={0xa, 0x4e22, 0x1000200, @empty, 0x67d4e64e}}]}, 0x80}, 0x1}, 0x80) dup3(r1, r2, 0x80000) 03:33:48 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0x6558000000000000], 0x1}}, 0x1c) 03:33:48 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0xa02], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:48 executing program 2: pipe(&(0x7f00000004c0)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(r0, &(0x7f0000000180)=[{&(0x7f0000000200)="c6", 0x1}], 0x1, 0x0) close(r1) syz_mount_image$vfat(&(0x7f0000001800)='vfat\x00', &(0x7f0000001840)='./file0\x00', 0x0, 0x1, &(0x7f0000000440)=[{&(0x7f0000000380)}], 0xffffffffffffffff, &(0x7f0000000000)=ANY=[]) lseek(r1, 0x0, 0x4) 03:33:48 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x1886f, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:48 executing program 0 (fault-call:8 fault-nth:59): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) 03:33:48 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x34000, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001}, 0x10) 03:33:48 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0xff80000000) ioctl(r0, 0x8912, &(0x7f00000002c0)="0254c83d6d959f0000004c716c4428207081e0d0df7c0fbdfab5f567aec1a5134f901ec09bde22ac20aa60bf09ad8c2c67adea5a299ce7e7f091d72625079403005bb662ef6251fe9de242a2b4538898619851e243ea8e8161625d4afb23a45b833cd314dd89a08089bc4214095669de44175136fcef5d8359c8d44a309e939e44eab894b15e84838ab80dbf7e28f9f399db71d40b57e88c550c79ec60a09ad09523d3e22a663ff338b6") openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='/group.stat\x00', 0x2761, 0x0) r1 = perf_event_open(&(0x7f0000000180)={0x6, 0x70}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x40082406, &(0x7f0000000040)='cpu&3||\n\x00') [ 561.922095] FAULT_INJECTION: forcing a failure. [ 561.922095] name failslab, interval 1, probability 0, space 0, times 0 [ 561.933500] CPU: 1 PID: 8708 Comm: syz-executor0 Not tainted 4.18.0-rc4-next-20180713+ #7 [ 561.941817] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 561.951174] Call Trace: [ 561.953773] dump_stack+0x1c9/0x2b4 [ 561.957408] ? dump_stack_print_info.cold.2+0x52/0x52 [ 561.962612] ? __kernel_text_address+0xd/0x40 [ 561.967115] ? unwind_get_return_address+0x61/0xa0 03:33:48 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x100000000000000, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001}, 0x10) 03:33:48 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x40000000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:48 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x18870, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) [ 561.972066] should_fail.cold.4+0xa/0x11 [ 561.976140] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 561.981251] ? save_stack+0xa9/0xd0 [ 561.984886] ? save_stack+0x43/0xd0 [ 561.988520] ? kasan_kmalloc+0xc4/0xe0 [ 561.992411] ? kmem_cache_alloc_trace+0x152/0x780 [ 561.997259] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 562.002456] ? __list_lru_init+0x4d6/0x840 [ 562.006698] ? alloc_super+0x9a6/0xb10 [ 562.010595] ? sget+0x10b/0x150 [ 562.013882] ? v9fs_mount+0xe2/0x900 [ 562.017608] ? legacy_get_tree+0x118/0x440 03:33:48 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0xfeffffff, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001}, 0x10) 03:33:48 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x1000000000, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) [ 562.021846] ? vfs_get_tree+0x1cb/0x5c0 [ 562.025827] ? do_mount+0x6c1/0x1fb0 [ 562.029548] ? ksys_mount+0x12d/0x140 [ 562.033362] ? __x64_sys_mount+0xbe/0x150 [ 562.037517] ? do_syscall_64+0x1b9/0x820 [ 562.041587] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 562.046960] ? save_stack+0xa9/0xd0 [ 562.050602] ? lock_acquire+0x1e4/0x540 [ 562.054588] ? fs_reclaim_acquire+0x20/0x20 [ 562.058917] ? lock_downgrade+0x8f0/0x8f0 [ 562.063070] ? ksys_mount+0x12d/0x140 [ 562.066880] ? check_same_owner+0x340/0x340 03:33:48 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x11000000, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001}, 0x10) [ 562.071211] ? rcu_note_context_switch+0x730/0x730 [ 562.076158] __should_failslab+0x124/0x180 [ 562.080409] should_failslab+0x9/0x14 [ 562.084230] kmem_cache_alloc_trace+0x2cb/0x780 [ 562.088908] ? kasan_kmalloc+0xc4/0xe0 [ 562.092806] __memcg_init_list_lru_node+0x185/0x2d0 [ 562.097825] ? kvfree_rcu+0x20/0x20 [ 562.101455] ? __kmalloc_node+0x47/0x70 [ 562.105439] __list_lru_init+0x4d6/0x840 [ 562.109510] ? list_lru_destroy+0x500/0x500 [ 562.113837] ? prealloc_shrinker+0x213/0x480 [ 562.118248] ? __init_waitqueue_head+0x9e/0x150 03:33:48 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x4], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) [ 562.122921] ? inactive_list_is_low+0x850/0x850 [ 562.127601] ? __lockdep_init_map+0x105/0x590 [ 562.132108] alloc_super+0x9a6/0xb10 [ 562.136515] ? destroy_unused_super.part.11+0x110/0x110 [ 562.141885] ? lock_downgrade+0x8f0/0x8f0 [ 562.146037] ? lock_acquire+0x1e4/0x540 [ 562.150014] ? kasan_check_read+0x11/0x20 [ 562.154166] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 562.158755] ? kasan_check_write+0x14/0x20 [ 562.163002] ? do_raw_spin_lock+0xc1/0x200 [ 562.167244] sget_userns+0x276/0x860 03:33:48 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x2e2, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001}, 0x10) [ 562.170959] ? v9fs_kill_super+0xa0/0xa0 [ 562.175032] ? vfs_get_super+0x270/0x270 [ 562.179118] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 562.184659] ? ns_capable_common+0x13f/0x170 [ 562.189076] ? v9fs_kill_super+0xa0/0xa0 [ 562.193139] sget+0x10b/0x150 [ 562.196253] v9fs_mount+0xe2/0x900 [ 562.199797] ? v9fs_drop_inode+0x150/0x150 [ 562.204034] legacy_get_tree+0x118/0x440 [ 562.208101] vfs_get_tree+0x1cb/0x5c0 [ 562.211904] do_mount+0x6c1/0x1fb0 [ 562.215448] ? check_same_owner+0x340/0x340 [ 562.219774] ? lock_release+0xa30/0xa30 [ 562.223751] ? copy_mount_string+0x40/0x40 [ 562.227983] ? retint_kernel+0x10/0x10 [ 562.231874] ? copy_mount_options+0x1d9/0x380 [ 562.236374] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 562.241914] ? copy_mount_options+0x285/0x380 [ 562.246416] ksys_mount+0x12d/0x140 [ 562.250043] __x64_sys_mount+0xbe/0x150 [ 562.254022] do_syscall_64+0x1b9/0x820 [ 562.257907] ? finish_task_switch+0x1d3/0x870 [ 562.262410] ? syscall_return_slowpath+0x5e0/0x5e0 [ 562.267345] ? syscall_return_slowpath+0x31d/0x5e0 [ 562.272342] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 562.277363] ? prepare_exit_to_usermode+0x291/0x3b0 [ 562.282382] ? perf_trace_sys_enter+0xb10/0xb10 [ 562.287061] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 562.291928] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 562.297125] RIP: 0033:0x455ab9 [ 562.300289] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 562.319444] RSP: 002b:00007ff52b1d3c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 562.327138] RAX: ffffffffffffffda RBX: 00007ff52b1d46d4 RCX: 0000000000455ab9 [ 562.334391] RDX: 0000000020000900 RSI: 0000000020000000 RDI: 0000000000000000 [ 562.341651] RBP: 000000000072bea0 R08: 0000000020000140 R09: 0000000000000000 [ 562.348905] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 562.356163] R13: 00000000004c0201 R14: 00000000004cfe50 R15: 000000000000003b 03:33:49 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0xfffffffe, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001}, 0x10) 03:33:49 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x3f00], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:49 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x1000000000000000, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:49 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0x400300], 0x1}}, 0x1c) 03:33:49 executing program 0 (fault-call:8 fault-nth:60): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) 03:33:49 executing program 5: r0 = socket(0x1e, 0x4, 0x0) recvmmsg(r0, &(0x7f0000006e40)=[{{&(0x7f00000033c0)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @random}, 0x80, &(0x7f0000004a00)=[{&(0x7f0000004900)=""/197, 0xc5}], 0x1}}, {{&(0x7f00000001c0)=@hci, 0x80, &(0x7f0000006d00), 0xf6, &(0x7f0000006d80)=""/157, 0x9d}}], 0x2, 0x22, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req={0x80, 0x0, 0x3, 0x73d}, 0x7c) sendto$inet6(r0, &(0x7f0000000280)="a4a297fb77f289ce3172c1040ad1ed2871d30720c8e1423ebb2f103bb150da716361", 0x22, 0x0, 0x0, 0x0) r1 = fcntl$getown(r0, 0x9) sched_getscheduler(r1) 03:33:49 executing program 2: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000000)="025cc83d6d345f8f762070") setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='nv\x00', 0x3) getsockopt$inet_tcp_buf(r0, 0x6, 0x1a, &(0x7f0000000200)=""/145, &(0x7f0000000040)=0x152) ioctl$TIOCGPGRP(0xffffffffffffff9c, 0x540f, &(0x7f0000000100)=0x0) prlimit64(r2, 0xb, &(0x7f0000000380)={0x2, 0xb4}, &(0x7f00000003c0)) pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(r3, 0xc08c5335, &(0x7f00000002c0)={0xfffffffffffffffe, 0x4, 0x5, 'queue0\x00', 0x100000000}) r4 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x0, 0x0) getsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000140)={@remote, 0x0}, &(0x7f0000000180)=0x14) ioctl$HCIINQUIRY(r4, 0x800448f0, &(0x7f00000001c0)={r5, 0x6, 0x100000001, 0xe4, 0x401, 0x7fffffff, 0x80000001}) 03:33:49 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) r1 = syz_open_dev$sndpcmc(&(0x7f0000000200)='/dev/snd/pcmC#D#c\x00', 0x2, 0x20080) ioctl$RNDCLEARPOOL(r1, 0x5206, &(0x7f0000000240)=0x7fff) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") timerfd_create(0x0, 0x804) sendmsg$alg(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000300)="01", 0x1}], 0x1, &(0x7f0000000380)=[@iv={0x68, 0x117, 0x2, 0x52, "f9e05d2088925505d763111aad8ca07842ff578348c670d9a950a1823658aa936e3ffaf3209b66c6f3f3b8d3a22306a9c693e17d2970e91be40a1c1a120c26d7aeba7fd1bb4f082e9606f5a8880bccc9c23e"}], 0x68, 0x800}, 0x40000) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x100, 0xc) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000e80)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000000000000000000000000000000e000000040000004005000048020000f0000000f00000000000000048020000a8040000a8040000a8040000a8040000a804000004000000", @ANYPTR=&(0x7f00000002c0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'], @ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c800f000000000000000000000000000000000000000000000000000300061646472747970750000000000000000000000000000000000000000000060000000000000000000000000000000280052454a454354000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f800d200000000000000000000000000000000000000000000000000300061680000000000000000000000000000000000000000000000000000000009000000ff03000001000000000000003000616464727479706500000000000000000000000000000000000000000000060001000100000000000000000000006000484d41524b00000000000000000000000000000000000000000000000000fe8000000000000000000000000000bbff000000ffffff00ffffffff000000004e224e204e234e240300000081000000040000008000000014000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007184fe4628763caf0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200260020000000000000000000000000000000000000000000000005801686173686c696d6974000000000000000000000000000000000000000003626f6e643000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000020000000000000020000000018000000080000000000000001000000400000018200000000000000100000001000000300061680000000000000000000000000000000000000000000000000000000009000000b86b0000010000000000000040005443504f5054535452495000000000000000000000000000000000000000ffffff7f7f000000050000001ca500000300000007000000ac000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000070005b0000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000000feffffff00000000"], 0x123) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffff9c, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000040)={0xffffffffffffffff}, 0x13f, 0x1000}}, 0x20) getsockopt$inet_sctp6_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f0000000440)={0x0, 0x6}, &(0x7f0000000480)=0x8) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r1, 0x84, 0x10, &(0x7f00000004c0)=@assoc_value={r4, 0x9}, &(0x7f0000000540)=0x8) write$RDMA_USER_CM_CMD_REJECT(r2, &(0x7f00000000c0)={0x9, 0x108, 0xfa00, {r3, 0x31, "91c913", "4235d27873352f817ddd89fa9f35f68ed1d6652b4a1f1abf871517b939438c1ac6d1e856e46da91de4cdc4e1dac4b1806fd793bbb3978e7df14096adbe98fa74a4f2c6ab03f9edfbbd7e63510f6dcdc762ac71b6b5d7ebe9e4c2a0b6dd89aa6e76ce6887b10c21f6c61965a8fd60853ce09d1b42e4aefad791480b87dbde2df6bfab2d6d4ae4005044214cdfdb8915b55718cbafdb4bccaf8b2f2ee2f8e63b7e829e641163be9b2908d5039ea18d50b1d20228863afb0624ca2a81141bcea67acbafdad736272598256a39386e75605efa560c7c72934dc08b8c222ad93677d5a38394299ad8b24e828296139795ff340c114dea143d5c062ddea014b42d4a34"}}, 0x110) [ 562.852614] FAULT_INJECTION: forcing a failure. [ 562.852614] name failslab, interval 1, probability 0, space 0, times 0 [ 562.863946] CPU: 1 PID: 8772 Comm: syz-executor0 Not tainted 4.18.0-rc4-next-20180713+ #7 [ 562.872260] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 562.881630] Call Trace: [ 562.884222] dump_stack+0x1c9/0x2b4 [ 562.887859] ? dump_stack_print_info.cold.2+0x52/0x52 [ 562.893057] ? __kernel_text_address+0xd/0x40 [ 562.897560] ? unwind_get_return_address+0x61/0xa0 03:33:49 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x6c880100, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:49 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0xfffffff5], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:49 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0xe2020000, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001}, 0x10) [ 562.902503] should_fail.cold.4+0xa/0x11 [ 562.906576] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 562.911688] ? save_stack+0xa9/0xd0 [ 562.915322] ? save_stack+0x43/0xd0 [ 562.918955] ? kasan_kmalloc+0xc4/0xe0 [ 562.922849] ? kmem_cache_alloc_trace+0x152/0x780 [ 562.927694] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 562.932889] ? __list_lru_init+0x4d6/0x840 [ 562.937130] ? alloc_super+0x9a6/0xb10 [ 562.941024] ? sget+0x10b/0x150 [ 562.944306] ? v9fs_mount+0xe2/0x900 [ 562.948026] ? legacy_get_tree+0x118/0x440 03:33:49 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x900, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001}, 0x10) 03:33:49 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xa00, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) [ 562.952266] ? vfs_get_tree+0x1cb/0x5c0 [ 562.956244] ? do_mount+0x6c1/0x1fb0 [ 562.959966] ? ksys_mount+0x12d/0x140 [ 562.963765] ? __x64_sys_mount+0xbe/0x150 [ 562.967920] ? do_syscall_64+0x1b9/0x820 [ 562.971983] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 562.977441] ? save_stack+0xa9/0xd0 [ 562.981075] ? lock_acquire+0x1e4/0x540 [ 562.985056] ? fs_reclaim_acquire+0x20/0x20 [ 562.989386] ? lock_downgrade+0x8f0/0x8f0 [ 562.993544] ? ksys_mount+0x12d/0x140 [ 562.997353] ? check_same_owner+0x340/0x340 03:33:49 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x5, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001}, 0x10) 03:33:49 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xfffffffd, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) [ 563.001686] ? rcu_note_context_switch+0x730/0x730 [ 563.006631] __should_failslab+0x124/0x180 [ 563.010879] should_failslab+0x9/0x14 [ 563.014691] kmem_cache_alloc_trace+0x2cb/0x780 [ 563.019366] ? kasan_kmalloc+0xc4/0xe0 [ 563.023263] __memcg_init_list_lru_node+0x185/0x2d0 [ 563.028284] ? kvfree_rcu+0x20/0x20 [ 563.031916] ? __kmalloc_node+0x47/0x70 [ 563.035898] __list_lru_init+0x4d6/0x840 [ 563.039963] ? list_lru_destroy+0x500/0x500 [ 563.044288] ? prealloc_shrinker+0x213/0x480 [ 563.048697] ? __init_waitqueue_head+0x9e/0x150 03:33:49 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x0, 0x0) r2 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/zero\x00', 0x2c4204, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, &(0x7f0000000180)="0f20e06635002000000f22e00f20d86635200000000f22d8b800008ee066f43e0fc728ba210066b86c59000066efba2100b005eebaf80c66b8e8fde78566efbafc0c66b8419393da66efbaf80c66b854eb898a66efbafc0cedb800028ed0", 0x5e}], 0x1, 0x1, &(0x7f0000000200)=[@cr0={0x0, 0x10000}, @vmwrite={0x8, 0x0, 0x0, 0x0, 0xfffffffffffffffb, 0x0, 0x0, 0x0, 0xffff}], 0x2) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r3, 0x4068aea3, &(0x7f0000000000)={0x0, 0x2}) [ 563.053370] ? inactive_list_is_low+0x850/0x850 [ 563.058041] ? __lockdep_init_map+0x105/0x590 [ 563.062543] alloc_super+0x9a6/0xb10 [ 563.066268] ? destroy_unused_super.part.11+0x110/0x110 [ 563.071638] ? lock_downgrade+0x8f0/0x8f0 [ 563.075791] ? lock_acquire+0x1e4/0x540 [ 563.079771] ? kasan_check_read+0x11/0x20 [ 563.083929] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 563.088517] ? kasan_check_write+0x14/0x20 [ 563.092757] ? do_raw_spin_lock+0xc1/0x200 [ 563.097000] sget_userns+0x276/0x860 03:33:49 executing program 2: r0 = socket(0x10, 0x2, 0x0) ioctl$sock_inet_SIOCSIFADDR(r0, 0x8916, &(0x7f00000001c0)={'syz_tun\x00', {0x2, 0x4e20, @multicast1=0xe0000001}}) sendmsg$nl_route(r0, &(0x7f00000003c0)={&(0x7f0000000040)={0x10}, 0xc, &(0x7f0000000340)={&(0x7f00000002c0)=@ipv6_delrule={0x68, 0x21, 0x11, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10015}, [@FRA_DST={0x14, 0x1, @ipv4={[], [0xff, 0xff], @rand_addr}}, @FIB_RULE_POLICY=@FRA_UID_RANGE={0xc, 0x14}, @FRA_DST={0x14, 0x1, @ipv4={[], [0xff, 0xff], @remote={0xac, 0x14, 0x14, 0xbb}}}, @FRA_SRC={0x14, 0x2, @ipv4={[], [0xff, 0xff], @loopback=0x7f000001}}]}, 0xffffffffffffff26}, 0x1, 0x0, 0x0, 0x76a0cdb37926d318}, 0x0) fstatfs(r0, &(0x7f00000000c0)=""/84) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000000400)={{{@in6=@ipv4={[], [], @multicast1}, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@local}, 0x0, @in6=@remote}}, &(0x7f0000000200)=0xe8) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f0000000240)={@dev={0xfe, 0x80, [], 0xf}, @loopback={0x0, 0x1}, @local={0xfe, 0x80, [], 0xaa}, 0x101, 0xff, 0x4eb, 0x500, 0x2, 0x2, r1}) r2 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x0, 0x0) setns(r2, 0x2020000) ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f0000000140)={0x727, {0x2, 0x4e23, @rand_addr=0x6}, {0x2, 0x4e23}, {0x2, 0x4e20, @local={0xac, 0x14, 0x14, 0xaa}}, 0x100, 0x0, 0x3, 0x2, 0x1, 0x0, 0x1, 0x6216, 0x9}) 03:33:49 executing program 7: r0 = socket$nl_xfrm(0x11, 0x3, 0x6) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000100)=0x40, 0x4) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'veth1_to_bond\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'bridge0\x00', r1}) ioctl$sock_SIOCGIFINDEX(r0, 0x89a2, &(0x7f0000000000)={'bridge0\x00', r2}) openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000080)='cpu.weight\x00', 0x2, 0x0) 03:33:49 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x4, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001}, 0x10) [ 563.100716] ? v9fs_kill_super+0xa0/0xa0 [ 563.104785] ? vfs_get_super+0x270/0x270 [ 563.108869] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 563.114413] ? ns_capable_common+0x13f/0x170 [ 563.118822] ? v9fs_kill_super+0xa0/0xa0 [ 563.122885] sget+0x10b/0x150 [ 563.125995] v9fs_mount+0xe2/0x900 [ 563.129542] ? v9fs_drop_inode+0x150/0x150 [ 563.133779] legacy_get_tree+0x118/0x440 [ 563.137883] vfs_get_tree+0x1cb/0x5c0 [ 563.141697] do_mount+0x6c1/0x1fb0 [ 563.145242] ? kasan_check_read+0x11/0x20 [ 563.149461] ? do_raw_spin_unlock+0xa7/0x2f0 [ 563.153884] ? copy_mount_string+0x40/0x40 [ 563.158130] ? retint_kernel+0x10/0x10 [ 563.162024] ? copy_mount_options+0x1f0/0x380 [ 563.166524] ? copy_mount_options+0x1f6/0x380 [ 563.171028] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 563.176573] ? copy_mount_options+0x285/0x380 [ 563.181074] ksys_mount+0x12d/0x140 [ 563.184711] __x64_sys_mount+0xbe/0x150 [ 563.188693] do_syscall_64+0x1b9/0x820 [ 563.192581] ? finish_task_switch+0x1d3/0x870 [ 563.197082] ? syscall_return_slowpath+0x5e0/0x5e0 [ 563.202020] ? syscall_return_slowpath+0x31d/0x5e0 [ 563.206956] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 563.211979] ? prepare_exit_to_usermode+0x291/0x3b0 [ 563.217004] ? perf_trace_sys_enter+0xb10/0xb10 [ 563.221683] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 563.226536] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 563.231728] RIP: 0033:0x455ab9 [ 563.234909] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 03:33:50 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0x80350000], 0x1}}, 0x1c) 03:33:50 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x6e88010000000000, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) [ 563.254162] RSP: 002b:00007ff52b1d3c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 563.261885] RAX: ffffffffffffffda RBX: 00007ff52b1d46d4 RCX: 0000000000455ab9 [ 563.269155] RDX: 0000000020000900 RSI: 0000000020000000 RDI: 0000000000000000 [ 563.276425] RBP: 000000000072bea0 R08: 0000000020000140 R09: 0000000000000000 [ 563.283683] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 563.291039] R13: 00000000004c0201 R14: 00000000004cfe50 R15: 000000000000003c 03:33:50 executing program 5: r0 = socket(0xb, 0x803, 0x4) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f00000012c0)={0x0, @in6={{0xa, 0x4e21, 0xce4a, @ipv4={[], [0xff, 0xff]}, 0xfffffffffffeffff}}}, &(0x7f0000001380)=0x84) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f00000013c0)={r1, 0x3, 0x3ff, 0x24, 0x3, 0xce0}, 0x14) r2 = socket$inet6_sctp(0xa, 0x40000000005, 0x84) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r2, 0x84, 0x6d, &(0x7f0000000140)=ANY=[@ANYRES32=0x0, @ANYBLOB="001000000544a4d0de536e1f9d43d84eca05ffc1f4810122707bf0b13887148e591462fea075eaf1fa843ade56799189239279c03ca4a307b600cf92eef3767f0533dc41724cb9e7a7406e6496fe8308fd91c7593a1eff93104994811db3e750e6f60943ebec771020a6289edf294971e085e1d9820168c72dfed70d2e387db857ba16c66fee508d627ffbfb52d26f8c9a1d699abba158a30649ef2e4c178f76054af0ba1846433db56a022d6667c89e0e470945cb21ecab8e472e6d01cc5963edffe0354c1fa0a2c1dc2cd091b86b6bdf8e8b4062dbd89fee1284af1a25d7c837042a2f069123fb12c3ad1f52c8d4d5017a9cd495f66681ec31a26c2dbfe95a60f291249703fa0257804cb9058cd12c5ba3125b05567aa0c03cd7c8e8728d09ed5ea443acad15b381f5ff7b6a454793b75207fbd9124af649e2118fead066f22abe620fe30f87ce6df5f4084936970e3525e983dea3a27b998182287f4f2a95af71e701cede167172c55c0244a9100d79f71ce0a4ccea83357b9d450126985771cce571ca50e796cf4c881ab59a45de5891c9492d8baa00be346e59ae49f0c6e44831f1a5a3ac233c19579be38fc75a0c424ef938f48a1afc41c68e82ae717f7a2167240ef8e1df78c38e81e18dac092d4201b66a2bb03fbf9d0774dc9b73b8ec3127b5ea56c6456cd691fd936330d42505c5a17164ca7d3f45731e80421676ccf6b59fffa5a68b0338880e0787fe5c0e2e91c66a0f28f04637802dff4b64cae51aaa37d1b4e13a26d273b9fdfc56099abbcce48464d54adf3e4071c169a8f6c9b0555bbd9744301af1ad722e490db428cb1992f508dd679a9d3e3ec56c3bd0424c13eec7827481cf08a1206c589ef59bae33dc82cf0087ed6276958a59386921dbf6bd558fbee4076f59f4be93b0bce9eb8c21166d579d979fde760d2b314a1235d33b96e67351402c9805573251ed58aca26b0fa437bc6dd19a754fcbdfad50158639e6b004abc125e0a6b7cb2052045cfaea2677bf0edd50d0bcba5e4603c4430970a4bbb913bfba9959474c280ed656cce35642f9cd8e5b05dd1422da351f16bfdde8b4a180e84173d98548e025bed63c81c0eb5135d331a689da61eaec5bee63dee50bb1e9cd720811e66bb74359705b0c13aa54d04cab818ddfd4c58e0dc4ebd375a75fe70d8c5e9239963ea9716685ea5123183061bc5edb3217a36ea6b9f0b196ef0a35e7e75744ca9698967355a71845422334bda6d08992fa618b543ff2df8a9883817cecdee1dbd2edf0bc29d7d0cf9f8507c718ff44c52585da7b4bfb70309e3cc5938ba728aca4394f70fbb9b1df38620cd3c255185482c8015f40ad704a2516a981cad4df1f5fd858a56df62a06d0343a265f6ae2cc5022921ee9cec43a0e0e8e5a656b8557ff3d9e958d8c36fc4ebb77472e1347a337130c5707487187026636e6e6f7e86cdc7de6786d10f8d172cf9ec2aed0f588f7c75b4625fa4b79a1cbcaf861b38717866b182e5da4ce09964b7187d5e7e4ad5923a37581264563d9efc0a6dda814f10fa9ea93d3665c3740259f2d81abded4500c0ba02705858ff7af1b69e9cb66623174b19c387f5bc0bee0516c6815578f2e617eb01d8c79cd277c4a063160cd85e903fc47202477435fe262c0bc5da04a83c8b7a01184946714cf9ff9748b2d8dd3d9ada694def1780d05d763d1c96c95e7757c9b84e9803453ba321474e2c270f27763af921c30404aad030cf85f5f3957c8fa349c2a4bb9c4b53ba9805429757c0c0c7eaa0be43292aba52e39dc78b1714a4fd469c8231d6fa0fba4e0336b7af5256bb8f9735716bebfd408815c46b44c89cefcffa7f6a9d61e90c3a25488c1a949ccb7411021c238b0a91ac91e6de55d8a2f5c38ce4989c2aa0a2b202e2f30d567fafa41647d885da67e1cabbbbc37cc45c80153b04e10d8c00ee0a15b3027b575cae1dca8c671e12d824d0f73a5c74d1dcf9f0016656672a8adc4757afbc24771baef0b2a9f2422f7c9f588bf40a24b7811c132f4991fa347f0ef1e4f9736892c3a1d26fcd6b88044315c5850bd4530418067974675e08343edbfbb1594032e7ee8d1439d2ec2588777d9e5fe75bcd27ecba3a272a7c8c3cc29f0ead93a31264784230b6cfaeb3fcc7c54a9c41a4efb578758791b3b826f573e31d561881debc0bb4a8d1ba75b807b74bef9f888ed42f685ab666abd7d2d67419edc607ba68ca52f3bf229adc7dd1045ef2e8421d8e43b68b586064a2fd0c70a0f854e756d23fc20bce96eca984439f2383f67d26743e2bf0142b3ec80ee938d6514942898b4b2be36114b82c1df7682bcb097e328ef10bcf0dc2722683dab25e401978a2c33654c2d44ce1ffbb1e32f82ac5a2754e6eae63c15518e7914e39da69d9cb04f4b350be4288f2bda444275719afd24e74294cc6123ab8ccd679bae1b27bfb2eeb9e1deb8e6f20634c1d5af55d412a5c364ac2f065ebd6b553fa28ea839b3845fc0cec6ecc719b606ab268de64e8a23bdfadde896a79fd40ebbdfc6f1e0d651ed28a9fe1c376a94498846bb10fa42f77092675c40340e4ffb15b290e9a0bc697b64a5a518c896aa082a307339fd3c99d36f87d9cb663ee3727c19bac54358fa9ee5f0b912c06b38dddb76f544ebfe00e7b872d089850c8c393940ddd26caae2c78daf9ab9759acaaa3fc29b0fc25a48742282afbddd07f559e06f3a251038588c71bbc8fd00fdea5b18e6c5ee036f7de8b662c184fb8e58e2a6bc0f4fb1db8bfdbce0e528a193d9eb2093ff496259d47d9513375f95779f039b522316ccca24d95c0d75a909e91d6dfbeae9bd8ecd87ff0b8981decf4b5979dc6e9925cfcfd4ec351f9b3a30fde28e4d089716687955cfd7d190f8e06138594e9b15ab35e6c0acea34fb0f927d585452ed3b1f419d1c822fa8109662ac4b178c760676268f4525ef7b389fde63d1a7838d8c76e716783bf93048488a705e6ed453215e13386ec01af4aae438602a223ef86e63895da6f6f56d48322efceea83419a7cba6741ceba874bd5ea42d680db5adfed7cbf49724bd125b00233217f7128061786f3d01d51a52bea1e78acfd369255f68aa32113cc7d9714f034b2dba2223f64b3d78dda0e4d61fabf3c5269d1b98f44eb78342cedf7ce128dc8d13c77eadf913de8af2882f534a48ab17387f7a1e0fd4adb0f214ea18fe51d12b515a1821ceea5518f9ba6558b6c6adef470a5d0bf1457ff724bad71c5bb18cbe77f671eaaf34b319c9a005e3b5b8870c3b7d9cc30cafa95ace0341b7951eba1e4bbfef000863def38cd6640e61f78869e00ced3cccda89cb52a9d11e81975d4ab810491136c5296b753809c01d106240760a94613a70e836f5689e038a52840c6ee60105e94e3ada4bcf9ff489809dc24676eff029a10d9de5af5304b4f16cf4287ec046969f93356ffcc9632a2497ce3b412886ba5fb50910705cf31d24e0cafc4bed24eaa3c0a4d0f62d81ec32ba3c2808311867e14a3e609513b560a5b77fff5fddf96b60f9994bd07e7a3556c2a637538a1abdbb6e27ff140bdf112750a07019eeb443200d063c64cfb316ff4fbb866a41de10d159d201af1d27dcb15406d1edc76c5ba3210af4e19abd44fc4465a997897134118e87965eb43c424b2f2710d6d0bfd9d87ace342a10b6609f08d88c47a9d9be963066f3985fe5ed3043e1e3bc7b86629caa5db887c96d59b2953fd80619e1289e3f7e3a4d099ab8fe719b9ac4a5aa0d7056a9e3e09d9a121dd0dc60c0d33d252aec565c7b77af8aec2ce9d9d3edf5674f3152c2d42a8ca493543d9cac0b4cbd7db50c70692d12abb594f63c109549e4cd9723ca2b6407d856840aed3b445b877401679bc66376b41a2fa8e45d22d8e40e56662a0809d01305d31f8db50ddcd1375590bd08e2d97b5889d99e49d3eb932df870fd1967c981f8b11f74da3e4e1dee521e43043e41021a4a7c76a98d372a4e4a3672e5863dd2cf777ba3ed85bbbb122764d9d35d7ce52189572d28458284139c8010c6b2fe84ed6268a68af5df9487886de21e430f0831cb5a33a56878d413af2a2058f015ac9a208aec41c86dcce193ce1890a3241fe5710c3549f0c916dcb7091f3f30bf52400aad193788b159b6ca24ad249733b8cd3c1c9c50c1dba1041e782cc089d9a713560df6c610b9d0f01b83fc94f3ab2301dd0d4ee5be4112e6e82a447a294a220ef60b00d171d0b9cd048d8c692fef595d62f2f1ef412eaac24f4c373abaedf651dd751fd44e4c7af1ab3c157d0dbec180f9fc9d4dfca37b656cc48d876b0dfd1226c41bc6cf8e4b483609e0590d85ed61c2ae6b61fe29f1de93221570852b73bd567385a7c2f518748cabcc869be7e3894f77da81e6f01cb4ac7234574d92d2a7c8c0aab843023df33a9c951ca5c426d48ed381953f3900a18ec5d1b2d25a0e57ed52c47484784a1de6b0da3e7fccc700a1f178b3ad2310eeec88b0b24de821634a1aa4bfba25dba4644d68d47b730b82681a84e9f6628ad484fe4fbedbf7d2c1a6c86345298072d26a11108ca6760aeaf43aca714d72567a4dd40bc5024c5db840b61367c7e6e0516523784e14e24994a990d0a57b7f401076e86d2903410c2939c3b3c42d66589618abc7aeea45da233ab6490cc9b59bab446e113f09b15115bd95a8a899b9213071dc2eba9a17c2920862d4b110b35ce26c01344561e5db726cb0e9afbd869df2452ee879e73946a2653bd1a77fa7036fdbb6b3d656afecb6a9dc2de75db82871456a7a1731c9ea5c81660a7ea3d62f366338b5fce526bcd8f402aec0e35c2752c0d1ca10f3d57459d464fc51abaec694545996617b529c3f7b44defe6f69363752c65c0d2f330aaabb7843e9423f39772574131ad200606dea0ea579c98be91341671d93cde3299e1bd96ecbbeed9322fc8b6a01a152112a74e07b92de1a54ea496565afea2131cec476ff0431ddc2975b8462a80e66235441c2c75857d5360a35240c045cbc0f4946d51375a0ce6a770f456c518891583130307d59c69aa5b72f410304eb2cb22f230c7b66eaab9f0a5bb5565705bd25b99d08344681c981606ff86a6334ba423e645d9f2add6749ec3f7d68a366de8b2318840f20f3fa98afabf033c094172fe6b24629298bd81d9436d2f1e5242fdb11209c2cda0dee1f663f4491c381d3887f865f63ade9d53aba75d542503b6692cbcd590bbf47c423523f21df32485edbebb756c5c5ef8b1ee3a9871daa9f02dad26b663086ec80337313ba91b8dff9d5ee416ba4e4b2c92c77d91319f0eddb3b17f1df4df244080b79d3d6c9e9ce6953b21bed9329b6ef084072f918b3970b857ce96935ba2a0c8227e5c358de1b19e88b6fc6acbebae2a9bb0984e2e8fc2f7db512a91b3df512a1d58920d113c8927b4c6cfba2cbcc1d14f38c3b06065049e5f3e53674424ccafd052dd3046a3a4e51ce496dadafc6c2daf848dd216da541e47c011822cc9136fe6198072c52e84101c6da6191d9d58fa5dd1ebc303d71e62ded7b5aefc2e2ac088e70648d8bfde7c1e373f54e3c8d69d18b687389f3a85c46f52f700f203487c780e85d4e29898209f7069e008b664b33fe09f3f735e1351584c8e53e227e17fd634d239e4f738a5e5c3876e5d45d1bb697abc9b776df9bd1c9f1ef2b8741da1cec49a3230cc562340f7bed31f8a00a9d60d26937453b6aa9cff7faeb0292ed265b06ce0647e6a1b641f42d5278fa6383a79bf8de2bde7c87d39a143f7549a4f6ea222717afcb26ce988e8075"], &(0x7f0000001180)=0x1008) getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r2, 0x84, 0x1b, &(0x7f00000011c0)={r3, 0x89, "349d60f3217366dabcf02de78e81e620075d59f1eaf1278118aa69e53ba5200f6258898f7b12d15da3939111c50584fccd0f1c55e27e29b48b2a52158ec29bfcae0ea70558b4e4407332f758bb58737a47d51e22c11b6a241650faf7c0da6e82b66344c7bc924822a05eeba83bcf060fca4183d2d7beadeb9bab53cf9bed887d7307fd5101b50715a5"}, &(0x7f0000001280)=0x91) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r2, 0x84, 0x6e, &(0x7f0000961fe4), 0x0) ioctl$FIDEDUPERANGE(r2, 0xc0189436, &(0x7f0000001400)={0x5, 0x6, 0x2, 0x0, 0x0, [{r2, 0x0, 0x5e09}, {r2, 0x0, 0xfff}]}) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f0000000000)=ANY=[@ANYBLOB="cde52d08d1ee5db3f61d5657ae13870ae70acb99120eacb442b0cb953d03097edb44d7bf8b5b8c54480ab6dc121f1ac92cc0f3cc344653738ce0b0c95502d635de919e1ddc2a480b09ba4c8152992aa9f3eb6ccce87f78e3490afd5dcdc177415d395a4433b07161f04da2f6f53b032b10b025824c566b9a5a3f72b4cd9e34467824f544df00e04545d7f9b9be07", @ANYRES32=0x0], &(0x7f000095dffc)=0x8) setrlimit(0x7, &(0x7f000046eff0)) r5 = openat$rtc(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/rtc0\x00', 0x0, 0x0) ioctl$TIOCLINUX2(r5, 0x541c, &(0x7f0000000100)={0x2, 0x8000, 0x1ff, 0x80, 0x0, 0xfffffffffffffff9}) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r2, 0x84, 0x66, &(0x7f000095cffe)={r4}, &(0x7f000095c000)=0x8) 03:33:50 executing program 2: r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_PIT2(r0, 0x4040ae77, &(0x7f0000000080)) ioctl$KVM_SET_PIT(r0, 0xc048ae65, &(0x7f0000000300)) 03:33:50 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x8b00000000000000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:50 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x1800, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001}, 0x10) 03:33:50 executing program 0 (fault-call:8 fault-nth:61): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) 03:33:50 executing program 7: bpf$MAP_CREATE(0x0, &(0x7f0000000400)={0x11, 0xfffffffffffffffc, 0x0, 0x6, 0x0, 0xffffffffffffffff, 0x4}, 0x2c) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/pmtu_disc\x00', 0x2, 0x0) ioctl$GIO_UNISCRNMAP(r0, 0x4b69, &(0x7f00000000c0)=""/49) ioctl$TIOCGSOFTCAR(r0, 0x5419, &(0x7f0000000040)) ioctl$TIOCGSOFTCAR(r0, 0x5419, &(0x7f0000000080)) 03:33:50 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xfeffffff00000000, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:50 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0x8906], 0x1}}, 0x1c) [ 563.681238] FAULT_INJECTION: forcing a failure. [ 563.681238] name failslab, interval 1, probability 0, space 0, times 0 [ 563.692569] CPU: 0 PID: 8852 Comm: syz-executor0 Not tainted 4.18.0-rc4-next-20180713+ #7 [ 563.700893] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 563.710258] Call Trace: [ 563.712857] dump_stack+0x1c9/0x2b4 [ 563.716497] ? dump_stack_print_info.cold.2+0x52/0x52 [ 563.721699] ? __kernel_text_address+0xd/0x40 [ 563.726206] ? unwind_get_return_address+0x61/0xa0 [ 563.731169] should_fail.cold.4+0xa/0x11 [ 563.735229] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 563.740329] ? save_stack+0xa9/0xd0 [ 563.743962] ? save_stack+0x43/0xd0 [ 563.747595] ? kasan_kmalloc+0xc4/0xe0 [ 563.751500] ? kmem_cache_alloc_trace+0x152/0x780 [ 563.756336] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 563.761509] ? __list_lru_init+0x4d6/0x840 [ 563.765729] ? alloc_super+0x9a6/0xb10 [ 563.769601] ? sget+0x10b/0x150 [ 563.772871] ? v9fs_mount+0xe2/0x900 [ 563.776568] ? legacy_get_tree+0x118/0x440 [ 563.780789] ? vfs_get_tree+0x1cb/0x5c0 [ 563.784748] ? do_mount+0x6c1/0x1fb0 [ 563.788457] ? ksys_mount+0x12d/0x140 [ 563.792245] ? __x64_sys_mount+0xbe/0x150 [ 563.796386] ? do_syscall_64+0x1b9/0x820 [ 563.800434] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 563.805787] ? save_stack+0xa9/0xd0 [ 563.809408] ? lock_acquire+0x1e4/0x540 [ 563.813369] ? fs_reclaim_acquire+0x20/0x20 [ 563.817679] ? lock_downgrade+0x8f0/0x8f0 [ 563.821813] ? ksys_mount+0x12d/0x140 [ 563.825606] ? check_same_owner+0x340/0x340 [ 563.829917] ? rcu_note_context_switch+0x730/0x730 [ 563.834839] __should_failslab+0x124/0x180 [ 563.839064] should_failslab+0x9/0x14 [ 563.842851] kmem_cache_alloc_trace+0x2cb/0x780 [ 563.847503] ? kasan_kmalloc+0xc4/0xe0 [ 563.851383] __memcg_init_list_lru_node+0x185/0x2d0 [ 563.856390] ? kvfree_rcu+0x20/0x20 [ 563.860015] ? __kmalloc_node+0x47/0x70 [ 563.863981] __list_lru_init+0x4d6/0x840 [ 563.868031] ? list_lru_destroy+0x500/0x500 [ 563.872345] ? prealloc_shrinker+0x213/0x480 [ 563.876746] ? __init_waitqueue_head+0x9e/0x150 [ 563.881400] ? inactive_list_is_low+0x850/0x850 [ 563.886061] ? __lockdep_init_map+0x105/0x590 [ 563.890547] alloc_super+0x9a6/0xb10 [ 563.894253] ? destroy_unused_super.part.11+0x110/0x110 [ 563.899602] ? lock_downgrade+0x8f0/0x8f0 [ 563.903733] ? lock_acquire+0x1e4/0x540 [ 563.907698] ? kasan_check_read+0x11/0x20 [ 563.911837] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 563.916412] ? kasan_check_write+0x14/0x20 [ 563.920634] ? do_raw_spin_lock+0xc1/0x200 [ 563.924860] sget_userns+0x276/0x860 [ 563.928562] ? v9fs_kill_super+0xa0/0xa0 [ 563.932613] ? vfs_get_super+0x270/0x270 [ 563.936684] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 563.942220] ? ns_capable_common+0x13f/0x170 [ 563.946619] ? v9fs_kill_super+0xa0/0xa0 [ 563.950667] sget+0x10b/0x150 [ 563.953767] v9fs_mount+0xe2/0x900 [ 563.957297] ? v9fs_drop_inode+0x150/0x150 [ 563.961518] legacy_get_tree+0x118/0x440 [ 563.965569] vfs_get_tree+0x1cb/0x5c0 [ 563.969360] do_mount+0x6c1/0x1fb0 [ 563.972886] ? check_same_owner+0x340/0x340 [ 563.977204] ? lock_release+0xa30/0xa30 [ 563.981169] ? copy_mount_string+0x40/0x40 [ 563.985391] ? kasan_kmalloc+0xc4/0xe0 [ 563.989269] ? kmem_cache_alloc_trace+0x318/0x780 [ 563.994103] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 563.999799] ? _copy_from_user+0xdf/0x150 [ 564.003936] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 564.009459] ? copy_mount_options+0x285/0x380 [ 564.013953] ksys_mount+0x12d/0x140 [ 564.017571] __x64_sys_mount+0xbe/0x150 [ 564.021538] do_syscall_64+0x1b9/0x820 [ 564.025411] ? finish_task_switch+0x1d3/0x870 [ 564.029893] ? syscall_return_slowpath+0x5e0/0x5e0 [ 564.034821] ? syscall_return_slowpath+0x31d/0x5e0 [ 564.039742] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 564.044744] ? prepare_exit_to_usermode+0x291/0x3b0 [ 564.049759] ? perf_trace_sys_enter+0xb10/0xb10 [ 564.054424] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 564.059259] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 564.064430] RIP: 0033:0x455ab9 03:33:50 executing program 2: r0 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r0, &(0x7f00000001c0)={0xa, 0x4e20}, 0x1c) listen(r0, 0x1000008004) setsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000700)={0x1}, 0x8) r1 = socket$inet_dccp(0x2, 0x6, 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) connect$inet(r1, &(0x7f0000000100)={0x2, 0x4e20, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) r2 = accept4(r0, &(0x7f0000000000)=@in={0x0, 0x0, @local}, &(0x7f0000000080)=0x80, 0x0) setsockopt$inet_sctp_SCTP_I_WANT_MAPPED_V4_ADDR(r2, 0x84, 0xc, &(0x7f0000000200)=0xe9, 0x4) setsockopt$inet_opts(r2, 0x0, 0x4, &(0x7f0000000180), 0x0) r3 = socket(0x10, 0x3, 0x0) ioctl$sock_ifreq(r3, 0x89f3, &(0x7f0000000140)={'ip6tnl0\x00', @ifru_data=&(0x7f00000000c0)="a325d3c91116bf66fed2b246a94500aa6593352d29be1746fd84168b6ef37b32"}) close(r0) 03:33:50 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x9, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001}, 0x10) 03:33:50 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xffffff7f, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:50 executing program 7: r0 = socket(0x40000000015, 0x5, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000001c0)={0x0, 0x0}, &(0x7f0000000200)=0x5) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={0x0, 0x0}, &(0x7f0000000080)=0xc) setreuid(0x0, r1) setreuid(r1, r2) [ 564.067599] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 564.086875] RSP: 002b:00007ff52b1d3c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 564.094583] RAX: ffffffffffffffda RBX: 00007ff52b1d46d4 RCX: 0000000000455ab9 [ 564.101839] RDX: 0000000020000900 RSI: 0000000020000000 RDI: 0000000000000000 [ 564.109093] RBP: 000000000072bea0 R08: 0000000020000140 R09: 0000000000000000 [ 564.116346] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 564.123601] R13: 00000000004c0201 R14: 00000000004cfe50 R15: 000000000000003d 03:33:50 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0x689], 0x1}}, 0x1c) 03:33:50 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0xf5ffffff], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:50 executing program 7: clone(0x200, &(0x7f0000000400), &(0x7f00000001c0), &(0x7f0000000280), &(0x7f0000000200)) mknod(&(0x7f0000000000)='./file0\x00', 0x1044, 0x0) execve(&(0x7f0000000240)='./file0\x00', &(0x7f0000000040), &(0x7f0000001640)) r0 = syz_open_procfs(0x0, &(0x7f0000000680)="706572736f6e616c697479005d82a7336489ce5bda0a0fd81d814eb15432b3e583f4f58ba51cf65347e346e484375f3b177c09b3ee9b0c6ce0e3cc7e64c3c2f573c428867a4d951c87cc1fa9cae30a9ffbfbfacd2225d361be19813b9e68acf48d347c6b555a3e1966d01843c9d2ada1756f47af2b2c258d55e7f160c7de2af9fbec1f20bc0a3cc530f466713fdf5a6578d7861a5dae4285985a4a105addaf3169870d02f2cf8769d76091230874707ad3d5c6818d9477671c483acc99af30b48c4210512ee897a9e894cca176f070ec022efc6fe11517d648f1d3b6aa7d858f893e9cba3ca0c3a8c2be36dc48ae9de49f89152074f7604f276665c232239ad8af449406ea4d17fd30a4aca89fbf9f88b0b67958b80634f40914a58f7f8ce6a61075436e6b685d8b97b1fb09822e1e8f4447ec62e4be7a9a587364747c3714dd79dc90a8a33a14eb14cbbf1cb7d145e4d29ea11518ee5c397b1a0b38d412d7cdfb3e12dcd5f780aed68f35d04446834d8cfaab2b1c871f54662ebf30c892902b6338cfb706d8db7273d97a816b4c23910cc5794a") read(r0, &(0x7f00000000c0)=""/245, 0xf5) execve(&(0x7f0000000300)='./file0\x00', &(0x7f0000000480), &(0x7f0000000f40)) open$dir(&(0x7f0000000080)='./file0\x00', 0x289, 0x10) 03:33:50 executing program 0 (fault-call:8 fault-nth:62): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) 03:33:50 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$KVM_GET_ONE_REG(r2, 0x4010aeab, &(0x7f0000000080)={0x1, 0x8000}) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) setsockopt$RDS_GET_MR(r1, 0x114, 0x2, &(0x7f00000001c0)={{&(0x7f00000000c0)=""/18, 0x12}, &(0x7f0000000100), 0x8}, 0x20) r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r4, 0xc008ae88, &(0x7f0000000140)={0x10, 0x0, [0x40000020]}) 03:33:51 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x5000000, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001}, 0x10) 03:33:51 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x700, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) [ 564.300404] FAULT_INJECTION: forcing a failure. [ 564.300404] name failslab, interval 1, probability 0, space 0, times 0 [ 564.311737] CPU: 0 PID: 8896 Comm: syz-executor0 Not tainted 4.18.0-rc4-next-20180713+ #7 [ 564.320057] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 564.329414] Call Trace: [ 564.332017] dump_stack+0x1c9/0x2b4 [ 564.335660] ? dump_stack_print_info.cold.2+0x52/0x52 [ 564.340864] ? perf_trace_lock+0xde/0x920 [ 564.345034] should_fail.cold.4+0xa/0x11 [ 564.349111] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 564.354234] ? save_stack+0xa9/0xd0 [ 564.357877] ? save_stack+0x43/0xd0 [ 564.361509] ? kasan_kmalloc+0xc4/0xe0 [ 564.365403] ? kmem_cache_alloc_trace+0x152/0x780 [ 564.370252] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 564.375449] ? __list_lru_init+0x4d6/0x840 [ 564.379693] ? alloc_super+0x9a6/0xb10 [ 564.383590] ? sget+0x10b/0x150 [ 564.386901] ? v9fs_mount+0xe2/0x900 [ 564.390621] ? vfs_get_tree+0x1cb/0x5c0 [ 564.394600] ? do_mount+0x6c1/0x1fb0 [ 564.398320] ? ksys_mount+0x12d/0x140 [ 564.402128] ? __x64_sys_mount+0xbe/0x150 [ 564.406286] ? do_syscall_64+0x1b9/0x820 [ 564.410352] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 564.415729] ? lock_acquire+0x1e4/0x540 [ 564.419712] ? fs_reclaim_acquire+0x20/0x20 [ 564.424039] ? lock_downgrade+0x8f0/0x8f0 [ 564.428192] ? ksys_mount+0x12d/0x140 [ 564.432003] ? check_same_owner+0x340/0x340 [ 564.436335] ? rcu_note_context_switch+0x730/0x730 [ 564.441276] __should_failslab+0x124/0x180 [ 564.445523] should_failslab+0x9/0x14 [ 564.449334] kmem_cache_alloc_trace+0x2cb/0x780 [ 564.454009] ? kasan_kmalloc+0xc4/0xe0 [ 564.457913] __memcg_init_list_lru_node+0x185/0x2d0 [ 564.462936] ? kvfree_rcu+0x20/0x20 [ 564.466605] ? __kmalloc_node+0x47/0x70 [ 564.470588] __list_lru_init+0x4d6/0x840 [ 564.474657] ? list_lru_destroy+0x500/0x500 [ 564.479010] ? prealloc_shrinker+0x213/0x480 [ 564.483426] ? __init_waitqueue_head+0x9e/0x150 [ 564.488085] ? inactive_list_is_low+0x850/0x850 [ 564.492750] ? __lockdep_init_map+0x105/0x590 [ 564.497235] alloc_super+0x9a6/0xb10 [ 564.500942] ? destroy_unused_super.part.11+0x110/0x110 [ 564.506292] ? lock_downgrade+0x8f0/0x8f0 [ 564.510425] ? lock_acquire+0x1e4/0x540 [ 564.514393] ? kasan_check_read+0x11/0x20 [ 564.518532] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 564.523112] ? kasan_check_write+0x14/0x20 [ 564.527336] ? do_raw_spin_lock+0xc1/0x200 [ 564.531563] sget_userns+0x276/0x860 [ 564.535273] ? v9fs_kill_super+0xa0/0xa0 [ 564.539324] ? vfs_get_super+0x270/0x270 [ 564.543406] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 564.548930] ? ns_capable_common+0x13f/0x170 [ 564.553328] ? v9fs_kill_super+0xa0/0xa0 [ 564.557374] sget+0x10b/0x150 [ 564.560469] v9fs_mount+0xe2/0x900 [ 564.563997] ? v9fs_drop_inode+0x150/0x150 [ 564.568221] legacy_get_tree+0x118/0x440 [ 564.572274] vfs_get_tree+0x1cb/0x5c0 [ 564.576062] do_mount+0x6c1/0x1fb0 [ 564.579591] ? kasan_check_write+0x14/0x20 [ 564.583813] ? copy_mount_string+0x40/0x40 [ 564.588037] ? kasan_kmalloc+0xc4/0xe0 [ 564.591916] ? kmem_cache_alloc_trace+0x318/0x780 [ 564.596746] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 564.602273] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 564.607804] ? copy_mount_options+0x285/0x380 [ 564.612297] ksys_mount+0x12d/0x140 [ 564.615913] __x64_sys_mount+0xbe/0x150 [ 564.619877] do_syscall_64+0x1b9/0x820 [ 564.623749] ? finish_task_switch+0x1d3/0x870 [ 564.628232] ? syscall_return_slowpath+0x5e0/0x5e0 [ 564.633158] ? syscall_return_slowpath+0x31d/0x5e0 [ 564.638074] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 564.643165] ? prepare_exit_to_usermode+0x291/0x3b0 [ 564.648170] ? perf_trace_sys_enter+0xb10/0xb10 [ 564.652825] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 564.657664] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 564.662838] RIP: 0033:0x455ab9 [ 564.666024] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 564.685320] RSP: 002b:00007ff52b1d3c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 564.693022] RAX: ffffffffffffffda RBX: 00007ff52b1d46d4 RCX: 0000000000455ab9 03:33:51 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0xff000000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:51 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0x30000], 0x1}}, 0x1c) 03:33:51 executing program 5: syz_mount_image$ntfs(&(0x7f0000000280)='ntfs\x00', &(0x7f00000002c0)='./file0\x00', 0x5, 0x2, &(0x7f00000000c0)=[{&(0x7f0000000040)="a56b87e3364931f6e19af1eacb", 0xd, 0x5}, {&(0x7f0000000100)="121ea5407d0092", 0x7, 0x8}], 0x0, &(0x7f0000000000)={[{@disable_sparse_yes='disable_sparse=y\ns', 0x2c}]}) 03:33:51 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x3f00000000000000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:51 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xffffff97, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) [ 564.700276] RDX: 0000000020000900 RSI: 0000000020000000 RDI: 0000000000000000 [ 564.707530] RBP: 000000000072bea0 R08: 0000000020000140 R09: 0000000000000000 [ 564.714785] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 564.722051] R13: 00000000004c0201 R14: 00000000004cfe50 R15: 000000000000003e [ 564.745330] ntfs: (device loop5): parse_options(): The disable_sparse option requires a boolean argument. 03:33:51 executing program 2: r0 = dup3(0xffffffffffffff9c, 0xffffffffffffff9c, 0x80000) ioctl$RTC_PLL_GET(r0, 0x80207011, &(0x7f00000002c0)) r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x10000, 0x0) r2 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4, 0x0, &(0x7f0000000140)=[@enter_looper={0x630c}], 0x0, 0x0, &(0x7f0000000180)}) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000180)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080)={0xffffffffffffffff}, 0x2, 0x5}}, 0x20) io_setup(0x9, &(0x7f0000000300)=0x0) mq_open(&(0x7f0000000a00)='systemcgroup\x00', 0x0, 0x20, &(0x7f0000000a40)={0x100000001, 0x8, 0x1, 0x8, 0x6, 0xfff, 0xb72, 0x80000001}) io_submit(r4, 0x6, &(0x7f00000009c0)=[&(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x4, r0, &(0x7f0000000340)="8f5004119f6390d27402fe79ff2171747b1be7601ecd570ba776fa722bfa1b5a3c73635afa34f27267c57e3b3fae23d046fda017bc7db054ba4ea67fb041799bc6ddb0fb9642466078edde2fdde32e154723e6376f99b961ed812ee1867705586f4a7cc931bfadc4a1829bb8b563b6b47b50d772d5142ab45f600ae98ea7c59364319f724e6980b8e787228864694b2d9d91eb2dc5cc8dd449761fcf1aa09f317e01f11b5e79f74e9f637311a6563662ef479f0460d8075ea265a51c0d3efba6a69163c7392141328f", 0xc9, 0x3, 0x0, 0x1, r1}, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x7, 0xfff, r2, &(0x7f0000000480)="9246d54414ab7a212064f8ee53501648ab4f4cab0a9d22eae23245128cb1efac2b6b17bce6f4d46a974bbb65b165c4a3af8acdff44d2a4525645b5ac06c58f9282cd1fbb7efb913bdbe4085a9ab80d73a5a3ddfd52eb363eb26d93d2d624358c07d5e9f52a145faf816881d5012e3026f8f1bf56c8c0cb7d705950d20fa0cd1af4796a56c4406b6059dc41d435bb06e5ad3b32839b920a76b0a639af1fd7b9c4be05a38554dd260b7a85885f2206e7af96a0bdde94e1b0e3", 0xb8, 0xff, 0x0, 0x1, r1}, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x7, 0x8, r0, &(0x7f0000000580)="37aada0179bb01cdf114a1553263b6a6571c6d5324232afd95518b301e3e2b98070e92baceffa3cf3804f139ae597bf5db3dfb623b0608b194cc2a605bf02e73464e20f1e6fe4f3cca3faadde33d5416d2a99f4f82964a94f9301600aa8f63a434def304cd023f3784233feab0548a834350a7cbbade3768d59b4e19b502253e9b0de0735f0da3a71ca1642122f77d38064e215c4de794e88fd9edc4fd1ccf758a8aef31b0ddfef4fa3211260540d08989c43359c73acb9ee1cdcceef701ece84b8511cdbfb2965a75377d479816011aa0ae9a491a", 0xd5, 0x80, 0x0, 0x0, r0}, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x2, 0x7, r0, &(0x7f00000006c0)='~', 0x1, 0x3, 0x0, 0x1, r1}, &(0x7f0000000840)={0x0, 0x0, 0x0, 0x8, 0xff, r0, &(0x7f0000000740)="8ff5ebf4386f5ff782fb4b5c9d31706484a690f22ca438cad10c7cce5d0db2d2c329b5bccf918c9418c0f51adc56640d1a66a18324dc1f4883b08671820a21a851c64a2c52764fa86a94ed8365f7a4a5732d2ff27de89d2d1e314b04f49fa38990a0d6a86471c885e6666d4991310863c84a11c7947942ccf366d615013d2510cdbcbae1996d956c14e0218cee812e079f0bf4b4386ba2cc85b259be7f38c9c62da1669eb3a9473a8d4670e4051a754aaf5fe377eba9ef5a56880806fe1a9011548dd3917d8983b90807040d5efb8d7b62d0d136540cbba4f89d01857f587fb7b8", 0xe1, 0x1, 0x0, 0x0, r1}, &(0x7f0000000980)={0x0, 0x0, 0x0, 0x3, 0x8, r1, &(0x7f0000000880)="98f081e617531184b6849192c3ae2bab9c52bff523632aa6fb1d1d9b2a0597de6713e2179d33c568abf1633d6e566059f46988385a224cbca47f272c52f754d7cbbfa950a9dfe9062ce47b25c633740a03ec94bd24fb81f0598a4c86524496673f66c596ba14826155338ef5498c8470281f9c39da1bd0f5e68f0ad09379203c4835004167ba83c0210f6f1e09eec9121b0aefbadcf81c15d2c8e0dbba34d1078a3dbef8474ae8d8f28d8175752401dc55c9cdc3f743a1102d174e7b18804b3de64551f96eef4a94cb752c33abfd54c3e5358266ada2a78994a3c81fc6e87b641a01a2aa1cc7f2f42dd144c2f319fa4f6c13410e90a5", 0xf6, 0x8, 0x0, 0x1, r0}]) write$RDMA_USER_CM_CMD_DISCONNECT(r1, &(0x7f0000000280)={0xa, 0x4, 0xfa00, {r3}}, 0xc) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000000c0)={0x4, 0x0, &(0x7f0000000000)=[@register_looper={0x630b}], 0x0, 0x0, &(0x7f0000000040)}) 03:33:51 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0xffe0, 0x0, @loopback=0x7f000001}, 0x10) 03:33:51 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0x40030000000000], 0x1}}, 0x1c) 03:33:51 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0xa4ffffff00000000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:51 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x3000000, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:51 executing program 0 (fault-call:8 fault-nth:63): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) [ 564.832814] ntfs: (device loop5): parse_options(): The disable_sparse option requires a boolean argument. [ 564.911000] FAULT_INJECTION: forcing a failure. [ 564.911000] name failslab, interval 1, probability 0, space 0, times 0 [ 564.922331] CPU: 0 PID: 8963 Comm: syz-executor0 Not tainted 4.18.0-rc4-next-20180713+ #7 [ 564.930652] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 564.940007] Call Trace: [ 564.942594] dump_stack+0x1c9/0x2b4 [ 564.946214] ? dump_stack_print_info.cold.2+0x52/0x52 [ 564.951399] ? __kernel_text_address+0xd/0x40 [ 564.955878] ? unwind_get_return_address+0x61/0xa0 [ 564.960796] should_fail.cold.4+0xa/0x11 [ 564.964847] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 564.969939] ? save_stack+0xa9/0xd0 [ 564.973553] ? save_stack+0x43/0xd0 [ 564.977177] ? kasan_kmalloc+0xc4/0xe0 [ 564.981053] ? kmem_cache_alloc_trace+0x152/0x780 [ 564.985882] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 564.991054] ? __list_lru_init+0x4d6/0x840 [ 564.995273] ? alloc_super+0x9a6/0xb10 [ 564.999144] ? sget+0x10b/0x150 [ 565.002411] ? v9fs_mount+0xe2/0x900 [ 565.006125] ? legacy_get_tree+0x118/0x440 [ 565.010357] ? vfs_get_tree+0x1cb/0x5c0 [ 565.014319] ? do_mount+0x6c1/0x1fb0 [ 565.018023] ? ksys_mount+0x12d/0x140 [ 565.021809] ? __x64_sys_mount+0xbe/0x150 [ 565.025947] ? do_syscall_64+0x1b9/0x820 [ 565.029998] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 565.035354] ? save_stack+0xa9/0xd0 [ 565.038970] ? lock_acquire+0x1e4/0x540 [ 565.042927] ? fs_reclaim_acquire+0x20/0x20 [ 565.047233] ? lock_downgrade+0x8f0/0x8f0 [ 565.051366] ? ksys_mount+0x12d/0x140 [ 565.055158] ? check_same_owner+0x340/0x340 [ 565.059466] ? rcu_note_context_switch+0x730/0x730 [ 565.064386] __should_failslab+0x124/0x180 [ 565.068609] should_failslab+0x9/0x14 [ 565.072395] kmem_cache_alloc_trace+0x2cb/0x780 [ 565.077047] ? kasan_kmalloc+0xc4/0xe0 [ 565.080927] __memcg_init_list_lru_node+0x185/0x2d0 [ 565.085930] ? kvfree_rcu+0x20/0x20 [ 565.089542] ? __kmalloc_node+0x47/0x70 [ 565.093505] __list_lru_init+0x4d6/0x840 [ 565.097555] ? list_lru_destroy+0x500/0x500 [ 565.101868] ? prealloc_shrinker+0x213/0x480 [ 565.106258] ? __init_waitqueue_head+0x9e/0x150 [ 565.110918] ? inactive_list_is_low+0x850/0x850 [ 565.115573] ? __lockdep_init_map+0x105/0x590 [ 565.120058] alloc_super+0x9a6/0xb10 [ 565.123761] ? destroy_unused_super.part.11+0x110/0x110 [ 565.129111] ? lock_downgrade+0x8f0/0x8f0 [ 565.133242] ? lock_acquire+0x1e4/0x540 [ 565.137203] ? kasan_check_read+0x11/0x20 [ 565.141340] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 565.145908] ? kasan_check_write+0x14/0x20 [ 565.150127] ? do_raw_spin_lock+0xc1/0x200 [ 565.154353] sget_userns+0x276/0x860 [ 565.158054] ? v9fs_kill_super+0xa0/0xa0 [ 565.162104] ? vfs_get_super+0x270/0x270 [ 565.166177] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 565.171794] ? ns_capable_common+0x13f/0x170 [ 565.176193] ? v9fs_kill_super+0xa0/0xa0 [ 565.180240] sget+0x10b/0x150 [ 565.183333] v9fs_mount+0xe2/0x900 [ 565.186863] ? v9fs_drop_inode+0x150/0x150 [ 565.191083] legacy_get_tree+0x118/0x440 [ 565.195135] vfs_get_tree+0x1cb/0x5c0 [ 565.198925] do_mount+0x6c1/0x1fb0 [ 565.202451] ? kasan_check_write+0x14/0x20 [ 565.206672] ? copy_mount_string+0x40/0x40 [ 565.210894] ? retint_kernel+0x10/0x10 [ 565.214771] ? copy_mount_options+0x1f0/0x380 [ 565.219252] ? copy_mount_options+0x202/0x380 [ 565.223741] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 565.229263] ? copy_mount_options+0x285/0x380 [ 565.233746] ksys_mount+0x12d/0x140 [ 565.237358] __x64_sys_mount+0xbe/0x150 [ 565.241321] do_syscall_64+0x1b9/0x820 [ 565.245203] ? finish_task_switch+0x1d3/0x870 [ 565.249684] ? syscall_return_slowpath+0x5e0/0x5e0 [ 565.254599] ? syscall_return_slowpath+0x31d/0x5e0 [ 565.259516] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 565.264519] ? prepare_exit_to_usermode+0x291/0x3b0 [ 565.269522] ? perf_trace_sys_enter+0xb10/0xb10 [ 565.274178] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 565.279014] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 565.284188] RIP: 0033:0x455ab9 [ 565.287355] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 565.307187] RSP: 002b:00007ff52b1d3c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 565.314892] RAX: ffffffffffffffda RBX: 00007ff52b1d46d4 RCX: 0000000000455ab9 [ 565.322262] RDX: 0000000020000900 RSI: 0000000020000000 RDI: 0000000000000000 [ 565.329617] RBP: 000000000072bea0 R08: 0000000020000140 R09: 0000000000000000 [ 565.336871] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 565.344131] R13: 00000000004c0201 R14: 00000000004cfe50 R15: 000000000000003f 03:33:52 executing program 7: r0 = open(&(0x7f0000000000)='./file0\x00', 0x88000, 0x3) r1 = syz_genetlink_get_family_id$team(&(0x7f0000000080)='team\x00') ioctl$EVIOCSABS3F(r0, 0x401845ff, &(0x7f0000002d00)={0x2, 0x200, 0x800, 0x846, 0x1ff, 0xcc89}) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'team0\x00', 0x0}) getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x22, &(0x7f0000002c80)={@dev, @rand_addr, 0x0}, &(0x7f0000000140)=0xffffffffffffff01) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffff9c, 0x8933, &(0x7f0000000180)={'team0\x00', 0x0}) r5 = accept4$packet(0xffffffffffffff9c, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000200)=0x14, 0x800) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000440)={{{@in=@multicast1, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@loopback}, 0x0, @in=@multicast1}}, &(0x7f0000000300)=0xe8) getpeername$packet(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000380)=0x14) sendmsg$TEAM_CMD_OPTIONS_GET(r0, &(0x7f0000000880)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x26000000}, 0xc, &(0x7f0000000840)={&(0x7f0000000540)=ANY=[@ANYBLOB="f8020000", @ANYRES16=r1, @ANYBLOB="00072abd7000fedbdf250200000008000100", @ANYRES32=r2, @ANYBLOB="6001020038000100240001006d636173745f72656a6f696e5f636f756e7400000000000000000000000000000800030003000000080004000000008038000100240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000800030003000000080004000700000044000100240001006270665f686173685f66756e6300000000000000000000000000000000000000080003000b0000001400040001000002030000000400ff050400000064000100240001006270665f686173685f66756e6300000000000000000000000000000000000000080003000b000000340004000100ac00010000003c00f20608000000000009000400000001000701040000008a03020600000000ff073f02ffffffff44000100240001006d6f6465000000000000000000000000000000000000000000000000000000000800030005000000140004006163746976656261636b75700000000008000100", @ANYRES32=r3, @ANYBLOB="740102003c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000008000300060000000400040008000600", @ANYRES32=r4, @ANYBLOB="400001002400010071756575655f6964000000000000000000000000000000000000000008000300030000000800040008dd00000800060000000000", @ANYRES32=r6, @ANYBLOB="400001002400010071756575655f696400000000000000000000000000000000000000000000000008000300030000000800040096ffffff08000600", @ANYRES32=r7, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f696e74657276616c0000000000000000000000080003000300000008000400050000003c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000008000300060000000400040008000600", @ANYRES32=r8, @ANYBLOB="40000100240001006c625f686173685f737461747300000000000000000000000000000000000000080003000b00000008000400070000000800070000000000"], 0x2f8}, 0x1, 0x0, 0x0, 0xc840}, 0x20000010) ioctl$sock_inet_SIOCSIFNETMASK(r0, 0x891c, &(0x7f0000002dc0)={'teql0\x00', {0x2, 0x4e22, @local={0xac, 0x14, 0x14, 0xaa}}}) nanosleep(&(0x7f0000000100), &(0x7f0000002cc0)) r9 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) readv(r5, &(0x7f0000002bc0)=[{&(0x7f0000000240)=""/35, 0x23}, {&(0x7f00000008c0)=""/4096, 0x1000}, {&(0x7f00000018c0)=""/132, 0x84}, {&(0x7f0000001980)=""/190, 0xbe}, {&(0x7f0000000280)=""/124, 0x7c}, {&(0x7f0000001a40)=""/216, 0xd8}, {&(0x7f0000001b40)=""/4096, 0x1000}, {&(0x7f0000002b40)=""/58, 0x3a}, {&(0x7f0000002b80)=""/37, 0x25}], 0x9) ioctl$sock_inet6_SIOCSIFDSTADDR(r0, 0x8918, &(0x7f0000002d40)={@local={0xfe, 0x80, [], 0xaa}, 0x54, r4}) ioctl$SG_GET_SCSI_ID(r0, 0x2276, &(0x7f0000002d80)) getsockopt$llc_int(r9, 0x10c, 0x0, &(0x7f00000003c0), &(0x7f0000000400)=0x4) 03:33:52 executing program 0 (fault-call:8 fault-nth:64): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) 03:33:52 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000100)="025cc83d6d345f8f762070") clock_gettime(0x30a9f7b8a7436003, &(0x7f0000000000)) 03:33:52 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0x81000000], 0x1}}, 0x1c) 03:33:52 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x3, 0x0, @loopback=0x7f000001}, 0x10) 03:33:52 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x8000000000000000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:52 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x68880100, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:52 executing program 5: mkdir(&(0x7f0000578000)='./file0\x00', 0x0) lsetxattr(&(0x7f0000712ff8)='./file0\x00', &(0x7f0000faffe7)=@known='system.posix_acl_default\x00', &(0x7f000054afec)="0200000001000000000000000100000000000000", 0x14, 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff}, 0x800) name_to_handle_at(r0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={0x107, 0x7ff, "9622bab4f176032a1c99c3cb06a940310f7447a2de5c9408ea6a65303596905d4bc83975d09c25fd7def11b47de17c4f34a0691212c4f0c266d079e77eb5ba9c1e4664e03df18c141ef38074ec30a81dad988ef8115aafc4836019a49158f57d5cb86ac53bcc5c6365732148dc67bf15b8aca9d412c37e98d671ac70185a878984d2c9c3a331974967485eb98a24b3eff22e651899c8354ad340f90e4b14b38d822799b31a23dd19dafdabad09057c3ff91d49477e0d09da312a50ec7ffa0350bac6bc1b09a77de6c7c4fa1650937df982e1c2135a1d07c31173b25b0354842d82fc919edcfe5ff02368012369328cbcbab151373628d295861266de882a6a"}, &(0x7f00000001c0), 0x400) [ 565.481161] FAULT_INJECTION: forcing a failure. [ 565.481161] name failslab, interval 1, probability 0, space 0, times 0 [ 565.492462] CPU: 1 PID: 8991 Comm: syz-executor0 Not tainted 4.18.0-rc4-next-20180713+ #7 [ 565.500780] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 565.510131] Call Trace: [ 565.512729] dump_stack+0x1c9/0x2b4 [ 565.516369] ? dump_stack_print_info.cold.2+0x52/0x52 [ 565.521564] ? debug_object_free+0x690/0x690 [ 565.525976] ? lock_release+0xa30/0xa30 [ 565.529958] should_fail.cold.4+0xa/0x11 [ 565.534027] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 565.539134] ? is_bpf_text_address+0xd7/0x170 [ 565.543633] ? __lockdep_init_map+0x105/0x590 [ 565.548136] ? __lockdep_init_map+0x105/0x590 [ 565.552640] ? __lockdep_init_map+0x105/0x590 [ 565.557146] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 565.562688] ? put_dec_trunc8+0x273/0x300 [ 565.566838] ? put_dec+0x3b/0xf0 [ 565.570208] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 565.575753] ? lock_acquire+0x1e4/0x540 [ 565.579734] ? fs_reclaim_acquire+0x20/0x20 [ 565.584061] ? lock_downgrade+0x8f0/0x8f0 [ 565.588217] ? check_same_owner+0x340/0x340 [ 565.592544] ? device_pm_sleep_init+0xf0/0x210 [ 565.597128] ? rcu_note_context_switch+0x730/0x730 [ 565.602063] __should_failslab+0x124/0x180 [ 565.606312] should_failslab+0x9/0x14 [ 565.610122] __kmalloc_track_caller+0x2c4/0x760 [ 565.614793] ? pointer+0x990/0x990 [ 565.618340] ? kvasprintf_const+0x67/0x190 [ 565.622579] kvasprintf+0xb1/0x140 [ 565.626125] ? bust_spinlocks+0xe0/0xe0 [ 565.630106] ? kasan_kmalloc+0xc4/0xe0 [ 565.634003] kvasprintf_const+0x67/0x190 [ 565.638071] kobject_set_name_vargs+0x5b/0x150 [ 565.642658] device_create_groups_vargs+0x1ce/0x270 [ 565.647677] device_create_vargs+0x46/0x60 [ 565.651917] bdi_register_va.part.12+0xc3/0x9c0 [ 565.656582] ? lockdep_init_map+0x9/0x10 [ 565.660639] ? cgwb_kill+0x640/0x640 [ 565.664357] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 565.669896] ? bdi_init+0x3d0/0x4d0 [ 565.673874] ? wb_init+0xa00/0xa00 [ 565.677416] ? kasan_unpoison_shadow+0x35/0x50 03:33:52 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x40000, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:52 executing program 2: r0 = shmget$private(0x0, 0x3000, 0x0, &(0x7f0000ffa000/0x3000)=nil) open(&(0x7f0000000140)='./file0\x00', 0x20001, 0x0) shmat(r0, &(0x7f0000000000/0x4000)=nil, 0x4000) shmctl$SHM_LOCK(r0, 0xb) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000040)='./file0\x00', 0x1, 0x0, &(0x7f0000000080), 0x1030000, &(0x7f00000000c0)={[{@iocharset={'iocharset', 0x3d, 'cp866'}, 0x2c}, {@shortname_mixed='shortname=mixed', 0x2c}, {@shortname_winnt='shortname=winnt', 0x2c}]}) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") open$dir(&(0x7f00000001c0)='./file0\x00', 0x282, 0x0) shmctl$SHM_UNLOCK(r0, 0xc) 03:33:52 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x5, 0x0, @loopback=0x7f000001}, 0x10) 03:33:52 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0xc803000000000000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:52 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xedc0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:52 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0xa, 0x0, @loopback=0x7f000001}, 0x10) 03:33:52 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x2], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:52 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x6, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:52 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000000000)=ANY=[@ANYBLOB="b702000008000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001000000b7030000000000006a0a00fe00000000850000001f000000b7000000000000009500000000000000"], &(0x7f0000000340)='syzkaller\x00'}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x0, 0x22, 0xd7, &(0x7f0000000140)="3c2dbcd405e8e96a639a2fee86dd78c12fbf8be1da8955f4a50ad4238a3c35f77c6f", &(0x7f0000000380)=""/215, 0xea}, 0x28) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket$xdp(0x2c, 0x3, 0x0) accept(r2, &(0x7f00000003c0)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @remote}}}, &(0x7f0000000040)=0x80) 03:33:52 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x9, 0x0, @loopback=0x7f000001}, 0x10) [ 565.682000] ? kasan_kmalloc+0xc4/0xe0 [ 565.685891] ? kmem_cache_alloc_node_trace+0x302/0x770 [ 565.691171] bdi_register_va+0x68/0x80 [ 565.695064] super_setup_bdi_name+0x12d/0x240 [ 565.699560] ? kill_block_super+0x100/0x100 [ 565.703885] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 565.709424] ? ns_capable_common+0x13f/0x170 [ 565.713840] super_setup_bdi+0x7f/0xb0 [ 565.717733] v9fs_mount+0x268/0x900 [ 565.721363] ? v9fs_drop_inode+0x150/0x150 [ 565.725601] legacy_get_tree+0x118/0x440 [ 565.729668] vfs_get_tree+0x1cb/0x5c0 [ 565.733471] do_mount+0x6c1/0x1fb0 [ 565.737010] ? check_same_owner+0x340/0x340 [ 565.741335] ? lock_release+0xa30/0xa30 [ 565.745312] ? copy_mount_string+0x40/0x40 [ 565.749561] ? kasan_kmalloc+0xc4/0xe0 [ 565.753458] ? kmem_cache_alloc_trace+0x318/0x780 [ 565.758293] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 565.763846] ? _copy_from_user+0xdf/0x150 [ 565.767984] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 565.773507] ? copy_mount_options+0x285/0x380 [ 565.777986] ksys_mount+0x12d/0x140 [ 565.781597] __x64_sys_mount+0xbe/0x150 [ 565.785554] do_syscall_64+0x1b9/0x820 [ 565.789423] ? finish_task_switch+0x1d3/0x870 [ 565.793910] ? syscall_return_slowpath+0x5e0/0x5e0 [ 565.798823] ? syscall_return_slowpath+0x31d/0x5e0 [ 565.803740] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 565.808739] ? prepare_exit_to_usermode+0x291/0x3b0 [ 565.813738] ? perf_trace_sys_enter+0xb10/0xb10 [ 565.818389] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 565.823215] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 565.828386] RIP: 0033:0x455ab9 [ 565.831560] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 565.850731] RSP: 002b:00007ff52b1d3c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 565.858420] RAX: ffffffffffffffda RBX: 00007ff52b1d46d4 RCX: 0000000000455ab9 [ 565.865679] RDX: 0000000020000900 RSI: 0000000020000000 RDI: 0000000000000000 [ 565.872932] RBP: 000000000072bea0 R08: 0000000020000140 R09: 0000000000000000 03:33:52 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0x88480000], 0x1}}, 0x1c) 03:33:52 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x3d6], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:52 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xc0ed0000, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:52 executing program 5: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x3, 0x5, 0x4, 0x1, 0x0, 0x1}, 0x2c) bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0xd, 0x1, 0x4, 0x8001, 0x0, r0}, 0x2c) socketpair(0xf, 0x8080f, 0x1f, &(0x7f0000000000)={0xffffffffffffffff}) ioctl$LOOP_SET_DIRECT_IO(r1, 0x4c08, 0x9) [ 565.880190] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 565.887439] R13: 00000000004c0201 R14: 00000000004cfe50 R15: 0000000000000040 03:33:52 executing program 0 (fault-call:8 fault-nth:65): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) 03:33:52 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0xe0, 0x0, @loopback=0x7f000001}, 0x10) 03:33:52 executing program 2: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x3, @broadcast=0xffffffff}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f00006dc000)=[{0x6, 0x0, 0x0, 0xa1}]}, 0x10) sendto$inet(r0, &(0x7f00000001c0), 0x0, 0x200007ff, &(0x7f0000deaff0)={0x2, 0x3, @loopback=0x7f000001}, 0x10) sendto$inet(r0, &(0x7f00000002c0)="20d6dac772b6f65cc7c3fc9bf8d917fbd5bd28cd6ad9243ec3c3fc41fe4295b32b630b3e888a8d0eb1abd9d081c0c6655507c293ed17dcc8e25f2cb85d0e732ff34d9f574cdd31597a5e3a688fff4a8f31474711e4b8f7ab05068770f885c03286fadc1d0fd02098bd981aaf152f2da86443cc605a5cb9a63475b63d354cb1f158bd", 0x82, 0x1, &(0x7f0000000200)={0x2, 0x0, @dev={0xac, 0x14, 0x14}}, 0x10) sendto$inet(r0, &(0x7f00000005c0)="1a", 0x1, 0x0, &(0x7f0000000100)={0x2, 0x0, @multicast2=0xe0000002}, 0x10) r1 = memfd_create(&(0x7f0000000180)='vmnet1^\x00', 0x1) sendmsg$nl_generic(r1, &(0x7f0000000600)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000280)={&(0x7f00000004c0)={0xd0, 0x37, 0x2, 0x70bd28, 0x25dfdbfe, {0x19}, [@typed={0x8, 0x8, @ipv4=@rand_addr=0x81}, @nested={0x8c, 0x4a, [@generic="cadc6eefa81a447fb7de0d0e422099821356000a455022678441f62910dcffe87469e5480942b5107c2a5fd09dca744cd8798836da6eaff7441ff208ec4fc646ff9b50c67d4e375658dbd1ae99d90b3ceb8babc174e3f08775bf920a5c75e41ce1dae6ebad0f06fdd7fece78a1305b4b4ace0a2b68f15dd9c1c3d24c6d5f361d405e05940a86"]}, @generic="cd18b7922338f87e5cb8693f9d7d62117fd933d80182b7dc00b83011f086deb7ead77e54acd5197b"]}, 0xd0}, 0x1, 0x0, 0x0, 0x4004}, 0x40090) sendto$inet(r0, &(0x7f0000000240)="ff", 0x1, 0x0, &(0x7f0000000480)={0x2, 0x0, @rand_addr}, 0x10) readv(r0, &(0x7f0000000140)=[{&(0x7f0000000000)=""/226, 0xfffffd85}], 0x1) recvfrom(r0, &(0x7f0000000380)=""/239, 0xff4e, 0x0, 0x0, 0x307) close(r0) 03:33:52 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x8b], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:52 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x97ffffff00000000, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:52 executing program 5: mkdirat(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x0) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) mount$fuse(0x20000000, &(0x7f0000000080)='./file0\x00', &(0x7f0000000580)='fuse\x00', 0x7a00, &(0x7f00000001c0)=ANY=[]) mount$fuse(0x20000000, &(0x7f0000000080)='./file0\x00', &(0x7f0000000580)='fuse\x00', 0x7a08, &(0x7f00000001c0)=ANY=[]) open$dir(&(0x7f00000000c0)='./file0/../file0\x00', 0x0, 0x0) r0 = memfd_create(&(0x7f0000000040)=']*)}/-*procGPL\x00', 0x1) getsockopt$XDP_MMAP_OFFSETS(r0, 0x11b, 0x1, &(0x7f0000000100), &(0x7f0000000180)=0x60) 03:33:52 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0x8847000000000000], 0x1}}, 0x1c) [ 566.088214] FAULT_INJECTION: forcing a failure. [ 566.088214] name failslab, interval 1, probability 0, space 0, times 0 [ 566.099543] CPU: 0 PID: 9075 Comm: syz-executor0 Not tainted 4.18.0-rc4-next-20180713+ #7 [ 566.107863] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 566.117217] Call Trace: [ 566.119816] dump_stack+0x1c9/0x2b4 [ 566.123457] ? dump_stack_print_info.cold.2+0x52/0x52 [ 566.128658] ? __debug_object_init+0x581/0x12e0 [ 566.133337] ? perf_trace_lock+0xde/0x920 [ 566.137494] should_fail.cold.4+0xa/0x11 [ 566.141556] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 566.146736] ? perf_trace_lock+0xde/0x920 [ 566.150877] ? kasan_check_write+0x14/0x20 [ 566.155102] ? zap_class+0x740/0x740 [ 566.158801] ? trace_hardirqs_on+0xd/0x10 [ 566.162937] ? __debug_object_init+0x581/0x12e0 [ 566.167628] ? kasan_check_read+0x11/0x20 [ 566.171802] ? debug_object_free+0x690/0x690 [ 566.176195] ? kasan_check_write+0x14/0x20 [ 566.180423] ? lock_acquire+0x1e4/0x540 [ 566.184382] ? fs_reclaim_acquire+0x20/0x20 [ 566.188689] ? lock_downgrade+0x8f0/0x8f0 [ 566.192828] ? check_same_owner+0x340/0x340 [ 566.197135] ? wb_congested_get_create+0x187/0x470 [ 566.202051] ? rcu_note_context_switch+0x730/0x730 [ 566.206968] __should_failslab+0x124/0x180 [ 566.211192] should_failslab+0x9/0x14 [ 566.214981] kmem_cache_alloc_trace+0x2cb/0x780 [ 566.219636] ? kasan_check_write+0x14/0x20 [ 566.223871] ? do_raw_spin_lock+0xc1/0x200 [ 566.228098] wb_congested_get_create+0x1d2/0x470 [ 566.232843] ? wb_wakeup_delayed+0xf0/0xf0 [ 566.237068] ? __lockdep_init_map+0x105/0x590 [ 566.241555] wb_init+0x636/0xa00 [ 566.244910] ? bdi_put+0x180/0x180 [ 566.248436] ? bdi_alloc_node+0x67/0xe0 [ 566.252397] ? super_setup_bdi+0x7f/0xb0 [ 566.256442] ? __lockdep_init_map+0x105/0x590 [ 566.260921] ? legacy_get_tree+0x118/0x440 [ 566.265142] ? lockdep_init_map+0x9/0x10 [ 566.269190] ? debug_mutex_init+0x2d/0x60 [ 566.273328] ? __ia32_sys_membarrier+0x150/0x150 [ 566.278069] ? __lockdep_init_map+0x105/0x590 [ 566.282551] ? __init_waitqueue_head+0x9e/0x150 [ 566.287297] ? __lockdep_init_map+0x105/0x590 [ 566.291780] ? lockdep_init_map+0x9/0x10 [ 566.295825] ? __raw_spin_lock_init+0x2d/0x100 [ 566.300393] bdi_init+0x30d/0x4d0 [ 566.303831] ? wb_init+0xa00/0xa00 [ 566.307357] ? kasan_unpoison_shadow+0x35/0x50 [ 566.311926] ? kasan_kmalloc+0xc4/0xe0 [ 566.315803] ? kmem_cache_alloc_node_trace+0x302/0x770 [ 566.321071] bdi_alloc_node+0x81/0xe0 [ 566.324859] super_setup_bdi_name+0x95/0x240 [ 566.329356] ? kill_block_super+0x100/0x100 [ 566.333698] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 566.339225] ? ns_capable_common+0x13f/0x170 [ 566.343627] super_setup_bdi+0x7f/0xb0 [ 566.347505] v9fs_mount+0x268/0x900 [ 566.351128] ? v9fs_drop_inode+0x150/0x150 [ 566.355349] legacy_get_tree+0x118/0x440 [ 566.359397] vfs_get_tree+0x1cb/0x5c0 [ 566.363186] do_mount+0x6c1/0x1fb0 [ 566.366715] ? check_same_owner+0x340/0x340 [ 566.371032] ? lock_release+0xa30/0xa30 [ 566.374996] ? copy_mount_string+0x40/0x40 [ 566.379222] ? kasan_kmalloc+0xc4/0xe0 [ 566.383098] ? kmem_cache_alloc_trace+0x318/0x780 [ 566.387931] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 566.393455] ? _copy_from_user+0xdf/0x150 [ 566.397590] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 566.403121] ? copy_mount_options+0x285/0x380 [ 566.407604] ksys_mount+0x12d/0x140 [ 566.411219] __x64_sys_mount+0xbe/0x150 [ 566.415190] do_syscall_64+0x1b9/0x820 [ 566.419064] ? finish_task_switch+0x1d3/0x870 [ 566.423547] ? syscall_return_slowpath+0x5e0/0x5e0 [ 566.428464] ? syscall_return_slowpath+0x31d/0x5e0 [ 566.433378] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 566.438384] ? prepare_exit_to_usermode+0x291/0x3b0 [ 566.443388] ? perf_trace_sys_enter+0xb10/0xb10 [ 566.448044] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 566.452879] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 566.458051] RIP: 0033:0x455ab9 [ 566.461229] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 566.480503] RSP: 002b:00007ff52b1d3c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 03:33:53 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0xffffffffffffffe0, 0x0, @loopback=0x7f000001}, 0x10) 03:33:53 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x6a88010000000000, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:53 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x4000000000000000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) [ 566.488199] RAX: ffffffffffffffda RBX: 00007ff52b1d46d4 RCX: 0000000000455ab9 [ 566.495462] RDX: 0000000020000900 RSI: 0000000020000000 RDI: 0000000000000000 [ 566.502717] RBP: 000000000072bea0 R08: 0000000020000140 R09: 0000000000000000 [ 566.509981] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 566.517235] R13: 00000000004c0201 R14: 00000000004cfe50 R15: 0000000000000041 03:33:53 executing program 7: r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x3, 0x40000) ioctl$TIOCCBRK(r0, 0x5428) r1 = socket$rds(0x15, 0x5, 0x0) bind$rds(r1, &(0x7f00000001c0)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) sendmsg$rds(r1, &(0x7f000000dfc8)={&(0x7f0000014000)={0x2, 0x0, @rand_addr=0x31a00dfb}, 0x10, &(0x7f0000001fc0), 0x0, &(0x7f0000000140)=[@rdma_dest={0x18, 0x114, 0x2}], 0x18}, 0x0) ioctl$KDSETMODE(r0, 0x4b3a, 0x3) syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x8, 0xc00) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r0, 0xc0605345, &(0x7f00000000c0)={0x80000001, 0x1, {0x3, 0x3, 0x5, 0x3, 0x1ff}}) 03:33:53 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x8d4, 0x10}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x9, 0x5, &(0x7f0000346fc8)=@framed={{0x18}, [@alu={0x8000000201a7f19, 0x0, 0x201a7fa6, 0x48, 0x1, 0x14}], {0x95}}, &(0x7f0000000000)='GPL\x00', 0x0, 0xfb, &(0x7f00001a7f05)=""/251}, 0x48) 03:33:53 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x901, 0x0, @loopback=0x7f000001}, 0x10) 03:33:53 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0x1000000], 0x1}}, 0x1c) 03:33:53 executing program 2: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc)) ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000180)=0x10000000000062) read(r0, &(0x7f0000000080)=""/11, 0x2) r1 = epoll_create1(0x0) r2 = socket$xdp(0x2c, 0x3, 0x0) shutdown(r2, 0x1) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000140)={0x2010}) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f0000000480)) r3 = syz_open_pts(r0, 0x0) openat$mixer(0xffffffffffffff9c, &(0x7f0000000340)='/dev/mixer\x00', 0x0, 0x0) ioctl$TCXONC(r3, 0x540a, 0x0) 03:33:53 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x74880100, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:53 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x100000000000000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:53 executing program 0 (fault-call:8 fault-nth:66): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) 03:33:53 executing program 2: r0 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) r1 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000080)={0xffffffffffffffff}, 0x13f, 0x1001}}, 0x20) r3 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/net/pfkey\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_MIGRATE_ID(r1, &(0x7f0000000140)={0x12, 0x10, 0xfa00, {&(0x7f0000000040), r2, r3}}, 0x18) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000418f50)={{0x80}, "0a4ceaa05d9a00000000000000039b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42f376589701a4", 0xa9824f69d1376637, 0x10800a}) 03:33:53 executing program 5: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) keyctl$join(0x1, &(0x7f00000000c0)={0x73, 0x79, 0x7a}) r0 = creat(&(0x7f0000000600)='./file0\x00', 0x102) getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000640)={0x0}, &(0x7f0000000680)=0x8) setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(r0, 0x84, 0x19, &(0x7f00000006c0)={r1, 0xfff}, 0x8) r2 = open(&(0x7f0000000180)='./file0\x00', 0x2000, 0xf6) ioctl$KVM_GET_XSAVE(r2, 0x9000aea4, &(0x7f00000001c0)) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000000)={0x0}, &(0x7f0000000100)=0xc) sched_setscheduler(r3, 0x7, &(0x7f0000000140)=0xff) ioctl$KVM_GET_DEBUGREGS(r0, 0x8080aea1, &(0x7f0000000700)) ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f00000005c0)=0x14000) 03:33:53 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0x65580000], 0x1}}, 0x1c) 03:33:53 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xa000000, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:53 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x1a000, 0x0, @loopback=0x7f000001}, 0x10) 03:33:53 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x5101000000000000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:53 executing program 7: r0 = socket$inet6(0xa, 0x803, 0x0) r1 = add_key$keyring(&(0x7f0000000080)='keyring\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a, 0x1}, 0x0, 0x0, 0xffffffffffffffff) r2 = geteuid() r3 = getgid() keyctl$chown(0x4, r1, r2, r3) setsockopt$sock_int(r0, 0x1, 0x2e, &(0x7f0000000100), 0x4) getsockopt$IP_VS_SO_GET_TIMEOUT(r0, 0x0, 0x486, &(0x7f0000000000), &(0x7f0000000040)=0xc) ioctl(r0, 0x3ff000, &(0x7f0000000140)="2665815bb9b8f99bea47f61e8aa282ce126dde") 03:33:53 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000000)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x80002, 0x0) r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/pfkey\x00', 0x40101, 0x0) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f00000001c0)=0x4, 0x4) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0xa}, 0x1c) sendto$inet6(r1, &(0x7f0000000300), 0xfd90, 0x400806e, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @ipv4={[], [0xff, 0xff], @multicast2=0xe0000002}}, 0x1c) ioctl$SNDRV_CTL_IOCTL_PVERSION(r2, 0x80045500, &(0x7f0000000240)) write$binfmt_misc(r1, &(0x7f0000000140)={'syz1'}, 0x4) setsockopt$SO_VM_SOCKETS_BUFFER_MAX_SIZE(r2, 0x28, 0x2, &(0x7f0000000300)=0x1, 0x8) r3 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x2, 0x0) setsockopt$inet_sctp_SCTP_AUTO_ASCONF(r3, 0x84, 0x1e, &(0x7f0000000100)=0xdb, 0x4) ioctl$sock_inet_SIOCSIFPFLAGS(r2, 0x8934, &(0x7f0000000200)={'tunl0\x00', 0x8}) inotify_add_watch(r2, &(0x7f0000000280)='./file0\x00', 0x390) [ 566.799590] FAULT_INJECTION: forcing a failure. [ 566.799590] name failslab, interval 1, probability 0, space 0, times 0 [ 566.810901] CPU: 0 PID: 9128 Comm: syz-executor0 Not tainted 4.18.0-rc4-next-20180713+ #7 [ 566.819221] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 566.828576] Call Trace: [ 566.831171] dump_stack+0x1c9/0x2b4 [ 566.834820] ? dump_stack_print_info.cold.2+0x52/0x52 [ 566.840104] ? zap_class+0x740/0x740 [ 566.843833] should_fail.cold.4+0xa/0x11 03:33:53 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0xffffffe0, 0x0, @loopback=0x7f000001}, 0x10) [ 566.847902] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 566.853016] ? perf_trace_lock+0xde/0x920 [ 566.857173] ? lock_downgrade+0x8f0/0x8f0 [ 566.861335] ? perf_trace_lock+0xde/0x920 [ 566.865489] ? zap_class+0x740/0x740 [ 566.869215] ? zap_class+0x740/0x740 [ 566.872936] ? lock_downgrade+0x8f0/0x8f0 [ 566.877092] ? trace_hardirqs_on+0x10/0x10 [ 566.881339] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 566.886375] __should_failslab+0x124/0x180 [ 566.890623] should_failslab+0x9/0x14 [ 566.894432] kmem_cache_alloc+0x47/0x760 03:33:53 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f00000000c0)="025cc83d6d345f8f762070") mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fuse\x00', 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000000400)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id', 0x3d}, 0x2c, {'group_id', 0x3d}, 0x2c}) read$FUSE(r1, &(0x7f0000001000), 0x1000) write$FUSE_INIT(r1, &(0x7f0000000100)={0x50, 0x0, 0x1, {0x7, 0x1b}}, 0x50) open$dir(&(0x7f0000000180)='./file0/file0\x00', 0x189c00, 0x0) read$FUSE(r1, &(0x7f0000001000), 0x1000) write$binfmt_aout(r1, &(0x7f0000000480)={{0x108, 0x1, 0x9, 0x77, 0xa9, 0xfffffffff10eebf5, 0x301, 0x32}, "c6a84ee683facc1f9a51c30cadf6407b3223426f409bf3f4a0c7ed84ae73391af0fa472790d8022d5f3a4abfbe2073e7346323903330cfafe54d509546da7083e2164c2c3314ebab822838730f2588056c5ad344630c37b5031e2de466167b220f41510c84511318a1bcdc9d30fc55eab0087b18a1f55566f0b12d437f515eecb91d1bb32fa103fa05270142de5e419f02acc5e915ca0e01f4027a87f588b6e6b9d1", [[], []]}, 0x2c2) write$FUSE_ENTRY(r1, &(0x7f0000000340)={0x90, 0x0, 0x2, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1bd4}}}, 0x90) 03:33:53 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0xfffffffe, @loopback=0x7f000001}, 0x10) [ 566.898504] ? lock_acquire+0x1e4/0x540 [ 566.902483] ? is_bpf_text_address+0xae/0x170 [ 566.906982] ? lock_downgrade+0x8f0/0x8f0 [ 566.911137] radix_tree_node_alloc.constprop.19+0x1e6/0x310 [ 566.916856] idr_get_free+0x887/0x10d0 [ 566.920755] ? radix_tree_iter_tag_clear+0xd0/0xd0 [ 566.925695] ? __kernel_text_address+0xd/0x40 [ 566.930196] ? unwind_get_return_address+0x61/0xa0 [ 566.935132] ? __save_stack_trace+0x8d/0xf0 [ 566.939465] ? save_stack+0xa9/0xd0 [ 566.943095] ? save_stack+0x43/0xd0 [ 566.946728] ? kasan_kmalloc+0xc4/0xe0 [ 566.950622] ? kasan_slab_alloc+0x12/0x20 [ 566.954780] ? kmem_cache_alloc+0x12e/0x760 [ 566.959097] ? __kernfs_new_node+0xef/0x5a0 [ 566.963402] ? kernfs_new_node+0x80/0xf0 [ 566.967531] ? kernfs_create_dir_ns+0x3d/0x140 [ 566.972097] ? sysfs_create_dir_ns+0xbe/0x1d0 [ 566.976577] ? kobject_add_internal+0x35c/0xad0 [ 566.981226] ? kobject_add+0x13f/0x1b0 [ 566.985101] ? device_create_groups_vargs+0x1ff/0x270 [ 566.990272] ? device_create_vargs+0x46/0x60 [ 566.994665] ? bdi_register_va.part.12+0xc3/0x9c0 [ 566.999487] ? bdi_register_va+0x68/0x80 [ 567.003531] ? super_setup_bdi_name+0x12d/0x240 [ 567.008184] ? super_setup_bdi+0x7f/0xb0 [ 567.012230] ? v9fs_mount+0x268/0x900 [ 567.016038] ? vfs_get_tree+0x1cb/0x5c0 [ 567.019995] ? do_mount+0x6c1/0x1fb0 [ 567.023695] ? ksys_mount+0x12d/0x140 [ 567.027480] ? __x64_sys_mount+0xbe/0x150 [ 567.031610] ? do_syscall_64+0x1b9/0x820 [ 567.035664] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 567.041027] idr_alloc_u32+0x1d4/0x3a0 [ 567.044903] ? __fprop_inc_percpu_max+0x2d0/0x2d0 [ 567.049740] ? lock_acquire+0x1e4/0x540 [ 567.053705] ? __kernfs_new_node+0x116/0x5a0 [ 567.058102] idr_alloc_cyclic+0x173/0x360 [ 567.062232] ? idr_alloc+0x1b0/0x1b0 [ 567.065930] ? kasan_check_write+0x14/0x20 [ 567.070149] ? do_raw_spin_lock+0xc1/0x200 [ 567.074370] __kernfs_new_node+0x1ab/0x5a0 [ 567.078588] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 567.083328] ? kmem_cache_alloc_trace+0x152/0x780 [ 567.088158] ? lock_acquire+0x1e4/0x540 [ 567.092116] ? kobject_add_internal+0x31c/0xad0 [ 567.096769] ? lock_downgrade+0x8f0/0x8f0 [ 567.100902] kernfs_new_node+0x80/0xf0 [ 567.104773] kernfs_create_dir_ns+0x3d/0x140 [ 567.109173] sysfs_create_dir_ns+0xbe/0x1d0 [ 567.113478] kobject_add_internal+0x35c/0xad0 [ 567.117957] ? kobj_ns_type_registered+0x60/0x60 [ 567.122705] ? lock_downgrade+0x8f0/0x8f0 [ 567.126839] ? refcount_add_not_zero+0x330/0x330 [ 567.131578] ? kasan_check_read+0x11/0x20 [ 567.135708] kobject_add+0x13f/0x1b0 [ 567.139403] ? kset_create_and_add+0x190/0x190 [ 567.143970] ? mutex_unlock+0xd/0x10 [ 567.147668] device_add+0x3c4/0x16f0 [ 567.151367] ? kasan_kmalloc+0xc4/0xe0 [ 567.155239] ? device_private_init+0x240/0x240 [ 567.159803] ? kfree+0x15e/0x260 [ 567.163154] ? kfree_const+0x5e/0x70 [ 567.166855] device_create_groups_vargs+0x1ff/0x270 [ 567.171856] device_create_vargs+0x46/0x60 [ 567.176086] bdi_register_va.part.12+0xc3/0x9c0 [ 567.180738] ? lockdep_init_map+0x9/0x10 [ 567.184790] ? cgwb_kill+0x640/0x640 [ 567.188491] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 567.194018] ? bdi_init+0x3d0/0x4d0 [ 567.197634] ? wb_init+0xa00/0xa00 [ 567.201167] ? kasan_unpoison_shadow+0x35/0x50 [ 567.205732] ? kasan_kmalloc+0xc4/0xe0 [ 567.209615] ? kmem_cache_alloc_node_trace+0x302/0x770 [ 567.215057] bdi_register_va+0x68/0x80 [ 567.218934] super_setup_bdi_name+0x12d/0x240 [ 567.223413] ? kill_block_super+0x100/0x100 [ 567.227722] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 567.233253] ? ns_capable_common+0x13f/0x170 [ 567.237651] super_setup_bdi+0x7f/0xb0 [ 567.241525] v9fs_mount+0x268/0x900 [ 567.245137] ? v9fs_drop_inode+0x150/0x150 [ 567.249369] legacy_get_tree+0x118/0x440 [ 567.253432] vfs_get_tree+0x1cb/0x5c0 [ 567.257219] do_mount+0x6c1/0x1fb0 [ 567.260750] ? check_same_owner+0x340/0x340 [ 567.265056] ? lock_release+0xa30/0xa30 [ 567.269020] ? copy_mount_string+0x40/0x40 [ 567.273237] ? kasan_kmalloc+0xc4/0xe0 [ 567.277112] ? kmem_cache_alloc_trace+0x318/0x780 [ 567.281938] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 567.287465] ? _copy_from_user+0xdf/0x150 [ 567.291597] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 567.297377] ? copy_mount_options+0x285/0x380 [ 567.302348] ksys_mount+0x12d/0x140 [ 567.305961] __x64_sys_mount+0xbe/0x150 [ 567.309919] do_syscall_64+0x1b9/0x820 [ 567.314310] ? syscall_slow_exit_work+0x500/0x500 [ 567.319137] ? syscall_return_slowpath+0x5e0/0x5e0 [ 567.324059] ? syscall_return_slowpath+0x31d/0x5e0 [ 567.328973] ? prepare_exit_to_usermode+0x291/0x3b0 [ 567.333971] ? perf_trace_sys_enter+0xb10/0xb10 [ 567.338629] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 567.343462] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 567.348647] RIP: 0033:0x455ab9 [ 567.351814] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 567.371022] RSP: 002b:00007ff52b1d3c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 567.378712] RAX: ffffffffffffffda RBX: 00007ff52b1d46d4 RCX: 0000000000455ab9 [ 567.386050] RDX: 0000000020000900 RSI: 0000000020000000 RDI: 0000000000000000 [ 567.393300] RBP: 000000000072bea0 R08: 0000000020000140 R09: 0000000000000000 03:33:54 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0xab010000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:54 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0x13], 0x1}}, 0x1c) 03:33:54 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x500, @loopback=0x7f000001}, 0x10) [ 567.400552] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 567.407804] R13: 00000000004c0201 R14: 00000000004cfe50 R15: 0000000000000042 03:33:54 executing program 2: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") perf_event_open(&(0x7f000000a000)={0x4, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffeffffffff}, 0xa000003fe, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair(0x11, 0x80000, 0xfffffffffffff001, &(0x7f0000000000)) mount(&(0x7f00008deff8)='./file0\x00', &(0x7f0000343ff8)='./file0\x00', &(0x7f000015bffc)='nfs\x00', 0x0, &(0x7f000000a000)) 03:33:54 executing program 0 (fault-call:8 fault-nth:67): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) 03:33:54 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xffffffff87e00000, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:54 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0xd603], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:54 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0x2], 0x1}}, 0x1c) 03:33:54 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x9, @loopback=0x7f000001}, 0x10) 03:33:54 executing program 7: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)=':cgroup,@\\posix_acl_access!\x00'}, 0x10) ioctl$GIO_CMAP(r1, 0x4b70, &(0x7f0000000240)) ioctl$BINDER_GET_NODE_DEBUG_INFO(0xffffffffffffff9c, 0xc018620b, &(0x7f0000000140)={0x0}) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000200)={0xb8, 0x0, &(0x7f0000000340)=[@transaction_sg={0x40486311, {{0x0, 0x0, 0x3, 0x0, 0x1, 0x0, 0x0, 0x18, 0x30, &(0x7f00000000c0)=[@flat={0x73682a85, 0x0, r2, 0x4}], &(0x7f0000000100)=[0x38, 0x38, 0x40, 0x28, 0x20, 0x78]}, 0x6}}, @clear_death={0x400c630f, 0x1, 0x3}, @increfs={0x40046304, 0x2}, @request_death={0x400c630e, 0x0, 0x3}, @reply={0x40406301, {0x2, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, &(0x7f0000000140), &(0x7f00000001c0)=[0x78, 0x38, 0x30]}}], 0x85, 0x0, &(0x7f0000000400)="704d130e3e419a97bdb68ae6e8e4102a697be7e0d61889d184e90e5d13687716a48c6ec808b91d542d537d7cc074e321754c0c83f39ed15c92cc33d57ce6b9ab92d2d9b10ebb49dad9d99abadf3f31ed3cc832a6d5908d300d68c779a8c83814e47f3b3274da50ca999af0c989c5a8725442b32443f7a728a0c4fbae5610bd2ca92d7b9074"}) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r3, r4, &(0x7f0000009000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f00000002c0)="366536f26f660f22c066b871e5ee230f23c80f21f86635040030000f23f80f38f0b7cedb66b9ab0a000066b80300000066ba000000000f300f01cf66b8b4c800000f23d00f21f866353000000f0f23f8ba410066ed66b9be09000066b80000000066ba008000000f30f30f001e0000", 0x6f}], 0x1, 0x24, &(0x7f00000001c0), 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) finit_module(r3, &(0x7f0000000080)='vboxnet0:cpuset]\x00', 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2) [ 567.516634] xprt_adjust_timeout: rq_timeout = 0! 03:33:54 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) close(r0) r1 = syz_open_dev$audion(&(0x7f0000000080)='/dev/audio#\x00', 0x2, 0x80140) getsockopt$IPT_SO_GET_INFO(r1, 0x0, 0x40, &(0x7f00000000c0)={'raw\x00'}, &(0x7f0000000140)=0x54) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000001c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'lrw(serpent)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000000)="ad56b6c5820faeb995298992ea54c7be", 0x10) r3 = accept$alg(r0, 0x0, 0x0) io_setup(0x1, &(0x7f0000000040)=0x0) sendmsg$alg(r3, &(0x7f00000013c0)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000240)="7bcc529192a46c7d6737a4e70c9b3ac608c589afc046cdf381bf6b98224610f0d5fea23a3365663d9130a073e70f3c9e7124cb27ba803154865e8809d4d43b6439e1be"}, {&(0x7f0000000880)="0200000000cf0a9f90b3cdffdead47b743664e79c3e6b1afcaeb0ee5494db2b694cc29c822b21d7af1728699599f468800d0440f114242e655ee261c9c3a80e688dc8e3a58e836760f17653506f9b4c776ad2f5443f5aa69542e946fc7378994ffaf09e9ecfbae5961113511633afb441bdfd7a001e211b46cc9c996b6cbcfb1e4c88c999cb07bb1558e95da93d84166cfcab4cae2bb7e6c3926e43985cdc01ec9c2b1b2829acfa131d85753de1c95fd5aa1fbf39d8a0a57b8c7c6c5367c27cdd93c899e6a088aa8662fec24b3d6321fbb10120e1b09939d1fd454"}, {&(0x7f0000000700)="89a90c7f05d3aee72cba78377ba72b60323aa8a6680d02e84c58dd2198af88ca860cb02d057796be51d44a44b9af57b8420055bf548ad9181170dd18466ffcdc6faeb06b133245486dae09797a2374", 0x73}, {&(0x7f0000000340)="08ee2e89d567c6ca04a9fe7381ecd5186ba42696b25d9f9e568a69d375668b9aeef2d588bc046bf560f833921f7bc6eab600dc077e49890ad907347337290bd3c96644e5cb4adb532351d56dddb0e122d023eebcbaeaf0dce8168a61e493897b67a3570ff3a4d3c0127595a5754603f4503471342abd7af67efda27ebcf50db7d88826e1756c3b692e6fec883f98eabcf2d65222728f2e47225b56423472817940c46a2588cae81fb0e8c131b3ebc57d3a65b1f7e0e3b18b42bfe487cc6ea92c89623c90f55a8c9e"}, {&(0x7f0000001400)="f68c277d45dc3b81236ed18b049bfff946ed0565ebead558b64052f9470bcdf3f8e430c93c18a1bd92bd41846b277bfdf57e64944077d2e56166ea6e4660eba7e1223db37b82bfa6b2f4271b0f9d5d9ff98477ad16076a80bc5ac42b916370eb172f0323694dad0061069890ccaccd4f7561df2dde5b1916f1a129c7880761e3df383e48fbfbd26f09853558e9c4c1db321b81cd260a4f1378e88e6c3bf84e1e570e67b4a50d61484518fb3126bde5637477e94da603c511629957af568b00e258cca11a558eb3b411bbab4c642d6efe83281c89ee8673d5228d1c095851c997ef2386af3ed40ad269d7a2f0018d07bc84fcf7bcb04f2dfaac7eea61a21d246406f578a16d4b66bdc8a3ce878a2d12fea1332b98a11004f50255c257ea8da5d3ce81523e46aac1f05a3aad48dc16156d84acb22fa7e95f5900f80bbb4751d82ac8e170b41dea8452ea3515d29b01d82222894d9ee5b52b660ec0f61068687b7f38a80c423323b7988633f0827d65aeb5a5c687bb6669a36d55ebdfb1a23c89e695e45ebb9d8c0c852923e671343710da5d02adb11103e901f9deedfb23ed6dc04fb30756e692af76aa2b462e0b9283b7f2cc75f24f940037d1011c662787b518f693f2b0385c03a118e1e3e0ba2f9335558ff6aced1ef4f79adc06869f887e436c61d8feabbfaa6192dc770ce6406754f9d4b70f2ba67762e15c7b75b014039d61fa42fbb001839e2fd63c6558211bc6e2c2ea865845d48c9e3d0f09f1b99dff86e1cb165494e7571875e4f09f0ce8fc1603f3d3b8866e2b15e30496688cffd79e389777ade24e1150e0dbbd478911bdb2945019e0a74cc0e2e08fa171b193ceaf4906927b21374ed4df4bfbab6761c16c3d0df72c097b6ed9d82d388e4b59a79ad590c3d30826352a96704ad81e3a7f65fa789e336f716dec14922cd21fdef2fc9bb62834d0aa9cf521f9fd99808d6644c6601e5d51136cd06e57d8917c7d9ae7f5f0df40fd94623d6992e812f5d62a79d5c1d00b5272f54242a86ce81b12726e93d7f1a8c08efe7dcf35ef4a6164b15eed2eff09fbd2224a2048b305345fbf6360895d1d8ceebd7add8ea132957777144b48e8fe7513e638868692f15903739384dc40140bfae5484a8a74365fb82028a36bba9cc86909e4347f3d4269a3d81f9cb232a8c358d702b7d305236f4984d396f448c6dadcfa903b427eda6bee17b32a35bd6447651463b1681ace84b03502dae2a7a37f1639a497373588503b3043be7c54a1edf9d6a88621094fa4b8de534c0538ac3361272d3652b89cb0480260d5ae9688b7c25ca201e62d2eaa42017b4a3a9bde5f37b85cec3162651400c50f5008944115e9999fc1f1d43d3f3222616eb15648e36aea4d1c1a35259cdc6c0ed7905e5c17d89b1828b4dca3f8f66f751b45e8f591c188dc6acb58ddb821b36466431491b8717c4e904e544588ec518bd852d8f11ec3c0bf9643b628e8ae6d0b06fc804402162cc81b6740c2848e59038931ca5e080395c24fd02afcb5a3248200a11679462afbe55b40657daabd9dacd7acded820253a347d2c841a270cab7e1691a44a4a790cd1cda09ba0f531d0da9eb08e0339d4035273ba59d46b843616cef0373b8ad62eae8988d642714c5133379235da10190eb9ac1d89964e7b5616eac4b21afa45b20809f39941ae6efa96b0ee8f3ed578a53d32a258dfc179f14b82dcb5bd15ae0c98a8e8dcc9c7d66d031c48359dbd83c272cdf97f2097e6ccf8f232855e6f189580be67f3535f1b41668776c4cece85c4b0ab5586fc81eaf20b2b447ab99f2eb7a9d66764d96b1f6579c584a165a52442eba568e0d0c323d4477cb793d586800129527f56abff132843cdd707d2b6f7596e70874f5cd4f7fceddb7bd98aec068064f73f1b8b60660111b000aa124c69741b2e0f4599dc6920fd3534c96ac7dd9f17c31f5f1a919e21f6c7fe8f1a5d31b193576091f5a369c455b7dec59afd1f1d4edde7f1b98c8cacd981898cffa493ba632ec6ca3fe5496cede6693bf833e81cc68db241f9dfd34fed0a328b8cf7f5d5ed4a88ce042fc62125cc6d53d6a3eadc56a64c71dc8ff77bcc2d298035d34f53a3d0de712d05f71a2c8070e92297932b4994d64823d8753a18fd2adeb9c09646cbd37604a49c617c16151dfe7b912b27c597d883303e82663c45c722daf1588aa4db38cd79d9302eb68259c6b64e3fc403dc7aa62002e68443f8d300764070ce1e4487a4f3876b21ffd42c341faa521081234d2a4852446c1832c4716a4c74e3eb2f4f1dd4ad13cb6854c5926383c9b7056a8254ce862ef5f9500d26e72e879c365b794847c9ffaa28f2474391318af9cdfb97221583fc6c4e86813ccd9d92e16c1e07e3a75cb00eac7b9803d32aa07916a3934475fc83f5449ac4425b1d6d1d99f212cc68068a51657eaf7cd60603c6a28ee628c33600a0bfd65b708daba73d4f10ff20dd60c50d4abc65650a0c02fedc2ca620e27a562b51beb54bfa3ca64dd8661e6d979f2f8c24ddb044d9fe739e50bf6cb8b31297f82c05a45cd4f336685a68efb745aa30cde819fb843788fdf1338cb702945046334afeb7f7833a11b191fd5c9a3e07cede76757e31708fd5f18c8638db030ec8d2a97698fb02a46f02bbd7a949ac33454f985dad7d1199031eba53942888f3128d90ecf62b3787c6b45d6d4b5217f15a7571b0e4e3ad682fb1efb6b225475af14278fffa1afa888af96a544bf3f60d80e947ca5f0c29d41ef7d9ac3a93440d5ec2bfad25aa4f3c9fbca725e92d20df1d812a78642f0a39bd85e0b9522d5e07288119640ec9da07b8971d021fdbcc2dfb55579d9bf66eacc8f51a3702b9ad6a0d9f8fd349650a9ec7652ca3f7e6062be74412bbfaad7fe2586cdb8ba8174c6aee1c9757683d3bced461e9d88d71e87934bcc59a597bffbed08c0ea6dacc473c26fcfb1299315887dba1c112fde5078c6a72b3bbe8da8f17655a4668467f73b341e7dca15337f207d6a1c5028adc77658adfe7c775148c2dcc3599935ada872f9a81955f7f876f6923a7f9f3200d02b821c90fe9b2ac79764cca91d7146b54fd759d6e44b15a241e364df6765aa5acb27cf117a53319c54c990c1cb77f93463a7a981c0b3bca589db80a2729c90e4057d9c617853f882e19f4a426297ab8b34fd416d2389f4b5d91d6f4e05a019af75db2507460a79ffa65018592b525355fc89949dcd9da6993018e3514221ba9155d79b91a27d61d8faa17de09bfe76ce38a212bded6fe56cbecfff25fed58111ed6bc549b46d43e433f9577efd00151a7e819f493210ae626a7fb1f9d0ec7b72d0d4a70b96078a43d5b85b8ce6833e0605eb7bb316907e21635653ec164d5dd1ea24065c58ce52c3566a6266031ba3def0e5eb7e58c234908c296269e894ba084b8fd829b91e4b70f6d5b5734b1f5b45d48ec6cc7c6e136e68b28dec7ed72527223dcec12ec7621eafa10c2d42e525eb475852667afa036be354f54e3c5012cc78b8a12f5c9894c635cbb725dbb52520153e469b20db07610f4ce5112717c91a90ec446c7b61c4cb48d42c5aa928048f5e8a02b506e7ba128855e6cdadda91b42dfb2e0133ce5033db2f867e24eb65fb77320386740d126592e66bf04f3ec074c000b4ba44306088f8871e0abb21bb6194658d5b8a910af46fcd6b27a0fabcd7ea33e71922e177992ef9c15579fc774223aacd94302c5824305c0b15bc54e390c48a3c9772b1686c46ea240c9697b22470dbfd7bd2dc921fb0ac790ffeea3a2b723cb24513f072307d84fa4cd785692ddabb4f99535c33c3eeb0e1c693296fd40c8bba028afa0704e4ce56e470e6de506b40bb88d66236928c09bd5c55e0bc9c43f556deddcc42d638a6ae9e83da0895c610c20717550f8b68704b5657dc9540b231df45365ba29ed5cbe5f2926ddd18f1fab328b7810406aeadb393c05382dfb71dab8d0838841eec1917b245a71ef56bc78cfec4f063ea1f5bc2090ab5df7b7903937bda6c8ff3f4ed28de87eab9f572117dd84438f6499667d523bac4c1214cb96cc3660490b14488169689f440a9617ed1b4a6c97ab7a2024b0387249ddd29bf4c7011a1f552d5be3ca70423232c42d7382a07581e173c461022d227b9af904625b1d926c0d619081b760003f4a8bd0175e455c252eca02f8edb39530839f271b6d590dda0197c3a4dd859c13f75cf884ec093092b7a5b38ba6d21deb8b88461ad045739259cfcfe7fc077f9cfad823f63bf91126ccf0f9b1087333de254159e3a8b2552d606511df38665b31279df890e4ba349ba1b4163a864d9b794ff46b0cbe1f029afb3a7aacaf678e64eca28098426870ba46763e1574402586387ae1ce6e98759b6a9a5d6819dbe2fe5f4a9cfaec446e1dd8f40d9fe5ff641054ae1b67de94a08f43f1dc2b28e5bbf541fab5f6e63bb101719073b45c4611ba87ea48f800573070d55d738806ffeed20050f2d45b07d3407983941ae7be5c4a7e33cf7917c5a67d116ae5a40cb449d894e051d91b042e41b3093743fbc60ccebeedca42a98d5cd5b81d66184f8c7b0a52bd4c015f701f901e065875ffa2d4d61f3f00c2fb1720b6562648f355104e3f3399481dd7fe0e958e63975fe6eaaa22531da447487a01342da43f9e7e81c9c6bbd0f55279de75926c4c742e486bfd5972ef5898b8945ba4e9ed9a848194ba81800300249924426cc3bbd650720e7258292cf8ed851f2c9d1dd0e027fdb2e1aee399870140e4e96e52f29e12cd97a437098367904e51ff970a35b26dc80bdc35a074594ef357a5e0fa2dcd15672e1de8f0b3d56dc66ac3f2f03221eed9b6b70111436217e5505e6e11cb1a9318b25ce589918a2a9201cfd27fc75621036669fca19f4aadfd5b540a1777e737dfb9015bed60771e0f7b4d3955fb8aa0ab9a0a1764d6dae68c16250750d9421750c1d658dcedb21402798f74bd79ea22e542d5069a4db383637199022a1a874b21778be93837fca33b696a1bf61ee44ebfe729f4ae2435038ca4a02ffe309c2c5214b14c66e2ec63ac86b8772930f051b3e57ef4b56a7344a2e826124a9c7840579e7f4609c71dd0690db79c3b92a2d257f1aa6d314c2334e79745f88e1781e99a319006f03c7d2fb4961149d363d1d77829c8ccd401134c4a82eda04c206f39bb64852b2a0b80186ef6f1a01b75da7c7df5920a8b714b17d5372509682e48952fff3def7bf212d1b05aebc9096e33346ffbb1bc30258c766f001ea8c78d673b206876beaabd0729419dea97fcf4a2101c9bae4356a2565e59c17dbfc9c9b0e7e7bd549201adcedb3dbd86fa65c46249163f93d7a9cfc20d1bd5b909f85294d1e0428d543a6ac6cb4809efab6c0fbf93ff6a4f20ca8a1117a769aa1d242e62e014cbb6e7e27966de91e87a594d6548ebb9cd1e040ab2e34bd3cc16d67d81a5f0f488bc9d34b62d6f5cc39f7d389390ce51a6deb3df52e5f5ce77a24500d3f189bc0114fe8ad5936baee8cb739ccdb6006a64f74bd6e58ff60d2a287e9648921a4376823bbb2c9acce1a627d68de7a5f1cd75e5062f2a301a3db062b55bf1c54c8bf04ebc36845fd13601d543da4955464810ad208802f453b599c93dbba88101cb1432ba3f98b6dac86e9829dd79fb2f47fd9e1732040cfb80e67ee4c5c90a0a3e3a839ff62b101dc91cb46ef1eab7899e9ebe66d664c5b42b9c2b97c57f577bfc73241d6833fa540feba839d04e7397384a3f2ff48517c3269d14062254479e4d01c53c8042a82093"}, {&(0x7f0000000540)="0019afcf0e7a1fe21bbdbd5ff3f4b6f0ca33907c99ad8f26faf2bcc6e6c56241d45067a48b33ca8f57eae73990e0f6c5c998bfdeb145dd8f17eadbf5205f39939964e521b171e5f6c322c0d920104f18caa339fa08141bb05d2ec3483c7cc6a152ae869affffffffffffffff3db408b84dbbefcd4dfb9927f44d9e47fec31c3e355d7f0859b846687cfa635a5c32f077d8169e5d0632a8eac7e39da1"}], 0x0, &(0x7f00000004c0), 0xffffffffffffff67, 0x40010}, 0x0) io_submit(r4, 0x1, &(0x7f0000bd9fe0)=[&(0x7f0000617fc0)={0x0, 0x0, 0x0, 0x0, 0x0, r3, &(0x7f0000000500)='\x00', 0x1}]) 03:33:54 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0x8848000000000000], 0x1}}, 0x1c) 03:33:54 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x1886b, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:54 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0xff00000000000000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) [ 567.649346] FAULT_INJECTION: forcing a failure. [ 567.649346] name failslab, interval 1, probability 0, space 0, times 0 [ 567.660614] CPU: 1 PID: 9213 Comm: syz-executor0 Not tainted 4.18.0-rc4-next-20180713+ #7 [ 567.668930] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 567.678283] Call Trace: [ 567.680876] dump_stack+0x1c9/0x2b4 [ 567.684512] ? dump_stack_print_info.cold.2+0x52/0x52 [ 567.689704] ? __mutex_lock+0x6c4/0x1680 [ 567.693779] should_fail.cold.4+0xa/0x11 [ 567.697851] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 567.702964] ? __mutex_lock+0x6c4/0x1680 [ 567.707035] ? kernfs_add_one+0x4f/0x4d0 [ 567.711116] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 567.716666] ? trace_hardirqs_on+0x10/0x10 [ 567.720911] ? radix_tree_iter_tag_clear+0x97/0xd0 [ 567.725848] ? radix_tree_iter_replace+0x49/0x60 [ 567.730611] ? kernfs_add_one+0x2d4/0x4d0 [ 567.734764] ? lock_acquire+0x1e4/0x540 [ 567.738746] ? fs_reclaim_acquire+0x20/0x20 [ 567.743062] ? lock_downgrade+0x8f0/0x8f0 [ 567.747207] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 567.752133] ? check_same_owner+0x340/0x340 [ 567.756438] ? do_raw_spin_unlock+0xa7/0x2f0 [ 567.760850] ? rcu_note_context_switch+0x730/0x730 [ 567.765766] ? kasan_check_write+0x14/0x20 [ 567.770000] __should_failslab+0x124/0x180 [ 567.774228] should_failslab+0x9/0x14 [ 567.778018] kmem_cache_alloc+0x2af/0x760 [ 567.782160] ? __kernfs_new_node+0x426/0x5a0 [ 567.786570] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 567.791586] __kernfs_new_node+0xef/0x5a0 [ 567.795733] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 567.800479] ? lock_acquire+0x1e4/0x540 [ 567.804453] ? sysfs_do_create_link_sd.isra.2+0x82/0x130 [ 567.809886] ? lock_downgrade+0x8f0/0x8f0 [ 567.814033] ? kasan_check_read+0x11/0x20 [ 567.818160] ? do_raw_spin_unlock+0xa7/0x2f0 [ 567.822550] kernfs_new_node+0x80/0xf0 [ 567.826418] kernfs_create_link+0x33/0x180 [ 567.830636] sysfs_do_create_link_sd.isra.2+0x90/0x130 [ 567.835893] sysfs_create_link+0x65/0xc0 [ 567.839937] device_add+0x4a1/0x16f0 [ 567.843640] ? kasan_kmalloc+0xc4/0xe0 [ 567.847518] ? device_private_init+0x240/0x240 [ 567.852082] ? kfree+0x15e/0x260 [ 567.855428] ? kfree_const+0x5e/0x70 [ 567.859121] device_create_groups_vargs+0x1ff/0x270 [ 567.864120] device_create_vargs+0x46/0x60 [ 567.868349] bdi_register_va.part.12+0xc3/0x9c0 [ 567.872996] ? lockdep_init_map+0x9/0x10 [ 567.877052] ? cgwb_kill+0x640/0x640 [ 567.880748] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 567.886349] ? bdi_init+0x3d0/0x4d0 [ 567.889954] ? wb_init+0xa00/0xa00 [ 567.893475] ? kasan_unpoison_shadow+0x35/0x50 [ 567.898051] ? kasan_kmalloc+0xc4/0xe0 [ 567.901926] ? kmem_cache_alloc_node_trace+0x302/0x770 [ 567.907191] bdi_register_va+0x68/0x80 [ 567.911071] super_setup_bdi_name+0x12d/0x240 [ 567.915555] ? kill_block_super+0x100/0x100 [ 567.919868] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 567.925384] ? ns_capable_common+0x13f/0x170 [ 567.929773] super_setup_bdi+0x7f/0xb0 [ 567.933662] v9fs_mount+0x268/0x900 [ 567.937282] ? v9fs_drop_inode+0x150/0x150 [ 567.941497] legacy_get_tree+0x118/0x440 [ 567.945542] vfs_get_tree+0x1cb/0x5c0 [ 567.949325] do_mount+0x6c1/0x1fb0 [ 567.952843] ? check_same_owner+0x340/0x340 [ 567.957144] ? lock_release+0xa30/0xa30 [ 567.961100] ? copy_mount_string+0x40/0x40 [ 567.965326] ? retint_kernel+0x10/0x10 [ 567.969210] ? copy_mount_options+0x1f0/0x380 [ 567.973686] ? __sanitizer_cov_trace_pc+0x48/0x50 [ 567.978512] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 567.984042] ? copy_mount_options+0x285/0x380 [ 567.988526] ksys_mount+0x12d/0x140 [ 567.992141] __x64_sys_mount+0xbe/0x150 [ 567.996107] do_syscall_64+0x1b9/0x820 [ 567.999979] ? finish_task_switch+0x1d3/0x870 [ 568.004468] ? syscall_return_slowpath+0x5e0/0x5e0 [ 568.009380] ? syscall_return_slowpath+0x31d/0x5e0 [ 568.014290] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 568.019298] ? prepare_exit_to_usermode+0x291/0x3b0 [ 568.024302] ? perf_trace_sys_enter+0xb10/0xb10 [ 568.028951] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 568.033777] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 568.038949] RIP: 0033:0x455ab9 [ 568.042116] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 568.061318] RSP: 002b:00007ff52b1d3c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 568.069020] RAX: ffffffffffffffda RBX: 00007ff52b1d46d4 RCX: 0000000000455ab9 [ 568.076276] RDX: 0000000020000900 RSI: 0000000020000000 RDI: 0000000000000000 [ 568.083525] RBP: 000000000072bea0 R08: 0000000020000140 R09: 0000000000000000 [ 568.090778] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 568.098040] R13: 00000000004c0201 R14: 00000000004cfe50 R15: 0000000000000043 03:33:54 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000eccfa8)={0x26, 'aead\x00', 0x0, 0x0, 'gcm(aes)\x00'}, 0x58) ioctl$sock_inet_SIOCSIFNETMASK(r0, 0x891c, &(0x7f0000000040)={'dummy0\x00', {0x2, 0x4e22, @multicast1=0xe0000001}}) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f000048f000)="ad56b6c5824c8eb995298992ea54c7beef9f5d56530f90c2", 0x18) r1 = accept$alg(r0, 0x0, 0x0) sendmsg$alg(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001580)=[{&(0x7f00000013c0)="df", 0x1}], 0x1, &(0x7f0000007000)}, 0x0) io_setup(0x14, &(0x7f0000000080)=0x0) io_submit(r2, 0x1, &(0x7f0000bd9fe0)=[&(0x7f0000c2bfc0)={0x0, 0x0, 0x0, 0x8, 0x0, r1, &(0x7f000007d000)}]) 03:33:54 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x400300, @loopback=0x7f000001}, 0x10) 03:33:54 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0xd603000000000000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:54 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x6f880100, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:54 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x1, 0x0) r2 = shmget$private(0x0, 0x2000, 0x1000, &(0x7f0000013000/0x2000)=nil) shmctl$IPC_RMID(r2, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r3 = userfaultfd(0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000002000)={0xaa}) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r4 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r4, 0x0, 0x2000000000000004, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr}, 0xc) ioctl$sock_inet_SIOCGARP(r4, 0x890c, &(0x7f0000000140)={{0x2, 0x0, @loopback=0x7f000001}, {}, 0x0, {0x2, 0x0, @multicast1=0xe0000001}, 'erspan0\x00'}) close(r4) dup3(r1, r3, 0x0) 03:33:54 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0x1300000000000000], 0x1}}, 0x1c) 03:33:54 executing program 0 (fault-call:8 fault-nth:68): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) 03:33:54 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x4, 0x640001) getsockopt$XDP_MMAP_OFFSETS(r1, 0x11b, 0x1, &(0x7f00000002c0), &(0x7f0000000040)=0x60) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000240)=@broute={'broute\x00', 0x20, 0x1, 0x170, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000c0], 0x0, &(0x7f0000000080), &(0x7f0000000380)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff01000000110000000000000000006e72300000000000000000000000000079616d3000000000000000000000000079616d3000000000000000000000000076657468315f746f5f7465616d0000000180c2000000000000000000aaaaaaaaaa000000000000000000b0000000b0000000e000000071756f7461000000000000000000000000000000000000000000000000000000180000000000000030000000000000000000000000000000000000000000000041554449540000000000000000000000000092cf2b1a71b805cc53000000000000000000000000000008000000000000000000000000000000f353cc5a2b5327e28a1fecd1784e8d7b93711379e82a310066f280c8f636fc173c4c3ceb10d85521dd87fa7fdba9686eecf9cf72d8ec5771e9c367d0919dc63beef9f72f40dff6fbdb05cfa29dbd9b3b46eff46a1d967fa656815335558a3587498e40c539dc1277d5e610d606fd5fcf02c408d9cd64b83d88997c71d00cf0124eda75d91fafd6c4861ff6a1dfe1d27e9c491c86922d0a716796d43f565f428b969b7c9321f954dcf7ac86d243fc2d1278d7f8d47e4a67ed8779dfab595d144a8727637fc3c51d1eb1e3b51a573385ea7736d3a204a4639e3293eafa65151657a82fbc"]}, 0x2d4) fcntl$getownex(r1, 0x10, &(0x7f0000000340)) [ 568.180808] kernel msg: ebtables bug: please report to author: Wrong len argument [ 568.207816] FAULT_INJECTION: forcing a failure. [ 568.207816] name failslab, interval 1, probability 0, space 0, times 0 [ 568.219131] CPU: 1 PID: 9255 Comm: syz-executor0 Not tainted 4.18.0-rc4-next-20180713+ #7 [ 568.227448] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 568.232606] kernel msg: ebtables bug: please report to author: Wrong len argument [ 568.236792] Call Trace: [ 568.236815] dump_stack+0x1c9/0x2b4 [ 568.236836] ? dump_stack_print_info.cold.2+0x52/0x52 [ 568.255829] should_fail.cold.4+0xa/0x11 [ 568.259900] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 568.265010] ? __save_stack_trace+0x8d/0xf0 [ 568.269346] ? save_stack+0xa9/0xd0 [ 568.272991] ? save_stack+0x43/0xd0 [ 568.276616] ? kasan_kmalloc+0xc4/0xe0 [ 568.280505] ? __kmalloc_track_caller+0x14a/0x760 [ 568.285351] ? kvasprintf+0xb1/0x140 [ 568.289072] ? kvasprintf_const+0x67/0x190 [ 568.293313] ? kobject_set_name_vargs+0x5b/0x150 [ 568.298083] ? device_create_groups_vargs+0x1ce/0x270 [ 568.303275] ? device_create_vargs+0x46/0x60 [ 568.307688] ? bdi_register_va.part.12+0xc3/0x9c0 [ 568.312534] ? bdi_register_va+0x68/0x80 [ 568.316596] ? super_setup_bdi_name+0x12d/0x240 [ 568.321961] ? super_setup_bdi+0x7f/0xb0 [ 568.326034] ? lock_acquire+0x1e4/0x540 [ 568.330028] ? fs_reclaim_acquire+0x20/0x20 [ 568.334363] ? lock_downgrade+0x8f0/0x8f0 [ 568.338524] ? check_same_owner+0x340/0x340 [ 568.342845] ? put_dec+0xf0/0xf0 [ 568.346215] ? rcu_note_context_switch+0x730/0x730 [ 568.351147] __should_failslab+0x124/0x180 [ 568.355386] should_failslab+0x9/0x14 [ 568.359186] kmem_cache_alloc_trace+0x2cb/0x780 [ 568.363861] ? refcount_add_not_zero+0x330/0x330 [ 568.368621] device_private_init+0x9f/0x240 [ 568.372947] ? virtual_device_parent+0x60/0x60 [ 568.377541] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 568.383085] device_add+0xef7/0x16f0 [ 568.386802] ? kasan_kmalloc+0xc4/0xe0 [ 568.390692] ? device_private_init+0x240/0x240 [ 568.395275] ? kfree+0x15e/0x260 [ 568.398644] ? kfree_const+0x5e/0x70 [ 568.402362] device_create_groups_vargs+0x1ff/0x270 [ 568.407380] device_create_vargs+0x46/0x60 [ 568.411624] bdi_register_va.part.12+0xc3/0x9c0 [ 568.416298] ? lockdep_init_map+0x9/0x10 [ 568.420362] ? cgwb_kill+0x640/0x640 [ 568.424084] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 03:33:55 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x1f00, @loopback=0x7f000001}, 0x10) 03:33:55 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0x8035000000000000], 0x1}}, 0x1c) 03:33:55 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xfdffffff, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:55 executing program 2: r0 = syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0xfffffffffffffbff, 0x200) r1 = syz_open_dev$vcsa(&(0x7f0000000240)='/dev/vcsa#\x00', 0x40, 0x0) setsockopt$inet_sctp6_SCTP_EVENTS(r1, 0x84, 0xb, &(0x7f0000000400)={0xfffffffffffffff7, 0x8, 0xfffffffffffffff8, 0x3, 0x100000001, 0x8, 0x4, 0x20, 0x5, 0x100000001, 0x5}, 0xb) ioctl$EVIOCGBITSND(r0, 0x80404532, &(0x7f0000000200)=""/21) r2 = socket$inet6(0xa, 0x1, 0x0) ioctl(r2, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r3 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x0, 0x0) getdents64(r3, &(0x7f0000000140)=""/176, 0xb0) r4 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$RTC_ALM_READ(r3, 0x80247008, &(0x7f0000000440)) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r4, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x5d, &(0x7f0000000580), 0x0) ioctl$KVM_SET_CPUID(0xffffffffffffffff, 0x4008ae8a, &(0x7f00000002c0)=ANY=[@ANYBLOB="0009e8000050ce5ff700a3f4eccecde869a0a6efecf44f78f16fe14ed6ce96d54bb87cf5e28e8c5d98e3f7a10dd45a1d6ff526b2f375f7ae5d812514bbb024c1d1fa2d28e7d1a1be9c7afb9dba66e9090b73e8a1c7794fbb218dd073e2ccad7d89d5495944b31be0d767db11e3c48d707f054fdc9e11187089ad87843651a245ac2e5c0861d38075112e7b21d9f6dd0efc33d6ea55c0d289ea83309d24fdb1553dfe4c9f0f07430b182f382d0ed24ee371d13f28430000f8c642b9f8d626d6fb3aaafd4f65f7f67505c1d1af558d27e66bd45c2a64f7c9662133ee52e0479ac55f5fae2e7ff4dff0a4d7c1dd65bfe8330ca4933947780f4864447202e0ba93e37bd349697194275351fc04786e8f3dcd000000000000000000"]) ioctl$KVM_ASSIGN_SET_INTX_MASK(r4, 0x4040aea4, &(0x7f0000000040)={0x7c, 0xf252, 0x265ab60a, 0x4, 0x3}) ioctl$KVM_RUN(r5, 0xae80, 0x0) 03:33:55 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0x4000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:55 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x1800, @loopback=0x7f000001}, 0x10) 03:33:55 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xf0ffffff, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:55 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_TLV_COMMAND(r2, 0xc008551c, &(0x7f0000000040)={0x20, 0x18, [0x800, 0x9, 0x1, 0x0, 0x288, 0x3]}) setsockopt$bt_BT_SECURITY(r1, 0x112, 0x4, &(0x7f0000000080)={0x3}, 0x2) [ 568.429626] ? bdi_init+0x3d0/0x4d0 [ 568.433255] ? wb_init+0xa00/0xa00 [ 568.436798] ? kasan_unpoison_shadow+0x35/0x50 [ 568.441382] ? kasan_kmalloc+0xc4/0xe0 [ 568.445275] ? kmem_cache_alloc_node_trace+0x302/0x770 [ 568.450560] bdi_register_va+0x68/0x80 [ 568.454452] super_setup_bdi_name+0x12d/0x240 [ 568.458947] ? kill_block_super+0x100/0x100 [ 568.463275] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 568.468818] ? ns_capable_common+0x13f/0x170 [ 568.473233] super_setup_bdi+0x7f/0xb0 [ 568.477126] v9fs_mount+0x268/0x900 [ 568.480759] ? v9fs_drop_inode+0x150/0x150 [ 568.484996] legacy_get_tree+0x118/0x440 [ 568.489065] vfs_get_tree+0x1cb/0x5c0 [ 568.492857] do_mount+0x6c1/0x1fb0 [ 568.496386] ? check_same_owner+0x340/0x340 [ 568.500687] ? lock_release+0xa30/0xa30 [ 568.504641] ? copy_mount_string+0x40/0x40 [ 568.508858] ? kasan_kmalloc+0xc4/0xe0 [ 568.512725] ? kmem_cache_alloc_trace+0x318/0x780 [ 568.517549] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 568.523065] ? _copy_from_user+0xdf/0x150 [ 568.527195] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 568.532711] ? copy_mount_options+0x285/0x380 [ 568.537188] ksys_mount+0x12d/0x140 [ 568.540809] __x64_sys_mount+0xbe/0x150 [ 568.544775] do_syscall_64+0x1b9/0x820 [ 568.548658] ? finish_task_switch+0x1d3/0x870 [ 568.553134] ? syscall_return_slowpath+0x5e0/0x5e0 [ 568.558047] ? syscall_return_slowpath+0x31d/0x5e0 [ 568.562961] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 568.567965] ? prepare_exit_to_usermode+0x291/0x3b0 [ 568.572962] ? perf_trace_sys_enter+0xb10/0xb10 [ 568.577618] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 568.582448] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 568.587617] RIP: 0033:0x455ab9 [ 568.590784] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 568.609920] RSP: 002b:00007ff52b1d3c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 568.617623] RAX: ffffffffffffffda RBX: 00007ff52b1d46d4 RCX: 0000000000455ab9 [ 568.624879] RDX: 0000000020000900 RSI: 0000000020000000 RDI: 0000000000000000 03:33:55 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000003fe8)={0xaa}) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) fcntl$F_SET_RW_HINT(r1, 0x40c, &(0x7f0000000000)=0x7) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r2, 0x84, 0x8, &(0x7f0000013e95), 0x4) ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f00000000c0)={'veth1_to_bond\x00', &(0x7f0000000100)=@ethtool_perm_addr={0x5}}) r3 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio\x00', 0x2, 0x0) setsockopt$nfc_llcp_NFC_LLCP_RW(r3, 0x118, 0x0, &(0x7f0000000080)=0x7, 0x4) dup2(r2, r0) close(r2) close(r1) 03:33:55 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0x1ab], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:55 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0xfffffffd, @loopback=0x7f000001}, 0x10) 03:33:55 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x1f8, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) [ 568.632126] RBP: 000000000072bea0 R08: 0000000020000140 R09: 0000000000000000 [ 568.639373] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 568.646627] R13: 00000000004c0201 R14: 00000000004cfe50 R15: 0000000000000044 03:33:55 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0xa00], 0x1}}, 0x1c) 03:33:55 executing program 2: modify_ldt$read_default(0x2, &(0x7f0000000200)=""/73, 0x49) mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00000001c0)='devpts\x00', 0x0, &(0x7f000002f000)) mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000100)='bpf\x00', 0x2102020, &(0x7f0000000140)=ANY=[@ANYBLOB="6d6f64653d3030303030ed1a013030303430303030303030303030343030"]) r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='\x00', 0xffffffffffffff9c}, 0x10) mkdirat(r0, &(0x7f00000000c0)='./file0\x00', 0x0) 03:33:55 executing program 0 (fault-call:8 fault-nth:69): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) 03:33:55 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x400000000000000, @loopback=0x7f000001}, 0x10) 03:33:55 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0x8b], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:55 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x7488010000000000, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:55 executing program 7: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x4, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = dup(r1) ioctl$VHOST_SET_VRING_NUM(r2, 0x4008af10, &(0x7f0000000080)={0x0, 0xb}) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x5c831, 0xffffffffffffffff, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_DEBUGREGS(r3, 0x4080aea2, &(0x7f0000000000)={[0x4, 0x4000, 0x10000], 0x100000000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000100)="66b91000004066b80000000066ba000000000f30baa000eddb8f05000f89ae6a660f3a22efa80f09f00fc709f20f1ab60d0066b93608000066b80000000066ba008000000f3066b9800000c00f326635000800000f30", 0x56}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) 03:33:55 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0x543], 0x1}}, 0x1c) 03:33:55 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0x151], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) [ 569.085646] FAULT_INJECTION: forcing a failure. [ 569.085646] name failslab, interval 1, probability 0, space 0, times 0 [ 569.096960] CPU: 0 PID: 9315 Comm: syz-executor0 Not tainted 4.18.0-rc4-next-20180713+ #7 [ 569.105384] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 569.114733] Call Trace: [ 569.117327] dump_stack+0x1c9/0x2b4 [ 569.120960] ? dump_stack_print_info.cold.2+0x52/0x52 [ 569.126155] ? __debug_object_init+0x581/0x12e0 [ 569.130837] ? lock_downgrade+0x8f0/0x8f0 03:33:55 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x2000000, @loopback=0x7f000001}, 0x10) 03:33:55 executing program 2: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xe, 0x7, 0x4, 0x70, 0x2, 0xffffffffffffffff, 0x800000000000000, [0x6]}, 0x2c) [ 569.134990] should_fail.cold.4+0xa/0x11 [ 569.139056] ? kasan_check_read+0x11/0x20 [ 569.143211] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 569.148329] ? kasan_check_write+0x14/0x20 [ 569.152571] ? trace_hardirqs_on+0xd/0x10 [ 569.156720] ? __debug_object_init+0x581/0x12e0 [ 569.161399] ? kasan_check_read+0x11/0x20 [ 569.165550] ? debug_object_free+0x690/0x690 [ 569.169961] ? kasan_check_write+0x14/0x20 [ 569.174205] ? lock_acquire+0x1e4/0x540 [ 569.178181] ? fs_reclaim_acquire+0x20/0x20 [ 569.182518] ? lock_downgrade+0x8f0/0x8f0 [ 569.186681] ? check_same_owner+0x340/0x340 [ 569.191005] ? wb_congested_get_create+0x187/0x470 [ 569.195938] ? rcu_note_context_switch+0x730/0x730 [ 569.200876] __should_failslab+0x124/0x180 [ 569.205106] should_failslab+0x9/0x14 [ 569.208896] kmem_cache_alloc_trace+0x2cb/0x780 [ 569.213556] ? kasan_check_write+0x14/0x20 [ 569.217781] ? do_raw_spin_lock+0xc1/0x200 [ 569.222014] wb_congested_get_create+0x1d2/0x470 [ 569.226763] ? wb_wakeup_delayed+0xf0/0xf0 [ 569.230987] ? __lockdep_init_map+0x105/0x590 [ 569.235508] wb_init+0x636/0xa00 [ 569.238866] ? bdi_put+0x180/0x180 [ 569.242392] ? bdi_alloc_node+0x67/0xe0 [ 569.246353] ? super_setup_bdi+0x7f/0xb0 [ 569.250402] ? __lockdep_init_map+0x105/0x590 [ 569.254882] ? legacy_get_tree+0x118/0x440 [ 569.259102] ? lockdep_init_map+0x9/0x10 [ 569.263148] ? debug_mutex_init+0x2d/0x60 [ 569.267285] ? __ia32_sys_membarrier+0x150/0x150 [ 569.272031] ? __lockdep_init_map+0x105/0x590 [ 569.276512] ? __init_waitqueue_head+0x9e/0x150 [ 569.281174] ? __lockdep_init_map+0x105/0x590 [ 569.285664] ? lockdep_init_map+0x9/0x10 [ 569.289709] ? __raw_spin_lock_init+0x2d/0x100 [ 569.294280] bdi_init+0x30d/0x4d0 [ 569.297717] ? wb_init+0xa00/0xa00 [ 569.301789] ? kasan_unpoison_shadow+0x35/0x50 [ 569.306370] ? kasan_kmalloc+0xc4/0xe0 [ 569.310248] ? kmem_cache_alloc_node_trace+0x302/0x770 [ 569.315520] bdi_alloc_node+0x81/0xe0 [ 569.319307] super_setup_bdi_name+0x95/0x240 [ 569.323797] ? kill_block_super+0x100/0x100 [ 569.328109] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 569.333631] ? ns_capable_common+0x13f/0x170 [ 569.338031] super_setup_bdi+0x7f/0xb0 [ 569.341907] v9fs_mount+0x268/0x900 [ 569.345523] ? v9fs_drop_inode+0x150/0x150 [ 569.349743] legacy_get_tree+0x118/0x440 [ 569.353796] vfs_get_tree+0x1cb/0x5c0 [ 569.357585] do_mount+0x6c1/0x1fb0 [ 569.361108] ? check_same_owner+0x340/0x340 [ 569.365425] ? lock_release+0xa30/0xa30 [ 569.369399] ? copy_mount_string+0x40/0x40 [ 569.373625] ? retint_kernel+0x10/0x10 [ 569.377504] ? copy_mount_options+0x213/0x380 [ 569.381984] ? copy_mount_options+0x213/0x380 [ 569.386472] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 569.392005] ? copy_mount_options+0x285/0x380 [ 569.396500] ksys_mount+0x12d/0x140 [ 569.400114] __x64_sys_mount+0xbe/0x150 [ 569.404076] do_syscall_64+0x1b9/0x820 [ 569.407947] ? finish_task_switch+0x1d3/0x870 [ 569.412427] ? syscall_return_slowpath+0x5e0/0x5e0 [ 569.417344] ? syscall_return_slowpath+0x31d/0x5e0 [ 569.422261] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 569.427273] ? prepare_exit_to_usermode+0x291/0x3b0 [ 569.432275] ? perf_trace_sys_enter+0xb10/0xb10 [ 569.436928] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 569.441771] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 569.446952] RIP: 0033:0x455ab9 [ 569.450123] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 569.469401] RSP: 002b:00007ff52b1d3c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 569.477096] RAX: ffffffffffffffda RBX: 00007ff52b1d46d4 RCX: 0000000000455ab9 03:33:56 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0x100000000000000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) [ 569.484351] RDX: 0000000020000900 RSI: 0000000020000000 RDI: 0000000000000000 [ 569.491606] RBP: 000000000072bea0 R08: 0000000020000140 R09: 0000000000000000 [ 569.498858] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 569.506110] R13: 00000000004c0201 R14: 00000000004cfe50 R15: 0000000000000045 03:33:56 executing program 5: r0 = socket(0x11, 0x80000, 0x3) syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@ipv4={[], [0xff, 0xff], @multicast2=0xe0000002}, 0x80000000, 0x1, 0xff, 0xc, 0x7f, 0x22d, 0xfffffffffffffff8}, 0x20) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='/exe\x00\x00\x00\x00\x00\x00') ioctl$fiemap(r1, 0xc020660b, &(0x7f0000000100)={0xad, 0x7, 0x2, 0xffff, 0x3, [{0x0, 0x101, 0xffffffffffffffff, 0x0, 0x0, 0x500}, {0x7, 0x10001, 0x6}, {0x0, 0x1, 0xbc, 0x0, 0x0, 0x3680}]}) setsockopt$SO_VM_SOCKETS_CONNECT_TIMEOUT(r1, 0x28, 0x6, &(0x7f0000000080), 0x10) ioctl$fiemap(r1, 0xc020660b, &(0x7f0000000040)={0xfffffffffffffffc, 0x9b6}) 03:33:56 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x2000, @loopback=0x7f000001}, 0x10) 03:33:56 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0xffffca88], 0x1}}, 0x1c) 03:33:56 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x87e00000, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:56 executing program 0 (fault-call:8 fault-nth:70): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) 03:33:56 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0xff000000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:56 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x40000080806, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, [], 0x19}, 0xfffffffffffffffe}, 0x16) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x2, 0x32, 0xffffffffffffffff, 0x0) ioctl$sock_SIOCINQ(r1, 0x541b, &(0x7f0000000040)) 03:33:56 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0x34000], 0x1}}, 0x1c) 03:33:56 executing program 7: r0 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket(0x10, 0x80002, 0x0) ioctl$FICLONE(r1, 0x40049409, r0) write(r1, &(0x7f00000001c0)="2600000022004701050000000000000005006d20002b1f000a4a51f1ee839cd53400b017ca5b", 0x26) flock(r0, 0x2) r2 = syz_open_dev$sndpcmc(&(0x7f0000000040)='/dev/snd/pcmC#D#c\x00', 0xffffffff, 0x80000) ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f0000000080)) [ 569.699632] FAULT_INJECTION: forcing a failure. [ 569.699632] name failslab, interval 1, probability 0, space 0, times 0 [ 569.710943] CPU: 1 PID: 9361 Comm: syz-executor0 Not tainted 4.18.0-rc4-next-20180713+ #7 [ 569.719255] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 569.728607] Call Trace: [ 569.731201] dump_stack+0x1c9/0x2b4 [ 569.734835] ? dump_stack_print_info.cold.2+0x52/0x52 [ 569.740038] should_fail.cold.4+0xa/0x11 [ 569.744110] ? fault_create_debugfs_attr+0x1f0/0x1f0 03:33:56 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x1300000000000000, @loopback=0x7f000001}, 0x10) 03:33:56 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0xa4ffffff], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:56 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x3f000000, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:56 executing program 2: r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) r1 = dup(r0) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x2, 0x0) getpeername$netlink(r1, &(0x7f0000000080), &(0x7f00000000c0)=0xc) 03:33:56 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) fstat(r0, &(0x7f0000000040)) bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20, @broadcast=0xffffffff}, 0x10) sendto$inet(r0, &(0x7f0000000200), 0xfffffffffffffeb4, 0x2000800e, &(0x7f0000db4ff0)={0x2, 0x4e20, @loopback=0x7f000001, [0x2]}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='vegas\x00', 0x6) ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") recvfrom(r0, &(0x7f0000f9cf9b)=""/101, 0x6478c8501c739e53, 0x120, 0x0, 0xfffffefb) shutdown(r0, 0x0) [ 569.749216] ? __save_stack_trace+0x8d/0xf0 [ 569.753549] ? save_stack+0xa9/0xd0 [ 569.757180] ? save_stack+0x43/0xd0 [ 569.760814] ? kasan_kmalloc+0xc4/0xe0 [ 569.764705] ? __kmalloc_track_caller+0x14a/0x760 [ 569.769558] ? kvasprintf+0xb1/0x140 [ 569.773277] ? kvasprintf_const+0x67/0x190 [ 569.777514] ? kobject_set_name_vargs+0x5b/0x150 [ 569.782275] ? device_create_groups_vargs+0x1ce/0x270 [ 569.787471] ? device_create_vargs+0x46/0x60 [ 569.791885] ? bdi_register_va.part.12+0xc3/0x9c0 03:33:56 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x500000000000000, @loopback=0x7f000001}, 0x10) 03:33:56 executing program 2: r0 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c) listen(r0, 0x5eb857) r1 = socket$inet_dccp(0x2, 0x6, 0x0) connect$inet(r1, &(0x7f0000000340)={0x2, 0x4e23}, 0x10) r2 = accept4(r0, &(0x7f0000975000)=@can, &(0x7f0000752ffc)=0x10, 0x0) r3 = socket$inet6(0xa, 0x1, 0x0) ioctl(r3, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r4 = socket$inet6(0xa, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r4, 0x1, 0x25, &(0x7f00000006c0)=0x840, 0x4) bind$inet6(r4, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c) recvfrom(r4, &(0x7f00000000c0)=""/251, 0x2e, 0x0, &(0x7f0000000000)=@nfc_llcp={0x27, 0x0, 0x0, 0x0, 0x0, 0x0, "8df0d47434cdbcd50af760189e41d163f0fc8a3fcd8091d7e462359ba12143866e68a9028c2ccc7c1fc5ae13c3f188e2e7d7b8b4d32be094067b9571df0821"}, 0x709000) sendto$inet6(r4, &(0x7f0000000300), 0x0, 0x0, &(0x7f00000001c0)={0xa, 0x4e20, 0x0, @mcast2={0xff, 0x2, [], 0x1}}, 0x1c) syz_genetlink_get_family_id$team(&(0x7f0000000080)='team\x00') accept4$packet(r2, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000100)=0x14, 0x800) sendmsg$TEAM_CMD_OPTIONS_GET(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000040)={0x10}, 0xc, &(0x7f0000000200)={&(0x7f0000000840)=ANY=[]}, 0x1}, 0x0) write$binfmt_elf32(r1, &(0x7f00000006c0)=ANY=[@ANYBLOB="1c53a359b89f120b7f1549b1e12519ac624b1dfbe0cf423b14ed15aac9a59885170dbfb673cb353b8a99ee525f8332f9fdd948a20aad64472b447af79f9d97939ebafa991ffe4052e745c5a4cb7a889e71dc4c636d3c38f75ff0508ab822e00dcc9d4721c501515698b239db4bdf5475b5405b81678d8c31fcb6dd2e2d32"], 0x7e) fsync(r0) sendmsg$FOU_CMD_ADD(r2, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB], 0x1}, 0x1}, 0x0) sendmmsg(r1, &(0x7f00000048c0)=[{{&(0x7f0000000140)=@in6={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x80, &(0x7f00000002c0), 0x0, &(0x7f00000006c0)}}, {{&(0x7f0000000380)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast2={0xff, 0x2, [], 0x1}}}}, 0x80, &(0x7f0000000300)}}], 0x2, 0x0) [ 569.796739] ? bdi_register_va+0x68/0x80 [ 569.800804] ? super_setup_bdi_name+0x12d/0x240 [ 569.805477] ? super_setup_bdi+0x7f/0xb0 [ 569.809547] ? lock_acquire+0x1e4/0x540 [ 569.810072] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead. [ 569.813520] ? fs_reclaim_acquire+0x20/0x20 [ 569.813538] ? lock_downgrade+0x8f0/0x8f0 [ 569.813555] ? check_same_owner+0x340/0x340 [ 569.813572] ? put_dec+0xf0/0xf0 03:33:56 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x900, @loopback=0x7f000001}, 0x10) [ 569.847173] ? rcu_note_context_switch+0x730/0x730 [ 569.852112] __should_failslab+0x124/0x180 [ 569.856350] should_failslab+0x9/0x14 [ 569.860164] kmem_cache_alloc_trace+0x2cb/0x780 [ 569.864835] ? refcount_add_not_zero+0x330/0x330 [ 569.869598] device_private_init+0x9f/0x240 [ 569.873925] ? virtual_device_parent+0x60/0x60 [ 569.878510] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 569.884051] device_add+0xef7/0x16f0 [ 569.887777] ? kasan_kmalloc+0xc4/0xe0 [ 569.891673] ? device_private_init+0x240/0x240 [ 569.896258] ? kfree+0x15e/0x260 [ 569.899626] ? kfree_const+0x5e/0x70 [ 569.903344] device_create_groups_vargs+0x1ff/0x270 [ 569.908364] device_create_vargs+0x46/0x60 [ 569.912605] bdi_register_va.part.12+0xc3/0x9c0 [ 569.917282] ? lockdep_init_map+0x9/0x10 [ 569.921350] ? cgwb_kill+0x640/0x640 [ 569.925068] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 569.930604] ? bdi_init+0x3d0/0x4d0 [ 569.934222] ? wb_init+0xa00/0xa00 [ 569.937754] ? kasan_unpoison_shadow+0x35/0x50 [ 569.942331] ? kasan_kmalloc+0xc4/0xe0 [ 569.946245] ? kmem_cache_alloc_node_trace+0x302/0x770 [ 569.951517] bdi_register_va+0x68/0x80 [ 569.955395] super_setup_bdi_name+0x12d/0x240 [ 569.959877] ? kill_block_super+0x100/0x100 [ 569.964230] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 569.969762] ? ns_capable_common+0x13f/0x170 [ 569.974166] super_setup_bdi+0x7f/0xb0 [ 569.978044] v9fs_mount+0x268/0x900 [ 569.981661] ? v9fs_drop_inode+0x150/0x150 [ 569.985883] legacy_get_tree+0x118/0x440 [ 569.989939] vfs_get_tree+0x1cb/0x5c0 [ 569.993728] do_mount+0x6c1/0x1fb0 [ 569.997272] ? kasan_check_write+0x14/0x20 [ 570.001497] ? copy_mount_string+0x40/0x40 [ 570.005721] ? retint_kernel+0x10/0x10 [ 570.009599] ? copy_mount_options+0x1f0/0x380 [ 570.014081] ? copy_mount_options+0x1fa/0x380 [ 570.018564] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 570.024085] ? copy_mount_options+0x285/0x380 [ 570.028569] ksys_mount+0x12d/0x140 [ 570.032183] __x64_sys_mount+0xbe/0x150 [ 570.036150] do_syscall_64+0x1b9/0x820 [ 570.040028] ? finish_task_switch+0x1d3/0x870 [ 570.044510] ? syscall_return_slowpath+0x5e0/0x5e0 [ 570.049426] ? syscall_return_slowpath+0x31d/0x5e0 [ 570.054343] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 570.059356] ? prepare_exit_to_usermode+0x291/0x3b0 [ 570.064359] ? perf_trace_sys_enter+0xb10/0xb10 [ 570.069018] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 570.073852] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 570.079027] RIP: 0033:0x455ab9 [ 570.082205] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 03:33:56 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x2e2, @loopback=0x7f000001}, 0x10) [ 570.101477] RSP: 002b:00007ff52b1d3c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 570.109172] RAX: ffffffffffffffda RBX: 00007ff52b1d46d4 RCX: 0000000000455ab9 [ 570.116426] RDX: 0000000020000900 RSI: 0000000020000000 RDI: 0000000000000000 [ 570.123679] RBP: 000000000072bea0 R08: 0000000020000140 R09: 0000000000000000 [ 570.130939] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 570.138706] R13: 00000000004c0201 R14: 00000000004cfe50 R15: 0000000000000046 03:33:56 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0xfd000000, @loopback=0x7f000001}, 0x10) 03:33:56 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0x8906000000000000], 0x1}}, 0x1c) 03:33:56 executing program 0 (fault-call:8 fault-nth:71): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) 03:33:56 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0x4], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:56 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x500, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:57 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0xfd00, @loopback=0x7f000001}, 0x10) [ 570.303747] FAULT_INJECTION: forcing a failure. [ 570.303747] name failslab, interval 1, probability 0, space 0, times 0 [ 570.315056] CPU: 0 PID: 9429 Comm: syz-executor0 Not tainted 4.18.0-rc4-next-20180713+ #7 [ 570.323377] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 570.332723] Call Trace: [ 570.335309] dump_stack+0x1c9/0x2b4 [ 570.338927] ? dump_stack_print_info.cold.2+0x52/0x52 [ 570.344116] ? perf_trace_lock+0xde/0x920 [ 570.348257] should_fail.cold.4+0xa/0x11 [ 570.352310] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 570.357398] ? __save_stack_trace+0x8d/0xf0 [ 570.361713] ? save_stack+0xa9/0xd0 [ 570.365327] ? save_stack+0x43/0xd0 [ 570.368937] ? kasan_kmalloc+0xc4/0xe0 [ 570.372812] ? __kmalloc_track_caller+0x14a/0x760 [ 570.377641] ? kvasprintf_const+0x67/0x190 [ 570.381861] ? kobject_set_name_vargs+0x5b/0x150 [ 570.386606] ? device_create_groups_vargs+0x1ce/0x270 [ 570.391782] ? device_create_vargs+0x46/0x60 [ 570.396173] ? bdi_register_va.part.12+0xc3/0x9c0 [ 570.400998] ? bdi_register_va+0x68/0x80 [ 570.405052] ? lock_acquire+0x1e4/0x540 [ 570.409017] ? fs_reclaim_acquire+0x20/0x20 [ 570.413327] ? lock_downgrade+0x8f0/0x8f0 [ 570.417465] ? check_same_owner+0x340/0x340 [ 570.421770] ? put_dec+0xf0/0xf0 [ 570.425126] ? rcu_note_context_switch+0x730/0x730 [ 570.430046] __should_failslab+0x124/0x180 [ 570.434287] should_failslab+0x9/0x14 [ 570.438075] kmem_cache_alloc_trace+0x2cb/0x780 [ 570.442733] ? refcount_add_not_zero+0x330/0x330 [ 570.447480] device_private_init+0x9f/0x240 [ 570.451789] ? virtual_device_parent+0x60/0x60 [ 570.456369] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 570.461893] device_add+0xef7/0x16f0 [ 570.465591] ? kasan_kmalloc+0xc4/0xe0 [ 570.469467] ? device_private_init+0x240/0x240 [ 570.474032] ? kfree+0x15e/0x260 [ 570.477386] ? kfree_const+0x5e/0x70 [ 570.481089] device_create_groups_vargs+0x1ff/0x270 [ 570.486093] device_create_vargs+0x46/0x60 [ 570.490324] bdi_register_va.part.12+0xc3/0x9c0 [ 570.494978] ? lockdep_init_map+0x9/0x10 [ 570.499027] ? cgwb_kill+0x640/0x640 [ 570.502726] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 570.508246] ? bdi_init+0x3d0/0x4d0 [ 570.511856] ? wb_init+0xa00/0xa00 [ 570.515381] ? kasan_unpoison_shadow+0x35/0x50 [ 570.519948] ? kasan_kmalloc+0xc4/0xe0 [ 570.523823] ? kmem_cache_alloc_node_trace+0x302/0x770 [ 570.529092] bdi_register_va+0x68/0x80 [ 570.532967] super_setup_bdi_name+0x12d/0x240 [ 570.537445] ? kill_block_super+0x100/0x100 [ 570.541756] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 570.547287] ? ns_capable_common+0x13f/0x170 [ 570.551771] super_setup_bdi+0x7f/0xb0 [ 570.555646] v9fs_mount+0x268/0x900 [ 570.559263] ? v9fs_drop_inode+0x150/0x150 [ 570.563483] legacy_get_tree+0x118/0x440 [ 570.567535] vfs_get_tree+0x1cb/0x5c0 [ 570.571322] do_mount+0x6c1/0x1fb0 [ 570.574848] ? kasan_check_write+0x14/0x20 [ 570.579072] ? copy_mount_string+0x40/0x40 [ 570.583294] ? kasan_kmalloc+0xc4/0xe0 [ 570.587172] ? kmem_cache_alloc_trace+0x318/0x780 [ 570.592000] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 570.597532] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 570.603064] ? copy_mount_options+0x285/0x380 [ 570.607556] ksys_mount+0x12d/0x140 [ 570.611174] __x64_sys_mount+0xbe/0x150 [ 570.615138] do_syscall_64+0x1b9/0x820 [ 570.619012] ? finish_task_switch+0x1d3/0x870 [ 570.623497] ? syscall_return_slowpath+0x5e0/0x5e0 [ 570.628412] ? syscall_return_slowpath+0x31d/0x5e0 [ 570.633339] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 570.638352] ? prepare_exit_to_usermode+0x291/0x3b0 [ 570.643360] ? perf_trace_sys_enter+0xb10/0xb10 [ 570.648019] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 570.652853] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 570.658027] RIP: 0033:0x455ab9 [ 570.661195] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 570.680474] RSP: 002b:00007ff52b1d3c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 570.688170] RAX: ffffffffffffffda RBX: 00007ff52b1d46d4 RCX: 0000000000455ab9 [ 570.695425] RDX: 0000000020000900 RSI: 0000000020000000 RDI: 0000000000000000 [ 570.702694] RBP: 000000000072bea0 R08: 0000000020000140 R09: 0000000000000000 [ 570.709946] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 570.717200] R13: 00000000004c0201 R14: 00000000004cfe50 R15: 0000000000000047 03:33:57 executing program 7: r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000000)='/dev/urandom\x00', 0x1fffe, 0x0) r1 = open(&(0x7f0000000040)='./file0\x00', 0x141080, 0x28) bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000140)={r1, r1, 0xf, 0x1}, 0x10) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f00000000c0)) sendmsg$nl_netfilter(r1, &(0x7f0000001500)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000014c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="d41200000b07000027bd7000fddbdf250700000640d53be3b2378ad77dfe15242b678e36d93687893ed00102bbe04cb15be78bf6e026aa0b9c062e58a32aba8669ef52c158b93672bcf8d53950a6a188513ed058c4fee94a5b855c75f884818082362f4d75d915745a3baa32ff238edb77c1fb8120a6e85f0e1229b2734f7b61f093961a661705fbad49ca7d8d5e66fcb9d216691c2ad35453be000c831bb6497b531bd781b744c3bf8ca8a1f6dd9e4c2787f05d81fe840491ad8c03f03ceea670e2722856f2a94873cc88c6c8408f58b54dba2d71b6afceb11d41851825ecd64b321478ca43a46a06f8a6aa03b9a4677cb4b4b86204d753b4f89d55c970817804849da6a8fa5d7209d5feac676bb8e1ce3ae35577837acbc2a4af450856e1de99512368bd4576702846df712edcaa184416b533c32e93d88db880111ca5cd7242535953727d9604755a68a142e101b5d6e22ad6772bc91952021485baa06a2f9c498362052be0630d0916608e45e7bcf8691331402b0a7a79f5ac533f36fa21a21f18ea920723dc6163dd96d3669e16705107d3c533fd8f63cd85242c9ee1f6a56f274270eec3db944819b0eb7e2d9e65b98ab4535e54cae30ba3e81fa7ebe360c9d17dbc0e88ac1fe60d73063b87f5cec340d00ffe729f9474987149a38415629b77462e6877a19be8247782b60d6d1971a51173b4295679ed0f441762a56324346021af37881b183e40100b5bfbe5affa66b60027d48f09051579924ccbc3e9d768a25d1d94d3119965c474b2f8e57881a7a6574a4b3967971e4017a26d0ae695251c701116dc25b1ff8ce6fbb7f03755c3bc2a62930892c39cefe5484ebe82a38c4f5cd92c049623224d22c864524e6f2bc338400e939b98e1945ea369122486a0ed67c8b4494b7bf867338be856082d16f9113c13bfe390bc81c08eec0805c2125f8dfba5b9873806d5cacd26333576c8ec405a381f60f0bd12356cfeafd49506008d68d2ae068e3da30cad8362a55b4bf224a56e97be499980c2819c778964dda7e714fa1fe85ff125d0af9f3ee77805947002bcca609cf4a892380088c0344927c8b877e9e2218e0521b5afcdea1491e120333b1ac9a541304cf9016cc72122bca9aa6f475b91ccddb921a58011a404d9590cec45f0531e7de9608843188cf971eafbb451310d4222f9bb09eabe9a4d88204765cad5c206c9fd6773bb74d5fb6cb687d59cde906f035a9e2a1cf865f904d2d6a5eea845682aa403a7fda471d8e908afb137d97b09107008bcad28d9ba631bfba04201cb8c150d01fd2aa962818976a741881a4b32fe62c243c3eb2f998a8b5615f7bc9bbec07534fdc27cb8d9ce1721be452877504c571c29f619e8c7472b98e24ca3b2e17cda06cf2582bd46ddf94781cffb9cdf6de661970cc89037a2dae4a35dec6d831ec3b2a645ad0ebb768234dd5012794cdf26c0d766424be89c851d835bf4860aadad0c990f96bb924ef0a9e05b01d619486bd4eecf2f08f132ba1b4904bbf40315803e36071c88ea3342d0ae882d14caa134f7cda2b5bd9d6d2614512d3f415259859f1e2e1e1fbcfdbfa9637e0915d31124f94c23b6da8bfc938a16dea2f3090150266213f46008562266a9b7870e0adcdd9de9207f4b182f3354e818cef8bb21b2dd12a2434ef52b7531d8c6f301587210c4f1347f6c1fabeb0aafd34bb63b1747b180c666777ef563b75bab1adfe9e189da864b32a87c120f25b559de0a0bafefc02e4d7db9d52f0fe0e12ec79c1a1508c25cd85398b6571a0d076460b71ea0fbd36a9dcfdbf0c59e7f9e2b96f2424debeae5dbbc76fafcd1ba533e41d08c824c2570acfc494c760458cb89e9322a165b306f3e6be1aeb6f45e409fa49a56dcc9084c78340dafd947b43b3263ad19d4c4207c1e80221c5b35fe9b0e2421bd5dd9357f8ed7fee566269dfd344fcd46730e346c0943b000dc30fbc42c234b46200b25651444d99734a603d271706ed0c223f5a774b7f83a62620eab990ba68bf33d65e001ac78bd032ae8a51a26101ab5dcbbc8d13c90d61672dafcad89faca56da8480660a7bd8d632c0a78d63bab996b671ce792c5f7c51cc09a603f1820a8de531d82abd0a9185c1c05c8ed4e71a7bb8ab6e5726381cf12ab023e2fa54b1281606ec053ad5212dfe5b9521b092b580623f9755cc69657b1bb4765bc755b3b881e8ad62939545111e8f007bb5921ce39e751c8a94c490770fe7a46f3bcbae041c2a56f2fbb1bea8fe752e3b3b83073d3d601515086cb089beeb1227a0e6cbdd876b652a2d3b989f8f124fad887101e31eb09bc2dabf9b6b83a9f9f1bb597bf380a74403c5d5fff1861156c5033c93b2f5faf5941c360b5250f0078e66748350005afcc3fda22b7c321097d8aed648c0ea0a0796bf4ae5e3177c16e55b78699f54fbeae7f0f98e95c0d65806c25d0cee4f27a7364195776c60499f49816dbc09bc1985c2da35b69eb776c02e12fc5fe72ace515776d539c5d9aad92b868f08cd59cb4eb1a51c639222037717e352c7c1ec083b6c725a800d37ae2fe1d7ebaafd32e205fecd4b5fc9337660913ab0363d930834df0b10a75437d3e8de86c0410ba4ccc29a436af3a058f0156c0b56e0b7c67902aa8bb109d9b505da8ff25a230311a7fde5f1f8314f085c16a91ae334b7c86c4621a027386959e251907d14f34d098f5c980b2636a0c34f32e323e56fd624f0e5afe4738cf34fc6b0fb5f5a195dba41722aa2cb0f53078b226b3c7f4948717d787ce51afd617bcd1fbbfa6b3422f56a99de95a5b00b8115b165b2a2ec78d4c1042d97f1d5be9084027c51097d1814b43beb10d8ca1e6f33bb10b8512fdffe638d3dbb149718ac630fcbd59def9c4d0bd0fecf34d864ad7fc5ff3ba144e589229c8b427c33d66d1fb00012aea9a1466d6f45e84b30b3cede3c929c9181606e005b325e499d2bd3d97a5213443e1b6e6b33f1ea9c9569159461bdc6a13cf9b71324e9d2605b1d517bd30fc0bd7ef7bdb37f3d7fadde07344b278b21a8da8642a8fdca4e57744c037fb7ddfece9bb69f75cfdab7e53956f95a5e062299f891c22519f15c9c9d468767be6eaed2ea8c017ae2e061a31b8b697e02ec7e679756bdcf577b965255cd3e19b3c352075dd0b3d6a7a5b87eb98d74ca7ba72dfb4f52d2912d739e301034b47b066cbf2e956d1f18c4c90397e25cd0e74906b9e5bb73120a4958221c2a1b0e77c121843ba23039fb278ae0e691c929433cbea11d5edaa754a19048b517f0e0c3642078a54199e173098d84d011f4acc525735d1e9cf8c9eda4b0da60b791fd6e28bdff589b3e7af4c2356714e755a193088d4e732b68e9c0c2aac724616e14eebfe84cce6e96c406c4c90636f27e20c892b762887f6b00f820f19700ba15b6632cff76cca50d6848a6ca16ad21a7c36410f28e340b2ebfd355daea5f3a7129e138e4c763a59d5e85bf5d5b4f3df6369dd4cac48e8ab00504246e926a7cd091440df446a26ba9febbb44873c7a15e2a55c2cea686be263dfaf848cdf0e8136fc55bf9bc204858e22f2a389ad5d0d383e75e2a522f05b95d04c8a83d908a322280e2a960d24275b58534eb24326f31a731e2fda1cd8413adb2770da5dd480d9748ff362ad53f534541333635f9c19905912917c2641d155ae6a1a17e5a8fa279af42777cdb37b1ad05d9b489a57e27c4b87ee00f2f3899a207317e4afe2d93b8b15fdd2a3e107974babe92dea0880fedd9edfb8a91b4f8b8619107463a0c5f9dd1c9a4650b2ac5d86f3d083cc8b389f4f2f6c890f82d140dc47b0413b3d9f4813eb62437cc4f7a9af2c540777fc84f058a9efe86035d5db0826e92bdb66d8e710aad9487428547648442a41b7072b11bb8cf2f9c2128ae52fb8603a0e813a5dee233c09c423d5e9c0cd4af2d0646e16dcecb7d93b5b20b7efc2186d4381b583b42550cfd3cbc063440e5294c581bf4b1246d6110f82900440c00ca3d7a00ae4b5af53505ff9e38ea55572f8b5e6bbcd813f02c327a2812e572b5d267462e76140cfee94558d13d2e1eb0a43861b65f89c2b5fb5d374e49bbf65dfbd0b3c18d9e85d9031cb1607194c9921265dcc856d7f47000fa8918b7ce154b0748f59069d252f966a1cb2a956cc2ef15d8582eb825c34427c30204f3b27c201869f459b1f71daff6212b36a708d0fae219fa087a8789cb04986334393b5d9d8c64d9eedc3dc573ebcdf49a2263754c75c8af358e5704c2101d07ad86408476daa4d686281448b846fc422e91f6f9c69cb0c18fd709eed5c1f5a870fc32f1e7bf0e68776fc3a6b392e1395311903d597cd6122e52f60f0d1a9b87edc10b59ae7793c828ac39bf19b3037ba227bcf9557391dfd82b030e289bbcc425db32e29d241f7472db82330cad4d7bd20b420fab4fa83819b25d723750184a122f42f6c7ed34c394d9e06c6c16ce9fac03ceefe2822e3fe568bf81837bd1a0c50e230cd637efade95f9fd62b9bd63adc5ef8014c8001098f95fbfb69bccabfe1857c0d636e6f67faa867683ac102fab3b1f88b30a9bee81b1d6976fdbe2659c5d8af3a4e45e0468ec12ce666f642a8dca9f4faef7b2cece8dcb52bc1fd7d82ed5384f47d92afd50fd25f21a9271b47cc86f57d8db3a2585f7b1a0b10483f29563c5672fdd95089b61015bf130c8d44220beff7325f3ed7b77dfa62a539963f960493ffd0163344a0a05da4a4955c20cf51464dfdc9e8067a446508eeb6d42c29f42342fcf55ca584b60e36cfc4ddf922c1e80792cb2b6655dfa94eb19f620086500763958087c49155f4b37e348dd551476f2720144550b745fd4dcd7d0ff7a0f110ceba1ffc2fed31c2b4b6897a6fd8b0637b3c62965b6ac17290035d15ff4cc1d1add4b3c72f7fa3a1f9e4ae159cfc0fa42cb19bcf26c7846a1d6497f850446ea75687005d7f75baa34379197087cb5aa2424cb321a99c65b69ce7617f5b5faabe3f023871bd56ba2eaf9163c9a8185915730a55ebde8d3595a4486c2a203a7f021596f7a7fb095798ca01327475d15f0d515417d359043d9ae1c4ab6fc27e5e688c8496382db4f5426e4e722d3161fa79e07499c668d2f8a41fb4c29c0aa60fd6bc28a29f6e2e8e8c1d4febf803be20edeadfadb7eb7c8da5e3f8c46d4ef555b3d0c6a133a2d519865ce092d8b611168e60e06c92b517876501cd19bc7a975ca01d9fb4dd6efcf1041700d1f8b11f5ceb65424bffd55af13feb50724da04b0b9301a05bd60836ecf57e3d51d8e70a8fd07cfc7debe0e1dd15d84afdf927cb3e066b19e65e64ffa7f0d7333237a554125e89d9b64042e7353b27be4aba3695ef66797a3c610a083c3ce137be9c5cba58ac0bc00341005251b6976c5c22aa2d946678e17abde686f59dd0654a67ded1330b33be54dfc31872cd9589278b3a4e80995b96355d611a302401d707534b6b72585707b18321096a21046bcbf51a84e6eef773236ed63b321a4e47d00969919c8d646fcafaffe949999d668e144f3f1593ebc32f376dfc924cb8ef85089059e44de52f0578eb20d07b2b9577d16ebaa5165f7714b03355742c0a972a3a8bccddaa9ee687ba57b262f9f3cdd5fe22a5439fe85b9ef0838b68280eb02d6c7062331225cccbc22ce8df3aa61ea0515f3811f266fc84417c36d690940dd7d24a6f3a66267f5e3616aafcf5bd54422ad89764e118a9d5e52e74aae9f1b039ba93e6f96aa2db1097cbcc7bcc403e4cbde81e8b0680be8732c1a3f44a9a4681f81fbad1c01714b1a0846af11201685e9bab4c788a93341cd3547dbc08008200a6090000625763b3f62ab15a90796ed9a00050005af94d5e01fc0bd1d662ba72f044e893b2235b17c6045682139bcfdb04e6ae4c66e70297893bab967411645f4787eec170d17c68322ce1623ec99ec3a8336934858af83d7d822bfa94e0cc3335e19ba29ad24086f6e8e53e7f49dec6d9bc43932d7e95128a6d10314b20d21d7c61c51503d9c6ff6e98456e3c1b38f6566375c771d3d38e3959049bd85daec95269a60f5705da5ccc3207ae14000000f3493482c92464a8aa3f1fb3953a64fdd9059e79fa0afeb219ceb7c1fa09911734c777ef0803feaa67149eb9cd95973fa9c45dc03ddafd72159f2c5bc84634a004efbeab026349745ebb8ab8e39c002e00c2e73503b204caffb31d0ca235715ed179c12a91cf860f8ae0a0a1da123b730a4487f2a9a23cad2250c178f4c771783adade7624179dc25b15536647a8fc1d5ff9a36cd0984c18b7abb3f94719788300893b960267aa9593de2c1a582bf8ad6713b9b44548dcb0d59dc67e28070a9d3b08000600010400000c00400001000000000000000c007100d10000000000000008004f00ffffffff14000100000000000000000000000000000000010c013700c3552b36a847c14567d06d3b39b19fc6d6c0de01aef26819aae3766dd86a5504873f279eea6d6a8918fec4e7bd383489bf9c22191c895e789b53a0c4ac392ea2d26574aa93ae4cfc173db19d454dba3c8f630244f15088e7d1a91323f4f891921db6752c160708a99a7262f126ed138faf7905aa0a9b48cd9d3a0287fb8d4b8f589b2d6bc79771b2aa44292db8b4fc59c07438dcfba37b6ba1ddaaa1a9f1f2d96573b0b6cedf08a052c674517857af641f8a8ba8034ea11a8559304c6222633fdc62451aabc1dcd9c36537be818838082b1e756e4d9bed629b97b6e4789b116bccf1a78b37963b3ece448d161f266506ed89621172a3bccaf1c2e223efc5837d08001900", @ANYRES32=r0, @ANYBLOB="7f4e59"], 0x12d4}, 0x1}, 0x40) r2 = semget(0x1, 0x0, 0x2) semctl$GETALL(r2, 0x0, 0xd, &(0x7f0000000100)=""/7) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f0000000080)=0x5, 0x4) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) 03:33:57 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0x13000000], 0x1}}, 0x1c) 03:33:57 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0x3f00], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:57 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xff07, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:57 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x1300, @loopback=0x7f000001}, 0x10) [ 570.759272] dccp_close: ABORT with 2 bytes unread 03:33:57 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='fuse\x00', 0x400, 0x0) perf_event_open(&(0x7f000000a000)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000a7dfff)}, 0xa00000400, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mount(&(0x7f00008deff8)='./file0\x00', &(0x7f0000343ff8)='./file0\x00', &(0x7f000015bffc)='nfs\x00', 0x0, &(0x7f000000a000)) 03:33:57 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0x86ddffff], 0x1}}, 0x1c) 03:33:57 executing program 2: r0 = socket$inet6(0xa, 0x10, 0xce) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x0, 0x0) ioctl$KDGKBSENT(r2, 0x4b48, &(0x7f0000000240)={0x7, 0x1, 0x8}) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f00000002c0)=ANY=[@ANYBLOB="6d616e676c650000000000000000000000000000000000000000000000000000000000000028040000a8010000a8010000280400002804000028040000280400002804000006000000000000000000000000000000000000", @ANYPTR=&(0x7f0000000000)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'], @ANYBLOB="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800c000000000000000000000000000000000000000000000000000280053594e50524f5859000000000000000000000000000000000000000000000205060000000000ffffffffac1414aa000000ff0000000079616d300000000000000000000000006e72300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000110001220000000000000000000000000000c000e8000000000000000000000000000000000000000000000000002800727066696c746572000000000000000000000000000000000000000000000b0000000000000028004e46515545554500000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800c000000000000000000000000000000000000000000000000000280054544c0000000000000000000000000000000000000000000000000000000006000000000000e0000001e0000002ff0000ff0000000064756d6d793000000000000000000000626f6e645f736c6176655f3000000000000000000000000000000000ff0000000000000000000000000000000000000000000000000000000000ff0000000000000000000000000000007f00020800000000000000000000000000009800c000000000000000000000000000000000000000000000000000280045434e000000000000000000000000000000000000000000000000000000200003000000000000000005ac1414bb00000000ffffff007665746831000000000000000000000065727370616e3000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001210000000000000000000000000000c00000010000000000000000000000000000000000000000000000002800727066696c74657200000000000000000000000000000000000000000000030000000000000040005450524f58590000000000000000000000000000000000000000000000010900000004000000000000000000000000000000000000004e21000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000000feffffff00000000"], 0x520) r3 = socket(0xa, 0x1, 0x0) exit(0x40084) pipe2(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$TIOCGETD(r4, 0x5424, &(0x7f00000001c0)) r5 = open(&(0x7f00000000c0)='./file0\x00', 0x212102, 0x40) ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000100)={0x1, r0}) ioctl$SG_NEXT_CMD_LEN(r5, 0x2283, &(0x7f0000000140)=0x1b) setsockopt$IP_VS_SO_SET_ADD(r3, 0x0, 0x482, &(0x7f0000000080)={0x11, @dev={0xac, 0x14, 0x14}, 0x0, 0x3, 'lblc\x00', 0xffffffffffffffff, 0x1000, 0x33}, 0x2c) 03:33:57 executing program 0 (fault-call:8 fault-nth:72): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) 03:33:57 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x7000000, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:57 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0xab01000000000000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:57 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x4000000, @loopback=0x7f000001}, 0x10) 03:33:57 executing program 7: r0 = syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0xffffffff, 0x100) getsockopt$inet_sctp6_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000000040)={0x0, 0x7, 0x7, 0xfffffffffffffffd}, &(0x7f00000000c0)=0x10) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000100)={r1, 0x100}, 0x8) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000240)={&(0x7f0000000080)={0x10}, 0xc, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB="230000002e00010400000000000000000000000056c9c21a0566916eb018a8697da8ad1e1dc42855e46ec286faae0e9088519b9138bc9cf86688f4515e0cd508854f5fc1b116219f60a531d6840ac456b1cd075baf3cef9903b3bc0a414cdfaa9f388b483d65d06fec0619107ea2fd30c8b5f9a5ae664f2977e48fc4263da7fa57997744121b007b6bb404f74236c658bfa9422cd8b0c4839b3756c82cc755259e62927a21a1c42a4b63af1998fa2374bcbe1b8a9cfc42b60179e2dd06d630400a0e34dce081db74fcb6c1860546a05ce2b12f6878254c02cf585220cb756859267086c3863a1ebb33d23fc248408248", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'], 0x24}, 0x1}, 0x0) 03:33:57 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x18875, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:57 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0x8060000], 0x1}}, 0x1c) 03:33:57 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0xe2020000, @loopback=0x7f000001}, 0x10) 03:33:57 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0xc8030000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) [ 570.949406] FAULT_INJECTION: forcing a failure. [ 570.949406] name failslab, interval 1, probability 0, space 0, times 0 [ 570.960709] CPU: 0 PID: 9476 Comm: syz-executor0 Not tainted 4.18.0-rc4-next-20180713+ #7 [ 570.960723] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 570.978376] Call Trace: [ 570.980969] dump_stack+0x1c9/0x2b4 [ 570.984597] ? dump_stack_print_info.cold.2+0x52/0x52 [ 570.989795] should_fail.cold.4+0xa/0x11 [ 570.993863] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 570.998980] ? kasan_kmalloc+0xc4/0xe0 [ 570.998997] ? __kmalloc_track_caller+0x14a/0x760 [ 570.999012] ? kstrdup+0x39/0x70 [ 570.999029] ? kstrdup_const+0x66/0x80 03:33:57 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0x1000000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:57 executing program 5: r0 = openat$audio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio\x00', 0x400000, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffff9c, 0x8933, &(0x7f0000000100)={'team0\x00', 0x0}) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000140)={'vcan0\x00', r1}) clock_adjtime(0x0, &(0x7f00000001c0)={0xfff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2a90dca4}) 03:33:57 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0x30000000000], 0x1}}, 0x1c) 03:33:57 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0xfeffffff, @loopback=0x7f000001}, 0x10) [ 570.999041] ? __kernfs_new_node+0xb0/0x5a0 [ 570.999053] ? kernfs_new_node+0x80/0xf0 [ 570.999065] ? kernfs_create_link+0x33/0x180 [ 570.999080] ? sysfs_do_create_link_sd.isra.2+0x90/0x130 [ 570.999094] ? sysfs_create_link+0x65/0xc0 03:33:57 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x206, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) [ 570.999109] ? device_create_groups_vargs+0x1ff/0x270 03:33:57 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0x8000000], 0x1}}, 0x1c) [ 570.999123] ? device_create_vargs+0x46/0x60 [ 570.999137] ? bdi_register_va.part.12+0xc3/0x9c0 [ 570.999151] ? bdi_register_va+0x68/0x80 [ 570.999170] ? super_setup_bdi_name+0x12d/0x240 [ 570.999186] ? super_setup_bdi+0x7f/0xb0 [ 570.999202] ? v9fs_mount+0x268/0x900 [ 570.999216] ? vfs_get_tree+0x1cb/0x5c0 [ 570.999230] ? do_mount+0x6c1/0x1fb0 [ 570.999243] ? ksys_mount+0x12d/0x140 [ 570.999256] ? __x64_sys_mount+0xbe/0x150 [ 570.999270] ? do_syscall_64+0x1b9/0x820 [ 570.999287] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 570.999304] ? lock_acquire+0x1e4/0x540 [ 570.999325] ? fs_reclaim_acquire+0x20/0x20 [ 570.999341] ? lock_downgrade+0x8f0/0x8f0 [ 570.999359] ? lock_acquire+0x1e4/0x540 [ 570.999372] ? fs_reclaim_acquire+0x20/0x20 [ 570.999388] ? lock_downgrade+0x8f0/0x8f0 [ 570.999402] ? check_same_owner+0x340/0x340 [ 570.999419] ? check_same_owner+0x340/0x340 [ 570.999434] ? kasan_kmalloc+0xc4/0xe0 [ 570.999448] ? rcu_note_context_switch+0x730/0x730 [ 570.999463] __should_failslab+0x124/0x180 [ 570.999479] should_failslab+0x9/0x14 [ 570.999493] kmem_cache_alloc+0x2af/0x760 [ 570.999503] ? memcpy+0x45/0x50 [ 570.999518] ? kstrdup+0x59/0x70 [ 570.999533] __kernfs_new_node+0xef/0x5a0 [ 570.999547] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 570.999562] ? lock_acquire+0x1e4/0x540 [ 570.999576] ? sysfs_do_create_link_sd.isra.2+0x82/0x130 [ 570.999592] ? lock_downgrade+0x8f0/0x8f0 [ 570.999610] ? kasan_check_read+0x11/0x20 [ 570.999623] ? do_raw_spin_unlock+0xa7/0x2f0 [ 570.999638] kernfs_new_node+0x80/0xf0 [ 570.999652] kernfs_create_link+0x33/0x180 [ 570.999667] sysfs_do_create_link_sd.isra.2+0x90/0x130 [ 570.999683] sysfs_create_link+0x65/0xc0 [ 570.999698] device_add+0x5c9/0x16f0 [ 570.999712] ? kasan_kmalloc+0xc4/0xe0 [ 570.999729] ? device_private_init+0x240/0x240 [ 570.999742] ? kfree+0x15e/0x260 [ 570.999757] ? kfree_const+0x5e/0x70 [ 570.999775] device_create_groups_vargs+0x1ff/0x270 [ 570.999791] device_create_vargs+0x46/0x60 [ 570.999807] bdi_register_va.part.12+0xc3/0x9c0 [ 570.999820] ? lockdep_init_map+0x9/0x10 [ 570.999833] ? cgwb_kill+0x640/0x640 [ 570.999848] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 570.999859] ? bdi_init+0x3d0/0x4d0 [ 570.999870] ? wb_init+0xa00/0xa00 [ 570.999885] ? kasan_unpoison_shadow+0x35/0x50 [ 570.999898] ? kasan_kmalloc+0xc4/0xe0 [ 570.999913] ? kmem_cache_alloc_node_trace+0x302/0x770 [ 570.999930] bdi_register_va+0x68/0x80 [ 570.999946] super_setup_bdi_name+0x12d/0x240 [ 570.999960] ? kill_block_super+0x100/0x100 [ 570.999976] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 570.999991] ? ns_capable_common+0x13f/0x170 [ 571.000009] super_setup_bdi+0x7f/0xb0 [ 571.000023] v9fs_mount+0x268/0x900 [ 571.000039] ? v9fs_drop_inode+0x150/0x150 [ 571.000055] legacy_get_tree+0x118/0x440 [ 571.000073] vfs_get_tree+0x1cb/0x5c0 [ 571.000089] do_mount+0x6c1/0x1fb0 [ 571.000102] ? check_same_owner+0x340/0x340 [ 571.000115] ? lock_release+0xa30/0xa30 [ 571.000132] ? copy_mount_string+0x40/0x40 [ 571.000148] ? retint_kernel+0x10/0x10 [ 571.000166] ? copy_mount_options+0x1f0/0x380 [ 571.000181] ? __sanitizer_cov_trace_pc+0x48/0x50 [ 571.000197] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 571.000210] ? copy_mount_options+0x285/0x380 [ 571.000227] ksys_mount+0x12d/0x140 [ 571.000242] __x64_sys_mount+0xbe/0x150 [ 571.000259] do_syscall_64+0x1b9/0x820 [ 571.000271] ? finish_task_switch+0x1d3/0x870 [ 571.000285] ? syscall_return_slowpath+0x5e0/0x5e0 [ 571.000300] ? syscall_return_slowpath+0x31d/0x5e0 [ 571.000320] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 571.000334] ? prepare_exit_to_usermode+0x291/0x3b0 [ 571.000347] ? perf_trace_sys_enter+0xb10/0xb10 [ 571.000361] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 571.000377] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 571.000387] RIP: 0033:0x455ab9 [ 571.000390] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 571.000605] RSP: 002b:00007ff52b1d3c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 571.000620] RAX: ffffffffffffffda RBX: 00007ff52b1d46d4 RCX: 0000000000455ab9 [ 571.000627] RDX: 0000000020000900 RSI: 0000000020000000 RDI: 0000000000000000 [ 571.000635] RBP: 000000000072bea0 R08: 0000000020000140 R09: 0000000000000000 [ 571.000643] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 571.000651] R13: 00000000004c0201 R14: 00000000004cfe50 R15: 0000000000000048 [ 571.742848] IPVS: ip_vs_svc_hash(): request for already hashed, called from do_ip_vs_set_ctl+0x1b3a/0x1d80 03:33:58 executing program 2: r0 = socket$inet6(0xa, 0x2100000000000002, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c) ioctl(0xffffffffffffffff, 0x8912, &(0x7f00000002c0)="025cc83d6d345f8f762070335f2ae18829faadca4e5a135c280077e121b80f74240e6adec7ddf2c8446ce0bdd3ab3db5506f0f8fcc4a4ca0771859986604a18072c76534a68333c8bfe8229826a1fe4b453cd1c78ec46d3a4b1b671804b965ed2a5adc49dde6af66a750") getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc) r1 = syz_open_dev$dspn(&(0x7f0000000180)='/dev/dsp#\x00', 0xffffffffffff78d4, 0x180) getsockopt$bt_BT_VOICE(r1, 0x112, 0xb, &(0x7f0000000200)=0x4, &(0x7f0000000240)=0x2) ioctl$TCSETA(r1, 0x5406, &(0x7f0000000280)={0x2, 0xd20d, 0x10e, 0x1000, 0x6, 0xb1, 0x3, 0x8, 0x101, 0x7}) r2 = getpgrp(0xffffffffffffffff) lstat(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0}) setsockopt$sock_cred(r0, 0x1, 0x5, &(0x7f00000001c0)={r2, r3}, 0x1f6) 03:33:58 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0x40000000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:58 executing program 5: r0 = socket$key(0xf, 0x3, 0x2) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r2 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x4000, 0x0) ioctl$ION_IOC_ALLOC(r2, 0xc0184900, &(0x7f0000000040)={0xfffffffffffffbff, 0x7, 0x1, 0xffffffffffffff9c}) getpeername$packet(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @random}, &(0x7f0000000100)=0x14) sendmsg$nl_route(r2, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10001}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)=@getstats={0x1c, 0x5e, 0x404, 0x70bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, r4, 0x4}, ["", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x8000) write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000240)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000200)={0xffffffffffffffff}, 0x113, 0x9}}, 0x20) write$RDMA_USER_CM_CMD_QUERY(r3, &(0x7f00000004c0)={0x13, 0x10, 0xfa00, {&(0x7f00000002c0), r5, 0x2}}, 0x18) sendmsg$key(r0, &(0x7f00005f5000)={0x0, 0x0, &(0x7f00008feff0)={&(0x7f00001dcf48)=ANY=[@ANYBLOB="02032000100000000000000000000000010014000000000005000600000000000a0000000000000000000000000000000000000000000000000000000000000001001600000000000200010000000000000000000000000005000500000000000a00000000000000fe8800000000000000000000000000ff0000000000000000"], 0x80}, 0x1}, 0x0) 03:33:58 executing program 0 (fault-call:8 fault-nth:73): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) 03:33:58 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x11000000, @loopback=0x7f000001}, 0x10) 03:33:58 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x6888010000000000, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:58 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0x88640000], 0x1}}, 0x1c) 03:33:58 executing program 7: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000006ffc)=0x200, 0xfe61) r1 = syz_open_dev$sndpcmc(&(0x7f00000000c0)='/dev/snd/pcmC#D#c\x00', 0x80000001, 0x0) ioctl$SG_GET_SCSI_ID(r1, 0x2276, &(0x7f0000000100)) sendto$inet6(r0, &(0x7f0000000040)="040300000309c14609005375c52cf7c21975e697b02f5c566b2b2ff0dac8897c6b11876d886b6621d8d207ccf73f257e55e86eb29406136fcfff0500000000000018c7a67e4b98a35d724459", 0x4c, 0x0, &(0x7f0000000000)={0xa, 0x800, 0x5, @dev={0xfe, 0x80}}, 0x1c) [ 571.876377] IPVS: ip_vs_svc_hash(): request for already hashed, called from do_ip_vs_set_ctl+0x1b3a/0x1d80 [ 571.915809] FAULT_INJECTION: forcing a failure. 03:33:58 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x6988010000000000, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:58 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0x6f010000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) [ 571.915809] name failslab, interval 1, probability 0, space 0, times 0 [ 571.927115] CPU: 1 PID: 9546 Comm: syz-executor0 Not tainted 4.18.0-rc4-next-20180713+ #7 [ 571.935432] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 571.944794] Call Trace: [ 571.947392] dump_stack+0x1c9/0x2b4 [ 571.951024] ? dump_stack_print_info.cold.2+0x52/0x52 [ 571.956218] ? __mutex_lock+0x6c4/0x1680 [ 571.960295] should_fail.cold.4+0xa/0x11 [ 571.964367] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 571.969478] ? __mutex_lock+0x6c4/0x1680 03:33:58 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0xe202000000000000, @loopback=0x7f000001}, 0x10) [ 571.973543] ? kernfs_add_one+0x4f/0x4d0 [ 571.977613] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 571.983164] ? trace_hardirqs_on+0x10/0x10 [ 571.987406] ? radix_tree_iter_tag_clear+0x97/0xd0 [ 571.992348] ? radix_tree_iter_replace+0x49/0x60 [ 571.997116] ? kernfs_add_one+0x2d4/0x4d0 [ 572.001274] ? lock_acquire+0x1e4/0x540 [ 572.005253] ? fs_reclaim_acquire+0x20/0x20 [ 572.009585] ? lock_downgrade+0x8f0/0x8f0 [ 572.013745] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 572.018689] ? check_same_owner+0x340/0x340 03:33:58 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x1f00000000000000, @loopback=0x7f000001}, 0x10) 03:33:58 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xffffffff00000000, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) [ 572.023019] ? do_raw_spin_unlock+0xa7/0x2f0 [ 572.027437] ? rcu_note_context_switch+0x730/0x730 [ 572.032376] ? kasan_check_write+0x14/0x20 [ 572.036618] __should_failslab+0x124/0x180 [ 572.040862] should_failslab+0x9/0x14 [ 572.044668] kmem_cache_alloc+0x2af/0x760 [ 572.048824] ? __kernfs_new_node+0x426/0x5a0 [ 572.053239] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 572.058259] __kernfs_new_node+0xef/0x5a0 [ 572.062425] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 572.067186] ? lock_acquire+0x1e4/0x540 [ 572.071167] ? sysfs_do_create_link_sd.isra.2+0x82/0x130 03:33:58 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x900000000000000, @loopback=0x7f000001}, 0x10) 03:33:58 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x5c831, 0xffffffffffffffff, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, &(0x7f0000000100)="66b91000004066b80000000066ba000000000f30baa000eddb8f05000f89ae6a660f3a22efa80f09f00fc709f20f1ab60d0066b93608000066b80000000066ba008000000f3066b9800000c00f326635000800000f30", 0x56}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) [ 572.076631] ? lock_downgrade+0x8f0/0x8f0 [ 572.080796] ? kasan_check_read+0x11/0x20 [ 572.084947] ? do_raw_spin_unlock+0xa7/0x2f0 [ 572.089360] kernfs_new_node+0x80/0xf0 [ 572.093252] kernfs_create_link+0x33/0x180 [ 572.097498] sysfs_do_create_link_sd.isra.2+0x90/0x130 [ 572.102781] sysfs_create_link+0x65/0xc0 [ 572.106848] device_add+0x4a1/0x16f0 [ 572.110569] ? kasan_kmalloc+0xc4/0xe0 [ 572.114464] ? device_private_init+0x240/0x240 [ 572.119049] ? kfree+0x15e/0x260 [ 572.122510] ? kfree_const+0x5e/0x70 03:33:58 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x5000000, @loopback=0x7f000001}, 0x10) 03:33:58 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x6e880100, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) [ 572.126222] device_create_groups_vargs+0x1ff/0x270 [ 572.131239] device_create_vargs+0x46/0x60 [ 572.135938] bdi_register_va.part.12+0xc3/0x9c0 [ 572.140609] ? lockdep_init_map+0x9/0x10 [ 572.144669] ? cgwb_kill+0x640/0x640 [ 572.148383] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 572.153922] ? bdi_init+0x3d0/0x4d0 [ 572.157557] ? wb_init+0xa00/0xa00 [ 572.161099] ? kasan_unpoison_shadow+0x35/0x50 [ 572.165688] ? kasan_kmalloc+0xc4/0xe0 [ 572.169607] ? kmem_cache_alloc_node_trace+0x302/0x770 03:33:58 executing program 2: ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000100)=0x0) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, r0, 0x0, 0xffffffffffffffff, 0x0) lstat(&(0x7f00000000c0)='./file0\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0}) mount$9p_virtio(&(0x7f0000000000)="5b9e7365637572697479656d3173656375726974792c5c73656c696e757800", &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='9p\x00', 0x1001, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=virtio,privport,dfltuid=', @ANYRESHEX=r1, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00']) arch_prctl(0x2002, &(0x7f0000000000)) [ 572.174891] bdi_register_va+0x68/0x80 [ 572.178787] super_setup_bdi_name+0x12d/0x240 [ 572.183290] ? kill_block_super+0x100/0x100 [ 572.187620] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 572.193163] ? ns_capable_common+0x13f/0x170 [ 572.197577] super_setup_bdi+0x7f/0xb0 [ 572.201467] v9fs_mount+0x268/0x900 [ 572.205098] ? v9fs_drop_inode+0x150/0x150 [ 572.209333] legacy_get_tree+0x118/0x440 [ 572.213395] vfs_get_tree+0x1cb/0x5c0 [ 572.217189] do_mount+0x6c1/0x1fb0 [ 572.220720] ? check_same_owner+0x340/0x340 [ 572.225029] ? lock_release+0xa30/0xa30 [ 572.228992] ? copy_mount_string+0x40/0x40 [ 572.233220] ? kasan_kmalloc+0xc4/0xe0 [ 572.237100] ? kmem_cache_alloc_trace+0x318/0x780 [ 572.241935] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 572.247460] ? _copy_from_user+0xdf/0x150 [ 572.251595] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 572.257119] ? copy_mount_options+0x285/0x380 [ 572.261601] ksys_mount+0x12d/0x140 [ 572.265217] __x64_sys_mount+0xbe/0x150 [ 572.269180] do_syscall_64+0x1b9/0x820 [ 572.273052] ? finish_task_switch+0x1d3/0x870 [ 572.277535] ? syscall_return_slowpath+0x5e0/0x5e0 [ 572.282451] ? syscall_return_slowpath+0x31d/0x5e0 [ 572.287368] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 572.292372] ? prepare_exit_to_usermode+0x291/0x3b0 [ 572.297373] ? perf_trace_sys_enter+0xb10/0xb10 [ 572.302032] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 572.306865] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 572.312042] RIP: 0033:0x455ab9 [ 572.315214] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 572.334490] RSP: 002b:00007ff52b1d3c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 572.342186] RAX: ffffffffffffffda RBX: 00007ff52b1d46d4 RCX: 0000000000455ab9 [ 572.349441] RDX: 0000000020000900 RSI: 0000000020000000 RDI: 0000000000000000 [ 572.356696] RBP: 000000000072bea0 R08: 0000000020000140 R09: 0000000000000000 [ 572.363953] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 572.371239] R13: 00000000004c0201 R14: 00000000004cfe50 R15: 0000000000000049 03:33:59 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0x8b000000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:59 executing program 0 (fault-call:8 fault-nth:74): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) 03:33:59 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x7, @loopback=0x7f000001}, 0x10) 03:33:59 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x700000000000000, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:59 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") ioperm(0x2, 0x6, 0x2) openat$audio(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio\x00', 0x4002, 0x0) 03:33:59 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x0, 0x0) r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x80a00, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r1, 0x40085112, &(0x7f0000000100)={{0x7fffffff, 0x1000000000009}}) setsockopt$inet_tcp_TLS_RX(r2, 0x6, 0x2, &(0x7f0000000040)={0x303, 0x33}, 0x4) 03:33:59 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0xa000000], 0x1}}, 0x1c) 03:33:59 executing program 2: pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r2 = syz_open_dev$sndpcmc(&(0x7f0000000100)='/dev/snd/pcmC#D#c\x00', 0x8, 0x800) r3 = gettid() setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r2, 0x84, 0x6e, &(0x7f0000000240)=[@in6={0xa, 0x4e21, 0x9, @remote={0xfe, 0x80, [], 0xbb}, 0x9}, @in6={0xa, 0x4e20, 0x6, @local={0xfe, 0x80, [], 0xaa}, 0x3}], 0x38) sendmsg$nl_generic(r2, &(0x7f0000000200)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000001c0)={&(0x7f00000007c0)={0x3a88, 0x1c, 0x400, 0x70bd2d, 0x25dfdbfd, {0x1f}, [@nested={0x20, 0x2b, [@typed={0x4, 0x29}, @typed={0x14, 0x91, @ipv6}, @generic="111854cd"]}, @typed={0x4, 0x4e}, @nested={0x11d0, 0x3e, [@typed={0xc, 0x87, @u64=0x20000000000}, @typed={0x8, 0x7c, @u32=0xfffffffffffff9bd}, @generic="802c55ae0b52d7b6130655602af525e24e796cb52e66b2454cd3a8851ffd6aa653007067b00f8d775b4aba6945db2830f94f476f3f884a074174e2e6f40ced98864bfd89cceb4aa27db18ea1ba98c5e7a1f989b17b52f54af2f1e2d565263c74827957f58f91bddbdffb67e56a11d22eea6f8b957a4dedff25dd42a3f3e788d95790a7ca2e1ff1804e904949ffd3f9ee1a4dd72c0647e69f4d4b9d629f307eb816c59e74544f7e32b5d0258441fd6a4451fde2fc5f98f4dfcc40ca84204409c1282ed0ddbd4771ec2708fe3a17872434a23b9ea0a3d65767636cb8ff4ab37565d91b6eaf3dae58e4542c328bcd0deba8e474d1a64aa9f8a4ea8e4debd9cbc4de3ca44d405723e2888d813ed468a2150672736a9031709c353c92d1f65ce7558a0f900b5c353b1b32256805c9b421d360849f2c8e41f242c97f320674ede27c53acd3e6997bcfa6f66f4ce02223c4a8024a528c1be3927735596ed5ba6d9e4f45f7e2f26c450fa3f792985690d2adc507f30262426eb224cc68b00de3e3ba82f87cabe4c6866e3238e193f02dd87cf9afc9757dca37ded45da30f8d0f64a9c0a208bc395dd703996069c8195d9a72338548a62089aefc66bab178a210b4719c959315b0a025f1838606081cad5394ae6f0e161311e88e2f59e51b27eaeea43e4d739299f6b9e632aaaa805afbdc96ffb8eebec78ac6ec6267fdc09750175c924407d6f417541296be7ecd3d72b48273186d655f1d50947d74e448a2a49737d2bc2203787ca8863dc333c14dd089b65c5799154e43fcfbd9b08b3ed0145947ababcb0ca939c3984ba383066deb69977fd0640cfc0caeddd7fb8dc74755525aac282ea001976dba498a3cafcfffaf92809dbf639821d3f854f0ca3b1e758e3c541807646a1251fb297f16231a53bf0bea7c47c41b244ed07573acc37ae439c5157ffac6ff4ab58280510e32b148a72990629c916db5b0cc4d8c524c9e7f84d7e6b5ffa09baf1b6cd745b5195d0c2187a086051faa2aee12f1a96448ab1094db6e05ffb5e14231d90f7dea2f6427bee793589b4bbe9f3ea0857ff548e2f92c5b4e157e8d321bda451e18372244d84d82a0e341ead353b049f162ff49525eb7bd449b463d421d64c181a47de283ba2bbb6b75f8c0a31b5300eda030ecc09783ff1c357208c58cf255df2eddbeca9d2145ef8f209cb3f4e3bc3d3531d0f146b72e75bc75b14d53309065657ccb9cb0f867601f9c993032080af0861c0ea62be7051d902ecabfcd5def2a7a59d005d297619dd8b834f2ab0494c5a8b21d9708353c5f974f2e5d96f3f5c6e4bf8de59da9e2c75fd286e2e2dd2db8dabfe3ec1ee7f66f88448ffeb3c453c3e024a8dc702c4aded9b761e20962403840f6c3fc40c6a47f1c32e9e53098204bd23c5475848c8d8b377b7d8019200536b28d773ec9d17e8a9b14d4a996a3d801ef480fa57d6b5fe097bb9f17e11740ffd090da32f94ae91733f8f18af94534d0f76a1bf7a5f3652c52b25a4f2bab931b66c0a4cd715e6909df0791b75d0285aa98208ae79c2d83b70bf439928b7854bcdcee740ee1fab489f76614b40706797abc036f43a6c92a47e221d4ce9de8ad0549ae1f7034e8ca2482231415d9b945ce244769de30e1435cb7a67c0dbcc9369fb6b929e55e1a420c68e5626eb6444f3748af1f08019fb50dc3a34b3b0b73cbf154ac07e238f8560bf600d31e509d26b7f4898ee29cb167942eebdcb0d1ac19448e1b431e6aad8063e63d227434058bc04f631016bc4cb120c6e04d0e33010e94f896b639af49a20c85fe7ac7369ba15745e43fc0e6f261e1272c828a5962f064533be68e2a545114e037574f324def85b4e9ede65480ea701c52a31c790c36dd3440162c8c81616a2c08939c8004ba11059625cc8b59f2c1a42ac631f5fe8804a0e0038413f77c98369827556dd1966df4fe334d5b649b97cbe13a676451f8dc7a0555cdfa630dc68d2064f2335f6952822c31d99cf053401c43c73068daa6e6fe100701622ffe79cfbf6b08ff11a8647c7483c707a409d22d059856517281856919a165bf2f15718275f09f6c9cd9306d2049b8da9f5875a7903106265a8eacd40230bacaa2cff8c3f8abaa0dc0d6939d5f2016b5cc4a591c1b30cd78c9ca34726cfa184cf8ac4870f53de40229c8f353857b54e3911101df0ce05da463537b1729d15da7dd62ea26b62b354fad26d189fb1856bb75332bcc421a61b173852f7c78e62eadf9ff06a30637d4b59957091989b59ab8190c98e5aa88adbd863b6d9e7dd4ee9d0ae48dd678d35cd4cdff784caf8680f072d81354d6af086cadd067fdcf312d98457bce90bd6c33ac9821f04696fcfbc05f906078e86f8f9dc67bd01227f9a23806f93347aefa2433ed843f0789f8a42ee6e7096d0952f78154ce8553f18365c2bb2d013841b9a05dcbed3d89d85c472eea76f79357438e8719a223de8c907da0a5c4db98bca60abf6c29b2f43de1609c0dfe869e3f06677444608d4cc7447f30f8d9b33f7e89e711c80113e49274fcb801066fecbb304958ce1a1d9f5b68b34c399d0802b22b30facb1a4805a50b6e0f0f7290d50366fce168f1b5eccc1983033bd81a69eeb64f663d33d5938c8ea27b5e19c6e7f0156bd5c32d4f9fd0c364e45b2692966071be485fdd8152dd3ebbe1ffeb0bba58032dbfc53253b3323db1d44187b94bab25e2555b338550ebb586ad82b6982133d9e63fe37555305dc2887c21cabd680c84f09458d7816637f385fc2ac79d5e0ee0f023bbf2251f0b0d0c9caa7e1da1955ebfc818c1c384873fdfc95d52f9e372a91ef255a76843dfa556ab3cb00417f74976eef16c245010662d6df4e5e11e5fed0fe4665327c3fb3e448f9a86ce460a4805791ca9dd02d08f4c233aca06b8d8d4db59934e6a2c85f8342bcd7388e4dd5b9ce631fe883de9144253a5af449933b9528b8978ee4b355fd610de07358880ad74bdb8fc8f140de2cf4f4e95f43599bc2e193171a6418ea5da9b27a78abc25d517959eb681d51b25a6f6f65c059f76bd16219cdaf4aa243be59843e911c1e58e53dae596bb4fcc89f826086d53fb650dd755db8baffd3719637fad89599f59088e8097ec8fdfe6f77ba289b9b067f0b94276d0c576ff3b269190e0b79e16326bb4bd23333fd5a68bfd7e75bed3f4519dcb6d997fbe92b5b4d725452ce3b650a656b61345eeff40da66b63b9d29ec8787e73d69c27f4c49b29e3366272d90198420fd69a65bb0bca06d2a76a3f4d89802c95a47a2fccf85355107513b0348727832a747d0d74388cd271ea2c506df286be3b68855dd15ce66b4e817804801403d79bfb43c6c2c2d95fce30f65a6758fe822b81e454957598c13c72802d473bf80cdf71a445538b68a5ddca1969345ed6f2de5afbb56dd3dce71df93ff5eb8cba7b8e23ce5e09ab6924bf40ad3be1428e26fbbcc9b8388694f8d34ff22d642b1b5731489b01e3c8cda94c29974704ab4c5de52aee68b60a24adcd6c91b5010d8af02a1545118533df607907beb72f6195f2a79f076e7721357603f062e097f1a34f226a11fd0aa483b625adbdd4d179036e5392c68764bc1c9578781f8053671771b3f15ea28b740cfafc8fb03863c7009a8dbf08fc666bdc83c18a99445893657cbe11b0b26840f64feae5a4a1e76f2906a884eb014b7e9df7863cfa7ddfe299f5ad423ada5ed7bfbd4a9cef99fa8ee4f22e013dc00686a7224966adeabb0bd94613e61fc4719e6a5b04d922fbbac489bda61458571db30ebb52a50297b70a18a555ee438f93ff17f22178ed89891721d33415a2b3015fa8ca329fb3f5c3fc29c9f28b85baf906b389edbcaf35770fee0cea5862ff1ace16775bb692330951fcb5a7c092fbba7854841d233cfbbc7ceefd09f7c49fb3c8f228f4a7a8dad57846c391010acc5b3fb0c7e68ac5a296f8cf18aceb1511d07c3acba0fe3357da71f1fb67c26bc485c433d6be0413260f6f0b3eeeb058bea63ddd15f8f809919b8a724c7cb0f2f646cf2bb47b2d67d88972701c56561da9ddb38e78944da3d016e1c48477ece3daf54924f96b400f994648610ddc396a2f9efa0192e3ad1fc89b82c0e4d8c866e8cbc09d89c9b395fb643b387efa9e05ecbcd4f37ac018895772d257a4222311dc8faa8570a58f05609a4dc8440deb4c14dc7a6a6683a98d7dad9cfecdde87ec7575eabf66fb38fa2b4eb27e454be6e02b3091c7e00c7dd9e6717f0ccd7e8eadc68a8363f431652fd691e044db10a375f0df975f728d5d19288866f86d10c845ce3b1ceda17991d38a2d539f42805ab93342f0288407d8a829cdb240006147ed08da9e1586e5384537f316dfd716463b21deaa71f1435fc924339a5f255423d1dde275ae461db7bf2903317d19eb742f7a177c452fa4de0e0fca2cb192866843184e5179a416522285491a5028274e64488701de9d718ad063005dba24ff2aebf5a39be4fe2293e5738f9c2d4ea3d1b4cd54a8446f0462f7fe9ed9b7e690ab407e2da324ee5074ca70c69be900291d246d5b2d920bbd9ffcd5533443658648c59afc8c37a4f3633377fc929f1ccf0c47e30c2d0d08cda913a5372808923b6bab61c99aecccb92f6984bafb3cb2d1d6e5bb79993ec6a9340ce6e0aa85aab9542309eff78980fb7ae6a24faa3a2c82c37b572de3d720413d979786571d91de1615b23a067a1640b71e2f29bbcf3a68d43707c6f105714d876b5e99ffdc8797a941f59a332e8f14704b75911287691d18c38596d4ae92edb69284a159f51e2ae6408aa9d8342bba7a80a4f899456e8dab7a1394892d2aa249a9fd074b15b7fa9302ea0cbae89ca194a0dfd20b9ca8e547d9823380b1edf63c3580fdf1d89a0fa6c7fb9c706ccf8c7c3b71610ef60e3cbe551e21bc2bb92c0444e1629b2050ed0ce819a670270d4bcd39331db4321faef07854950e2f2b42132bcf0abd7767e535e513b399a6d6bc63a477e06fa6f32041585836bd05bce54286ec67029f5ed5f3b375560f19d445aea4a724a8ee838605790f844a5e1d2a78e8843f3e7808b46f38f131dd5ad2593b58e65a04ac6978be31464401f676842aad8fae36894db906aac18b3ae546e66d5e0d3eeecaed2b1daa118cf9a5bbec3da8d3ec897fa83162d70e9284861824c140bfd8309c8578d419837ad25c4bf462944e674899b6a66aa444b1ba000252f781ad13d7122bfe35b4d1948eac2bec7ab8d46a3130f0dcb725cc07d1c6df95a56538b27b1bc41e2f10ef67d1a011ad8a7c05ae22a17c667fc6a37fab60321b4e899e0bb2b3579f51457f2b751da8881c303990d7e9313a9ae61bf07a0c51cf3786bb6b280c2b4999f349cc07f8bb39a4523341984647ae60bf860b5bab6621bfb34d884012c87c0a510e92f80ac774427407db781e74dc4b90758bbbef51706de0d516de5b3704fc52451e3ed6188b6cd0800e5296e7c5141ffae120deaf95fdbf587adaf96b149ec2145ac9f19e8ae3544ea7b48984415e278a09168aa126c2efe88e16b6026bacba04e279a4c745cc68d716f5d27a9b8e965399e4e8acf30291ce0a2673029aed727b45c72b5d99ce462bace05eb9d5402b5f04c31dc0ac37f059e6e1aa5e09903cbca0a664b486282a0682b78936aa5ea9bab7abfd5a8c2e3f749ef3812f27d0936b2c9cc6128bb54b80d9117abdeaa24b522a0401cf3d28fc12453d70ce89141d299ca267f28df4b884ad43c21bc211958fba28c785276515c33237a682f5f38ee1322714c76a769125d8a", @generic="55414077ec9f55694bd8591bc1d87bd6544a02573bae73164ac3cfb929e36407cfa0005dec505928c2fe4c0efb545c7292d7c56b7f6edb3f22cda166b1a39df5ed8141813649e373d2f9a88e786481f89ca5dabd46723a51a0f472f26f62f6a61a4adfbd23d4c0df29ea2b2dbb35f4b28dcd4da65806b7cc79092300483743c0935af0da62b0e01caf7db850a67dd89d77f51b858ba7efa0e450bdcd36699dbb0e09edf3126ce9975d6e802472f3cf21ac3e2249d13e7f1bd206c96cd38aa3789cc2545153caf290a1d525f57fb3d78e3af83dfd0d63ffe39f60d5653762e4d75aee024fb6371fda7e32d6affc907d03ae2f10d615a3a650fa36ac3f", @typed={0x14, 0x3c, @ipv6=@remote={0xfe, 0x80, [], 0xbb}}, @generic="4049ce89c0040511ac34f8c8c628d72d4f72669954ec2485b60a0af800ca678eb579813aec98fda6033cc0dd7704f36ee53365935fce437e8a387a2536d0f73b56a62667dd2a5d9bfd6a7102e3c1289b12775f0f5fb146b2a3fe967c3b8a41", @generic="dfd823d3456b3e9bc3ab855c77ad32eb105629b246f48c7c60b3430017a76f90d1afdee98dacb59f9c797c998f51f36733993fc1ee7ff096aded35b95bcfe3d89f38978f5887"]}, @generic="8e5ee0455deadfef81999d880a1277c0985b0eb0", @typed={0x8, 0x34, @str='9p\x00'}, @nested={0x20d8, 0x58, [@typed={0x4, 0x93}, @generic="7fdd437ddb25b90db60280825c1e9b022890fb22ee4ada8a95eb4b6834f17f9b776f2dbeda627c3ab42b4e4e55174edae5349eaf29c7cfd539e5b9fb66ee73c53ea63c7d", @generic="d5307828a9b217004dbd5ba9b916ffffdf4c55ca7a45ca1957dffb8e2e7b6d9d5bec71ac77604db430b177da809fdc745610584c0c00f42e38378b360691b5fb3945f051d504ff666fc33c2aa3e66c9c871404ae1f75f940e664b39c441dbaf7fbce8f8222e549d542744cd4d60eee37d6e65df06b88f981e0981b385e935aaddc1f27875a5041d647012f3daaa2666c7be94e3e0a3088189b25754c2a5658b8d0c74f2888b968ee30a316c447ab409ed961a424520c2d543671d307c821ac7574311e8b5312207236ad1c985287c819cb799f99def1dd420df6f8b2a8611093acc815071d6ffd5d53251be8ca812fb4d004a7bcef247a0dcd8ebcc3d9a767c5dd3838c8595b3c53ab28227d966c69a7060d5052a6dc89c6fdde3b5f57e926d51582f3a6c4b1f109779220ccbaf8ec5568817e730cb8aa1b3df1b57cec2dd3d43d1d392f795b725bc88c24afbbbc9bc0f3390f57e08b7e81a05c5c3ad1a6232c7aff18f71c05a85fd44533f61acf56351c319f86bd798b6f3d209ea970d3795f39b9a8868b7e0059913f4a62ea0192f12a17aa69b7079621ae6ad575a9e83e29170146c5eb3c1b996fc4d8bc41b7d2b86b14c767cff74a399e0f8ca470fc4bdc1855fa3476457361ee7633c187b8b75962aaeb795a36eabfabcd3d742000dfdda82a5ae5f7c9d0ccc3a79380bcbad9d12b07d7c54b0c56693156da6c398ef7e078d9a83632f3b46e0837dfe854c990f1f4c7a7fa2cfd5a80d2886ba059bc25765d088ed3afc5778cef8dd95e4da1c4b06b00cd5bdab6318c81e7c0dfa61d75260a93d0ccc923068401729064a6b4fda90d23d6349668cf38996ec9a216130d71f16c62b80af78ccb3ffc051550d0a60279d0c9933ce71eff3fd0d46272886cb1218ede17e60b2dbc21b4fb1f494c48d0709206b48680ad38911d7550f3a0fdcb361a697f6db76e06e5eb95785b1585c63d1caf653be57d01fe22601ddafbaece87fa96ea4c19cd8cadeae362b25f3321c3764566bd70c753fa09ae9155e16694798a3145ca9c0d32c1da0ae717866c5ac6f669641580e16bf239f3bed71573a9997b2f5f7fb4fb860d481a2118792dd1411dfefb426047eadfdc3fa709013e05221252fa0d4c6f902eef21bd2721d6f1effda26cc48c088582e73f81bf5e3570798107ebcbd81484b29dd08a60d5d1462bb250c0f14431d313bd36690c0d79dae146ec308fd2bb7a60bcec600e7fba137e41be099494be89aa7a5b5cff77a6bb856c768e442ef195925f9c8f5b5eded433a002ebcf91276badd631e74c1c2186eda9c18010f9db76c5b5cd310d8f60f0054572490beb390f624125661f7f42ffc55513cc6ae344514731187bec3030cb0027815463d7890aac4c9454362cbf6ddb6bfcd1e5bdc95993446c9992e7d290ac24f3e94c61bebb9d964fb4d055b0845c0cbc55a130195030caf53476aacedebd60e2ff56c9ed999699ec8b1e645545273c517441b6c13660129ec660c05ba0af0d8cad31f80c1b5d6b6441be06ff7e1b49e29a359559cc2c1667fc3c98306077514653f7214245db8c0a091958b5491fd4e882b3a5b23a0bf2a58b339cfe6da18940182eea538e02cc5c451d33f5171c0c156ece0c20ad1684d9a9fec32811bc53c8514476ba737c523e42acd185e868046dcb0fd51628de3d3bd79c4ac62ea9c4de58e8df3175e58e57e3441a01525c67fe7d4097b7780b67577536c581bbcf8fe950b388e384211b948a0359e2515adf3e685f9093aabfa76bdda17efc2fffe11f825193f65a7609945f398fb309ab15a460a1bb67a3a7320fabca551beda00b72f73a1e32177391e7d030257855d9544b2e1823559b837afc9feb518619bc6ca30fe4090abb400fa4f4a8c654d52ae15256493e2acdf568527bc82b61c57584aef81b17014b051fd53f11af42c9dca7b0c507f3a84f8ef6ad23824629f7671ecf2be2fb9092174b9aaf8c71a12180f4834e649e7a817d238a8467f325e514bf79d9fbd691a394550598073333a293c43e932959fa6d104cdc9f187e17b19ab8c45e0f40a829e614a747e41624a87495f46d2ba4599231d1ee6563fe2e7f941b709212fe2061f367c456eddc810628461d2d7fa51e75e3bdabefe9e12d16f25cca0df986fc4080f18fb8fac205e9d9c161307b2d09bb10433ba1ef9a80b84e1d5eaf4cdacbcae5cc982e2a0c55e143b4d7dcdb7f6f79498b0dd30060f0797d5aa9ae05a12e02e718ce32cbaabf6184b83d89cdad629effaca837dc7b5700f91ecb9fb707fac764441d22d178b0bdd231da4f2935683115fb544be9e08eff2abea6068ff58c3ee97b81cc87d88c5034b99211e2a431f0a5b511fa6fe812512e0ca1b44670b9d8ede165498a6772402ff75aaf6e54a2bdb9fc5142313793abf3d91836b56b9ed6f91a55f6f7cdc73785833b7703c17ab41b8c9fdae3e383c631b5ad22577e325c5e8e170b9959164a8ca9893e9e32ac36e5cc10c21a15ee3e5af09762a33a189bc8220057c16eca961a5f27d9e20fafda7ebbc82b02c0f1aeadb7194a0fada2ee4a67277fbcf0ecdd1f4c9b9f460353d6323c42cef4acc825702c058b65bf039095de16102ce3b24b59bbc3093f984bedaa53f56fb1c7dabe43a43a8f1cc308d9a8940ce2c68f8403169d7e6c5b1faba1f973efe778ec6650c94429146d5b4ddbc2fdcb84706135685475ecbf2ae59010b8e51a6d1e0ef148bdd7c8761aec5f710049a9bac1c4be3d328162eaf2703eae403f5d2d74ec2de7c5def075c670a0a8dd8e3b63f273006f53a39f20295eba2dcca73ed83d21c52f5655af1d72935492ffb63b2c4c850404bab40312c0d200b080e9127fffbe3e2a0a0683841530d6408ceb6417f54eb781039884c1bb9ea729e8a4c118d6d91f654fdebd371a8b3895ef2503ad4127686644a12545ee693fd4c038cd8a7eea7081f990dfad9d6665463ef6932fab76b3f06b8e5a85308335e74e40cdfff25af9a4a723c8bc8f3cd9ccde3a0cf032b6b0b47fa5d4b6bd267e181de336fb7d4748d220744dcb4726e9906d91a11af4cdceaa05a1210494ddd49766cfd1cce561dbb3c3fd24f26058e878288718e617dd6f7501fb6095247d8b5f1da880853519c5b75bfe2119f2ec38a2f35d622ea624aaff199f2d19aa2ea1b6a432d9244380732a2ef9aa2f15b69ca3a84e73c5b0ca72f9e8e86691c2a484f94711b1ab155fd633105b684a8379aaed91e5329de671ff6e2264b5f1d9b8ed903cdd2e954f89faaa5b1bcf392c5a74a1443d9bb8e69d11a5e98a56c1f9954054218e00e690c5ed991bf2c37dc321c59e62d84467e39435fd2a82cf7ee04a9d4b124eb9ad459ab40de103f0febf491ffd094e988e6dbdf11403cffdabcb3f165788a7660fb123655d6b99efe4645f15c87f4463f2ec6a25671fbc1493ce9afd1ccdb06096c6bcf23fd70b2c86c3976d69757ce0feaf98ac346e8606638bac4692cb1ef7caaef19bb31a3c8b7d592d5633f4298a4715b91cdc55da6b7c399d8d3116e345da1a0c75734442b49b74f80a64b36fb74a8679e9c7a01bb9d414a6c65589c3bb91d3a1132fd1b15f817e22158443f1cb736fd39c08b472465bbac128eb2dee13a7891359c54c12d97c617960cb1e784120094ff94d4efb3bf997e78741488216d8daaccd67fa98a8c9554d273f0b5dbb4c6b94caa74d1f04844fc4d145887457432522bf3f03ad07e4aeb68a29367765affbfc1cb7a665c5ac9d667207a2ca676e678c2340f2c107173704d4057d8b54a7361989aaff91dede4da333d5014dcfe1dd5ceb1ef8fe69b2fa34e13b1260df0c0c79ad5ecd32905d0af97fbca9427bd359a93c54573642969f657825ccd80f29815ea61b58eef248a3d84573162a25078f5d8c3d50a3a5b2a2222efbc3b8fd39a8e9b77b1465474878498f7033853c9cab612cacc4c40d192dfc1eefdda1a9d36f4317142b314683fe0981332dc477018c358bf806d68c3847f3641b488f1db9cc331373657a2b84ab032f05fdf89c84a17c7a2747f82a51af348b308fbc47c6a24ca5b54f61296a6dd9476e51bc08d0ac41c7da03b66988fefab1632bba113eb52591e1a4b99fe09d9c46c707640db438f6a778d3759ef2061107b6453d834e0c78310ccb498300ac7759f6947d72e46d24b3a59cc30ea2ff124295ae46b4b276125a15a1c77d49fc977ff389cc0e24a7c1868e62be304fa629f6880b41d1e9914abd402455e20ed5b6bc01cc32e7c04de6bc12b548d257a7b8a1c5b8791c1172b4c5acf96436744da03efbab244ec4f59a288e8741ec0be0e6b204ed1483ec3457969a32cb2899c6738fe90ed46b57c50af63150b6afa0b0553c765db80b8cbba911e1d27152c5d6d5247aff8d6a37c641a758b51a15a07cb567e275b54323fe8a431a4200cd3ff7768a14f34b4e1b68b57c7666afe3a88c825e8b601c2f78a4484a7c4d4911244926e5de523f629b520eeaddf47e35015afe67653f488516043143f5740f6e36d98e5350385b165dfad9e02ca57312d84dd3b7645350cadd7937cb01c5a0475e67d158ca0a0589dad535525dc3a8ac2b0086c1b56bef7b0a21c4792cf4276bcdb61830985373b03976b58ab0022b6c1913aabc3a8c20da1edad690bca394261ffbdb8ea212875bfa6e5dd3bdaa631631a82edb515b8b315b3da2f9f5c0179ef60460a25c4769e8dc9571abeed17561c7fe3f985cc21dfeedb66b264f2043fe5278f6c853a082c09be947e662847824f5e804d0e833fcc712217ebdbbbdfd628de90c269b68b151ee852a3608de501afb3c156567b69d1ebd5f7fc9a7a8ad32e2b10eb68b4fd71ebcad2f415153da825917ae422e6e6ff82ecf668150571f02e0048903655edccd26927f598aed9f601e6a64bfe20d8021b8aaa08e2f8ecfde7fb1954208215b21761f4112ceb82f284658183484851b443fff6617f616628949c8464ec81a79a4b300c83c4ca2921971dfbecf76d6d7c1bcb2a8c156f9852b19916ca050b8fe0548428d7c2d7fb23626323d713ce8c73ad10cc872748427ad12c82722651e6ab0d81cc4315cb4f1674420fae8ad9e1852792653b2cf43b383377ebb40658ea9de4bd3737ddb97f29aa60a19bb81cdbd94324faff3e0c7bbec719527007c0d81c1bcad490d44fda90843749c1013afeb9d86451bc569d406e9e06ecbff743c22f5e3c855b01a5d574de337ee8413435b63d966bf1113c3a59f582e3c2941bcd8a7bf6f76be376a6dc07f966c6c781aa100cbb1d6999b8bbbde5894f479b22e5b9c896e2617f5de71776b020f20a22551d3c5bf6abe5f18c954726c3ef787c3e7b7964eea440b754c64e44730ac8e11a08fa9e543bdb15b10c8f300320e08d1ec35bc9592d467ca0b5d78ec48d1f4a183dc7f800e8f41cdc7119df88b087b4272a10f075f26361d3153ad998add8e549974d19c95f125831fbe1e5d51933c204e52c92eb104b4fbb0cd97e13af6cc8569c8b821642f2070be12958198bcce0828b7028f226c9e44deec94a070795c083edcfe5fa73fcd5c9ba00da316f9577d97c733f8f10996de36cee8200727c1923a0fac4eeea4d05d5caac6da0041259503f64d214d22958ce79b885dff255c3e83ebc83d2d327b34cdfbaa8cbc07d4296c8f85f5e8df78eca5b61a6efa5c30504c18fb0937cdbfa31153287ab89b6f79430d81f500bc11399a236c21af6c65f6bc1586fccf3a9c2b782c696d4b950a6adec722283eceab50bc2e3358bf151b88f2a5df5d24c263", @generic="0f0e2e51f34fc2fafcc192dd4770f60d69b62d0f8e9786b2a0761f563d98a77b1bf4e752f807f84d749ad9e293b89d919edc2cc76a14e20b0471f007fe3a26c95f04828baecb8bb20a469e91afd3a7e444d2f3d5a59542fac4cb0297f1c6f1f1b5bcc2d597c6b817f9c29003f3bfc4e0c0088cc39870d011ee87aac14c4a626d4da4606db66b7085e320cb", @generic="f702b4df96810fe22a3546fc152de950785931b05e7c32deff4099114a712f253d116f479ccfb7bfc7f3d5a0bb52b37fd68625e66d6e9852462fe151ba512b17f1f58a17fecbdecadd1d744006147fb7d9f352a84af1283e9e7b85fdba07a509ebf8c2d5dac3b0ab6ba978f9c2da59662f14c328d1724377257c1306741aa1d4ad148d1f2ed176442387ba677ff2f510c4697aa8adb4d2764f1d008bba2acb89fd8bc34ca075649897a232b8588a3da4819192d0eb349856499ea0974657d10a979fb5a7d6762c31a70b3218d5df5f76e445dcd0db6e171737520223f238b4221a9e8a3f99502a313a8ab48fb4b687137ee23e119cc9e4e7c29940a08c5fbcfc18fa4f879a2df2203329a7474fec3afad58c844d9b6589379a2cc46969b371c73d0df9a129ba8471bafe9f415118cdcbc54bb58540f44c4f87fbebc6a95130e94ebea62d0d2f01d362f27ed0f68baf87c1b7d08b592361e2c02b3ec1639ca06653625152cea730ac2a66b9b22f363c720496847eddaeed1d3bf09f61d83bc6fe1c4a82bd8402c38f9021854bd334bdb328d68e46ba9d4bba52a47dba23912b9034308b2a1413ab8e8cd51ad0c6565643b666f90ee2aae0425fb9ca718603dbf9d3b4e951e507bd8bfb29fcc559a98e7a95a7ade4f9c9c6ee2ca4ccc5f51c5056844efb09df69069dc9d8c8217a2fd15b9d369272929258237faf248e71476e25a41cbf6bd906ddc6f2c70a30a88a99e2c577fed21248f87ed23d6f45d9ffbfe1de1a5f782240fbcc325ef8c7005a7a63b9f2c9bc77c1813d88b4c1304444d891ab86534149d9641d6176839687f69c93579b63069ac49b715945124a9a324ea68a7697660c68068b17072853ef4ced19c08412afce018530ecc47803245f5b7a8374dd204e956eb51010905ab38cbb9c854230f02c1d5509bf71723f9cff4cafa8b3ee8d11996828d7c6e583cfa249058486d9d51b3d52490a11d3d5d76b60423b793bd3d192564becd8b38d4be06a0a0e96dcbbc4297fe3080e2f70dffb7e3c8f23c6dbb66f0dea76e60b4cb7eb2d14bffef6a9beb2df55bbca63834c45b8cee7608232e7f62aefc5b1677d18afebf0b637edaba0715d2765935e50887a9431827b1fd4493e7aa089055644253875a426bbea3ae73a58321e3582eaffb47d94014331630da2f3bbc73c4375e7cc585674ea97ef0b2ec027b6a1170ff644f3b48ea623fd348de4ce9b008d6236d52c24320fc432cb96a0a0b8dc70920761142a26b9263c6a5372402e8c05c91cf12a21c538fa1e159be5f6b0fcd63aace475095b2b6f3e1f2df0b7fb3d4168ca4c870d67783e47b1737b2954168748206f099c67d6d8a87c4bea7cb0c3c4020c13de65d8bff71981bfaf913b8c398cc812df8754905461bd87b80f048d5903a59daea6121d698179012a5f8ff3a12edee37b61454b290bbc69416b2bd59a2adaa2896e34e06f64ddc8398aa99023ee80f4a9bea49f88d3b25efd59516158b8fa16f52ad92f60189d102da64556ca4c61758ffaf222c5caa4edd7220ae756fc19d0101bcb93b6c4f665c6726beccbb5bc56f1fd73335570f5e9f4b2eec0d2bf999027b82b8c7935462c0bb60c0a466761f6b70b3f9287e773c662d2feb1a370ed82c4cd1cf0769efeeb90fbf4f0bd4a0ef483d6a7187a43f779b8466d33935e304878cda5be320902ba9f4afd0e88dc9b19f21184fedf4bafb7fe93307d6a76950d89c9207986a6a9027cd64029c7e861688e61d9b5e046aef074bfa2cce7ed1883ae64c98480807e1290788176cdf602f14d575a01ab7a1ae12a0225747770d027e900e71f2044490eb34b7dfeab71953ae4c5e770b341f7341325635c1d6eceebfeb754815b4dfc3141056880d238b47852844d9f0b1688abfaa38c50a282378e8a4ff9e8cb837d834393ec6e6aa342d29ef77c4dc69eba20548b24d369e465a846a73460def5e253105a454d115a392ec1a9344a61c274c0cd95bc634f6b9fd79adec72acc6e21cbf98107819ba3256a17c5114e548340f1a757383766a416664bf7c03f088672b7a16ee7844389a323fc0673c8bb6696e6893a4a8b70beb2c83d25214831aae25058b770a00f71d8a937af8347b6f0f91c42aa6246f2e4da8c89539ad3d3f5e293e724bc790693d18e8d0a9038c3a0ae6fca8cb6c3df974289ffb4d099485cee960a7e18adbd97e0dac450d6bfc79d90338b630f4201b785749fbc85df893500a6c64fb29de9e580ad725348a8e218d4b5414593c28478d5621f65a2b6218418b20a89962d7f8066b3efcf9a22f488ecbeef6e6986984545cc41d3d7ebb2a366f3abfe1c47c2ead80e66ea47bd339153e0ac61bb9e060b712f589ad89563ffd2a16712eb87afb0e12ed18c018cf4715cf9ee03685e7eb5733586e259c7124ae90663134403ed22fa0863be2a15b0fe6f666a8f2fba44dc19cadc2893ecfe0193a29d954591f2d2b56ad47cb7a92fa471442257681410fcf49c7753a0f9e5b4dc8a18369b1f9001d85d62316b1517cb6f9bd954584fd837dc495b32c8c242c55b4db9c89a3ea07bb0359b83b2afe5f814ed2a3bfc822453a469a3e4ca5c66719f0c09cc8cd72a621f13d57972652637257466681b998a01692f123cd8c929612b652dc2bc60b8876922ba7a664d313c6542b530fe0d9e50a84fb3d7efba663d97a00a6d6c14f82e7f2a9129438b2da9d77a190f5a39b590d5d7c6bb6ca20a2fc295e514e28ed6ba84c4b3a53ae3acebaacc45f3638e09e73e6b7ecb75cd0f71f59f8cda72d301c188122d03301f65cc6b3e9288e6ade752cb40af981e080b93517fc0afdd41147d0bdb731172f4af73c2613759f994fd92a94f489ba6841751706ac52ad804b736670b6189a1f47d25a583e2506e01c4a76824542271749b8982100ac1d89bd87b5bd94fcffb8429d8ace48804540afd5243ee5abdcce45ac7486da49bdb0bf4fcfcdc19262b804c608ee2b76c127fbb05efa966704c465b08cb0d9922e1222d5c90f639a2759b69d7d1f6f1e3859cf7fb1169d78a13afaa1fd370c1cdddbba57e2a6ca08a96b758f770230319af6dcc7da21fe71608ccc02d509dc9cbac431f363e482a0e644ebbdfe503da78d66606ac1ca32a565c5c68c49eb456db21e20f709a2e3b18ed6955fc30e40df5610b18478dc9e504eee2c3ccc0173caecfa898c061312bf75552995f73fde17c4de34c86ad63764ca6d6f38115297423e0a844dec17bdc4a279bf5744a5e6e2e8957ba2b6bedeebb50b43f662c099626545b24beafcbe27f3822720bf0eca0397b1d78f2453801e2bcf986bd7a497acd9646ddb2bc186a1166fb88cc0b6bc40db0ec07e998742fb91f113429eaa618528ca381946251dbd2866411caa3a561f272b95a0aa5ec290265b760c4258bbf8c212518a831acec893af8a7bf0cfeabbd50020e4ae8cd506ae6fd28f8037aef90f0dad0ec9178985a7c2f04e6a2b606e56537458866518403d78db0e74412c697d88fed70ced61d90a38d98ce0753e554e9bf32b7c04e052ad254a6ed9c3a517a0a593a98721ff2298f1c8c9b46da2696e885396d9727ed97995f825cf45812c40b249dd14a6009b13052c19e4e5a1dd7b2ea8f83493f465117370dea13d739e0018b18433e98f01edbb680aaa4be917dd43caeeffe5f63018844b5c38bb19c7d7b909b83cdb94974d76b6d491eb2a3736193d9860105b311957d4df936d1969d1267226ff4fafdd1ae9c36daacccf78754504be9b8b7744c4622ed94dbad663a8d4b35b6e3f5bb24878e8f0da9ae8f13961e785c978b69b86e94bff02db19987c945fe0b2601f37ceb335db6dabbe60210abdfbf95f8e9e5a0d737cff33bd9e8089293d57f9ff3f99e416581de36f54c34d08bfedaa66131404ead6b3ec921c3108f3e5c2360d99ce22b4b1710a05300e8d6d7dcb75935fbf55049dc3910a6d2da07bc78b5c23651e6553f6760ced1e82a12d0ba7474b6650d98176052a4363ebac15b2ab1855733bb6c333dce21cd9aec19d3a50c239ddf019e8341c1e06d61266cfc0f212956b95322a328c16c2dea61c71648e74305f04acbed827292d6841ca6719b01dd4fdbad8af29758a4001ff4cc938e5ce2b54e85ed0363e343f34be3780ffbb59a36ac6eb82dde807be7e257063d7beee4d8781e0e4b0a56247c255a73d03574029dd0b4f661cb5bf1be4973d12e968056bb138d205c475df30e73a69140421171cb6f49b2a1db74542d4ba2639d39c2a9a258b0ff068b0c9dc217714c79bcabc62f9b2ae80eba6aea8671c51fd9262a74cbbf990a244f91003144dab9c3685550b4b12afa36eb923ff50b0a1f9022c93ac50edf963c83792666aa7818839f9192055af3a6661eb438f920feed781b79b6b02a87625ad077209bd7f426b245c4ff4c2dfb8e3ac91be77655e65fda93370ec1f018d67e9781d330390eff9861a8f0f535430c693cdc906a886fac29bbda482f6612ba74056f928501ab0d0fd1274d0191050697a72175c0c88891680e5a199cbff1247cb88f1df96273f28a0a343759afe38b576abdfa98deb933fad23b2713324d02f0979df28fd0b1964022917d2869b0c4fa0914547a62c4f17af8f985be129137467d89db8fbb96d719802e7dcd2ae7400caf399cb15936eaa81047157f9d30ead83b6b037250b6c32b00271ef1b7f3f6c1ff0b770241f0ba7959603f36548962c929276c27fe9e9df510c1bd33644f44181aba6f729a7b03175d45f3c445a9a011a5e7d5fb09af3c4a9c7c52529256d3796b70cb2184aecb036a9ffafa427d456a73d9c2ba515ca3d890566d5fa745573ddf6652bc5b4bdeba0dd55f5602ce5a6dbce012cf244acad7da41327bebd346f743263c2c711b7eb21cf5c42d032f884859878fd6e63484a08938b1d2efe1944c3d24bd075a2a893a724e3928a47ad10dcafd937eb4842acffcb08a02c0bd409a493c9e12849d45249d0547cbad56b327de4c07a05ddbd3ed2f9330322dcbbf15c7f871bee6c2d352076507f6ec38334b63d4b5c20bcd071f1c12e5e5349491b6342d2a4de521e55aab56e2317fd74f3e1ff219eba9d330fc8aca2baf7f072b3e3e7e54b7c9613bd6b8b96416e46456cf25b87c86e4e6f4bfc324758eee2eb85b7b906e46c029896374104812ec9d7a230a6ba10ffc3d713358ba53ac253cb430fdb2cfcdc471edc5a1ca1b7b3e3e81dbb706ccfd3474cf7e4ca0dbb949a8357921f4da32cd12c3e65091f15d034d2e166f64c2142197cec4771b42f2299169516440fee4bd460f18d797f9a1eac5602bce1055f6165ac3eae362436f6bb0e40dea5b671cee60aee6a944e0f1147b324509dbc2a0bd91ad174beb07d8d0b4ee5a49530dcf28ef43e147492fef23514777a5e5f2d431d94cde863fbeb7da78909d085d6c947b3fc7d95a442617333685295326bdfbff7c6208ec297e4ce143d15852736d7caf9b4d28f510883d41b74da8c81a0d104ea17abc0536868efd25700509c269d5bdce8f0507d9a413bfd806f3c67f02bffd8454898b9201ff05e25f792e826ee300b6b6cb9498f0a8368806dd5769dace6c6267fd875ffd80cb83569c9526796778378b2cc33f642063eabadb61f6efe3e20a5c5f62a3e484b3d7c799873a8546c3ec9b38637216846f6efbdd2b26fb4f41601e9f6e45f7a0e742033f9121ccb042f414d1c042b9463ec61ea0eefc2a8c66b8378828dcc0cbc55b73766c450833bb3b44c90c10180a0858fc47e2d92af404ad8fcc19f91b1fd1"]}, @nested={0x3a8, 0x88, [@generic="676232ab865a9a9cdc2018a60ec48ae546e7d573d0ce65f239419845a0ff0d33f42ca2956bb0a55a14ca5783887dbc2643b50800cd15a039d9f4d222f382210c2c73c63070d4dabf8474a3c4eeac18ecbed9a8518e3b21f1cde8e0e3deffdf6ec481d654217e6b486e18b630b24195c04770af61c6455cac21a430a7391fb6eb75e2e421537c5411ad5e4e6df74f5138ce524e1b45366bd03db00d6b6ed070abb5d0212efbd205294a82843420f4f2b71f3cc1239ff990fbf3c0c12e26c0698a", @typed={0x8, 0x67, @pid=r3}, @typed={0x8, 0x76, @u32=0xfffffffffffffff7}, @generic="1a1939c419f471e2da2e5a29cb8900bbe54f02419b72aa6188e0bde83a13c66764139a05e531e36c95f25902a7c2a6f6217130d21316b870b602b8ca81c68cb8096ad75b6307b9daa92792f6d2455cecea140cc5e091efb503b22a3db99b65cfc6eb166606507772fa920d0acd1f007ac1dfc306eb57ce79314653ffb46a9d48f03f04f20f2d7ae2", @generic="cd6442ebca285dbaa5c4a8ad74f1d9c41db30459a8511efe8828fd098e5f69bd6f45aa633f553d7a720754275d3ebee76a2cdd73fe28f54b8d2b550f0cb66e8f3b3461f4f96272aabab380a72954740c4b383b00b58ce35f55c4c701f6626ac95f22282bad1f670a8db93505b3e1bfc59738b03e36a0d5bc5feca94ea13584ac1103fa89022bff9ded9ce18ef91d60751d1666c2632efcd372af974fd6878330fe4959b234ad5bb38148e871758d62a39bf7bc936639dab76e9931b6a76de08e1f83b84fb494c9369cb7d67d251fb15b4e32170f68fc031f141eddd8d18e2ea62fea49677fc9e20be71ea5d5", @generic="df0cc6e0de2e3b2842f5b172b269150e676ca6c22f272d3727d966e0fce0d49b2085120542f8fe1d8a5d3b305853cf06a31ba13b8216cf95d40688f513aac8395d8f91392d854c82b041a37729011cc3338a2f1a8a8bebe7cef4dfb99130fd8356701e1361d36826f3810fd4ff1371c28cc37beb7c9575d3540fb68a0d5da3840ff9075c48e2999449eeae0cb15ac58f1d14042fff8f6e6e280b7a32dfba727334b97c71caf9ade1cfbf1b97b3932367e2f952375ab51b4d3895964e90dfd17b43f22d6f191cbe6e9191ea66a3b7d3ac63c8ad6a1c040235dda6e2d8704a6f9cd82c4923406ace", @generic="9129b8585479db27d832d3f5b7ff44ba87c93e61b24c16e143b1b1cc9263e8f01802116b062de987cf6cd700a06bfb560c6ae2686bced9e833327b389205938ae11fbaa5086692f3cb6ef12d0d0ae3", @generic="e65c05fa435db6070b4901e5fbdb5700670d3dd6432baf92b4ee650f889c9872f05b4870c3e7f5cc637a"]}, @nested={0x324, 0x81, [@generic="09de893122ccb82abd49f1ec36e040c7d594ceb4735b7d0cbf196dc760f355a46b9b9d1f13075143d669f018adfa4af2772e2884bafc5361893e952801ae681a716b2d6c589c8340c2c107082fb21b3552ece7987aa2fd5d9845f34a9bdb661a581c3983c9fb4bc6f01a847799439c78eba0bcdabe95ca4f307aa6ce1caedb27d3256c696cbb2a301f22d5b9ca96f18e9a9601f18b71f452d69fc5e4e34a5f3af6e55e2845e530d88a779fcea9c9e14362d210", @typed={0x8, 0x6a, @fd=r0}, @generic="0f02c8a24a605f45da5764b5c40adbd7ee302d1f0248c7fc748aac292ea61e86d42b0dcc1a802c143cf51de20a0b8dc1ef17a7053a0e4adb0669afdc69aa24f491b1f2ca40bf1e3b708f2f7062c0f502dda7bb8007e9821018f79051827b49eb6363887ae3721f6ae1a625f0848fd1f0e720d054abc96cd886b44c3829657c03190f53aedb0df2ba3c197f71cc7c7b45d3545fd9ac583fd632ca95f32e07b1e761baed8958876af5e9775a94e2c3633bb5cdcdb7aa58784be01495ae48cb787b0f2b02ca0ffc2febec1903d52a4df2cdd34d392cd6c2e4b3453d9cc4e828e84fb14e2a210743e2", @generic="28d577cf5412a4ccbad7d0977b424b4b3171764b6066d546b8febc6df90d81ec2126387fe1edb6dd9118337318b89954338b8df6ddd08fed74e7a6cb8728afc1a1", @generic="58eb193813fde51c91971b6adfa4b176e38e615b13fe12a5f1b246d44297109c255d8796457cab6079c444d721223cd1b2220fe78a266f32cfdf16123bed08898692ed495f63d1e4da2da7b7ea50a01743c055f7a86dec1dbac720f677332df6c8f6ce09e931d035a9e5c9276a3a25d65a0576f621170469a130c368abd5ba049b809bd5156b9618a1d7bd4a6ab0394e5e015ac8d51ffa80c169648d0edfa0bff9a1ffc927562b993ac513eec76cf09cb820392be9bc6c9983ecbb75f0b8f93b15cfe82cf1277e9f88d6010b1c8ff0d0eb8d966dc8059ec1b100b9e58fceea", @generic="4193db824eede89fdc9d9afc4e0ba54d562399bc495296ee7164eb24", @typed={0x8, 0x21, @ipv4=@dev={0xac, 0x14, 0x14, 0x13}}, @typed={0x38, 0x8e, @binary="c0e71449f469b935a886d4b741fb40c29f389384345f4f388fdc0ba5541ca88ce52d17a8a0523c078d6e362f446ac33c699427"}]}, @generic="fa167ae3fdf81722c49af45c2dd833d8fdfde27b36f9c031d0d3e1dd52eb5aa8c0d42af0ef711a75f997cdfa1ad837ac32762900877ab92753ba2e5104efffe3244ff9ddb583837de23bef3f0b3f46212a1d81e86759481db0c538451cc213b0537803631d5477df936094e86ce18c7598059515ab6fb6b650681fbfab23778ad6b54aafe895724d5ca0ff52530ba15a6424725d160c91144e93d79962ddfa48435eeb7e7ed8d4b9df73c54940d9789b904f6f7e2d05dc2b0e28d44d02"]}, 0x3a88}, 0x1, 0x0, 0x0, 0x4000010}, 0x4040000) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) close(r1) r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='io.stat\x00', 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r4, 0x4010ae67, &(0x7f0000000080)={0x5000, 0x105000}) mount$9p_fd(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f0000000780)='9p\x00', 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="e80a0000000000e12b7866646ec14702b7bbc0fca0730000", @ANYRESHEX=r0, @ANYBLOB, @ANYRESHEX=r1, @ANYBLOB=',\x00']) 03:33:59 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0x2000000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:59 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x13, @loopback=0x7f000001}, 0x10) 03:33:59 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0x8864], 0x1}}, 0x1c) [ 572.502742] 9pnet_virtio: no channels available for device (null) [ 572.552133] FAULT_INJECTION: forcing a failure. [ 572.552133] name failslab, interval 1, probability 0, space 0, times 0 [ 572.563436] CPU: 0 PID: 9631 Comm: syz-executor0 Not tainted 4.18.0-rc4-next-20180713+ #7 [ 572.571750] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 572.581098] Call Trace: [ 572.583687] dump_stack+0x1c9/0x2b4 [ 572.587323] ? dump_stack_print_info.cold.2+0x52/0x52 [ 572.592528] should_fail.cold.4+0xa/0x11 [ 572.596597] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 572.601716] ? kasan_kmalloc+0xc4/0xe0 [ 572.605607] ? __kmalloc_track_caller+0x14a/0x760 [ 572.610452] ? kstrdup+0x39/0x70 [ 572.613821] ? kstrdup_const+0x66/0x80 [ 572.617707] ? __kernfs_new_node+0xb0/0x5a0 [ 572.622024] ? kernfs_new_node+0x80/0xf0 [ 572.626084] ? kernfs_create_dir_ns+0x3d/0x140 [ 572.630671] ? sysfs_create_dir_ns+0xbe/0x1d0 [ 572.635192] ? kobject_add_internal+0x35c/0xad0 [ 572.639871] ? device_add+0x3c4/0x16f0 [ 572.643747] ? device_create_groups_vargs+0x1ff/0x270 [ 572.648927] ? device_create_vargs+0x46/0x60 [ 572.653327] ? bdi_register_va.part.12+0xc3/0x9c0 [ 572.658154] ? bdi_register_va+0x68/0x80 [ 572.662202] ? super_setup_bdi_name+0x12d/0x240 [ 572.666855] ? super_setup_bdi+0x7f/0xb0 [ 572.670901] ? legacy_get_tree+0x118/0x440 [ 572.675124] ? vfs_get_tree+0x1cb/0x5c0 [ 572.679088] ? do_mount+0x6c1/0x1fb0 [ 572.682787] ? ksys_mount+0x12d/0x140 [ 572.686608] ? __x64_sys_mount+0xbe/0x150 [ 572.690740] ? do_syscall_64+0x1b9/0x820 [ 572.694791] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 572.700146] ? lock_acquire+0x1e4/0x540 [ 572.704107] ? fs_reclaim_acquire+0x20/0x20 [ 572.708415] ? lock_downgrade+0x8f0/0x8f0 [ 572.712552] ? lock_acquire+0x1e4/0x540 [ 572.716510] ? fs_reclaim_acquire+0x20/0x20 [ 572.720818] ? lock_downgrade+0x8f0/0x8f0 [ 572.724950] ? check_same_owner+0x340/0x340 [ 572.729259] ? check_same_owner+0x340/0x340 [ 572.733564] ? kasan_kmalloc+0xc4/0xe0 [ 572.737440] ? rcu_note_context_switch+0x730/0x730 [ 572.742357] __should_failslab+0x124/0x180 [ 572.746581] should_failslab+0x9/0x14 [ 572.750365] kmem_cache_alloc+0x2af/0x760 [ 572.754493] ? memcpy+0x45/0x50 [ 572.757759] ? kstrdup+0x59/0x70 [ 572.761114] __kernfs_new_node+0xef/0x5a0 [ 572.765248] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 572.770026] ? kmem_cache_alloc_trace+0x152/0x780 [ 572.774864] ? device_private_init+0x9f/0x240 [ 572.779369] ? device_add+0xef7/0x16f0 [ 572.783243] ? device_create_vargs+0x46/0x60 [ 572.787640] ? lock_acquire+0x1e4/0x540 [ 572.791601] ? kobject_add_internal+0x31c/0xad0 [ 572.796257] ? lock_downgrade+0x8f0/0x8f0 [ 572.800395] kernfs_new_node+0x80/0xf0 [ 572.804268] kernfs_create_dir_ns+0x3d/0x140 [ 572.808663] sysfs_create_dir_ns+0xbe/0x1d0 [ 572.812972] kobject_add_internal+0x35c/0xad0 [ 572.817455] ? kobj_ns_type_registered+0x60/0x60 [ 572.822204] ? lock_downgrade+0x8f0/0x8f0 [ 572.826342] ? refcount_add_not_zero+0x330/0x330 [ 572.831085] ? kasan_check_read+0x11/0x20 [ 572.835224] kobject_add+0x13f/0x1b0 [ 572.838921] ? kset_create_and_add+0x190/0x190 [ 572.843493] ? mutex_unlock+0xd/0x10 [ 572.847194] device_add+0x3c4/0x16f0 [ 572.850894] ? kasan_kmalloc+0xc4/0xe0 [ 572.854768] ? device_private_init+0x240/0x240 [ 572.859332] ? kfree+0x15e/0x260 [ 572.862684] ? kfree_const+0x5e/0x70 [ 572.866396] device_create_groups_vargs+0x1ff/0x270 [ 572.871401] device_create_vargs+0x46/0x60 [ 572.875623] bdi_register_va.part.12+0xc3/0x9c0 [ 572.880293] ? lockdep_init_map+0x9/0x10 [ 572.884340] ? cgwb_kill+0x640/0x640 [ 572.888042] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 572.893561] ? bdi_init+0x3d0/0x4d0 [ 572.897174] ? wb_init+0xa00/0xa00 [ 572.900698] ? kasan_unpoison_shadow+0x35/0x50 [ 572.905275] ? kasan_kmalloc+0xc4/0xe0 [ 572.909152] ? kmem_cache_alloc_node_trace+0x302/0x770 [ 572.914422] bdi_register_va+0x68/0x80 [ 572.918305] super_setup_bdi_name+0x12d/0x240 [ 572.922784] ? kill_block_super+0x100/0x100 [ 572.927093] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 572.932625] ? ns_capable_common+0x13f/0x170 [ 572.937028] super_setup_bdi+0x7f/0xb0 [ 572.940904] v9fs_mount+0x268/0x900 [ 572.944519] ? v9fs_drop_inode+0x150/0x150 [ 572.948739] legacy_get_tree+0x118/0x440 [ 572.952788] vfs_get_tree+0x1cb/0x5c0 [ 572.956579] do_mount+0x6c1/0x1fb0 [ 572.960117] ? kasan_check_write+0x14/0x20 [ 572.964342] ? copy_mount_string+0x40/0x40 [ 572.968562] ? kasan_kmalloc+0xc4/0xe0 [ 572.972445] ? kmem_cache_alloc_trace+0x318/0x780 [ 572.977278] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 572.982806] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 572.988331] ? copy_mount_options+0x285/0x380 [ 572.992815] ksys_mount+0x12d/0x140 [ 572.996440] __x64_sys_mount+0xbe/0x150 [ 573.000401] do_syscall_64+0x1b9/0x820 [ 573.004272] ? syscall_slow_exit_work+0x500/0x500 [ 573.009099] ? syscall_return_slowpath+0x5e0/0x5e0 [ 573.014016] ? syscall_return_slowpath+0x31d/0x5e0 [ 573.018934] ? prepare_exit_to_usermode+0x291/0x3b0 [ 573.023934] ? perf_trace_sys_enter+0xb10/0xb10 [ 573.028588] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 573.033423] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 573.038594] RIP: 0033:0x455ab9 [ 573.041766] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 573.061052] RSP: 002b:00007ff52b1d3c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 573.068748] RAX: ffffffffffffffda RBX: 00007ff52b1d46d4 RCX: 0000000000455ab9 [ 573.076001] RDX: 0000000020000900 RSI: 0000000020000000 RDI: 0000000000000000 [ 573.083267] RBP: 000000000072bea0 R08: 0000000020000140 R09: 0000000000000000 [ 573.090519] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 03:33:59 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0xff00], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:33:59 executing program 7: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000)='/dev/uinput\x00', 0x260000, 0x0) ioctl$TIOCGLCKTRMIOS(r0, 0x405c5504, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0xfffff7ffffffffff}) 03:33:59 executing program 2: r0 = socket$inet(0x10, 0x3, 0xc) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg(r0, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000100)="24000000070a07031dfffd946fa2830020200a0009000100021d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0) r1 = memfd_create(&(0x7f0000000000)='keyring\x00', 0x2) getsockopt$inet_udp_int(r1, 0x11, 0x65, &(0x7f0000000040), &(0x7f00000000c0)=0x4) ioctl$SG_GET_TIMEOUT(r1, 0x2202, 0x0) 03:33:59 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x7388010000000000, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:59 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = syz_open_procfs(0x0, &(0x7f0000000100)="2f65786500000000000409004bddd9f191be10eebf000ee9ff0700000000000054fa07424adee916d2da75afe70b35a0fd6a1f0200f5ab26d7a071fb35331ce39c5a65686410721ee2db6a74e3332653") fcntl$setstatus(r1, 0x4, 0x5ffe) r2 = creat(&(0x7f0000000700)='./bus\x00', 0x0) fcntl$setstatus(r2, 0x4, 0x10000006106) ftruncate(r2, 0x48204) r3 = open(&(0x7f0000000200)='./bus\x00', 0x141042, 0x3) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r3, 0x0) r4 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) sendfile(r2, r4, &(0x7f0000d83ff8), 0x8000fffffffe) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r3, 0x84, 0x72, &(0x7f0000000380)={0x0, 0x6}, &(0x7f00000003c0)=0xc) socketpair(0x9, 0x2, 0xffff, &(0x7f0000000180)) pread64(r1, &(0x7f0000002000)=""/4096, 0xfffffd80, 0x0) recvfrom$inet(r1, &(0x7f00000002c0)=""/85, 0x55, 0x0, &(0x7f00000001c0)={0x2, 0x4e23, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) sendmsg$nl_netfilter(r1, &(0x7f00000000c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200220}, 0xc, &(0x7f0000000080)={&(0x7f0000003000)=ANY=[@ANYBLOB="d03400000a00000028bd7000ffdbdf250e0000020c007800040000000000000008002800faffffff882311003e0af097d6762ad865517606f26e98970ed35f8523d5cb4a7404b050bcf386aeb82c1d61aab9895db2ed4ff18b47f1473dbe35aa39401c63f0f6c2318ec2afdf934c670163b126b4dcc58ae2c0035bb4a69839beda8c371cf230375cb651539dbb1212b6e4fdd08ef6767740fbaa4768944854ebb553802068b84ddd03c970407b6b8de3d16b9d42d421ac00edc4f5c2ccd3da9f7caa2c4398477281156664fb26e6cf5f8edc2e7deb33f7db7695a606d47800fc6d5395d8a6778a7b34204a600fc3dc80a59c9922cdf6fdfc3999084b39a9be381d10b872567dc45c8da7d4ace84f04890aac0f5c86c34a144f629409c4caf11c24db8efb24998ece7de43aabd4e4d6f5a599b8ae48664d0daa7a9be617ecb2e508e685d6921e95e1ca6e4cd671596761ce0023d8a11a540ed7e924476e0b21d416e960560c04fa77ef265bc7e5c652aaa3d3ff263469e4a8cadc4322bed16061dc944f73f71680ad389867967785232e33edc9d082c6a1f60e139b086e3aa26f19bac9d556debcef375b94cb03dc50ca11861de75b1cb03b95a084ebb74b82d550e86879e6fec65fceb0bf19bcb1147d89b29a0cd895061ea24427b1fdc85af23c798756ef99a5da2351179ed42611850702dbf8ce2da23f00aae3e08a7c8dae7f30c2fb003f8b02481599b81972b49d669aba3fa36c368ed4ad58606c959727d2cb4c17c464277c43ecedf3bd7090cb44d098ef2358aa2f89c0a016e772b2213c656b86d5b9ce5f25f912c921a05c52595dd359bba62614cef33f368366d8079397f82585074a9505aeafe9608c661b63965887a79584e51649976c3fb8884653b8e6d5ccdbf880d5ba2423d668cf02e70b06e9df335c6d32e1ec89d37ff0e04f7f3af3be58b8cd25652027f260a401ba1d949cf299709cb12ff4d312fca048ccc7ef69173df852aaa093100db710ecc42d8d96001ea83df736aee14cda3f03eea994a818d48741f83ff43ed1323823cfbf84e2f9c5d8a497bf3cdf5f630bcc4b3849982f22d21680235e9e3aaf6cf4b7bdcd1365a2c5bfc6fcb2b9261e7b001f3bca5306ee628987de57c98e024960f21d98dc2878b03f83cc64e81a4679f0e350321b87af2e5d3938b468b01e76ff73d20e638d2ff8774be73258cfa8d7222fe7637ad2fd1df8c8412f7634610a231ce2fa8d2e49d13cb129893ee58525f5e9e17a93327b795bdabce2501a871fd553fe3282bbe4c7ab66dea0a9f9688764e4b17953c0508cc3ce01e10f61759944ee26685e3b2d63daa13b4f817efe649f79a943ef64d760c3465502f3f9466584f196a4328b21e8db117b00f5eda20684e3daae3bcf98863fb57c59dd1539a31085b44b8bb62c708fb032e263588bfb0d79ad7b7319545aa4a8740f07f1e580f22768e9852ecfa6bdcecba533ef2318e6dbb5842de11662df7c77102f43d9b987d9b441e8f64a1514874f394905078aa0508cc272ff79904e14aaddeaef1d2271bf10f2721c32930fe7b6c563e8e0e07100b35d11aba2c9b190be9bcfbf696316c69c1df14e7f567e645ed8574800ad21e8800a76d01a37c5fa22ba5483b61d1418418baa1df31c8f424c6e048c80f2a6ab0ccc92a8b5f791cd063af303573ce0208bd78e21b390c34735dabc563a7c2ddce74cee6685c268885124af0900000036d231eb84e8bc760cdec141ac818db83cd86c700e83a2bd96359ed65dbda5ee90eac48d6e2b06b820a1062d5c0619f38fc0a809e36ff995f5d159d5c3fd8db62a0e4a6e0d89f10bd39c482203912e4dba16d100c22621685d61dcb3ebff0fdc13684c854c8a5459152a585c0982dca7316d5c5abd7d8c0d537b8d0a7c3e2b595fd46ebc38d81d280e51893c4dfbe96daa09a92194ef4813324655001254d5982fcec7c3b3716290ad4278c2ee3b69825190ef24dfb109dd5cbb27665a9260a03f805c33ef805aba915e0bd59bfca600654b5d13594c5056c8f7b51e23027f6679ba6f59c1a12c4279ff5f099cda796cc78305aa8c3fab590477ab0f1d605e9910d7747a3838c2749212900a3432da03a9b0656366fe439733ee2edcc9cb57e1b66f5a2755d52f099c37df973fe4218aa0093d84defbefd4ba02b168a2f64b081af81fe33746499bd04452d7d3289d07606dfdae456e4d3761d690416969161fe45e495d22ab0232cc5e57ca55f184f3b7c1a31c1dd2ca0ad66f076e96ad93625c7cf812862d0d3c3f36dfe596784ba507db488711927cc69d1d597a22cded11d5938ed7f13bad17dfd87944232a3ab14db3fba8da1650de07be71bb9ba8c342369378e66ff5c5902c95042d6ee432b12c02f35cac80cf6e646e48fbf2be6e661157be7a45ed5c380c8e5a9dff03737f1ad7cb1bfc8b52bc0015cf1e7200f14009e5755429e2bd0fb7dccff40fcb8146191b4d45946ffdbc964c6713c05247f245355a8356838d86e3a1f2bb5cbb7202ee830102dd4c67fc0fd62be2ef7cc4421578985e376ebe370a94bf08a31f2427ef66e68569f9afd2ecf5f45fbcedf1d3d99158829602e5591622183cc3f62252f850cf57e0c56998686b34b487fae014dd7b4f1247248beaacdd9c6474afa022220586dc827fc3020e990ba2e3242e76b351495611029e5062e5405c0c501ba827a79451fd128d0b79bc8b644432074e199a3948332e6f6608601b7b3e7850f4b093ed3563fb03190cbaa0806b9a3e92859bbe2b34caa8ddc0eeab95f6db2b186fba7852698e008f7f618e6df2d49ca34de19a7f8d5e1b00ff78d7be59dc8243d0f80a550533bf1acade432986706cc1c7764e3dc5ee2a8e1aa12102106753ac3ea348b4cfa7d9557d99c015bedb22ebbd5eddc3a4098ee0fc6fe0c7bd69e98cc61a22259ee2c7c2aeb5a3dd6801b834fe64e01ebe2b6d42e47cff299296f09a833ff5bf80da99184844ffe1081ad7d8c25278242d10ce05cf47037499a984801e1aff2d0d37f845ed5d453f5bbfb7bb1a42e8be23cb1b94476071dfcb802b8fe4b1ff8ec45e39ff26f226a9c6226fff077104b7fc00455a69d086e156c825be10bdb6561afd3846d510ceb128d1daac71a8a673637138434feba037f8b73f456dce23cfbdb19145fb1968cd63e4ec01acfe916a8e17a5e067f9a6b1982d85ea5749897496dd3c23be713373661c1eb9d649de794bcbc3ecb0cf0bb20eb92198c3bad2fbbe955d8ffd639d14c17ecd6403fc1d8ea12be0e6e3d737c019325b3cc28979d94ff6c68ef5cb8e53c8aea9f2713c6f4c075cf27f9e7da9b2a8ea48d14f4ca9748ebbe8048f4b90bf7bda8936d0dec24c430e607dba3aff5b9c7b1dc55cc3555571940cdedcfa2af2f15eec99f9b779379ccb6e02d9ac66e95e7fe7a72101c852b7d29e078a3bc02dccbc5304203d349691a9b84f223e2feaa0e875674fd7c8e57c6598aec59e840edc36dd033a5fcffe7aa6e8e42372754260c9f3fdb1f78528f3267346dc5b8e835b272df396b62435d25b01f32a3c76741d7e8d14a8404f8f7d1b221e9cf35deae49f7c9f849091bda305434583daec71ebb611ce4dc37f42744ee4cfa6514f764c4c4ca73481e607c566731d7da9f993f0ec973d1f7c4f871ca2ba5f4872452995b6d5a81d5d0807376af7c507cc8ae72f4bf17aeb7b91747fc777bc5de2a7302214ab10489e8a6f63b94a03a6b14ea026ce86c7d9189391f31c64dd167b50be37be66da233987f95eff74084dbcc2e85bdaeab2b41bdc181a648d1db87d89cfeb17b4e50b021f867e25158384896553c4bd57d64316fcb4712ac10094211f380477c137bac8fcf6f54b6b68f5c9121db760b7fc1d3a8ddd3573ecd54269b1d00218840e3f9ab5a8f40ebbbba74d3a590387b612a49645e8930b5b27e651e53c968d7e9486adf74c8fc2758bee23d4b4b3095e8c5d3be6acbadb4c1956528b1542c5638277f337e2b3ad9134bb4689482e8c91b9755751a3b856ac6f37e5765d77ddee443bb1e7de9ec1832259ee23dd571ba02cf2a7d19ee4748db6363b3ff1044e04c8c3caf5dc4042b3278b6994b5ea44ad6eca1a994805c048486643c50f1ff4338ac4f7a635bcd40348b54d3b6af092fb29639d13d6f0248e69d4db0f8a9705cc5cef2367e4740ce32c9b622f31b933e80432b577ae42662aa4ce1449e02d4df327b5056240c3d1a77c3b947cbcb3213d1dfb101d6d8a0129476220bc037ba3fab0b397712aa8a476c581a8521050e9bfa60f08ed6d7b921645f7687b0616568bd74fd82cd6924c5b7d65163b85240bf5ce6c4f9274b228703b297332b0eb900c98ec2d396153a2c06f8bcb95ecdf36c3157afd1c2a0927f46e8f49cae46f5b7f28709a8c23ffba4ad7abae5a94db04f297848a4164fac1df2015b6d9087dd3bb25bc836475a428ba119022ad2aa8161d528b430c692b24125a79dbe0e00237ebe1f0b1225faf78dec5f15fd7b5fcb7315307147ec3d877344cbafa77d121c53b18866ca44b40e7e996365ec33fd5887fb7d88198e6abebc9410e42935246654331a2bd24da678d69d1551db570afb415cc404997565c27afbef78c52b37b1afc6157820a7b6dff0a7703250817de6656afcc90af8c8f32c12e430b783d2704cfcba82f8f6c9390159acf5cbb3fc46d2dcfed4c8d9e01534cf09e854e40fde643b096684588bf1d9066053c91ea11a38d2ad27a0a6fd53f7803d93d9c9704644403b030a51038c5e29bbccaa3cd6c256d24bfb683202f5ae1312991ebf1225a9978447cd6d127704cce44ea6b8c11db601860a3301f51f04210631b38eff00b999445c225c017bc59cea002230e6c94f161384254dbb65be816ab68bc4f92ebfb6c04eef21d845b998d3aded8ceecc1f12dc0580b89bfce9d1fd1764fc88dda514381cd5ed9295f1355aba2f87e96f4d40e4b3c062a9bb0d5d0151a2dd465e33fd9c3e77e542b6070650c33f6424676435ffe6a59faa0fb69de5313af9f1daac245d33374239873625c91723d3171100801801fddd1d2be34e4af193ce98db795e3d54f8c506fa9cf87841a4102623a033ec1b3d6d08ae964f387c1400d8e0c5341c244a5b2144c04f9ac2b4ded80c30a540b9d9e21a34f0ada0337d1ba24f7fdbdfcec8d156c8bd74747641610fc182805c7d7f089f997ab7641769b561d1e744c469a0583c21260cddcf9071726b321149161ed2fe80b2ae8176ae7936aecbd62fbc5655495013293c405fd9854848280f74553ecde647bae4414e655a1a7e6aeb124cdafb279e02e427ea1f7dfaa2cdc868e3789fd3cb98c308b83fab582d5c4c06e9bb5a37a76c730ecd02a8b963647ee42aa56cb5fac2a6083041808818fc9cba3b69ae28a919f3d165285289c629bc66b1a200f61b5719f24c58396b541abbfa5f9455f3c8f8a026489ec9ea284d52c6ca6e9781f67c713d7cebd1d5e9c5bc1cb2f43cf9460681890d91e73e4bb1fd171d034e9d67b4804246974f14f8fb2839a0932b1b9e9d936bf77952751c7ea098a8a8f69b87b76cd96a514f640c9be6e0c5fb0a68afeb1b3d360acf9aa4944c75009dac23a15390b79900c7b6bb6d145377226f4cba7e7b3bb3853b9d7107c197ee595af77325b25aff620f2edfdc7fdce167a5c2b33bf99afa0f83102c04751e1441ea0f48a43497b6e9103783f729fac4f4e46570b5a8e5499ef8fa6e30e06144952118b902130ed3b621587033b36e05f2fb164ede7083851f1d9faaf4f21d72d766980a962168ddfe05f79dfe4682545447f22b6601497a25c776ac48ce7c5cf95f6350da4a43038efd0dd7c48bdaac1d149e88473fa0a19153460be9bc61bc5cf3e3873b37cc830f6c8362a8e53469568a74b320cba4255da84fa510fd2616cdcf0e69e99f373a9044cbd349d3a96dbf938393fff910f99074ef97f8a7144dce9990a7d8672f3e0eeb94deb0b8b6c031d27c734c165586611cf86bfc26fe3581675ffa5ab1e84755c4bb6950c68a693512087bf79c03cbff3381bf3c49eed57101208a175353406bd17a64f07e15764063001c2663d51929445248dd1d48cdc375a713f23c476e703db4c08ded36c69de53431f55272d8690e79707fa8189cd3e942d1332fbef8ef399c0a86074ef87dfef49aeece1b784be8a8c566673a0ae428138aee7eb979258de4d2f84fa837a730f6cfc3d91755ac48506246a8a68018c31f613e5f7ff222297c32a8a3e7cb5a859d0d8b0cacf4d58932bd1f1fa6e66a4ca5cbdd23180c5ec8fc5a610b5cca7cc198070a0fd7d6047a7d093610ae17f5319a00053d760ccb666eb544155a188ac7efa7396164b1154d3746dbd7d5ba0edf3a20f39e5cecd58615f39425c79160acf5fd8db6a96199dae13a19e97f236fc0a9bfd8c106650b53401d962d1fe9efd9a10ba544896e1006760ec1658ea322740463bcddfcd5d0efffcf6d20846b2d0020158f3defdc9a1dbebc8215db9011856859f44041e4d797de45f04c997032a69c7ecace29be7c0f55a07fa41b80d27d37a8df8674f498837c9fef512c2eff4998c923d3c848621fec15c369944d58bfe9f8e2d2accd76f4b89425b4bea97b3f01edd1c1e49f0fc1c466cf21e280333ee3daaafadd272103a163fb2e5c781bdd16ad4dc3d5754528dd685619d01272415d0366c30242419500ccbb2c93c9e14fb5df075001625861a5c1b70c6e5f1aeef5e4642da8bfe03c10313c4483826aeca7b3ba85253b36e0ba4c96df8cc4e139b665ae3b0dc3472ec6e364a9b8e9ba96e9fafb38b4ba7aee8380818972c4829849a4e536c78825b0859ee7407a02646de2d94bfbe66b6615d28cfa7ad76775459145770f831c8f00b219f15ff6080c412869471a9fdf220a715330b3d22e0e859fe664461e951a6be3e2996e0ca49fae38eadc59bd282eefa4965d9af57b32488626d079f2fa2022228cf1ef4b65ab15cbf075383c3e418282ce00350d90bac3c8abdc5a6873be84be268d7f014a6c2693a3929d983dac582341d7569a868fc2cba8b87d84d1050f8700afe64b58a2bfaf137498fa3b80d57e3bf4f830bfa80130cc441afc49712c3ca97bfac9fd5055cf0fe2f6ab88ea5f6f9e04a41283818f9c324d74b957087610ef549ae5a4237ee44babdb4c6060e369d72ee685fd58a04f5e1ec2f5a67327caead78597d580ebb10ead32348fcfbfeaeed6ef39e408ccd011bdfcd6b2c87a882170d91f10727f90f8f24feed15bd9da20fc6d17a46876ed47afc911e4226ed6086b8c1e9c05f535bb9d483ceff846463c098a709e38aa397a31935bffc4bbdcd8e547cc5634e3629fce9a41b79ae6f63f9d5a82adaa466584d5be84291f4cdb03375f26d32e4c5bfe83f48101f5cf5cf5863ef4aa104371eeb46cab91cc0b0b2a52def1e2b7be7bd7192e6dcf710992b8f82629a467b79a4da8e50c148029d6ba154eb7c2f52d78c10318931eccecaaddf236e5972481597073de24f7f0f62c763b4277e808c6b869aa939e99797ac77df2cb5df7f67503e5085707d02a42231fb63636976fa101f51fc5df64058e16c0df4ba330857127d14fd976c8123aac829291745f1f3fbd9a5e436d45c9a7f74d12ba8f74cead8d54402106d2360582b3eb935702afa13ba7b29e5c9275abd19a8af3d5b3714cbcbde15dddcbd748c058a0676d49da248094e04765d8fa3f83444e2ae911dd44767f2edf4c5bb8eaecfe4bee72ebe4c4d644a6d03fd759d31f0901ccef1d47745ae108ffe8739b63dbf1952477df7669f0aa1d940131ff6700765c9b5518c331b166074b40eac1605508640df22a299fe3c89f3b67ca14c5376774e917539f4f95ec7f97c6b99c3bede53a28ca8929b219972ccc0166df5790b2f5fe0e1090865b897eaa2aaf496fc61020a26a716c9f6f4f75ddd543d52272e2c7c76702db8a9d5b664c0288dfefb5a2bb9939038654710ac7fb6251278148a136a51505deab71fb0f17aa65bbea875bd8086ea2e3a2f9293f8c8177b5afeca19a6190afa2eeff4a7aa844cfca3096b92012d966af325b59f025ed9d8bb2279737da5b7606ba464e91b6fa3e437261041d5d4b5b916e3d78bf1db0a825830bd96b5392eb62c20c861db8c452463fdb7a852058f5028d3fe82935dfd0c9e19fd57c05b2a089bfe4224d6993c5fddc3fe5be28e19a0c25c1800048f2ebd1b79ff252e6abac709f14c97713648706ffc86eb6abbc459feb4e19d10099cc78f93164242ec2eaccaba0cdf3c86ddd71da71e381f7e0b5df0c5d64a7dc799ba8ec18be465a56d228f6dd182471e2656dabec98217f8a6c20445ba063f95acf657abda7d991206d84efd4e4e8fce3535753f7f3f3ae9d2ddc97151c9e9da123d073587a1735f06527e797f180376cbbb9e8cf92e7d1090040a4e41f104a0c4a4dd0f165f4c3435ed7d703ab2366edffd82844ca38bc396aa5c444a491fefcc3d64acf83ce9cd20a091ec28d99c5eff6adb846e77cb256329cae69cf246a5b3a0e27ca566e6ad3da31bf3b1145f701a7199a3a404ce94f9cd51a54c479b3328e0571208e10973abede72a4f06f4ca4bbc6beb5dbe0d5c2907156e3cb99b6fabe5a25f8da2ba5b903b9fadc4709b984352054eac6989c0e4944bd55be61f50a5d348250de7ee700a3e7907264aff8c73afc0de48ccc387470721ccf7c538c4c072aa513517138c329bbb620db383ab2f70b436fe7c0a42a5a1f9e76f1a0ea63c2aae806fdf1f1cf3da4281093c6b94cea839693892c81a76cf497271ddf558b31ee3ccb875a5ed3d48addf04a6b12d2dc2a0373acff3dc6d9b348d1db9695c81571a0d98b6f5db2181617bf53bc3c54b8ae6d96a79c2d4fb5bcf248021a2b3da5a68a69d1590d61f9218be8d467692a156a94d0fa7947c1830c9d192b3723948d694131722a986f56571b58e67b73e1860076753deb5bf2dc2d1beb640e2ff4ca4ed298213f73c135627ddcf1846e0930fe25908dfa849acb80f9d2f58cd99a5e16c02a66cc5b4c880928ef9317f5caf82974781ef760711cd9b91082ada2e4a8e29c00476377e4e51f96d6469fb8135306f313d9fd3d8e5314f9d001ebc2073be03cb78416938ee6f5b06c6aca0ec7e5ad2cdb98e5d2b79e4a018cc8703044e5c6ac54e9d37363c053d1af4b8fc1cae8edcac4fcf6e4bb0428d68e6443b5e23856e7ab5d4e2f9b5bc9882dcad889e92f697994cd2a0c7b8eaf3b344df15d60353c06e7bddd9c9277ad54f3c84976d6f78e662d41b2521da2ae15ab092e73a377e66bfad5cdcc96a96a10384c9225237cb5ae0b6a2e6403052a9bbfeae57837c7c0d00a33dabd560beaffa98539ee16a28285ca04e385b65dd3dc3cf15bdf980758c88c0ef8de5edc8acc0b28fc8e80b3e8411077501be821a25dfd59465a83c0794a0288a6322f5f8f8ea98fdf425eab57a867e12d3618564bf3527ffd8a767d78ffcd3f7fb631484de130d9cb6ff72780daf3402024ecd3a44b6ece6fc46bfc67fe0b4a7ff686af2ebc663cc1477b40f3bb29211257e3d5dd134e02d7dbc8e58df12c3635ca1e66ca59a1b69f06bcfd8bc6df7c016879baea3089deb53c4c9417606796cef93a2fa6cfdefaf73e47e3dbcf80043f84f9870ec462c32dc4a8c52459fd879096369880ae60062bf15fdd7b6a18ea03949659e23bfbced25a3a951d9f397ab7e07c192cd9ef7c274a30d635577796612a73130e22f1b3a07793bd3cec672312458ee7e9ccb0a46a85f502ac39b2f556ba616b6993f7324c911be9f519c33b0fbf723f4cfb4478cd37d08446ee87edd4a90e4c7b7af2b7afc41cad8defc99764ee7b7ad418e4e6de06cb6493198db7c40a71c23220e6cdb355be1df7ab41cf9b7cbce5fc83de86c42acc9570d00d02baf10360584f4f13dfa5e05ddcf4029ca9074d036cb369ddbafb2edfe8a1cb2963b41d23509a5b8d8896329d3a335ae61f905f6f6b46ab53ed7d21f9c0e3095d797687742133985f3b4c241e9030a9637793455d68be1ff284e8ad868fe946f46c5b9a5f7f0f02a3cc1e39a6b526c76719aee06fe21006c458cb79a41eb25c6377336f2b545127e0c9877f6cdd2d05553303921067f1fb3b2a877f22235a2e19852fe83cfd84c5df180dfdeb7e970f70b1fd63cb8b91d08967600dc197f073e19f02c49cdafcd629e0f50f9154412262ab3aa4f94c24f02ca5b6669f2357f4ad2d1b4c4f47111a40c6660e242d1f28769622d6fc8e3d49d34c4409a66f082291db839e5f43f9ed24d147fb35ef7368b344da5092ef01cf1e563e51480644d52fd2b15d88f6cf2357682168a7dfb5d14adfa4fc6b14917426fd8fcdb3782d837b1b0c63f3bada150b18597989f7cc3d79540015b63097606996a69d17d9c961cbcb6b792270b6b0f7ce5dde3b87bc2f8cbe8ab254a920c5a1ba790bb56d84a2d8cf8359ca907bfebbf0a56f810486492b5ca15315fb335c2f1f117b5b3c6d2144da2c8aa0e4cac518ffd34c937c10e1ceafbbc878db5d9af1d067eb795587811305584756077760a2e392051b60c16b3bc21b2be166ca68fd6411db34f8dbe7939d1e5db32c3dd890a43973a37b8a7b06f2bbf3260c07b584c6cb78ba5dd0147f30f78e3090757f9664683dfeb0224322514dc2db4a8862ba5cb1dc322477513d6c5326dc0dd1c97ed272dbdf37cfec3a1e4e3c21a1ebb5f15e23860bb15d7da54551672e9bfb5f377cbb9dc56eb9ed2ee7c7e260879950d935e4eeea6a04dee87a57607df57fab400f87047a0bdc560ad3086ed5e5da846bf2fd2db6dd42d59330dbae12ff04be4e37ed1635e8c87ac2692ef2c5114bcfec29129f20741dd3c2a1d42584598382877b33301b8be5c0a8e82f79f35f04cd49f1ad59dc8cc3155e1a4a1b3777ee0157000a1ea0901cee9ac1e5b839760e3bb96e5d3613cdcd34d26f313680428eab3284e38eb8520e211a973f2eb5a517790328135ba6fda9a3f036dae8f0bad1d6dd92c4a6e7416d50c66c94b319d260fed6f67239c5ff3413d23515da9dd820b253bf5c53207356da0c78114c62f10e0e6f354911ff372c7d19555a8d7332cc3c7c676c47b32ad9d403c82c5df56bd5deab7b86520ccd815bc8a28617265a74ce3221211ace6dc2b813b2cafa4f8fc48e018e60df0acee10c28bc209165950921fc8d5b950d6cbe8db5483d36b2a4732babce05909e637c3385cedd22ad9f2656e83592ac86fca18727c2b79a561bc9fd192e085b09d4fda19c145151eaaa000c8ba7cfe8e188bc4fc3d8dcaec4683d8fbbd01bcf8c3542e5be1e1bb058a564ba3c5ecdee4a9a16e88183c25731b39ebdba54004ebb1583430b3721d013806a2078d664b6c7c7ef7853bc0f53c44e45d3b7457e3dfc7ed270562eb3eaba813313e278fb8d9a975a6fd5ed61074158412e16758a915bfc5aea771ac5c478a0d9aeb298a8ec8d89a2336fc55880997af840f337d016a5933f5904fb566cee6adb6c4303b985122f00b3bd06655161bebd2f1af3fd533f45cf001466d9970821593360845a4006daab2b1a66f85243415b0a80101357465ada53d316af5bc2be03aaa8676bcaff48509b2b5da13dba46e00f8ccd148d168bcb89f18f23359fd5c709fca0227256d62af874a4833737b53e6bff78d586c6246e4f809f76ef9dc9167bc798e651a844a0055eed10e0c1a47540e35efdfe52586dd98a65a946a0c5361628fd841bda90e63c3b3ab1152f184db422263041439add3d829dc736cba25face3c1541ede196d6d324be6ed60b8ccfc723fbf0f5b57cc3ccf1723f159d00383a309f432f35a2d7581a6498b798019dcc6d5f45fea373da27a4abe494b7b51c5d3c7eec76802e405b5a9ae603f4f69b262b54d8f744632e2f8d2e10329926110de77472dd6862fcb8825b33c98062fb878b99659773347b47074f46b950f7dc771fc67d672202eee2bff64a4c7a88cbf262eb9689880a4193db174d7982f052230bde7e2eae943ef3ccc7972c55453d8886d7f3d4147d253b4a535e8dc40e72af95b0dd2f384b22387bdd6399400f4b249cd3984b5148835c42c0fbe7ff7fb5d76860b84faf3ef95ac41f00f627ab25f4421488de0c84272508c9c9bbf2f14c96bf21f11c9ffeaa1066f4c8baf09321b7cff80d044110f2b8b5dfc3f82c573095b402e09a962305db0816e55a4e88dcdd7b348af5876ad38bcb3765d0be3b092a32b8ccc17c9af815e799e7297914f191b5205db363a834a24799468f172534c3b5e42d816dea618c059da326b7ab087865918931a317096d65dfa2bdd61a4d25121a623e32966a789c9058de69d50710f42131d69b18933d9725c530f9314cfc2dfa3db87a934512fa302d686554e20162e111728b9f96846166371942e97c45ce2ad7607ec62fcbaad07893a275b774b1ca2543ddde8953a3719a8e7a7bb9d19a58838dd15bfb3837569ca055ff7882a9b031210c68de114df878fd52974bf0f66a3af641bb0c716d3b3d450ed9b14424178d546383f6b308d5eda54b58509a463413924f4265e089c4ecdd408166658494e8062174bcab369d81f1aeb0ea6bb5bcf13403eb2d8636dd8a5754997d2b8e36cc056f507322f15b05a24e73e22ea6f70d3f493a7c5860b56f521ce7ed58bea6d9e2fe30b752ff45b24026efe63817a9c0bed47a7023d1fd963abf73e6ba85571805b10cbe0e2380240f948633438ee197b104db74edd87e29ba279557785005f2811ca8c2d3400b63c68e7661ca75d4be7ad4875719df9530b77c3d7007de33c24b94fa0e371af189c98a7eecd63b2e324846cbc0484aedbd1516456d1cbd30e10b9712eed64f85cf1e90a822836027dfdfb54a5cabd9e424ce438f20d1c7ea3e4e7466f757c50054f50147c5a085bc72916b6f2eb4977cec6ede8065dad39ea7a185abeb5df559cec53de398441acf80ca3693a89cd4a42d803e9bfeb82b10365000987c49a1303d4c7f536c041904007f0004006500d0005a0003cc616da29e4829a7053b5b37cd5476c89e1973511995a0aa21a5a80aa99e248617e864ec94fa59387ebb861f0e40e05b580d5c7d875f6c7d35c871e3311a7296eec75bff066291ddf4bcf8825306d2ca6382214072f4e1ff72aac773d0f29e928ee0f76c04ce60d909586e0f1eb74663419b16fae85b9fdd24e9067ded347272a98564719a6a7e4ccfbd1111fe67b7c0d5eefc9f4abd15a432a1273d5f6a760bf53a111b4524a429d960e32bf9e9a96d691645f16b52c0d50bd6fd3d2501ebd577037ff65ef000230000004234e640e7c49b98ba34dcb9c59c7e728d45a756fae65454d9d3b6f0facd68ae045f604e850a72e739464b91b51c7cf52402ee1d10b1013742a562e4c2af435eebd64eb1b46e821d5fd6a233562e3c18e58e22eef4f32c50405788e513cc1301aeadf81206b4bddf712bde34d590df70f5712a27cdb416b43560869023d0340e2424580958cf05701cbedadc0201c6b98ebc127ab884e8da3a452301a00e962bec836579d2d61dc18f1d08aad4c7e2d797c9454c9edb91a0097c050462b065f46a447cabd43d1f5923ec6ef2d665ae5242c97aa428c7b322beeadfb823db4d93b107eae962e2306943638bf06472234da140102e178a264727fd0364afab5b5bcd5cb6a90d59d82a5fd6143a5cce06019d11777661b98c85d709a943b11c624a3b8e9a28df40dc569c9f733cac6d5ed31d3213f7cb727951679f211e305cbd02a1105fe476de773e1bdaea7cb3437a79f194722256e1efc0b95d8fcd448d7e3cb162d7c41e3140aba3ac5ba146ede3ce16a4e2683eb8db72dbc07b192707c8041e911b76a4700fb5f5a4668a9ce43919ad25ee5bd6b93da80f64e781e23d5dfe87e333db18d1f83af3d0e6cd2345b6a1d58aa7eb90ba3a09568a7741288f4d01e5d8a9a1a4ac370f2868e882392b21492685b713999b981f60857e4ce7925e30a6489b4408abe9f394b2ccde2bcea2c063a4a57d7843da9c6d12c365f9bde0326c58877370b3a12130829ce18999b2d94902ce295292bd4ac5ca5560091ae017ff04c9374b4fb52ccf941e4d755243a0aaa605a61e1a51f79cc0439d150c508acd07dc8161e2b76abdba5ff62a065afb28a2fb355b795d6e9d0bdb0da9cfbbbdaed8d45ae6f17aa9f59617556ac2ff0b8259b8d2ab73861a7f5a9c566fae9c50f29da3ac8bdaa415b827523036a4fded060dae2b28a5a8525b5789293adf4225effcd7a2ca58d79c7fb1983eaf1e56438caad127cf452238917cb6f99a3647644ecd9daea04d9aac3534bf4dd108ff43730f007756bb606c70aef80c526e39456e7f8f0fe39f0bb5dd3a62804ead4cededb9c253c9f1862439b8b36cedc1f98f43c81d785395056aba76bc982cdb9478fcb2a4264f0253aa9e3587ff92ef8d1c1ec6ada26672ece13634bc2bc6b86d22e07aa9f2ffff727316af4c4228c3e5f4a7948f68894e83955a28b0a80f385af1cbde36f40b8829de68c01e0fa286622857de4b088e33a4bd44b24637dcafd159ce264f3613727751b39ed9c871cc0d3b991c81981287ca22b9f39749c3cd82ba1a416fbedbeb0108b4da45828df3a69efd66f1250a9fe4c32c45d33c6cb45934b9621e2d84b91990fa0e7fddcc2d5a07a6646ef0590ff1c5e5ec1dfce67e055d093035db677bc0756db04ee6559a8c87e76b5cdb65c820481b19c5bc44beacacd4d02194db25c12b79f51f86d6b2a362ce1aeab3ad328e9f5cf432b8e4277add7a51a65349d286127c1286b7c12ab438b4a2d5da473eff914c66b481a3be25e9136b7bbeb29de9f20626e38d7710cb8349984c1108ac64ebf1a81e8da966f06bc74a5252a7a7aca9596105a2a8a8555fac2a26089e9b4c7e6a879a135051bcc6d15e975d9a85c89e47e6d2ec4f1bb56cb7e19fc2a0b2647e66e2fd91ac56145850c1f7c3d0a09256bec214d17089e8efce41f89c4c9f680e82cf08527d0c2871070c8ebd051ffe630e261164e99fcc38dd605f361a63df29702082428dab836632d5fc99a88b0790789cbfe0848a5288132b83bbae4a90b7ccad9b00737532b177e342fea6bea0bcc7ccb2046b6314f0387ea248632047fabcf5ac19200dfa08b09cb79853fbcd3ad490b37f89ed27bd5089511daa0533f3822a0b920a2f64faa73331e4bde74ab46f87c835cf500a12d7cc2ecf88a3230e2cbfda507a39095ac611b5c5659eb1cea66864b6ba85fa696879ef78a1a9fb57478ee804349736717e72d8c96e10882db49e43c5d908bfdfa74b07895d99f83cb5f63214141201a9134c71074bee36fad98e93a6a0e5b106232ef8eccf58c971be7fe12373f6eb1046ad8d012a8044255234163f2e2cdd813f2d5bc4d077964f16ad00dad5b5ad07d2f9e2f749a12e02e364b8cb065b2e3d817444ba74948d0f4453e2416e7831f185791ca9c54e2f54e41181d76c27ce676ada01708260d731b6d64b8fd099be1c969ded92a272110de0a913a9009f125711e1d29300cfbb42a784df9ad424f94592df10f6050f7788055964a08397b74b65030f96addd2f65ce34430df37cfddfe3f86009f54acf9d034c45b1031e9bd874b1c563f7f33d0dc2d82049dd346374ba0ecd384b28bb7869ce46aa2fe9d0ea14534c1f076ea2d594691fe683fff2d24a230aba27478cff629983aa25df964a42605e79b3afda27a2f71c3d0d9151785076819f947c0223d3c42289cbc855973a6cb52b9d77feaeacec476691ebf2afe0d78bf64a9916dd36e89950f58a2264e872bc82aaad1f94e5e1f564211ab37fff7937155a07ea4bd1582452ca5667ff337e1569492e5cb123ec64fee39598d673f897068f81c3e658c83a342f9dd29b7cf5d307f6819c822e62eca1548305452d0d7b7a1e075f34df6665632527ad0c71159bbe4096c64336a059d715b6482e2fa801b5554e9af6318039af70076c355e8541c42a3c458c93b06565befd264c742c4a195ec42d119e7657aa3605f1b3fe0c2b773e7e1c3ea3746151d993e3781e45380a065123115c5c9eef378e11c99e79f2925e4b55b9be3ce9fee32e3a5d5bf825c317657e808f06aed6c207fab9f23fee224890d34ab2bcc85621013ad30a1235243c25a5b34df0b2216f50cb99fbe760e99042d5ccd368fdae62f63436b05a7a0771e0a8f9227887964ad221d6aef765066d2379a9cbb27c9748b667aeacc07f40ea8d53afe6392c932ac116d804cfbd687e25d1da9458a20feadca4a5945fec1da924847fe7e62df2fc83c187b971c8f00fab16a487c2a8d3db561932868ebf600d6feaaa55b778c6ffe41db308301884152d7f51cc7d1009482f2402d34b18e3363b4a2535a7596605d155382d47bf4ae81907d4957d102ccf2f4b83930e023186b50721970715e4e890de497b2ddce6e735b6f146a069926c346df5c1ff82e7dd2de8590603eeed1c7f07af0e205b1db755734058b04f8b0a257cb5c7bf78394b04083c18f866f740f2eb4e2756323d92dffb391c6dd63620612315bc05a287311d4138655713228ef84077970ed42db74c084af03eb594289b4b714c2f96fa8270464c6ded3c47609e4ea11b61ec1cb7e93c009c2da0bd7e1c71f7af90c60701950307c32ea8989a0d408d1750e297cac8b96960dd4b4f0daf02c000f18622f7faf7e8fdab14732a43554cb19bf8088e69210e97b9b55c5b98bb91aca037a806d913d71906b23fa71acaa0f7a7530e65d2be78882148ade90b178246a9c2de52484de73bfbe135547c3cbc992ecd42c84df93dc2f0df2a9a31bf0df27de33134822ce8727f4fda9ad86acb7a03c3ac2422b97c096c69adeb43cb7cdc593abae2e46612b6b05a8591fbd97bc1f337b6b86743abb1794a3f8b236a0a936060388eb6f05895bb5c0ec4322ac18eaf9800d386d7ff744f56f751c9559c6fbdd2ec9336cc98519e15789c23553db13b52df8a56baf80836445d489b7258b4518628425c9d89f04e4f0f0e49b66cdf107a5749d662d670c0dc0b8fcf43f1e79158547772c1dbe1e87395222e86b1b766f7f44571a4c39a79435d2991f2020d30dce295e2190748c34cdf1e7270c0616908b6cdd7b3a730bc169d1b4bbf5f00e4c4fc33e952a55eb5144431ab92d0f40e99d18a68ecd4a9e3cfbd8b6eafc24a588fdbb2b3f84ef43ab7de0fb7e4c83e0b02f85eb3d3f86582899709bedb3d1793e6fae86e48ef2362d26e7e407cf9c39ba422d4eab9fc8fc7dd29b5dc7f6d8ac425bd6bbf89dab3c65e33d0696de6387046486e44a836f8ff4ec9423227ecc11197752ebbe0dd02623c7276587864bdcbda894107762548a02a1f9e19d81cfd2a759de49393d3f16e2e845034ea9aaee68e19083e96baf7c7846f70315f73718198ab748b0fc72e84e36b04d046db00bcbf10a07fbdb21a977d9b316da0d3e04e607a658cbd12b1d6c0a3fb77330d64f94d93ccd2e3b535e881cbfc8f6920512770094cd1de77d6d854b0aa5bd8d7b0e37b8fc5ec53b282aa0521f3336b92c17b3091cb8250e980be57fa00e1ba605d43601e44d3c18f08a9971276cb49906876b308d2728becff18c130b2d35fd3e56ba14ccda6e7d0116c10bc7996c3c2a2857af66a21d2f5f871fc31a6f198189c5807ed0b65fc4ccb92f1f8648f775f631ba17bca9b2d1ab548d9e8a1adfea2f084bebc98e838ea496b1027b642d455bef786bd6ea8192dd5a326bb1b78959a1034e02d04273f444c3caeb9a8ba3f7efa0f1f1ccff8962b7554d649a29bf3ee230a816b324b8b8317847b34345a6cb698d3a852466d170e5133101abe86ab510f322debd11f85c548f634093f6ecfe75eea2290f0695cd40484f88f15b3fb4830cb7ebae0aea84f37b3e3e47fee4dc0680837f30287c8349bf640274f7ae423f8b97076027045eb63c31c808bf2e4c8913926f6015edb0a525589b584e78baaf9712d81df851abba915b5dc7b72325fb8a968d5361f4b458525b041670b66b7d13b56045e57f67bd9c72e889f55b3e3702b33b9a003b3f086827100b04858b66a6514002f9d93929d3ee0e3a67ceb1635d77ea62ae0d75c4d1bda8e68323c97f162195aa728a4a9f4b2ccdc979ae51f5e35f14cec8e02f20baa6f7e2316a077ee40588e61772e8f2bc31d187bca88b4ffba7faf2713298de654f7f28dadbe2982735cea5abd9260af7b4fae3397a3a87c84d0127e64f27634777b843d29087eceec032ace8723539c89f369c174266dc9c877f345ef76d6d31b1ee8b4c6ca4d7d2719d873bf3ae3cc18927195ef4dc5715834d503bf82f7c1236618f8bf0048c1dfcdf2c8e41310f3d3208544ee08dcd16a7b7952befcf094fec660385449e24334382ec189d2cdf08b46a475d39d283202cd2286af40763a30c12f695ab51126d04a778d6292bc991d94e8ccf9d8c02d1d6ee772ba8a93aa5f6e92b70650d081d7234c4c11b0e9c85ed853252bf5de1c6b58847c7a1d9c1af1e473cd30b281776523fcb1e8dacd84fca3d30e9a7504938fbb22298e92e4d705acbec67a6c7839be7617975ffd72f9f67cae3462027d210830cb9273eb6703d6376a27c932b3dc5db2d53abda83fb2e230233f7ca7028eee08d32265b299a772d29605b5624a774b33aa3fd0738d5b4e4f5342207c6220267a60458ace8b13dc3251f840415cf89f4305f58885cbedf62ca586c8a75e33e36fbe5c24b91894eb633538403638a850245c28fa0d34a378e2464f8615b1eb7a273ab58abe6dc330b2961e5af696e2a278cf92cc9aa33a56b14d214d22474b4dc74bd6686de41122d319cf57a3d2325a9f4e6c8c7533a8603cea05ea650879eaad596b9857360e78a03f5f8ce2c61a7370b7db72f5f664497984c8811323adaa1fc3ff65d96150f6fd541b6651e06aa88febc0bd212f23b7e8523bb190a250b864a1f86fbb4b8ed485e4e070f9f3df3a62d8f3371de01ad0b2ce040ce991e9cea99e633cb0b3ea22615339dff49543e67c6a4a51f4de5dc48b4e608d6a6204f7fa5abd685e5ae25241dd00014afed57d10d41ed7eb7e06628b66e89ce9bde100"], 0x34d0}, 0x1, 0x0, 0x0, 0x4}, 0x4080) [ 573.097770] R13: 00000000004c0201 R14: 00000000004cfe50 R15: 000000000000004a [ 573.105314] kobject_add_internal failed for 9p-373 (error: -12 parent: bdi) 03:33:59 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x4, @loopback=0x7f000001}, 0x10) 03:33:59 executing program 0 (fault-call:8 fault-nth:75): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) 03:33:59 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x6d880100, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:33:59 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0x806000000000000], 0x1}}, 0x1c) 03:33:59 executing program 7: r0 = socket$can_raw(0x1d, 0x3, 0x1) r1 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x200400, 0x0) setsockopt$bt_hci_HCI_DATA_DIR(r1, 0x0, 0x1, &(0x7f0000000100)=0x7, 0x4) getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, &(0x7f0000000040)={0x9, 0x371, 0x8004, 0x8, 0x3, 0x2, 0x100000000, 0x9, 0x0}, &(0x7f0000000080)=0x20) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f00000000c0)={r2, 0x8001}, 0x8) getsockopt$bt_hci(r0, 0x65, 0x0, &(0x7f0000000140)=""/244, &(0x7f0000000240)=0xf4) 03:33:59 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0x16f], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:34:00 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x700000000000000, @loopback=0x7f000001}, 0x10) 03:34:00 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0x4000000000000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:34:00 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0x4305000000000000], 0x1}}, 0x1c) 03:34:00 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x3f00, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) [ 573.294108] FAULT_INJECTION: forcing a failure. [ 573.294108] name failslab, interval 1, probability 0, space 0, times 0 [ 573.306173] CPU: 0 PID: 9683 Comm: syz-executor0 Not tainted 4.18.0-rc4-next-20180713+ #7 [ 573.314491] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 573.323847] Call Trace: [ 573.326446] dump_stack+0x1c9/0x2b4 [ 573.330086] ? dump_stack_print_info.cold.2+0x52/0x52 [ 573.335377] ? rcu_note_context_switch+0x730/0x730 [ 573.340319] should_fail.cold.4+0xa/0x11 [ 573.344389] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 573.349499] ? kernfs_activate+0x8e/0x2c0 [ 573.353658] ? ___ratelimit.cold.2+0x6b/0x6b [ 573.358080] ? mutex_trylock+0x2b0/0x2b0 [ 573.362154] ? kasan_check_write+0x14/0x20 [ 573.366398] ? __radix_tree_replace+0x188/0x2f0 [ 573.371064] ? kernfs_add_one+0x4f/0x4d0 [ 573.375120] ? kernfs_activate+0x21a/0x2c0 [ 573.379340] ? lock_downgrade+0x8f0/0x8f0 [ 573.383480] ? lock_acquire+0x1e4/0x540 [ 573.387437] ? fs_reclaim_acquire+0x20/0x20 [ 573.391744] ? lock_downgrade+0x8f0/0x8f0 [ 573.395885] ? check_same_owner+0x340/0x340 [ 573.400194] ? kasan_check_write+0x14/0x20 [ 573.404416] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 573.409331] ? rcu_note_context_switch+0x730/0x730 [ 573.414271] __should_failslab+0x124/0x180 [ 573.418496] should_failslab+0x9/0x14 [ 573.422282] kmem_cache_alloc+0x2af/0x760 [ 573.426416] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 573.431332] ? kasan_check_write+0x14/0x20 [ 573.435558] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 573.440559] __kernfs_new_node+0xef/0x5a0 [ 573.444693] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 573.449434] ? mutex_unlock+0xd/0x10 [ 573.453131] ? kernfs_activate+0x21a/0x2c0 [ 573.457354] ? kernfs_walk_and_get_ns+0x340/0x340 [ 573.462183] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 573.467706] ? kernfs_link_sibling+0x1d2/0x3b0 [ 573.472276] kernfs_new_node+0x80/0xf0 [ 573.476150] __kernfs_create_file+0x4d/0x330 [ 573.480545] sysfs_add_file_mode_ns+0x21a/0x560 [ 573.485209] internal_create_group+0x26d/0x9e0 [ 573.489782] sysfs_create_groups+0x9b/0x141 [ 573.494091] device_add+0x67e/0x16f0 [ 573.497794] ? kasan_kmalloc+0xc4/0xe0 [ 573.501671] ? device_private_init+0x240/0x240 [ 573.506238] ? kfree+0x15e/0x260 [ 573.509603] ? kfree_const+0x5e/0x70 [ 573.513308] device_create_groups_vargs+0x1ff/0x270 [ 573.518314] device_create_vargs+0x46/0x60 [ 573.522547] bdi_register_va.part.12+0xc3/0x9c0 [ 573.527200] ? lockdep_init_map+0x9/0x10 [ 573.531259] ? cgwb_kill+0x640/0x640 [ 573.534962] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 573.540480] ? bdi_init+0x3d0/0x4d0 [ 573.544089] ? wb_init+0xa00/0xa00 [ 573.547615] ? kasan_unpoison_shadow+0x35/0x50 [ 573.552185] ? kasan_kmalloc+0xc4/0xe0 [ 573.556063] ? kmem_cache_alloc_node_trace+0x302/0x770 [ 573.561329] bdi_register_va+0x68/0x80 [ 573.565203] super_setup_bdi_name+0x12d/0x240 [ 573.569682] ? kill_block_super+0x100/0x100 [ 573.573992] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 573.579517] ? ns_capable_common+0x13f/0x170 [ 573.583916] super_setup_bdi+0x7f/0xb0 [ 573.587792] v9fs_mount+0x268/0x900 [ 573.591405] ? v9fs_drop_inode+0x150/0x150 [ 573.595625] legacy_get_tree+0x118/0x440 [ 573.599675] vfs_get_tree+0x1cb/0x5c0 [ 573.603463] do_mount+0x6c1/0x1fb0 [ 573.607017] ? check_same_owner+0x340/0x340 [ 573.611325] ? lock_release+0xa30/0xa30 [ 573.615290] ? copy_mount_string+0x40/0x40 [ 573.619512] ? retint_kernel+0x10/0x10 [ 573.623393] ? __sanitizer_cov_trace_const_cmp4+0xd/0x20 [ 573.628831] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 573.634360] ? copy_mount_options+0x285/0x380 [ 573.638846] ksys_mount+0x12d/0x140 [ 573.642463] __x64_sys_mount+0xbe/0x150 [ 573.646425] do_syscall_64+0x1b9/0x820 [ 573.650297] ? finish_task_switch+0x1d3/0x870 [ 573.654778] ? syscall_return_slowpath+0x5e0/0x5e0 [ 573.659693] ? syscall_return_slowpath+0x31d/0x5e0 [ 573.664610] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 573.669611] ? prepare_exit_to_usermode+0x291/0x3b0 [ 573.674615] ? perf_trace_sys_enter+0xb10/0xb10 [ 573.679268] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 573.684102] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 573.689278] RIP: 0033:0x455ab9 [ 573.692457] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 573.711736] RSP: 002b:00007ff52b1d3c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 573.719428] RAX: ffffffffffffffda RBX: 00007ff52b1d46d4 RCX: 0000000000455ab9 [ 573.726684] RDX: 0000000020000900 RSI: 0000000020000000 RDI: 0000000000000000 [ 573.733936] RBP: 000000000072bea0 R08: 0000000020000140 R09: 0000000000000000 03:34:00 executing program 7: r0 = socket$netlink(0x10, 0x3, 0x4) write(r0, &(0x7f0000000280)="27000000140007a4d53a5000120f0a0011000100f5fe0012ff00a51b82d77a4b6db0068dd304f9", 0x27) sysfs$2(0x2, 0x8250, &(0x7f0000000000)=""/243) 03:34:00 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0x1100], 0x1}}, 0x1c) [ 573.741191] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 573.748441] R13: 00000000004c0201 R14: 00000000004cfe50 R15: 000000000000004b 03:34:00 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='/p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) [ 573.863475] syz-executor5 (9660) used greatest stack depth: 11992 bytes left 03:34:00 executing program 2: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000003fe8)={0xaa, 0xfffffffffffffffd}) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r2 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r2, 0x84, 0x8, &(0x7f0000013e95), 0x4) socket$inet6_sctp(0xa, 0x5, 0x84) ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f00000000c0)={'veth1_to_bond\x00', &(0x7f0000000000)=@ethtool_stats={0x28}}) close(r2) r3 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcs\x00', 0xca3d24e28fab7145, 0x0) getsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffff9c, 0x84, 0x0, &(0x7f0000000080)={0x0, 0x7, 0x196, 0x3}, &(0x7f0000000100)=0x10) getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r3, 0x84, 0x18, &(0x7f0000000140)={r4, 0x32}, &(0x7f0000000180)=0x8) close(r0) 03:34:00 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0xc803000000000000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:34:00 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x9000000, @loopback=0x7f000001}, 0x10) 03:34:00 executing program 7: r0 = socket$inet6(0xa, 0x80002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f000000a000)='./file0\x00', &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000300)='ramfs\x00', 0x0, &(0x7f00000007c0)) r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer\x00', 0x40, 0x0) getsockname$unix(r1, &(0x7f00000004c0)=@abs, &(0x7f0000000240)=0x6e) getsockopt$inet_sctp_SCTP_HMAC_IDENT(r1, 0x84, 0x16, &(0x7f0000000100)={0x8, [0xfff, 0x92, 0x9, 0x1, 0x4, 0x2984, 0xde, 0x4]}, &(0x7f0000000180)=0x14) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000903000)='./file0\x00', &(0x7f0000000340)='bdev\x00', 0x100000, &(0x7f00000002c0)) mount(&(0x7f0000000200)='./file0\x00', &(0x7f0000000580)='./file0\x00', &(0x7f0000000540)='affs\x00', 0x1006, 0x0) mount(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='.', &(0x7f0000000140)='vxfs\x00', 0x3080, &(0x7f0000000200)) mount(&(0x7f00000008c0)='.', &(0x7f0000000080)='.', &(0x7f0000753000)='mslos\x00', 0x5010, &(0x7f0000000ac0)) mount(&(0x7f00000003c0)='./file0\x00', &(0x7f0000d78000)='.', &(0x7f0000fdb000)='ubifs\x00', 0x1003, 0x0) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x5010, &(0x7f00000e7000)) mount(&(0x7f0000000400)='./file0\x00', &(0x7f0000000440)='./file0\x00', &(0x7f0000000480)='coda\x00', 0x201800, &(0x7f00000004c0)) 03:34:00 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0x800000000000000], 0x1}}, 0x1c) 03:34:00 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = fanotify_init(0xffffffffffffffff, 0x1000) write$vnet(r1, &(0x7f0000000400)={0x1, {&(0x7f0000000300)=""/153, 0x99, &(0x7f00000003c0)=""/47}}, 0x68) 03:34:00 executing program 0 (fault-call:8 fault-nth:76): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) 03:34:00 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='.p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:34:00 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0xa4ffffff00000000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) [ 573.976892] FAULT_INJECTION: forcing a failure. [ 573.976892] name failslab, interval 1, probability 0, space 0, times 0 [ 573.988200] CPU: 0 PID: 9746 Comm: syz-executor0 Not tainted 4.18.0-rc4-next-20180713+ #7 [ 573.996517] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 574.005870] Call Trace: [ 574.008465] dump_stack+0x1c9/0x2b4 [ 574.012097] ? dump_stack_print_info.cold.2+0x52/0x52 [ 574.017292] ? rcu_note_context_switch+0x730/0x730 [ 574.022229] should_fail.cold.4+0xa/0x11 03:34:00 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x1100, @loopback=0x7f000001}, 0x10) 03:34:00 executing program 5: ioctl$TIOCGPGRP(0xffffffffffffff9c, 0x540f, &(0x7f0000000040)=0x0) capset(&(0x7f0000000080)={0x19980330, r0}, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x4000000000000000}) r1 = syz_open_dev$dspn(&(0x7f0000000280)='/dev/dsp#\x00', 0x7, 0x203) ioctl$sock_SIOCGPGRP(r1, 0x8904, &(0x7f00000002c0)) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='fdinfo/3\x00') getsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f00000000c0)={{{@in6=@loopback, @in6=@ipv4={[], [], @remote}}}, {{@in=@local}, 0x0, @in6=@loopback}}, &(0x7f00000001c0)=0xe8) setsockopt$IP_VS_SO_SET_STOPDAEMON(r2, 0x0, 0x48c, &(0x7f0000000240)={0x1, 'bridge0\x00'}, 0x18) 03:34:00 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0x6488], 0x1}}, 0x1c) [ 574.026297] ? kasan_check_write+0x14/0x20 [ 574.030540] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 574.035647] ? kernfs_activate+0x8e/0x2c0 [ 574.039801] ? ___ratelimit.cold.2+0x6b/0x6b [ 574.044214] ? mutex_trylock+0x2b0/0x2b0 [ 574.048280] ? kasan_check_write+0x14/0x20 [ 574.052521] ? __radix_tree_replace+0x188/0x2f0 [ 574.057191] ? kernfs_add_one+0x4f/0x4d0 [ 574.061255] ? kernfs_activate+0x21a/0x2c0 [ 574.065497] ? lock_downgrade+0x8f0/0x8f0 [ 574.069656] ? lock_acquire+0x1e4/0x540 03:34:00 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x11, @loopback=0x7f000001}, 0x10) 03:34:00 executing program 5: r0 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x0, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000400008fe7bb5cd4e344cd0002800000720a00ff"], &(0x7f0000000080)="47504c00bc3047eb525f484f89fc96dd6ca64da40ff023122e66f6", 0x0, 0xce, &(0x7f0000000180)=""/206}, 0x48) ftruncate(r0, 0xffff) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xf, 0x5, &(0x7f0000000040)=@framed={{0x18}, [@jmp={0x5, 0x0, 0xffffffcd}], {0x95}}, &(0x7f0000000200)='syzkaller\x00', 0x80000001, 0x228, &(0x7f0000000300)=""/187}, 0x48) [ 574.073634] ? fs_reclaim_acquire+0x20/0x20 [ 574.077964] ? lock_downgrade+0x8f0/0x8f0 [ 574.082121] ? check_same_owner+0x340/0x340 [ 574.086464] ? kasan_check_write+0x14/0x20 [ 574.090705] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 574.095633] ? rcu_note_context_switch+0x730/0x730 [ 574.100570] __should_failslab+0x124/0x180 [ 574.104817] should_failslab+0x9/0x14 [ 574.108621] kmem_cache_alloc+0x2af/0x760 [ 574.112775] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 574.117707] ? kasan_check_write+0x14/0x20 [ 574.121946] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 574.126966] __kernfs_new_node+0xef/0x5a0 [ 574.131121] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 574.135879] ? mutex_unlock+0xd/0x10 [ 574.139592] ? kernfs_activate+0x21a/0x2c0 [ 574.143824] ? kernfs_walk_and_get_ns+0x340/0x340 [ 574.148664] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 574.154188] ? kernfs_link_sibling+0x1d2/0x3b0 [ 574.158843] kernfs_new_node+0x80/0xf0 [ 574.162716] __kernfs_create_file+0x4d/0x330 [ 574.167106] sysfs_add_file_mode_ns+0x21a/0x560 [ 574.171762] internal_create_group+0x26d/0x9e0 [ 574.176349] sysfs_create_groups+0x9b/0x141 [ 574.180656] device_add+0x67e/0x16f0 [ 574.184351] ? kasan_kmalloc+0xc4/0xe0 [ 574.188222] ? device_private_init+0x240/0x240 [ 574.192793] ? kfree+0x15e/0x260 [ 574.196141] ? kfree_const+0x5e/0x70 [ 574.199845] device_create_groups_vargs+0x1ff/0x270 [ 574.204847] device_create_vargs+0x46/0x60 [ 574.209070] bdi_register_va.part.12+0xc3/0x9c0 [ 574.213723] ? lockdep_init_map+0x9/0x10 [ 574.217763] ? cgwb_kill+0x640/0x640 [ 574.221460] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 574.226975] ? bdi_init+0x3d0/0x4d0 [ 574.230582] ? wb_init+0xa00/0xa00 [ 574.234113] ? kasan_unpoison_shadow+0x35/0x50 [ 574.238676] ? kasan_kmalloc+0xc4/0xe0 [ 574.242545] ? kmem_cache_alloc_node_trace+0x302/0x770 [ 574.247805] bdi_register_va+0x68/0x80 [ 574.251675] super_setup_bdi_name+0x12d/0x240 [ 574.256153] ? kill_block_super+0x100/0x100 [ 574.260459] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 574.265987] ? ns_capable_common+0x13f/0x170 [ 574.270381] super_setup_bdi+0x7f/0xb0 [ 574.274253] v9fs_mount+0x268/0x900 [ 574.277863] ? v9fs_drop_inode+0x150/0x150 [ 574.282079] legacy_get_tree+0x118/0x440 [ 574.286123] vfs_get_tree+0x1cb/0x5c0 [ 574.289915] do_mount+0x6c1/0x1fb0 [ 574.293436] ? check_same_owner+0x340/0x340 [ 574.297741] ? lock_release+0xa30/0xa30 [ 574.301697] ? copy_mount_string+0x40/0x40 [ 574.305913] ? kasan_kmalloc+0xc4/0xe0 [ 574.309787] ? kmem_cache_alloc_trace+0x318/0x780 [ 574.314621] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 574.320139] ? _copy_from_user+0xdf/0x150 [ 574.324268] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 574.329785] ? copy_mount_options+0x285/0x380 [ 574.334265] ksys_mount+0x12d/0x140 [ 574.337873] __x64_sys_mount+0xbe/0x150 [ 574.341841] do_syscall_64+0x1b9/0x820 [ 574.345708] ? finish_task_switch+0x1d3/0x870 [ 574.350185] ? syscall_return_slowpath+0x5e0/0x5e0 [ 574.355099] ? syscall_return_slowpath+0x31d/0x5e0 [ 574.360023] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 574.365034] ? prepare_exit_to_usermode+0x291/0x3b0 [ 574.370035] ? perf_trace_sys_enter+0xb10/0xb10 [ 574.374684] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 574.379511] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 574.384690] RIP: 0033:0x455ab9 [ 574.387856] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 574.407036] RSP: 002b:00007ff52b1d3c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 574.414724] RAX: ffffffffffffffda RBX: 00007ff52b1d46d4 RCX: 0000000000455ab9 03:34:01 executing program 2: open$dir(&(0x7f0000000340)='./file0\x00', 0x40, 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300)='/dev/sequencer\x00', 0x0, 0x0) bind$alg(r0, &(0x7f00000015c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd128\x00'}, 0x58) mount$9p_rdma(&(0x7f00000002c0)='2\n4.20.20.', &(0x7f0000000280)='./file0\x00', &(0x7f0000000100)='9p\x00', 0x0, &(0x7f0000000000)={'trans=rdma,', {'port', 0x3d}, 0x2c}) mount$9p_rdma(&(0x7f0000000040)='127.0.0.1\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000140)='9p\x00', 0x0, &(0x7f00000017c0)={'trans=rdma,', {'port', 0x3d, 0x4e22}, 0x2c, {[{@sq={'sq', 0x3d}, 0x2c}, {@sq={'sq', 0x3d}, 0x2c}, {@common=@posixacl='posixacl', 0x2c}, {@rq={'rq', 0x3d, 0x1ff}, 0x2c}, {@rq={'rq', 0x3d, 0x8}, 0x2c}, {@timeout={'timeout', 0x3d, 0x1}, 0x2c}, {@common=@posixacl='posixacl', 0x2c}]}}) syz_mount_image$ntfs(&(0x7f00000016c0)='ntfs\x00', &(0x7f0000001680)='./file0\x00', 0x100000000, 0xaaaaaaaaaaaab4b, &(0x7f0000001500)=[{&(0x7f0000000200)="6250c053bcb80cda4db154666a30831ff31f80711f232e33969304ddc46f9a8985b943ecc3814b6361026012a3854dbc080119c1511cc6210f62d25f6b1e13ba0635f335e8aac55854bcaa", 0x4b, 0x714f}, {&(0x7f0000000380)="0c65200df764bcb216a406defe1fbed6c818b506c367d75eabadb1be99e335a393734e416ae9aa52ec305f2bc4426c72110c1a0d0fa22589b114cd6c2ba6fad8b5c15060b33425f3c39483e43fafe48057139f7701370fc2297d1a8b30becf5d7f7c49eb474c902527c4c81d8c14d05308cdd5eac83254d85fbd6a1ed6cf04efd65b8f09dfb6a4923cac13409862604a1276c1451a67bb52f1c57538a92878173617c79f437a1e8af9c0b19079700485d9907727135b0fe39c991f01e6d33d36f7a84be58cf8759187b16b874d689d21e45c734f59a6b4303d72fea6d930237f231534cf438ed5aba81b626778b8d012ba3b86cc32d95d352068c2a39ca7419188a918ab605d0571fcbe31ecbd1e67bb58e3ff83ebf2ac0010012384b6d3d99d498e62f5df3c0268ad1b2bdfc4750f44cc68c151b8a816968e53dd7c5fa0d0a3da94dd37847826f3c0a0ef1f1e0a23920f60cd98dcd26f47abb5aa03c677dd00e75232b9f73c4a012a95810f4f6f671e92995854d37eda574ad51dbd7c6b19dca5b216c1fcf2c625cf5b54dfb4ea51055822c6cfc51945908f4b348129d8f7d5b2f6f3c4f58c58a98f714fe0ec5f1a0f330ab574dd2b9a56e4df1c81f60a3d67c69d484fbdf0a4526abd77d7e3110fa569d2afceb121363e2990510eb6c7a73205d88a8163ebc44fb586ab0baaf7ce6c4ca88077409b116c5cb21a1944aad73238dd5ee2f8f126fd766ccb1363f064f99d63f7caffc7c835f51bb2516c2e3d8ae98b7a9387c8b71c9a9986dcc8a3965ae9acf06556f2df87b569232df985c72b0aed772424171435a9495a127095887b6832e999e1915071c795507c718bcf2ff72f6dc5fc988485ecb193a823844ea6199c59f620cf9bf6aedc541af38513fb92e0dac23d7dd1c788a901e200e9dd2ae9bfc02564227b77399dc77f86aec306c7a9837903eb0c0924123073300d584fe8516df5fc054f8227a9fd7f9ebbbd998b7df5fdc16d50c11aacfca995c75e46349c87108212c90310d5dc4ea7e800e500f9dc8e8556b472eb3dd0e9701711b9a8c71da5e91f3db5142bbf5533220e04831448c3f15f260a2c0d4294894830b1c3b004723d07d4c396956eb1e7a0265ca1e94883c275584fe761a3ffb90a4f22e65ddbd4393cf9f48e98405f0ceb22b9701d7c33f42c9e88a217d19ce5c997826691baa9fe814d349e6cecf6bab127112481de49f7e6034c30f9820e9bd8462712f7b358b7a89894860f364a7bfc2197347c92393222374812d9bc189002c9df635432936b54145f1b66266082d18cb7bfc6f7449e8a163c1729bce68aa940d26694415f4b7232b7bece15f6eb0e0e40a11a0a653247067a18a8b94cef06da4f32e4d1c97c9cc59a96386a7914afa403f84b5d83024837995f64b49038f8ee5907c7c8a1a7cbe644be1fbffac267ecc3b09c8b133241c9cc27640babb44e31420f398825ee8cb50aea498e399ec6b0f74e0b00c263e25a3e800e6d52c3f6458f2f50b8faa5f9b382e0386f59c6603c55fb71de3ebffe8caf7a3aa4ea57db586f62f094bdce0598fa3abd301646bcfcd05fc573b29b247ec4a169804fe61fabc4741b4bde10bf1cf868e24bee3cd9632fb38d8a3a216ec5332e0cebffee12560a4424e1e82b11a9ecb23506b59e582ed4cddb7856ab7f89bda9757896f60b4df5eaa860d8d5effcddd268a62e725ad83802d4593df8d0f71e695277387a39b427dcfb102a35cd3eb5576cc3acd103016d300da60e474d634e44981a6a62f1da8dc3b870c2a67ec0713627e43b3ffcffb5038b40cc8cb4d40b56ee92ef081ab7d4151d91881981c4f07624e4aa6771e7bdc005374a933f4dd0b6e7f22400fd0ce493d51b82d42ce66a145d5c143ac3dc46890bdf3d505a6c9ec0b122df71d81ae51c1916c75dfdb3a0db3a8fd80d65e0dc83aab4861cf410c5077d51ba5e776dbf806437b0b96fe715590f1b67f00d7b4caebd9f0d53690e03590be104f88cfb4a8d8f61c4771a6253cc6f6cf8eb10cbc627c157d514c99a4c0484d2eb7f36da9565878576d7f8b4272a956c33471d1d7176c8f257bfd83b2dd754764106b882eb30b52c11e691657e2da09df3349cd1e8a46e34424d6c16508e138554af9be365c162a112635bad7fb46af89d3cefa99a54bafc0f4dbcbbd89bf30e6ee480cf664a44eb8c3fbf6c93d96ce57efe175a58ef2083c4d020fbdc993070d4b141c11aa191ceb3e658dae409206007d4a400052ff1591ecb0cc545cec9ee950d291de30d52ac8708379e2abe7fabe4475d9cca82a72c480926c9db04e7e544263fa8ef160cd0a312d2fffb0f96b6f0800f6fbcca80269a9313ae6823c762de5e369daa9d66b8450606ecee3cc865a86535e1f7bb6bcd21c203cadd8e715ac3d343802db6bc7e25dbadc3d509359a18a87b063a5ad83a209b55bc5691abe45352f2e2928dc1a60316dbd1a40f2243b31a69e83579bbf04e80acc4948b19a08b058ba6150d85575f54f759c98695c923adde6fb04039b84c92ec1956f42d00efa889e49443b493d2fe4a9a8d41412180c8bcb9d13ba482e35d37ddd6e551a55fb7b23f3753ff4bb8910ed552485ddd42d7b2aef12848a015004aa71e7c238bc3f9ae32c4bea0b4ff9d8c7dfb6db3042d910dde206f4e1e393bdd42f519516fb4fffe32b1e7133046cace1740ffe9914db60efc68f44d5763e260a2b5e202bab7ed8df30292e603fbc6797ec2c57fdc9ca23a7c26b67ca3089f72a5ac9f5ea8d6817f1bfd10d2332b1e76a4a5171d496829b42003d86b429b1aeb73cb525beff990163b879e9289f390826a1666ac13d560cd3f904f2dcffa6c25de2aaff1273c3f16b475c4da7f6869e2ff9103f7118b9cd151ced6645b6c29ef435e4d588148598873d438c5af9044471343eb6160480cc6fb5a5d350c52ab3a7771e2b88227384aa8e98768b56974c2b60b768345dafc889be3a688429824a75e6465ceb28cdeba176f53c95b0370aec95b8975c1c8b2a248867fbbb001bb586418ef7b21e8ae607429655adb5ef8a8701c61fecf6dcb5a5722d26bd80066c5aab17070bd428e77299efac3003dbcbc44abd643098f5bee9323f4eb04cf078cbf4d8bb414eac6c01e8a786303ac3f3e9d632b4b42f0341d499da53c1b3d52e851a88cfd6270a8d1a43710a90e546d19e78261094c7008ffd20507c42c1c073eeb8eddc88b710bfe78dcf60772d60058141bf3159a8c72200d6fe192fc426b33c08d025ebbe5cf1cff088a558a3719ecc44d93e87129c460c2cead72e54ae5009ea5efd0b4b23bef58891c0438222d7cde8793266b9c91218021a577b6351539564124170f4a65a39ea869fde7978f7e70e4f92ff25f6b4e6b58a90c15edf08a04be888a646a5197378b3b128daf4b55e6a65910fbeaa56732afcde73e3896d67e566d075e861f0a91ab221d23690e3c18f30f4db394f53d6851e69bd9018863dbc1cf6206023d8eb251c3a8eba15b85882c0090e2a6f7a5e18ed9979c3f898133b7b49aff41ee67cf31b1d583e50c6a2951911e4a187ea53a9984670df0b510cfc9841cc039fdfc0265eb0bc0f3958601b10db9652eac88242f599a101249a605b3799cec1b0c8d1d1d4215be1ab80fd9d8ab4cc6e499f020d773cdf0a5238cb817a882e20140ffe76060366675cd5017045202a615807b7fa7b6ebfea5480ca78e79ba62aab2459645fc24df1f1815ca5a3936a2ab1cb771750dc4691086d3dcbe3d7a774ce8de23a31d599c5a3504cef01fe9d271304df294c1476538e9c3c7c85edb3834354e51b9178351b3fb4ce2f5d9b2e15a0ebaed373364b647116da07ec1c1da914f0dadbc1b419e4aaf51bf6436912ab9a58614310c74aaa6f9c09d77a7217890076bce46e9b5f695e7f99d95b68408cb9b4689a19c89d5eaabb61c99c14f61d98fa843355c85a5c9adf9bca50d8eab1c28901ff650f0dbc77f54d38d6522a42befcb129d925c465050e60a30ffbc8c2038562bc25a5e5311030ab866d60dbc6eb63e27308081225ebe0a0e1920f4f2ea001304ef258d536eb4b8dff4cddd74b113f95875af28c1fefe5c279aa31347d4cbbfb578d8f9664b52d9a3cdb8f41b71c71bbffcca97fb83fd4b206fa6aea43bacaaacd01503a4825bd3a9bdc1d49b0e6088d60e98fa6a93b4c84a5aeec978ca55b56ff631cdb966ec518d060ce8fd47fdad6256351bfc46c682519aadb42145dfba6556c8302f8fd4b41048ee9bfb7c50dc124f449923f5fcdf66f787a30c1df7391a9c2e27ee8c6b654f0b9c140a27d52df1abbfc0f3e426c3aa2be774e35716f7fa29d035872d2d88bb8b081490e9aadae2e39f3b91374c0780d31d47c89bd0d059ec352f9ccfd2849ebfcbfffe7b870888dd98dd445f7c2c5b4a8520253b13f1d7ab988d72d76e8ed49336e02ef0e70378f0fae581e9f4b669ecae320c20393828b110c03b0aa50310a1378f2f5362e8ddf88e96141f5a2cb14e197ed9b561e7f333cabb3d1f10b663c9f188afe53a930a0d077b7972d372d7fbbf67ea1c89e0308cf996a0b2a05c57c31551742a0fecfb6c1b10ecd27bb7abc63daf9419fe6f22701b9f2c8319a2418f1424000924025d83b0648b6493a2a53031c10d2bc94371d397aad20db9c4a8c4d2c0d7416b49f232207fdae9d84d5b29be7e6f19e2c365251076070451c7416bedc2063364c4b3156b6e7f377fededf21d32cd366fbe0cee5749e28bf8ea7f28f596d7d0079f1742a12bc483c96f195443d3ca99c111aa24676ec7f01698c61d99e6fab5e3562633313d571fd12a33e121e2fc568106f9c8e0d6ad003dc744cf0f525efcec4cd6ba0e56108bf1af340f5dc3b068a98eab3756e1a817291292885cd5ed90f3891874b5ec19fb291ed083bee473b0f83f83309a5ae92e2ab267a5d93318fe15e156e0b5bb959e0ec7f6fbd75c263feac565d365815c3fac1f8564bb58215b35be6cec0717232ace3912e73db960adb4d1d3728755e7e6383c5f6704cdd06eb3a05109cd013d87d6031f968e4b8a2df7db4024ffdae6c73a66546712bbc56dc6451a9b410cbcce87a361ee200f07e6edca1b7c469bfe54eb8f35dc8d18ae1e13810e51877b3fdf6a5ee106cb01b4cf09223b456a8fb82fe9197bb5694dfaa0c7b3bd69e55a53eeb3c0c3ad927d3e10acdd80f669b86a85a88cb63bf5b2cba73163ea9904720dfa08be9b6216d8ee2ecc45380be9aa26e30f8f6fff0f5b3e3870316b44149b412444855d18a882100181ca34b00127c38889fdb20664ecd45ab370307e161b43dde5949e16d7e55452373d9366a0f0c53aa21e692e8b06b08828c7bef36a79a1b66c5e6e9ee2950e834328f136a7453633e031030470ec9e9b40bededaee00c7ba5810371eceefe95a4fe42c4ba06db3dde32dc734e70275991af2485b34ecac627fe62d9116a6d5c3dde8b5353a6d8fd671c832761320182be94b4ecbe1d10091f691c0679e9b4378618455a5fb5a88f8a31323b4c6a3431f19fc545cc54578917d44423934d867dd632dd8cde0ec5fa5b6f52cb16f98b0a3d560f2ec65e9efea72967ed36ec3e83b653e5141e2e7fd05e488e790f8eea8f6cee388da37ad2eef5329e3b2d2d9f5ff4a1a56d2b2dc8b57bd0aa2f6fea237f457a8fe66ed594795b2bdded4e961435561ad391054c31c81a52964ae6935e1409e0df7a2bcb17cb6ead72ec6f13b6e5917d3fe14d51291cac9ffe6ca74d025010c5c9ca623c1405f52b0b5c1e8e49d96dbc3ef78", 0x1000, 0x1f}, {&(0x7f00000000c0)="51e7edff3ba5c4e206350cc1a5da289f", 0x10, 0x8}, {&(0x7f0000001380)="c5addd902c5881044ae9ea37020a8249d5bd4d5e975e1083b0702f73cdcdfcbcbed620c8b738cd56f8c4346e0af718b38d22a639e15ffcc2a9b2ff51d13afb59205436ab0cb3f7d1ab55f5f9462d227dc819da9cbbe64917e44cc0777f9e6ef0dc3887633ddb7aa8720cec1de1fbbd748fd9bd21c66864c58fb292acbdb218", 0x2a5, 0x40}, {&(0x7f0000001700)="cedf0c00cd7abcb3d7ae6d66ee38e381545b4b08132567abdde98bd564288caa80667cb224ce23e08944c4c504510e4352869f3d68966ef06eb3098d29258067a2ad27d1dff21d163184792950cba7faf7157bfc883bd8a07af112a0ff411c96c9b0fa5a3eebb93fc2d8e6d8323471c8174f825b860ed4f9ef149bae3d25324842b84911989dba", 0x8, 0x5}, {&(0x7f0000001400)="3f1881b835733db3e4d1d89f681f58dff02169f9d386b40875b84b463e8261bd2540408b7a865764ae86d619e14ce3958b4559d63d212f74df8b831813b01637d55026178e4c85d1a7cc410c9ecee649ca5d04b619aebd3f51070b41059478b514860bd68df6a53a253ccf0b65d3cb70afe00e08b4a5429669271d732f277e4799b6efa32d7ef8ba4633737f7c02839177901387215dce0e0e8bdb97acd7e78210490574c7b41ec859dc45fe2d905a16c48cc3f791b475ebeb2c43b55541e20d8b992563c2fccabd2316", 0xca, 0x80}], 0x1422, &(0x7f0000001640)={[{@show_sys_files_no='show_sys_files=no', 0x2c}, {@utf8='utf8', 0x2c}, {@fmask={'fmask', 0x3d, 0x5}, 0x2c}]}) 03:34:01 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0x40000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) [ 574.421976] RDX: 0000000020000900 RSI: 0000000020000000 RDI: 0000000000000000 [ 574.429227] RBP: 000000000072bea0 R08: 0000000020000140 R09: 0000000000000000 [ 574.436476] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 574.443726] R13: 00000000004c0201 R14: 00000000004cfe50 R15: 000000000000004c 03:34:01 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x2, @loopback=0x7f000001}, 0x10) 03:34:01 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0x4788], 0x1}}, 0x1c) 03:34:01 executing program 0 (fault-call:8 fault-nth:77): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) [ 574.601094] FAULT_INJECTION: forcing a failure. [ 574.601094] name failslab, interval 1, probability 0, space 0, times 0 [ 574.612436] CPU: 0 PID: 9794 Comm: syz-executor0 Not tainted 4.18.0-rc4-next-20180713+ #7 [ 574.620759] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 574.630120] Call Trace: [ 574.632718] dump_stack+0x1c9/0x2b4 [ 574.636357] ? dump_stack_print_info.cold.2+0x52/0x52 [ 574.641567] ? zap_class+0x740/0x740 [ 574.645291] ? perf_trace_lock+0xde/0x920 [ 574.649459] should_fail.cold.4+0xa/0x11 [ 574.653528] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 574.658636] ? kernfs_activate+0x8e/0x2c0 [ 574.662794] ? ___ratelimit.cold.2+0x6b/0x6b [ 574.667208] ? kasan_check_write+0x14/0x20 [ 574.671452] ? kernfs_activate+0x21a/0x2c0 [ 574.675692] ? lock_downgrade+0x8f0/0x8f0 [ 574.679847] ? lock_acquire+0x1e4/0x540 [ 574.683821] ? fs_reclaim_acquire+0x20/0x20 [ 574.688146] ? lock_downgrade+0x8f0/0x8f0 [ 574.692302] ? check_same_owner+0x340/0x340 [ 574.696626] ? kasan_check_write+0x14/0x20 [ 574.700863] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 574.705796] ? rcu_note_context_switch+0x730/0x730 [ 574.710740] __should_failslab+0x124/0x180 [ 574.714982] should_failslab+0x9/0x14 [ 574.718790] kmem_cache_alloc+0x2af/0x760 [ 574.722942] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 574.727875] ? kasan_check_write+0x14/0x20 [ 574.732119] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 574.737139] __kernfs_new_node+0xef/0x5a0 [ 574.741293] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 574.746050] ? mutex_unlock+0xd/0x10 [ 574.749759] ? kernfs_activate+0x21a/0x2c0 [ 574.753995] ? kernfs_walk_and_get_ns+0x340/0x340 [ 574.758844] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 574.764380] ? kernfs_link_sibling+0x1d2/0x3b0 [ 574.768967] kernfs_new_node+0x80/0xf0 [ 574.772857] __kernfs_create_file+0x4d/0x330 [ 574.777268] sysfs_add_file_mode_ns+0x21a/0x560 [ 574.781938] internal_create_group+0x26d/0x9e0 [ 574.786525] sysfs_create_groups+0x9b/0x141 [ 574.790848] device_add+0x67e/0x16f0 [ 574.794560] ? kasan_kmalloc+0xc4/0xe0 [ 574.798452] ? device_private_init+0x240/0x240 [ 574.803032] ? kfree+0x15e/0x260 [ 574.806397] ? kfree_const+0x5e/0x70 [ 574.810117] device_create_groups_vargs+0x1ff/0x270 [ 574.815134] device_create_vargs+0x46/0x60 [ 574.819369] bdi_register_va.part.12+0xc3/0x9c0 [ 574.824042] ? lockdep_init_map+0x9/0x10 [ 574.828100] ? cgwb_kill+0x640/0x640 [ 574.831813] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 574.837351] ? bdi_init+0x3d0/0x4d0 [ 574.840975] ? wb_init+0xa00/0xa00 [ 574.844515] ? kasan_unpoison_shadow+0x35/0x50 [ 574.849098] ? kasan_kmalloc+0xc4/0xe0 [ 574.852986] ? kmem_cache_alloc_node_trace+0x302/0x770 [ 574.858270] bdi_register_va+0x68/0x80 [ 574.862156] super_setup_bdi_name+0x12d/0x240 [ 574.866651] ? kill_block_super+0x100/0x100 [ 574.870976] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 574.876519] ? ns_capable_common+0x13f/0x170 [ 574.880936] super_setup_bdi+0x7f/0xb0 [ 574.884821] v9fs_mount+0x268/0x900 [ 574.888447] ? v9fs_drop_inode+0x150/0x150 [ 574.892682] legacy_get_tree+0x118/0x440 [ 574.896743] vfs_get_tree+0x1cb/0x5c0 [ 574.900544] do_mount+0x6c1/0x1fb0 [ 574.904081] ? kasan_check_read+0x11/0x20 [ 574.908228] ? do_raw_spin_unlock+0xa7/0x2f0 [ 574.912639] ? copy_mount_string+0x40/0x40 [ 574.916874] ? kasan_kmalloc+0xc4/0xe0 [ 574.920771] ? kmem_cache_alloc_trace+0x318/0x780 [ 574.925618] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 574.931153] ? copy_mount_options+0x285/0x380 [ 574.935648] ksys_mount+0x12d/0x140 [ 574.939276] __x64_sys_mount+0xbe/0x150 [ 574.943253] do_syscall_64+0x1b9/0x820 [ 574.947138] ? finish_task_switch+0x1d3/0x870 [ 574.951629] ? syscall_return_slowpath+0x5e0/0x5e0 [ 574.956557] ? syscall_return_slowpath+0x31d/0x5e0 [ 574.961483] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 574.966497] ? prepare_exit_to_usermode+0x291/0x3b0 [ 574.971514] ? perf_trace_sys_enter+0xb10/0xb10 [ 574.976183] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 574.981034] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 574.986215] RIP: 0033:0x455ab9 [ 574.989394] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 575.008706] RSP: 002b:00007ff52b1d3c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 575.016417] RAX: ffffffffffffffda RBX: 00007ff52b1d46d4 RCX: 0000000000455ab9 [ 575.023682] RDX: 0000000020000900 RSI: 0000000020000000 RDI: 0000000000000000 [ 575.030947] RBP: 000000000072bea0 R08: 0000000020000140 R09: 0000000000000000 [ 575.038215] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 575.045477] R13: 00000000004c0201 R14: 00000000004cfe50 R15: 000000000000004d 03:34:07 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9/\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:34:07 executing program 5: ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r0 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx\x00', 0x0, 0x0) poll(&(0x7f0000000000)=[{r1}], 0x1, 0x10001) fchdir(r1) r2 = syz_open_pts(r1, 0x200200) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r0, 0x14) r3 = dup3(r2, r1, 0x0) tkill(r0, 0x1000000000016) getsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(r3, 0x84, 0x8, &(0x7f0000000040), &(0x7f0000000080)=0x4) 03:34:07 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0x4], 0x1}}, 0x1c) 03:34:07 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0x51010000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:34:07 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x1800000000000000, @loopback=0x7f000001}, 0x10) 03:34:07 executing program 0 (fault-call:8 fault-nth:78): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) 03:34:07 executing program 7: capset(&(0x7f0000000000)={0x400019980330}, &(0x7f0000b2d000)={0x0, 0x0, 0x0, 0x0, 0x3ff}) r0 = openat$audio(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio\x00', 0x480, 0x0) mmap$xdp(&(0x7f0000ff4000/0x2000)=nil, 0x2000, 0x0, 0x40010, r0, 0x180000000) mbind(&(0x7f0000fef000/0xf000)=nil, 0xf000, 0x0, &(0x7f0000000140)=0x1, 0xd5, 0x6) socketpair$inet6(0xa, 0x3, 0x8, &(0x7f0000000040)) 03:34:07 executing program 2: getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000000)={0x0}, &(0x7f0000000040)=0xc) r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x0, 0x0) setsockopt$IP_VS_SO_SET_STARTDAEMON(r1, 0x0, 0x48b, &(0x7f00000000c0)={0x1, 'teql0\x00', 0x1}, 0x18) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x8000000}, r0, 0x0, 0xffffffffffffffff, 0x0) ioctl$LOOP_SET_STATUS(r1, 0x4c02, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x1f, 0x5, 0x0, 0x10, "c57e1d83d0ba7a857697289053e5684b02ef33c653d6059d65820f5e548366cbec46809ff887d63a9ac965409727866caf4c15beabacdbc8b45d4bf62864f327", "e25e7a8e9937af2c079dcf4cc707af6de989860e40e8df5e822d454c6df51481"}) r2 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) socket(0x1, 0x1, 0x40) bind$llc(r2, &(0x7f0000000b40)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @link_local={0x1, 0x80, 0xc2}}, 0x10) [ 580.797839] FAULT_INJECTION: forcing a failure. [ 580.797839] name failslab, interval 1, probability 0, space 0, times 0 [ 580.809217] CPU: 1 PID: 9819 Comm: syz-executor0 Not tainted 4.18.0-rc4-next-20180713+ #7 [ 580.817537] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 580.826892] Call Trace: [ 580.829487] dump_stack+0x1c9/0x2b4 [ 580.833122] ? dump_stack_print_info.cold.2+0x52/0x52 [ 580.838316] ? rcu_note_context_switch+0x730/0x730 [ 580.843258] should_fail.cold.4+0xa/0x11 03:34:07 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0x400000000000000], 0x1}}, 0x1c) 03:34:07 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f00000003c0)=[{&(0x7f0000000040)="eb3c906d6b66732e666174000204010002000270f7f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) syz_emit_ethernet(0x66, &(0x7f0000000080)={@broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], @random="02e518fd2854", [], {@ipv6={0x86dd, {0x0, 0x6, 'v`Q', 0x30, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0x2, [0x0, 0xfffffffffffff000], 0x1}, {[], @icmpv6=@dest_unreach={0xffffff86, 0x0, 0x0, 0x0, [0x14], {0x0, 0x6, "c5961e", 0x0, 0x0, 0x0, @mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x3, 0x58], 0x1}, @mcast2={0xff, 0x2, [], 0x1}}}}}}}}, 0x0) r1 = creat(&(0x7f0000000140)='./file0/file1\x00', 0x41) r2 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/sctp\x00') r3 = add_key$keyring(&(0x7f00000002c0)='keyring\x00', &(0x7f0000000300)={0x73, 0x79, 0x7a, 0x2}, 0x0, 0x0, 0xfffffffffffffffe) r4 = semget$private(0x0, 0x3, 0x91) semctl$GETALL(r4, 0x0, 0xd, &(0x7f0000000500)=""/4096) keyctl$invalidate(0x15, r3) renameat(r1, &(0x7f0000000180)='./file0/file0\x00', r2, &(0x7f0000000200)='./file0/file0\x00') r5 = creat(&(0x7f0000000240)='./file0/file0\x00', 0x0) ioctl$KVM_GET_REGS(r5, 0x40047211, &(0x7f0000000080)) 03:34:07 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0x20a], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:34:07 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0x5101000000000000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) [ 580.847324] ? kasan_check_write+0x14/0x20 [ 580.851568] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 580.856676] ? kernfs_activate+0x8e/0x2c0 [ 580.860834] ? ___ratelimit.cold.2+0x6b/0x6b [ 580.865247] ? mutex_trylock+0x2b0/0x2b0 [ 580.869313] ? kasan_check_write+0x14/0x20 [ 580.873557] ? __radix_tree_replace+0x188/0x2f0 [ 580.878226] ? kernfs_add_one+0x4f/0x4d0 [ 580.882291] ? kernfs_activate+0x21a/0x2c0 [ 580.886548] ? lock_downgrade+0x8f0/0x8f0 [ 580.890703] ? lock_acquire+0x1e4/0x540 03:34:07 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x1100000000000000, @loopback=0x7f000001}, 0x10) 03:34:07 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0x3f00000000000000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:34:07 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x40030000000000, @loopback=0x7f000001}, 0x10) [ 580.894680] ? fs_reclaim_acquire+0x20/0x20 [ 580.899010] ? lock_downgrade+0x8f0/0x8f0 [ 580.903170] ? check_same_owner+0x340/0x340 [ 580.907500] ? kasan_check_write+0x14/0x20 [ 580.911745] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 580.916680] ? rcu_note_context_switch+0x730/0x730 [ 580.921614] __should_failslab+0x124/0x180 [ 580.925853] should_failslab+0x9/0x14 [ 580.929659] kmem_cache_alloc+0x2af/0x760 [ 580.933810] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 580.938740] ? kasan_check_write+0x14/0x20 [ 580.942985] ? __sanitizer_cov_trace_cmp8+0x18/0x20 03:34:07 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0x4000000000000000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) [ 580.948012] __kernfs_new_node+0xef/0x5a0 [ 580.952169] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 580.956931] ? mutex_unlock+0xd/0x10 [ 580.960647] ? kernfs_activate+0x21a/0x2c0 [ 580.964886] ? kernfs_walk_and_get_ns+0x340/0x340 [ 580.969736] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 580.975273] ? kernfs_link_sibling+0x1d2/0x3b0 [ 580.979858] kernfs_new_node+0x80/0xf0 [ 580.983813] __kernfs_create_file+0x4d/0x330 [ 580.988225] sysfs_add_file_mode_ns+0x21a/0x560 [ 580.992895] sysfs_add_file+0x4e/0x60 [ 580.996696] sysfs_merge_group+0xfa/0x230 [ 581.000846] dpm_sysfs_add+0x161/0x210 [ 581.004741] device_add+0x857/0x16f0 [ 581.008456] ? device_private_init+0x240/0x240 [ 581.013033] ? kfree+0x15e/0x260 [ 581.016401] ? kfree_const+0x5e/0x70 [ 581.020121] device_create_groups_vargs+0x1ff/0x270 [ 581.025144] device_create_vargs+0x46/0x60 [ 581.029383] bdi_register_va.part.12+0xc3/0x9c0 [ 581.034057] ? lockdep_init_map+0x9/0x10 [ 581.038120] ? cgwb_kill+0x640/0x640 [ 581.041839] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 03:34:07 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9pj', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) [ 581.047380] ? bdi_init+0x3d0/0x4d0 [ 581.051008] ? wb_init+0xa00/0xa00 [ 581.054549] ? kasan_unpoison_shadow+0x35/0x50 [ 581.059134] ? kasan_kmalloc+0xc4/0xe0 [ 581.063028] ? kmem_cache_alloc_node_trace+0x302/0x770 [ 581.068309] bdi_register_va+0x68/0x80 [ 581.072199] super_setup_bdi_name+0x12d/0x240 [ 581.076694] ? kill_block_super+0x100/0x100 [ 581.081018] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 581.086629] ? ns_capable_common+0x13f/0x170 [ 581.091043] super_setup_bdi+0x7f/0xb0 [ 581.094936] v9fs_mount+0x268/0x900 [ 581.098565] ? v9fs_drop_inode+0x150/0x150 [ 581.102805] legacy_get_tree+0x118/0x440 [ 581.106869] vfs_get_tree+0x1cb/0x5c0 [ 581.110675] do_mount+0x6c1/0x1fb0 [ 581.114219] ? check_same_owner+0x340/0x340 [ 581.118534] ? lock_release+0xa30/0xa30 [ 581.122507] ? copy_mount_string+0x40/0x40 [ 581.126747] ? retint_kernel+0x10/0x10 [ 581.130635] ? copy_mount_options+0x1a1/0x380 [ 581.135132] ? __sanitizer_cov_trace_pc+0x44/0x50 [ 581.140064] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 581.145596] ? copy_mount_options+0x285/0x380 [ 581.150073] ksys_mount+0x12d/0x140 [ 581.153682] __x64_sys_mount+0xbe/0x150 [ 581.157638] do_syscall_64+0x1b9/0x820 [ 581.161506] ? syscall_return_slowpath+0x5e0/0x5e0 [ 581.166425] ? syscall_return_slowpath+0x31d/0x5e0 [ 581.171520] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 581.178178] ? prepare_exit_to_usermode+0x291/0x3b0 [ 581.183176] ? perf_trace_sys_enter+0xb10/0xb10 [ 581.187854] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 581.192710] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 581.197881] RIP: 0033:0x455ab9 [ 581.201049] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 581.220185] RSP: 002b:00007ff52b1d3c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 581.227873] RAX: ffffffffffffffda RBX: 00007ff52b1d46d4 RCX: 0000000000455ab9 [ 581.235147] RDX: 0000000020000900 RSI: 0000000020000000 RDI: 0000000000000000 [ 581.242396] RBP: 000000000072bea0 R08: 0000000020000140 R09: 0000000000000000 [ 581.249670] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 581.256917] R13: 00000000004c0201 R14: 00000000004cfe50 R15: 000000000000004e [ 581.298690] FAT-fs (loop2): Unrecognized mount option "./file0/file0" or missing value 03:34:08 executing program 5: r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='gretap0\x00', 0xfb) bind$llc(r0, &(0x7f0000000040)={0x1a, 0x200, 0x0, 0x0, 0x0, 0x0, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}}, 0xffffffffffffff1a) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000180)='/dev/hwrng\x00', 0x8000, 0x0) getsockopt$bt_BT_SNDMTU(r1, 0x112, 0xc, &(0x7f0000000280)=0x4, &(0x7f00000002c0)=0x2) ioctl$sock_inet_SIOCRTMSG(r1, 0x890d, &(0x7f0000000200)={0x9, {0x2, 0x4e24}, {0x2, 0x4e22, @rand_addr}, {0x2, 0x4e24, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x201, 0x4, 0xa052, 0x29, 0x5, &(0x7f00000001c0)='ip_vti0\x00', 0x2, 0x2}) setsockopt$IP_VS_SO_SET_FLUSH(r0, 0x0, 0x485, 0x0, 0x0) r2 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x0, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x4, &(0x7f00000000c0)={0xffffffffffffffff}, 0x13f, 0x6}}, 0x20) write$RDMA_USER_CM_CMD_NOTIFY(r2, &(0x7f0000000140)={0xf, 0x8, 0xfa00, {r3, 0x11}}, 0x10) 03:34:08 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x18000000, @loopback=0x7f000001}, 0x10) 03:34:08 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0x8000000000000000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:34:08 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:34:08 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0x200000000000000], 0x1}}, 0x1c) 03:34:08 executing program 7: r0 = perf_event_open(&(0x7f0000aaa000)={0x2, 0x70, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000040)='net/arp\x00') sendfile(r0, r1, &(0x7f00000000c0)=0x600, 0x20000000) ioctl$HDIO_GETGEO(r1, 0x301, &(0x7f0000000080)) 03:34:08 executing program 0 (fault-call:8 fault-nth:79): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) 03:34:08 executing program 2: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000001fd8)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x7, 0x5d}, [], {0x95}}, &(0x7f0000003ff6)='GPL\x00', 0x0, 0xc3, &(0x7f0000000000)=""/195}, 0x16) r1 = syz_open_dev$adsp(&(0x7f0000000180)='/dev/adsp#\x00', 0x4, 0x40) getsockopt$bt_rfcomm_RFCOMM_LM(r1, 0x12, 0x3, &(0x7f00000001c0), &(0x7f0000000200)=0x4) 03:34:08 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x700, @loopback=0x7f000001}, 0x10) 03:34:08 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0x8100], 0x1}}, 0x1c) 03:34:08 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0xab01], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:34:08 executing program 5: mlock2(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1) get_mempolicy(&(0x7f0000000000), &(0x7f0000000040), 0x8001, &(0x7f0000ffc000/0x3000)=nil, 0x7) 03:34:08 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) [ 581.745717] FAULT_INJECTION: forcing a failure. [ 581.745717] name failslab, interval 1, probability 0, space 0, times 0 [ 581.757005] CPU: 0 PID: 9915 Comm: syz-executor0 Not tainted 4.18.0-rc4-next-20180713+ #7 [ 581.765325] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 581.774678] Call Trace: [ 581.777276] dump_stack+0x1c9/0x2b4 [ 581.778934] FS-Cache: Duplicate cookie detected [ 581.780908] ? dump_stack_print_info.cold.2+0x52/0x52 [ 581.780924] ? rcu_note_context_switch+0x730/0x730 [ 581.780947] should_fail.cold.4+0xa/0x11 [ 581.785614] FS-Cache: O-cookie c=00000000daa3d3d4 [p=000000002d9990e0 fl=222 nc=0 na=1] [ 581.790790] ? kasan_check_write+0x14/0x20 [ 581.790806] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 581.790824] ? kernfs_activate+0x8e/0x2c0 [ 581.795745] FS-Cache: O-cookie d=000000000b958622 n=0000000059db9db0 [ 581.799782] ? ___ratelimit.cold.2+0x6b/0x6b [ 581.799801] ? mutex_trylock+0x2b0/0x2b0 [ 581.807938] FS-Cache: O-key=[10] ' [ 581.812128] ? kasan_check_write+0x14/0x20 [ 581.812148] ? __radix_tree_replace+0x188/0x2f0 [ 581.817223] 34 [ 581.821348] ? kernfs_add_one+0x4f/0x4d0 [ 581.821364] ? kernfs_activate+0x21a/0x2c0 [ 581.827826] 32 [ 581.832207] ? lock_downgrade+0x8f0/0x8f0 [ 581.832225] ? lock_acquire+0x1e4/0x540 [ 581.836257] 39 [ 581.839802] ? fs_reclaim_acquire+0x20/0x20 [ 581.839819] ? lock_downgrade+0x8f0/0x8f0 [ 581.844028] 35 [ 581.848673] ? check_same_owner+0x340/0x340 [ 581.848690] ? kasan_check_write+0x14/0x20 [ 581.850468] 32 [ 581.854520] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 581.854537] ? rcu_note_context_switch+0x730/0x730 [ 581.858741] 34 [ 581.860521] __should_failslab+0x124/0x180 [ 581.860540] should_failslab+0x9/0x14 [ 581.864656] 39 [ 581.868606] kmem_cache_alloc+0x2af/0x760 [ 581.868622] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 581.870426] 30 [ 581.874721] ? kasan_check_write+0x14/0x20 [ 581.874739] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 581.878858] 35 [ 581.880637] __kernfs_new_node+0xef/0x5a0 [ 581.880653] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 581.884948] 33 [ 581.889164] ? mutex_unlock+0xd/0x10 [ 581.889179] ? kernfs_activate+0x21a/0x2c0 [ 581.890957] ' [ 581.895860] ? kernfs_walk_and_get_ns+0x340/0x340 [ 581.895878] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 581.900817] FS-Cache: N-cookie c=00000000c3b79b0f [p=000000002d9990e0 fl=2 nc=0 na=1] [ 581.902588] ? kernfs_link_sibling+0x1d2/0x3b0 [ 581.902604] kernfs_new_node+0x80/0xf0 [ 581.906814] FS-Cache: N-cookie d=000000000b958622 n=0000000030fe5378 [ 581.910588] __kernfs_create_file+0x4d/0x330 [ 581.910605] sysfs_add_file_mode_ns+0x21a/0x560 [ 581.912390] FS-Cache: N-key=[10] ' [ 581.916517] internal_create_group+0x26d/0x9e0 [ 581.916536] sysfs_create_groups+0x9b/0x141 [ 581.921437] 34 [ 581.923218] device_add+0x67e/0x16f0 [ 581.923236] ? kasan_kmalloc+0xc4/0xe0 [ 581.927442] 32 [ 581.932434] ? device_private_init+0x240/0x240 [ 581.932450] ? kfree+0x15e/0x260 [ 581.934229] 39 [ 581.938355] ? kfree_const+0x5e/0x70 [ 581.938373] device_create_groups_vargs+0x1ff/0x270 [ 581.943101] 35 [ 581.944883] device_create_vargs+0x46/0x60 03:34:08 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0xffffa888], 0x1}}, 0x1c) 03:34:08 executing program 5: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x0, 0x32, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0x6, 0x141880) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000040)={{{@in=@broadcast, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@remote}, 0x0, @in6=@local}}, &(0x7f0000000140)=0xe8) lstat(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) write$P9_RGETATTR(r0, &(0x7f0000000240)={0xa0, 0x19, 0x2, {0x40, {0xa0, 0x2, 0x6}, 0x90, r1, r2, 0x7, 0x6, 0x3, 0x3d, 0x6, 0x8000, 0x1, 0xffffffff, 0x100, 0x6, 0x800, 0x8001, 0x4, 0x30, 0x3f}}, 0xa0) r3 = socket(0x2, 0x2, 0x0) mremap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x4000, 0x0, &(0x7f0000000000/0x4000)=nil) r4 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f000000eff4)) epoll_wait(r4, &(0x7f000000affb)=[{}], 0x1, 0xfffffffffffffff8) shutdown(r3, 0x1) shutdown(r3, 0x0) syz_mount_image$nfs4(&(0x7f0000000300)='nfs4\x00', &(0x7f0000000340)='./file0\x00', 0x1, 0x8, &(0x7f0000000940)=[{&(0x7f0000000380)="d41d3f09773005fdbe8d27bfb69014b5e59beace6bb54b856beaca6136d0af5af9b0d0548254b7365056966547314cad9dbc5801860a894e7aa3455f20ba3e326576a1c96eb4767d6430d4c688b631b865ba8068a48b4cefe8902a2dd94a42c8f26c6d7fe7bc18216d8e57ba6c708eafff9bbfb0a650aa8638a13e7ea674987db66d94a686468c16908e1f0c077817364c0717b5fc1920ea2c8b46c68e0515c6e92b8ef684624aa6c3a02c240f24b139e993eb26b5453b71a979b4cb9dc15c1d3ab17c0becf4353b91ae81d163ff5ee49c4148cd1fc24695312c6310a87b4e052ba7", 0xe2, 0x5}, {&(0x7f0000000480)="0f8b349ce3915059d8cb13a854d0c11683c0a609488a59775e0005d1935f634f73d48b7627d88ad3156a703eb69821cb57972b4ebb45ab93af1266671df574df81681297d17fda8ec1f5f976dbb94754a0da258600987953e51e07db0d881d648a85ba162ae21bdc8c902483da44f505cc94e5bf90ecd03e11e986dc27a7e4bc4644164735dbc049311e43b160cdf60f7f13f736f646d57809bda2cb8266", 0x9e, 0x1f}, {&(0x7f0000000540)="a45e8f8a6c5a6d202397eb4e70dd618a11eead315ada34e45d90994ad2d74d7b9f2fd5689d0b0c2764d2f8366954a87e35f8bbcd860bb6ecb8c21c8a34a851f2c52c3f547edb2170af5f07938455ef802b9d8832e388e060c986a72e372e6642384af30d8970e0280af777cd023384a1f87c8b58e5d01bfd61339831f163508512b8ff23f787524e27493a6c9bd5ea09667f017ba8da453ced88ce5e44ba822250d04418ffa722bb4bdcaf2f7da9477f2e2d2d7d0e592e5fa550b9f2faebdeb8d3f2814318363d971d6a34bdb47d0d", 0xcf, 0x83ac}, {&(0x7f0000000640)="b393f4539c4fa4a2b5d9fcb7f192732c50a610a54c17e535baf90173c6051804466516793f6743f4733462bf29d60cb4e3fa052b872bbd0209d43154db0fe39e87c7", 0x42, 0x8}, {&(0x7f00000006c0)="76a82e9afe6580d34521c477ab219043919b42e784c82449d1614ff0d6c4362e34947a7e2c5b6173f0635a08db1de96f7c99d4fb0422ad8740ee269f8ccd06b778a5a0", 0x43, 0x3}, {&(0x7f0000000740)="11eef5c5337b09217682040dd32bcece97a4f1115736dae20f777f9b16576e0bad4cfc8e25aca34c697c2fe37c878ab9f7bb3dffd549ee02c14a48c79d8bd21fb4316fec35d1277c770a37fee232595b68e3cc603a97d907f841266329f075281060fb4376383032f38614ab96a1e6903ebf34db55975adb596b0a4f34d5aa9a4bbe420fe1fa3851c84064d4e60652adb8b9a877ccf273f6b0f2784e7f4c6ca4218a9d7ad8e097d9923c3eccb1f4703e69b41c556947998e99f9b42f1f04e96a1bac7fa4e564d1555f2f0bc2a64a3c1a8a370bac87e2d974b0dff44852bf33c9e55986e71c9aae37f236460092c5b833bccacc87aa", 0xf5}, {&(0x7f0000000840)="4545728e5e030117def564aaff7a1cc4ff90e53fe4c54240d3aade89138e103537fec70400", 0x25}, {&(0x7f0000000880)="af95823687ce198b96e1f54e80ebd8e2a1e85851542be7914c7c112c8001e67735a4d2282866117a4eeb5fd52f6d1b1a89017b1726ed29d1286a16500133146560de1142608b240e5a01c44bc988f03056ea0d66f9bdea20fcda951fe5bc175c5602454f8c225d78f88f79c53132cb7c6ac7e7869032e301dd3563eff7fa1fa074bf4ca7ae249d26971b767b32abd3181caa737c63", 0x95, 0x10000}], 0x22, &(0x7f0000000a00)='/dev/dmmidi#\x00') getpeername(r0, &(0x7f0000000a40)=@ax25, &(0x7f0000000ac0)=0x80) 03:34:08 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0xe202, @loopback=0x7f000001}, 0x10) 03:34:08 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) [ 581.944900] bdi_register_va.part.12+0xc3/0x9c0 [ 581.948586] 32 [ 581.952796] ? lockdep_init_map+0x9/0x10 [ 581.952811] ? cgwb_kill+0x640/0x640 [ 581.954501] 34 [ 581.959318] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 581.959333] ? bdi_init+0x3d0/0x4d0 [ 581.964878] 39 [ 581.972827] ? wb_init+0xa00/0xa00 [ 581.972839] ? kasan_unpoison_shadow+0x35/0x50 [ 581.972856] ? kasan_kmalloc+0xc4/0xe0 [ 581.977412] 30 [ 581.981275] ? kmem_cache_alloc_node_trace+0x302/0x770 [ 581.981293] bdi_register_va+0x68/0x80 [ 581.987953] 35 03:34:08 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0xf5ffffff00000000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) [ 581.992339] super_setup_bdi_name+0x12d/0x240 [ 581.992356] ? kill_block_super+0x100/0x100 [ 581.996996] 33 [ 582.000514] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 582.000531] ? ns_capable_common+0x13f/0x170 [ 582.005081] ' [ 582.009379] super_setup_bdi+0x7f/0xb0 [ 582.009402] v9fs_mount+0x268/0x900 [ 582.126272] ? v9fs_drop_inode+0x150/0x150 [ 582.130511] legacy_get_tree+0x118/0x440 [ 582.134583] vfs_get_tree+0x1cb/0x5c0 [ 582.138390] do_mount+0x6c1/0x1fb0 [ 582.141929] ? kasan_check_write+0x14/0x20 03:34:08 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0xfd, @loopback=0x7f000001}, 0x10) 03:34:08 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0x8b00000000000000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) [ 582.146168] ? copy_mount_string+0x40/0x40 [ 582.150416] ? retint_kernel+0x10/0x10 [ 582.154309] ? copy_mount_options+0x1d9/0x380 [ 582.158809] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 582.164353] ? copy_mount_options+0x285/0x380 [ 582.168862] ksys_mount+0x12d/0x140 [ 582.172487] __x64_sys_mount+0xbe/0x150 [ 582.176465] do_syscall_64+0x1b9/0x820 [ 582.180348] ? finish_task_switch+0x1d3/0x870 [ 582.184850] ? syscall_return_slowpath+0x5e0/0x5e0 [ 582.189783] ? syscall_return_slowpath+0x31d/0x5e0 03:34:08 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x5, @loopback=0x7f000001}, 0x10) [ 582.194718] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 582.199737] ? prepare_exit_to_usermode+0x291/0x3b0 [ 582.204755] ? perf_trace_sys_enter+0xb10/0xb10 [ 582.209438] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 582.214292] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 582.219497] RIP: 0033:0x455ab9 [ 582.222676] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 03:34:09 executing program 7: r0 = accept4$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, @broadcast}, &(0x7f0000000100)=0x10, 0x80800) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff}) sendto(r0, &(0x7f0000000240)="446ac662520194a86d75ad09309c1653f7066aeb67f1a53d8481da0b0107f6489b17ee9dd65833ac0457d4397e4cb3b4897863383f3c77a978dfe3dd9506fcc94de382a62d", 0x45, 0x20000000, &(0x7f0000000300)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x2, 0x0, 0x4, 0x3, {0xa, 0x4e20, 0x3, @dev={0xfe, 0x80, [], 0xe}, 0x200020000000000}}}, 0x80) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000004c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = openat$vsock(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/vsock\x00', 0x400, 0x0) setsockopt$bt_BT_SECURITY(r4, 0x112, 0x4, &(0x7f0000000400)={0x1000, 0x9}, 0x2) recvmsg(r3, &(0x7f0000000040)={&(0x7f0000000140)=@alg, 0x80, &(0x7f0000000340), 0x0, &(0x7f00000007c0)=""/22, 0x16}, 0x0) ioctl(r1, 0x9, &(0x7f00000005c0)="0c960a2e1b1440f4a0e35fac1a8aa254351a9fac8a68fdc0d3bd6f97dba44517cf76d5970b9cc6021d3e7320e910ea0fb14f689722c548049f2391beabf9eeaf10b5cfcfd2131b3eab4d237469578e0b17b78b01b935229fbda04d194d46e8ef73a56eed3e8413a666523ac6a08bfff29663b73ac9c84bebd0ba1100dee23a071b2dfd25a95899330cfce93e89b020c4df8b27847d8f1f1bba702e1027c3817fc35af41c43") fcntl$dupfd(r0, 0x406, r1) sendmsg(r2, &(0x7f0000000000)={&(0x7f00000001c0)=@un=@abs, 0x80, &(0x7f00000006c0), 0x0, &(0x7f0000000080)=[{0x18, 0x1, 0x1, "01"}], 0x18}, 0x0) r5 = socket$inet6_dccp(0xa, 0x6, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f0000000800)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000000000000000000000000000000e00000004000000200400003002000040010000400100004001000050030000500300005003000050030000500300005003000004000000", @ANYPTR=&(0x7f0000000380)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'], @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000018014001000000000000000000000000000000000000000000000000280069636d7036000000000000000000000000000000000000000000000000000edfff0000000000280073657400000000000000000000000000000000000000000000000000000106001f0900000000280053455400000000000000000000000004000000000000000000000000000103000109ea0209030000000000000000000000000000000100000000000000000000ffffac1414aaffffffffffffff00ffffffffff000000ff000000ff0000ffffffff00ffffffff69705f7674693000000000000000000067726530000000000000000000000000000000000000000000ff0000000000000000000000000000000000000000000000000000000000ff000000000000000000000000000000002f00050008000000000000000000000000000000c800f0000000000000000000000000000000000000000000000000002800415544495400000000000000000000000000000000000000000000000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f800200100000000000000000000000000000000000000000000000030007564700000000000000000000000000000000000000000000000000000004e204e214e204e200200000000000000280052454a45435400000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a800d0000000000000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000000feffffff00000000"], 0x480) [ 582.241939] RSP: 002b:00007ff52b1d3c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 582.249653] RAX: ffffffffffffffda RBX: 00007ff52b1d46d4 RCX: 0000000000455ab9 [ 582.256927] RDX: 0000000020000900 RSI: 0000000020000000 RDI: 0000000000000000 [ 582.264224] RBP: 000000000072bea0 R08: 0000000020000140 R09: 0000000000000000 [ 582.271497] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 582.278771] R13: 00000000004c0201 R14: 00000000004cfe50 R15: 000000000000004f 03:34:09 executing program 0 (fault-call:8 fault-nth:80): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) 03:34:09 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0x86ddffff00000000], 0x1}}, 0x1c) 03:34:09 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0xf5ffffff], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:34:09 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0xfeffffff00000000, @loopback=0x7f000001}, 0x10) 03:34:09 executing program 2: socket$inet6(0xa, 0x1, 0x0) r0 = eventfd2(0x0, 0x0) r1 = dup(r0) r2 = open(&(0x7f00000008c0)='./file0\x00', 0x20141042, 0x0) ioctl$TIOCMGET(r1, 0x5415, &(0x7f0000000140)) getsockopt$inet_IP_IPSEC_POLICY(r2, 0x0, 0x10, &(0x7f0000000000)={{{@in=@remote, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@local}, 0x0, @in=@remote}}, &(0x7f0000000100)=0xe8) mount$9p_fd(0x0, &(0x7f0000002200)='./file0\x00', &(0x7f0000002240)='9p\x00', 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',noextend,noextend,access=client,version=9p2000.u,access=', @ANYRESDEC=r3, @ANYBLOB="2c616669643d3078303030303030303030303030303430312c64656275673d30783030303030b03030397e9490f1c007620d5822ed088730303030303030c55d8b17f89c92afa965fe0582977cc07fd9743fe64bae11aa4a993f93594cb4e64ee452c1f98e45d31d4a522fd30a9f9f591c67e49d219a2664d1593f9f8f384b0f31417be8d7ce8fa5db68d6bf9e6ba78643f1641badcf89d7709ef7a207"]) 03:34:09 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0xd6030000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:34:09 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:34:09 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x20000000, @loopback=0x7f000001}, 0x10) [ 582.385948] FAULT_INJECTION: forcing a failure. [ 582.385948] name failslab, interval 1, probability 0, space 0, times 0 [ 582.397267] CPU: 0 PID: 9980 Comm: syz-executor0 Not tainted 4.18.0-rc4-next-20180713+ #7 [ 582.405580] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 582.414931] Call Trace: [ 582.417525] dump_stack+0x1c9/0x2b4 [ 582.421172] ? dump_stack_print_info.cold.2+0x52/0x52 [ 582.426381] ? kasan_check_write+0x14/0x20 [ 582.430627] should_fail.cold.4+0xa/0x11 [ 582.434697] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 582.439812] ? mutex_trylock+0x2b0/0x2b0 [ 582.443883] ? kasan_check_write+0x14/0x20 [ 582.448121] ? __mutex_lock+0x6c4/0x1680 [ 582.452184] ? __radix_tree_replace+0x188/0x2f0 [ 582.456854] ? kernfs_add_one+0x4f/0x4d0 [ 582.460923] ? kernfs_activate+0x21a/0x2c0 [ 582.465164] ? lock_downgrade+0x8f0/0x8f0 [ 582.469322] ? radix_tree_iter_tag_clear+0x97/0xd0 [ 582.474268] ? radix_tree_iter_replace+0x49/0x60 [ 582.479034] ? lock_acquire+0x1e4/0x540 [ 582.483016] ? fs_reclaim_acquire+0x20/0x20 [ 582.487342] ? lock_downgrade+0x8f0/0x8f0 [ 582.491503] ? check_same_owner+0x340/0x340 [ 582.495831] ? wait_for_completion+0x8d0/0x8d0 [ 582.500420] ? rcu_note_context_switch+0x730/0x730 [ 582.505361] ? do_raw_spin_unlock+0xa7/0x2f0 [ 582.509768] __should_failslab+0x124/0x180 [ 582.513986] should_failslab+0x9/0x14 [ 582.517770] kmem_cache_alloc+0x2af/0x760 [ 582.521897] ? kasan_check_write+0x14/0x20 [ 582.526114] ? __kernfs_new_node+0x426/0x5a0 [ 582.530503] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 582.535500] __kernfs_new_node+0xef/0x5a0 [ 582.539629] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 582.544451] ? kernfs_walk_and_get_ns+0x340/0x340 [ 582.549278] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 582.554796] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 582.560311] ? kernfs_put+0x49b/0x760 [ 582.564091] ? kernfs_add_one+0x129/0x4d0 [ 582.568220] kernfs_new_node+0x80/0xf0 [ 582.572098] kernfs_create_dir_ns+0x3d/0x140 [ 582.576487] internal_create_group+0x3c9/0x9e0 [ 582.581053] ? internal_create_group+0x39a/0x9e0 [ 582.585802] sysfs_create_group+0x1f/0x30 [ 582.589954] dpm_sysfs_add+0x26/0x210 [ 582.593745] device_add+0x857/0x16f0 [ 582.597451] ? device_private_init+0x240/0x240 [ 582.602021] ? kfree+0x15e/0x260 [ 582.605382] ? kfree_const+0x5e/0x70 [ 582.609098] device_create_groups_vargs+0x1ff/0x270 [ 582.614112] device_create_vargs+0x46/0x60 [ 582.618345] bdi_register_va.part.12+0xc3/0x9c0 [ 582.622993] ? lockdep_init_map+0x9/0x10 [ 582.627041] ? cgwb_kill+0x640/0x640 [ 582.630739] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 582.636255] ? bdi_init+0x3d0/0x4d0 [ 582.639859] ? wb_init+0xa00/0xa00 [ 582.643380] ? kasan_unpoison_shadow+0x35/0x50 [ 582.647953] ? kasan_kmalloc+0xc4/0xe0 [ 582.651830] ? kmem_cache_alloc_node_trace+0x302/0x770 [ 582.657099] bdi_register_va+0x68/0x80 [ 582.660967] super_setup_bdi_name+0x12d/0x240 [ 582.665451] ? kill_block_super+0x100/0x100 [ 582.669771] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 582.675301] ? ns_capable_common+0x13f/0x170 [ 582.679709] super_setup_bdi+0x7f/0xb0 [ 582.683579] v9fs_mount+0x268/0x900 [ 582.687184] ? v9fs_drop_inode+0x150/0x150 [ 582.691409] legacy_get_tree+0x118/0x440 [ 582.695450] vfs_get_tree+0x1cb/0x5c0 [ 582.699239] do_mount+0x6c1/0x1fb0 [ 582.702766] ? check_same_owner+0x340/0x340 [ 582.707067] ? lock_release+0xa30/0xa30 [ 582.711030] ? copy_mount_string+0x40/0x40 [ 582.715250] ? retint_kernel+0x10/0x10 [ 582.719120] ? copy_mount_options+0x1f0/0x380 [ 582.723596] ? copy_mount_options+0x202/0x380 [ 582.728070] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 582.733586] ? copy_mount_options+0x285/0x380 [ 582.738062] ksys_mount+0x12d/0x140 [ 582.741681] __x64_sys_mount+0xbe/0x150 [ 582.745647] do_syscall_64+0x1b9/0x820 [ 582.749515] ? finish_task_switch+0x1d3/0x870 [ 582.753992] ? syscall_return_slowpath+0x5e0/0x5e0 [ 582.758911] ? syscall_return_slowpath+0x31d/0x5e0 [ 582.763822] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 582.768826] ? prepare_exit_to_usermode+0x291/0x3b0 [ 582.773822] ? perf_trace_sys_enter+0xb10/0xb10 [ 582.778472] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 582.783301] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 582.788469] RIP: 0033:0x455ab9 [ 582.791636] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 582.810762] RSP: 002b:00007ff52b1d3c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 582.818451] RAX: ffffffffffffffda RBX: 00007ff52b1d46d4 RCX: 0000000000455ab9 [ 582.825699] RDX: 0000000020000900 RSI: 0000000020000000 RDI: 0000000000000000 [ 582.832947] RBP: 000000000072bea0 R08: 0000000020000140 R09: 0000000000000000 [ 582.840194] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 582.847442] R13: 00000000004c0201 R14: 00000000004cfe50 R15: 0000000000000050 03:34:09 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000002000)={0xaa}) r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x200, 0x0) write$P9_RSYMLINK(r3, &(0x7f0000000040)={0x14, 0x11, 0x1, {0x1b, 0x4, 0x5}}, 0x14) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r4 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r4, 0x0, 0x2000000000000004, &(0x7f0000013ff4)={@local={0xac, 0x14, 0x14, 0xaa}, @rand_addr}, 0xc) getsockopt$EBT_SO_GET_ENTRIES(r4, 0x0, 0x81, &(0x7f00000001c0)={'nat\x00', 0x0, 0x0, 0xc, [], 0x0, &(0x7f0000000080), &(0x7f00000000c0)=""/12}, &(0x7f0000000100)=0x78) close(r4) dup3(r1, r2, 0x0) 03:34:09 executing program 2: mmap(&(0x7f0000000000/0x8b000)=nil, 0x8b000, 0x1000004, 0x10000032, 0xffffffffffffffff, 0x0) pipe2(&(0x7f0000000040)={0xffffffffffffffff}, 0x84000) setsockopt$inet_sctp6_SCTP_AUTOCLOSE(r0, 0x84, 0x4, &(0x7f0000000080)=0x3, 0x4) syz_mount_image$xfs(&(0x7f0000000300)='xfs\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x2, &(0x7f0000000640)=[{&(0x7f0000000380), 0x0, 0xafb8}, {&(0x7f0000000540)="c900a805c8084768a39006ee5c0dd601f2e6808a711f7fec0933b4816dc2b62d34de43bfcef72cb12c47d26a8e6e686ccc33375a0c8b5200ce3b51784b6385d376b3b3a3c536f53c6c07d857d7bd1b35d5de401cbd687c1996e7a46e26f3e984f496b7e336323213dac93ca2b50524e2bb5e", 0x72, 0x40}], 0x0, &(0x7f00000004c0)={[{@biosize={'biosize', 0x3d}, 0x2c}]}) futex(&(0x7f0000001000), 0x8c, 0x1, &(0x7f0000191000), &(0x7f0000000000), 0x0) 03:34:09 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0xd603], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:34:09 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x18, @loopback=0x7f000001}, 0x10) 03:34:09 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0x43050000], 0x1}}, 0x1c) 03:34:09 executing program 0 (fault-call:8 fault-nth:81): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) 03:34:09 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)="3970ff", 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) [ 582.951268] FAULT_INJECTION: forcing a failure. [ 582.951268] name failslab, interval 1, probability 0, space 0, times 0 [ 582.962550] CPU: 1 PID: 10009 Comm: syz-executor0 Not tainted 4.18.0-rc4-next-20180713+ #7 [ 582.970954] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 582.980313] Call Trace: [ 582.982910] dump_stack+0x1c9/0x2b4 [ 582.986546] ? dump_stack_print_info.cold.2+0x52/0x52 [ 582.991742] ? check_same_owner+0x340/0x340 [ 582.996076] should_fail.cold.4+0xa/0x11 [ 583.000142] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 583.005250] ? __mutex_lock+0x6c4/0x1680 [ 583.009322] ? lock_acquire+0x1e4/0x540 [ 583.013297] ? kernfs_find_and_get_ns+0x25/0x70 [ 583.017971] ? lock_release+0xa30/0xa30 [ 583.021952] ? check_same_owner+0x340/0x340 [ 583.026280] ? __radix_tree_replace+0x188/0x2f0 [ 583.030953] ? rcu_note_context_switch+0x730/0x730 [ 583.035891] ? lock_acquire+0x1e4/0x540 [ 583.039874] ? fs_reclaim_acquire+0x20/0x20 [ 583.044203] ? lock_downgrade+0x8f0/0x8f0 [ 583.048356] ? check_same_owner+0x340/0x340 [ 583.052680] ? mutex_trylock+0x2b0/0x2b0 [ 583.056749] ? rcu_note_context_switch+0x730/0x730 [ 583.061683] ? kasan_check_write+0x14/0x20 [ 583.065933] __should_failslab+0x124/0x180 [ 583.070180] should_failslab+0x9/0x14 [ 583.073978] kmem_cache_alloc+0x2af/0x760 [ 583.078113] ? kasan_check_write+0x14/0x20 [ 583.082341] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 583.087342] __kernfs_new_node+0xef/0x5a0 [ 583.091473] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 583.096213] ? kasan_check_write+0x14/0x20 [ 583.100462] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 583.105384] ? wait_for_completion+0x8d0/0x8d0 [ 583.109962] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 583.115486] kernfs_new_node+0x80/0xf0 [ 583.119372] __kernfs_create_file+0x4d/0x330 [ 583.123770] sysfs_add_file_mode_ns+0x21a/0x560 [ 583.128446] sysfs_add_file+0x4e/0x60 [ 583.132236] sysfs_merge_group+0xfa/0x230 [ 583.136366] dpm_sysfs_add+0x161/0x210 [ 583.140238] device_add+0x857/0x16f0 [ 583.143952] ? device_private_init+0x240/0x240 [ 583.148527] ? kfree+0x15e/0x260 [ 583.151883] ? kfree_const+0x5e/0x70 [ 583.155588] device_create_groups_vargs+0x1ff/0x270 [ 583.160598] device_create_vargs+0x46/0x60 [ 583.164819] bdi_register_va.part.12+0xc3/0x9c0 [ 583.169492] ? lockdep_init_map+0x9/0x10 [ 583.173724] ? cgwb_kill+0x640/0x640 [ 583.177428] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 583.183054] ? bdi_init+0x3d0/0x4d0 [ 583.186665] ? wb_init+0xa00/0xa00 [ 583.190188] ? kasan_unpoison_shadow+0x35/0x50 [ 583.194764] ? kasan_kmalloc+0xc4/0xe0 [ 583.198634] ? kmem_cache_alloc_node_trace+0x302/0x770 [ 583.203902] bdi_register_va+0x68/0x80 [ 583.207773] super_setup_bdi_name+0x12d/0x240 [ 583.212257] ? kill_block_super+0x100/0x100 [ 583.216579] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 583.222118] ? ns_capable_common+0x13f/0x170 [ 583.226536] super_setup_bdi+0x7f/0xb0 [ 583.230435] v9fs_mount+0x268/0x900 [ 583.234059] ? v9fs_drop_inode+0x150/0x150 [ 583.238290] legacy_get_tree+0x118/0x440 [ 583.242364] vfs_get_tree+0x1cb/0x5c0 [ 583.246166] do_mount+0x6c1/0x1fb0 [ 583.249711] ? kasan_check_read+0x11/0x20 [ 583.253857] ? do_raw_spin_unlock+0xa7/0x2f0 [ 583.258266] ? copy_mount_string+0x40/0x40 [ 583.262504] ? retint_kernel+0x10/0x10 [ 583.266393] ? copy_mount_options+0x1e3/0x380 [ 583.270888] ? copy_mount_options+0x1f0/0x380 [ 583.275392] ? __sanitizer_cov_trace_pc+0x20/0x50 [ 583.280241] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 583.285779] ? copy_mount_options+0x285/0x380 [ 583.290289] ksys_mount+0x12d/0x140 [ 583.293915] __x64_sys_mount+0xbe/0x150 [ 583.297889] do_syscall_64+0x1b9/0x820 03:34:09 executing program 7: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000100)={0xffffffffffffffff}, 0x13f}}, 0x20) r2 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x5, 0x800) ioctl$EVIOCGABS20(r2, 0x80184560, &(0x7f00000000c0)=""/57) bind$alg(r2, &(0x7f0000000040)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-3way\x00'}, 0x58) write$RDMA_USER_CM_CMD_QUERY(r0, &(0x7f0000000240)={0x13, 0x10, 0x10f, {&(0x7f00000002c0), r1}}, 0x18) 03:34:09 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x13000000, @loopback=0x7f000001}, 0x10) 03:34:09 executing program 2: r0 = socket(0x1e, 0x805, 0x0) r1 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda) r2 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000340)=@req3={0xe57, 0x8001, 0x7ff, 0xfff, 0x9, 0x20b, 0x5}, 0x1c) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2, 0x3ff}, 0x94) sendmsg(r0, &(0x7f0000030000)={&(0x7f00004f5000)=@generic={0x10000000001e, "0100000900000000000000000226cc573c080000003724c71e14dd6a739effea1b48006be61ffe0000e103000000f8000004003f010039d8f986ff01000300000004af50d50700000000000000e3ad316a1983000000001d00e0dfcb24281e27800000100076c3979ac40000bd15020078a1dfd300881a8365b1b16d7436"}, 0x80, &(0x7f0000000480), 0x0, &(0x7f00006e9c68)}, 0x0) getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(r2, 0x84, 0x70, &(0x7f0000000140)={0x0, @in6={{0xa, 0x4e21, 0x2, @loopback={0x0, 0x1}, 0x100}}, [0x8001, 0x6, 0x80000000000000, 0x80000001, 0x9, 0x0, 0x7, 0x5, 0x3, 0x3, 0xfffffffffffffffc, 0x6, 0x7, 0x3, 0x2876]}, &(0x7f0000000000)=0x100) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000080)={r3, 0x401}, 0x8) bind(r2, &(0x7f0000000280)=@pppol2tpv3in6={0x18, 0x1, {0x0, r1, 0x1, 0x2, 0x2, 0x1, {0xa, 0x4e21, 0x5519, @mcast2={0xff, 0x2, [], 0x1}, 0x4}}}, 0x80) r4 = syz_open_dev$admmidi(&(0x7f00000000c0)='/dev/admmidi#\x00', 0x100000000, 0x1) ioctl$KVM_S390_VCPU_FAULT(r4, 0x4008ae52, &(0x7f0000000240)=0xd326) 03:34:09 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0x6f01], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:34:09 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)="3970f8", 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:34:10 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0x8b00], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:34:10 executing program 7: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$f2fs(&(0x7f0000000040)='f2fs\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x3, &(0x7f0000000740)=[{&(0x7f0000000240)}, {&(0x7f0000000140)}, {&(0x7f00000003c0)}], 0x0, &(0x7f0000000800)={[{@user_xattr='user_xattr', 0x2c}, {@six_active_logs='active_logs=6', 0x2c}]}) r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/qat_adf_ctl\x00', 0x80000, 0x0) getsockopt$inet_sctp6_SCTP_RESET_STREAMS(0xffffffffffffff9c, 0x84, 0x77, &(0x7f0000000400)={0x0, 0xff, 0x1, [0x3]}, &(0x7f0000000440)=0xa) getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f0000000480)={r1, 0x8, "4f521c5fb8032bdc"}, &(0x7f00000004c0)=0x10) r2 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000140)='/dev/mixer\x00', 0x0, 0x0) ioctl$KDMKTONE(r2, 0x4b30, 0x5) getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r2, 0x84, 0x6, &(0x7f0000000200)={0x0, @in={{0x2, 0x4e22, @loopback=0x7f000001}}}, &(0x7f00000002c0)=0x84) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r2, 0x84, 0x6d, &(0x7f0000000300)={r3, 0x22, "76bae4e5d83b472b787b9884ab35997ecbcca63434506e2cbd7e5e48d6d252663882"}, &(0x7f0000000340)=0x2a) r4 = syz_open_dev$audion(&(0x7f00000000c0)='/dev/audio#\x00', 0xb, 0x0) ioctl$PPPOEIOCSFWD(r4, 0x4008b100, &(0x7f0000000100)={0x18, 0x0, {0x3, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, 'sit0\x00'}}) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380)='/dev/ptmx\x00', 0x283f7182d6715cb8, 0x0) [ 583.301776] ? finish_task_switch+0x1d3/0x870 [ 583.306275] ? syscall_return_slowpath+0x5e0/0x5e0 [ 583.311206] ? syscall_return_slowpath+0x31d/0x5e0 [ 583.316139] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 583.321159] ? prepare_exit_to_usermode+0x291/0x3b0 [ 583.326181] ? perf_trace_sys_enter+0xb10/0xb10 [ 583.330855] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 583.335706] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 583.340889] RIP: 0033:0x455ab9 [ 583.344065] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 583.363364] RSP: 002b:00007ff52b1d3c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 583.371064] RAX: ffffffffffffffda RBX: 00007ff52b1d46d4 RCX: 0000000000455ab9 [ 583.378317] RDX: 0000000020000900 RSI: 0000000020000000 RDI: 0000000000000000 [ 583.385572] RBP: 000000000072bea0 R08: 0000000020000140 R09: 0000000000000000 [ 583.392823] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 03:34:10 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0x5101], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) [ 583.400077] R13: 00000000004c0201 R14: 00000000004cfe50 R15: 0000000000000051 03:34:10 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0x88a8ffff], 0x1}}, 0x1c) [ 583.459527] f2fs_msg: 6 callbacks suppressed [ 583.459542] F2FS-fs (loop7): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 583.471206] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock [ 583.504665] F2FS-fs (loop7): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 583.511872] F2FS-fs (loop7): Can't find valid F2FS filesystem in 2th superblock [ 583.520892] F2FS-fs (loop7): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 583.528010] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock [ 583.550381] F2FS-fs (loop7): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 583.557524] F2FS-fs (loop7): Can't find valid F2FS filesystem in 2th superblock [ 583.581366] F2FS-fs (loop7): Magic Mismatch, valid(0xf2f52010) - read(0x0) [ 583.588609] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock 03:34:10 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0xfd00000000000000, @loopback=0x7f000001}, 0x10) 03:34:10 executing program 2: r0 = socket(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000b80)=@broute={'broute\x00\x00\x00a\x00', 0x20, 0x2, 0x17, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000680], 0x0, &(0x7f0000000480), &(0x7f0000000680)=ANY=[@ANYRESOCT=r0]}, 0x8f) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rtc0\x00', 0x210000, 0x0) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_INFO(r1, 0xc10c5541, &(0x7f0000000080)={0x6, 0x10001, 0x2, 0x0, 0x0, [], [], [], 0x6, 0x6}) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r1, 0x0, 0x74, 0xdb, &(0x7f00000001c0)="526d087bf4df203c7fb779a1d6ba800acc0440a1619fa8834e6a1c6d1d471c8ec6aa994db2a072c27f4a4a936590e08b0532ed194ef4e04c00d5d102fbf2dc9a71806363d1843ad0e3473cfd5fb60da438b8a320e0fd969d13819b514ece7fcb1419cb01d7199b3241abb61faf80257f1dd76215", &(0x7f0000000240)=""/219, 0x2dd}, 0x28) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000400)=@filter={'filter\x00', 0xe, 0x3, 0x4f0, [0x0, 0x20000c00, 0x20000c30, 0x20000ee8], 0x0, &(0x7f00000003c0), &(0x7f0000000c00)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x3, 0x10, 0x0, 'dummy0\x00', 'lo\x00', 'ifb0\x00', 'nr0\x00', @random="0fa8e9b2cc8d", [0xff, 0xff, 0x0, 0x0, 0xff, 0xff], @random="3013db7dd827", [0x0, 0xff, 0x0, 0x0, 0xff], 0x70, 0x70, 0xa0}}, @common=@AUDIT={'AUDIT\x00', 0x8, {{0x1}}}}, {{{0x3, 0x10, 0x88cb, 'bond_slave_1\x00', 'ip_vti0\x00', '\x00', 'veth0\x00', @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0x1a}, [0xff, 0xff, 0x0, 0x0, 0xff, 0xff], @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, [0xff, 0xff, 0xff, 0x0, 0x0, 0xff], 0xb8, 0xb8, 0x1e8, [@ip={'ip\x00', 0x20, {{@dev={0xac, 0x14, 0x14, 0x1e}, @rand_addr=0x3, 0xff, 0xff0000ff, 0x10001, 0x89, 0x1, 0xc, 0x4e23, 0x4e20, 0x4e21, 0x4e20}}}]}}, @common=@SECMARK={'SECMARK\x00', 0x108, {{0x1, 0x1, 'system_u:object_r:lost_found_t:s0\x00'}}}}]}, {0x0, '\x00', 0x2, 0xffffffffffffffff, 0x1, [{{{0x1f, 0x68, 0x6003, 'bridge_slave_1\x00', 'bond0\x00', 'veth0_to_team\x00', 'ipddp0\x00', @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [0x0, 0xff, 0xff, 0xff, 0xff, 0xff], @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, [0x0, 0xff, 0xff, 0xff, 0xff], 0x128, 0x1a8, 0x1d8, [@rateest={'rateest\x00', 0x48, {{'dummy0\x00', 'veth1_to_bond\x00', 0x8, 0x2, 0x7f, 0x8, 0x3, 0x1ff, 0x401, 0x1124000000000}}}, @limit={'limit\x00', 0x20, {{0x8, 0x3, 0x0, 0x6, 0x8, 0x31d}}}]}, [@common=@log={'log\x00', 0x28, {{0x4, "5fd59524abf2d24d4ba2239fe38b0b833100d16d13ee8046b3656c797eff"}}}, @common=@CLASSIFY={'CLASSIFY\x00', 0x8, {{0x40}}}]}, @common=@CLASSIFY={'CLASSIFY\x00', 0x8, {{0x8}}}}]}]}, 0x568) fremovexattr(r0, &(0x7f00000004c0)=ANY=[@ANYBLOB="6f73782e47504c7b6465762fe64b8268b361a6dfc8317d666e75782b73797374656d003f9767c729362ce9f1ac41cdf2f1507626135fd88eb7cab6a8afd1129099ad7ee8b4c2838a8bf065097356f3d81c7c7a3476467e6dc8f02c001a88dcc55057b8d53aad3daaf5af6a84354bf8eb728b7adfc571f9cc420f2161bda589e9306c3d6c5df97836c04c255aba5e65853e5ef571c038c0d4914dc3ac8ed285229ea6d43ff6731f7b2685fbeb3935bf19ecbb6550728c39edbfcc5a49abce546bff0afdbbd7626c6b1534b018a68398e3287bc7afd4657fd669f5b3c09318371602aaaeba9c19"]) 03:34:10 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x80, 0x0) ioctl$KDSIGACCEPT(r1, 0x4b4e, 0x31) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000600)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCGETA(r2, 0x5405, &(0x7f0000000040)) ioctl$TCXONC(r2, 0x5420, 0xa07000) ioctl$TIOCSTI(r2, 0x5412, 0x7) fcntl$getownex(0xffffffffffffff9c, 0x10, &(0x7f0000000080)={0x0, 0x0}) sched_setparam(r3, &(0x7f00000000c0)=0x7) 03:34:10 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0x2], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:34:10 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:34:10 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0x300], 0x1}}, 0x1c) 03:34:10 executing program 0 (fault-call:8 fault-nth:82): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) 03:34:10 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet_udp(0x2, 0x2, 0x0) recvmmsg(r0, &(0x7f0000006300)=[{{&(0x7f0000000140)=@ax25, 0x80, &(0x7f0000000200)=[{&(0x7f00000002c0)=""/213, 0xd5}, {&(0x7f00000001c0)=""/7, 0x7}, {&(0x7f00000003c0)=""/238, 0xee}, {&(0x7f00000004c0)=""/4096, 0x1000}], 0x4, 0x0, 0x0, 0x4}, 0x80000001}, {{&(0x7f00000014c0)=@can, 0x80, &(0x7f0000001a40)=[{&(0x7f0000001540)=""/194, 0xc2}, {&(0x7f0000001640)=""/203, 0xcb}, {&(0x7f0000001740)=""/220, 0xdc}, {&(0x7f0000001840)=""/109, 0x6d}, {&(0x7f00000018c0)=""/253, 0xfd}, {&(0x7f00000019c0)=""/90, 0x5a}], 0x6, &(0x7f0000001ac0)=""/4096, 0x1000, 0x2}, 0x5}, {{&(0x7f0000002ac0)=@rc, 0x80, &(0x7f0000003e40)=[{&(0x7f0000002b40)=""/200, 0xc8}, {&(0x7f0000002c40)=""/228, 0xe4}, {&(0x7f0000002d40)=""/4096, 0x1000}, {&(0x7f0000003d40)=""/93, 0x5d}, {&(0x7f0000003dc0)=""/107, 0x6b}], 0x5, 0x0, 0x0, 0x6fbf}}, {{&(0x7f0000003ec0)=@pppol2tpv3={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @rand_addr}}}, 0x80, &(0x7f0000003f40)=[{&(0x7f0000000240)=""/40, 0x28}], 0x1, &(0x7f0000003f80)=""/91, 0x5b, 0x3f}, 0x8}, {{&(0x7f0000004000)=@ethernet={0x0, @dev}, 0x80, &(0x7f00000042c0)=[{&(0x7f0000004080)=""/191, 0xbf}, {&(0x7f0000004140)=""/126, 0x7e}, {&(0x7f00000041c0)=""/200, 0xc8}], 0x3, &(0x7f0000004300)=""/96, 0x60, 0xe83}, 0x9}, {{&(0x7f0000004380)=@pppol2tpv3in6={0x0, 0x0, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, @loopback}}}, 0x80, &(0x7f0000004840)=[{&(0x7f0000004400)=""/35, 0x23}, {&(0x7f0000004440)=""/97, 0x61}, {&(0x7f00000044c0)=""/30, 0x1e}, {&(0x7f0000004500)=""/29, 0x1d}, {&(0x7f0000004540)=""/2, 0x2}, {&(0x7f0000004580)=""/82, 0x52}, {&(0x7f0000004600)=""/218, 0xda}, {&(0x7f0000004700)=""/229, 0xe5}, {&(0x7f0000004800)}], 0x9, &(0x7f0000004900)=""/107, 0x6b}, 0x9}, {{0x0, 0x0, &(0x7f0000004e80)=[{&(0x7f0000004980)=""/58, 0x3a}, {&(0x7f00000049c0)=""/59, 0x3b}, {&(0x7f0000004a00)=""/223, 0xdf}, {&(0x7f0000004b00)=""/114, 0x72}, {&(0x7f0000004b80)=""/240, 0xf0}, {&(0x7f0000004c80)=""/210, 0xd2}, {&(0x7f0000004d80)=""/50, 0x32}, {&(0x7f0000004dc0)=""/186, 0xba}], 0x8, &(0x7f0000004f00)=""/214, 0xd6}, 0x5846}, {{0x0, 0x0, &(0x7f00000050c0)=[{&(0x7f0000005000)=""/36, 0x24}, {&(0x7f0000005040)=""/45, 0x2d}, {&(0x7f0000005080)=""/14, 0xe}], 0x3, &(0x7f0000005100)=""/58, 0x3a, 0x8}, 0x3ff}, {{&(0x7f0000005140)=@pppol2tpv3in6={0x0, 0x0, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, @remote}}}, 0x80, &(0x7f00000052c0)=[{&(0x7f00000051c0)=""/174, 0xae}, {&(0x7f0000005280)}], 0x2, &(0x7f0000005300)=""/4096, 0x1000, 0xfffffffffffffffc}, 0xfffffffffffff9c4}], 0x9, 0x10000, 0x0) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, &(0x7f0000006540)={0x0, @in={{0x2, 0x4e23, @multicast2=0xe0000002}}, 0x8, 0x8, 0x7, 0xffffffff, 0x8}, &(0x7f0000006600)=0x98) setsockopt$inet_sctp_SCTP_RESET_ASSOC(r2, 0x84, 0x78, &(0x7f0000006640)=r3, 0x4) connect$inet(r1, &(0x7f0000000000)={0x2, 0x1000000000, @multicast2=0xe0000002}, 0x10) r4 = socket(0xa, 0x1, 0x0) setsockopt$inet_MCAST_JOIN_GROUP(r4, 0x0, 0x2a, &(0x7f0000006680)={0x2, {{0x2, 0x0, @multicast2=0xe0000002}}}, 0x88) ioctl$TIOCGPGRP(0xffffffffffffff9c, 0x540f, &(0x7f0000004800)=0x0) ptrace$poke(0x5, r5, &(0x7f0000005280), 0x3) setsockopt$inet_int(r1, 0x0, 0x12, &(0x7f0000000100)=0xffffffffffffffff, 0x4) 03:34:10 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0x3c8], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) [ 583.884164] kernel msg: ebtables bug: please report to author: EBT_ENTRY_OR_ENTRIES shouldn't be set in distinguisher [ 583.896714] FAULT_INJECTION: forcing a failure. [ 583.896714] name failslab, interval 1, probability 0, space 0, times 0 [ 583.903944] kernel msg: ebtables bug: please report to author: EBT_ENTRY_OR_ENTRIES shouldn't be set in distinguisher [ 583.908053] CPU: 1 PID: 10087 Comm: syz-executor0 Not tainted 4.18.0-rc4-next-20180713+ #7 03:34:10 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x2, 0x31, 0xffffffffffffffff, 0x0) r1 = socket$inet(0x2, 0x2, 0x0) setsockopt$inet_opts(r1, 0x0, 0x4, &(0x7f0000000fe3)="441f0801000000009727c1c6fe36cef3e26def23000200000011000013", 0x1d) getsockopt$inet_opts(r1, 0x0, 0x4, &(0x7f0000001000)=""/4096, &(0x7f00000001c0)=0x1000) setsockopt$inet6_dccp_int(r0, 0x21, 0x10, &(0x7f0000000040)=0x8, 0x4) openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x0, 0x0) 03:34:10 executing program 2: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x0, 0x0) r1 = syz_open_dev$vcsn(&(0x7f0000000040)='/dev/vcs#\x00', 0x4, 0x41) r2 = syz_open_dev$sndpcmp(&(0x7f0000000080)='/dev/snd/pcmC#D#p\x00', 0x0, 0x2000) ioctl$KVM_IRQFD(r0, 0x4020ae76, &(0x7f00000000c0)={r1, 0xffff, 0xc0af, r2}) r3 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$IP_VS_SO_SET_FLUSH(r3, 0x0, 0x2, 0x0, 0x0) [ 583.927135] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 583.936483] Call Trace: [ 583.939092] dump_stack+0x1c9/0x2b4 [ 583.942725] ? dump_stack_print_info.cold.2+0x52/0x52 [ 583.947927] ? rcu_note_context_switch+0x730/0x730 [ 583.952865] should_fail.cold.4+0xa/0x11 [ 583.956931] ? kasan_check_write+0x14/0x20 [ 583.961170] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 583.966275] ? kernfs_activate+0x8e/0x2c0 [ 583.970440] ? ___ratelimit.cold.2+0x6b/0x6b [ 583.974862] ? mutex_trylock+0x2b0/0x2b0 [ 583.978928] ? kasan_check_write+0x14/0x20 03:34:10 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9pl', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:34:10 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x1000000, @loopback=0x7f000001}, 0x10) [ 583.983168] ? __radix_tree_replace+0x188/0x2f0 [ 583.987840] ? kernfs_add_one+0x4f/0x4d0 [ 583.991907] ? kernfs_activate+0x21a/0x2c0 [ 583.996150] ? lock_downgrade+0x8f0/0x8f0 [ 584.000306] ? lock_acquire+0x1e4/0x540 [ 584.004284] ? fs_reclaim_acquire+0x20/0x20 [ 584.008608] ? lock_downgrade+0x8f0/0x8f0 [ 584.012757] ? check_same_owner+0x340/0x340 [ 584.017076] ? kasan_check_write+0x14/0x20 [ 584.021311] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 584.026240] ? rcu_note_context_switch+0x730/0x730 03:34:10 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0xa02000000000000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:34:10 executing program 5: capset(&(0x7f0000000000)={0x19980330}, &(0x7f00005ccfe8)={0xfffffffffffffffe}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00008f2000)={0xffffffffffffffff}) socketpair$inet6_dccp(0xa, 0x6, 0x0, &(0x7f0000000040)) ioctl$sock_proto_private(r0, 0x89e0, &(0x7f000012d000)) r1 = syz_open_dev$admmidi(&(0x7f0000000080)='/dev/admmidi#\x00', 0x401, 0x1) utime(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)={0xc476, 0x401}) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) [ 584.031173] __should_failslab+0x124/0x180 [ 584.035413] should_failslab+0x9/0x14 [ 584.039215] kmem_cache_alloc+0x2af/0x760 [ 584.043368] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 584.048302] ? kasan_check_write+0x14/0x20 [ 584.052545] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 584.057560] __kernfs_new_node+0xef/0x5a0 [ 584.061710] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 584.066473] ? mutex_unlock+0xd/0x10 [ 584.070187] ? kernfs_activate+0x21a/0x2c0 [ 584.074425] ? kernfs_walk_and_get_ns+0x340/0x340 [ 584.079276] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 03:34:10 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x1f000000, @loopback=0x7f000001}, 0x10) 03:34:10 executing program 2: r0 = socket$inet6(0xa, 0x1000000000003, 0x100000003) ioctl(r0, 0x6e0, &(0x7f0000000040)="025cc83d6d345f8f762070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) accept$packet(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @local}, &(0x7f00000000c0)=0x14) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000200)={{{@in6=@dev, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast1}, 0x0, @in6=@mcast1}}, &(0x7f0000000100)=0xe8) setsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000300)={{{@in6, @in6=@mcast1={0xff, 0x1, [], 0x1}, 0x4e24, 0xff, 0x4e24, 0x800, 0xa, 0x80, 0x20, 0x0, r2, r3}, {0x0, 0x8, 0x9, 0x5, 0x101, 0x200, 0x6, 0xffff}, {0x5, 0x101, 0xfffffffffffff000, 0x8}, 0x81, 0x6e6bb8, 0x2, 0x1, 0x2, 0x2}, {{@in=@multicast2=0xe0000002, 0x4d2, 0xff}, 0xa, @in6=@dev={0xfe, 0x80, [], 0xf}, 0x3503, 0x3, 0x1, 0x7fff, 0x53c, 0x3, 0xc8c}}, 0xe8) ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) openat$dsp(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dsp\x00', 0x40, 0x0) r4 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x200000, 0x0) ioctl$SG_GET_TIMEOUT(r4, 0x2202, 0x0) ioctl$KIOCSOUND(r0, 0x4b2f, 0x2) mbind(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x0, &(0x7f00000001c0), 0x1f, 0x3) [ 584.084818] ? kernfs_link_sibling+0x1d2/0x3b0 [ 584.089407] kernfs_new_node+0x80/0xf0 [ 584.093307] __kernfs_create_file+0x4d/0x330 [ 584.097730] sysfs_add_file_mode_ns+0x21a/0x560 [ 584.102406] internal_create_group+0x26d/0x9e0 [ 584.106998] sysfs_create_groups+0x9b/0x141 [ 584.111325] device_add+0x67e/0x16f0 [ 584.115041] ? kasan_kmalloc+0xc4/0xe0 [ 584.118935] ? device_private_init+0x240/0x240 [ 584.123528] ? kfree+0x15e/0x260 [ 584.126901] ? kfree_const+0x5e/0x70 03:34:10 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0xa020000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) [ 584.130620] device_create_groups_vargs+0x1ff/0x270 [ 584.136156] device_create_vargs+0x46/0x60 [ 584.140397] bdi_register_va.part.12+0xc3/0x9c0 [ 584.145067] ? lockdep_init_map+0x9/0x10 [ 584.149133] ? cgwb_kill+0x640/0x640 [ 584.152850] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 584.158391] ? bdi_init+0x3d0/0x4d0 [ 584.162019] ? wb_init+0xa00/0xa00 [ 584.165561] ? kasan_unpoison_shadow+0x35/0x50 [ 584.170146] ? kasan_kmalloc+0xc4/0xe0 [ 584.174038] ? kmem_cache_alloc_node_trace+0x302/0x770 [ 584.179321] bdi_register_va+0x68/0x80 03:34:10 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) connect$inet(r0, &(0x7f0000ccb000)={0x2}, 0x10) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x3, &(0x7f00009ff000)=ANY=[@ANYBLOB="18000000030000e200000000000000819500000000000000"], &(0x7f00002bf000)='syzkaller\x00', 0x1, 0xb7, &(0x7f0000000440)=""/183}, 0x48) r2 = socket$kcm(0x29, 0x2, 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f000031aff8)={r0, r1}) syz_open_dev$amidi(&(0x7f0000000000)='/dev/amidi#\x00', 0x2, 0xa00) ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x89e2, &(0x7f0000000280)={0xffffffffffffffff}) ioctl$sock_kcm_SIOCKCMUNATTACH(r3, 0x89e1, &(0x7f0000000140)={r0}) 03:34:10 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0x3f000000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) [ 584.183215] super_setup_bdi_name+0x12d/0x240 [ 584.187722] ? kill_block_super+0x100/0x100 [ 584.192049] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 584.197595] ? ns_capable_common+0x13f/0x170 [ 584.202011] super_setup_bdi+0x7f/0xb0 [ 584.205904] v9fs_mount+0x268/0x900 [ 584.209535] ? v9fs_drop_inode+0x150/0x150 [ 584.213772] legacy_get_tree+0x118/0x440 [ 584.217835] vfs_get_tree+0x1cb/0x5c0 [ 584.221639] do_mount+0x6c1/0x1fb0 [ 584.225184] ? kasan_check_write+0x14/0x20 [ 584.229426] ? copy_mount_string+0x40/0x40 [ 584.233667] ? kasan_kmalloc+0xc4/0xe0 [ 584.237556] ? kmem_cache_alloc_trace+0x318/0x780 [ 584.242392] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 584.247920] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 584.253444] ? copy_mount_options+0x285/0x380 [ 584.257924] ksys_mount+0x12d/0x140 [ 584.261536] __x64_sys_mount+0xbe/0x150 [ 584.265495] do_syscall_64+0x1b9/0x820 [ 584.269365] ? finish_task_switch+0x1d3/0x870 [ 584.273843] ? syscall_return_slowpath+0x5e0/0x5e0 [ 584.278755] ? syscall_return_slowpath+0x31d/0x5e0 [ 584.283666] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 584.288665] ? prepare_exit_to_usermode+0x291/0x3b0 [ 584.293663] ? perf_trace_sys_enter+0xb10/0xb10 [ 584.298319] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 584.303203] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 584.308378] RIP: 0033:0x455ab9 [ 584.311547] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 03:34:11 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0x8], 0x1}}, 0x1c) [ 584.330718] RSP: 002b:00007ff52b1d3c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 584.338410] RAX: ffffffffffffffda RBX: 00007ff52b1d46d4 RCX: 0000000000455ab9 [ 584.345663] RDX: 0000000020000900 RSI: 0000000020000000 RDI: 0000000000000000 [ 584.352917] RBP: 000000000072bea0 R08: 0000000020000140 R09: 0000000000000000 [ 584.360170] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 584.367422] R13: 00000000004c0201 R14: 00000000004cfe50 R15: 0000000000000052 03:34:11 executing program 2: r0 = socket(0xa, 0x80000, 0x8) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f00000000c0)={0x0, @in6={{0xa, 0x4e23, 0x1f, @mcast2={0xff, 0x2, [], 0x1}, 0x1f}}, 0x20, 0x3, 0x9f91, 0x401, 0x12}, &(0x7f0000000040)=0x98) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f0000000180)={0x0, 0x1}, &(0x7f00000001c0)=0x8) getsockopt$inet_sctp_SCTP_STATUS(r0, 0x84, 0xe, &(0x7f0000000200)={r1, 0x8001, 0x3, 0x8, 0x0, 0x1, 0xb0a5, 0x5, {r2, @in={{0x2, 0x4e23}}, 0x4, 0x10000, 0x1, 0x10000, 0xf3fd}}, &(0x7f00000002c0)=0xb0) getsockopt$inet_int(r0, 0x0, 0x12, &(0x7f0000000000), &(0x7f0000000080)=0x4) 03:34:11 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0xab010000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:34:11 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x34000, @loopback=0x7f000001}, 0x10) 03:34:11 executing program 5: io_setup(0x220, &(0x7f0000ff5000)) r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='nodev9(\x00', 0xffffffffffffff9c}, 0x10) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000180)={r0, 0x28, &(0x7f0000000140)}, 0x10) io_setup(0x6, &(0x7f0000cd1ff8)) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='fd/3\x00') setsockopt$packet_tx_ring(r1, 0x107, 0xd, &(0x7f0000000040)=@req3={0x8001, 0xf, 0x80000001, 0x1, 0x5, 0xdcf, 0xffffffff}, 0x1c) io_setup(0x1ff, &(0x7f0000569000)) io_setup(0x3f, &(0x7f0000000080)) io_setup(0x80, &(0x7f000072eff8)) 03:34:11 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0x88a8ffff00000000], 0x1}}, 0x1c) 03:34:11 executing program 7: r0 = socket$nl_xfrm(0xa, 0x3, 0x87) fcntl$notify(r0, 0x402, 0x80000000) 03:34:11 executing program 0 (fault-call:8 fault-nth:83): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) 03:34:11 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:34:11 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") mmap(&(0x7f000055e000/0x2000)=nil, 0x2000, 0x4, 0x44031, r0, 0x8080000000000) mkdir(&(0x7f0000000080)='./file1\x00', 0x0) quotactl(0x2080000201, &(0x7f00000000c0)='./file1\x00', 0x0, &(0x7f0000000040)) [ 584.859509] FAULT_INJECTION: forcing a failure. [ 584.859509] name failslab, interval 1, probability 0, space 0, times 0 [ 584.870919] CPU: 0 PID: 10177 Comm: syz-executor0 Not tainted 4.18.0-rc4-next-20180713+ #7 [ 584.879325] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 584.888674] Call Trace: [ 584.891270] dump_stack+0x1c9/0x2b4 [ 584.894908] ? dump_stack_print_info.cold.2+0x52/0x52 [ 584.900108] ? rcu_note_context_switch+0x730/0x730 [ 584.905048] should_fail.cold.4+0xa/0x11 [ 584.909122] ? kasan_check_write+0x14/0x20 [ 584.913373] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 584.918480] ? kernfs_activate+0x8e/0x2c0 [ 584.922643] ? ___ratelimit.cold.2+0x6b/0x6b [ 584.927063] ? mutex_trylock+0x2b0/0x2b0 [ 584.931136] ? kasan_check_write+0x14/0x20 [ 584.935382] ? __radix_tree_replace+0x188/0x2f0 [ 584.940050] ? kernfs_add_one+0x4f/0x4d0 [ 584.944116] ? kernfs_activate+0x21a/0x2c0 [ 584.948361] ? lock_downgrade+0x8f0/0x8f0 [ 584.952515] ? lock_acquire+0x1e4/0x540 [ 584.956494] ? fs_reclaim_acquire+0x20/0x20 [ 584.960823] ? lock_downgrade+0x8f0/0x8f0 [ 584.964977] ? check_same_owner+0x340/0x340 [ 584.969302] ? kasan_check_write+0x14/0x20 [ 584.973546] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 584.978480] ? rcu_note_context_switch+0x730/0x730 [ 584.983411] __should_failslab+0x124/0x180 [ 584.987676] should_failslab+0x9/0x14 [ 584.991536] kmem_cache_alloc+0x2af/0x760 [ 584.995687] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 585.000621] ? kasan_check_write+0x14/0x20 [ 585.004863] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 585.009889] __kernfs_new_node+0xef/0x5a0 [ 585.014043] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 585.018803] ? mutex_unlock+0xd/0x10 [ 585.022520] ? kernfs_activate+0x21a/0x2c0 [ 585.026760] ? kernfs_walk_and_get_ns+0x340/0x340 [ 585.031608] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 585.037152] ? kernfs_link_sibling+0x1d2/0x3b0 [ 585.041740] kernfs_new_node+0x80/0xf0 [ 585.045636] __kernfs_create_file+0x4d/0x330 [ 585.050107] sysfs_add_file_mode_ns+0x21a/0x560 [ 585.054787] sysfs_add_file+0x4e/0x60 [ 585.058585] sysfs_merge_group+0xfa/0x230 [ 585.062732] dpm_sysfs_add+0x161/0x210 [ 585.066617] device_add+0x857/0x16f0 [ 585.070334] ? device_private_init+0x240/0x240 [ 585.074920] ? kfree+0x15e/0x260 [ 585.078289] ? kfree_const+0x5e/0x70 [ 585.082003] device_create_groups_vargs+0x1ff/0x270 [ 585.087019] device_create_vargs+0x46/0x60 [ 585.091283] bdi_register_va.part.12+0xc3/0x9c0 [ 585.095954] ? lockdep_init_map+0x9/0x10 [ 585.100018] ? cgwb_kill+0x640/0x640 [ 585.103747] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 585.109286] ? bdi_init+0x3d0/0x4d0 [ 585.112913] ? wb_init+0xa00/0xa00 [ 585.116452] ? kasan_unpoison_shadow+0x35/0x50 [ 585.121036] ? kasan_kmalloc+0xc4/0xe0 [ 585.124932] ? kmem_cache_alloc_node_trace+0x302/0x770 [ 585.130213] bdi_register_va+0x68/0x80 [ 585.134107] super_setup_bdi_name+0x12d/0x240 [ 585.138611] ? kill_block_super+0x100/0x100 [ 585.142937] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 585.148478] ? ns_capable_common+0x13f/0x170 [ 585.152892] super_setup_bdi+0x7f/0xb0 [ 585.156782] v9fs_mount+0x268/0x900 03:34:11 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x100000000000000, @loopback=0x7f000001}, 0x10) 03:34:11 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0xc803], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:34:11 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0xfdffffff00000000, @loopback=0x7f000001}, 0x10) 03:34:11 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0x3d6], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:34:11 executing program 2: ioctl$fiemap(0xffffffffffffffff, 0xc020660b, &(0x7f00000000c0)=ANY=[]) r0 = socket$packet(0x11, 0x2, 0x300) sendto$inet6(r0, &(0x7f00000000c0), 0x300, 0x0, &(0x7f0000000080)={0xa, 0x4305, 0xf, @mcast2={0xff, 0x2, [], 0x1}}, 0x1c) 03:34:11 executing program 7: recvmsg(0xffffffffffffffff, &(0x7f0000a9d000)={&(0x7f0000a08000)=@un=@abs, 0x8, &(0x7f0000f54fe0), 0x0, &(0x7f0000f52000)}, 0xfffffffffffffffc) r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x0, 0x0) ioctl$SG_SET_KEEP_ORPHAN(r0, 0x2287, &(0x7f0000000040)=0x1000000000000) 03:34:11 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:34:11 executing program 7: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0) semctl$SEM_STAT(0x0, 0x0, 0xb, &(0x7f0000000280)=""/4096) 03:34:11 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x2000000000000000, @loopback=0x7f000001}, 0x10) 03:34:11 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0xffffffa4], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) [ 585.160415] ? v9fs_drop_inode+0x150/0x150 [ 585.164648] legacy_get_tree+0x118/0x440 [ 585.168709] vfs_get_tree+0x1cb/0x5c0 [ 585.172510] do_mount+0x6c1/0x1fb0 [ 585.176052] ? check_same_owner+0x340/0x340 [ 585.180372] ? lock_release+0xa30/0xa30 [ 585.184351] ? copy_mount_string+0x40/0x40 [ 585.188595] ? retint_kernel+0x10/0x10 [ 585.192497] ? copy_mount_options+0x213/0x380 [ 585.196984] ? copy_mount_options+0x19c/0x380 [ 585.201465] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 585.206981] ? copy_mount_options+0x285/0x380 [ 585.211466] ksys_mount+0x12d/0x140 [ 585.215085] __x64_sys_mount+0xbe/0x150 [ 585.219046] do_syscall_64+0x1b9/0x820 [ 585.222915] ? finish_task_switch+0x1d3/0x870 [ 585.227398] ? syscall_return_slowpath+0x5e0/0x5e0 [ 585.232308] ? syscall_return_slowpath+0x31d/0x5e0 [ 585.237217] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 585.242211] ? prepare_exit_to_usermode+0x291/0x3b0 [ 585.247208] ? perf_trace_sys_enter+0xb10/0xb10 [ 585.251867] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 585.256712] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 585.261881] RIP: 0033:0x455ab9 [ 585.265048] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 585.284180] RSP: 002b:00007ff52b1d3c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 585.291877] RAX: ffffffffffffffda RBX: 00007ff52b1d46d4 RCX: 0000000000455ab9 [ 585.299129] RDX: 0000000020000900 RSI: 0000000020000000 RDI: 0000000000000000 [ 585.306381] RBP: 000000000072bea0 R08: 0000000020000140 R09: 0000000000000000 [ 585.313637] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 585.321024] R13: 00000000004c0201 R14: 00000000004cfe50 R15: 0000000000000053 03:34:12 executing program 5: r0 = add_key$keyring(&(0x7f00000001c0)='keyring\x00', &(0x7f0000000000)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) r1 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000140)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) msgget(0x1, 0x3b0) r2 = add_key$keyring(&(0x7f0000000080)='keyring\x00', &(0x7f0000000040)={0x73, 0x79, 0x7a, 0x3}, 0x0, 0x0, r1) keyctl$setperm(0x5, r2, 0x0) keyctl$unlink(0x9, r2, r1) 03:34:12 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) io_setup(0x4, &(0x7f00000001c0)=0x0) io_getevents(r2, 0x0, 0x0, &(0x7f0000000240), &(0x7f0000000000)) close(r1) socket$inet_smc(0x2b, 0x1, 0x0) io_submit(r2, 0x1400, &(0x7f0000000600)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x800000000001, 0x0, r1, &(0x7f0000000140), 0x700000000000}]) pipe2(&(0x7f0000000040)={0xffffffffffffffff}, 0x80000) ioctl$RTC_AIE_ON(r3, 0x7001) 03:34:12 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x7000000, @loopback=0x7f000001}, 0x10) 03:34:12 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0xfffffff5], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:34:12 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0x2000000], 0x1}}, 0x1c) 03:34:12 executing program 0 (fault-call:8 fault-nth:84): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) 03:34:12 executing program 2: r0 = dup2(0xffffffffffffff9c, 0xffffffffffffffff) r1 = syz_open_dev$sndpcmp(&(0x7f0000000040)='/dev/snd/pcmC#D#p\x00', 0x3, 0x1) fanotify_mark(r0, 0x23, 0x40000011, r1, &(0x7f0000000080)="2e2f66696c65300200") r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") mkdir(&(0x7f0000000000)='./file0\x00', 0x0) perf_event_open(&(0x7f000000a000)={0x1, 0x18a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x9}, 0xa000003ff, 0x0, 0x8000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$nl_route(0x10, 0x3, 0x0) mount(&(0x7f00008deff8)="2e2f66696c653002", &(0x7f0000343ff8)='./file0\x00', &(0x7f000015bffc)='nfs\x00', 0x0, &(0x7f000000a000)) 03:34:12 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0xfdffffff, @loopback=0x7f000001}, 0x10) 03:34:12 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0x200000000000000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) [ 585.417897] FAULT_INJECTION: forcing a failure. [ 585.417897] name failslab, interval 1, probability 0, space 0, times 0 [ 585.429311] CPU: 0 PID: 10231 Comm: syz-executor0 Not tainted 4.18.0-rc4-next-20180713+ #7 [ 585.437715] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 585.447067] Call Trace: [ 585.449665] dump_stack+0x1c9/0x2b4 [ 585.453300] ? dump_stack_print_info.cold.2+0x52/0x52 [ 585.458503] ? kasan_check_write+0x14/0x20 [ 585.462750] should_fail.cold.4+0xa/0x11 03:34:12 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)="397087", 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:34:12 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0x8035], 0x1}}, 0x1c) [ 585.463839] xprt_adjust_timeout: rq_timeout = 0! [ 585.466815] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 585.466831] ? mutex_trylock+0x2b0/0x2b0 [ 585.466854] ? kasan_check_write+0x14/0x20 [ 585.484950] ? __mutex_lock+0x6c4/0x1680 [ 585.489021] ? __radix_tree_replace+0x188/0x2f0 [ 585.493693] ? kernfs_add_one+0x4f/0x4d0 [ 585.497760] ? kernfs_activate+0x21a/0x2c0 [ 585.502008] ? lock_downgrade+0x8f0/0x8f0 [ 585.506180] ? radix_tree_iter_tag_clear+0x97/0xd0 [ 585.511121] ? radix_tree_iter_replace+0x49/0x60 03:34:12 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0x6f01000000000000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:34:12 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x200000000000000, @loopback=0x7f000001}, 0x10) 03:34:12 executing program 5: r0 = socket$inet6(0xa, 0x40000080806, 0x0) bind$inet6(r0, &(0x7f000047b000)={0xa, 0x4e20}, 0x1c) listen(r0, 0x4) r1 = socket$inet6(0xa, 0x6, 0x0) bind$inet6(r1, &(0x7f0000000140)={0xa, 0x0, 0x0, @dev={0xfe, 0x80}, 0x3}, 0x1c) connect$inet6(r1, &(0x7f0000419000)={0xa, 0x4e20, 0x0, @dev={0xfe, 0x80, [], 0xf}}, 0x1b) r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x8001, 0x0) bind$unix(r2, &(0x7f0000000040)=@file={0x1, './file0\x00'}, 0x6e) ioctl$SG_SET_TIMEOUT(r2, 0x2201, &(0x7f00000000c0)=0x10000) [ 585.515888] ? lock_acquire+0x1e4/0x540 [ 585.519869] ? fs_reclaim_acquire+0x20/0x20 [ 585.524193] ? lock_downgrade+0x8f0/0x8f0 [ 585.528344] ? check_same_owner+0x340/0x340 [ 585.532667] ? wait_for_completion+0x8d0/0x8d0 [ 585.537253] ? rcu_note_context_switch+0x730/0x730 [ 585.542181] ? do_raw_spin_unlock+0xa7/0x2f0 [ 585.546596] __should_failslab+0x124/0x180 [ 585.550835] should_failslab+0x9/0x14 [ 585.554639] kmem_cache_alloc+0x2af/0x760 [ 585.558790] ? kasan_check_write+0x14/0x20 [ 585.563024] ? __kernfs_new_node+0x426/0x5a0 03:34:12 executing program 5: fcntl$getownex(0xffffffffffffff9c, 0x10, &(0x7f0000000000)={0x0, 0x0}) r1 = syz_open_procfs(r0, &(0x7f00000001c0)='task\x00') getdents(r1, &(0x7f00000003c0)=""/229, 0xe5) fcntl$notify(r1, 0x402, 0x31) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") exit(0x0) getdents(r1, &(0x7f0000000040)=""/202, 0x45a40b78) [ 585.567435] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 585.572454] __kernfs_new_node+0xef/0x5a0 [ 585.576603] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 585.581362] ? kernfs_walk_and_get_ns+0x340/0x340 [ 585.586217] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 585.592111] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 585.597646] ? kernfs_put+0x49b/0x760 [ 585.601445] ? kernfs_add_one+0x129/0x4d0 [ 585.605595] kernfs_new_node+0x80/0xf0 [ 585.609479] kernfs_create_dir_ns+0x3d/0x140 [ 585.613887] internal_create_group+0x3c9/0x9e0 03:34:12 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0xa02], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:34:12 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0xffffffff00000000, @loopback=0x7f000001}, 0x10) [ 585.618467] ? internal_create_group+0x39a/0x9e0 [ 585.623223] sysfs_create_group+0x1f/0x30 [ 585.627372] dpm_sysfs_add+0x26/0x210 [ 585.631175] device_add+0x857/0x16f0 [ 585.634897] ? device_private_init+0x240/0x240 [ 585.639483] ? kfree+0x15e/0x260 [ 585.642855] ? kfree_const+0x5e/0x70 [ 585.646576] device_create_groups_vargs+0x1ff/0x270 [ 585.651597] device_create_vargs+0x46/0x60 [ 585.655842] bdi_register_va.part.12+0xc3/0x9c0 [ 585.660515] ? lockdep_init_map+0x9/0x10 [ 585.664582] ? cgwb_kill+0x640/0x640 [ 585.668302] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 585.673838] ? bdi_init+0x3d0/0x4d0 [ 585.677460] ? wb_init+0xa00/0xa00 [ 585.681009] ? kasan_unpoison_shadow+0x35/0x50 [ 585.685592] ? kasan_kmalloc+0xc4/0xe0 [ 585.686785] xprt_adjust_timeout: rq_timeout = 0! [ 585.689481] ? kmem_cache_alloc_node_trace+0x302/0x770 [ 585.689501] bdi_register_va+0x68/0x80 [ 585.689517] super_setup_bdi_name+0x12d/0x240 [ 585.689534] ? kill_block_super+0x100/0x100 [ 585.712205] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 585.717756] ? ns_capable_common+0x13f/0x170 [ 585.722181] super_setup_bdi+0x7f/0xb0 [ 585.726122] v9fs_mount+0x268/0x900 [ 585.729754] ? v9fs_drop_inode+0x150/0x150 [ 585.733994] legacy_get_tree+0x118/0x440 [ 585.738059] vfs_get_tree+0x1cb/0x5c0 [ 585.741869] do_mount+0x6c1/0x1fb0 [ 585.745411] ? kasan_check_write+0x14/0x20 [ 585.749640] ? copy_mount_string+0x40/0x40 [ 585.753855] ? retint_kernel+0x10/0x10 [ 585.757733] ? copy_mount_options+0x213/0x380 [ 585.762209] ? __sanitizer_cov_trace_pc+0x14/0x50 [ 585.767039] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 585.772559] ? copy_mount_options+0x285/0x380 [ 585.777042] ksys_mount+0x12d/0x140 [ 585.780652] __x64_sys_mount+0xbe/0x150 [ 585.784605] do_syscall_64+0x1b9/0x820 [ 585.788474] ? finish_task_switch+0x1d3/0x870 [ 585.792950] ? syscall_return_slowpath+0x5e0/0x5e0 [ 585.797867] ? syscall_return_slowpath+0x31d/0x5e0 [ 585.802775] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 585.807770] ? prepare_exit_to_usermode+0x291/0x3b0 [ 585.812767] ? perf_trace_sys_enter+0xb10/0xb10 [ 585.817415] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 585.822244] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 585.827412] RIP: 0033:0x455ab9 [ 585.830575] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 585.849710] RSP: 002b:00007ff52b1d3c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 585.857399] RAX: ffffffffffffffda RBX: 00007ff52b1d46d4 RCX: 0000000000455ab9 [ 585.864647] RDX: 0000000020000900 RSI: 0000000020000000 RDI: 0000000000000000 [ 585.871895] RBP: 000000000072bea0 R08: 0000000020000140 R09: 0000000000000000 [ 585.879150] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 585.886398] R13: 00000000004c0201 R14: 00000000004cfe50 R15: 0000000000000054 03:34:12 executing program 7: ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$sock_inet_SIOCGIFNETMASK(r0, 0x891b, &(0x7f0000000100)={'team_slave_0\x00', {0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}}) r1 = socket(0x15, 0x80005, 0x0) pipe(&(0x7f0000000000)={0xffffffffffffffff}) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r2, 0x402c5342, &(0x7f0000000040)={0x8, 0x101, 0x1ff, {0x0, 0x989680}, 0x8, 0xc7c}) getsockopt(r1, 0x114, 0x0, &(0x7f0000af0fe7), &(0x7f0000000180)=0xfffffffffffffd7c) 03:34:12 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0x0, 0x16f], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:34:12 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000004}, 0x10) 03:34:12 executing program 2: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ppp\x00', 0x94000, 0x0) sendto(r0, &(0x7f0000000100)="febcd34b0e2888283ddf1a32831dd718d8f9ab5869fd02f9d4eb03321bcc0e60710edca6909746c41703bce04a41e4d5029df2ef3fcf35c12d72d6d02e766572e40dff", 0x43, 0x404c880, &(0x7f0000000200)=@in6={0xa, 0x4e22, 0xfffffffffffeffff, @local={0xfe, 0x80, [], 0xaa}, 0x8}, 0x80) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f00000000c0)=0x4, 0x4) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000001300)={0x0, 0xac, "4b2287d7f98b39c5143eb7f690e97efe821f33f6cea5009339a2cfda5e73741a1e167c9cc93ee0b5b2b4e2c114e3c2f9df6629603e6b6966c66b54b602a798ab0faef6daa2ca434543293945f1871bb8000fde5e273c4760b82d56170ff0a42fae60aa22e6d449f59478999b8ffc353bc820c10654f91623750b5f766a313185905a01faafd5a22108069818feff1688708d63c04fda77ef4a24b796ccc13f72dfc97d42da7d145fc653a1f7"}, &(0x7f00000013c0)=0xb4) setsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000001400)={r2, 0x400, 0x9}, 0x10) mount(&(0x7f0000000080)='./file0\x00', &(0x7f0000000280)='./file0\x00', &(0x7f00000002c0)='tmpfs\x00', 0x8000, &(0x7f0000000300)="3e408c586b00b3377c7491a79496c86b7d70d0395ad12f10f6f27d8661db8b7784d49e966af5ec1d9114093c68bcf5498de7a74469b7bb9d02bde55f3547defd8b78ecea1dd2f8d5f4b478cf28d54723a94aa8201838924b78bb3bc2f45236d2c63d0526bab9c96de020585f665ad460f9e6aa5991d2de87178061d177819714c45969bee1b81b1fc52e8dd097ad31e9799b88db711a6a424252c0719af9c29322eddf3f5571424b97e85e33b14cd206b065926e785623af4711851f770a9043594c5bb06bccdddccf1e29fd2d7c1b48d8c6467b4f895caeace3acbad26dc4d8449513d407e5aecffda3fcc5b5408604a662cd8c507cc3c69d5e73309c59cc42deef915360017cc7d033b8d4f20f4388cc7e9ecdcafb44d2e379c89c2984b0dec80ebd81de29b6e1dfddacc46da1f550f1027a96487e2ae6e3d44718a694a24f09590ae8b3e3183c57694fded34383203ee315e03d7de2661ec7e8c6075a6111177dcd08bed76f517c031733470c451fddfc055352fdc677c1fc06fd4f5c1ba4c38aac64fff1833d251a4df00717dceed30aeb91c8444392fd1eb9ee84dd83a3e0b692a46926aac2458143f7812f7958771c7a74e4dadcedb63617a0a3fe9747aad7b266671dbbba078d736e6c0bab9e7d96d07915499ff4bd008092402c38ef94e6efcea48d6876e02f0084d2aa666f30ae9316cddcd1b10118700b25264f63ab36fa135068807fa6e8a058059ef7be321ebfc6148e735397ffaa1d47d61d438cde2c56f89b62f34080619c40673c60c785ef3ada793a806173ea8e05661e7ad4b7faa83c08f0d3ec299f2fb4b825748ef4b86d4b12ee81330be943cc1feec161cb3c81e0f0b55edab06f7d5dd0c5de81e7b728daeee86644f98a790fd284caf37b936f493e1b578bca386fba45a6a88c6bcf161bba8e86fb0b798338e5156867bff40863c11a374675ede2c4cb012cee89d7abddfb71227e80433849b70140957c43342eae48bd0d0f967efa785e912e5530443945a4d23b685febef041f6ff8e754b231316965224ad0183f7216b28a1dc260e90ecfabc8a0a19b7d953d895d0feee8871027689a604b2157f82dffc93ea4726a7418c7912c07186296e2500b8ece2a93f16b4371c1fdd79a621ff509d2597be055490fd6ed3a3309054081f6db59f61f884837245e389fcf8b6bc4dda1434b25ffce8e325f593c8980fb03632047196ec7dabeb5ebe0db5310a7bb40ff98077c24c398d8a24c98020dae8eed3f69955190d0c744f0bef71a042376cc6d12dbed7324ff2cd3e3df045c94b001965483fa33f7e6f04be94dc6bb06534b7ca03286462739ff2f3cf53d25dc18aabb9196834d4cee2696b38b458fd7df3c9ad09532f42509b9140de5db161c221bdbb93035bd82caec88586602ccf2f27ae3781df675c36684dc3955f5c315f7691dc12c8693d1142c0c9822caf6edb4a5d784d3c364fddd9fb100ef20ee40d8d77ba40b90252f1f54059a74230e345fe6dc08e47433e62844f2543d03d252b4dcf8a1fe0848cb2a3ed7710cdd7075713089f127d2f13a4a4f95695ec61eef16fad7b594b3a57f7576d3b85fda803f2d2222e65ca8e21b72be5f0827b27053339a6d5691a2df180318393f8d003e6e7613dc79430f8b11313a2e7fc35e387ef82dc7164ee3de471028cb02979729d123a4ba039f96e8b52af1d98eb66cb57d681f88fe80223ba501e96eac99c503045e0061e46c846bb390e7b110c25ec959cb5acf0a1ad34d4cb0d3f283c72a82bfa88eeaf1d5ebc4437ed6660b904c183459b16eecdcde10ad0adc72bffd21f6f0048040c89f27f8b550957045e2dacc378331e90cb2810b210bed3530fb677f7f6e2d07c0de5135f86a88b3f08978437d2d473b8e3a16de990973140a93b01985dcd19f598a0cd8f394cbe072efa21bf9d2801e727938fa5ad4ab9bb7c156f31eb8559f4a2009cc6c10a17eeb1af5bdd14abcf04d7a4e13268c33bb36a289d2665d06f4e936e6eceeeef0526c489241bf64526dd399cc58c3368f73cd4f4fcafc5b9a71123b4eb26c7a7082078c18922d3543ecd4726770a76b15d1b5e1c61371be67b78f7ba5e6d47da43607aea77491f19e69f735fc5432f781a6a82bc7813f26386dabf78df84d7983b6d18724bf32c13fe26eec09e2aa34c9c0b3d24c526b7fd651a072220549ac3a1967fc23fe0f9abf12d74bec74e6dce748fb8a72b1ab731d027f3ea7a714db1ffa1b0c1184a19b4ae738f59bd4ffe4f3e11af2556b35f811bf5884afda441de5ac6a0056c511eefa93cbe01ddeec20a164023ce68fd09eaa05f135de36d7f986ab8ad7b096ccf534faaadb4638ebc1163cf20f282a1db827c5d5c2ad343b6a7e87f93a75dc864356a7f2f17eb1172dc5625f4ab807b2efee4494a58a06a312ccf9d1946d3ee0f7335006c6e1cd27e34d28e2e20d57c04f572a487c5582e265ca1ef867521a470c2bbe48325abee9ecb7e3c308ed15eaa4cd18ad07c10e866d2501690763457a6ded4fbb8fd5d5097645864e68b1f5e2d77b428204d4bf0d9c0d57761f88c9ba8a07d4d2c3aec706331be6b32d00275d0ffca37e5cb79f05ce8df70b5953cb7c0643281c528cf457e8cea3c1458ed12d30863cbd23badf52d64aff72660a89c4e766fe9b37955ce4218fa5aa8bf647ca912fc332f2d8d32f8190e647dd081d120188b6b873410041c52fb6a7f2562f05fafdf4d8fb103ea3747506c56b52a65864f4b5ffeba0463daf7f881ba954fbb858e2af31feca7246e30d37510166b1d9320e61bdcca0e4da4ead84ba28888cf736967e700f924ddec9613943d8a0dea17d40a5a4978f7c0e162101c1823ab9784d0014f42e1f48acda3f242c5649ad7a3d11a0b17960844516e1f350b9d160a114de008b0a41424f7af84d1366fbde2a26c350b4e9747b2a226ec2393d33fa872242975078a98245ab6922955aa19118fb78f4d97bb1ea9686743623d3db92f2b573ee1faa4bd96edb9f9f2be504c1926c12f428c60665131b96fdd2beb976099b390770be3cdf081f3af6a2ce8a06e189a4070f1e67bfaf16ca8c70b98eb490300407f55f1a56db61bf4ac3b876f8cb50e135ea74cf102297558ff91bd6889e69244d3aaec5e563235cea88726f65eab3ebad904eddb692e747107437913650833800979c0278de60f9385b6abf54822b304159b6487e0ff40554486b03bd97c942156751cccbe68d9e1a3b365ec1fccef4f20673e03675723d9f6ee55dfc9d6981a6463c7f0397120fb287bef7b258d464e5c76cd868269da2db2f20bdbb2e82500ccd0a6c56e1f441672a8c587b06b3e08bcaaa37936ffd8e2d2b83708c36e61325fb9b8a3757bc87de3e86185500e0042f7df57f554fb362ed08dcdbe7990dae95f8fc86130221720c1d5b88740111700ccb1f8643122406ed24a2f5e715de2d2363c6be6c8d3d0ed6e6c3850abad358205a8154723ea904818f518aa328518c9f59a45322e66d96c7f504a59a700567bf84cf0baa06f2c907767fb939f719761ea068210c3723cd8eed7d55a438d93af073d89c443d0d17a02ab29ac44e7f20083d69f4ebf284fbcbbf9b115b218b7e41000898097b6616b9c490321719de7e26f1d0e5261983aa8ea0d597372fabca3f73e6205a514596c9db0f4befe8ee52d4f459bab63187d7e5b3d0ff5f386e28f4a45d867a6c02f602ea6446d0c807c7d5bae9f3e36daf21bb837530ebc94887c49e5c20d04d38afd8970fe7b969dfe09039bf38cfcf4800755403bb050d5d5e637e6c78b03670e4ac4a5056109744a9c08574a2ccee7b479b48c5340ee28ed2079e14b055f2027431a9c15677c02dc278caa65bc24ddd492f6694131c103b45b5665f0a673d7c6b6985af7baf36a90cd87ec1ae13c941e96bd500859bc39b20853d0727d12302b03d487b31e6d43ce02f508e2e78a5fc57da59a1ab651530b50a7d0c7917824813f4e69523afc545d8b8f0c6edfb2dd7509e2b34f61ccb058c0e74ce86780e61931fc6320be7bb67ac61db765effbb4b7ef2349a63cd1b1930ac8b3dd8c9ab37dc1f51b68d96287b84904670296d080a1d32394925429ebdf9ce489a206956aa4e90a0e171cd544aeecd011e5fb8e35deb36968fc2408ecec4a7fc11285e6d7223309511bfea885d692b6debc359a577d70e39a2cb5cc377cf736abc0712c97da8721fb9516af4f6b4cea2294b08117ae0b2b8c2175757c45d3f6e4afbab75b0cb520c427cac2abed03eb1ec720c89b08988c40e237dc1a6b6d7f80404c138cf2f0d0ecbe79b79f1be834cfb73b50e31d89601cd86ebba2d5d3ab1a4006c22a97de72ce345d4b7a1cf0eafd02e5f85190f09f88c3093b42d055c88fb70f4eef6dec71ee56eed3541232c7796dabe9cdbf0809c1bd644c1f5571f3977ba9b0cd2eca8a5ce5fb24d3b216d158029cb4ea7029bba6211af22a7bc8498de7aa4d41ec4e1c26b603e211ce3ea9e2dc13aec0039ef653718a0781e8961b42178b0fd7926c646e17eaa2fe0a2b901b7c859e64458d6009471f858b0520e88f4662f5b9b79c2727f7294648a4c895c5ea075c1ea382ce84fa41ab27bbb532ac3fa9941c05377c2a07b8036385596ffa71acaf376251f55c8478a0988224fab2a9da87c6d5cd3d91a1ebac16a663c4c9ad0f33c7f6b78d342d9ca294bf95d98fd5066b783638258584446197ca627e00c664e4a6bd9e47c3f005510fd56366dba386cdcf08295b9743c663dc105831e370f3936d861b4c7a480328956c760349f67fec14c1938fbcd02ab81a125a7ae68ef5f9864ad464a503474e302469e7a8f98ac13619be931de12d7f5fa60ac4a85daa77b24bdf016b8872c44ae2b58b925a6cf9b7f1f0021711fd407248064d8122133fc7b6c5b60aaaf99c45f8c2ef6da817391c264a98d8d2b9a73dc40987eb1616e3a78cdb20b98c211525d5895247dc7f720107ad80d591cf865a149bc718a7bddf62cf7ea0684e0094efbe052a72705873c17a6bb3115b2d0e873b4903a6e83421f547c9675a477e13290ddd0f953ac9971e5f18a3124accec1dd1a9b87e30562e198351b446faf9c0b76bc1572dcb7dcfe15bde526f9ec2a14e03b0822dfc6c21c657847a3dcf1fd0cf399fe8723f8470966e66f7faf3ff92348da145ca754762f9ae31a0582b9bcd9dedcd64caed41109154cd92a8f25eb15b311f66fa9ef1dc5226b94756271c704fa57e8a8bb7ac99e59ebdcd584a6bd6d67dba2ee94e442ab8bffbc1cf8b5e0ca5f44badc92ae2d06e8241129c05cfcd5e6cca2af20a5cf1b935e1f0b9e3d4d413061d876f855358cfe5a901e6cd7e42e3648f7c2e6b7b3f859ffe01026fa9517ee03fddeea3a79561df33dcc852f0feaf1b4e2096f81eccb94eea650a20e0b803a813c84a09ddfde9816ef15e839db6c7f1a3a2e99c96e84a912d9d9d53f5f4a7c30455f817d4723340ff8bbbfefe5d4600dbbbc8ca6ab52243513ae6e83f6b23630e633bf88432f79385162c197b2677330e598581635c675deb9b2597a69451ca57211ad0e0cf9921c3b724ac8d2387f06bde3b2fd1f7de2fac8192ae435e86ce97fb0a815cb0d48b72408b2c8ae880a7e7520b7f5b0a1000db38056b62f1435c80f415592a58fc4c3fb891ea33682ef07f322ccf24692b42e6f625e343fff1c84463247ccb831b67c90fd1e763248a1ddac5e51a0d15a4aef7149a5981b92598e011c69b55233175921512ffa02ba9853db10ff1d37f4c27854e87b1ff36e77") bind$inet6(r1, &(0x7f00001fefe4)={0xa, 0x4004e22, 0x0, @ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0x14, 0xaa}}}, 0x1c) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) setsockopt$sock_int(r3, 0x1, 0xf, &(0x7f0000000000)=0x5, 0x4) bind$inet6(r3, &(0x7f00001fefe4)={0xa, 0x4e22, 0x0, @ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0x14, 0xaa}}}, 0x1c) listen(r3, 0x0) listen(r1, 0x0) 03:34:12 executing program 0 (fault-call:8 fault-nth:85): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) 03:34:12 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0x8847], 0x1}}, 0x1c) 03:34:12 executing program 2: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x32, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$binder(&(0x7f0000000080)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) r1 = syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0x0, 0x0) r2 = dup2(r1, r0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000007000)={0x14, 0x0, &(0x7f0000005fd4)=[@acquire_done={0x40486311}], 0x0, 0x0, &(0x7f00004ee64e)}) inotify_add_watch(r2, &(0x7f0000000000)='./file0\x00', 0x1000000) r3 = socket$inet6(0xa, 0x4, 0x0) ioctl(r3, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") getsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f00000001c0)={{{@in6=@loopback, @in=@local}}, {{}, 0x0, @in=@loopback}}, &(0x7f0000000140)=0xe8) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140), 0x1, 0xfdfd, &(0x7f00000000c0)="ac"}) 03:34:12 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f00ffe0}, 0x10) [ 585.978594] FAULT_INJECTION: forcing a failure. [ 585.978594] name failslab, interval 1, probability 0, space 0, times 0 [ 585.989933] CPU: 0 PID: 10300 Comm: syz-executor0 Not tainted 4.18.0-rc4-next-20180713+ #7 [ 585.998340] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 586.007694] Call Trace: [ 586.010287] dump_stack+0x1c9/0x2b4 [ 586.013918] ? dump_stack_print_info.cold.2+0x52/0x52 [ 586.019112] ? rcu_note_context_switch+0x730/0x730 [ 586.024048] should_fail.cold.4+0xa/0x11 [ 586.028121] ? kasan_check_write+0x14/0x20 [ 586.032362] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 586.037469] ? kernfs_activate+0x8e/0x2c0 [ 586.041631] ? ___ratelimit.cold.2+0x6b/0x6b [ 586.046043] ? mutex_trylock+0x2b0/0x2b0 [ 586.050115] ? kasan_check_write+0x14/0x20 [ 586.054355] ? __radix_tree_replace+0x188/0x2f0 [ 586.059026] ? kernfs_add_one+0x4f/0x4d0 [ 586.063095] ? kernfs_activate+0x21a/0x2c0 [ 586.067336] ? lock_downgrade+0x8f0/0x8f0 [ 586.071491] ? lock_acquire+0x1e4/0x540 [ 586.075468] ? fs_reclaim_acquire+0x20/0x20 [ 586.079784] ? lock_downgrade+0x8f0/0x8f0 [ 586.083929] ? check_same_owner+0x340/0x340 [ 586.088257] ? kasan_check_write+0x14/0x20 [ 586.092498] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 586.097433] ? rcu_note_context_switch+0x730/0x730 [ 586.102367] __should_failslab+0x124/0x180 [ 586.106607] should_failslab+0x9/0x14 [ 586.110413] kmem_cache_alloc+0x2af/0x760 [ 586.114564] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 586.119502] ? kasan_check_write+0x14/0x20 [ 586.123746] ? __sanitizer_cov_trace_cmp8+0x18/0x20 03:34:12 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:34:12 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0x0, 0x2000000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:34:12 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0x11], 0x1}}, 0x1c) 03:34:12 executing program 7: r0 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x20, 0x1) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl$KDSIGACCEPT(r0, 0x4b4e, 0x41) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") ppoll(&(0x7f0000000180)=[{r0}, {r1}, {r1}], 0x3, &(0x7f0000000040), &(0x7f0000000080), 0x8) 03:34:12 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000003}, 0x10) [ 586.128766] __kernfs_new_node+0xef/0x5a0 [ 586.132926] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 586.137681] ? mutex_unlock+0xd/0x10 [ 586.141398] ? kernfs_activate+0x21a/0x2c0 [ 586.145634] ? kernfs_walk_and_get_ns+0x340/0x340 [ 586.150480] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 586.156019] ? kernfs_link_sibling+0x1d2/0x3b0 [ 586.160624] kernfs_new_node+0x80/0xf0 [ 586.164517] __kernfs_create_file+0x4d/0x330 [ 586.168927] sysfs_add_file_mode_ns+0x21a/0x560 [ 586.173599] sysfs_add_file+0x4e/0x60 [ 586.177400] sysfs_merge_group+0xfa/0x230 [ 586.181551] dpm_sysfs_add+0x161/0x210 [ 586.185440] device_add+0x857/0x16f0 [ 586.189161] ? device_private_init+0x240/0x240 [ 586.193744] ? kfree+0x15e/0x260 [ 586.197111] ? kfree_const+0x5e/0x70 [ 586.200827] device_create_groups_vargs+0x1ff/0x270 [ 586.205863] device_create_vargs+0x46/0x60 [ 586.210107] bdi_register_va.part.12+0xc3/0x9c0 [ 586.214778] ? lockdep_init_map+0x9/0x10 [ 586.218841] ? cgwb_kill+0x640/0x640 [ 586.220093] FS-Cache: Duplicate cookie detected [ 586.222558] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 586.222572] ? bdi_init+0x3d0/0x4d0 [ 586.222585] ? wb_init+0xa00/0xa00 [ 586.222599] ? kasan_unpoison_shadow+0x35/0x50 [ 586.222616] ? kasan_kmalloc+0xc4/0xe0 [ 586.227281] FS-Cache: O-cookie c=00000000b7dd4241 [p=000000002d9990e0 fl=222 nc=0 na=1] [ 586.232788] ? kmem_cache_alloc_node_trace+0x302/0x770 [ 586.232807] bdi_register_va+0x68/0x80 [ 586.236416] FS-Cache: O-cookie d=000000000b958622 n=00000000ef654306 [ 586.239930] super_setup_bdi_name+0x12d/0x240 [ 586.239947] ? kill_block_super+0x100/0x100 [ 586.244515] FS-Cache: O-key=[10] ' [ 586.248369] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 586.248389] ? ns_capable_common+0x13f/0x170 [ 586.256506] 34 [ 586.261757] super_setup_bdi+0x7f/0xb0 [ 586.261775] v9fs_mount+0x268/0x900 [ 586.265633] 32 [ 586.272623] ? v9fs_drop_inode+0x150/0x150 [ 586.272640] legacy_get_tree+0x118/0x440 [ 586.277138] 39 [ 586.281438] vfs_get_tree+0x1cb/0x5c0 [ 586.281455] do_mount+0x6c1/0x1fb0 [ 586.284967] 35 [ 586.290477] ? check_same_owner+0x340/0x340 [ 586.290494] ? lock_release+0xa30/0xa30 [ 586.294872] 32 [ 586.296654] ? copy_mount_string+0x40/0x40 [ 586.296673] ? retint_kernel+0x10/0x10 [ 586.300590] 35 [ 586.304194] ? copy_mount_options+0x1d9/0x380 [ 586.304213] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 586.305988] 33 [ 586.310199] ? copy_mount_options+0x285/0x380 [ 586.310216] ksys_mount+0x12d/0x140 [ 586.314249] 32 [ 586.316028] __x64_sys_mount+0xbe/0x150 [ 586.316050] do_syscall_64+0x1b9/0x820 [ 586.319821] 38 [ 586.323340] ? finish_task_switch+0x1d3/0x870 [ 586.323357] ? syscall_return_slowpath+0x5e0/0x5e0 [ 586.325130] 36 [ 586.329426] ? syscall_return_slowpath+0x31d/0x5e0 [ 586.329443] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 586.333386] ' [ 586.335165] ? prepare_exit_to_usermode+0x291/0x3b0 [ 586.335182] ? perf_trace_sys_enter+0xb10/0xb10 [ 586.339397] FS-Cache: N-cookie c=000000001c3f18e5 [p=000000002d9990e0 fl=2 nc=0 na=1] [ 586.343248] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 586.343267] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 586.345043] FS-Cache: N-cookie d=000000000b958622 n=00000000a896128a [ 586.349506] RIP: 0033:0x455ab9 [ 586.349514] Code: [ 586.355032] FS-Cache: N-key=[10] ' [ 586.356804] 1d ba fb [ 586.361289] 34 [ 586.364879] ff c3 66 2e [ 586.366676] 32 [ 586.370613] 0f 1f 84 00 00 [ 586.374533] 39 [ 586.376298] 00 00 00 66 90 [ 586.380789] 35 [ 586.385683] 48 89 f8 48 89 [ 586.387483] 32 [ 586.392375] f7 48 89 d6 [ 586.397384] 35 [ 586.399065] 48 89 ca 4d 89 [ 586.404084] 33 [ 586.408717] c2 4d 89 c8 4c [ 586.416711] 32 [ 586.421516] 8b 4c 24 08 0f 05 [ 586.426705] 38 [ 586.433160] <48> 3d 01 f0 ff [ 586.436350] 36 [ 586.438469] ff 0f 83 eb [ 586.442004] ' [ 586.444390] b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 586.497779] RSP: 002b:00007ff52b1d3c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 586.505479] RAX: ffffffffffffffda RBX: 00007ff52b1d46d4 RCX: 0000000000455ab9 [ 586.512744] RDX: 0000000020000900 RSI: 0000000020000000 RDI: 0000000000000000 [ 586.519998] RBP: 000000000072bea0 R08: 0000000020000140 R09: 0000000000000000 [ 586.527260] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 586.534508] R13: 00000000004c0201 R14: 00000000004cfe50 R15: 0000000000000055 03:34:13 executing program 5: r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/mixer\x00', 0x200002, 0x0) ioctl$SCSI_IOCTL_STOP_UNIT(r0, 0x6) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = timerfd_create(0x0, 0x0) unshare(0x400) timerfd_settime(r1, 0x0, &(0x7f00000a5ff0), &(0x7f000010bff0)) 03:34:13 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x890e, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000100)='./file0\x00', 0xe004, 0x1, &(0x7f0000000380)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020401000200027000f801", 0x17}], 0x0, &(0x7f0000000340)=ANY=[]) r1 = open(&(0x7f0000032ff8)='./file0\x00', 0x0, 0x0) mkdirat(r1, &(0x7f0000056ff8)='./file0\x00', 0x0) mkdirat(r1, &(0x7f0000000040)='./file0/file0\x00', 0x0) bind(r0, &(0x7f0000000080)=@pppol2tpin6={0x18, 0x1, {0x0, r1, 0x1, 0x2, 0x2, 0x4, {0xa, 0x4e24, 0x9c, @mcast2={0xff, 0x2, [], 0x1}, 0x7a3}}}, 0x80) mount(&(0x7f00000001c0)='./file0/file0\x00', &(0x7f0000000200)='./file0\x00', &(0x7f0000000240)='hpfs\x00', 0x23, &(0x7f0000000140)) r2 = openat(r1, &(0x7f0000000180)='./file0/file0\x00', 0x440043, 0x0) getdents64(r2, &(0x7f0000000140)=""/50, 0x32) 03:34:13 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000008}, 0x10) 03:34:13 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)="3970fe", 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:34:13 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0x0, 0x5101], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:34:13 executing program 0 (fault-call:8 fault-nth:86): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) 03:34:13 executing program 7: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x0) r1 = socket$nl_crypto(0x10, 0x3, 0x15) getsockopt$bt_rfcomm_RFCOMM_LM(0xffffffffffffffff, 0x12, 0x3, &(0x7f0000000400), &(0x7f0000000440)=0x4) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000008e80)={'team0\x00', 0x0}) ioctl$TUNSETIFINDEX(r0, 0x400454da, &(0x7f00000000c0)=r2) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'\x00', 0xc201}) eventfd2(0x8, 0x80800) 03:34:13 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0x4888], 0x1}}, 0x1c) [ 586.663559] FAULT_INJECTION: forcing a failure. [ 586.663559] name failslab, interval 1, probability 0, space 0, times 0 [ 586.674863] CPU: 1 PID: 10358 Comm: syz-executor0 Not tainted 4.18.0-rc4-next-20180713+ #7 [ 586.683265] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 586.692671] Call Trace: [ 586.695251] dump_stack+0x1c9/0x2b4 [ 586.698872] ? dump_stack_print_info.cold.2+0x52/0x52 [ 586.704054] ? is_bpf_text_address+0xd7/0x170 [ 586.708543] should_fail.cold.4+0xa/0x11 [ 586.712593] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 586.717694] ? save_stack+0xa9/0xd0 [ 586.721309] ? save_stack+0x43/0xd0 [ 586.724923] ? kasan_kmalloc+0xc4/0xe0 [ 586.728798] ? kmem_cache_alloc_trace+0x152/0x780 [ 586.733626] ? kobject_uevent_env+0x20f/0x1110 [ 586.738199] ? kobject_uevent+0x1f/0x30 [ 586.742159] ? device_add+0x95d/0x16f0 [ 586.746035] ? device_create_groups_vargs+0x1ff/0x270 [ 586.751211] ? device_create_vargs+0x46/0x60 [ 586.755604] ? bdi_register_va.part.12+0xc3/0x9c0 [ 586.760431] ? bdi_register_va+0x68/0x80 [ 586.764477] ? super_setup_bdi_name+0x12d/0x240 [ 586.769132] ? super_setup_bdi+0x7f/0xb0 [ 586.773179] ? v9fs_mount+0x268/0x900 [ 586.776967] ? legacy_get_tree+0x118/0x440 [ 586.781185] ? vfs_get_tree+0x1cb/0x5c0 [ 586.785202] ? do_mount+0x6c1/0x1fb0 [ 586.788905] ? ksys_mount+0x12d/0x140 [ 586.792693] ? do_syscall_64+0x1b9/0x820 [ 586.796761] ? lock_acquire+0x1e4/0x540 [ 586.800722] ? fs_reclaim_acquire+0x20/0x20 [ 586.805032] ? lock_downgrade+0x8f0/0x8f0 [ 586.809174] ? check_same_owner+0x340/0x340 [ 586.813499] ? lock_release+0xa30/0xa30 [ 586.817462] ? rcu_note_context_switch+0x730/0x730 [ 586.822384] __should_failslab+0x124/0x180 [ 586.826619] should_failslab+0x9/0x14 [ 586.830407] __kmalloc+0x2c8/0x760 [ 586.833941] ? kobject_get_path+0xc2/0x1a0 [ 586.838169] ? do_raw_spin_lock+0xc1/0x200 [ 586.842395] kobject_get_path+0xc2/0x1a0 [ 586.846446] kobject_uevent_env+0x234/0x1110 [ 586.850839] ? device_pm_add+0x229/0x360 [ 586.854895] kobject_uevent+0x1f/0x30 [ 586.858691] device_add+0x95d/0x16f0 [ 586.862395] ? device_private_init+0x240/0x240 [ 586.866963] ? kfree+0x15e/0x260 [ 586.870317] ? kfree_const+0x5e/0x70 [ 586.874031] device_create_groups_vargs+0x1ff/0x270 [ 586.879051] device_create_vargs+0x46/0x60 [ 586.883273] bdi_register_va.part.12+0xc3/0x9c0 [ 586.887927] ? lockdep_init_map+0x9/0x10 [ 586.891973] ? cgwb_kill+0x640/0x640 [ 586.895675] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 586.901196] ? bdi_init+0x3d0/0x4d0 [ 586.904806] ? wb_init+0xa00/0xa00 [ 586.908342] ? kasan_unpoison_shadow+0x35/0x50 [ 586.912911] ? kasan_kmalloc+0xc4/0xe0 [ 586.916788] ? kmem_cache_alloc_node_trace+0x302/0x770 [ 586.922061] bdi_register_va+0x68/0x80 [ 586.925941] super_setup_bdi_name+0x12d/0x240 [ 586.930431] ? kill_block_super+0x100/0x100 [ 586.934744] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 586.940267] ? ns_capable_common+0x13f/0x170 [ 586.944666] super_setup_bdi+0x7f/0xb0 [ 586.948543] v9fs_mount+0x268/0x900 [ 586.952158] ? v9fs_drop_inode+0x150/0x150 [ 586.956381] legacy_get_tree+0x118/0x440 [ 586.960430] vfs_get_tree+0x1cb/0x5c0 [ 586.964220] do_mount+0x6c1/0x1fb0 [ 586.967744] ? check_same_owner+0x340/0x340 [ 586.972050] ? lock_release+0xa30/0xa30 [ 586.976017] ? copy_mount_string+0x40/0x40 [ 586.980239] ? kasan_kmalloc+0xc4/0xe0 [ 586.984125] ? kmem_cache_alloc_trace+0x318/0x780 [ 586.988956] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 586.994483] ? _copy_from_user+0xdf/0x150 [ 586.998617] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 587.004138] ? copy_mount_options+0x285/0x380 [ 587.008624] ksys_mount+0x12d/0x140 [ 587.012238] __x64_sys_mount+0xbe/0x150 [ 587.016200] do_syscall_64+0x1b9/0x820 [ 587.020072] ? finish_task_switch+0x1d3/0x870 [ 587.024555] ? syscall_return_slowpath+0x5e0/0x5e0 [ 587.029473] ? syscall_return_slowpath+0x31d/0x5e0 [ 587.034388] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 587.039392] ? prepare_exit_to_usermode+0x291/0x3b0 [ 587.044393] ? perf_trace_sys_enter+0xb10/0xb10 [ 587.049048] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 587.053882] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 587.059057] RIP: 0033:0x455ab9 [ 587.062226] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 587.081505] RSP: 002b:00007ff52b1d3c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 587.089198] RAX: ffffffffffffffda RBX: 00007ff52b1d46d4 RCX: 0000000000455ab9 [ 587.096457] RDX: 0000000020000900 RSI: 0000000020000000 RDI: 0000000000000000 [ 587.103808] RBP: 000000000072bea0 R08: 0000000020000140 R09: 0000000000000000 03:34:13 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f001300}, 0x10) 03:34:13 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0x8100000000000000], 0x1}}, 0x1c) 03:34:13 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0x0, 0x3c8], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) [ 587.111060] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 587.118312] R13: 00000000004c0201 R14: 00000000004cfe50 R15: 0000000000000056 03:34:13 executing program 2: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000100)='./file0\x00', 0x800000000004) mount(&(0x7f0000000200)='./file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000140)='tracefs\x00', 0x0, &(0x7f0000000280)) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x10000000000000, 0x0) getdents(r0, &(0x7f0000000240)=""/93, 0x5d) 03:34:13 executing program 0 (fault-call:8 fault-nth:87): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) 03:34:13 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9pm', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:34:14 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000009}, 0x10) 03:34:14 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0xffffffff00000000], 0x1}}, 0x1c) 03:34:14 executing program 5: r0 = socket$packet(0x11, 0x2000000000, 0x300) r1 = fcntl$dupfd(r0, 0x0, r0) syz_mount_image$gfs2(&(0x7f0000000140)='gfs2\x00', &(0x7f0000000200)='./file0\x00', 0xffff, 0x2, &(0x7f0000000380)=[{&(0x7f0000000240)="aa6b149f9d1fcb5a2450d58d51809d8c53827a13c62f698971d6e2b86b025297155a75ca40388a3e82d2c48ea0d3b5992c85ccbe7983f27a3dadfcb53040cb7062dd003d4305122f7fd7ff21aaceb066cd9a92e5db621202edf166a51041d3af9c8ee3ab4411c55350fce273a430d1336a8074e7bf1342701a7653978e8dfe4033d5944aff3fbb803686d43fea47965164bab204b13aff5d28", 0x99}, {&(0x7f0000000300)="0e63fe0a0bd785e6709ef665c8d26e061e9d4a6f4d4d87c22e872e4596917924a186ac6dfb697939a19e722c400c87b429224051f50873fb1a748c536000ed30d72e49139df8fdb8b6f6dfc3f7185ab1a6beecfa87b2465eacee56e83b42", 0x5e, 0x1}], 0x12012, &(0x7f00000003c0)=ANY=[@ANYBLOB="6d6574612c646973636172642c71756f74612c7374617466735f70657263656e743d3078303030303030303030c84fe8303030303030392c646973636172"]) bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @remote={0xfe, 0x80, [], 0xbb}, 0x6}, 0x1c) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000180)="0401000000c000ddb8460900fff55b4202938207d9fb3780398d5375000000007929301ee616d5c01843f56590080053c0e385472da7222a2bb42f2dbd94c3b50035060f118d0000f55d462600001b0000000000000000000000aeb462644a4bae135664", 0x64, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x20000000005, @dev={0xfe, 0x80}}, 0x1c) sendto$inet6(r1, &(0x7f00000000c0)="ca", 0x1, 0x0, &(0x7f0000000100)={0xa, 0x4e24, 0x3, @mcast2={0xff, 0x2, [], 0x1}, 0x7}, 0x1c) 03:34:14 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0x0, 0xffffffa4], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:34:14 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$key(0xf, 0x3, 0x2) ioctl$KVM_SET_PIT(r0, 0x8048ae66, &(0x7f0000000000)={[{0x0, 0x1000, 0x9bce, 0x1, 0x6, 0xffffffffffffca74, 0x1, 0xbaa, 0x6, 0x7, 0xffff, 0xfffffffffffffff8, 0xfffffffffffffffb}, {0x651, 0x101, 0xfd4, 0x200, 0x40, 0x3, 0x6, 0x1, 0x7, 0x7e6, 0x100, 0xffffffff, 0x2}, {0x4, 0x4, 0x7f, 0x100000001, 0x7, 0x56b0, 0x100000000, 0x3f1, 0xe7, 0x0, 0x0, 0x5, 0x1}], 0x5}) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x2, 0x3, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, [@sadb_address={0x3, 0x7, 0x0, 0x0, 0x0, @in={0x2}}, @sadb_address={0x3, 0x6, 0x0, 0x0, 0x0, @in={0x2, 0x0, @multicast1=0xe0000001}}, @sadb_sa={0x2, 0x1}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @multicast1=0xe0000001}}]}, 0x68}, 0x1}, 0x0) 03:34:14 executing program 7: mprotect(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x2000000) write$eventfd(0xffffffffffffffff, &(0x7f0000000080)=0x2, 0x7) 03:34:14 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000002}, 0x10) 03:34:14 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:34:14 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0x1100000000000000], 0x1}}, 0x1c) 03:34:14 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0x0, 0x40000000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:34:14 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000007}, 0x10) 03:34:14 executing program 2: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000140)={&(0x7f00000001c0)=@ipv6_newaddr={0x18, 0x13, 0x509, 0x0, 0x0, {0x7}}, 0x18}, 0x1}, 0x0) acct(&(0x7f0000000040)='./file0\x00') 03:34:14 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") socket$can_raw(0x1d, 0x3, 0x1) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$inet6_tcp_int(r1, 0x6, 0x0, &(0x7f00000000c0), &(0x7f0000000000)=0xffffffffffffffa8) 03:34:14 executing program 5: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snapshot\x00', 0x40000, 0x0) ioctl$KVM_SET_XSAVE(r0, 0x5000aea5, &(0x7f0000000580)={"eb17423f1c4d1bdf8a9d868bc22f0a66f44b4c60aabf4018705aa10288fac5eb3c6298d63d9e33669f86406736e7ac777258711129aec441dda45009a5e3c1424393a4eb5bea024835fdabd009fef82eb3c74f727c46bdace69bb97fb07e431b87a05d55d9217f886a00b66fe6a6b0437a9eb288ea773e41c302c9fc5100301b25d1f0667a979d838106076619e5559bb9af295f28855693a297888bde12e1a3d1f43230664c54a15a74450921a0aebe58f5cd383adcce84bf9e30dffba5f75217bdc84cf6dca68e053cba4060bde79b5f52f0bf653791ce0eb2768c65fa2c928109aca4626e7387c38eab824587dd18305e6068b43c36c8aafb9b91eb6754dacd4f5c6c2d009293119d5cedd6fc0e7816106817cd6ecdb86bdd1f009e885e73ef66222e1916c192af85b417cdc9335029be345c64de72e8ffcb0b0c25af6a9ff2b0066ec659ef90b23f825147e9e9d472c26aa30c06b9b2af02973eb6e5600b31a0b8b6178d88915c82299c2bf58f086ed79d3fc87d5151bbd5812b56a5b9f3b39514052079043d81f7d75d46513feb9b5b58c4a564de33d4e6c0ba6bca1f55f8e13f978cd662b4a105969397b597c8136fea97f938bb5bbff8beb4576e2771eddf2312cecc56f225464a9eda641e31f3b52ff58d02635ab7277c0c356830e3b5d3df431f6525c1a63dfc8a2a5ef7e44877e8709c7ac8242d817aa60af8cd3cc41eb549a4f662dbed6c546681f2eabdc039d5158f8c6b4f346687a63edab013cf7179ee1b4479009d342d082b651b2ce31d02d3c3a16c78495e65bb85ad2f829551576f6ae037e37b8c5010cf992344c0c2910399f6d0e2828a76e140f4a5d5ebb40286f028e64350368d596dc04b54577d01637557a5f8ebfe85b297f0e0cb6b06addadefce3f1d7fc3cb812031d2c4c25a63db4e4bae1e1d2017d410894837e3f47b4afa8ad143180b6c9b863f9d21d4853bcdd498348505b844611dad01f6870c5c4b979c1255c7667a55b08b1a20f9f680e890c0e1af4ef429c9e0a804402e41baa8c2a85e561bf8e96f28b04e993de3307c976f8c7592fc8db9c0c01c9d97aa84fbcf01b2398728a9c47b9b726319157f026727b22791d4b500c7945017b8986cbf1361b708ceea6e86325751066bf30de26ad1388b314c1920257f89c3690c2654236282f07f5e1ab4362c65fe1f6ba0baca0a9e1de161d3c772373f0941d2fbf042b8ae180df774cdd4f6dbbe554ccd0f4bee0522070372ce2cb343bba79ab1a7a37ea547ea015537ccb410a8a9f6312b951e4e2bce30862687da30fdd53946c97a3756c21642448662adc0646e8e354bb685b5d16c9be6dae196f2b73d6fe6b4965dbe0cb7af7b03ca1e33ef605b08e410aca7dfbdea2be4a15fc653824a588878e499012cc4d89eedef61b9f5ba9c00f6b5e5acb217af96012e0fc"}) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x7d, &(0x7f0000000140), 0x0) ioctl$fiemap(0xffffffffffffffff, 0xc020660b, &(0x7f0000000000)=ANY=[@ANYBLOB="4ae30000000000000200000000000000020000004000000000b1ee00000000000000000000000000000000000000000000000000ff0000000000000000000000000000000000000000000000000008ac000000000000000010000000000000000000000000008000000f01740e56b3000000000000009d010000000000000100010000000000090000000000000000000000000000000000000004010000000000000000000000000000000000000000000000000000000000000000000000000000000088df4f0f2b"]) ioctl$KVM_RUN(r3, 0xae80, 0x0) [ 587.587975] FAULT_INJECTION: forcing a failure. [ 587.587975] name failslab, interval 1, probability 0, space 0, times 0 [ 587.599285] CPU: 1 PID: 10470 Comm: syz-executor0 Not tainted 4.18.0-rc4-next-20180713+ #7 [ 587.607688] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 587.617044] Call Trace: [ 587.619625] dump_stack+0x1c9/0x2b4 [ 587.623241] ? dump_stack_print_info.cold.2+0x52/0x52 [ 587.628416] ? rcu_note_context_switch+0x730/0x730 [ 587.633339] should_fail.cold.4+0xa/0x11 [ 587.637386] ? kasan_check_write+0x14/0x20 [ 587.641607] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 587.646700] ? kernfs_activate+0x8e/0x2c0 [ 587.650837] ? ___ratelimit.cold.2+0x6b/0x6b [ 587.655239] ? mutex_trylock+0x2b0/0x2b0 [ 587.659285] ? kasan_check_write+0x14/0x20 [ 587.663505] ? __radix_tree_replace+0x188/0x2f0 [ 587.668157] ? kernfs_add_one+0x4f/0x4d0 [ 587.672198] ? kernfs_activate+0x21a/0x2c0 [ 587.676421] ? lock_downgrade+0x8f0/0x8f0 [ 587.680560] ? lock_acquire+0x1e4/0x540 [ 587.684517] ? fs_reclaim_acquire+0x20/0x20 [ 587.688831] ? lock_downgrade+0x8f0/0x8f0 [ 587.692964] ? check_same_owner+0x340/0x340 [ 587.697270] ? kasan_check_write+0x14/0x20 [ 587.701489] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 587.706400] ? rcu_note_context_switch+0x730/0x730 [ 587.711316] __should_failslab+0x124/0x180 [ 587.715535] should_failslab+0x9/0x14 [ 587.719318] kmem_cache_alloc+0x2af/0x760 [ 587.723446] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 587.728359] ? kasan_check_write+0x14/0x20 [ 587.732580] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 587.737580] __kernfs_new_node+0xef/0x5a0 [ 587.741710] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 587.746448] ? mutex_unlock+0xd/0x10 [ 587.750145] ? kernfs_activate+0x21a/0x2c0 [ 587.754364] ? kernfs_walk_and_get_ns+0x340/0x340 [ 587.759190] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 587.764708] ? kernfs_link_sibling+0x1d2/0x3b0 [ 587.769273] kernfs_new_node+0x80/0xf0 [ 587.773143] __kernfs_create_file+0x4d/0x330 [ 587.777535] sysfs_add_file_mode_ns+0x21a/0x560 [ 587.782205] sysfs_add_file+0x4e/0x60 [ 587.785990] sysfs_merge_group+0xfa/0x230 [ 587.790125] dpm_sysfs_add+0x161/0x210 [ 587.793998] device_add+0x857/0x16f0 [ 587.797701] ? device_private_init+0x240/0x240 [ 587.802266] ? kfree+0x15e/0x260 [ 587.805620] ? kfree_const+0x5e/0x70 [ 587.809319] device_create_groups_vargs+0x1ff/0x270 [ 587.814319] device_create_vargs+0x46/0x60 [ 587.818540] bdi_register_va.part.12+0xc3/0x9c0 [ 587.823192] ? lockdep_init_map+0x9/0x10 [ 587.827233] ? cgwb_kill+0x640/0x640 [ 587.830934] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 587.836459] ? bdi_init+0x3d0/0x4d0 [ 587.840068] ? wb_init+0xa00/0xa00 [ 587.843599] ? kasan_unpoison_shadow+0x35/0x50 [ 587.848164] ? kasan_kmalloc+0xc4/0xe0 [ 587.852037] ? kmem_cache_alloc_node_trace+0x302/0x770 [ 587.857297] bdi_register_va+0x68/0x80 [ 587.861172] super_setup_bdi_name+0x12d/0x240 [ 587.865652] ? kill_block_super+0x100/0x100 [ 587.869957] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 587.875485] ? ns_capable_common+0x13f/0x170 [ 587.879887] super_setup_bdi+0x7f/0xb0 [ 587.883761] v9fs_mount+0x268/0x900 [ 587.887375] ? v9fs_drop_inode+0x150/0x150 [ 587.891593] legacy_get_tree+0x118/0x440 [ 587.895640] vfs_get_tree+0x1cb/0x5c0 [ 587.899434] do_mount+0x6c1/0x1fb0 [ 587.902956] ? kasan_check_write+0x14/0x20 [ 587.907184] ? copy_mount_string+0x40/0x40 [ 587.911404] ? kasan_kmalloc+0xc4/0xe0 [ 587.915275] ? kmem_cache_alloc_trace+0x318/0x780 [ 587.920101] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 587.925630] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 587.931148] ? copy_mount_options+0x285/0x380 [ 587.935628] ksys_mount+0x12d/0x140 [ 587.939237] __x64_sys_mount+0xbe/0x150 [ 587.943194] do_syscall_64+0x1b9/0x820 [ 587.947064] ? finish_task_switch+0x1d3/0x870 [ 587.951541] ? syscall_return_slowpath+0x5e0/0x5e0 [ 587.956452] ? syscall_return_slowpath+0x31d/0x5e0 [ 587.961365] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 587.966364] ? prepare_exit_to_usermode+0x291/0x3b0 [ 587.971363] ? perf_trace_sys_enter+0xb10/0xb10 [ 587.976021] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 587.980849] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 587.986020] RIP: 0033:0x455ab9 [ 587.989186] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 588.008367] RSP: 002b:00007ff52b1d3c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 588.016061] RAX: ffffffffffffffda RBX: 00007ff52b1d46d4 RCX: 0000000000455ab9 [ 588.023318] RDX: 0000000020000900 RSI: 0000000020000000 RDI: 0000000000000000 [ 588.030576] RBP: 000000000072bea0 R08: 0000000020000140 R09: 0000000000000000 03:34:14 executing program 0 (fault-call:8 fault-nth:88): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) 03:34:14 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000040)={0x26, 'aead\x00', 0x0, 0x0, 'seqiv(rfc4106(gcm(aes)))\x00'}, 0x58) bind$alg(r0, &(0x7f00000000c0)={0x26, 'aead\x00', 0x0, 0x0, 'morus1280-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000000)="78733976000898fcffff6054be13cfe62785ce10", 0x14) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000840)=[{0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f0000000400)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) exit_group(0x36e9) write$binfmt_script(r1, &(0x7f0000000340)=ANY=[@ANYBLOB="f54000002658a376"], 0x8) recvmmsg(r1, &(0x7f0000001280)=[{{&(0x7f0000000180)=@pptp={0x0, 0x0, {0x0, @loopback}}, 0x80, &(0x7f0000000200), 0x0, &(0x7f0000000240)=""/223, 0xdf}}, {{&(0x7f00000010c0)=@nfc, 0x80, &(0x7f0000001240)=[{&(0x7f0000001180)=""/161, 0xa1}], 0x1229}}], 0x2, 0xfffffffffffffffd, &(0x7f0000001400)={0x0, 0x1c9c380}) 03:34:14 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0x4305], 0x1}}, 0x1c) 03:34:14 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0x0, 0xff00], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:34:14 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000901}, 0x10) 03:34:14 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:34:14 executing program 7: r0 = syz_open_dev$evdev(&(0x7f0000000140)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5) write$binfmt_elf32(r0, &(0x7f00000000c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x38, 0x0, 0x0, 0x1, 0x60, 0x2}, [{}]}, 0x58) socket$unix(0x1, 0x1, 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) pipe2(&(0x7f0000000040), 0x80000) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r1, 0x6, 0x1d, &(0x7f0000000080)={0xc4, 0x7, 0x7fffffff, 0xd185, 0x1}, 0x14) 03:34:14 executing program 5: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000740)='/dev/ppp\x00', 0x0, 0x0) bind$pptp(r0, &(0x7f0000000780)={0x18, 0x2, {0x2, @broadcast=0xffffffff}}, 0x1e) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_mreqsrc(r1, 0x0, 0x27, &(0x7f000001b000)={@multicast2=0xe0000002, @loopback=0x7f000001, @dev={0xac, 0x14}}, 0xc) r2 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r2, 0x8914, &(0x7f0000000000)={'lo\x00'}) ioctl$sock_inet_SIOCSIFFLAGS(r2, 0x8914, &(0x7f0000000080)={'lo\x00', 0x101}) [ 588.037827] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 588.045077] R13: 00000000004c0201 R14: 00000000004cfe50 R15: 0000000000000057 03:34:14 executing program 2: r0 = dup(0xffffffffffffffff) ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000000)={0x0, 0x3, 0x7, 0x7fffffff}) r1 = socket$inet(0x2, 0x200000000000003, 0x9) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000800)=@filter={'filter\x00', 0xe, 0x2, 0x318, [0x0, 0x20000880, 0x200009c0, 0x20000b68], 0x0, &(0x7f0000000480), &(0x7f0000000880)=[{0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x11, 0x0, 0x0, 'dummy0\x00', 'bcsh0\x00', 'bcsf0\x00', 'nr0\x00', @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, [], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], 0xe0, 0xe0, 0x110, [@time={'time\x00', 0x18, {{0x0, 0x0, 0x7fffffe}}}, @vlan={'vlan\x00', 0x8}]}}, @common=@CLASSIFY={'CLASSIFY\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe, 0x1, [{{{0x5, 0x0, 0x0, 'ifb0\x00', 'bcsf0\x00', 'gre0\x00', 'rose0\x00', @empty, [], @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], 0xd0, 0x100, 0x178, [@m802_3={'802_3\x00', 0x8}, @pkttype={'pkttype\x00', 0x8}]}, [@common=@redirect={'redirect\x00', 0x8}]}, @common=@NFLOG={'NFLOG\x00', 0x50, {{0x0, 0x0, 0x0, 0x0, 0x0, "bde61f96ad140bf31c52adfce88ba14aaa5708b1e3b94b8fe5821cafe5683d4cae815faf77d30635b4d7e26ce8a6a975654dcf2bc4aaada7a86664db3dbde2bf"}}}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x390) [ 588.137943] FAULT_INJECTION: forcing a failure. [ 588.137943] name failslab, interval 1, probability 0, space 0, times 0 [ 588.149235] CPU: 1 PID: 10495 Comm: syz-executor0 Not tainted 4.18.0-rc4-next-20180713+ #7 [ 588.157635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 588.166988] Call Trace: [ 588.169584] dump_stack+0x1c9/0x2b4 [ 588.173219] ? dump_stack_print_info.cold.2+0x52/0x52 [ 588.178418] ? rcu_note_context_switch+0x730/0x730 [ 588.183361] should_fail.cold.4+0xa/0x11 [ 588.187446] ? kasan_check_write+0x14/0x20 [ 588.191693] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 588.196804] ? kernfs_activate+0x8e/0x2c0 [ 588.200964] ? ___ratelimit.cold.2+0x6b/0x6b [ 588.205383] ? mutex_trylock+0x2b0/0x2b0 [ 588.209448] ? kasan_check_write+0x14/0x20 [ 588.213696] ? __radix_tree_replace+0x188/0x2f0 [ 588.218367] ? kernfs_add_one+0x4f/0x4d0 [ 588.222442] ? kernfs_activate+0x21a/0x2c0 [ 588.226681] ? lock_downgrade+0x8f0/0x8f0 [ 588.230837] ? lock_acquire+0x1e4/0x540 03:34:14 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f0000e0}, 0x10) 03:34:14 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:34:14 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0x0, 0xd603], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:34:14 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0x5865], 0x1}}, 0x1c) 03:34:14 executing program 7: r0 = socket$packet(0x11, 0x3, 0x300) r1 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0x0, 0x0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000080)={&(0x7f0000ff9000/0x6000)=nil, 0x6000}) open(&(0x7f00000000c0)='./file0\x00', 0x0, 0x10) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000400)=0x6b65a878, 0x4) sendto$inet6(r0, &(0x7f00000000c0), 0x0, 0x0, &(0x7f0000000040)={0xa, 0x0, 0x6, @local={0xfe, 0x80, [], 0xaa}}, 0x1c) 03:34:15 executing program 2: r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000280)='/dev/zero\x00', 0x0, 0x0) r1 = timerfd_create(0x0, 0x0) readv(r1, &(0x7f0000000000)=[{&(0x7f0000000280)=""/146, 0x92}], 0x1) r2 = gettid() timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) r3 = socket$inet6(0xa, 0x1, 0x0) ioctl(r3, 0x4000008912, &(0x7f00000001c0)="295ee1311f16f477671070") setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f0000000040)={&(0x7f0000000340)=""/4096, 0x10000, 0x1000, 0x6}, 0x18) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) dup2(r0, r1) tkill(r2, 0x1004000000016) [ 588.234825] ? fs_reclaim_acquire+0x20/0x20 [ 588.239169] ? lock_downgrade+0x8f0/0x8f0 [ 588.243327] ? check_same_owner+0x340/0x340 [ 588.247657] ? kasan_check_write+0x14/0x20 [ 588.247933] xt_time: invalid argument - start or stop time greater than 23:59:59 [ 588.251892] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 588.251909] ? rcu_note_context_switch+0x730/0x730 [ 588.251926] __should_failslab+0x124/0x180 [ 588.251947] should_failslab+0x9/0x14 [ 588.277297] kmem_cache_alloc+0x2af/0x760 [ 588.281454] ? __mutex_unlock_slowpath+0x197/0x8c0 03:34:15 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000005}, 0x10) [ 588.286398] ? kasan_check_write+0x14/0x20 [ 588.290646] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 588.295668] __kernfs_new_node+0xef/0x5a0 [ 588.299824] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 588.304582] ? mutex_unlock+0xd/0x10 [ 588.308292] ? kernfs_activate+0x21a/0x2c0 [ 588.312790] ? kernfs_walk_and_get_ns+0x340/0x340 [ 588.317636] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 588.323170] ? kernfs_link_sibling+0x1d2/0x3b0 [ 588.327753] kernfs_new_node+0x80/0xf0 [ 588.331646] __kernfs_create_file+0x4d/0x330 [ 588.336061] sysfs_add_file_mode_ns+0x21a/0x560 [ 588.340748] sysfs_add_file+0x4e/0x60 [ 588.340764] sysfs_merge_group+0xfa/0x230 [ 588.340781] dpm_sysfs_add+0x161/0x210 [ 588.340797] device_add+0x857/0x16f0 [ 588.340815] ? device_private_init+0x240/0x240 [ 588.340829] ? kfree+0x15e/0x260 [ 588.340846] ? kfree_const+0x5e/0x70 [ 588.340862] device_create_groups_vargs+0x1ff/0x270 [ 588.340878] device_create_vargs+0x46/0x60 [ 588.340891] bdi_register_va.part.12+0xc3/0x9c0 [ 588.340905] ? lockdep_init_map+0x9/0x10 [ 588.340917] ? cgwb_kill+0x640/0x640 [ 588.340934] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 588.340945] ? bdi_init+0x3d0/0x4d0 [ 588.340956] ? wb_init+0xa00/0xa00 [ 588.340975] ? kasan_unpoison_shadow+0x35/0x50 [ 588.406843] ? kasan_kmalloc+0xc4/0xe0 [ 588.406859] ? kmem_cache_alloc_node_trace+0x302/0x770 [ 588.406873] bdi_register_va+0x68/0x80 [ 588.406887] super_setup_bdi_name+0x12d/0x240 03:34:15 executing program 0 (fault-call:8 fault-nth:89): pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) 03:34:15 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001, [0x18]}, 0x10) 03:34:15 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0xa00000000000000], 0x1}}, 0x1c) 03:34:15 executing program 7: r0 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x0, 0x0, &(0x7f0000000000)) mq_timedreceive(r0, &(0x7f0000000040)=""/159, 0x9f, 0x930000, &(0x7f0000000100)) r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000200)='/dev/uinput\x00', 0x341000, 0x0) ioctl$KDGKBMETA(r1, 0x4b62, &(0x7f0000000240)) r2 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x3, 0x0) getsockopt$inet_sctp6_SCTP_RECVNXTINFO(r2, 0x84, 0x21, &(0x7f0000000180), &(0x7f00000001c0)=0x4) read$FUSE(r2, &(0x7f0000000280), 0x1000) [ 588.406897] ? kill_block_super+0x100/0x100 [ 588.406910] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 588.406922] ? ns_capable_common+0x13f/0x170 [ 588.406935] super_setup_bdi+0x7f/0xb0 03:34:15 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001, [0x7000000]}, 0x10) 03:34:15 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0x6558], 0x1}}, 0x1c) [ 588.406948] v9fs_mount+0x268/0x900 [ 588.406959] ? v9fs_drop_inode+0x150/0x150 [ 588.406969] legacy_get_tree+0x118/0x440 [ 588.406981] vfs_get_tree+0x1cb/0x5c0 [ 588.406993] do_mount+0x6c1/0x1fb0 03:34:15 executing program 7: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) socketpair$inet6_sctp(0xa, 0x1, 0x84, &(0x7f0000000000)) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") inotify_init1(0x84800) [ 588.407004] ? kasan_check_write+0x14/0x20 [ 588.407020] ? copy_mount_string+0x40/0x40 [ 588.407031] ? kasan_kmalloc+0xc4/0xe0 [ 588.407042] ? kmem_cache_alloc_trace+0x318/0x780 [ 588.407053] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 588.407065] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 588.407075] ? copy_mount_options+0x285/0x380 [ 588.407086] ksys_mount+0x12d/0x140 [ 588.407097] __x64_sys_mount+0xbe/0x150 [ 588.407109] do_syscall_64+0x1b9/0x820 [ 588.407118] ? finish_task_switch+0x1d3/0x870 [ 588.407129] ? syscall_return_slowpath+0x5e0/0x5e0 [ 588.407140] ? syscall_return_slowpath+0x31d/0x5e0 [ 588.407150] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 588.407161] ? prepare_exit_to_usermode+0x291/0x3b0 [ 588.407171] ? perf_trace_sys_enter+0xb10/0xb10 [ 588.407182] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 588.407196] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 588.407204] RIP: 0033:0x455ab9 [ 588.407206] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 588.407381] RSP: 002b:00007ff52b1d3c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 588.407391] RAX: ffffffffffffffda RBX: 00007ff52b1d46d4 RCX: 0000000000455ab9 [ 588.407397] RDX: 0000000020000900 RSI: 0000000020000000 RDI: 0000000000000000 [ 588.407402] RBP: 000000000072bea0 R08: 0000000020000140 R09: 0000000000000000 [ 588.407408] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 588.407414] R13: 00000000004c0201 R14: 00000000004cfe50 R15: 0000000000000058 [ 588.670130] device lo entered promiscuous mode [ 588.685039] device lo left promiscuous mode [ 588.691803] FAULT_INJECTION: forcing a failure. [ 588.691803] name failslab, interval 1, probability 0, space 0, times 0 [ 588.805286] device lo entered promiscuous mode [ 588.807148] CPU: 0 PID: 10532 Comm: syz-executor0 Not tainted 4.18.0-rc4-next-20180713+ #7 [ 588.807158] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 588.807162] Call Trace: [ 588.807180] dump_stack+0x1c9/0x2b4 [ 588.807198] ? dump_stack_print_info.cold.2+0x52/0x52 [ 588.840859] ? rcu_note_context_switch+0x730/0x730 [ 588.840878] should_fail.cold.4+0xa/0x11 [ 588.840891] ? kasan_check_write+0x14/0x20 [ 588.840907] ? fault_create_debugfs_attr+0x1f0/0x1f0 03:34:15 executing program 5: syz_emit_ethernet(0x2a, &(0x7f0000000080)=ANY=[@ANYBLOB="0180c2000000aaaaaaae000008084500001c000000000400000000000000ffffffff11029078e0000022"], &(0x7f000071f000)) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r0, &(0x7f0000000180)={0xa, 0x4e23, 0x9, @mcast2={0xff, 0x2, [], 0x1}, 0x4}, 0x1c) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffff9c, 0x84, 0x9, &(0x7f00000000c0)={0x0, @in6={{0xa, 0x4e24, 0x8, @mcast2={0xff, 0x2, [], 0x1}, 0x6}}, 0x5, 0x7, 0x5, 0xffffffff, 0x30}, &(0x7f0000000000)=0x98) setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000040)=@assoc_value={r1, 0x6}, 0x8) 03:34:15 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001, [0x34000]}, 0x10) 03:34:15 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0x89060000], 0x1}}, 0x1c) [ 588.840925] ? kernfs_activate+0x8e/0x2c0 [ 588.855127] sctp: [Deprecated]: syz-executor5 (pid 10564) Use of struct sctp_assoc_value in delayed_ack socket option. [ 588.855127] Use struct sctp_sack_info instead [ 588.859258] ? ___ratelimit.cold.2+0x6b/0x6b [ 588.859274] ? mutex_trylock+0x2b0/0x2b0 [ 588.859289] ? kasan_check_write+0x14/0x20 [ 588.859309] ? __radix_tree_replace+0x188/0x2f0 [ 588.895907] ? kernfs_add_one+0x4f/0x4d0 [ 588.899998] ? kernfs_activate+0x21a/0x2c0 [ 588.904239] ? lock_downgrade+0x8f0/0x8f0 [ 588.908394] ? lock_acquire+0x1e4/0x540 [ 588.912369] ? fs_reclaim_acquire+0x20/0x20 [ 588.916696] ? lock_downgrade+0x8f0/0x8f0 [ 588.920856] ? check_same_owner+0x340/0x340 [ 588.925179] ? kasan_check_write+0x14/0x20 [ 588.929417] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 588.934335] ? rcu_note_context_switch+0x730/0x730 [ 588.939253] __should_failslab+0x124/0x180 [ 588.943480] should_failslab+0x9/0x14 [ 588.947262] kmem_cache_alloc+0x2af/0x760 [ 588.951401] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 588.956316] ? kasan_check_write+0x14/0x20 [ 588.960535] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 588.965533] __kernfs_new_node+0xef/0x5a0 [ 588.969671] ? kernfs_dop_revalidate+0x3c0/0x3c0 [ 588.974415] ? mutex_unlock+0xd/0x10 [ 588.978126] ? kernfs_activate+0x21a/0x2c0 [ 588.982349] ? kernfs_walk_and_get_ns+0x340/0x340 [ 588.987172] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 588.992688] ? kernfs_link_sibling+0x1d2/0x3b0 [ 588.997249] kernfs_new_node+0x80/0xf0 [ 589.001118] __kernfs_create_file+0x4d/0x330 [ 589.005506] sysfs_add_file_mode_ns+0x21a/0x560 [ 589.010154] sysfs_add_file+0x4e/0x60 [ 589.013943] sysfs_merge_group+0xfa/0x230 [ 589.018075] dpm_sysfs_add+0x161/0x210 [ 589.021943] device_add+0x857/0x16f0 [ 589.025640] ? device_private_init+0x240/0x240 [ 589.030203] ? kfree+0x15e/0x260 [ 589.033561] ? kfree_const+0x5e/0x70 [ 589.037257] device_create_groups_vargs+0x1ff/0x270 [ 589.042256] device_create_vargs+0x46/0x60 [ 589.046473] bdi_register_va.part.12+0xc3/0x9c0 [ 589.051131] ? lockdep_init_map+0x9/0x10 [ 589.055174] ? cgwb_kill+0x640/0x640 [ 589.058868] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 589.064387] ? bdi_init+0x3d0/0x4d0 [ 589.067995] ? wb_init+0xa00/0xa00 [ 589.071519] ? kasan_unpoison_shadow+0x35/0x50 [ 589.076089] ? kasan_kmalloc+0xc4/0xe0 [ 589.079965] ? kmem_cache_alloc_node_trace+0x302/0x770 [ 589.085227] bdi_register_va+0x68/0x80 [ 589.089099] super_setup_bdi_name+0x12d/0x240 [ 589.093580] ? kill_block_super+0x100/0x100 [ 589.097896] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 589.103424] ? ns_capable_common+0x13f/0x170 [ 589.107829] super_setup_bdi+0x7f/0xb0 [ 589.111720] v9fs_mount+0x268/0x900 [ 589.115341] ? v9fs_drop_inode+0x150/0x150 [ 589.119576] legacy_get_tree+0x118/0x440 [ 589.123640] vfs_get_tree+0x1cb/0x5c0 [ 589.127444] do_mount+0x6c1/0x1fb0 [ 589.130980] ? kasan_check_write+0x14/0x20 [ 589.135199] ? copy_mount_string+0x40/0x40 [ 589.139418] ? retint_kernel+0x10/0x10 [ 589.143287] ? copy_mount_options+0x1f0/0x380 [ 589.147772] ? copy_mount_options+0x1fa/0x380 [ 589.152263] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 589.157796] ? copy_mount_options+0x285/0x380 [ 589.162273] ksys_mount+0x12d/0x140 [ 589.165879] __x64_sys_mount+0xbe/0x150 [ 589.169834] do_syscall_64+0x1b9/0x820 [ 589.173700] ? finish_task_switch+0x1d3/0x870 [ 589.178177] ? syscall_return_slowpath+0x5e0/0x5e0 [ 589.183097] ? syscall_return_slowpath+0x31d/0x5e0 [ 589.188010] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 589.193024] ? prepare_exit_to_usermode+0x291/0x3b0 [ 589.198029] ? perf_trace_sys_enter+0xb10/0xb10 [ 589.202685] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 589.207510] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 589.212680] RIP: 0033:0x455ab9 [ 589.215845] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 589.234990] RSP: 002b:00007ff52b1d3c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 589.242686] RAX: ffffffffffffffda RBX: 00007ff52b1d46d4 RCX: 0000000000455ab9 [ 589.249933] RDX: 0000000020000900 RSI: 0000000020000000 RDI: 0000000000000000 [ 589.257182] RBP: 000000000072bea0 R08: 0000000020000140 R09: 0000000000000000 03:34:16 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:34:16 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0x0, 0x4000000000000000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:34:16 executing program 7: r0 = syz_open_dev$vcsa(&(0x7f0000000040)='/dev/vcsa#\x00', 0x99a, 0x200) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000140)={'syzkaller0\x00', &(0x7f0000000100)=@ethtool_sset_info={0x37, 0x4, 0x5, [0x200, 0x0, 0x3]}}) getsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f00000002c0), &(0x7f00000000c0)=0xffffffffffffff92) r1 = mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x0, 0x0, &(0x7f0000000000)) getsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r0, 0x84, 0x8, &(0x7f0000000080), &(0x7f0000000240)=0x4) readv(r1, &(0x7f0000000580)=[{&(0x7f00000004c0)=""/155, 0x9b}], 0x1) ioctl$sock_bt_bnep_BNEPGETCONNLIST(r0, 0x800442d2, &(0x7f0000000200)={0x4, &(0x7f0000000180)=[{0x0, 0x0, 0x0, @dev}, {0x0, 0x0, 0x0, @broadcast}, {0x0, 0x0, 0x0, @local}, {0x0, 0x0, 0x0, @local}]}) 03:34:16 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001, [0xfd00000000000000]}, 0x10) 03:34:16 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x5) ioctl(r0, 0x3, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$hfsplus(&(0x7f0000000000)='hfsplus\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, &(0x7f0000001540), 0x2000000, &(0x7f0000000240)={[{@barrier='barrier', 0x2c}, {@nodecompose='nodecompose', 0x2c}, {@creator={'creator', 0x3d, "9c573856"}, 0x2c}]}) setsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r0, 0x84, 0x12, &(0x7f0000000080)=0x8, 0x4) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/rtc0\x00', 0x2, 0x0) getsockopt$inet_sctp_SCTP_AUTOCLOSE(r1, 0x84, 0x4, &(0x7f0000000100), &(0x7f0000000140)=0x4) 03:34:16 executing program 2: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl(r0, 0x4000008912, &(0x7f0000000100)="295ee1311f16f477671070") r1 = socket(0x1e, 0x805, 0x0) r2 = socket(0x1c, 0x807, 0x0) setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000100)=@req={0x80000000, 0x2}, 0x10) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2, 0x3ff}, 0x94) sendmsg(r1, &(0x7f0000030000)={&(0x7f00004f5000)=@generic={0x10000000001e, "0100000900000000000000000226cc573c080000003724c71e14dd6a739effea1b48006be61ffe0000e103000000f8000004003f010039d8f986ff01000300000004af50d50700000000000000e3ad316a1983000000001d00e0dfcb24281e27800000100076c3979ac40000bd15020078a1dfd300881a8365b1b16d7436"}, 0x80, &(0x7f0000000480), 0x0, &(0x7f00006e9c68)}, 0x0) 03:34:16 executing program 0: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) 03:34:16 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0x4000000], 0x1}}, 0x1c) [ 589.264442] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 589.271697] R13: 00000000004c0201 R14: 00000000004cfe50 R15: 0000000000000059 03:34:16 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001, [0xe202]}, 0x10) 03:34:16 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0x11000000], 0x1}}, 0x1c) 03:34:16 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0x0, 0xf5ffffff], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:34:16 executing program 7: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)={0xaa}) r1 = getpgrp(0x0) ptrace$peekuser(0x3, r1, 0x1) r2 = dup(r0) ioctl$UFFDIO_COPY(r2, 0xc028aa03, &(0x7f0000000000)={&(0x7f0000000000/0x2000)=nil, &(0x7f0000000000/0x1000)=nil, 0x2000, 0x4}) 03:34:16 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) capset(&(0x7f00001e8ff8)={0x19980330}, &(0x7f0000032fe8)) r1 = accept4$bt_l2cap(0xffffffffffffffff, &(0x7f0000000740), &(0x7f0000000780)=0xe, 0x80000) getsockopt$bt_l2cap_L2CAP_LM(r1, 0x6, 0x3, &(0x7f00000007c0), &(0x7f0000000800)=0x4) readv(r0, &(0x7f0000000100)=[{&(0x7f0000000640)=""/236, 0xec}, {&(0x7f0000000000)=""/159, 0x9f}], 0x2) socketpair$inet6_udplite(0xa, 0x2, 0x88, &(0x7f0000000840)={0xffffffffffffffff}) ioctl$sock_inet6_udp_SIOCOUTQ(r2, 0x5411, &(0x7f0000000880)) setsockopt$ARPT_SO_SET_REPLACE(r0, 0x0, 0x60, &(0x7f0000000140)={'filter\x00', 0x7, 0x4, 0x4a0, 0x160, 0x278, 0x160, 0x3b8, 0x3b8, 0x3b8, 0x4, &(0x7f00000000c0), {[{{@arp={@local={0xac, 0x14, 0x14, 0xaa}, @remote={0xac, 0x14, 0x14, 0xbb}, 0x0, 0x0, @empty, {}, @mac=@dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'bond_slave_1\x00', 'rose0\x00'}, 0xf0, 0x160}, @unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "042fd94c273aba5e601573e4fce4f3d5d3bba611e0b9a970cfab8d1c707e6fd027e816385272bd971bd1a65457a259a07f504d250bde6449521d29bc6cb317e5"}}}, {{@uncond, 0xf0, 0x118}, @unspec=@CLASSIFY={0x28, 'CLASSIFY\x00'}}, {{@arp={@empty, @multicast1=0xe0000001, 0x0, 0x0, @mac=@broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], {}, @empty, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'gre0\x00', 'veth1_to_bond\x00'}, 0xf0, 0x140}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @rand_addr}}}], {{[], 0xc0, 0xe8}, {0x28, '\x00', 0x0, 0xfffffffffffffffe}}}}, 0x4f0) 03:34:16 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9pi', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:34:16 executing program 0: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x6000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) [ 589.412347] hfsplus: unable to find HFS+ superblock 03:34:16 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0x88470000], 0x1}}, 0x1c) 03:34:16 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001, [0xfd000000]}, 0x10) [ 589.486889] hfsplus: unable to find HFS+ superblock 03:34:16 executing program 2: r0 = socket$inet6(0xa, 0x4001000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") syz_mount_image$hfs(&(0x7f0000000380)='hfs\x00', &(0x7f0000001480)='./file0\x00', 0x0, 0x0, &(0x7f0000001640), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="544792f35b9b57c1970aa67f45c1d83b734e7373696f6e3d30783030b29e087e08a430f6c1f89bba7a30dbaf428c57511141bd51f5adcf01e1dfaffd82cdac4fdcffbe429bc569970f4eea3f3e80d2e99bc7f88cd214dbfc1b6ddbf27bb64fb6b8e298f68b77bbb6e51e06adaade0c1960d5b2d6f3a3e289ce5c"]) fcntl$setpipe(r0, 0x407, 0x0) 03:34:16 executing program 5: r0 = getpid() sched_setattr(r0, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x3}, 0x0) mmap(&(0x7f0000000000/0x19000)=nil, 0x19000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000e53fe8)={0xaa, 0x40}) r2 = openat$mixer(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/mixer\x00', 0x2200, 0x0) ioctl$LOOP_SET_FD(r2, 0x4c00, r1) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000007fe0)={{&(0x7f0000000000/0x4000)=nil, 0x4000}, 0x1}) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) r4 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f0000cd8ff4)) ioctl$sock_SIOCOUTQNSD(r3, 0x894b, &(0x7f0000000140)) r5 = memfd_create(&(0x7f0000000040)='.em0securitybdevppp1wlan0securitybdev\x00', 0x1) r6 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r4, &(0x7f0000007000)={0xffffffffc0000001}) epoll_wait(r6, &(0x7f0000000000)=[{}], 0x1, 0x0) close(r4) ioctl$UFFDIO_UNREGISTER(r1, 0xc020aa04, &(0x7f0000007ffc)={&(0x7f0000000000/0x2000)=nil, 0x2000}) ioctl$PERF_EVENT_IOC_QUERY_BPF(r5, 0xc008240a, &(0x7f0000000100)={0x7, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) 03:34:16 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0x806], 0x1}}, 0x1c) 03:34:16 executing program 7: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x0, 0x0) ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000040)=0x0) getpriority(0x3, r1) ioctl$RTC_SET_TIME(r0, 0x7006, &(0x7f0000000240)) 03:34:16 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0x0, 0xa02000000000000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:34:16 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001, [0x5000000]}, 0x10) 03:34:16 executing program 0: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xff00, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) [ 589.596778] hfs: unable to parse mount options 03:34:16 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:34:16 executing program 7: r0 = socket(0xe, 0x80003, 0x80) getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(r0, 0x84, 0x70, &(0x7f0000000140)={0x0, @in={{0x2, 0x4e21, @remote={0xac, 0x14, 0x14, 0xbb}}}, [0x100, 0x9, 0x7ff, 0x300000, 0x7, 0x3, 0x0, 0x8000, 0x6, 0x2, 0x3, 0xfff, 0x4, 0x3, 0xfad]}, &(0x7f0000000240)=0x100) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000000)={0x7fffffff, 0xba4, 0x8204, 0x7, 0x8, 0x8001, 0x4000000008, 0x6c68926e, r1}, &(0x7f0000000280)=0x20) setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000080)=@sack_info={r2, 0x6, 0x3}, 0xc) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = syz_init_net_socket$bt_sco(0x1f, 0x3, 0x3) ioctl$KVM_GET_REG_LIST(r3, 0x400452c9, &(0x7f0000000140)={0x26}) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000340), &(0x7f0000000380)=0xc) 03:34:16 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0x1300], 0x1}}, 0x1c) [ 589.685207] hfs: unable to parse mount options 03:34:16 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001, [0xfd00]}, 0x10) 03:34:16 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0x0, 0xc803000000000000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:34:16 executing program 2: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)) r2 = syz_open_pts(r1, 0x0) ioctl$TCSETS(r1, 0x5402, &(0x7f00000000c0)={0x408, 0x0, 0x0, 0x829f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffa}) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000080)={r0}) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000100)={0x0, 0x1}, &(0x7f0000000140)=0x8) setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r3, 0x84, 0x75, &(0x7f0000000180)={r4}, 0x8) r5 = getpid() ptrace$getregs(0xffffffffffffffff, r5, 0x9, &(0x7f00000002c0)=""/217) ioctl$TIOCGLCKTRMIOS(r2, 0x5412, &(0x7f0000000000)={0x8000000ffffffff}) 03:34:16 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)="397002", 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:34:16 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0x608], 0x1}}, 0x1c) 03:34:16 executing program 0: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x7, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) 03:34:16 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001, [0x13]}, 0x10) 03:34:16 executing program 5: r0 = syz_open_dev$binder(&(0x7f00000000c0)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) r1 = syz_open_dev$binder(&(0x7f0000000100)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x0, 0x20011, r1, 0x0) syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0x0, 0x800) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x44, 0x0, &(0x7f0000000300)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x8, &(0x7f0000000200)=[@flat={0x73622a85}], &(0x7f0000000240)=[0x0]}}], 0x0, 0x0, &(0x7f00000003c0)}) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000007c0)={0x8, 0x0, &(0x7f0000000600)=[@increfs={0x40046304, 0x1}], 0x0, 0x0, &(0x7f0000000780)}) 03:34:16 executing program 2: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = inotify_init1(0x0) r1 = socket(0x40000000015, 0x5, 0x0) r2 = syz_open_dev$vcsa(&(0x7f0000000040)='/dev/vcsa#\x00', 0x100, 0x507041) ioctl$SNDRV_TIMER_IOCTL_PARAMS(r2, 0x40505412, &(0x7f0000000080)={0x2, 0x4, 0xede2, 0x0, 0x7}) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f00000001c0)={0x0, 0x0}, &(0x7f0000000200)=0x5) setreuid(r3, 0x0) fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000000)={0x0, 0x0}) ptrace$setopts(0x4206, r4, 0x0, 0x0) 03:34:16 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0x0, 0x1000000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:34:16 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0x88caffff00000000], 0x1}}, 0x1c) 03:34:16 executing program 7: socketpair(0x0, 0xe, 0x9, &(0x7f0000000000)={0xffffffffffffffff}) ioctl$SCSI_IOCTL_SYNC(r0, 0x4) r1 = socket$netlink(0x10, 0x3, 0x15) setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040)=[@in6={0xa, 0x4e21, 0x8, @mcast2={0xff, 0x2, [], 0x1}, 0x8bf5}, @in6={0xa, 0x4e23, 0x9, @mcast1={0xff, 0x1, [], 0x1}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20}, @in={0x2, 0x4e23, @broadcast=0xffffffff}, @in6={0xa, 0x4e20, 0x7, @empty, 0x1ff}], 0x84) writev(r1, &(0x7f0000e11ff0)=[{&(0x7f0000000140)="580000001400192340834b80040d8c560a067fffffff81004e220000000058000b4824ca945f64009400050028925aa8000000000000008000f0fffeffe809000000fff5dd00000010000100092c0800410400000000fcff", 0x58}], 0x1) 03:34:16 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001, [0x100000000000000]}, 0x10) [ 589.866280] binder_alloc: binder_alloc_mmap_handler: 10719 20001000-20004000 already mapped failed -16 [ 589.905338] binder: BINDER_SET_CONTEXT_MGR already set 03:34:16 executing program 7: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = creat(&(0x7f00000000c0)='./file0\x00', 0xa) getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(r2, 0x84, 0x6c, &(0x7f00000003c0)={0x0, 0xdf, "83bdba86e057502ec8641d3b4aee54eae793de00ed96629013d923573065fbf84d753746b3bc199bb8afaf9f9de7829c477fe9c122b7b32035994f678cfcc2a1020da8a7df95ffd1693710c7f1649dbe22fd9f99a174c8381994726a4f11ca286d1a918624f2cd8aa002f9d68276b7ada6db9970dab66ff0ab643314504a767f49d9ba4bac4f5961314b4ccb39ae0313692019225aae5fe01ff7c48afedfe324bb3b04dc354688cf2f2cd76a81aef7ba67f63c447b5b651d42c8c8bd9d409aba5419302848aa634fa93a0ed440b94719557d1d50582a0206be1dd98127a734"}, &(0x7f00000002c0)=0xe7) getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r2, 0x84, 0x22, &(0x7f00000004c0)={0x1, 0x1, 0x80, 0x1, 0x0}, &(0x7f0000000500)=0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(0xffffffffffffff9c, 0x84, 0x70, &(0x7f0000000100)={r3, @in={{0x2, 0x4e24, @rand_addr=0x100000000}}, [0x4, 0x5, 0x0, 0x235, 0x0, 0x8, 0x3, 0x4, 0x7, 0xfff, 0x8, 0x2, 0x5e7, 0x4, 0x1]}, &(0x7f0000000200)=0x35a) getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r2, 0x84, 0x75, &(0x7f0000000240)={r4, 0x2}, &(0x7f0000000280)=0x8) getsockopt$inet6_mreq(r2, 0x29, 0x1c, &(0x7f0000000300)={@ipv4={[], [], @multicast1}, 0x0}, &(0x7f0000000340)=0x14) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000380)={'vcan0\x00', r5}) r6 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_ENABLE_CAP_CPU(r6, 0x4008ae89, &(0x7f0000000040)={0x2, 0x0, [0x4000006e]}) 03:34:16 executing program 0: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x74090000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) 03:34:16 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0x8848], 0x1}}, 0x1c) [ 589.931093] binder: 10719:10721 ioctl 40046207 0 returned -16 [ 589.965346] binder_alloc: 10719: binder_alloc_buf, no vma [ 589.971012] binder: 10719:10720 transaction failed 29189/-3, size 24-8 line 2967 03:34:16 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:34:16 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0x0, 0xc803], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:34:16 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001, [0x1100000000000000]}, 0x10) 03:34:16 executing program 2: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ppp\x00', 0x0, 0x0) ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(r1, 0xc0305710, &(0x7f0000000100)={0x1, 0x7, 0x5, 0x4}) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000002c0)='dctcp\x00', 0x6) bind$inet6(r0, &(0x7f0000807fe4)={0xa, 0x4e22}, 0x1c) setrlimit(0x7, &(0x7f0000000080)={0x313, 0xffffffffffffffff}) sendto$inet6(r0, &(0x7f0000000000), 0xfffffffffffffd93, 0x200408d4, &(0x7f00000001c0)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}}, 0x1c) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='cubic\x00', 0x6) sendto$inet6(r0, &(0x7f0000000740)='K', 0x1, 0x0, &(0x7f0000000040)={0xa, 0x0, 0x0, @dev={0xfe, 0x80}}, 0x1c) [ 590.047218] kvm_hv_set_msr: 5 callbacks suppressed [ 590.047231] kvm [10752]: vcpu0, guest rIP: 0xfff0 Hyper-V uhandled wrmsr: 0x4000006e data 0x0 [ 590.062300] binder: 10719:10721 IncRefs 0 refcount change on invalid ref 1 ret -22 03:34:16 executing program 5: r0 = getpid() sched_setattr(r0, &(0x7f0000000000)={0x0, 0x2, 0x0, 0x0, 0x1}, 0x0) poll(&(0x7f0000000040), 0x0, 0xffff) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = eventfd2(0x0, 0x0) read(r2, &(0x7f0000000040)=""/204, 0xcc) io_setup(0xa3c, &(0x7f0000001a00)=0x0) io_submit(r3, 0x1, &(0x7f0000329fd8)=[&(0x7f00002a8000)={0x0, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000042000), 0x0, 0x0, 0x0, 0x1, r2}]) [ 590.088196] binder: undelivered TRANSACTION_ERROR: 29189 [ 590.098395] binder: send failed reply for transaction 79 to 10719:10720 [ 590.113410] kvm [10752]: vcpu0, guest rIP: 0xfff0 Hyper-V uhandled wrmsr: 0x4000006e data 0x0 [ 590.129418] binder: undelivered TRANSACTION_COMPLETE 03:34:16 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0xa], 0x1}}, 0x1c) 03:34:16 executing program 0: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xff070000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) 03:34:16 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0x0, 0x151], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:34:16 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:34:16 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001, [0xfdffffff]}, 0x10) [ 590.134608] binder: undelivered TRANSACTION_ERROR: 29189 03:34:16 executing program 2: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000640)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000600)={"00ac730000000000ec973f820f7c4000", 0xc201}) ioctl$TUNSETLINK(r0, 0x400454cd, 0x7) close(r0) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='\x00', 0xffffffffffffff9c}, 0x10) ioctl$LOOP_SET_FD(r1, 0x4c00, r0) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f0000000080)={{0xfffffffffffff012, 0xfffffffffffffff7}, 'port0\x00', 0x8, 0x20010, 0x10000, 0x7, 0x1, 0x0, 0x0, 0x0, 0x4, 0x8}) 03:34:17 executing program 7: syz_mount_image$vfat(&(0x7f00000000c0)='vfat\x00', &(0x7f0000000080)="2e2f66696c65302f662e2e2e30f0ff00", 0x0, 0x0, &(0x7f0000000200), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='codepage=860']) syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f00000004c0)='./file0\x00', 0xe000, 0x1, &(0x7f0000000040)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020401000200027000f8", 0x16}], 0x0, &(0x7f0000000240)=ANY=[]) creat(&(0x7f0000000140)="2e2f66696c65302f2e2e2e2e30f0ff00", 0x0) creat(&(0x7f0000000100)="2e2f66696c65302f662e2e2e30f0ff00", 0x0) mount$9p_rdma(&(0x7f0000000180)='127.0.0.1\x00', &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='9p\x00', 0x80000, &(0x7f0000000280)={'trans=rdma,', {'port', 0x3d, 0x4e21}, 0x2c, {[{@sq={'sq', 0x3d, 0x101}, 0x2c}, {@sq={'sq', 0x3d, 0x9}, 0x2c}, {@sq={'sq', 0x3d, 0xff}, 0x2c}, {@timeout={'timeout', 0x3d}, 0x2c}, {@timeout={'timeout', 0x3d}, 0x2c}]}}) 03:34:17 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0x3580], 0x1}}, 0x1c) 03:34:17 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0x0, 0xf5ffffff00000000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:34:17 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001, [0x2e2]}, 0x10) 03:34:17 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:34:17 executing program 0: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xf0ffffff00000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) 03:34:17 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0x100000000000000], 0x1}}, 0x1c) 03:34:17 executing program 2: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)={0x5, 0xc, 0x4000000000000800, 0x1}, 0x2c) uname(&(0x7f0000000340)=""/245) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) r2 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x8000, 0x0) r3 = syz_genetlink_get_family_id$team(&(0x7f0000000480)='team\x00') getsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, &(0x7f0000000540)={{{@in=@rand_addr, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast1}, 0x0, @in6=@mcast1}}, &(0x7f00000004c0)=0xe8) getpeername$packet(0xffffffffffffffff, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @link_local}, &(0x7f0000000680)=0x14) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffff9c, 0x8933, &(0x7f00000006c0)={'vcan0\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000740)={'bond0\x00', 0x0}) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000780)={{{@in6=@mcast2, @in6=@ipv4={[], [], @dev}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@broadcast}, 0x0, @in=@broadcast}}, &(0x7f0000000880)=0xe8) getsockname$packet(r1, &(0x7f0000000900)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @local}, &(0x7f0000000940)=0x14) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000980)={'lo\x00', 0x0}) getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x20, &(0x7f00000009c0)={@rand_addr, @empty, 0x0}, &(0x7f0000000a00)=0xc) sendmsg$TEAM_CMD_PORT_LIST_GET(r2, &(0x7f0000000c80)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x808000}, 0xc, &(0x7f0000000c40)={&(0x7f0000000a40)={0x1e8, r3, 0x100, 0x70bd27, 0x25dfdbfb, {0x3}, [{{0x8, 0x1, r4}, {0xbc, 0x2, [{0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8, 0x3, 0xb}, {0x8, 0x4, 0x8}}, {0x8, 0x6, r5}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24, 0x1, 'user_linkup_enabled\x00'}, {0x8, 0x3, 0x6}, {0x4, 0x4}}, {0x8, 0x6, r6}}}, {0x3c, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x8, 0x3, 0x5}, {0xc, 0x4, 'random\x00'}}}]}}, {{0x8, 0x1, r7}, {0x3c, 0x2, [{0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4}}}]}}, {{0x8, 0x1, r8}, {0x40, 0x2, [{0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8, 0x3, 0x6}, {0x4, 0x4}}, {0x8, 0x6, r9}}}]}}, {{0x8, 0x1, r10}, {0x7c, 0x2, [{0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8, 0x3, 0x6}, {0x4, 0x4}}, {0x8, 0x6, r11}}}, {0x3c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x8, 0x3, 0x5}, {0xc, 0x4, 'hash\x00'}}}]}}]}, 0x1e8}, 0x1, 0x0, 0x0, 0x4840}, 0x0) open(&(0x7f00000000c0)='\x00', 0x40, 0x2) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r12 = open(&(0x7f0000000500)='./file0\x00', 0x103000, 0x11) getsockopt$inet_mreqn(r12, 0x0, 0x24, &(0x7f0000000040)={@empty, @remote}, &(0x7f0000000080)=0xc) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r0, &(0x7f0000000040), &(0x7f00000000c0)}, 0x20) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000100)={r0, &(0x7f0000000040), &(0x7f0000001180)=""/4096}, 0x18) setsockopt$inet6_tcp_TCP_ULP(r12, 0x6, 0x1f, &(0x7f0000000240)='tls\x00', 0x4) ioctl$EVIOCGMASK(r12, 0x80104592, &(0x7f0000000300)={0x17, 0x3f, &(0x7f00000002c0)="768993e3de54a4ea6eb51e1b1a015e7cb9cea8c2ecb031c786e7196316e7a68598906395ae8b75585f00060d434ec489efa2dd9253d95c986f49691c1944b7"}) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={r12, &(0x7f0000002180)="6e76afa40bdd9a4c1c2e74188e18f7b5c740131a104c2c50edb86c8e402868d666ade97316b3c75633b6cab1ef08cba10e57713ff6ae82dee32b4704b0cec559be509b68b6e1bb378f10f2df14572d7ea8f3dfc578b1f8c2b69c0a4463d908fef2e00bbcddd7b4e6eb57ec9b661f22f0858cc96d74d068211278cc118f41878a68512d9450e6d3322494217abe8ebf840451318595f836e23140afbb7aef5e7e8e6576c77b3a5abe1dcfaa8effc6abe1094e2d0f2763d3e22fdbf243b6aab54fcdeb630c3761b5615e438811292e3446cb7c5199ac966b3ba4644e1ab026fe128d9483e5913b27ec90f4f80d28388bbb74afdaa546305bcc43ac98bbf3cf8a84b100385a67e05466334ceedd139c8f07b3cb800ba076b62de44b3ed2298fe98c3b99ed4dab10c9e119cffa6705a566ab31bd2dda2998eb34645778fe34244385e61c82dcb973f9d6f6c91cbe629dd34f451408e742737137fde462ae388670a7345b99a55a621940fa703d49c68b3b493cc48884314290ae1d316c99046ac7d2da0739e378ca9040f8a6ad71e0befec49515b9047ed6cbcdc634f3a067802a274a5457b7809b3105d69bb74c24696c2ccf137049ea1c54995e57f1fb4f8d008cd9f1e44dfef32e2ca18bc72cafd5b307371cc78574cd6d869e02b5602e0c689019cf5892511e377628b9cc60497e601cf661b322e88ec1ecf0a0adfee1ce9aab8234249f70ab57928f8fa149d68921450c0ef50cb9772d5630f2806e4258862ca94ff449ca8c3e1cbdbb619e67a40d2f24e1eca9a2af05f6e19a251d18c5fea8a9e588a7e63f22b43429bfcfcc02f126b693d9842406457012fce9156be08141c5f4b914c4dcc08e6572fcf1c6303b37e84775a9f287b307f967ff7e722e62a2f725379f37f899c364e8e35ba2cf0cd52a4c462f92fba8746c3fab5d40a618bd15317d6fe6390e5adeb81308f894fed31b2919cf69795ee7a2e0e01a262c685e0cdbcf4e209f0340f14af3571b717d8519a25f581e671540a46d9c566d37601c5864b1176b4700911abf7d73eeee916de24a55ed8a880169b6d775474fa7fcef826d292e5d424cdebc9b2facc58cafa4f9af434b03448e876d81d258f38cd9ef31701a2d6e6fd88b9ab804aa9c769f51a8fbe8a1df35c8e3810bd512c465b69ac3a8c67de4c99b96eadaa74d56a3807358838bcfd7420c6561cce5b39f5686a226eeee4064786c79bd01d9fcb2fae7350d46ff598b7b0aa4daa4452580b0bc76d1d69521b9bc68ccd7f3cf0523d9d9945f24006137232cfe1adce61780e654f2f1ac2900a38bd29e3d88fe0dfb13f55dd21d18bfe358710c3e40664c8e683c322eb4cf743182ba5958e02aa6a66176a523955f0191b04d20725ee4f7c2e244588c5386d722aea80de752df7d156bfcf631116930ee3715c6c50d60e4f31916dcc13902d589bc8dd7056e239ab1bcd3cc03f2b6144bb1dcaa36ad967f3ac5198995ddfd413f32702f1235ae822ea793100bf8f58efadbf5768e501933b70507b921018d3abf16abf09c4d6c1e902581acfc77caaf0ba5b58c3798d8891cf14f02a77c23fc7a2fd59bf50216bb3cc09c93b01cfba7b891cf9d6c3d701c5538279184028fc9e6ca97c75f3b42acca8ddfe158bd7f37d0bfb24a66fd11e7ca22818379e8cbe7a15ad76027daacb319710c0b85cb304d07e9fbe59b279e69ed7c55bb528b32dd9ca3e6d77e3a312d7cc9a02579a35dc1fbe48ab3c1575e9dd509046dcb5a3497f92a74b10956b986c6ceb76ea4d28318d3ca22154d92af1f242d291127ae815069fc92f37ed9155879f2ec3106da096b4fe8a32fb8e5894ac61a1ae0a8d341d7b34ef2cef52a05b2f1b84a332bf4361ba95472159daf8c1bba8fc3eb75bc1061d6fa6c10360bc407214872e90476ee18c3c08062c81295bcc68d15041926a627f15884722866459d15cc9549b2ebc8264008b6421dc75b0a4715afcd04cb496a17901d695670e70d92f58acf8c6da36fffaead18d3354e07128028a3891f3b64016c559d240e4b678b4a96d90705b7a229aec0392d0c8d4b09a01332f9740b94c57362b9e675235164d5b2620252e4be58a647c07bc460b2dd394071fc0fc4177d64b162a7905c8276af9d6392cbbc6cba26288e8eef6d3a6d1bc0a91acdd326a3a568609e4ba0ab321a8bfb2f406e64a8db09d034e526a4c1b6241be5d54f3bee0941fb0fe38b2fac3dbf3d7607d4d288006f642cda21c7943510d686b1cc58c952615a677c2da186b685f4fddeecff99ebc1321e96f0b82137253423064c78d4509785d0ecac46789a5a18f6d03af1d9ce03bb1fbee57f622f552b27af2d0758b038c978cb4989b1da25bbc6f95a43450c07abb96fa49f129aaeabd01aa76286aa9f4a664054df2c942d241a54ce4609b7f98c36fd976759da4d3d562a0132d2fe4ab53b43c7ca0ca634c44ef51bc3269411cef65691798a8b663664921cca88f06ea7fcbe712a40bd1a982f7c4795d630af175fb97727a4f732174c5db25ec7928750683aa387ab792646744b1ada0f9f8a04873db58e2787d5dd86621d0a078fb2870b6512a26d61dc9ebe43964a1f78bd02536e806038b0ab8a98ab9fcefdfcb278bae661e8964ca4b5a90ac99f23ec67afed179c51cfafc8ada37e2e56fc2bdf3f0c34ef6aaa0e692b0e2c719b617780506b59367360937b02eb38a8ee40cc9cf8e52471d637ac6381205dcad65bcbc5d67804e6031974c69a77d75b303eb21c3eb77e77c5e78584b221bf326a23060c675dfbfc1a6d4198474bc07cc09f8e2921f37b9bad34ee23ff291e50413a8841677d974e0ee0bc7438909860335444fe673ede63246e145af3a307011b79360842dc4ac583ab6860a4b76ae048012ccdd426ab2102713ad1391c0300dc0c88cbb45cf686ad28bfac20ba80e0e04e71587079ab8e1964d9ead8306b2076b04f4f2d4c6c18f0dbaed3d8ad835a13afd1db6493aff0f610d6143d5654185af4268b40682820ce0357f5be827c306d458c4c05fa8ec2ce6b5aabf7ed11e3d73105fc132532d8b021ce294f005e675fa5a2739033f789e2b020d0f10abf0a30efaf31c9d306ec050c4883ea32ecb59429bd252c53a5a56dba9e69c37964d6f41cffe53bd5a83699fd0db9a7b86d3807bbbb8cdd53094275b5c75a8f1886b2568ea24948e0d8fbfddd8a194aae5625a8f27351b933c621ffe906773a32eadca53f5cf0b8d7e27d76be1cc02b0d4b6a88c618816f82302af218d88d7bf986b1eafffbb804d1bd137addbe7827631d35d2da563d07f824c192535c84fb15d64406755f3f4fc70a2418a5ca104e6a4c35a9661ff64cebbd9658adf6460255f41930435ee93b1e0ad695ed42ed609a08b3dfec7b76f47a0bb0cc47299d6a0a9d563f0ccf90d342af1cea564138315a0b1ceb66e48d077937d54512fd6ce89296a987d862a5c6feb357c2925bab699ca98d072da128ecaf34ef8351b0fd2cf4fc8cd880906c1343eff7751d824c0d42a8bad31ffb3ff26fc413e0a76738c8d42909997e3b0bf736897da30830ca45c7c074f2222b9b2f6d51af33aa400b39a8792c8174b84ac9be1aca3a74afa1ef128d1b1b575c9ba7364ea865fc42cee1ea40b68d8ed37fde6b7f4b9734b11fd83c75465079291cac7f6d6b476801bea146b45f705a1cbeba9e4633a14fc79514937609984a73c67e2e2b2f922d00bdb4566c67aedf6f61d297b14041c00e9afe6c363c1b5c11320fe63f0d48d0bf7c09639be4bf67b830d2eb00b8d88cf34958eaea7ea4b06540097ed1c980c4401a689c7b81cd3ab512d9739127b1f4e5d61a6bedaa5858b3c73876efa96898a69801bdb403822db9e29114d002f2da476f80a8246ad164cc9666a106be62d0c87a391f267fecd81b0e6525477534afd1b638263c89ae3cf2cc3eeebf6c2dc3d821d405d2f164a254f56e365a56bb7b2d2b3e265d0e563e9ae59d6f648885d9dd731a54e882371a3d9770506ce7a672b6ea874f234771481bb0d3e8adf4005f8e40375eeeccd5f3c371fc857b6a48d1824b6df76c5d51e3acd6f181c0461ca7c602c7ff6f1b49f53b2b9e61aca1edaeed2bcbffc0f42dc761dfe403c1a3591a4e8993851e203c16151504cdf9b9ea0749e7df27996ebf15a5bf29f6ac930c3511ee5f2f2ef1f304f0b40714a2e96e4bd48f84b4d224e8ec3102fd960ae9d5a83be82c0f851deeb741eee5434d8497aa850633097194f0fda4ad5d9cc59c491c78b1791dff6476a0f5a0d816bef014a408fad5443b11e5d06623879cfa8d87321cb948cfcfc36111e1b8caf14682fe896e41be7e92da1f05cb40a5a225dda86b79591f3bb2368ee6aaad298d66d9a60725eab6c30ebba1325a2f0735634d8f0dab7ebeb158bcc6ad5312e75d6550fc3029d408f8d3e1ee018ef2df4d34ae1589dcbcf3e624edd10a2d76940b4cfabacc49b614551a8a73a690e261ec0a129e307dcf160cb54e8300473f4a634e59d80a3927c609cb6e996532c19571384021ebc5ea2d948709c9dcd3605e6f294de2d3cb2582d538c73c67ca6fe3334334176e0988e5f11c8104584e049aafd74caae3433955624ca07affea51d52551965456268f6acfee30fca92e76985e559d293d65d09b639ca415dce1fe1fa9df3fb454be719750c6084c9be23f9718c4ac816d0936253579281c14d91a2fb99bae1aa5226fff73821507d8e85c5575a518b7efdbf90244a5849b5b7c114f2f4bc9a96e825e0adc42fb94bd40bf544eaa98fc61c3e4a5fa3a07f8b9799201a7c99313d552fed9dae9378442f6fd283aa4f02a43b41be251f47b2b6befcbe5f893d1d49840630afdd751a5b03e0133ced4b085541a051e395327979eb11a27f7574eb8664b7186b5d5a1615cd72e4610dc8112a43732e299f1d9ed75b2c5e21fb546f5a9d69225f1f182bc779269d08fd430e30499d588a6e64a48653732075b533066f86dd7bf738288b69014ee1ecede3c9d9d3d06b7033dae46a269576d44f161d33a2cc5ffca5590a80691e913c1934d8b88e343266974aff57d9de0d6a1019a54bc553545aa5367df5e03bf5e7c3e3259a0ab557970087312ab8645f81a12ee3430a1541701a91c2590fc55270e1f5f6db26957a345ed27ccfae1c85c4fdb32cb181a0cb375be9c18da7244844829c71c8217107c6bb4083d4f839ca04e184d5ca49dd45695888361d61918584cd239d9fa83f62619b9798400e04537971b64be30d2d8b677f61ad4ebb198778d48547fe13a536a5996c4a2f04fb77c7bbff20bef602b190787c2e31beb47d12e1a70133e60ebe83f7c64294d5af455dba1726161d3b0e13df5694a8fa4819556b42b3ba01f33e08ae21ceee951aa60570f002863886b9a3e0c078a1a02c7c79792d4359e60ae9b389191f77375741c56f6aabb9411c93442ea780844813790adedac7d97f6aa98914bce67cab0d9e4af129389802f162568a1041c41221ea34db83b2c9a003cb8b3a5bef8068f1bfe064ed3b42c2300a76a4e3ac3af3a78e021fb5d9fd54f40422d9edbb1f2f4a1fe1ff7436c3ef21784ff80bce125abd8114566d03c379e9f19fc1924dfdee76947a3157ba85b598dd269154d37c5bf3494e23017c5811478d3f17eeed34e7db33f40205c2ad1df132e53911a0799ed77f1216bea35c00a427d0e82b22ed2e6d13f65ffee0853a26ae8bf912215674f8dc32a8b27c67b66f1e935658c08fba9cc79eda56d918612a5e8b62c4479c61898ba3dd922a460966b05", &(0x7f00000001c0)=""/23}, 0x18) 03:34:17 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0x0, 0x200000000000000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:34:17 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x1) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f00000000c0)={0x26, 'aead\x00', 0x0, 0x0, 'gcm(camellia)\x00'}, 0x58) r2 = memfd_create(&(0x7f0000000080)='self-bdevvboxnet1GPL\x00', 0x1) setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX(r2, 0x84, 0x6e, &(0x7f0000000040)=[@in={0x2, 0x4e24}, @in6={0xa, 0x4e20, 0x7, @dev={0xfe, 0x80, [], 0x19}, 0x1ff}, @in={0x2, 0x4e24, @multicast2=0xe0000002}], 0x3c) getsockopt$inet_dccp_buf(r2, 0x21, 0x0, &(0x7f00000002c0)=""/255, &(0x7f0000000200)=0xff) preadv(r1, &(0x7f0000000000)=[{&(0x7f0000000140)=""/138, 0xffffffffffffff12}], 0x1000000000000025, 0x1) 03:34:17 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001, [0x2]}, 0x10) 03:34:17 executing program 0: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xff07000000000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) 03:34:17 executing program 7: r0 = syz_open_dev$sndctrl(&(0x7f0000006000)='/dev/snd/controlC#\x00', 0x2, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc4c85513, &(0x7f0000000040)={{0x13e, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', &(0x7f0000000240)}) 03:34:17 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:34:17 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0x88caffff], 0x1}}, 0x1c) 03:34:17 executing program 2: socket$inet_udplite(0x2, 0x2, 0x88) r0 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x7, 0x129802) ioctl$KVM_SET_CPUID(r0, 0x4008ae8a, &(0x7f0000000180)={0x4, 0x0, [{0x80000001, 0x34d1736b, 0x9, 0x0, 0x1}, {0x6, 0x5, 0x7, 0x6, 0x7}, {0xc0000000, 0x1c, 0x6, 0xda4d, 0x1}, {0x0, 0x80000001, 0x5, 0x800, 0x9}]}) r1 = creat(&(0x7f0000000000)='./file0\x00', 0x84) getsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, &(0x7f0000000200)={{{@in=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@local}, 0x0, @in6=@remote}}, &(0x7f0000000300)=0xe8) ioctl$HCIINQUIRY(r1, 0x800448f0, &(0x7f0000000340)={r2, 0x2, 0x5, 0x5, 0x100000001, 0x3, 0xfffffffffffeffff}) accept(r1, &(0x7f0000000040)=@can, &(0x7f00000000c0)=0x80) clock_gettime(0x3, &(0x7f0000000100)) 03:34:17 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0x0, 0x8b000000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:34:17 executing program 7: ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup\x00', 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f0000000180)='memory.high\x00', 0x2, 0x0) write$cgroup_int(r1, &(0x7f0000000000), 0x1) 03:34:17 executing program 0: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x18ce8, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) 03:34:17 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0x0, 0x51010000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:34:17 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001, [0x40030000000000]}, 0x10) 03:34:17 executing program 2: r0 = socket$inet6(0xa, 0x3, 0x3) ioctl(r0, 0x8912, &(0x7f0000000000)="025cc83d6d345f8f762070") r1 = syz_open_dev$loop(&(0x7f0000000100)='/dev/loop#\x00', 0x0, 0x82) r2 = memfd_create(&(0x7f0000614000)="74086e750000000000000000008c00", 0x0) fadvise64(r1, 0x0, 0x0, 0x1) fcntl$getownex(r2, 0x10, &(0x7f00000000c0)) pwritev(r2, &(0x7f00000001c0)=[{&(0x7f0000000140)="aa", 0x1}], 0x0, 0x10081006) ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r2) sendfile(r1, r1, &(0x7f0000000080), 0x102000004) getdents64(r2, &(0x7f0000000200)=""/233, 0xe9) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000180)='IPVS\x00') sendmsg$IPVS_CMD_GET_CONFIG(r2, &(0x7f0000000380)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000008}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x2c, r3, 0x321, 0x70bd2b, 0x25dfdbfd, {0xd}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x8}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0xfffffffffffffffb}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x3}]}, 0x2c}, 0x1, 0x0, 0x0, 0xc091}, 0x0) 03:34:17 executing program 1: r0 = socket$packet(0x11, 0x2000000000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x4006, 0x4) sendto$inet6(r0, &(0x7f0000000180)="040105000500000000000000ffb25bc202938207d903378c", 0x18, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x800000000000d, @mcast2={0xff, 0x2, [0x0, 0x0, 0x0, 0x0, 0x88480000], 0x1}}, 0x1c) [ 591.244087] BUG: unable to handle kernel NULL pointer dereference at 0000000000000000 [ 591.252105] PGD 1ad13a067 P4D 1ad13a067 PUD 1b5cd1067 PMD 0 [ 591.257940] Oops: 0010 [#1] SMP KASAN [ 591.261749] CPU: 1 PID: 10881 Comm: syz-executor7 Not tainted 4.18.0-rc4-next-20180713+ #7 [ 591.270250] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 591.279606] RIP: 0010: (null) [ 591.283483] Code: Bad RIP value. [ 591.286861] RSP: 0018:ffff88016685ef08 EFLAGS: 00010246 03:34:18 executing program 6: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000900)='9pq', 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@cache_mmap='cache=mmap', 0x2c}, {@afid={'afid', 0x3d}, 0x2c}]}}) 03:34:18 executing program 0: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xffffff8c, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) [ 591.292262] RAX: 0000000000000000 RBX: dffffc0000000000 RCX: ffffc90013346000 [ 591.299537] RDX: 1ffff100332c36a6 RSI: ffff88016685f188 RDI: ffff88019961b530 [ 591.306832] RBP: ffff88016685f0f8 R08: ffff8801a07266c0 R09: ffffed003ae3a1f0 [ 591.314102] R10: ffffed003ae3a1f0 R11: ffff8801d71d0f87 R12: ffff88016685f188 [ 591.321383] R13: ffff88019961b530 R14: ffff88019961b558 R15: 0000000000000080 [ 591.328663] FS: 00007ff3c8014700(0000) GS:ffff8801daf00000(0000) knlGS:0000000000000000 [ 591.336896] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 591.342780] CR2: ffffffffffffffd6 CR3: 0000000194ec2000 CR4: 00000000001406e0 [ 591.350055] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 591.357329] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 591.364597] Call Trace: [ 591.367190] ? do_shrink_slab+0x148/0xc50 [ 591.371348] ? node_tag_get.constprop.17+0xa0/0xa0 [ 591.376288] ? snapshot_refaults+0x290/0x290 [ 591.380704] ? inactive_list_is_low+0x2f9/0x850 [ 591.385384] ? shrink_slab+0x1f3/0xa60 [ 591.389281] ? downgrade_write+0x2b0/0x2b0 03:34:18 executing program 5: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x18ce8, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) 03:34:18 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0x0, 0xff000000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) 03:34:18 executing program 0: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0xc0ed0000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) 03:34:18 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001, [0x400000000000000]}, 0x10) [ 591.393526] ? rcu_note_context_switch+0x730/0x730 [ 591.398465] ? check_same_owner+0x340/0x340 [ 591.402798] ? radix_tree_lookup+0x21/0x30 [ 591.407039] shrink_slab+0x861/0xa60 [ 591.410765] ? unregister_memcg_shrinker.isra.39+0x50/0x50 [ 591.416396] ? __sched_text_start+0x8/0x8 [ 591.420552] ? plist_check_list+0xa0/0xa0 [ 591.424709] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 591.430250] ? ring_buffer_record_is_on+0xe1/0x130 [ 591.435181] ? ring_buffer_nest_end+0xb0/0xb0 [ 591.439690] ? plist_check_list+0xa0/0xa0 03:34:18 executing program 5: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x18ce8, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) 03:34:18 executing program 3: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={[0x0, 0x0, 0x0, 0x3f000000], [0xff, 0xff], @broadcast=0xffffffff}}, 0x20) [ 591.443843] shrink_node+0x429/0x16a0 [ 591.447654] ? shrink_node_memcg+0x18f0/0x18f0 [ 591.452237] ? kvm_clock_read+0x25/0x30 [ 591.456219] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 591.461239] ? ktime_get_raw_ts64+0x4f0/0x4f0 [ 591.465736] ? kasan_check_write+0x14/0x20 [ 591.469977] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 591.474996] do_try_to_free_pages+0x3e7/0x1290 [ 591.479584] ? shrink_node+0x16a0/0x16a0 [ 591.483648] ? check_same_owner+0x340/0x340 [ 591.487972] ? trace_hardirqs_on+0x10/0x10 03:34:18 executing program 4: r0 = socket(0x2, 0x3, 0x40000000000000ff) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='erspan0\x00', 0x363) sendto$inet(r0, &(0x7f00000002c0), 0x2e2, 0x0, &(0x7f0000000040)={0x2, 0x0, @loopback=0x7f000001, [0x900]}, 0x10) 03:34:18 executing program 0: pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c}) write$P9_RREADDIR(r1, &(0x7f0000000480)={0x2a, 0x29, 0x1, {0x0, [{{}, 0x0, 0x0, 0x7, './file0'}]}}, 0x2a) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) mount$9p_fd(0x1000000000, &(0x7f0000000000)='./file0\x00', &(0x7f0000000900)='9p\x00', 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@fscache='fscache', 0x2c}]}}) [ 591.492209] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 591.497748] ? _parse_integer+0x13b/0x190 [ 591.501905] try_to_free_mem_cgroup_pages+0x49d/0xc90 [ 591.507102] ? pointer_string+0x1b0/0x1b0 [ 591.511263] ? try_to_free_pages+0xb80/0xb80 [ 591.515687] ? memparse+0x171/0x1d0 [ 591.519314] ? get_options+0x380/0x380 [ 591.523204] ? kasan_kmalloc+0xc4/0xe0 [ 591.527088] ? __kmalloc+0x14e/0x760 [ 591.530800] ? kernfs_fop_write+0x33d/0x480 [ 591.535118] ? __vfs_write+0x117/0x9d0 [ 591.538987] ? vfs_write+0x1fc/0x560 [ 591.542680] ? ksys_write+0x101/0x260 [ 591.546471] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 591.551998] ? page_counter_memparse+0xb5/0x1e0 [ 591.556651] ? page_counter_set_low+0x180/0x180 [ 591.561303] ? cgroup_control+0x180/0x180 [ 591.565465] memory_high_write+0x283/0x310 [ 591.569709] ? mem_cgroup_css_released+0x140/0x140 [ 591.574621] ? lock_acquire+0x1e4/0x540 [ 591.578574] ? __might_fault+0x12b/0x1e0 [ 591.582620] cgroup_file_write+0x31f/0x840 [ 591.586853] ? mem_cgroup_css_released+0x140/0x140 [ 591.591762] ? cgroup_migrate_add_task+0xcd0/0xcd0 [ 591.596674] ? cgroup_migrate_add_task+0xcd0/0xcd0 [ 591.601592] kernfs_fop_write+0x2ba/0x480 [ 591.605730] __vfs_write+0x117/0x9d0 [ 591.609427] ? kernfs_fop_open+0x1020/0x1020 [ 591.613814] ? kernel_read+0x120/0x120 [ 591.617690] ? lock_release+0xa30/0xa30 [ 591.621641] ? check_same_owner+0x340/0x340 [ 591.625949] ? rcu_note_context_switch+0x730/0x730 [ 591.630861] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 591.636378] ? __sb_start_write+0x17f/0x300 [ 591.640681] vfs_write+0x1fc/0x560 [ 591.644204] ksys_write+0x101/0x260 [ 591.647809] ? __ia32_sys_read+0xb0/0xb0 [ 591.651861] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 591.657380] __x64_sys_write+0x73/0xb0 [ 591.661248] do_syscall_64+0x1b9/0x820 [ 591.665124] ? finish_task_switch+0x1d3/0x870 [ 591.669601] ? syscall_return_slowpath+0x5e0/0x5e0 [ 591.674520] ? syscall_return_slowpath+0x31d/0x5e0 [ 591.679440] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 591.684442] ? prepare_exit_to_usermode+0x291/0x3b0 [ 591.689439] ? perf_trace_sys_enter+0xb10/0xb10 [ 591.694098] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 591.698925] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 591.704094] RIP: 0033:0x455ab9 [ 591.707258] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 591.726398] RSP: 002b:00007ff3c8013c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 591.734097] RAX: ffffffffffffffda RBX: 00007ff3c80146d4 RCX: 0000000000455ab9 [ 591.741347] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000014 [ 591.748593] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 591.755842] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 591.763096] R13: 00000000004c2c77 R14: 00000000004d4c80 R15: 0000000000000000 [ 591.770348] Modules linked in: [ 591.773523] Dumping ftrace buffer: [ 591.777044] (ftrace buffer empty) [ 591.780736] CR2: 0000000000000000 [ 591.784393] ---[ end trace fd64df809e94d21f ]--- [ 591.789179] RIP: 0010: (null) [ 591.793086] Code: Bad RIP value. [ 591.796482] RSP: 0018:ffff88016685ef08 EFLAGS: 00010246 [ 591.801871] RAX: 0000000000000000 RBX: dffffc0000000000 RCX: ffffc90013346000 [ 591.809160] RDX: 1ffff100332c36a6 RSI: ffff88016685f188 RDI: ffff88019961b530 [ 591.816441] RBP: ffff88016685f0f8 R08: ffff8801a07266c0 R09: ffffed003ae3a1f0 [ 591.823720] R10: ffffed003ae3a1f0 R11: ffff8801d71d0f87 R12: ffff88016685f188 [ 591.831011] R13: ffff88019961b530 R14: ffff88019961b558 R15: 0000000000000080 [ 591.838308] FS: 00007ff3c8014700(0000) GS:ffff8801daf00000(0000) knlGS:0000000000000000 [ 591.846544] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 591.852444] CR2: ffffffffffffffd6 CR3: 0000000194ec2000 CR4: 00000000001406e0 [ 591.859732] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 591.867034] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 591.874324] Kernel panic - not syncing: Fatal exception [ 591.880212] Dumping ftrace buffer: [ 591.883744] (ftrace buffer empty) [ 591.887431] Kernel Offset: disabled [ 591.891034] Rebooting in 86400 seconds..