ndmsg$IPSET_CMD_FLUSH(r5, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x2c, 0x4, 0x6, 0x3, 0x0, 0x0, {0xa, 0x0, 0x7}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20008004}, 0x4000010) lseek(r5, 0x840, 0x0) 22:50:53 executing program 2: socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) 22:50:53 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e000000"], 0x3}}, 0x0) write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r2, 0x0, r4, 0x0, 0x4ffe2, 0x0) [ 2225.146688] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'. 22:50:53 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/meminfo\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan1\x00', 0x0}) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000280)={'wlan0\x00', 0x0}) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00') sendmsg$NL80211_CMD_JOIN_MESH(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)={0x28, r6, 0x83b796920fddda1f, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0xc, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_HWMP_PATH_TO_ROOT_TIMEOUT={0x8}]}]}, 0x28}}, 0x0) sendmsg$NL80211_CMD_SET_WIPHY_NETNS(r1, &(0x7f00000002c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000280)={&(0x7f0000000200)={0x4c, 0x0, 0x400, 0x70bd2b, 0x25dfdbfc, {{}, {@val={0x8, 0x1, 0x10}, @val={0x8, 0x3, r2}, @val={0xc, 0x99, {0x7ff, 0x37}}}}, [@NL80211_ATTR_WDEV={0xc, 0x99, {0x7ff, 0x1d}}, @NL80211_ATTR_WIPHY={0x8, 0x1, 0x3f}, @NL80211_ATTR_IFINDEX={0x8, 0x3, r5}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4}, 0x0) ioctl$KDGKBENT(0xffffffffffffffff, 0x4b46, &(0x7f00000003c0)={0x1, 0x3, 0x1}) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)) ptrace$cont(0x1f, r0, 0x0, 0x0) 22:50:54 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setuid(r3) ioctl$SIOCAX25ADDUID(0xffffffffffffffff, 0x89e1, &(0x7f0000000100)={0x3, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, r3}) r4 = creat(&(0x7f0000000000)='./file0\x00', 0x5a) read$FUSE(0xffffffffffffffff, &(0x7f0000000240)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_IOCTL(r4, &(0x7f0000000080)={0x20, 0x0, r5, {0x9, 0x4, 0x6, 0xb87}}, 0x20) r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r6, 0x840, 0x0) 22:50:54 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e000000"], 0x3}}, 0x0) write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r2, 0x0, r4, 0x0, 0x4ffe2, 0x0) 22:50:54 executing program 2: socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) 22:50:54 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r3, 0x840, 0x0) [ 2225.997442] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'. 22:50:54 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = getpid() r3 = socket$netlink(0x10, 0x3, 0x0) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) sendmsg$unix(r1, &(0x7f0000001440)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=[@cred={{0x1c, 0x1, 0x2, {r2, 0x0, r4}}}], 0x20}, 0x0) r5 = getuid() setsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000000)={r2, r5}, 0xc) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r6 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r6, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r7+30000000}, 0x0) r8 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r8, 0x840, 0x0) 22:50:54 executing program 2: socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x0, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) 22:50:54 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e000000"], 0x3}}, 0x0) write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r2, 0x0, r4, 0x0, 0x4ffe2, 0x0) [ 2226.833999] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.4'. 22:50:56 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) ptrace$cont(0x1f, r0, 0x0, 0x0) 22:50:56 executing program 2: socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x0, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) 22:50:56 executing program 0: getresgid(&(0x7f0000000000), &(0x7f0000000080), &(0x7f0000000100)) openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r3, 0x840, 0x0) 22:50:56 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280"], 0x3}}, 0x0) write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r2, 0x0, r4, 0x0, 0x4ffe2, 0x0) [ 2228.171021] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'. 22:50:56 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f0000000080)={0x0, 0x7}, &(0x7f0000000100)=0x8) openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r2 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r4 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dlm-control\x00', 0x400080, 0x0) linkat(r1, &(0x7f00000001c0)='./file0\x00', r4, &(0x7f0000000280)='./file0\x00', 0x400) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$inet6_tcp_TLS_TX(r2, 0x6, 0x1, &(0x7f0000000000)=@gcm_128={{0x303}, "c90a6ee545dcfe8c", "282b4379fb76be3b793864015f149b47", "2399b0a8", "33a7e12ad7b754ff"}, 0x28) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r3, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff, 0x0, 0xffffffffffffffff}, &(0x7f0000000200)={0x0, r5+30000000}, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(0xffffffffffffffff, 0xb, 0x0) 22:50:56 executing program 2: socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x0, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) 22:50:56 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$TCFLSH(r2, 0x540b, 0x1) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r3 = socket$inet_udplite(0x2, 0x2, 0x88) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) getsockopt$netrom_NETROM_T1(r4, 0x103, 0x1, &(0x7f0000000200), &(0x7f0000000000)=0x42) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)) ptrace$cont(0x1f, r0, 0x0, 0x0) ioctl$F2FS_IOC_GET_FEATURES(0xffffffffffffffff, 0x8004f50c, &(0x7f0000000080)) 22:50:56 executing program 2: socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) 22:50:56 executing program 2: socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) 22:50:56 executing program 2: socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) 22:50:56 executing program 2: socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, 0x0, 0x0) 22:50:56 executing program 2: socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, 0x0, 0x0) 22:50:59 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udplite(0x2, 0x2, 0x88) dup(r2) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) ptrace$cont(0x1f, r0, 0x0, 0x0) 22:50:59 executing program 2: socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, 0x0, 0x0) 22:50:59 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280"], 0x3}}, 0x0) write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r2, 0x0, r4, 0x0, 0x4ffe2, 0x0) 22:50:59 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x80000, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newlink={0x40, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x400}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @ipip6={{0xb, 0x1, 'ip6tnl\x00'}, {0x8, 0x2, 0x0, 0x1, [@IFLA_IPTUN_COLLECT_METADATA={0x4}]}}}, @IFLA_MASTER={0x8, 0x3}]}, 0x40}}, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x1, 0x803, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newlink={0x40, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4, 0x400}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @ipip6={{0xb, 0x1, 'ip6tnl\x00'}, {0x8, 0x2, 0x0, 0x1, [@IFLA_IPTUN_COLLECT_METADATA={0x4}]}}}, @IFLA_MASTER={0x8, 0x3, r4}]}, 0x40}}, 0x0) ioctl$sock_ipv6_tunnel_SIOCGET6RD(r0, 0x89f8, &(0x7f00000002c0)={'ip6tnl0\x00', &(0x7f0000000240)={'sit0\x00', 0x0, 0x2f, 0x3, 0x1f, 0x101, 0x20, @remote, @mcast1, 0x700, 0x700, 0x7, 0x81}}) sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r0, &(0x7f0000001500)={&(0x7f0000000000), 0xc, &(0x7f00000014c0)={&(0x7f0000001540)={0x119c, 0x0, 0x300, 0x70bd2c, 0x25dfdbfd, {}, [@ETHTOOL_A_PRIVFLAGS_HEADER={0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0x78, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_vlan\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_PRIVFLAGS_FLAGS={0x78, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_VALUE={0x71, 0x4, "9ee94c98a137b17d5ec8596525841914e6718c6df800faefa918206594fd928e83188ab5a3ec253a099eb9e75547c20e3098c7edeef57c6a7f740d9a00ebb652a5ff5be00608a33054f315aa0f87f0d3109406f99dfc18e558b3119ca9b86ffa860786f7461989729ffd2a3192"}]}, @ETHTOOL_A_PRIVFLAGS_FLAGS={0x1058, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_VALUE={0x1004, 0x4, "c18cbd91d13ebbb9f20f97a9222f282d1e70ef161d39ee70a8886be047022b0333671748c5d84a9cad7eb586207c68be3cb46fd51348e5c97d270be315a916bd7c0e6642cec8720ff7e46cb8adf1f79d3db8218b7bf0908db29e4697aeb7ab66c2dfde6ca90396124b5c909d1af4c39565c4980b9fb06985edaca0a96deddc755d59226e3bbf4897478da1da2a5c9a53ba2b1062f9fcd3c541a4e9e8be83fbfd2504ff9143d03d7a69fe15d23ccf675e884ecb71aa76a0b7e0a2834194a1b611dbdd7ce1a17a9eb1e8f5ab3d392bec0cc02bde38092d8019225e2dcf9ba02b4697eb526da4bd9c41cebebe4ebbde8e22f915a82ba1a43aef4332468afafbe72ab9e26d27f92ec226b5165b27664824c23ab3724caeacbb4d3b9dbf51d67978581d7f184ee63ca2c3b7331b18f9ae0d79c9ff266b3cfd35d952d7dff513056da572ba6c8e6b48bab6e33e037512c1c4a94301538ac23c8f0b6604abc7a1fa5583104e775b3b063939e1a80ca4adcc8bcbb85cf838608c52e98f80e3dd5c236aa1cd3873ec0d6d35d847144d43dd5eba76bc1a8c5e2201b58483873f92bd02376469575137107f3f4a3f6a2b607b1c6ed449a0b76dbcb9bb65a401020d998b1db826677137178c30f2c713c3cd1ba39c4fa8bc9af780a0449dafa64c0559f5730e6ae2a70b7cb79b1e026ff6ce064d1d890ef15178f2bed183b35a2cb74eb6ce383b197b3d283333be08cee7ea772036f0c872cac36fbc3df2bf7d034a1ce3b3a436484e723765fe604c967ec65979aacd4c332928d6d610b357bd2cb9141293662cdb9ccf24abf8bbe1d9cf260e9d770da39cecffb37948f0af646e5bb767018636019224c97ef6811afeaecdf6ca2773f3006495942a77e1c24d8954a7d8cfbe33cfa4be10ab2800674507045ac5e2a6563d0e8635f236b2ff53f763edf41c3685235c5b279510ac68f03fed84b49f741d8ae3cd27a10cf2e98602d918278330b3280c607153cc07c1359f1d025c21837cbf7311e881111d9e67bd31bbf818f9a9ca2bd6b6c9388c2a51807761f4482d3a7b45a0074f7ddcc2ec57b551024a428e0e8394492f383b82c92d6886b6145686068b25b4c8ea13608b0f7c8c2d3112ce45536c3e0d6e25e86aba3d7509f074cf148058a0b87f21be7966196685c042b89fa1cee57217de71160be798a3348d7bd5063d745e9b3bee2763ca22f5c731ef11c3e62d75a0fe070a8bd4a4dc293c39a84d41d184cb321eda4f84476f2345f20c4f4ad137ed2e14dd658303b55299be593be1bc46847bd8473a1b09c86b5461c2cb7acff0a919f102c80925b29d5f37d8ad1f97b6a177b114b7e1e7d937b0c395e61fd360daee9af52aafa6a3f33b8cac606cecc33c5c87a513fc406cfeeebbefab807e1d595831ecab9b8f756ed51335284dd76b4dbb136ae43d799959b1858bb25620479abd47ee4cd3d1bfd693e3457c404e0494dd3d85d6c6f4a46f3bbef83ea3b1e5bab22724592b1f287dd9ce683cd30c83aa1ecb34701432e8185a57761ffc0f3bd68190b5486c66830fcf330a17938cb7f6cb399dcd5a9d66dc70a7f6122f70a71ca309d511dbea59e690a3bad532a26b68607b0b55a8b758805f84871b85a6d0e518c99ca0a8fef13c6f781c342520e1ea45ec40967a95971b7e745a295f8cb4026654a76d48b881d50ff04ec27ff318e0587d5f5d80712638d361cafd769e8e38bb755fe2aeab0f4d2bb0272a7b494b429d3b234ad2887562260b316b711715c4a3a18faa6dc12312552bca76e073b4d059ab2950998fabacf4f870904fe3e817b6ab535768f2190e773c6858daf72d39834349c765fa55f089bcefa6ed931a0c5612dca2d8231527ebfa32092624c2025819e4551423382226a4fa3ff29c440fd56f4cacd2097a1652d59c17274c8d18996de86a9a6fb0c69dddb79f60c3c5f2789466065411b2bd6276321cc7f75bbb7d2e19529d081b6bb4d5f7261340109051cb3648cbb2a8cc507404dfbb3d25f1a4922fb6072ebf33f50e19ea199838c05c5bf8282e1ec92497547b979dbe27eff08db871903e80b2c520b434f0f59417e8630934015c9a63727baf0bcffa69c15696c5e4291dcf544037ff71fcb3367a567aa1a64d87da0f207f471227b79c919ceadcaab3362d787417f74446d01dcec15b7432754b2c0be4cda59028068460c9ca63343f422ac9d10c23872c3ad21bd4796ef96d09ed917c361c5c93b1cf7694fc25d9e3442103e3dba6b287437e1b3445c580e58a920d365ccc48165dea00233f538a256c622c9bde88f2376ee64a6088babc3c594544a9e35af7ed6557a22ffd6a2dfbf880ee7c5bb4d6ceacb20de2a1884471c686f53a1d11cb3396ea2e5c853c4b7ab4cb0223c69401eff714a78259da9c1c8a3d8e67ff26ac77d08e03f9fa2853c695fa3acb8e67aa0844dbcbf9c69e935be924105680f5e7d65b5ef593f3b9b2ec5addfae7f99734b29fe0828af3376ee31a5a3ecc5c6c2592de9e7b6697111c3be4a359837ba8a69fdbb902e643582563340c3c68c3da76385fb1754c21b9f5a39c83ff6cafca1c2eb73e40d628ac12e04e8f557af8379ed1777d6f56f7c34081e36b139caea18d74a875731723a6939a0657762fad5187263c13d7c75d955e0f90378605a7ed1c2bfe75a1ac7797bb7c3f7ada68033762ea64a86a8ea94f20b7924acf019989478b0771aeb50ca0435010206ce8ae64dafa91af0b26c7f79d67aae9ac99345c036878a6c09da9320e55f5ca1ed8bfdebc4d7d10ae156bc4740bcd51db6c1e9e866f3cc3079760017d6479525db0feaa2ea263ff59fa12183c9c7755d9e54da60927e7ebafc0ca3c846594262d6fecd95372d8918414b9a93e9ca24e4f4de54685bdca9efbd75ec03f3a05083aadff124665c7cbaa909fb4e963e3e6d15c1df7ca6ccd769ad95655bb513efff57b1bba9917977995d69b0dd630afa2cf8d796a345207f1d3eaf89e10c85cf28b93e3c1c845103a115ef3ce5ac9c77ecc8e27f19758430ad5333b900aa93b9c1c53ab381622af5f3e6b10abd6fea6094ce68b8b649dbc7f7ce3fca2bd29a423c7061df51cf95a7d05abdae58388721404478f61eb1e79ade350ec47dc27f9b72009667d73615278ca00f033587bb72165fc60b2152a34c77036d02701ce5112fbbec6168becc7dff204028dfc76e567cfb865d479db5471e1fa82568a03226c8ff6f619daa012154835fd16b638309749f403edc94a877f13deef56c6c9d930b54e7392bd564bce98f5ffb286d5353fd4c814a91b8a4192c4702f3310d388f33d515205ce25cac20a8e920842152e39e7ef13506d39f71a03880d09f0f08aee6f2cf99ffd12f083586bfb14daf56bb576063c8a60a4ff132055b618318fd504e78f699e29f60ab957f7ec3134a62c3b08cb1ec766ce61ef356718228c248efc83451e2a5cdc1a2cd674a73d24a194b8c075a7ab69c56ece9529526e8089e0e944b29916872832517441e54a566c5f80bdc7f782a872d7f4254197acb097f592896834c29c7ad39f561a86f0de9318211394470ea1925d7694fea446de0d9651507d1d40cf0b8a5f98a9f11fbe34eccf05c453fa815246d3b2f1670c6bab024e6f09d2bf3b465b36957fa26361931ab59dd4edf902fa195266f9f77c16002893f0d273434b7f8a9a8cd7886bcf872861d88bf85c2db5117983d4ca166dd63b5ca8d3c866c345ca7b2ebd324ca5933eda3b54727f5cc8b1eb5ab72b3b4fe0fea663751982f0286fa9a4c00aa07c1476a7600587330af66da492ad4da78273a622b72486b8dffe47f6c6d075ee533bc65e8afdaf527c63ceed16cf12b7068094204ca43770f07a00802c88f7ac374808ac786ba3316ecb320884b0d2f0f392097cd368ff0ea557d1165f35ec6dab57a0427815f4985f59f94f8252bd441a83b7e02731896407fc1063216fe428ce51219b99dfde095e49b86eaf84f0ce47b8eb0cd96c42c65cd4cb10d3a325bf8722cd674bcfbbe7ea6f0ecb6d65a7a432b2a6157363eb79e5c9d90c576886f4f3fc68f74c55a7ed1ea0f06c940f2e136ef2f3b857cfa4d2fc40ca5aaf80ea804e9e6e8550acc091b14bc4de591d13f9157fc4f428aee730d6a8964ae15a69b210851fd26f781f350d31bb3419d3f31a730407b3f9b30a5558d5b9773224b58fbcb1ac8d11ca75f3f1d6184b7fd4d966dfde2a368a839cad656ce7265912e3edad72360b27882e9815ef8e21d6e3a1283c0d4cf03be10acd27788489ff70e1069620cd1248f23066dc0647067e7858799139532387974050757985d0c42a90e1e6af3c7755cfdcf22a76caa58c74dd64b2af3b654d32f66631919a2db095ce473ba638a9d4d0efea3833c8f0516a50d5567cb457d07f925861bd0e64e5f45685384bd3b9aabb728c0c433f6d0bfcaf6501894db974699676f8a9ff8815862eec475ac1f97daaca262442137d4c168c552c51ecdd8e226cfcd80c815a5dfc81758c303461c816a8e92af0fafc43d8d780b2381910a5e2bb6bb497cb480ba23ec3a19b65e03ef20f380b6a4f3c4cfc3b2366f80d5560da313838bb524709b1207ff91eb8658bfd03f875175741de844d33cdab189a81410b1fc0859932e1e0831d3cb2b5adf5c31514c4951c17374c1764793d438536ceaa0f6424fc0dd7f367abb45897dd2037eabcb443679c9fd7e296627acf881b8d40cd6d2af7f62e842114acba5bb3d1f163643164991edd8285c2d944230c11d3df9442094928263ed7fb2cf7bf2d6cc418f2b15b0d91b7a2397109f02bfbeb331f79891ca761dcef247eb72224e7985373f4bfb118af0c065475a533679b65bf7026faf053e62071d51378f9b837ad4a0a576be6d8efc004a1b4273345a8c5b38f8eb304fc5265caccca7c1b3065664ccfda0ba403605739b5adb59453bdafe3c40b78d5c4febd367d8ac2d47d5e02216ce283fd99ac651dab35ffbd12e114722dd9a00b61399b47375eb9ed7d8712a07618507bb9b205d4faf6224465ae6000186de97d0d4f3ceddbd41526ca554facc29be67d707be1b1594689df8e2261bce450299b6ac1ae83c48f089986f7114a2555bcfb4bcddad0ac5d22f8ab9795dbbe8bddb6ee988fbe881ce2a7566bfe423abc9b890fc7a17eb76934801a46c5ac158d6c372cd1bb47831f20456781cac72649f053c234d5b953d62df288711a8fb9a4865adec845da4d8f1cdddc3b6c54a9a95ac3e0a45171472c902d5089b740a26c157a4abde3178ad9fffbecef6337409bd2f272074e1430ce53cad4a5cffcc3c8840a2d18e78526fd08778ed1687a09e94e8b5310144a8ca9dbaeb10c806e1d44ef0558f7a9e6923866341fdaf7bc5b58ca9b08a41172c7ea97d2fd236ace0b2baf1cc3c55544979b918825a4a0703823d839ba594b771042cc237b2b2f81e4fb5638c4792d013052644144191f65b5596781dd4845fcb7913a213307381d69e6da552d2cae5deee90fd8a6a15aaaef8321facd25e5a7220159262c8d3aa8529fe19897e7bb082a6cc1cc5e3b7db069c9d1d4d4cca89edee69aefce830e0a959373e74af0b8f7ce009189a559627df3eb091f78bb4aca9d27d43feaee0f4be9ecb2a4eb06e3286c73234f5bbd4ed03254c7220c025f1d8893c92bf6d72382b1c9b879544ff77392e7f078b16df842f1837a9cba391f3cfbcb306f12f390d9a004d9a1727481ea5d05a394e65f568bc6892bc7f418fc4a9aba6babdce48e864a0e5cc6ed6d6fde3c4405c737646f3a"}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_VALUE={0x4a, 0x4, "d488657cb0f99c377890c901d2164a827e4d9c6468f8f0e52997d83730107722588b4c3f5565c9ba78907d5b707fb8a846a7af35ba6294083301a853102e758707a17318d901"}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}, @ETHTOOL_A_PRIVFLAGS_FLAGS={0xc, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_NOMASK={0x4}]}]}, 0x119c}, 0x1, 0x0, 0x0, 0x8}, 0x4010000) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r6+30000000}, 0x0) r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r7, 0x840, 0x0) 22:50:59 executing program 2: socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) 22:50:59 executing program 1: r0 = syz_open_dev$sndpcmc(&(0x7f0000002a80)='/dev/snd/pcmC#D#c\x00', 0x1, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = getpid() r3 = socket$netlink(0x10, 0x3, 0x0) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) sendmsg$unix(r1, &(0x7f0000001440)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=[@cred={{0x1c, 0x1, 0x2, {r2, 0x0, r4}}}], 0x20}, 0x0) newfstatat(0xffffffffffffff9c, &(0x7f0000002ac0)='./file0\x00', &(0x7f0000002b00)={0x0, 0x0, 0x0, 0x0, 0x0}, 0x4000) sendmsg$unix(0xffffffffffffffff, &(0x7f0000002c40)={&(0x7f0000000380)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f00000000c0)=[{&(0x7f0000000400)="91438be3a54caa6de09f5800e51b9eb274c7f02c360e80d9a66a58e5844c018f171e9f8261bc3d3057ed077e03a2d959c326b1b44bf5fee9efacb2f00d9c2159d032363acb1d6b407eba84f287ecff6d5f1f4cb7da624c432bde22619a66ede494e23a0445d832c0ca8dae26cde505cca50fec3e83a438f2f48e36acf300921dc3ab7c143fd7410c617580fa15c778961970d02550fc2e587d222df382f7f6e8be2a2e001e7f06463b0b25a5a14a5b7855852394ee93ecb026edfb33810e1e97", 0xc0}, {&(0x7f00000004c0)="7de33ac560721b6c4a2bdd0fab7321fd1c258da19a15e6411b62d630785c079d4f397c1ad50439a7e6a8f77dccbe3ca4a8a5633fc4a3d3a06f92b4ba6ecc2886ca3a792614c113bcec3fca9c5037cce403782ef1a832cd07877368e6b35e550314fe8c4e9e790325214213b2ea4d53b89fea0e", 0x73}], 0x2, &(0x7f0000002b80)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r0, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {r2, r5, 0xee01}}}], 0xa8, 0x48005}, 0x24000840) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r6 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) r7 = socket$vsock_stream(0x28, 0x1, 0x0) vmsplice(r7, &(0x7f0000000300)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0x152}, {&(0x7f0000000000)="34afe712f1b9b4456c1e96b26a150b63720325ad5ccd3e688d5a005ef6bd5609aef20de7fa8493e02e76ab3c756ba3e2f33303129dae305cd7d0e07c191b3d2b0de2fe763aa1789588a5fdc4ec682e7383cb14ace13c23d2563f1e9f5dbac85c8e66e8bd3b990067ac5d"}, {&(0x7f0000000200)="18a9335d40658d0b88f85080b9a661172876fd1ce2217b6c19193c4dd3613bf141dea985c8f461b11f2e4c2d2dd9d0d18436fe0eb185c46f0cfdbb95dcac6c30efdb5b2073ccdc27fb829e57adf690bf6e0a9cf0d0c7211db9e8a2460256bf9887df0ad6f29080bfbf43d8fe6fff7d27dd67655520f534ee68c0dfd5034b69173796140083b7337cca0b9145dc6bb596f9856cc203d21841ae4669a02de8318ebd75f5be4f6b22fe2a3208d5167af8b7927444fc32a1f182e6ee3eeffd3fee2fc291f3b7e3c34c2ae7c7dfd5020ff41d0956977ee548344c9c3afb774e33c25fc1a95fc3602f44"}, {&(0x7f0000000080)="8304627c2b10ff642d53aeaad010d1efc0d5a543e98f9f498abfd7411f15c434c8"}], 0x4, 0x4) ptrace$setopts(0x4206, r6, 0x0, 0x0) tkill(r6, 0x3c) ptrace$cont(0x18, r6, 0x0, 0x0) ptrace$setregs(0xd, r6, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)) ptrace$cont(0x1f, r6, 0x0, 0x0) [ 2231.677503] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'. 22:51:00 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xb29}, 0x0, &(0x7f0000000140)={0x1ff, 0x0, 0xffffffffffffffff, 0x0, 0x1000000000000000}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r3, 0x840, 0x0) 22:51:00 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280"], 0x3}}, 0x0) write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r2, 0x0, r4, 0x0, 0x4ffe2, 0x0) 22:51:00 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, @perf_config_ext={0x2}, 0x0, 0x4}, 0x0, 0x3, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) r3 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x280000, 0x0) ioctl$BLKZEROOUT(r3, 0x127f, &(0x7f0000000080)={0xf1, 0x20}) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r4, 0x840, 0x0) 22:51:00 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r3, 0x840, 0x0) [ 2232.045970] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'. 22:51:00 executing program 2: socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) 22:51:00 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x80080, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = getpid() r5 = socket$netlink(0x10, 0x3, 0x0) getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) sendmsg$unix(r3, &(0x7f0000001440)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=[@cred={{0x1c, 0x1, 0x2, {r4, 0x0, r6}}}], 0x20}, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, &(0x7f0000000240)={{0x7, 0x3, 0x378faad5, 0x2, 'syz0\x00', 0x1b}, 0x3, 0x10, 0x7, r4, 0x2, 0x9, 'syz0\x00', &(0x7f0000000000)=['\',\x00', '/dev/vhost-net\x00'], 0x12, [], [0x6, 0x4, 0x7, 0x5f]}) r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r7, 0x840, 0x0) 22:51:02 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udplite(0x2, 0x2, 0x88) dup(r2) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) ptrace$cont(0x1f, r0, 0x0, 0x0) 22:51:02 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e000000180002801400"], 0x3}}, 0x0) write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r2, 0x0, r4, 0x0, 0x4ffe2, 0x0) 22:51:02 executing program 2: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x80000, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newlink={0x40, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x400}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @ipip6={{0xb, 0x1, 'ip6tnl\x00'}, {0x8, 0x2, 0x0, 0x1, [@IFLA_IPTUN_COLLECT_METADATA={0x4}]}}}, @IFLA_MASTER={0x8, 0x3}]}, 0x40}}, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x1, 0x803, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newlink={0x40, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4, 0x400}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @ipip6={{0xb, 0x1, 'ip6tnl\x00'}, {0x8, 0x2, 0x0, 0x1, [@IFLA_IPTUN_COLLECT_METADATA={0x4}]}}}, @IFLA_MASTER={0x8, 0x3, r4}]}, 0x40}}, 0x0) ioctl$sock_ipv6_tunnel_SIOCGET6RD(r0, 0x89f8, &(0x7f00000002c0)={'ip6tnl0\x00', &(0x7f0000000240)={'sit0\x00', 0x0, 0x2f, 0x3, 0x1f, 0x101, 0x20, @remote, @mcast1, 0x700, 0x700, 0x7, 0x81}}) sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r0, &(0x7f0000001500)={&(0x7f0000000000), 0xc, &(0x7f00000014c0)={&(0x7f0000001540)={0x119c, 0x0, 0x300, 0x70bd2c, 0x25dfdbfd, {}, [@ETHTOOL_A_PRIVFLAGS_HEADER={0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0x78, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_vlan\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_PRIVFLAGS_FLAGS={0x78, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_VALUE={0x71, 0x4, "9ee94c98a137b17d5ec8596525841914e6718c6df800faefa918206594fd928e83188ab5a3ec253a099eb9e75547c20e3098c7edeef57c6a7f740d9a00ebb652a5ff5be00608a33054f315aa0f87f0d3109406f99dfc18e558b3119ca9b86ffa860786f7461989729ffd2a3192"}]}, @ETHTOOL_A_PRIVFLAGS_FLAGS={0x1058, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_VALUE={0x1004, 0x4, "c18cbd91d13ebbb9f20f97a9222f282d1e70ef161d39ee70a8886be047022b0333671748c5d84a9cad7eb586207c68be3cb46fd51348e5c97d270be315a916bd7c0e6642cec8720ff7e46cb8adf1f79d3db8218b7bf0908db29e4697aeb7ab66c2dfde6ca90396124b5c909d1af4c39565c4980b9fb06985edaca0a96deddc755d59226e3bbf4897478da1da2a5c9a53ba2b1062f9fcd3c541a4e9e8be83fbfd2504ff9143d03d7a69fe15d23ccf675e884ecb71aa76a0b7e0a2834194a1b611dbdd7ce1a17a9eb1e8f5ab3d392bec0cc02bde38092d8019225e2dcf9ba02b4697eb526da4bd9c41cebebe4ebbde8e22f915a82ba1a43aef4332468afafbe72ab9e26d27f92ec226b5165b27664824c23ab3724caeacbb4d3b9dbf51d67978581d7f184ee63ca2c3b7331b18f9ae0d79c9ff266b3cfd35d952d7dff513056da572ba6c8e6b48bab6e33e037512c1c4a94301538ac23c8f0b6604abc7a1fa5583104e775b3b063939e1a80ca4adcc8bcbb85cf838608c52e98f80e3dd5c236aa1cd3873ec0d6d35d847144d43dd5eba76bc1a8c5e2201b58483873f92bd02376469575137107f3f4a3f6a2b607b1c6ed449a0b76dbcb9bb65a401020d998b1db826677137178c30f2c713c3cd1ba39c4fa8bc9af780a0449dafa64c0559f5730e6ae2a70b7cb79b1e026ff6ce064d1d890ef15178f2bed183b35a2cb74eb6ce383b197b3d283333be08cee7ea772036f0c872cac36fbc3df2bf7d034a1ce3b3a436484e723765fe604c967ec65979aacd4c332928d6d610b357bd2cb9141293662cdb9ccf24abf8bbe1d9cf260e9d770da39cecffb37948f0af646e5bb767018636019224c97ef6811afeaecdf6ca2773f3006495942a77e1c24d8954a7d8cfbe33cfa4be10ab2800674507045ac5e2a6563d0e8635f236b2ff53f763edf41c3685235c5b279510ac68f03fed84b49f741d8ae3cd27a10cf2e98602d918278330b3280c607153cc07c1359f1d025c21837cbf7311e881111d9e67bd31bbf818f9a9ca2bd6b6c9388c2a51807761f4482d3a7b45a0074f7ddcc2ec57b551024a428e0e8394492f383b82c92d6886b6145686068b25b4c8ea13608b0f7c8c2d3112ce45536c3e0d6e25e86aba3d7509f074cf148058a0b87f21be7966196685c042b89fa1cee57217de71160be798a3348d7bd5063d745e9b3bee2763ca22f5c731ef11c3e62d75a0fe070a8bd4a4dc293c39a84d41d184cb321eda4f84476f2345f20c4f4ad137ed2e14dd658303b55299be593be1bc46847bd8473a1b09c86b5461c2cb7acff0a919f102c80925b29d5f37d8ad1f97b6a177b114b7e1e7d937b0c395e61fd360daee9af52aafa6a3f33b8cac606cecc33c5c87a513fc406cfeeebbefab807e1d595831ecab9b8f756ed51335284dd76b4dbb136ae43d799959b1858bb25620479abd47ee4cd3d1bfd693e3457c404e0494dd3d85d6c6f4a46f3bbef83ea3b1e5bab22724592b1f287dd9ce683cd30c83aa1ecb34701432e8185a57761ffc0f3bd68190b5486c66830fcf330a17938cb7f6cb399dcd5a9d66dc70a7f6122f70a71ca309d511dbea59e690a3bad532a26b68607b0b55a8b758805f84871b85a6d0e518c99ca0a8fef13c6f781c342520e1ea45ec40967a95971b7e745a295f8cb4026654a76d48b881d50ff04ec27ff318e0587d5f5d80712638d361cafd769e8e38bb755fe2aeab0f4d2bb0272a7b494b429d3b234ad2887562260b316b711715c4a3a18faa6dc12312552bca76e073b4d059ab2950998fabacf4f870904fe3e817b6ab535768f2190e773c6858daf72d39834349c765fa55f089bcefa6ed931a0c5612dca2d8231527ebfa32092624c2025819e4551423382226a4fa3ff29c440fd56f4cacd2097a1652d59c17274c8d18996de86a9a6fb0c69dddb79f60c3c5f2789466065411b2bd6276321cc7f75bbb7d2e19529d081b6bb4d5f7261340109051cb3648cbb2a8cc507404dfbb3d25f1a4922fb6072ebf33f50e19ea199838c05c5bf8282e1ec92497547b979dbe27eff08db871903e80b2c520b434f0f59417e8630934015c9a63727baf0bcffa69c15696c5e4291dcf544037ff71fcb3367a567aa1a64d87da0f207f471227b79c919ceadcaab3362d787417f74446d01dcec15b7432754b2c0be4cda59028068460c9ca63343f422ac9d10c23872c3ad21bd4796ef96d09ed917c361c5c93b1cf7694fc25d9e3442103e3dba6b287437e1b3445c580e58a920d365ccc48165dea00233f538a256c622c9bde88f2376ee64a6088babc3c594544a9e35af7ed6557a22ffd6a2dfbf880ee7c5bb4d6ceacb20de2a1884471c686f53a1d11cb3396ea2e5c853c4b7ab4cb0223c69401eff714a78259da9c1c8a3d8e67ff26ac77d08e03f9fa2853c695fa3acb8e67aa0844dbcbf9c69e935be924105680f5e7d65b5ef593f3b9b2ec5addfae7f99734b29fe0828af3376ee31a5a3ecc5c6c2592de9e7b6697111c3be4a359837ba8a69fdbb902e643582563340c3c68c3da76385fb1754c21b9f5a39c83ff6cafca1c2eb73e40d628ac12e04e8f557af8379ed1777d6f56f7c34081e36b139caea18d74a875731723a6939a0657762fad5187263c13d7c75d955e0f90378605a7ed1c2bfe75a1ac7797bb7c3f7ada68033762ea64a86a8ea94f20b7924acf019989478b0771aeb50ca0435010206ce8ae64dafa91af0b26c7f79d67aae9ac99345c036878a6c09da9320e55f5ca1ed8bfdebc4d7d10ae156bc4740bcd51db6c1e9e866f3cc3079760017d6479525db0feaa2ea263ff59fa12183c9c7755d9e54da60927e7ebafc0ca3c846594262d6fecd95372d8918414b9a93e9ca24e4f4de54685bdca9efbd75ec03f3a05083aadff124665c7cbaa909fb4e963e3e6d15c1df7ca6ccd769ad95655bb513efff57b1bba9917977995d69b0dd630afa2cf8d796a345207f1d3eaf89e10c85cf28b93e3c1c845103a115ef3ce5ac9c77ecc8e27f19758430ad5333b900aa93b9c1c53ab381622af5f3e6b10abd6fea6094ce68b8b649dbc7f7ce3fca2bd29a423c7061df51cf95a7d05abdae58388721404478f61eb1e79ade350ec47dc27f9b72009667d73615278ca00f033587bb72165fc60b2152a34c77036d02701ce5112fbbec6168becc7dff204028dfc76e567cfb865d479db5471e1fa82568a03226c8ff6f619daa012154835fd16b638309749f403edc94a877f13deef56c6c9d930b54e7392bd564bce98f5ffb286d5353fd4c814a91b8a4192c4702f3310d388f33d515205ce25cac20a8e920842152e39e7ef13506d39f71a03880d09f0f08aee6f2cf99ffd12f083586bfb14daf56bb576063c8a60a4ff132055b618318fd504e78f699e29f60ab957f7ec3134a62c3b08cb1ec766ce61ef356718228c248efc83451e2a5cdc1a2cd674a73d24a194b8c075a7ab69c56ece9529526e8089e0e944b29916872832517441e54a566c5f80bdc7f782a872d7f4254197acb097f592896834c29c7ad39f561a86f0de9318211394470ea1925d7694fea446de0d9651507d1d40cf0b8a5f98a9f11fbe34eccf05c453fa815246d3b2f1670c6bab024e6f09d2bf3b465b36957fa26361931ab59dd4edf902fa195266f9f77c16002893f0d273434b7f8a9a8cd7886bcf872861d88bf85c2db5117983d4ca166dd63b5ca8d3c866c345ca7b2ebd324ca5933eda3b54727f5cc8b1eb5ab72b3b4fe0fea663751982f0286fa9a4c00aa07c1476a7600587330af66da492ad4da78273a622b72486b8dffe47f6c6d075ee533bc65e8afdaf527c63ceed16cf12b7068094204ca43770f07a00802c88f7ac374808ac786ba3316ecb320884b0d2f0f392097cd368ff0ea557d1165f35ec6dab57a0427815f4985f59f94f8252bd441a83b7e02731896407fc1063216fe428ce51219b99dfde095e49b86eaf84f0ce47b8eb0cd96c42c65cd4cb10d3a325bf8722cd674bcfbbe7ea6f0ecb6d65a7a432b2a6157363eb79e5c9d90c576886f4f3fc68f74c55a7ed1ea0f06c940f2e136ef2f3b857cfa4d2fc40ca5aaf80ea804e9e6e8550acc091b14bc4de591d13f9157fc4f428aee730d6a8964ae15a69b210851fd26f781f350d31bb3419d3f31a730407b3f9b30a5558d5b9773224b58fbcb1ac8d11ca75f3f1d6184b7fd4d966dfde2a368a839cad656ce7265912e3edad72360b27882e9815ef8e21d6e3a1283c0d4cf03be10acd27788489ff70e1069620cd1248f23066dc0647067e7858799139532387974050757985d0c42a90e1e6af3c7755cfdcf22a76caa58c74dd64b2af3b654d32f66631919a2db095ce473ba638a9d4d0efea3833c8f0516a50d5567cb457d07f925861bd0e64e5f45685384bd3b9aabb728c0c433f6d0bfcaf6501894db974699676f8a9ff8815862eec475ac1f97daaca262442137d4c168c552c51ecdd8e226cfcd80c815a5dfc81758c303461c816a8e92af0fafc43d8d780b2381910a5e2bb6bb497cb480ba23ec3a19b65e03ef20f380b6a4f3c4cfc3b2366f80d5560da313838bb524709b1207ff91eb8658bfd03f875175741de844d33cdab189a81410b1fc0859932e1e0831d3cb2b5adf5c31514c4951c17374c1764793d438536ceaa0f6424fc0dd7f367abb45897dd2037eabcb443679c9fd7e296627acf881b8d40cd6d2af7f62e842114acba5bb3d1f163643164991edd8285c2d944230c11d3df9442094928263ed7fb2cf7bf2d6cc418f2b15b0d91b7a2397109f02bfbeb331f79891ca761dcef247eb72224e7985373f4bfb118af0c065475a533679b65bf7026faf053e62071d51378f9b837ad4a0a576be6d8efc004a1b4273345a8c5b38f8eb304fc5265caccca7c1b3065664ccfda0ba403605739b5adb59453bdafe3c40b78d5c4febd367d8ac2d47d5e02216ce283fd99ac651dab35ffbd12e114722dd9a00b61399b47375eb9ed7d8712a07618507bb9b205d4faf6224465ae6000186de97d0d4f3ceddbd41526ca554facc29be67d707be1b1594689df8e2261bce450299b6ac1ae83c48f089986f7114a2555bcfb4bcddad0ac5d22f8ab9795dbbe8bddb6ee988fbe881ce2a7566bfe423abc9b890fc7a17eb76934801a46c5ac158d6c372cd1bb47831f20456781cac72649f053c234d5b953d62df288711a8fb9a4865adec845da4d8f1cdddc3b6c54a9a95ac3e0a45171472c902d5089b740a26c157a4abde3178ad9fffbecef6337409bd2f272074e1430ce53cad4a5cffcc3c8840a2d18e78526fd08778ed1687a09e94e8b5310144a8ca9dbaeb10c806e1d44ef0558f7a9e6923866341fdaf7bc5b58ca9b08a41172c7ea97d2fd236ace0b2baf1cc3c55544979b918825a4a0703823d839ba594b771042cc237b2b2f81e4fb5638c4792d013052644144191f65b5596781dd4845fcb7913a213307381d69e6da552d2cae5deee90fd8a6a15aaaef8321facd25e5a7220159262c8d3aa8529fe19897e7bb082a6cc1cc5e3b7db069c9d1d4d4cca89edee69aefce830e0a959373e74af0b8f7ce009189a559627df3eb091f78bb4aca9d27d43feaee0f4be9ecb2a4eb06e3286c73234f5bbd4ed03254c7220c025f1d8893c92bf6d72382b1c9b879544ff77392e7f078b16df842f1837a9cba391f3cfbcb306f12f390d9a004d9a1727481ea5d05a394e65f568bc6892bc7f418fc4a9aba6babdce48e864a0e5cc6ed6d6fde3c4405c737646f3a"}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_VALUE={0x4a, 0x4, "d488657cb0f99c377890c901d2164a827e4d9c6468f8f0e52997d83730107722588b4c3f5565c9ba78907d5b707fb8a846a7af35ba6294083301a853102e758707a17318d901"}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}]}, @ETHTOOL_A_PRIVFLAGS_FLAGS={0xc, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_NOMASK={0x4}]}]}, 0x119c}, 0x1, 0x0, 0x0, 0x8}, 0x4010000) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r6+30000000}, 0x0) r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r7, 0x840, 0x0) 22:51:02 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) socket(0x10, 0x3, 0x0) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r0, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r2, 0x840, 0x0) 22:51:02 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r1 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$TIOCGRS485(r1, 0x542e, &(0x7f0000000000)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)) ptrace$cont(0x1f, r0, 0x0, 0x0) 22:51:03 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000002}, 0x0, 0x0, 0xffffffffffffffff, 0xa) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$SOUND_MIXER_READ_STEREODEVS(r3, 0x80044dfb, &(0x7f0000000000)) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r4+30000000}, 0x0) r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r5, 0x840, 0x0) r6 = openat$null(0xffffffffffffff9c, &(0x7f0000000080)='/dev/null\x00', 0x80802, 0x0) ioctl$KVM_GET_VCPU_EVENTS(r6, 0x8040ae9f, &(0x7f0000000100)) 22:51:03 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e000000180002801400"], 0x3}}, 0x0) write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r2, 0x0, r4, 0x0, 0x4ffe2, 0x0) 22:51:03 executing program 2: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = getpid() r3 = socket$netlink(0x10, 0x3, 0x0) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) sendmsg$unix(r1, &(0x7f0000001440)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=[@cred={{0x1c, 0x1, 0x2, {r2, 0x0, r4}}}], 0x20}, 0x0) r5 = getuid() setsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000000)={r2, r5}, 0xc) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r6 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r6, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r7+30000000}, 0x0) r8 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r8, 0x840, 0x0) 22:51:03 executing program 2: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r3, 0x840, 0x0) 22:51:03 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vsock\x00', 0x0, 0x0) ioctl$BLKPG(r2, 0x1269, &(0x7f0000000100)={0xfffffff9, 0x4, 0x89, &(0x7f0000000280)="7dfd9b5b3164ae42a5a883d96ce9b7dda56f55950744b73744bd60e0d4a30f609f7e9a2ff237ec5c60f5b13b5054bd1a47fe19f9e0272244bf8b0f0859ab97f9b9ab644d1204df74cc10b9f9bfec07f1579da805ad8e2a24b91409134cb9c0cc8986d20f3ac12e0a6300532c671b3fbaa806a4cd69dda645bc1bc1610e10b0313da721cb0389285cfa"}) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_int(r3, 0x29, 0x48, &(0x7f0000000240)=0xd, 0x4) getsockopt$inet6_int(r3, 0x29, 0x48, 0x0, &(0x7f00007d0000)) ioctl$sock_inet_SIOCSIFPFLAGS(r3, 0x8934, &(0x7f0000000000)={'gretap0\x00'}) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x3, 0xeb7, 0x7}, 0x0, &(0x7f0000000140)={0x1ff, 0xc}, &(0x7f0000000200)={0x0, r4+30000000}, 0x0) r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r5, 0x840, 0x0) ioctl$sock_SIOCDELDLCI(0xffffffffffffffff, 0x8981, &(0x7f00000001c0)={'veth1_to_batadv\x00', 0x2}) [ 2235.637178] Unknown ioctl 4713 22:51:04 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e000000180002801400"], 0x3}}, 0x0) write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r2, 0x0, r4, 0x0, 0x4ffe2, 0x0) [ 2236.411849] Unknown ioctl 4713 22:51:04 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x2a, 0x800, 0x2) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) r3 = openat$vsock(0xffffffffffffff9c, &(0x7f0000002940)='/dev/vsock\x00', 0x400800, 0x0) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000029c0)='nl80211\x00') sendmsg$NL80211_CMD_FLUSH_PMKSA(r3, &(0x7f0000002a80)={&(0x7f0000002980)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000002a40)={&(0x7f0000002a00)={0x14, r4, 0x100, 0x70bd26, 0x25dfdbfb, {{}, {@void, @void}}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x20004090}, 0x20000000) r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r5, 0x840, 0x0) 22:51:05 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udplite(0x2, 0x2, 0x88) dup(r2) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) ptrace$cont(0x1f, r0, 0x0, 0x0) 22:51:05 executing program 2: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r3, 0x840, 0x0) 22:51:05 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r2, 0x0, r4, 0x0, 0x4ffe2, 0x0) 22:51:05 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x751c7210fa21d644, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x2}, 0x228d0}, 0x0, 0x0, 0xffffffffffffffff, 0x2) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/llc/socket\x00') sendmsg$FOU_CMD_GET(r2, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000001c0)={&(0x7f0000000100)={0x1c, 0x0, 0x20, 0x70bd27, 0x25dfdbfd, {}, [@FOU_ATTR_TYPE={0x5, 0x4, 0x3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x4080001) clock_gettime(0x0, &(0x7f0000000180)) pselect6(0x40, &(0x7f00000000c0)={0x0, 0x1}, 0x0, &(0x7f0000000140)={0x1ff, 0x0, 0x0, 0x3ff, 0x0, 0xffffffffffffffff}, &(0x7f0000000200)={0x0, 0x3938700}, 0x0) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r3, 0x840, 0x0) [ 2237.279446] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. 22:51:05 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000000)={0x0}, &(0x7f0000000040)=0xc) ptrace$getenv(0x4201, r1, 0x9, &(0x7f0000000080)) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)) ptrace$cont(0x1f, r0, 0x0, 0x0) syz_mount_image$jfs(&(0x7f0000000200)='jfs\x00', &(0x7f0000000240)='./file0\x00', 0x200, 0x7, &(0x7f00000006c0)=[{&(0x7f0000000280)="94aeec19965893f7f39d3d6beffa0542dc9a5b51133b4f59df4d9764538a8aa4b81bd8c42921b6089464d4d79bf045d82bd865fd8323ef8217527a45e59f8b69f8cf401fae4ab4d10a50b4b4c9487b71b5ece012e37a04e4cd3f9b5aaa2deef798245805c3", 0x65, 0x4}, {&(0x7f0000000300)="75b613156f863933561a9857b49234848318834227ee45d5240c3dc5f026a9cb267ccd7fa3eebcfb97093380390f4a19ccf6649b52603abb15d1d18d9a06e4876f5a05ee9e14edca9e4148efba693c32682438806fc932bff6765dd5cb515d5189dec3adba5f647e3afc0453d1d2663776de1a9baa961eea8f8b2d2e801c", 0x7e, 0x10001}, {&(0x7f0000000380)="45fc65c2c8823476224ecc43c17a3f4b686a33176079c57591ce6c2d837a4b3037907ff13670796246dc06a6884e8f633cc60cea819efa4056bae5d61180a5ab6202a8e3783673185d4c03e61577f5b7add1e671", 0x54, 0x3}, {&(0x7f0000000400)="6dd276ed7a6ae99b2c30077b5dfa2967f897c11714e688d65120c50f18a1d3b49aaa1adbaab6a18e20af17426b73f32347df60afdafa1cedd4c75ccf8f14b33606ad153d6a63f95402d4b2b6b28c10a2a8676e6ddf010ea7d8c64f40fd86557b3065a37fe04683040954e2b4329916817c09c30c37f754b0c242cd0f15cbf925356a43ab428e17d0202492359e745308fb8b8d32a60929c44fb03b073bd37230c62c4d3c3d51d4efba2621d987ba229abf193dc695ab256c2b20285c658e30e4b5dc0c65ca87b0c97504ca70cdee2b43b2850f28862b7b2bdd9c4b8677ca2d566f7ad5", 0xe3, 0x40}, {&(0x7f0000000500)="ed43999b831c9d1a8c5a986700a89e0203efb99668b8bb229d9c1662840a95056149c3e1490180630711c37c921fce45e64df42ea9d5311c682722d830306e5c746b2c5d5952c6f2a0d4d85897b413eb1a076439fb73b8c5ad", 0x59, 0x9}, {&(0x7f0000000580)="1474b43e9ffe7c565c18aead250d24676b7cd48b135e544f7fc27c138ca505ea9ba8b44373c889fb84a3efe6918cecb533a8502a96eb90fc3f8d11ec0877d4029398e37c685d588880679b5495114b3b00c5f021889f794a2e3e135c4489bf862107cad7cb188c88f75222a57d552d0660f71428885e2d2b9034ec6d5ce589648ecdb3686524a63e25c0fd0d9e405627c257cceff16de574a6c1277f7eaf6eb2bdeda948f21911f34b5a8521c7395f21d97d0982fe0b02f15f88c05b2f82dd142551bcfd58e3f8068b07cf2dc3fdcf0b962fb5f064c44c", 0xd7, 0x9}, {&(0x7f0000000680)="98308b", 0x3, 0xb7e0000000000000}], 0x92, &(0x7f0000000780)={[], [{@obj_type={'obj_type', 0x3d, '}'}}, {@smackfsfloor={'smackfsfloor', 0x3d, '@,:*\'-)!%-\'u!^]'}}, {@subj_user={'subj_user', 0x3d, '**/$-'}}]}) 22:51:05 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) socketpair(0x2a, 0x2, 0x3, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$NET_DM_CMD_START(r3, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x120008}, 0xc, &(0x7f00000001c0)={&(0x7f0000000100)={0x14, 0x0, 0x8, 0x70bd28, 0x25dfdbfb, {}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x8000}, 0x40040000) socket$inet_udplite(0x2, 0x2, 0x88) connect$inet6(r2, &(0x7f00000003c0)={0xa, 0x4e20, 0x363, @private1, 0x6}, 0x1c) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r4+30000000}, 0x0) r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') r6 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0)='nl80211\x00') r7 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_GET_STATION(r7, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000000)={0x28, r6, 0xcfaeea700fc29f91, 0x0, 0x0, {{0x5}, {@val={0x8, 0x6}, @val={0xc}}}}, 0x28}, 0x1, 0xe}, 0x0) sendmsg$NL80211_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000340)={&(0x7f00000002c0)={0x58, r6, 0x100, 0x70bd2c, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x101, 0x18}}}}, [@NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x19}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x17}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x34}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x1b}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x11}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0xc}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x2d}]}, 0x58}, 0x1, 0x0, 0x0, 0x20040000}, 0x20000041) lseek(r5, 0x840, 0x0) 22:51:06 executing program 2: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x2a, 0x800, 0x2) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) r3 = openat$vsock(0xffffffffffffff9c, &(0x7f0000002940)='/dev/vsock\x00', 0x400800, 0x0) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000029c0)='nl80211\x00') sendmsg$NL80211_CMD_FLUSH_PMKSA(r3, &(0x7f0000002a80)={&(0x7f0000002980)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000002a40)={&(0x7f0000002a00)={0x14, r4, 0x100, 0x70bd26, 0x25dfdbfb, {{}, {@void, @void}}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x20004090}, 0x20000000) r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r5, 0x840, 0x0) [ 2237.764852] jfs: Unrecognized mount option "obj_type=}" or missing value 22:51:06 executing program 2: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$gfs2(&(0x7f0000000000)='gfs2\x00', &(0x7f0000000080)='./file0\x00', 0x1, 0x4, &(0x7f00000003c0)=[{&(0x7f0000000240)="d61707823167054f30a883ece6e3ca77fbfcc8b1c4c44c9d04e7560d76bb38295d2e12952ed35204467be63f36e6aeefd4784445c7ad877d286c59285b3a4aaa3bdfd08b7f700981def26afd8a0415da65b8e57f5de20bf8b44d6c651f96711c5a0552be65150bf6d4e78c", 0x6b, 0x9}, {&(0x7f00000002c0)="526c3f4290a9c131a99fb9eeb55c4ec46f2a770a67f66a60c4042606e1b708e8c1c3f6d8860c1e978c4c6a7018edefdf0f0cda46cea8e33158725275e56b68283041211e3e8447fbc22c41225aebc9eb15d689650f2d63ffee65e396c2fb8d42525f6977ba503690cf7fa4f1347ffc9c466a989bc3144b6fcbffa91f0cdb8d31bd01d91c133417a72876153a114612074fbd1e580f9d55e761ba8d48944271d2f3cbbacd5dd089d8037c5342cfe2aa63c0a1528d67d58027af2c0db30f6879fdcef6c3ff05e4b397eddd1db936c7013d9224a7d6e1ce90e8a2fd72a2bb12a0efb2f047", 0xe3, 0x7ff}, {&(0x7f0000000100)="4117a593a11462", 0x7, 0x2}, {&(0x7f00000001c0)="451837017c68e01a054276df071895309dd7b32b0bca407566a8cdd1e90dd1d94c8ccc37346577d8498291806dd81a3f7ae2bef1d427", 0x36, 0xd5}], 0x0, &(0x7f0000000440)={[{@noacl='noacl'}], [{@euid_gt={'euid>', 0xee01}}, {@hash='hash'}, {@context={'context', 0x3d, 'system_u'}}, {@smackfsroot={'smackfsroot', 0x3d, '#'}}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@pcr={'pcr', 0x3d, 0x24}}, {@subj_type={'subj_type', 0x3d, 'net/arp\x00'}}, {@subj_user={'subj_user', 0x3d, '}:]\xf1'}}, {@smackfsdef={'smackfsdef', 0x3d, 'net/arp\x00'}}]}) syz_open_dev$vcsn(&(0x7f0000000500)='/dev/vcs#\x00', 0x6, 0x501000) r1 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_int(r1, 0x29, 0x48, &(0x7f0000000240)=0xd, 0x4) getsockopt$inet6_int(r1, 0x29, 0x48, 0x0, &(0x7f00007d0000)) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x7000017, 0x810, r1, 0x965c2000) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$VIDIOC_G_EDID(0xffffffffffffffff, 0xc0285628, &(0x7f0000000580)={0x0, 0x4, 0x7aa, [], &(0x7f0000000540)=0x1f}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r3, 0x840, 0x0) [ 2237.934492] jfs: Unrecognized mount option "obj_type=}" or missing value 22:51:06 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r2, 0x0, r4, 0x0, 0x4ffe2, 0x0) [ 2238.087675] gfs2: invalid mount option: euid>00000000000000060929 [ 2238.137241] gfs2: can't parse mount arguments [ 2238.180713] print_req_error: I/O error, dev loop2, sector 0 22:51:06 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x5, 0x6}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r3, 0x840, 0x0) [ 2238.237336] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. 22:51:06 executing program 2: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) syz_mount_image$gfs2(&(0x7f0000000000)='gfs2\x00', &(0x7f0000000080)='./file0\x00', 0x1, 0x4, &(0x7f00000003c0)=[{&(0x7f0000000240)="d61707823167054f30a883ece6e3ca77fbfcc8b1c4c44c9d04e7560d76bb38295d2e12952ed35204467be63f36e6aeefd4784445c7ad877d286c59285b3a4aaa3bdfd08b7f700981def26afd8a0415da65b8e57f5de20bf8b44d6c651f96711c5a0552be65150bf6d4e78c", 0x6b, 0x9}, {&(0x7f00000002c0)="526c3f4290a9c131a99fb9eeb55c4ec46f2a770a67f66a60c4042606e1b708e8c1c3f6d8860c1e978c4c6a7018edefdf0f0cda46cea8e33158725275e56b68283041211e3e8447fbc22c41225aebc9eb15d689650f2d63ffee65e396c2fb8d42525f6977ba503690cf7fa4f1347ffc9c466a989bc3144b6fcbffa91f0cdb8d31bd01d91c133417a72876153a114612074fbd1e580f9d55e761ba8d48944271d2f3cbbacd5dd089d8037c5342cfe2aa63c0a1528d67d58027af2c0db30f6879fdcef6c3ff05e4b397eddd1db936c7013d9224a7d6e1ce90e8a2fd72a2bb12a0efb2f047", 0xe3, 0x7ff}, {&(0x7f0000000100)="4117a593a11462", 0x7, 0x2}, {&(0x7f00000001c0)="451837017c68e01a054276df071895309dd7b32b0bca407566a8cdd1e90dd1d94c8ccc37346577d8498291806dd81a3f7ae2bef1d427", 0x36, 0xd5}], 0x0, &(0x7f0000000440)={[{@noacl='noacl'}], [{@euid_gt={'euid>', 0xee01}}, {@hash='hash'}, {@context={'context', 0x3d, 'system_u'}}, {@smackfsroot={'smackfsroot', 0x3d, '#'}}, {@defcontext={'defcontext', 0x3d, 'unconfined_u'}}, {@pcr={'pcr', 0x3d, 0x24}}, {@subj_type={'subj_type', 0x3d, 'net/arp\x00'}}, {@subj_user={'subj_user', 0x3d, '}:]\xf1'}}, {@smackfsdef={'smackfsdef', 0x3d, 'net/arp\x00'}}]}) syz_open_dev$vcsn(&(0x7f0000000500)='/dev/vcs#\x00', 0x6, 0x501000) r1 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_int(r1, 0x29, 0x48, &(0x7f0000000240)=0xd, 0x4) getsockopt$inet6_int(r1, 0x29, 0x48, 0x0, &(0x7f00007d0000)) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x7000017, 0x810, r1, 0x965c2000) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$VIDIOC_G_EDID(0xffffffffffffffff, 0xc0285628, &(0x7f0000000580)={0x0, 0x4, 0x7aa, [], &(0x7f0000000540)=0x1f}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r3, 0x840, 0x0) [ 2238.617795] gfs2: invalid mount option: euid>00000000000000060929 [ 2238.638848] gfs2: can't parse mount arguments 22:51:07 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r2, 0x0, r4, 0x0, 0x4ffe2, 0x0) [ 2239.082188] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'. 22:51:08 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) ptrace$cont(0x1f, r0, 0x0, 0x0) 22:51:08 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x1) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newlink={0x40, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r3, 0x400}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @ipip6={{0xb, 0x1, 'ip6tnl\x00'}, {0x8, 0x2, 0x0, 0x1, [@IFLA_IPTUN_COLLECT_METADATA={0x4}]}}}, @IFLA_MASTER={0x8, 0x3, r3}]}, 0x40}}, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDPRL(0xffffffffffffffff, 0x89f5, &(0x7f0000000540)={'ip6tnl0\x00', &(0x7f00000004c0)={'ip6tnl0\x00', 0x0, 0x2f, 0x80, 0x6, 0x7fffffff, 0xb, @private0, @mcast1, 0x1, 0x40, 0x8, 0x7}}) sendmsg$ETHTOOL_MSG_CHANNELS_GET(r2, &(0x7f00000006c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000680)={&(0x7f0000000580)={0xe8, 0x0, 0x400, 0x70bd2d, 0x25dfdbff, {}, [@HEADER={0x38, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg2\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}, @HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'hsr0\x00'}]}, @HEADER={0x6c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_bridge\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0xe8}, 0x1, 0x0, 0x0, 0x20004010}, 0x4815) r5 = syz_genetlink_get_family_id$tipc2(&(0x7f00000002c0)='TIPCv2\x00') sendmsg$TIPC_NL_NET_GET(0xffffffffffffffff, &(0x7f0000000840)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000800)={&(0x7f0000000880)=ANY=[@ANYBLOB="50050000", @ANYRES16=r5, @ANYBLOB="00042abd7000fbdbdf250e0000005001068004000200fa000300d95c001c79e11cc1a920bdd098a0b2fbe35e29f20dd262bcf78b17f12354f6e32ab67e04ad465c0e6100f60a05aabe90297b54894eb52f185e16c50819424897b336e787b5959ead7142d9fd7343222c5d58c5786ce4d2ec746406f45015cf113c2c098058e8508ec7011a114e1fee43b28dafc4330240dc1c1a3f7eebc66018ae52c2adad95cf57eaf4f6342d63707a583ce2c757fc321ccca238fa9d53cbee0150e71fdf9d3f66a3423991b774c8d7b66c8fb68a8cf2f1be2e78d7bdafc4920b0ce38f1d69b34929d7088b8cd717c4e56e148e6d34259f4726f7bb6bf01153d0810ef1012101809b90e7b007bc35a4c0889ea0b6a700004000040067636d286165732900000000000000000000000000000000000000000000000018000000ce4f08c5cfc8d9630c410cf518466b6679c2d70a801abccc08000100520000000400020010000680040002000800010002000000180105800800010075647000080001006574680054000280080003006f229868080002004788000008000200030000000800030097f2ffff0800010014000000080001001a00000008000100130000000800020020ffffff08000300b00b000008000400030000002c000280080001001700000008000300010000000800020008000000080003000900000008000200008000001c000280080003007b00000008000100000000000800040001000000080001007564700007000100696200000800010065746800140002800800030004040000080004000000ffff3c00028008000200ffffff7f08000100040000000800010013000000080002000004000008000200d8070000080002001f00000008000200400000000c00028008000200810000009c0106800101030021803b98e8708ed6816a0ff4e9a2604311d0e853a1332eb3bde6824cd0234704bdcc460fe32a923a5563a4814d329030b7077eaf51b4739770b2c5a5872283f3c077cc650a85430d17c5c89ad06f61c4e0b550fd26bad982a920eeff503d067b5a7e9975bb7358d731f71366009f8030d3c9bb4094500458f799a5fb2df729caecddb59e2602a00e29d708c2010b1ddc55ed3ce46ebf6842f1e6eaa86e7d7f78b64e61462bc642fa5eaa2ed8c96fe0424b017fba751ab29a9ec634fe7056549c2b57d91456a372586bb605f90295ae7e61d908c109adcbb295dee4813f7d4942be19d47ef7093c33137dd6baadbd2d4ed73abc10ccdddd3b038a40b9530000003f00040067636d2861657329000000000000000000000000000000000000000000000000170000000b2299b99b7d641e5ddca2fb442a25fc6ecee14c1797bf0008000100020000004900040067636d2861657329000000000000000000000000000000000000000000000000210000007f472e0f9b09b6bee5ad9d886a7db7a099169585b85ec682e3393cf86d622eca9b000000ec0005803c000280080001000d000000080003007f0a0000080001001800000008000100000000000800040008000000080002000600000008000200ff07000008000100756470001c0002800800040004000000080004000200000008000300ab0600001c000280080002000000000008000400a68b000008000200080000000c000280080001000a00000044000280080002000200000008000400c00400000800020008000000080003000500000008000200f242000008000100040000000800020000000000080004000200000007000100696200000c000280080003000800000008000100657468000c0002800800010020000000240009800800020000100000080002"], 0x550}, 0x1, 0x0, 0x0, 0x20040084}, 0x4000004) sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000080)={&(0x7f0000000240)={0x1e8, r5, 0x8, 0x70bd27, 0x25dfdbfd, {}, [@TIPC_NLA_PUBL={0x24, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0xfffffffa}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x10000}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0xfffffff9}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x7}]}, @TIPC_NLA_NET={0x28, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x6}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x1}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x3}]}, @TIPC_NLA_MEDIA={0x160, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x44, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0xacc0}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x12}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x5}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4010}, @TIPC_NLA_PROP_MTU={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8001}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3f}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5b01}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1f}]}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x9}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1b}]}, @TIPC_NLA_MEDIA_PROP={0x54, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x705cbcbe}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x80}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x100}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x200}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1f}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xfff}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}]}, @TIPC_NLA_MEDIA_PROP={0x34, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x4}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xfff}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x2}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x7}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xe9}]}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8}]}, @TIPC_NLA_MEDIA_PROP={0x3c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x18}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x55}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xf}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x4}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xb6c6}]}]}, @TIPC_NLA_BEARER={0x28, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0xff}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1000}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x18}]}]}]}, 0x1e8}, 0x1, 0x0, 0x0, 0xc9c1}, 0x8000) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r6+30000000}, 0x0) r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r7, 0x840, 0x0) 22:51:08 executing program 2: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x25, 0x2, 0x2) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r3, 0x840, 0x0) 22:51:08 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r2, 0x0, r4, 0x0, 0x4ffe2, 0x0) 22:51:09 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) fcntl$getownex(r1, 0x10, &(0x7f0000000080)={0x0, 0x0}) ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000240)={{0x9, 0x3, 0x0, 0xfff, 'syz0\x00'}, 0x0, 0x30, 0x0, r2, 0x2, 0x5, 'syz1\x00', &(0x7f0000000200)=['{{-#\x00', '&.}}!)[\x00'], 0xd, [], [0x4, 0x9, 0x9, 0x7fff]}) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)) ptrace$cont(0x1f, r0, 0x0, 0x0) ptrace$peek(0x1, r0, &(0x7f0000000000)) setsockopt$CAN_RAW_LOOPBACK(0xffffffffffffffff, 0x65, 0x3, &(0x7f0000000040)=0x1, 0x4) 22:51:09 executing program 2: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCADDRT(r1, 0x890b, &(0x7f0000000240)={0x0, @isdn={0x22, 0x8, 0x0, 0x40, 0xff}, @llc={0x1a, 0x337, 0x8, 0x20, 0x8, 0x9b, @local}, @xdp={0x2c, 0x8, 0x0, 0x2e}, 0xf800, 0x0, 0x0, 0x0, 0x9, &(0x7f0000000000)='ip6_vti0\x00', 0x80, 0xbc, 0x8}) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r2, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r3+30000000}, 0x0) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r4, 0x840, 0x0) 22:51:09 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000000)={0x0, 0x3}, &(0x7f0000000080)=0x8) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000100)={r3, 0x9}, &(0x7f00000001c0)=0x8) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r4, 0x840, 0x0) 22:51:09 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r2, 0x0, r4, 0x0, 0x4ffe2, 0x0) 22:51:09 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x6, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r3, 0x840, 0x0) 22:51:09 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, &(0x7f0000000140)={0x966, 0x8b, 0x0, 0x9, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000000000)={0x0, r3+30000000}, 0x0) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') r5 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_int(r5, 0x29, 0x48, &(0x7f0000000240)=0xd, 0x4) getsockopt$inet6_int(r5, 0x29, 0x48, 0x0, &(0x7f00007d0000)) ioctl$F2FS_IOC_START_VOLATILE_WRITE(r5, 0xf503, 0x0) lseek(r4, 0x840, 0x0) r6 = accept$inet(r2, &(0x7f0000000080)={0x2, 0x0, @remote}, &(0x7f0000000100)=0x10) ioctl$BTRFS_IOC_QUOTA_RESCAN(r6, 0x4040942c, &(0x7f00000001c0)={0x0, 0x2, [0x0, 0x3f, 0x80000000, 0x7f, 0x9c15]}) 22:51:09 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_ACCT_NEW(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000800)=ANY=[@ANYBLOB="5cf9bfb27983110200000000000900010073797a31000000080000000000000087fe5d2341d2686b960f1d8af494e84c1eab47a308604d8664c08213407bd8e1b3d8839a40767e7f16baadd0080000000000000041881774ca58e8c1b438ffaec45afe43e3ceb91c1129e593d2038b015ccc00df0000000000a951b43e4d503022203ec368c5714b734ada3f00279b599467a60de3d1a4a3d0a6ca5593d4a66901f4096bf0b324bb15cfea7f1c344f51242e40d0ec73349ae96de4abde53281364c22491c9e4386211c4d88b369ad8c5b0167d763f13e3ab3b8ff936f5821e8d74cb26d62962124f48fafe2d7ff453c413bfad6fef5a6b3a030f7743d9e8b8bdde8d367e03c4c6d6b18c3da38f62a8f4641ade461b6de2c14740ad0037827ef0f04b54df916eb67de4aab5fe449f5ae20f032bab65b72f861290441f809489c771d937c2c3d84a85d0abb8a2c94572230d7fd0ce29b9d5d0e1d204439367d02523cf5f539a00020b19a766fd0c011f26585f1567101fdae0aac7d7919208a92ed0d0"], 0x20}}, 0x800) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='attr\x00') ioctl$KVM_SET_ONE_REG(r1, 0x4010aeac, &(0x7f0000000040)={0x8000, 0x3}) pkey_alloc(0x0, 0x2) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r2, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) 22:51:09 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = socket$unix(0x1, 0x1, 0x0) epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r5, &(0x7f0000000000)={0xc0000000}) r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r6, 0x840, 0x0) 22:51:11 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) ptrace$cont(0x1f, r0, 0x0, 0x0) 22:51:11 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_ACCT_NEW(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000800)=ANY=[@ANYBLOB="5cf9bfb27983110200000000000900010073797a31000000080000000000000087fe5d2341d2686b960f1d8af494e84c1eab47a308604d8664c08213407bd8e1b3d8839a40767e7f16baadd0080000000000000041881774ca58e8c1b438ffaec45afe43e3ceb91c1129e593d2038b015ccc00df0000000000a951b43e4d503022203ec368c5714b734ada3f00279b599467a60de3d1a4a3d0a6ca5593d4a66901f4096bf0b324bb15cfea7f1c344f51242e40d0ec73349ae96de4abde53281364c22491c9e4386211c4d88b369ad8c5b0167d763f13e3ab3b8ff936f5821e8d74cb26d62962124f48fafe2d7ff453c413bfad6fef5a6b3a030f7743d9e8b8bdde8d367e03c4c6d6b18c3da38f62a8f4641ade461b6de2c14740ad0037827ef0f04b54df916eb67de4aab5fe449f5ae20f032bab65b72f861290441f809489c771d937c2c3d84a85d0abb8a2c94572230d7fd0ce29b9d5d0e1d204439367d02523cf5f539a00020b19a766fd0c011f26585f1567101fdae0aac7d7919208a92ed0d0"], 0x20}}, 0x800) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='attr\x00') ioctl$KVM_SET_ONE_REG(r1, 0x4010aeac, &(0x7f0000000040)={0x8000, 0x3}) pkey_alloc(0x0, 0x2) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r2, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) 22:51:11 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r2, 0x0, r4, 0x0, 0x4ffe2, 0x0) 22:51:11 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0xfe, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r3, 0x840, 0x0) 22:51:12 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4200, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)) ptrace$cont(0x1f, r0, 0x0, 0x0) 22:51:12 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200), 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r2, 0x840, 0x0) 22:51:12 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ioctl$sock_ax25_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000300)={@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x0, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}]}) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$inet_udplite(0x2, 0x2, 0x88) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) write$P9_RXATTRCREATE(r4, &(0x7f0000000000)={0xfffffffffffffe1b, 0x21, 0x1}, 0x7) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f0000000200)={'sit0\x00', &(0x7f0000000040)={'syztnl0\x00', 0x0, 0x2f, 0x2, 0x8, 0x9, 0x2, @initdev={0xfe, 0x88, [], 0x0, 0x0}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x1, 0x7, 0xfffffffc, 0x400}}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)) ptrace$cont(0x1f, r0, 0x0, 0x0) 22:51:12 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_ACCT_NEW(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000800)=ANY=[@ANYBLOB="5cf9bfb27983110200000000000900010073797a31000000080000000000000087fe5d2341d2686b960f1d8af494e84c1eab47a308604d8664c08213407bd8e1b3d8839a40767e7f16baadd0080000000000000041881774ca58e8c1b438ffaec45afe43e3ceb91c1129e593d2038b015ccc00df0000000000a951b43e4d503022203ec368c5714b734ada3f00279b599467a60de3d1a4a3d0a6ca5593d4a66901f4096bf0b324bb15cfea7f1c344f51242e40d0ec73349ae96de4abde53281364c22491c9e4386211c4d88b369ad8c5b0167d763f13e3ab3b8ff936f5821e8d74cb26d62962124f48fafe2d7ff453c413bfad6fef5a6b3a030f7743d9e8b8bdde8d367e03c4c6d6b18c3da38f62a8f4641ade461b6de2c14740ad0037827ef0f04b54df916eb67de4aab5fe449f5ae20f032bab65b72f861290441f809489c771d937c2c3d84a85d0abb8a2c94572230d7fd0ce29b9d5d0e1d204439367d02523cf5f539a00020b19a766fd0c011f26585f1567101fdae0aac7d7919208a92ed0d0"], 0x20}}, 0x800) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='attr\x00') ioctl$KVM_SET_ONE_REG(r1, 0x4010aeac, &(0x7f0000000040)={0x8000, 0x3}) pkey_alloc(0x0, 0x2) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r2, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) 22:51:12 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) clock_gettime(0x0, &(0x7f0000000180)) clock_gettime(0x0, &(0x7f0000000000)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0)={0xfffffffffffffffd}, 0x0, &(0x7f0000000140)={0x1ff, 0x0, 0x0, 0x3}, &(0x7f0000000200)={r2, r3+10000000}, 0x0) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r4, 0x840, 0x0) 22:51:12 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r2, 0x0, r4, 0x0, 0x4ffe2, 0x0) 22:51:12 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$vimc0(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video0\x00', 0x2, 0x0) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r3, 0x840, 0x0) 22:51:12 executing program 2: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, &(0x7f0000000140)={0x966, 0x8b, 0x0, 0x9, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000000000)={0x0, r3+30000000}, 0x0) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') r5 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_int(r5, 0x29, 0x48, &(0x7f0000000240)=0xd, 0x4) getsockopt$inet6_int(r5, 0x29, 0x48, 0x0, &(0x7f00007d0000)) ioctl$F2FS_IOC_START_VOLATILE_WRITE(r5, 0xf503, 0x0) lseek(r4, 0x840, 0x0) r6 = accept$inet(r2, &(0x7f0000000080)={0x2, 0x0, @remote}, &(0x7f0000000100)=0x10) ioctl$BTRFS_IOC_QUOTA_RESCAN(r6, 0x4040942c, &(0x7f00000001c0)={0x0, 0x2, [0x0, 0x3f, 0x80000000, 0x7f, 0x9c15]}) 22:51:14 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) ptrace$cont(0x1f, r0, 0x0, 0x0) 22:51:14 executing program 2: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, &(0x7f0000000140)={0x966, 0x8b, 0x0, 0x9, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000000000)={0x0, r3+30000000}, 0x0) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') r5 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_int(r5, 0x29, 0x48, &(0x7f0000000240)=0xd, 0x4) getsockopt$inet6_int(r5, 0x29, 0x48, 0x0, &(0x7f00007d0000)) ioctl$F2FS_IOC_START_VOLATILE_WRITE(r5, 0xf503, 0x0) lseek(r4, 0x840, 0x0) r6 = accept$inet(r2, &(0x7f0000000080)={0x2, 0x0, @remote}, &(0x7f0000000100)=0x10) ioctl$BTRFS_IOC_QUOTA_RESCAN(r6, 0x4040942c, &(0x7f00000001c0)={0x0, 0x2, [0x0, 0x3f, 0x80000000, 0x7f, 0x9c15]}) 22:51:14 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r2, 0x0, r4, 0x0, 0x4ffe2, 0x0) 22:51:14 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = getpid() r5 = socket$netlink(0x10, 0x3, 0x0) getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) sendmsg$unix(r3, &(0x7f0000001440)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=[@cred={{0x1c, 0x1, 0x2, {r4, 0x0, r6}}}], 0x20}, 0x0) r7 = syz_open_procfs(r4, &(0x7f0000000000)='setgroups\x00') lseek(r7, 0x840, 0x0) 22:51:14 executing program 2: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, &(0x7f0000000140)={0x966, 0x8b, 0x0, 0x9, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000000000)={0x0, r3+30000000}, 0x0) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') r5 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_int(r5, 0x29, 0x48, &(0x7f0000000240)=0xd, 0x4) getsockopt$inet6_int(r5, 0x29, 0x48, 0x0, &(0x7f00007d0000)) ioctl$F2FS_IOC_START_VOLATILE_WRITE(r5, 0xf503, 0x0) lseek(r4, 0x840, 0x0) r6 = accept$inet(r2, &(0x7f0000000080)={0x2, 0x0, @remote}, &(0x7f0000000100)=0x10) ioctl$BTRFS_IOC_QUOTA_RESCAN(r6, 0x4040942c, &(0x7f00000001c0)={0x0, 0x2, [0x0, 0x3f, 0x80000000, 0x7f, 0x9c15]}) 22:51:15 executing program 1: r0 = openat$ion(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ion\x00', 0x0, 0x0) ioctl$ION_IOC_HEAP_QUERY(r0, 0xc0184908, &(0x7f0000000140)={0x0, 0x0, 0x0}) r1 = dup(0xffffffffffffffff) ioctl$CHAR_RAW_PG(r1, 0x1269, &(0x7f0000000000)={0x400, 0x8000, 0xe6, &(0x7f0000000200)="61434ec9bdc15793dbb4c2e63c5c12bb35b266d592796bf901f8938a8e0ecec9ea74864b409c899d1217941f3e8b62f7a2581b855f129995591890b72d0ad44472b27bb718c6e4559e661dfc632acd4aa801d34405b8608b5b0febdfa428d59b62fcfd508f495e20e8187ea9a60494e5ed854fd2dcc5fa79cf06a0d720a4764da534c83bc16b86a41e81912859454ccc8bb1829bc2776f94079ba63eaaafedfe7a43e159087392ad947d2216b9cfa07f51585e1590a2bd322e57c0bbfdeb81fe8c2229c050ec15a83a278886e2e34448a344fec078e08c5afdf408e4cdcca06fd7ff6d455015"}) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) write$UHID_CREATE(r1, &(0x7f0000000400)={0x0, {'syz0\x00', 'syz1\x00', 'syz0\x00', &(0x7f0000000300)=""/206, 0xce, 0x200, 0x9, 0x3, 0xffff, 0xbac}}, 0x120) r2 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) ptrace$cont(0x18, r2, 0x0, 0x0) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)) ptrace$cont(0x1f, r2, 0x0, 0x0) 22:51:15 executing program 2: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) clock_gettime(0x0, &(0x7f0000000180)) clock_gettime(0x0, &(0x7f0000000000)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={r2, r3+60000000}, 0x0) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r4, 0x840, 0x0) 22:51:15 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) prctl$PR_SET_TIMERSLACK(0x1d, 0x1) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) syz_init_net_socket$llc(0x1a, 0x1, 0x0) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) socket$isdn(0x22, 0x3, 0x22) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r3, 0x840, 0x0) 22:51:15 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r2, 0x0, r4, 0x0, 0x4ffe2, 0x0) [ 2247.029941] audit: type=1326 audit(1602197475.264:361): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=10298 comm="syz-executor.2" exe="/root/syz-executor.2" sig=9 arch=c000003e syscall=228 compat=0 ip=0x460c8a code=0x0 [ 2247.056149] ptrace attach of "/root/syz-executor.1"[10296] was attempted by "/root/syz-executor.1"[10300] 22:51:15 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) ioctl$FS_IOC_SETFSLABEL(0xffffffffffffffff, 0x41009432, &(0x7f0000000200)="7fb3f276ff741b318faefb5936661a583cb939ab8008ed85fdd45f5f94a8007baf72f493a74345fdb57851285b8bf471512f0aa5138e576ae881a68f83aef69f49a898e7d7220a4db9ea2a09597cc2b9f1135b477bbdfc00cffe3176c4dddd01f4b67711301187b2844e5d8dbf5f5cd756b5a9fefc973a1902740d8aa75fdd6f2a98394797566e2759464e6fee5a455adc807dd03a2f6edc86dc36213a04a15cde41dee8972248ed59212927a4a01974276782a86e0d32e56d4682be0e8d242d7aa861464b0d5d3a2128487b08d466424d85d30b04ae92114b57e00bc581b0b7d24caea458fd58d3877d0aa9d2e7becf6a09b5ed1ad4e6d4b78321a70f945362") vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)) semctl$IPC_INFO(0xffffffffffffffff, 0x3, 0x3, &(0x7f0000000300)=""/243) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000440)='/dev/dlm_plock\x00', 0x509500, 0x0) ioctl$SNDRV_PCM_IOCTL_WRITEN_FRAMES(r3, 0x40184152, &(0x7f00000009c0)={0x0, &(0x7f0000000940)=[&(0x7f0000000480)="42ac26d7eb8a4ee7230cff1b76e638b389d163f1d1ae49bfe0472a144169f0bc90c1efe3adab9e8925c203279c740bf632418f6621096c5cff78d9d5b00c2ffa92aedf0b58a12c6c7da019ff8c568916cd05f4eeb29d7b756e220c8c90b020a352af1c890113eb56db0798e39b015b1a996a64ad76127afeba", &(0x7f0000000500)="5a1de1fd0620a72fa0c6d33a553cf55b04100245402101732d176b1f1d77be8254d3dcf8b7e8833bcc4ad15e2229754493e52569998c28dbbeba2224a8043e8959d4614b7184ceb7bfe93e30a3241a86ba0aac6f4af1fe5b379c4d881883d230a553901ccdeec7525a2917a37b0322", &(0x7f0000000580)="9e7a62f0d63ab64c05d66833dfb336bca4d4722ab050a8ca5f08559d83", &(0x7f00000005c0)="07b92216960d108f7466ee52c510cd31fc91858d43844e46d50c684bc4a1ca835861a395d4f00a675cf59cff1c99b45f5016600b24a4a77c06439a85547f375db4a05cf659303635f8b3e67b9bff16d0c2d10ea48ec8a30d552d65322ad7892313554674cbfa009bdced4379edb4652f4b3a8954587755c479a784f62ac9999f9a7229b2a8ef8625c275c70294a687952db2855c2f693c05c520c27bdfc1ed1e47c36241a4e5b8794076bbf7f28a7080f1d2f9314684a37a8598b49d3683426d28b40b75c0431b462b4f", &(0x7f00000006c0)="667f0a343b4b11601423e449bc86633835182d7d133c70c161ac2fd3b6bc481b62b577d6", &(0x7f0000000700)="fa27a4744e415673e08193929add094aa5dda54e0d72b634679763963c2b95a1d93e5d8e03707848493972683e60a1a355f0855f45503200130543000cd557eec6806466ee1a953d2acc8cd4801ce83e583b8836af", &(0x7f0000000780)="1b077d5fd6f74c82cd45ba851c1cc0e69711e54e834ba271965f77edcd35758f476c407ae0a317355879a59e2401b047a08a2871267e7c18bb7980c221781f5dccdbd6c89a2d2008be0091b2914016e00221fd10abfab77a4ae107b87a33", &(0x7f0000000800)="6f720dc19a737f", &(0x7f0000000840)="a3cf1c7d54da8d8ccc9b8a3d5ddfbd961d783feb9d0d90a0236a2ed5b2a46109ef80808cb7d42876814f755d4c858e2c8f03673345e68c08f52534fcc0ab8eac7d8df5df328dae47dae170740730b9e2c698f74695fd3a55f5dd0b61d80164c7e47eb196d0bb21a11006861c93fc11dbaa171cf44a78ef8c02850c4e68f5b01a9d02c1535478fb23e17b6ec62e297ccd693c564d74f0608930a8f347998e0005e73f04646c1832d28518f80de390ddd42eec0b6e86f76542e2e008d9e6f6e4a64df935803a3111ef99dc8439ec2562e00194c001cce155e97887868aa1bd62f58706bbfd74dc04388b69f6237a38f536896678bbb1e018f1bf"], 0x9}) sendmsg$IPSET_CMD_LIST(r2, &(0x7f0000000400)={&(0x7f0000000000), 0xc, &(0x7f0000000080)={&(0x7f0000000a00)=ANY=[@ANYBLOB="0100060022980103000000000000000505005e0700000000000000000700000067a6303b9693e07da22a86cc644883205d5cbea333d5d18cb5c293f1b0c5e21307d3ab4fb98876a0a56407edf348edd2bdfd2e38addaa2"], 0x24}, 0x1, 0x0, 0x0, 0x44090}, 0x40000) ptrace$cont(0x1f, r0, 0x0, 0x0) 22:51:15 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000440)='l2tp\x00') sendmsg$L2TP_CMD_SESSION_GET(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0800000000000000000000000000000000000c001600ff7ffffffffffffff99bddc4ed8ddb43122393ddf72a335651f63648b12b8787ba61b41ed3ca8575d9cb8092e080889b81e8509f99a62425f1b1b47da4a90e29e130493eeba6075af0fb9e9627b760ee018000003181c61113d30e97f07ba612bdb5fb4c702f8ff94d014efba458fd0f64aee27ef7dbb8a6d0acdeb66160a741ef5f"], 0x34}}, 0x0) sendmsg$L2TP_CMD_SESSION_DELETE(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB='T\x00', @ANYRES16=r2, @ANYBLOB="000227bd7000fcdbdf250600000006001b004e240000060001000d00000005000d000100000005000d00000000000c00100006000000000000000c000f0008000000000000000500050001000000"], 0x54}, 0x1, 0x0, 0x0, 0x8b5ca831696ba95d}, 0x4000) socket$inet_udplite(0x2, 0x2, 0x88) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) setsockopt$bt_rfcomm_RFCOMM_LM(r0, 0x12, 0x3, &(0x7f00000001c0)=0x50, 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(0xffffffffffffffff, 0x800443d2, &(0x7f0000000400)={0x5, &(0x7f0000000540)=[{@none}, {}, {@none}, {@fixed}, {@none}]}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r3+30000000}, 0x0) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r4, 0x840, 0x0) 22:51:16 executing program 2: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) seccomp$SECCOMP_SET_MODE_STRICT(0x0, 0x0, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) clock_gettime(0x0, &(0x7f0000000180)) clock_gettime(0x0, &(0x7f0000000000)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={r2, r3+60000000}, 0x0) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r4, 0x840, 0x0) [ 2247.882744] audit: type=1326 audit(1602197476.114:362): auid=0 uid=0 gid=0 ses=4 subj=system_u:system_r:kernel_t:s0 pid=10321 comm="syz-executor.2" exe="/root/syz-executor.2" sig=9 arch=c000003e syscall=228 compat=0 ip=0x460c8a code=0x0 22:51:17 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) ptrace$cont(0x1f, r0, 0x0, 0x0) 22:51:17 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f0000000300)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext}, 0x0, 0xa, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$KDENABIO(0xffffffffffffffff, 0x4b36) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) sendmsg$NLBL_CALIPSO_C_REMOVE(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80400}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000327bd7000fcdbdf25020000000800020065b300000800010003000000"], 0x24}, 0x1, 0x0, 0x0, 0x880}, 0x4045) clock_gettime(0x5, &(0x7f0000000180)={0x0, 0x0}) r3 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_int(r3, 0x29, 0x48, &(0x7f0000000240)=0xd, 0x4) getsockopt$inet6_int(r3, 0x29, 0x48, 0x0, &(0x7f00007d0000)) ioctl$BTRFS_IOC_BALANCE_CTL(r3, 0x40049421, 0x1) pselect6(0x40, &(0x7f00000000c0)={0x0, 0x0, 0x8001, 0x0, 0xfffffffffffffffc}, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r4, 0x840, 0x0) 22:51:17 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff0000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r2, 0x0, r4, 0x0, 0x4ffe2, 0x0) 22:51:17 executing program 2: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000440)='l2tp\x00') sendmsg$L2TP_CMD_SESSION_GET(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0800000000000000000000000000000000000c001600ff7ffffffffffffff99bddc4ed8ddb43122393ddf72a335651f63648b12b8787ba61b41ed3ca8575d9cb8092e080889b81e8509f99a62425f1b1b47da4a90e29e130493eeba6075af0fb9e9627b760ee018000003181c61113d30e97f07ba612bdb5fb4c702f8ff94d014efba458fd0f64aee27ef7dbb8a6d0acdeb66160a741ef5f"], 0x34}}, 0x0) sendmsg$L2TP_CMD_SESSION_DELETE(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB='T\x00', @ANYRES16=r2, @ANYBLOB="000227bd7000fcdbdf250600000006001b004e240000060001000d00000005000d000100000005000d00000000000c00100006000000000000000c000f0008000000000000000500050001000000"], 0x54}, 0x1, 0x0, 0x0, 0x8b5ca831696ba95d}, 0x4000) socket$inet_udplite(0x2, 0x2, 0x88) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) setsockopt$bt_rfcomm_RFCOMM_LM(r0, 0x12, 0x3, &(0x7f00000001c0)=0x50, 0x4) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(0xffffffffffffffff, 0x800443d2, &(0x7f0000000400)={0x5, &(0x7f0000000540)=[{@none}, {}, {@none}, {@fixed}, {@none}]}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r3+30000000}, 0x0) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r4, 0x840, 0x0) [ 2249.393838] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.4'. 22:51:18 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) clock_gettime(0x1, &(0x7f0000000000)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r3, 0x840, 0x0) 22:51:18 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_ACCT_NEW(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000800)=ANY=[@ANYBLOB="5cf9bfb27983110200000000000900010073797a31000000080000000000000087fe5d2341d2686b960f1d8af494e84c1eab47a308604d8664c08213407bd8e1b3d8839a40767e7f16baadd0080000000000000041881774ca58e8c1b438ffaec45afe43e3ceb91c1129e593d2038b015ccc00df0000000000a951b43e4d503022203ec368c5714b734ada3f00279b599467a60de3d1a4a3d0a6ca5593d4a66901f4096bf0b324bb15cfea7f1c344f51242e40d0ec73349ae96de4abde53281364c22491c9e4386211c4d88b369ad8c5b0167d763f13e3ab3b8ff936f5821e8d74cb26d62962124f48fafe2d7ff453c413bfad6fef5a6b3a030f7743d9e8b8bdde8d367e03c4c6d6b18c3da38f62a8f4641ade461b6de2c14740ad0037827ef0f04b54df916eb67de4aab5fe449f5ae20f032bab65b72f861290441f809489c771d937c2c3d84a85d0abb8a2c94572230d7fd0ce29b9d5d0e1d204439367d02523cf5f539a00020b19a766fd0c011f26585f1567101fdae0aac7d7919208a92ed0d0"], 0x20}}, 0x800) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='attr\x00') ioctl$KVM_SET_ONE_REG(r1, 0x4010aeac, &(0x7f0000000040)={0x8000, 0x3}) pkey_alloc(0x0, 0x2) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) sendmsg$NFT_MSG_GETTABLE(r2, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000040)={&(0x7f0000000180)={0x80, 0x1, 0xa, 0x301, 0x0, 0x0, {0x5, 0x0, 0x4}, [@NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x1}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}, @NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x1}, @NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x3}, @NFTA_TABLE_FLAGS={0x8}, @NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}, @NFTA_TABLE_FLAGS={0x8}]}, 0x80}}, 0x10) socket$inet(0x2, 0x1, 0x0) r3 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r3, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) 22:51:18 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() r1 = socket$inet_udplite(0x2, 0x2, 0x88) dup(r1) setsockopt$inet_udp_int(r1, 0x11, 0x65, &(0x7f0000000000)=0x3e2, 0x4) wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)) ptrace$cont(0x1f, r0, 0x0, 0x0) 22:51:18 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff0000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r2, 0x0, r4, 0x0, 0x4ffe2, 0x0) [ 2250.249570] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.4'. 22:51:18 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0xfffffffe, 0x3, 0xffffffff, 0x4}, 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$TCGETA(r3, 0x5405, &(0x7f0000000000)) r4 = creat(&(0x7f0000000080)='./file0\x00', 0x2) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(0xffffffffffffffff, 0xc00c642e, &(0x7f0000000100)={0x0, 0x0, r4}) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, &(0x7f0000000140)={0x1ff, 0x2000}, &(0x7f0000000200)={0x0, r5+30000000}, 0x0) r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') getsockopt$inet_sctp_SCTP_INITMSG(r6, 0x84, 0x2, &(0x7f00000001c0), &(0x7f0000000240)=0x8) lseek(r6, 0x840, 0x0) 22:51:18 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_ACCT_NEW(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000800)=ANY=[@ANYBLOB="5cf9bfb27983110200000000000900010073797a31000000080000000000000087fe5d2341d2686b960f1d8af494e84c1eab47a308604d8664c08213407bd8e1b3d8839a40767e7f16baadd0080000000000000041881774ca58e8c1b438ffaec45afe43e3ceb91c1129e593d2038b015ccc00df0000000000a951b43e4d503022203ec368c5714b734ada3f00279b599467a60de3d1a4a3d0a6ca5593d4a66901f4096bf0b324bb15cfea7f1c344f51242e40d0ec73349ae96de4abde53281364c22491c9e4386211c4d88b369ad8c5b0167d763f13e3ab3b8ff936f5821e8d74cb26d62962124f48fafe2d7ff453c413bfad6fef5a6b3a030f7743d9e8b8bdde8d367e03c4c6d6b18c3da38f62a8f4641ade461b6de2c14740ad0037827ef0f04b54df916eb67de4aab5fe449f5ae20f032bab65b72f861290441f809489c771d937c2c3d84a85d0abb8a2c94572230d7fd0ce29b9d5d0e1d204439367d02523cf5f539a00020b19a766fd0c011f26585f1567101fdae0aac7d7919208a92ed0d0"], 0x20}}, 0x800) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='attr\x00') ioctl$KVM_SET_ONE_REG(r1, 0x4010aeac, &(0x7f0000000040)={0x8000, 0x3}) pkey_alloc(0x0, 0x2) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) sendmsg$NFT_MSG_GETTABLE(r2, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000040)={&(0x7f0000000180)={0x80, 0x1, 0xa, 0x301, 0x0, 0x0, {0x5, 0x0, 0x4}, [@NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x1}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}, @NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x1}, @NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x3}, @NFTA_TABLE_FLAGS={0x8}, @NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}, @NFTA_TABLE_FLAGS={0x8}]}, 0x80}}, 0x10) socket$inet(0x2, 0x1, 0x0) r3 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r3, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) 22:51:19 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff0000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r2, 0x0, r4, 0x0, 0x4ffe2, 0x0) [ 2251.118977] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.4'. 22:51:19 executing program 2: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) write$snddsp(0xffffffffffffffff, &(0x7f0000000240)="14223ef38f9e2e1b68cffa8c5aaff16b3117ca64fe7762b969c636246a4e10a00274897951d43747b5c0bbf94e06fc36e6a3a5531299e2bc2bc7ffa68bdf60fc4283123954279b175a1a16d5a4ddbb893673138c0ee4389baa8cf74068ecedd815fb73a3a729bd73330ff6685cd2c89fba257296e705de0be019fd6324187ede80350b9186d85db21d68a8b5598612ae7f0fe2323510257e47be911c5c8fa50d650845ce3624b3f7604b5c479512cd11cd7fecf74375a9b6d190a7d7d53bc00f3a4109044687cdb95347af45bb8cfd66faeced5a60443959cdce1c59c3d65527f5df22b5879f2e30ac434a7bd56ffbec6c4160", 0xf3) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r3, 0x840, 0x0) 22:51:20 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) ptrace$cont(0x1f, r0, 0x0, 0x0) 22:51:20 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0)={0x0, 0xffffffffffffffff}, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') 22:51:20 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff00000500000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r2, 0x0, r4, 0x0, 0x4ffe2, 0x0) 22:51:20 executing program 2: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFNL_MSG_ACCT_NEW(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000800)=ANY=[@ANYBLOB="5cf9bfb27983110200000000000900010073797a31000000080000000000000087fe5d2341d2686b960f1d8af494e84c1eab47a308604d8664c08213407bd8e1b3d8839a40767e7f16baadd0080000000000000041881774ca58e8c1b438ffaec45afe43e3ceb91c1129e593d2038b015ccc00df0000000000a951b43e4d503022203ec368c5714b734ada3f00279b599467a60de3d1a4a3d0a6ca5593d4a66901f4096bf0b324bb15cfea7f1c344f51242e40d0ec73349ae96de4abde53281364c22491c9e4386211c4d88b369ad8c5b0167d763f13e3ab3b8ff936f5821e8d74cb26d62962124f48fafe2d7ff453c413bfad6fef5a6b3a030f7743d9e8b8bdde8d367e03c4c6d6b18c3da38f62a8f4641ade461b6de2c14740ad0037827ef0f04b54df916eb67de4aab5fe449f5ae20f032bab65b72f861290441f809489c771d937c2c3d84a85d0abb8a2c94572230d7fd0ce29b9d5d0e1d204439367d02523cf5f539a00020b19a766fd0c011f26585f1567101fdae0aac7d7919208a92ed0d0"], 0x20}}, 0x800) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='attr\x00') ioctl$KVM_SET_ONE_REG(r1, 0x4010aeac, &(0x7f0000000040)={0x8000, 0x3}) pkey_alloc(0x0, 0x2) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x8000000000000200) sendmsg$NFT_MSG_GETTABLE(r2, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000040)={&(0x7f0000000180)={0x80, 0x1, 0xa, 0x301, 0x0, 0x0, {0x5, 0x0, 0x4}, [@NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x1}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}, @NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x1}, @NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x3}, @NFTA_TABLE_FLAGS={0x8}, @NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}, @NFTA_TABLE_FLAGS={0x8}]}, 0x80}}, 0x10) r3 = socket$inet(0x2, 0x1, 0x0) bind$inet(r3, &(0x7f0000000200)={0x2, 0x4e23, @dev}, 0x10) r4 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r4, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) [ 2252.412330] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.4'. 22:51:21 executing program 2 (fault-call:3 fault-nth:0): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) [ 2253.061051] FAULT_INJECTION: forcing a failure. [ 2253.061051] name failslab, interval 1, probability 0, space 0, times 0 [ 2253.072696] CPU: 0 PID: 10409 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2253.080581] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2253.090891] Call Trace: [ 2253.093492] dump_stack+0x1b2/0x283 [ 2253.097133] should_fail.cold+0x10a/0x154 [ 2253.101387] should_failslab+0xd6/0x130 [ 2253.105467] kmem_cache_alloc+0x40/0x3c0 [ 2253.109661] sctp_get_port_local+0x2df/0xf60 [ 2253.114155] ? sctp_unhash+0x10/0x10 [ 2253.117899] ? sctp_bind_addr_match+0x184/0x260 [ 2253.122826] ? sctp_inet6_bind_verify+0x94/0x410 [ 2253.127597] sctp_do_bind+0x1df/0x550 [ 2253.131409] __sctp_connect+0x701/0xbe0 [ 2253.135398] ? sctp_wfree+0x600/0x600 [ 2253.139211] ? lock_sock_nested+0x98/0x100 [ 2253.148342] ? sctp_asconf_mgmt+0x340/0x340 [ 2253.152669] sctp_inet_connect+0x127/0x190 [ 2253.156907] ? sctp_asconf_mgmt+0x340/0x340 [ 2253.161241] SyS_connect+0x1f4/0x240 [ 2253.164959] ? SyS_accept+0x30/0x30 [ 2253.168681] ? fput+0xb/0x140 [ 2253.173241] ? SyS_write+0x14d/0x210 [ 2253.177006] ? SyS_read+0x210/0x210 [ 2253.180635] ? SyS_clock_settime+0x1a0/0x1a0 [ 2253.185046] ? do_syscall_64+0x4c/0x640 [ 2253.189040] ? SyS_accept+0x30/0x30 [ 2253.192883] do_syscall_64+0x1d5/0x640 [ 2253.196800] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2253.202685] RIP: 0033:0x45de29 22:51:21 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)) r1 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_int(r1, 0x29, 0x48, &(0x7f0000000240)=0xd, 0x4) getsockopt$inet6_int(r1, 0x29, 0x48, 0x0, &(0x7f00007d0000)) fcntl$lock(r1, 0x26, &(0x7f0000000000)={0x0, 0x3, 0xfffffffffffeffff, 0x6}) ptrace$cont(0x1f, r0, 0x0, 0x0) [ 2253.205872] RSP: 002b:00007f99fea89c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2253.213582] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 [ 2253.220851] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 [ 2253.228155] RBP: 00007f99fea89ca0 R08: 0000000000000000 R09: 0000000000000000 [ 2253.235431] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2253.242704] R13: 00007ffe45e906cf R14: 00007f99fea8a9c0 R15: 000000000118bf2c 22:51:21 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x3, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x8800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$SNDRV_PCM_IOCTL_HWSYNC(0xffffffffffffffff, 0x4122, 0x0) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') ioctl$FS_IOC_GET_ENCRYPTION_NONCE(r3, 0x8010661b, &(0x7f0000000000)) r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000100)='ethtool\x00') sendmsg$ETHTOOL_MSG_LINKINFO_SET(r0, &(0x7f0000000280)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x24, r4, 0x800, 0x70bd2a, 0x25dfdbff, {}, [@ETHTOOL_A_LINKINFO_PORT={0x5, 0x2, 0x9}, @ETHTOOL_A_LINKINFO_TP_MDIX_CTRL={0x5, 0x5, 0x9}]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x40000c1) lseek(r3, 0x840, 0x0) 22:51:21 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff00000500000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r2, 0x0, r4, 0x0, 0x4ffe2, 0x0) 22:51:21 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) bind$rose(r2, &(0x7f0000000000)=@short={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x1, @default}, 0x1c) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) bind$l2tp(r0, &(0x7f0000000080)={0x2, 0x0, @multicast2, 0x2}, 0x10) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$SNDRV_CTL_IOCTL_ELEM_INFO(0xffffffffffffffff, 0xc1105511, &(0x7f0000000300)={{0x3, 0x4, 0x3, 0x8000, 'syz0\x00', 0x3ff}, 0x4, 0x3, 0x8aaa, 0x0, 0x0, 0xc17, 'syz0\x00', &(0x7f00000001c0), 0x0, [], [0x2c, 0x1ff, 0x401, 0x7f]}) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r3, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r4+30000000}, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_NAMED_QUEUE(r2, 0xc08c5336, &(0x7f0000000240)={0x9, 0x80, 0x0, 'queue0\x00', 0x6}) r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r5, 0x840, 0x0) [ 2253.442177] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.4'. 22:51:21 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)) ptrace$cont(0x1f, r0, 0x0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000200)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)={0x28, r2, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_SERVICE={0x14, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_AF={0x6, 0x1, 0x2}, @IPVS_SVC_ATTR_FWMARK={0x8}]}]}, 0x28}}, 0x0) sendmsg$IPVS_CMD_GET_DEST(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x14, r2, 0x400, 0x70bd2d, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x14}, 0x20000000) 22:51:22 executing program 2 (fault-call:3 fault-nth:1): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) [ 2253.870833] FAULT_INJECTION: forcing a failure. [ 2253.870833] name failslab, interval 1, probability 0, space 0, times 0 [ 2253.889797] CPU: 0 PID: 10440 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2253.897703] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2253.907055] Call Trace: [ 2253.909648] dump_stack+0x1b2/0x283 [ 2253.913279] should_fail.cold+0x10a/0x154 [ 2253.917451] ? sctp_get_port_local+0xa47/0xf60 [ 2253.922038] should_failslab+0xd6/0x130 [ 2253.926014] kmem_cache_alloc_trace+0x47/0x3d0 [ 2253.930621] sctp_add_bind_addr+0x6c/0x350 [ 2253.934853] ? sctp_inet6_bind_verify+0x94/0x410 [ 2253.939605] sctp_do_bind+0x2a9/0x550 [ 2253.943408] __sctp_connect+0x701/0xbe0 [ 2253.947400] ? sctp_wfree+0x600/0x600 [ 2253.951209] ? lock_sock_nested+0x98/0x100 [ 2253.956152] ? sctp_asconf_mgmt+0x340/0x340 [ 2253.960475] sctp_inet_connect+0x127/0x190 [ 2253.964716] ? sctp_asconf_mgmt+0x340/0x340 [ 2253.969035] SyS_connect+0x1f4/0x240 [ 2253.972748] ? SyS_accept+0x30/0x30 [ 2253.976383] ? fput+0xb/0x140 [ 2253.979486] ? SyS_write+0x14d/0x210 [ 2253.983199] ? SyS_read+0x210/0x210 [ 2253.986823] ? SyS_clock_settime+0x1a0/0x1a0 [ 2253.991236] ? do_syscall_64+0x4c/0x640 [ 2253.995207] ? SyS_accept+0x30/0x30 [ 2253.998838] do_syscall_64+0x1d5/0x640 [ 2254.002730] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2254.008527] RIP: 0033:0x45de29 [ 2254.011712] RSP: 002b:00007f99fea89c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2254.019940] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 [ 2254.027207] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 [ 2254.034479] RBP: 00007f99fea89ca0 R08: 0000000000000000 R09: 0000000000000000 [ 2254.041769] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2254.049050] R13: 00007ffe45e906cf R14: 00007f99fea8a9c0 R15: 000000000118bf2c 22:51:22 executing program 2 (fault-call:3 fault-nth:2): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) [ 2254.161786] FAULT_INJECTION: forcing a failure. [ 2254.161786] name failslab, interval 1, probability 0, space 0, times 0 [ 2254.181502] CPU: 0 PID: 10444 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2254.189507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2254.198863] Call Trace: [ 2254.201454] dump_stack+0x1b2/0x283 [ 2254.205083] should_fail.cold+0x10a/0x154 [ 2254.209233] should_failslab+0xd6/0x130 [ 2254.213206] kmem_cache_alloc_trace+0x29a/0x3d0 [ 2254.217949] sctp_association_new+0x6d/0x1e70 [ 2254.222448] ? __ipv6_addr_type+0x18f/0x2a0 [ 2254.226770] __sctp_connect+0x5f7/0xbe0 [ 2254.230745] ? sctp_wfree+0x600/0x600 [ 2254.234544] ? lock_sock_nested+0x98/0x100 [ 2254.238788] ? sctp_asconf_mgmt+0x340/0x340 [ 2254.243135] sctp_inet_connect+0x127/0x190 [ 2254.247379] ? sctp_asconf_mgmt+0x340/0x340 [ 2254.251700] SyS_connect+0x1f4/0x240 [ 2254.255627] ? SyS_accept+0x30/0x30 [ 2254.259866] ? fput+0xb/0x140 [ 2254.262969] ? SyS_write+0x14d/0x210 [ 2254.266687] ? SyS_read+0x210/0x210 [ 2254.270319] ? SyS_clock_settime+0x1a0/0x1a0 [ 2254.274732] ? do_syscall_64+0x4c/0x640 [ 2254.278698] ? SyS_accept+0x30/0x30 [ 2254.282334] do_syscall_64+0x1d5/0x640 [ 2254.286244] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2254.291442] RIP: 0033:0x45de29 [ 2254.294650] RSP: 002b:00007f99fea89c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2254.302355] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 [ 2254.309620] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 [ 2254.316906] RBP: 00007f99fea89ca0 R08: 0000000000000000 R09: 0000000000000000 [ 2254.324179] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2254.331451] R13: 00007ffe45e906cf R14: 00007f99fea8a9c0 R15: 000000000118bf2c 22:51:23 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) ptrace$cont(0x1f, r0, 0x0, 0x0) 22:51:23 executing program 2 (fault-call:3 fault-nth:3): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) 22:51:23 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) setsockopt$IP_VS_SO_SET_EDIT(r2, 0x0, 0x483, &(0x7f0000000000)={0xc, @private=0xa010100, 0x4e22, 0x3, 'nq\x00', 0x8, 0x80, 0x12}, 0x2c) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r3, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r4+30000000}, 0x0) r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r5, 0x840, 0x0) 22:51:23 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff00000500000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r2, 0x0, r4, 0x0, 0x4ffe2, 0x0) [ 2255.428410] IPVS: set_ctl: invalid protocol: 12 10.1.1.0:20002 [ 2255.437732] FAULT_INJECTION: forcing a failure. [ 2255.437732] name failslab, interval 1, probability 0, space 0, times 0 [ 2255.471247] CPU: 0 PID: 10461 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2255.479184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2255.488540] Call Trace: [ 2255.491131] dump_stack+0x1b2/0x283 [ 2255.494765] should_fail.cold+0x10a/0x154 [ 2255.498918] should_failslab+0xd6/0x130 [ 2255.502892] __kmalloc+0x2c1/0x400 [ 2255.506461] ? sctp_stream_init+0x8e/0x2b0 [ 2255.510699] sctp_stream_init+0x8e/0x2b0 [ 2255.514786] sctp_association_new+0x10e4/0x1e70 [ 2255.519459] __sctp_connect+0x5f7/0xbe0 [ 2255.523437] ? sctp_wfree+0x600/0x600 [ 2255.527252] ? lock_sock_nested+0x98/0x100 [ 2255.531493] ? sctp_asconf_mgmt+0x340/0x340 [ 2255.536948] sctp_inet_connect+0x127/0x190 [ 2255.541188] ? sctp_asconf_mgmt+0x340/0x340 [ 2255.545503] SyS_connect+0x1f4/0x240 [ 2255.549213] ? SyS_accept+0x30/0x30 [ 2255.552854] ? fput+0xb/0x140 [ 2255.555962] ? SyS_write+0x14d/0x210 [ 2255.559690] ? SyS_read+0x210/0x210 [ 2255.563312] ? SyS_clock_settime+0x1a0/0x1a0 [ 2255.567717] ? do_syscall_64+0x4c/0x640 [ 2255.571683] ? SyS_accept+0x30/0x30 [ 2255.575307] do_syscall_64+0x1d5/0x640 [ 2255.579198] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2255.584384] RIP: 0033:0x45de29 [ 2255.587567] RSP: 002b:00007f99fea89c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2255.595475] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 [ 2255.602741] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 [ 2255.610007] RBP: 00007f99fea89ca0 R08: 0000000000000000 R09: 0000000000000000 [ 2255.617275] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003 [ 2255.624541] R13: 00007ffe45e906cf R14: 00007f99fea8a9c0 R15: 000000000118bf2c [ 2255.645266] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.4'. 22:51:24 executing program 2 (fault-call:3 fault-nth:4): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) [ 2255.920387] FAULT_INJECTION: forcing a failure. [ 2255.920387] name failslab, interval 1, probability 0, space 0, times 0 [ 2255.941477] CPU: 1 PID: 10470 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2255.949392] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2255.958750] Call Trace: [ 2255.961341] dump_stack+0x1b2/0x283 [ 2255.964976] should_fail.cold+0x10a/0x154 [ 2255.969149] should_failslab+0xd6/0x130 [ 2255.973133] kmem_cache_alloc_trace+0x29a/0x3d0 [ 2255.977805] sctp_auth_shkey_create+0x58/0x130 [ 2255.982400] sctp_auth_asoc_copy_shkeys+0x1d1/0x2a0 [ 2255.987450] sctp_association_new+0x149a/0x1e70 [ 2255.992148] __sctp_connect+0x5f7/0xbe0 [ 2255.996131] ? sctp_wfree+0x600/0x600 [ 2255.999955] ? lock_sock_nested+0x98/0x100 [ 2256.004204] ? sctp_asconf_mgmt+0x340/0x340 [ 2256.008538] sctp_inet_connect+0x127/0x190 [ 2256.012796] ? sctp_asconf_mgmt+0x340/0x340 [ 2256.017114] SyS_connect+0x1f4/0x240 [ 2256.020827] ? SyS_accept+0x30/0x30 [ 2256.024459] ? fput+0xb/0x140 [ 2256.027563] ? SyS_write+0x14d/0x210 [ 2256.031274] ? SyS_read+0x210/0x210 [ 2256.034899] ? SyS_clock_settime+0x1a0/0x1a0 [ 2256.039308] ? do_syscall_64+0x4c/0x640 [ 2256.043393] ? SyS_accept+0x30/0x30 [ 2256.047022] do_syscall_64+0x1d5/0x640 [ 2256.050925] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2256.056117] RIP: 0033:0x45de29 [ 2256.059313] RSP: 002b:00007f99fea89c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2256.067027] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 [ 2256.074322] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 [ 2256.081596] RBP: 00007f99fea89ca0 R08: 0000000000000000 R09: 0000000000000000 [ 2256.088862] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 2256.097782] R13: 00007ffe45e906cf R14: 00007f99fea8a9c0 R15: 000000000118bf2c 22:51:24 executing program 2 (fault-call:3 fault-nth:5): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) 22:51:24 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff00000500000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r2, 0x0, r4, 0x0, 0x4ffe2, 0x0) [ 2256.180074] IPVS: set_ctl: invalid protocol: 12 10.1.1.0:20002 [ 2256.250033] FAULT_INJECTION: forcing a failure. [ 2256.250033] name failslab, interval 1, probability 0, space 0, times 0 [ 2256.288105] CPU: 1 PID: 10477 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2256.297128] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2256.306490] Call Trace: [ 2256.309178] dump_stack+0x1b2/0x283 [ 2256.312840] should_fail.cold+0x10a/0x154 [ 2256.313950] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.4'. [ 2256.316993] should_failslab+0xd6/0x130 [ 2256.329595] kmem_cache_alloc_trace+0x47/0x3d0 [ 2256.334732] sctp_add_bind_addr+0x6c/0x350 [ 2256.338984] sctp_copy_local_addr_list+0x2ae/0x400 [ 2256.343920] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2256.348687] sctp_bind_addr_copy+0xde/0x430 [ 2256.353018] __sctp_connect+0x618/0xbe0 [ 2256.357014] ? sctp_wfree+0x600/0x600 [ 2256.360820] ? lock_sock_nested+0x98/0x100 [ 2256.365069] ? sctp_asconf_mgmt+0x340/0x340 [ 2256.369395] sctp_inet_connect+0x127/0x190 [ 2256.373634] ? sctp_asconf_mgmt+0x340/0x340 [ 2256.377961] SyS_connect+0x1f4/0x240 [ 2256.381677] ? SyS_accept+0x30/0x30 [ 2256.385309] ? fput+0xb/0x140 [ 2256.388419] ? SyS_write+0x14d/0x210 [ 2256.392137] ? SyS_read+0x210/0x210 [ 2256.395760] ? SyS_clock_settime+0x1a0/0x1a0 [ 2256.400170] ? do_syscall_64+0x4c/0x640 [ 2256.404148] ? SyS_accept+0x30/0x30 [ 2256.407783] do_syscall_64+0x1d5/0x640 [ 2256.411683] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2256.416874] RIP: 0033:0x45de29 [ 2256.420091] RSP: 002b:00007f99fea89c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2256.427799] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 [ 2256.435076] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 [ 2256.442379] RBP: 00007f99fea89ca0 R08: 0000000000000000 R09: 0000000000000000 22:51:24 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) ioctl$KDGKBLED(0xffffffffffffffff, 0x4b64, &(0x7f0000000000)) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0xfd, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x20000000, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x0, 0x11, r1, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r3, 0x840, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='macvtap0\x00', 0x10) 22:51:24 executing program 2 (fault-call:3 fault-nth:6): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) [ 2256.449675] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 2256.456947] R13: 00007ffe45e906cf R14: 00007f99fea8a9c0 R15: 000000000118bf2c 22:51:24 executing program 1: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_int(r1, 0x29, 0x48, &(0x7f0000000240)=0xd, 0x4) getsockopt$inet6_int(r1, 0x29, 0x48, 0x0, &(0x7f00007d0000)) ioctl$FS_IOC_SETFSLABEL(r1, 0x41009432, &(0x7f0000000200)="0a286f7b548c619c57e8f0719ecb9866a7c8310af79269fff887a1e262e23655de723b73f1147ec28b8024c2c3e564307df50b55cc8aa729e33b147742a7d65ecd55ef57caa3deca9860848446e64639dd0a08a1b8d0707a6c97c4ee0d1b95bd52d1a18e628c581a946a2ffb47fc52b95345a0a35712428d80f378b36ef51bdf7d5c6f7055e7b2fee92b25f67d69c45908777d8ed98030c85cc5684506080a917b4a53879b367d5e6f9e0690397859094f440ec01ac0f7403d56a481e97d2c6afc3526450d46a0ef1bbd469e62affae71f57af4d9976ae41f7febdb821ece018b10b47ffda1128db8d587dcb99875814d6baf0c02ccae5f0b5dd80241b66bebb") ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0xfffffffffffffffc) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) syz_genetlink_get_family_id$devlink(&(0x7f0000000000)='devlink\x00') socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)) ptrace$cont(0x1f, r0, 0x0, 0x0) [ 2256.570634] FAULT_INJECTION: forcing a failure. [ 2256.570634] name failslab, interval 1, probability 0, space 0, times 0 [ 2256.616786] CPU: 1 PID: 10488 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2256.624717] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2256.634938] Call Trace: [ 2256.638432] dump_stack+0x1b2/0x283 [ 2256.642082] should_fail.cold+0x10a/0x154 [ 2256.646233] should_failslab+0xd6/0x130 [ 2256.650228] kmem_cache_alloc_trace+0x47/0x3d0 [ 2256.654820] sctp_add_bind_addr+0x6c/0x350 [ 2256.659074] sctp_copy_local_addr_list+0x2ae/0x400 [ 2256.664019] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2256.668786] sctp_bind_addr_copy+0xde/0x430 [ 2256.673115] __sctp_connect+0x618/0xbe0 [ 2256.677095] ? sctp_wfree+0x600/0x600 [ 2256.680898] ? lock_sock_nested+0x98/0x100 [ 2256.685174] ? sctp_asconf_mgmt+0x340/0x340 [ 2256.689523] sctp_inet_connect+0x127/0x190 [ 2256.693766] ? sctp_asconf_mgmt+0x340/0x340 [ 2256.698091] SyS_connect+0x1f4/0x240 [ 2256.701813] ? SyS_accept+0x30/0x30 [ 2256.705460] ? fput+0xb/0x140 [ 2256.708740] ? SyS_write+0x14d/0x210 [ 2256.712454] ? SyS_read+0x210/0x210 [ 2256.716085] ? SyS_clock_settime+0x1a0/0x1a0 [ 2256.720514] ? do_syscall_64+0x4c/0x640 [ 2256.724509] ? SyS_accept+0x30/0x30 [ 2256.725773] ptrace attach of "/root/syz-executor.1"[10494] was attempted by "/root/syz-executor.1"[10495] [ 2256.728145] do_syscall_64+0x1d5/0x640 [ 2256.728163] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2256.728173] RIP: 0033:0x45de29 [ 2256.750111] RSP: 002b:00007f99fea89c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2256.758003] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 22:51:24 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x3f, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r3, 0x840, 0x0) 22:51:25 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000040)=0x0) wait4(r0, &(0x7f0000000080), 0x40000000, &(0x7f0000000280)) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) sendmsg$NFT_MSG_GETOBJ(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000400)={&(0x7f0000000380)={0x64, 0x13, 0xa, 0x40b, 0x0, 0x0, {0x5, 0x0, 0x6}, [@NFTA_OBJ_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_OBJ_HANDLE={0xc, 0x6, 0x1, 0x0, 0x1}, @NFTA_OBJ_HANDLE={0xc, 0x6, 0x1, 0x0, 0x5}, @NFTA_OBJ_TYPE={0x8, 0x3, 0x1, 0x0, 0x8}, @NFTA_OBJ_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_OBJ_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_OBJ_NAME={0x9, 0x2, 'syz1\x00'}]}, 0x64}, 0x1, 0x0, 0x0, 0x20000004}, 0x4000000) ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x3c) setsockopt$inet_sctp_SCTP_AUTOCLOSE(0xffffffffffffffff, 0x84, 0x4, &(0x7f0000000200)=0xf3f2, 0x4) ptrace$cont(0x18, r1, 0x0, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_int(r2, 0x29, 0x48, &(0x7f0000000240)=0xd, 0x4) getsockopt$inet6_int(r2, 0x29, 0x48, 0x0, &(0x7f00007d0000)) ioctl$FS_IOC_GETVERSION(r2, 0x80087601, &(0x7f0000000000)) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)) [ 2256.765273] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 [ 2256.772546] RBP: 00007f99fea89ca0 R08: 0000000000000000 R09: 0000000000000000 [ 2256.779816] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 2256.787115] R13: 00007ffe45e906cf R14: 00007f99fea8a9c0 R15: 000000000118bf2c 22:51:26 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) ptrace$cont(0x1f, r0, 0x0, 0x0) 22:51:26 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) recvmsg$can_bcm(r1, &(0x7f00000002c0)={&(0x7f0000000040)=@sco, 0x80, &(0x7f0000002500)=[{&(0x7f0000000200)=""/183, 0xb7}, {&(0x7f0000002700)=""/4097, 0x1001}, {&(0x7f00000012c0)=""/194, 0xc2}, {&(0x7f0000002680)=""/70, 0x46}, {&(0x7f0000001400)=""/4096, 0x1000}, {&(0x7f0000002400)=""/210, 0xd2}], 0x6, &(0x7f0000002580)=""/58, 0x3a}, 0x20) r2 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) r3 = syz_open_dev$dmmidi(&(0x7f0000002600)='/dev/dmmidi#\x00', 0x8001, 0x40800) ioctl$F2FS_IOC_START_ATOMIC_WRITE(r3, 0xf501, 0x0) r4 = getpgrp(r2) ptrace$setopts(0x4206, r4, 0x0, 0x21) tkill(r2, 0x3c) ptrace$cont(0x18, 0x0, 0x0, 0xfd) r5 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x80000000, 0x80a00) ioctl$SNDCTL_DSP_SYNC(r5, 0x5001, 0x0) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)) ptrace$cont(0x1f, r2, 0x0, 0x0) 22:51:26 executing program 2 (fault-call:3 fault-nth:7): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) 22:51:26 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff00000500000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r2, 0x0, r4, 0x0, 0x4ffe2, 0x0) 22:51:26 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = getpid() r5 = socket$netlink(0x10, 0x3, 0x0) getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) sendmsg$unix(r3, &(0x7f0000001440)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=[@cred={{0x1c, 0x1, 0x2, {r4, 0x0, r7}}}], 0x20}, 0x0) r8 = syz_open_procfs(r6, &(0x7f0000000040)='net/arp\x00') lseek(r8, 0x840, 0x0) [ 2258.448623] FAULT_INJECTION: forcing a failure. [ 2258.448623] name failslab, interval 1, probability 0, space 0, times 0 [ 2258.481415] CPU: 1 PID: 10525 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2258.489335] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2258.498693] Call Trace: [ 2258.501287] dump_stack+0x1b2/0x283 [ 2258.504936] should_fail.cold+0x10a/0x154 [ 2258.509090] should_failslab+0xd6/0x130 [ 2258.514076] kmem_cache_alloc_trace+0x47/0x3d0 [ 2258.518662] sctp_add_bind_addr+0x6c/0x350 [ 2258.523084] sctp_copy_local_addr_list+0x2ae/0x400 [ 2258.528049] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2258.532819] sctp_bind_addr_copy+0xde/0x430 [ 2258.537169] __sctp_connect+0x618/0xbe0 [ 2258.541164] ? sctp_wfree+0x600/0x600 [ 2258.545067] ? lock_sock_nested+0x98/0x100 [ 2258.549314] ? sctp_asconf_mgmt+0x340/0x340 [ 2258.553641] sctp_inet_connect+0x127/0x190 [ 2258.557878] ? sctp_asconf_mgmt+0x340/0x340 [ 2258.562195] SyS_connect+0x1f4/0x240 [ 2258.565910] ? SyS_accept+0x30/0x30 [ 2258.569540] ? fput+0xb/0x140 [ 2258.572727] ? SyS_write+0x14d/0x210 [ 2258.576435] ? SyS_read+0x210/0x210 [ 2258.580064] ? SyS_clock_settime+0x1a0/0x1a0 [ 2258.584471] ? do_syscall_64+0x4c/0x640 [ 2258.589660] ? SyS_accept+0x30/0x30 [ 2258.593313] do_syscall_64+0x1d5/0x640 [ 2258.597208] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2258.602395] RIP: 0033:0x45de29 [ 2258.605577] RSP: 002b:00007f99fea89c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2258.613288] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 [ 2258.622595] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 [ 2258.629887] RBP: 00007f99fea89ca0 R08: 0000000000000000 R09: 0000000000000000 [ 2258.637185] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 22:51:26 executing program 2 (fault-call:3 fault-nth:8): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) [ 2258.644455] R13: 00007ffe45e906cf R14: 00007f99fea8a9c0 R15: 000000000118bf2c [ 2258.659414] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.4'. [ 2258.770387] FAULT_INJECTION: forcing a failure. [ 2258.770387] name failslab, interval 1, probability 0, space 0, times 0 [ 2258.787587] CPU: 0 PID: 10537 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2258.795496] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2258.804851] Call Trace: [ 2258.807448] dump_stack+0x1b2/0x283 [ 2258.811087] should_fail.cold+0x10a/0x154 [ 2258.815243] should_failslab+0xd6/0x130 [ 2258.819238] kmem_cache_alloc_trace+0x47/0x3d0 [ 2258.823823] sctp_add_bind_addr+0x6c/0x350 [ 2258.828065] sctp_copy_local_addr_list+0x2ae/0x400 [ 2258.833037] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2258.837805] sctp_bind_addr_copy+0xde/0x430 [ 2258.842141] __sctp_connect+0x618/0xbe0 [ 2258.846155] ? sctp_wfree+0x600/0x600 [ 2258.850917] ? lock_sock_nested+0x98/0x100 [ 2258.855172] ? sctp_asconf_mgmt+0x340/0x340 [ 2258.859500] sctp_inet_connect+0x127/0x190 [ 2258.863740] ? sctp_asconf_mgmt+0x340/0x340 [ 2258.868102] SyS_connect+0x1f4/0x240 [ 2258.871818] ? SyS_accept+0x30/0x30 [ 2258.875541] ? fput+0xb/0x140 [ 2258.878651] ? SyS_write+0x14d/0x210 [ 2258.882364] ? SyS_read+0x210/0x210 [ 2258.885993] ? SyS_clock_settime+0x1a0/0x1a0 [ 2258.890927] ? do_syscall_64+0x4c/0x640 [ 2258.894901] ? SyS_accept+0x30/0x30 [ 2258.898553] do_syscall_64+0x1d5/0x640 [ 2258.903145] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2258.908336] RIP: 0033:0x45de29 [ 2258.911522] RSP: 002b:00007f99fea89c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2258.919262] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 [ 2258.926541] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 [ 2258.934607] RBP: 00007f99fea89ca0 R08: 0000000000000000 R09: 0000000000000000 [ 2258.941880] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000008 [ 2258.949165] R13: 00007ffe45e906cf R14: 00007f99fea8a9c0 R15: 000000000118bf2c 22:51:27 executing program 2 (fault-call:3 fault-nth:9): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) [ 2259.076940] FAULT_INJECTION: forcing a failure. [ 2259.076940] name failslab, interval 1, probability 0, space 0, times 0 [ 2259.101991] CPU: 1 PID: 10541 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2259.109897] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2259.119278] Call Trace: [ 2259.121872] dump_stack+0x1b2/0x283 [ 2259.126808] should_fail.cold+0x10a/0x154 [ 2259.130968] should_failslab+0xd6/0x130 [ 2259.134949] kmem_cache_alloc_trace+0x47/0x3d0 [ 2259.139556] sctp_add_bind_addr+0x6c/0x350 [ 2259.143812] sctp_copy_local_addr_list+0x2ae/0x400 [ 2259.149621] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2259.154381] sctp_bind_addr_copy+0xde/0x430 [ 2259.158712] __sctp_connect+0x618/0xbe0 [ 2259.162692] ? sctp_wfree+0x600/0x600 [ 2259.166520] ? lock_sock_nested+0x98/0x100 [ 2259.170768] ? sctp_asconf_mgmt+0x340/0x340 [ 2259.175096] sctp_inet_connect+0x127/0x190 [ 2259.179343] ? sctp_asconf_mgmt+0x340/0x340 [ 2259.183661] SyS_connect+0x1f4/0x240 [ 2259.187377] ? SyS_accept+0x30/0x30 [ 2259.191010] ? fput+0xb/0x140 [ 2259.194118] ? SyS_write+0x14d/0x210 [ 2259.197828] ? SyS_read+0x210/0x210 [ 2259.201452] ? SyS_clock_settime+0x1a0/0x1a0 [ 2259.205860] ? do_syscall_64+0x4c/0x640 [ 2259.209838] ? SyS_accept+0x30/0x30 [ 2259.213464] do_syscall_64+0x1d5/0x640 [ 2259.217359] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2259.222540] RIP: 0033:0x45de29 22:51:27 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff00000500000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r2, 0x0, r4, 0x0, 0x4ffe2, 0x0) 22:51:27 executing program 1: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() arch_prctl$ARCH_GET_FS(0x1003, &(0x7f0000000000)) wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) r1 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) lseek(r1, 0x3, 0x4) tkill(r0, 0x3c) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc) r2 = gettid() ptrace$cont(0x7, r2, 0x6, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)) r3 = socket$inet_udplite(0x2, 0x2, 0x88) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$VIDIOC_REQBUFS(r4, 0xc0145608, &(0x7f0000000200)={0x562, 0x8, 0x2}) ptrace$cont(0x1f, r0, 0xfffe, 0x0) [ 2259.225727] RSP: 002b:00007f99fea89c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2259.233461] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 [ 2259.240731] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 [ 2259.249029] RBP: 00007f99fea89ca0 R08: 0000000000000000 R09: 0000000000000000 [ 2259.256332] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000009 [ 2259.263602] R13: 00007ffe45e906cf R14: 00007f99fea8a9c0 R15: 000000000118bf2c [ 2259.340786] ptrace attach of "/root/syz-executor.1"[10554] was attempted by "/root/syz-executor.1"[10555] 22:51:27 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000400)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xffffffffffffff8d}, {&(0x7f0000000080)="e51414380dd0d2ea7e978c5a06e22ae5a5729d96893732740c7a2c2f83e82c3c81bfbc6a306b2e524f055427460f93dea5e08ea5f422340e54d8fa5a"}, {&(0x7f0000000480)="e3fe1690fa7be83263b345b3a537147c89c4e40c7c6a199f524eb487ff69f52b020ac0dae01376b13d1defb2f0023ce0fa06c8b885deb65391ca5c376fe217bfd6848d97f4dc1795d30b624ab99e5ac646f12e7cab5f77fc68cd87e919affcd64ebe12c329f1d7c94f1ad74e8fbc479b2f21be47462dc9360cb20b0b47bc06930834727a6fab80e84ebedc201952f27e878136ebe183c6332c8bef2cc0a1b7426cad60b1a7900c0d48b977ed09281a6d1641a789e43992eb9f06b8b9f4ca40b24213d0248ab094e422df6a1ac45f8c0c5f69cec3e0cab7272b6c1382ab10ea5b9da27efaca0f7ca4eaf91b41794030e7fedc4de3"}, {&(0x7f0000000300)="671d7a1f92003bd969f718d2ed93d25ede8bc7bec06484d0275d23099ce38ea800dcb497b40c73d1e7abf30ad83454353631eaa19d4b0e87fb72d6530afdf2a3a0dada1a5d656a7267d87abc9b2d88e945231695237ab0572f07321a916c24826b944593bb956feb029833c9327ab464430c35e0b5878935f4f6e024ef44c0dbfb84c0e1d7e3773dbfff5047461607fff25f43dd"}, {&(0x7f00000003c0)}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$BATADV_CMD_GET_DAT_CACHE(r2, &(0x7f00000002c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4100c800}, 0xc, &(0x7f0000000280)={&(0x7f0000000200)={0x44, 0x0, 0x800, 0x70bd27, 0x25dfdbfd, {}, [@BATADV_ATTR_AP_ISOLATION_ENABLED={0x5, 0x2a, 0x1}, @BATADV_ATTR_VLANID={0x6}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0xa67d9ce}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x7}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x2}]}, 0x44}, 0x1, 0x0, 0x0, 0x20004005}, 0x800) ptrace$setregs(0xd, r0, 0x5, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)) r3 = socket$inet_udplite(0x2, 0x2, 0x88) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$KVM_SET_PIT2(r4, 0x4070aea0, &(0x7f0000000000)={[{0x80000000, 0x3fe0, 0x94, 0x40, 0x9, 0x0, 0x4, 0x1, 0x3, 0x0, 0x0, 0xfe, 0x4}, {0x401, 0x3, 0x5, 0x7, 0x2, 0xbc, 0x1, 0x0, 0x4, 0x7, 0x7, 0x0, 0x3}, {0x9, 0x20, 0x7b, 0x80, 0x5, 0xe4, 0xff, 0x47, 0x9, 0x2, 0x3f, 0x1, 0x8}], 0x1}) ptrace$cont(0x1f, r0, 0x0, 0x0) syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) 22:51:27 executing program 2 (fault-call:3 fault-nth:10): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) [ 2259.390038] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.4'. [ 2259.493313] FAULT_INJECTION: forcing a failure. [ 2259.493313] name failslab, interval 1, probability 0, space 0, times 0 [ 2259.509970] CPU: 1 PID: 10565 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2259.517877] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2259.527231] Call Trace: [ 2259.529820] dump_stack+0x1b2/0x283 [ 2259.533447] should_fail.cold+0x10a/0x154 [ 2259.538301] should_failslab+0xd6/0x130 [ 2259.542274] kmem_cache_alloc_trace+0x47/0x3d0 [ 2259.546883] sctp_add_bind_addr+0x6c/0x350 [ 2259.551139] sctp_copy_local_addr_list+0x2ae/0x400 [ 2259.556104] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2259.560868] sctp_bind_addr_copy+0xde/0x430 [ 2259.565195] __sctp_connect+0x618/0xbe0 [ 2259.569693] ? sctp_wfree+0x600/0x600 [ 2259.573496] ? lock_sock_nested+0x98/0x100 [ 2259.577755] ? sctp_asconf_mgmt+0x340/0x340 [ 2259.582089] sctp_inet_connect+0x127/0x190 [ 2259.586332] ? sctp_asconf_mgmt+0x340/0x340 [ 2259.590649] SyS_connect+0x1f4/0x240 [ 2259.594362] ? SyS_accept+0x30/0x30 [ 2259.598032] ? fput+0xb/0x140 [ 2259.601143] ? SyS_write+0x14d/0x210 [ 2259.604850] ? SyS_read+0x210/0x210 [ 2259.608473] ? SyS_clock_settime+0x1a0/0x1a0 [ 2259.613060] ? do_syscall_64+0x4c/0x640 [ 2259.617059] ? SyS_accept+0x30/0x30 [ 2259.620686] do_syscall_64+0x1d5/0x640 [ 2259.624578] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2259.629778] RIP: 0033:0x45de29 [ 2259.632957] RSP: 002b:00007f99fea89c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2259.640667] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 [ 2259.648025] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 [ 2259.655321] RBP: 00007f99fea89ca0 R08: 0000000000000000 R09: 0000000000000000 [ 2259.662613] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000a [ 2259.669883] R13: 00007ffe45e906cf R14: 00007f99fea8a9c0 R15: 000000000118bf2c 22:51:28 executing program 2 (fault-call:3 fault-nth:11): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) [ 2259.828489] FAULT_INJECTION: forcing a failure. [ 2259.828489] name failslab, interval 1, probability 0, space 0, times 0 [ 2259.858356] CPU: 1 PID: 10573 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2259.866286] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2259.875820] Call Trace: [ 2259.878436] dump_stack+0x1b2/0x283 [ 2259.882074] should_fail.cold+0x10a/0x154 [ 2259.886240] should_failslab+0xd6/0x130 [ 2259.890222] kmem_cache_alloc_trace+0x47/0x3d0 [ 2259.894809] sctp_add_bind_addr+0x6c/0x350 [ 2259.899047] sctp_copy_local_addr_list+0x2ae/0x400 [ 2259.904007] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2259.908773] sctp_bind_addr_copy+0xde/0x430 [ 2259.913101] __sctp_connect+0x618/0xbe0 [ 2259.917103] ? sctp_wfree+0x600/0x600 [ 2259.920922] ? lock_sock_nested+0x98/0x100 [ 2259.925163] ? sctp_asconf_mgmt+0x340/0x340 [ 2259.929503] sctp_inet_connect+0x127/0x190 [ 2259.933760] ? sctp_asconf_mgmt+0x340/0x340 [ 2259.938080] SyS_connect+0x1f4/0x240 [ 2259.941789] ? SyS_accept+0x30/0x30 [ 2259.945419] ? fput+0xb/0x140 [ 2259.948539] ? SyS_write+0x14d/0x210 [ 2259.952255] ? SyS_read+0x210/0x210 [ 2259.955880] ? SyS_clock_settime+0x1a0/0x1a0 [ 2259.960313] ? do_syscall_64+0x4c/0x640 [ 2259.964285] ? SyS_accept+0x30/0x30 [ 2259.967921] do_syscall_64+0x1d5/0x640 [ 2259.972441] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2259.977638] RIP: 0033:0x45de29 [ 2259.980821] RSP: 002b:00007f99fea89c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2259.988531] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 [ 2259.995803] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 [ 2260.003438] RBP: 00007f99fea89ca0 R08: 0000000000000000 R09: 0000000000000000 [ 2260.010728] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000b [ 2260.018012] R13: 00007ffe45e906cf R14: 00007f99fea8a9c0 R15: 000000000118bf2c 22:51:29 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) ptrace$cont(0x1f, r0, 0x0, 0x0) 22:51:29 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) r2 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r2, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r3+30000000}, 0x0) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r4, 0x840, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000500)={'batadv0\x00'}) r5 = socket$nl_route(0x10, 0x3, 0x0) r6 = socket(0x1, 0x803, 0x0) getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) ioctl$sock_inet_SIOCRTMSG(r6, 0x890d, &(0x7f0000000300)={0x0, {0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x2, 0x4e23, @multicast1}, {0x2, 0x4e21, @remote}, 0x2, 0x0, 0x0, 0x0, 0x8001, &(0x7f00000001c0)='team_slave_1\x00', 0x10001, 0x3, 0x2}) sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000d40)=ANY=[@ANYBLOB="4000000010005446b626b4a7e40104000000000080af08fa05633e2a3b3493b6a62f3cbbdc34c40c261e53e1fa76fe36ff3a750156b4ea7409594a", @ANYRES32=r7, @ANYBLOB="00040000000000010000000000000100697056746e6c00000800028004001300080003001551909bae8aa81a8bae8822def8540ff3b8be2be659811acdda01a0c8406c295b2078fdc03b5b8078b7f238c2d2d3a70d75c09956926d971e7ca9971a0c226fdc7b5d0c9a039abd34c9c39255a141d34f4fa8c796964cdd2c969063f83808d123e61ca3074b50348a95d539c9b0ba97b72a5a2ae3dbceb8d1c08a400e7b670c3f558ffd88acba203ab1771fb15868f79f00ac3ad1c59ae5518659b58450f685a3c2fc77184922a2", @ANYRES32=r7, @ANYBLOB="f136cd8cb93d9d5851ef66355013350c1cd0f43c05d0bd640a70aec63cd2fb20c8284d78ace0669cf0474ca71f443b57cd07011e7d24d2f96647eabfa09a7065f8df23118e9c7630f2e726934673975b880ce3d229790a14041496c62441a1c5f79f670371c5919aad04747eb9cc60df274c6bfe1a91b89b8e3e7a112a08b79b19d596e264690798a09e6bb55f321384e6fd1f622975e614fdb3e87620cb466586872a6766b64af38d45a82684929bfa8e8b3f77b4a580f4c016259e6e00b30f26c6388b1eb6fdf11f685df503628c7363aa58f12c6c6b9725472a4ab2033954e16794319f636bcf94cf7466245d29b20a67b0bdfacea461cfc0c92828baefae47c53c4e64b6b9d0043f36ab167a6e2e5ced0c21e91a9ec3066e1e71598b87daee72a2697ed72edf8dec1fe1b97bc4703f9fb870c978dd2399129db4ec6049c858653508c6bd00a1347941e9690323b86479eee3612c7cec2fc59059cc552e213a2c4f25dcb30034c2696d547f593ace66c86b8cbc"], 0x40}}, 0x0) sendmsg$ETHTOOL_MSG_EEE_GET(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000700)={&(0x7f0000000b40)=ANY=[@ANYBLOB="a0010080", @ANYRES16=0x0, @ANYBLOB="02002abf7000fddbdf25170000000c000180080003000100000047df018014000200626f6e645f736c6176657b3000000000541b0100", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="080003000300000008000100", @ANYRES32=0x0, @ANYBLOB="4c00018008000100", @ANYRES32=0x0, @ANYBLOB="14000200766c616e31000000000000000000000008000100", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="080003000300000014000200766c616e3100000000000000000000005400018008000100", @ANYRESHEX, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="080003000300000008000100", @ANYRES32=0x0, @ANYBLOB="140002006261746164765f736c6176655f31000008000100", @ANYRES32=0x0, @ANYBLOB="140002006261746164765f736c6176655f3000005800018008000100", @ANYRES32=0x0, @ANYBLOB="08000300060000001400020076657468305f746f5f6873720000000008000100", @ANYRES32, @ANYBLOB="1400020067656e657665300000000000000000001400020076657468315f766c616e00000000000040000180140002006c6f000000000000000000000000000008000100", @ANYBLOB="04c88b7a43812d227b1ca600527247c2f822ee5c203976dac8a189f55dea03c6bc01d788", @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="080003000000000008000100", @ANYRES32=r7, @ANYBLOB], 0x1a0}, 0x1, 0x0, 0x0, 0x1}, 0x6000084) 22:51:29 executing program 2 (fault-call:3 fault-nth:12): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) 22:51:29 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff0000050000000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r2, 0x0, r4, 0x0, 0x4ffe2, 0x0) [ 2261.415580] FAULT_INJECTION: forcing a failure. [ 2261.415580] name failslab, interval 1, probability 0, space 0, times 0 [ 2261.432041] CPU: 1 PID: 10585 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2261.439939] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2261.449315] Call Trace: [ 2261.451916] dump_stack+0x1b2/0x283 [ 2261.456247] should_fail.cold+0x10a/0x154 [ 2261.460403] should_failslab+0xd6/0x130 [ 2261.464404] kmem_cache_alloc_trace+0x47/0x3d0 [ 2261.469000] sctp_add_bind_addr+0x6c/0x350 [ 2261.473281] sctp_copy_local_addr_list+0x2ae/0x400 [ 2261.478226] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2261.483000] sctp_bind_addr_copy+0xde/0x430 [ 2261.487329] __sctp_connect+0x618/0xbe0 [ 2261.491326] ? sctp_wfree+0x600/0x600 [ 2261.495145] ? lock_sock_nested+0x98/0x100 [ 2261.499393] ? sctp_asconf_mgmt+0x340/0x340 [ 2261.503721] sctp_inet_connect+0x127/0x190 [ 2261.508074] ? sctp_asconf_mgmt+0x340/0x340 [ 2261.512396] SyS_connect+0x1f4/0x240 [ 2261.516138] ? SyS_accept+0x30/0x30 [ 2261.519778] ? fput+0xb/0x140 [ 2261.522907] ? SyS_write+0x14d/0x210 [ 2261.526645] ? SyS_read+0x210/0x210 [ 2261.530273] ? SyS_clock_settime+0x1a0/0x1a0 [ 2261.534683] ? do_syscall_64+0x4c/0x640 [ 2261.538652] ? SyS_accept+0x30/0x30 [ 2261.542281] do_syscall_64+0x1d5/0x640 [ 2261.546173] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2261.551375] RIP: 0033:0x45de29 [ 2261.554561] RSP: 002b:00007f99fea89c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a 22:51:29 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) ptrace$cont(0x1f, r0, 0x0, 0x0) [ 2261.562276] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 [ 2261.569548] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 [ 2261.576820] RBP: 00007f99fea89ca0 R08: 0000000000000000 R09: 0000000000000000 [ 2261.584090] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000c [ 2261.591973] R13: 00007ffe45e906cf R14: 00007f99fea8a9c0 R15: 000000000118bf2c [ 2261.629964] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.4'. 22:51:29 executing program 2 (fault-call:3 fault-nth:13): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) [ 2261.724575] FAULT_INJECTION: forcing a failure. [ 2261.724575] name failslab, interval 1, probability 0, space 0, times 0 [ 2261.742220] CPU: 1 PID: 10601 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2261.750134] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2261.759492] Call Trace: [ 2261.762086] dump_stack+0x1b2/0x283 [ 2261.765722] should_fail.cold+0x10a/0x154 [ 2261.769892] should_failslab+0xd6/0x130 [ 2261.773874] kmem_cache_alloc_trace+0x47/0x3d0 [ 2261.778474] sctp_add_bind_addr+0x6c/0x350 [ 2261.782745] sctp_copy_local_addr_list+0x2ae/0x400 [ 2261.790609] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2261.795386] sctp_bind_addr_copy+0xde/0x430 [ 2261.799722] __sctp_connect+0x618/0xbe0 [ 2261.803708] ? sctp_wfree+0x600/0x600 [ 2261.807522] ? lock_sock_nested+0x98/0x100 [ 2261.811775] ? sctp_asconf_mgmt+0x340/0x340 [ 2261.816142] sctp_inet_connect+0x127/0x190 [ 2261.820385] ? sctp_asconf_mgmt+0x340/0x340 [ 2261.824709] SyS_connect+0x1f4/0x240 [ 2261.828430] ? SyS_accept+0x30/0x30 [ 2261.832063] ? fput+0xb/0x140 [ 2261.835176] ? SyS_write+0x14d/0x210 [ 2261.838895] ? SyS_read+0x210/0x210 [ 2261.842522] ? SyS_clock_settime+0x1a0/0x1a0 [ 2261.846975] ? do_syscall_64+0x4c/0x640 [ 2261.850956] ? SyS_accept+0x30/0x30 [ 2261.854591] do_syscall_64+0x1d5/0x640 [ 2261.858662] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2261.863853] RIP: 0033:0x45de29 [ 2261.867040] RSP: 002b:00007f99fea89c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2261.874753] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 [ 2261.882025] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 [ 2261.889297] RBP: 00007f99fea89ca0 R08: 0000000000000000 R09: 0000000000000000 [ 2261.896571] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000d [ 2261.903843] R13: 00007ffe45e906cf R14: 00007f99fea8a9c0 R15: 000000000118bf2c 22:51:30 executing program 2 (fault-call:3 fault-nth:14): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) [ 2262.011047] FAULT_INJECTION: forcing a failure. [ 2262.011047] name failslab, interval 1, probability 0, space 0, times 0 [ 2262.039177] CPU: 1 PID: 10606 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2262.047116] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2262.056477] Call Trace: [ 2262.059074] dump_stack+0x1b2/0x283 [ 2262.062710] should_fail.cold+0x10a/0x154 [ 2262.066865] should_failslab+0xd6/0x130 [ 2262.070841] kmem_cache_alloc_trace+0x47/0x3d0 [ 2262.075447] sctp_add_bind_addr+0x6c/0x350 [ 2262.079693] sctp_copy_local_addr_list+0x2ae/0x400 [ 2262.084626] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2262.089390] sctp_bind_addr_copy+0xde/0x430 [ 2262.093718] __sctp_connect+0x618/0xbe0 [ 2262.097699] ? sctp_wfree+0x600/0x600 [ 2262.101521] ? lock_sock_nested+0x98/0x100 [ 2262.106286] ? sctp_asconf_mgmt+0x340/0x340 [ 2262.110617] sctp_inet_connect+0x127/0x190 [ 2262.114854] ? sctp_asconf_mgmt+0x340/0x340 [ 2262.119173] SyS_connect+0x1f4/0x240 [ 2262.124555] ? SyS_accept+0x30/0x30 [ 2262.128194] ? fput+0xb/0x140 [ 2262.131320] ? SyS_write+0x14d/0x210 [ 2262.135060] ? SyS_read+0x210/0x210 [ 2262.138690] ? SyS_clock_settime+0x1a0/0x1a0 [ 2262.143103] ? do_syscall_64+0x4c/0x640 [ 2262.147076] ? SyS_accept+0x30/0x30 [ 2262.150725] do_syscall_64+0x1d5/0x640 [ 2262.154623] entry_SYSCALL_64_after_hwframe+0x46/0xbb 22:51:30 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff0000050000000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r2, 0x0, r4, 0x0, 0x4ffe2, 0x0) [ 2262.159813] RIP: 0033:0x45de29 [ 2262.163004] RSP: 002b:00007f99fea89c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2262.170732] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 [ 2262.178132] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 [ 2262.185429] RBP: 00007f99fea89ca0 R08: 0000000000000000 R09: 0000000000000000 [ 2262.192702] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000e [ 2262.200611] R13: 00007ffe45e906cf R14: 00007f99fea8a9c0 R15: 000000000118bf2c 22:51:30 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3fd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffb, 0x1, @perf_config_ext={0x10001, 0x6}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x33ce}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000000)={@dev={0xac, 0x14, 0x14, 0x3d}, @rand_addr=0x64010102}, 0xc) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x1, 0x803, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB="400000001000010400"/20, @ANYRES32=r5, @ANYBLOB="0004000000000000180012800b000100697036746e6c0000080002800400130008000300", @ANYRES32=r5, @ANYBLOB="fc03261f55a1b2d091d5411314967cc62fa4fab6106f6faeb8533bd8eb4688691821f5170b784e6c0c367553468a9dcb658349f8aac2ac5c1ddaf6bb6ac3e3c05f002548cdd3ef669752745a9bd44fdeb48d6c38ef9d89f4c25de86001ceec73d97f92952234e6e90769c1278e2e3253030398f1e29ac07bffc7def380caa672b220fae0a80a15f73b692e66a4711ff92b6c3db74a35b9c329ff97286ff67d7a1f63580a4396746a2d2cbf03cb6448dee4002e365328aba0e422a6cb"], 0x40}}, 0x0) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000080)={'ip6_vti0\x00', &(0x7f0000000240)={'syztnl2\x00', r5, 0x4, 0x1, 0x40, 0x7, 0x40, @private2, @remote, 0x8, 0x10, 0x4006, 0x100}}) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f0000000100)={'ip_vti0\x00', &(0x7f00000002c0)={'syztnl2\x00', r6, 0x8, 0x7, 0xfffffffa, 0x0, {{0x13, 0x4, 0x2, 0x8, 0x4c, 0x64, 0x0, 0x3c, 0x29, 0x0, @loopback, @rand_addr=0x64010101, {[@lsrr={0x83, 0x13, 0x3e, [@initdev={0xac, 0x1e, 0x1, 0x0}, @loopback, @broadcast, @rand_addr=0x64010101]}, @rr={0x7, 0xf, 0x3c, [@rand_addr=0x64010100, @initdev={0xac, 0x1e, 0x1, 0x0}, @multicast1]}, @timestamp_prespec={0x44, 0x14, 0xd0, 0x3, 0x3, [{@multicast2, 0x6}, {@multicast1, 0xfffffffa}]}]}}}}}) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r7+30000000}, 0x0) r8 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r8, 0x840, 0x0) [ 2262.329176] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.4'. 22:51:30 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)) ioctl$sock_inet6_tcp_SIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000000000)) ptrace$cont(0x1f, r0, 0x0, 0x0) 22:51:30 executing program 2 (fault-call:3 fault-nth:15): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) [ 2262.499267] FAULT_INJECTION: forcing a failure. [ 2262.499267] name failslab, interval 1, probability 0, space 0, times 0 [ 2262.526632] CPU: 0 PID: 10627 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2262.535072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2262.544454] Call Trace: [ 2262.547056] dump_stack+0x1b2/0x283 [ 2262.550694] should_fail.cold+0x10a/0x154 [ 2262.554844] should_failslab+0xd6/0x130 [ 2262.558817] kmem_cache_alloc_trace+0x47/0x3d0 [ 2262.563406] sctp_add_bind_addr+0x6c/0x350 [ 2262.567649] sctp_copy_local_addr_list+0x2ae/0x400 [ 2262.572591] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2262.577387] sctp_bind_addr_copy+0xde/0x430 [ 2262.581718] __sctp_connect+0x618/0xbe0 [ 2262.585698] ? sctp_wfree+0x600/0x600 [ 2262.589498] ? lock_sock_nested+0x98/0x100 [ 2262.593749] ? sctp_asconf_mgmt+0x340/0x340 [ 2262.598083] sctp_inet_connect+0x127/0x190 [ 2262.602324] ? sctp_asconf_mgmt+0x340/0x340 [ 2262.606662] SyS_connect+0x1f4/0x240 [ 2262.610944] ? SyS_accept+0x30/0x30 [ 2262.614576] ? fput+0xb/0x140 [ 2262.617692] ? SyS_write+0x14d/0x210 [ 2262.621405] ? SyS_read+0x210/0x210 [ 2262.625030] ? SyS_clock_settime+0x1a0/0x1a0 [ 2262.629440] ? do_syscall_64+0x4c/0x640 [ 2262.633411] ? SyS_accept+0x30/0x30 [ 2262.637036] do_syscall_64+0x1d5/0x640 [ 2262.640930] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2262.646116] RIP: 0033:0x45de29 [ 2262.649299] RSP: 002b:00007f99fea89c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2262.657008] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 [ 2262.664280] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 [ 2262.671549] RBP: 00007f99fea89ca0 R08: 0000000000000000 R09: 0000000000000000 [ 2262.678822] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000f [ 2262.686645] R13: 00007ffe45e906cf R14: 00007f99fea8a9c0 R15: 000000000118bf2c 22:51:30 executing program 2 (fault-call:3 fault-nth:16): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) [ 2262.790983] FAULT_INJECTION: forcing a failure. [ 2262.790983] name failslab, interval 1, probability 0, space 0, times 0 [ 2262.802849] CPU: 0 PID: 10635 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2262.810747] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2262.820127] Call Trace: [ 2262.822718] dump_stack+0x1b2/0x283 [ 2262.826364] should_fail.cold+0x10a/0x154 [ 2262.830523] should_failslab+0xd6/0x130 [ 2262.834508] kmem_cache_alloc_trace+0x47/0x3d0 [ 2262.839119] sctp_add_bind_addr+0x6c/0x350 [ 2262.843356] sctp_copy_local_addr_list+0x2ae/0x400 [ 2262.848304] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2262.853085] sctp_bind_addr_copy+0xde/0x430 [ 2262.857410] __sctp_connect+0x618/0xbe0 [ 2262.861391] ? sctp_wfree+0x600/0x600 [ 2262.865192] ? lock_sock_nested+0x98/0x100 [ 2262.869434] ? sctp_asconf_mgmt+0x340/0x340 [ 2262.873756] sctp_inet_connect+0x127/0x190 [ 2262.878018] ? sctp_asconf_mgmt+0x340/0x340 [ 2262.882338] SyS_connect+0x1f4/0x240 [ 2262.886049] ? SyS_accept+0x30/0x30 [ 2262.889675] ? fput+0xb/0x140 [ 2262.892771] ? SyS_write+0x14d/0x210 [ 2262.896477] ? SyS_read+0x210/0x210 [ 2262.900210] ? SyS_clock_settime+0x1a0/0x1a0 [ 2262.904643] ? do_syscall_64+0x4c/0x640 [ 2262.908614] ? SyS_accept+0x30/0x30 [ 2262.912241] do_syscall_64+0x1d5/0x640 [ 2262.916164] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2262.921354] RIP: 0033:0x45de29 [ 2262.924535] RSP: 002b:00007f99fea89c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2262.932330] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 [ 2262.939608] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 [ 2262.946883] RBP: 00007f99fea89ca0 R08: 0000000000000000 R09: 0000000000000000 [ 2262.954163] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000010 [ 2262.962503] R13: 00007ffe45e906cf R14: 00007f99fea8a9c0 R15: 000000000118bf2c 22:51:31 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x1f, 0x0, 0x2, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_bp={&(0x7f0000000000), 0x8}, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r3, 0x840, 0x0) 22:51:31 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff0000050000000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r2, 0x0, r4, 0x0, 0x4ffe2, 0x0) 22:51:31 executing program 2 (fault-call:3 fault-nth:17): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) 22:51:31 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r0, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, &(0x7f0000000000)={0x0, 0x63}, &(0x7f0000000080)=0x8) getsockopt$inet_sctp6_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000100)={r2, 0x7ff, 0x9, 0x1, 0x437df490, 0x200}, &(0x7f00000001c0)=0x14) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r3, 0x840, 0x0) [ 2263.219473] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.4'. [ 2263.267479] FAULT_INJECTION: forcing a failure. [ 2263.267479] name failslab, interval 1, probability 0, space 0, times 0 [ 2263.297529] CPU: 1 PID: 10646 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2263.305446] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2263.314803] Call Trace: [ 2263.317832] dump_stack+0x1b2/0x283 [ 2263.321739] should_fail.cold+0x10a/0x154 [ 2263.326772] should_failslab+0xd6/0x130 [ 2263.330761] kmem_cache_alloc_trace+0x47/0x3d0 [ 2263.335440] sctp_add_bind_addr+0x6c/0x350 [ 2263.339684] sctp_copy_local_addr_list+0x2ae/0x400 [ 2263.344627] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2263.349398] sctp_bind_addr_copy+0xde/0x430 [ 2263.353728] __sctp_connect+0x618/0xbe0 [ 2263.357708] ? sctp_wfree+0x600/0x600 [ 2263.361509] ? lock_sock_nested+0x98/0x100 [ 2263.365753] ? sctp_asconf_mgmt+0x340/0x340 [ 2263.370082] sctp_inet_connect+0x127/0x190 [ 2263.374334] ? sctp_asconf_mgmt+0x340/0x340 [ 2263.378653] SyS_connect+0x1f4/0x240 [ 2263.382397] ? SyS_accept+0x30/0x30 [ 2263.386035] ? fput+0xb/0x140 [ 2263.389142] ? SyS_write+0x14d/0x210 [ 2263.392858] ? SyS_read+0x210/0x210 [ 2263.396489] ? SyS_clock_settime+0x1a0/0x1a0 [ 2263.400900] ? do_syscall_64+0x4c/0x640 [ 2263.404875] ? SyS_accept+0x30/0x30 [ 2263.408533] do_syscall_64+0x1d5/0x640 [ 2263.412441] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2263.417659] RIP: 0033:0x45de29 [ 2263.420846] RSP: 002b:00007f99fea89c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2263.428556] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 [ 2263.435823] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 [ 2263.443115] RBP: 00007f99fea89ca0 R08: 0000000000000000 R09: 0000000000000000 [ 2263.450478] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000011 [ 2263.457749] R13: 00007ffe45e906cf R14: 00007f99fea8a9c0 R15: 000000000118bf2c 22:51:32 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) ptrace$cont(0x1f, r0, 0x0, 0x0) 22:51:32 executing program 2 (fault-call:3 fault-nth:18): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) 22:51:32 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x1, 0x0, 0xe948, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, @perf_config_ext={0x6}, 0x41089, 0x0, 0xffffffff, 0x9, 0x3, 0x0, 0x1f}, 0x0, 0xa, 0xffffffffffffffff, 0x0) finit_module(r1, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2) socket$unix(0x1, 0x5, 0x0) write$P9_RRENAMEAT(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x4b, 0x1}, 0x7) r3 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fb0\x00', 0x22000, 0x0) ioctl$BTRFS_IOC_SNAP_CREATE_V2(r3, 0x50009417, &(0x7f0000000240)={{r0}, 0x0, 0x0, @unused=[0x2, 0x6, 0x2, 0x8000], @subvolid=0xb2}) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x1000000, 0x11, r2, 0xffffd000) clock_gettime(0x0, &(0x7f0000000180)) pselect6(0x40, &(0x7f00000000c0)={0x3, 0x0, 0x3, 0x0, 0x2, 0x40, 0x2, 0x80000000000}, 0x0, &(0x7f0000000140)={0x1ff, 0x0, 0x80000000000000, 0x0, 0x80000000, 0x0, 0x6}, &(0x7f0000000200), 0x0) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r4, 0x840, 0x0) 22:51:32 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff}) r3 = socket$inet_udp(0x2, 0x2, 0x0) close(r3) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r2, 0x0, r3, 0x0, 0x4ffe2, 0x0) [ 2264.717034] FAULT_INJECTION: forcing a failure. [ 2264.717034] name failslab, interval 1, probability 0, space 0, times 0 [ 2264.731483] CPU: 1 PID: 10666 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2264.739415] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2264.748773] Call Trace: [ 2264.751365] dump_stack+0x1b2/0x283 [ 2264.755000] should_fail.cold+0x10a/0x154 [ 2264.759151] should_failslab+0xd6/0x130 [ 2264.763141] kmem_cache_alloc_trace+0x47/0x3d0 [ 2264.767734] sctp_add_bind_addr+0x6c/0x350 [ 2264.771974] sctp_copy_local_addr_list+0x2ae/0x400 [ 2264.776916] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2264.781793] sctp_bind_addr_copy+0xde/0x430 [ 2264.786135] __sctp_connect+0x618/0xbe0 [ 2264.790121] ? sctp_wfree+0x600/0x600 [ 2264.793923] ? lock_sock_nested+0x98/0x100 [ 2264.798447] ? sctp_asconf_mgmt+0x340/0x340 [ 2264.802780] sctp_inet_connect+0x127/0x190 [ 2264.807026] ? sctp_asconf_mgmt+0x340/0x340 [ 2264.811346] SyS_connect+0x1f4/0x240 [ 2264.815064] ? SyS_accept+0x30/0x30 [ 2264.818697] ? fput+0xb/0x140 [ 2264.821802] ? SyS_write+0x14d/0x210 [ 2264.825523] ? SyS_read+0x210/0x210 [ 2264.829159] ? SyS_clock_settime+0x1a0/0x1a0 [ 2264.833581] ? do_syscall_64+0x4c/0x640 [ 2264.837557] ? SyS_accept+0x30/0x30 [ 2264.841190] do_syscall_64+0x1d5/0x640 [ 2264.845085] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2264.850550] RIP: 0033:0x45de29 [ 2264.853737] RSP: 002b:00007f99fea89c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2264.861448] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 [ 2264.868721] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 [ 2264.875994] RBP: 00007f99fea89ca0 R08: 0000000000000000 R09: 0000000000000000 [ 2264.883269] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000012 [ 2264.891266] R13: 00007ffe45e906cf R14: 00007f99fea8a9c0 R15: 000000000118bf2c 22:51:33 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x2, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, &(0x7f0000000140)={0x9, 0x0, 0x0, 0x0, 0x7, 0x0, 0x40000000}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') syz_open_dev$video(&(0x7f0000000000)='/dev/video#\x00', 0xbc01, 0x200) lseek(r3, 0x840, 0x0) 22:51:33 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x4) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)) ptrace$cont(0x1f, r0, 0x0, 0x0) 22:51:33 executing program 2 (fault-call:3 fault-nth:19): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) 22:51:33 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200), 0x0) r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r2, 0x840, 0x0) 22:51:33 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff}) r3 = socket$inet_udp(0x2, 0x2, 0x0) close(r3) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r2, 0x0, r3, 0x0, 0x4ffe2, 0x0) [ 2265.539545] FAULT_INJECTION: forcing a failure. [ 2265.539545] name failslab, interval 1, probability 0, space 0, times 0 [ 2265.581267] CPU: 0 PID: 10681 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2265.589655] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2265.599882] Call Trace: [ 2265.602477] dump_stack+0x1b2/0x283 [ 2265.606117] should_fail.cold+0x10a/0x154 [ 2265.610315] should_failslab+0xd6/0x130 [ 2265.614306] kmem_cache_alloc_trace+0x47/0x3d0 [ 2265.618897] sctp_add_bind_addr+0x6c/0x350 [ 2265.623140] sctp_copy_local_addr_list+0x2ae/0x400 [ 2265.628083] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2265.632847] sctp_bind_addr_copy+0xde/0x430 [ 2265.637177] __sctp_connect+0x618/0xbe0 [ 2265.641187] ? sctp_wfree+0x600/0x600 [ 2265.645088] ? lock_sock_nested+0x98/0x100 [ 2265.649344] ? sctp_asconf_mgmt+0x340/0x340 [ 2265.653667] sctp_inet_connect+0x127/0x190 [ 2265.657904] ? sctp_asconf_mgmt+0x340/0x340 [ 2265.662237] SyS_connect+0x1f4/0x240 [ 2265.665967] ? SyS_accept+0x30/0x30 [ 2265.669595] ? fput+0xb/0x140 [ 2265.672716] ? SyS_write+0x14d/0x210 [ 2265.676452] ? SyS_read+0x210/0x210 [ 2265.680079] ? SyS_clock_settime+0x1a0/0x1a0 [ 2265.684498] ? do_syscall_64+0x4c/0x640 [ 2265.688472] ? SyS_accept+0x30/0x30 [ 2265.692107] do_syscall_64+0x1d5/0x640 [ 2265.695996] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2265.701188] RIP: 0033:0x45de29 [ 2265.704376] RSP: 002b:00007f99fea89c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2265.712085] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 [ 2265.719357] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 22:51:33 executing program 0: ioctl$ION_IOC_HEAP_QUERY(0xffffffffffffffff, 0xc0184908, &(0x7f0000000080)={0x34}) openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$DRM_IOCTL_ADD_CTX(r3, 0xc0086420, &(0x7f0000000100)) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r4+30000000}, 0x0) r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r5, 0x840, 0x0) [ 2265.726633] RBP: 00007f99fea89ca0 R08: 0000000000000000 R09: 0000000000000000 [ 2265.733935] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013 [ 2265.741224] R13: 00007ffe45e906cf R14: 00007f99fea8a9c0 R15: 000000000118bf2c 22:51:34 executing program 1: r0 = accept4(0xffffffffffffffff, &(0x7f0000000000)=@phonet, &(0x7f0000000080)=0x80, 0x80000) getsockopt$sock_int(r0, 0x1, 0x2d, &(0x7f0000000200), &(0x7f0000000240)=0x4) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r1 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_int(r1, 0x29, 0x48, &(0x7f0000000240)=0xd, 0x4) getsockopt$inet6_int(r1, 0x29, 0x48, 0x0, &(0x7f00007d0000)) getsockopt$IP_SET_OP_GET_FNAME(r1, 0x1, 0x53, &(0x7f0000000280)={0x8, 0x7, 0x0, 'syz1\x00'}, &(0x7f00000002c0)=0x2c) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r2, 0x0, 0x0) tkill(r2, 0x3c) ptrace$cont(0x18, r2, 0x0, 0x0) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)) ptrace$cont(0x1f, r2, 0x0, 0x0) 22:51:34 executing program 2 (fault-call:3 fault-nth:20): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) [ 2265.993756] FAULT_INJECTION: forcing a failure. [ 2265.993756] name failslab, interval 1, probability 0, space 0, times 0 [ 2266.023710] CPU: 1 PID: 10707 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2266.031628] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2266.040991] Call Trace: [ 2266.043603] dump_stack+0x1b2/0x283 [ 2266.049154] should_fail.cold+0x10a/0x154 [ 2266.053313] should_failslab+0xd6/0x130 [ 2266.059035] kmem_cache_alloc_trace+0x47/0x3d0 [ 2266.063743] sctp_add_bind_addr+0x6c/0x350 [ 2266.068021] sctp_copy_local_addr_list+0x2ae/0x400 [ 2266.072962] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2266.077731] sctp_bind_addr_copy+0xde/0x430 [ 2266.082069] __sctp_connect+0x618/0xbe0 [ 2266.086054] ? sctp_wfree+0x600/0x600 [ 2266.089874] ? lock_sock_nested+0x98/0x100 [ 2266.094122] ? sctp_asconf_mgmt+0x340/0x340 [ 2266.098450] sctp_inet_connect+0x127/0x190 [ 2266.102687] ? sctp_asconf_mgmt+0x340/0x340 [ 2266.107005] SyS_connect+0x1f4/0x240 [ 2266.110734] ? SyS_accept+0x30/0x30 [ 2266.114378] ? fput+0xb/0x140 [ 2266.117483] ? SyS_write+0x14d/0x210 [ 2266.121211] ? SyS_read+0x210/0x210 [ 2266.124841] ? SyS_clock_settime+0x1a0/0x1a0 [ 2266.129249] ? do_syscall_64+0x4c/0x640 [ 2266.133243] ? SyS_accept+0x30/0x30 [ 2266.136872] do_syscall_64+0x1d5/0x640 [ 2266.140799] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2266.145986] RIP: 0033:0x45de29 [ 2266.149178] RSP: 002b:00007f99fea89c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2266.156905] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 [ 2266.164180] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 [ 2266.171455] RBP: 00007f99fea89ca0 R08: 0000000000000000 R09: 0000000000000000 [ 2266.178727] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014 [ 2266.186002] R13: 00007ffe45e906cf R14: 00007f99fea8a9c0 R15: 000000000118bf2c 22:51:35 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) ptrace$cont(0x1f, r0, 0x0, 0x0) 22:51:35 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff}) r3 = socket$inet_udp(0x2, 0x2, 0x0) close(r3) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r2, 0x0, r3, 0x0, 0x4ffe2, 0x0) 22:51:35 executing program 2 (fault-call:3 fault-nth:21): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) 22:51:35 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x0, 0x1, 0x0, 0x40}, 0x10) syz_emit_ethernet(0x52, &(0x7f0000000080)={@local, @multicast, @void, {@ipv4={0x800, @tcp={{0xc, 0x4, 0x0, 0x0, 0x44, 0x0, 0x0, 0x0, 0x6, 0x0, @remote={0xac, 0x14, 0x4}, @local, {[@timestamp_addr={0x44, 0x1c, 0x14, 0x1, 0x0, [{@multicast1}, {@multicast1}, {@broadcast}]}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x6, 0x5}}}}}}, 0x0) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x2, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) r2 = syz_open_dev$vcsa(&(0x7f0000001640)='/dev/vcsa#\x00', 0x7, 0x400802) ioctl$SIOCX25SCALLUSERDATA(r2, 0x89e5, &(0x7f0000001680)={0x66, "2828681102983fbbaeb36f13acc7e08b27be331ecfbeee91fc9176b184b320bd261a0adb15216a73c2f8670f6ceaba17aab674879c9d95a7e423299eb6635e4e337ac6fbcc3019a69d5ca76e070552f961fbb7c73fe34a0f2323d38406803fafe5861f901952a92688aec2ef3404122de9aad0c3af9d1073dc80d29425c8f9c9"}) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff, 0x0, 0x0, 0x5, 0x1}, &(0x7f0000000200)={0x0, r3+30000000}, 0x0) syncfs(0xffffffffffffffff) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r4, 0x840, 0x0) set_thread_area(&(0x7f0000000080)={0x96ad669, 0x100000, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1}) [ 2267.762130] FAULT_INJECTION: forcing a failure. [ 2267.762130] name failslab, interval 1, probability 0, space 0, times 0 [ 2267.801420] CPU: 0 PID: 10720 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2267.809365] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2267.819520] Call Trace: [ 2267.822119] dump_stack+0x1b2/0x283 [ 2267.826555] should_fail.cold+0x10a/0x154 [ 2267.830749] should_failslab+0xd6/0x130 [ 2267.834736] kmem_cache_alloc_trace+0x47/0x3d0 [ 2267.839327] sctp_add_bind_addr+0x6c/0x350 [ 2267.843569] sctp_copy_local_addr_list+0x2ae/0x400 [ 2267.848614] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2267.853378] sctp_bind_addr_copy+0xde/0x430 [ 2267.857886] __sctp_connect+0x618/0xbe0 [ 2267.861880] ? sctp_wfree+0x600/0x600 [ 2267.865711] ? lock_sock_nested+0x98/0x100 [ 2267.869965] ? sctp_asconf_mgmt+0x340/0x340 [ 2267.876320] sctp_inet_connect+0x127/0x190 [ 2267.880563] ? sctp_asconf_mgmt+0x340/0x340 [ 2267.884901] SyS_connect+0x1f4/0x240 [ 2267.888615] ? SyS_accept+0x30/0x30 [ 2267.892247] ? fput+0xb/0x140 [ 2267.895353] ? SyS_write+0x14d/0x210 [ 2267.899087] ? SyS_read+0x210/0x210 [ 2267.903666] ? SyS_clock_settime+0x1a0/0x1a0 [ 2267.908077] ? do_syscall_64+0x4c/0x640 [ 2267.912061] ? SyS_accept+0x30/0x30 [ 2267.915687] do_syscall_64+0x1d5/0x640 [ 2267.919585] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2267.926013] RIP: 0033:0x45de29 [ 2267.929205] RSP: 002b:00007f99fea89c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2267.936947] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 [ 2267.944220] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 [ 2267.951493] RBP: 00007f99fea89ca0 R08: 0000000000000000 R09: 0000000000000000 [ 2267.959463] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 2267.966763] R13: 00007ffe45e906cf R14: 00007f99fea8a9c0 R15: 000000000118bf2c 22:51:36 executing program 2 (fault-call:3 fault-nth:22): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) 22:51:36 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100)='nl80211\x00') ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'wlan1\x00', 0x0}) socket$caif_stream(0x25, 0x1, 0x4) sendmsg$NL80211_CMD_GET_COALESCE(r0, &(0x7f00000002c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x30, r1, 0x8, 0x70bd2a, 0x25dfdbfd, {{}, {@val={0x8, 0x1, 0x6b}, @val={0x8, 0x3, r2}, @val={0xc, 0x99, {0xfffffffe, 0x69}}}}, ["", "", "", "", "", "", "", "", ""]}, 0x30}, 0x1, 0x0, 0x0, 0x40090}, 0x800) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r3, 0x0) ioctl$VIDIOC_G_CTRL(0xffffffffffffffff, 0xc008561b, &(0x7f0000000000)={0x2bb0, 0x9}) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r4+30000000}, 0x0) r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r5, 0x840, 0x0) [ 2268.274942] FAULT_INJECTION: forcing a failure. [ 2268.274942] name failslab, interval 1, probability 0, space 0, times 0 [ 2268.292139] CPU: 1 PID: 10732 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2268.300225] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2268.309607] Call Trace: [ 2268.312231] dump_stack+0x1b2/0x283 [ 2268.315864] should_fail.cold+0x10a/0x154 [ 2268.320047] should_failslab+0xd6/0x130 [ 2268.324045] kmem_cache_alloc_trace+0x47/0x3d0 [ 2268.328635] sctp_add_bind_addr+0x6c/0x350 [ 2268.332877] sctp_copy_local_addr_list+0x2ae/0x400 [ 2268.337836] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2268.342619] sctp_bind_addr_copy+0xde/0x430 [ 2268.346952] __sctp_connect+0x618/0xbe0 [ 2268.351367] ? sctp_wfree+0x600/0x600 [ 2268.355169] ? lock_sock_nested+0x98/0x100 [ 2268.359444] ? sctp_asconf_mgmt+0x340/0x340 [ 2268.363778] sctp_inet_connect+0x127/0x190 [ 2268.368018] ? sctp_asconf_mgmt+0x340/0x340 [ 2268.372340] SyS_connect+0x1f4/0x240 [ 2268.376053] ? SyS_accept+0x30/0x30 [ 2268.379686] ? fput+0xb/0x140 [ 2268.383747] ? SyS_write+0x14d/0x210 [ 2268.387468] ? SyS_read+0x210/0x210 [ 2268.391124] ? SyS_clock_settime+0x1a0/0x1a0 [ 2268.395537] ? do_syscall_64+0x4c/0x640 [ 2268.399521] ? SyS_accept+0x30/0x30 [ 2268.403164] do_syscall_64+0x1d5/0x640 [ 2268.407067] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2268.412283] RIP: 0033:0x45de29 [ 2268.415488] RSP: 002b:00007f99fea89c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a 22:51:36 executing program 2 (fault-call:3 fault-nth:23): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) [ 2268.423999] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 [ 2268.431272] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 [ 2268.438540] RBP: 00007f99fea89ca0 R08: 0000000000000000 R09: 0000000000000000 [ 2268.445809] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 2268.453077] R13: 00007ffe45e906cf R14: 00007f99fea8a9c0 R15: 000000000118bf2c 22:51:36 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r3, 0x0, 0xfffffecc) splice(r2, 0x0, r4, 0x0, 0x4ffe2, 0x0) [ 2268.596248] FAULT_INJECTION: forcing a failure. [ 2268.596248] name failslab, interval 1, probability 0, space 0, times 0 [ 2268.620106] CPU: 0 PID: 10741 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2268.628051] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2268.637416] Call Trace: [ 2268.640012] dump_stack+0x1b2/0x283 [ 2268.643645] should_fail.cold+0x10a/0x154 [ 2268.647796] should_failslab+0xd6/0x130 [ 2268.651776] kmem_cache_alloc_trace+0x47/0x3d0 [ 2268.656471] sctp_add_bind_addr+0x6c/0x350 [ 2268.660716] sctp_copy_local_addr_list+0x2ae/0x400 [ 2268.665660] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2268.670435] sctp_bind_addr_copy+0xde/0x430 [ 2268.675159] __sctp_connect+0x618/0xbe0 [ 2268.679149] ? sctp_wfree+0x600/0x600 [ 2268.682975] ? lock_sock_nested+0x98/0x100 [ 2268.687249] ? sctp_asconf_mgmt+0x340/0x340 [ 2268.691589] sctp_inet_connect+0x127/0x190 [ 2268.696718] ? sctp_asconf_mgmt+0x340/0x340 [ 2268.701682] SyS_connect+0x1f4/0x240 [ 2268.705412] ? SyS_accept+0x30/0x30 [ 2268.709053] ? fput+0xb/0x140 [ 2268.712163] ? SyS_write+0x14d/0x210 [ 2268.715876] ? SyS_read+0x210/0x210 [ 2268.719506] ? SyS_clock_settime+0x1a0/0x1a0 [ 2268.723943] ? do_syscall_64+0x4c/0x640 [ 2268.727922] ? SyS_accept+0x30/0x30 [ 2268.731555] do_syscall_64+0x1d5/0x640 [ 2268.735453] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2268.740645] RIP: 0033:0x45de29 [ 2268.743854] RSP: 002b:00007f99fea89c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2268.751571] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 [ 2268.758930] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 [ 2268.766235] RBP: 00007f99fea89ca0 R08: 0000000000000000 R09: 0000000000000000 [ 2268.773512] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 2268.780789] R13: 00007ffe45e906cf R14: 00007f99fea8a9c0 R15: 000000000118bf2c 22:51:37 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x43000000, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_LIST(0xffffffffffffffff, 0xc0505510, &(0x7f0000000040)={0x5, 0x9, 0xfff, 0xfffffffb, &(0x7f0000000200)=[{}, {}, {}, {}, {}, {}, {}, {}, {}]}) ioctl$SNDRV_TIMER_IOCTL_PARAMS(0xffffffffffffffff, 0x40505412, &(0x7f0000000580)={0x2, 0x7ff, 0x3, 0x0, 0x11}) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000440)='TIPCv2\x00') sendmsg$TIPC_NL_BEARER_SET(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000500)={&(0x7f0000000740)={0xa8, r1, 0x100, 0x70bd2d, 0x25dfdbfc, {}, [@TIPC_NLA_NODE={0x18, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x9}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_NET={0x18, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x3}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0xf60}]}, @TIPC_NLA_LINK={0x64, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_PROP={0x34, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x628}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1ff}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x3}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xffffffff}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x80}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}]}, @TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}]}]}, 0xa8}, 0x1, 0x0, 0x0, 0x800}, 0x4000) ptrace$setopts(0x4206, r0, 0x0, 0x22) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)) ptrace$cont(0x1f, r0, 0x0, 0x0) [ 2268.870805] IPVS: ftp: loaded support on port[0] = 21 22:51:37 executing program 2 (fault-call:3 fault-nth:24): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) 22:51:37 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x80}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0)={0x9}, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r3, 0x840, 0x0) [ 2268.972141] FAULT_INJECTION: forcing a failure. [ 2268.972141] name failslab, interval 1, probability 0, space 0, times 0 [ 2269.021062] CPU: 0 PID: 10762 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2269.028982] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2269.038342] Call Trace: [ 2269.040979] dump_stack+0x1b2/0x283 [ 2269.044612] should_fail.cold+0x10a/0x154 [ 2269.048769] should_failslab+0xd6/0x130 [ 2269.052753] kmem_cache_alloc_trace+0x47/0x3d0 [ 2269.057366] sctp_add_bind_addr+0x6c/0x350 [ 2269.064570] sctp_copy_local_addr_list+0x2ae/0x400 [ 2269.069511] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2269.074276] sctp_bind_addr_copy+0xde/0x430 [ 2269.078602] __sctp_connect+0x618/0xbe0 [ 2269.082588] ? sctp_wfree+0x600/0x600 [ 2269.086390] ? lock_sock_nested+0x98/0x100 [ 2269.090655] ? sctp_asconf_mgmt+0x340/0x340 [ 2269.094980] sctp_inet_connect+0x127/0x190 [ 2269.099217] ? sctp_asconf_mgmt+0x340/0x340 [ 2269.103554] SyS_connect+0x1f4/0x240 [ 2269.107268] ? SyS_accept+0x30/0x30 [ 2269.110905] ? fput+0xb/0x140 [ 2269.114035] ? SyS_write+0x14d/0x210 [ 2269.117755] ? SyS_read+0x210/0x210 [ 2269.121380] ? SyS_clock_settime+0x1a0/0x1a0 [ 2269.125806] ? do_syscall_64+0x4c/0x640 [ 2269.129808] ? SyS_accept+0x30/0x30 [ 2269.133444] do_syscall_64+0x1d5/0x640 [ 2269.137340] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2269.142534] RIP: 0033:0x45de29 [ 2269.146017] RSP: 002b:00007f99fea89c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2269.154426] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 [ 2269.161736] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 22:51:37 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) getpeername$ax25(r4, &(0x7f0000000240)={{0x3, @null}, [@null, @remote, @bcast, @netrom, @remote, @bcast, @null, @rose]}, &(0x7f00000001c0)=0x48) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r2, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r5+30000000}, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') r7 = accept$inet(r1, &(0x7f0000000000)={0x2, 0x0, @multicast1}, &(0x7f0000000080)=0x10) ioctl$F2FS_IOC_GARBAGE_COLLECT(r7, 0x4004f506, &(0x7f0000000100)) lseek(r6, 0x840, 0x0) [ 2269.169019] RBP: 00007f99fea89ca0 R08: 0000000000000000 R09: 0000000000000000 [ 2269.176319] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000018 [ 2269.183600] R13: 00007ffe45e906cf R14: 00007f99fea8a9c0 R15: 000000000118bf2c 22:51:38 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) ptrace$cont(0x1f, r0, 0x0, 0x0) 22:51:38 executing program 2 (fault-call:3 fault-nth:25): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) 22:51:38 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xf, r0, 0x0, &(0x7f0000000080)) arch_prctl$ARCH_SET_CPUID(0x1012, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ptrace$cont(0x1f, r0, 0x0, 0x0) setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x48, &(0x7f0000000240)=0xd, 0x4) getsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x48, 0x0, &(0x7f00007d0000)) read$FUSE(0xffffffffffffffff, &(0x7f0000002b80)={0x2020, 0x0, 0x0, 0x0}, 0x2020) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = getpid() r6 = socket$netlink(0x10, 0x3, 0x0) getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) sendmsg$unix(r4, &(0x7f0000001440)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=[@cred={{0x1c, 0x1, 0x2, {r5, 0x0, r7}}}], 0x20}, 0x0) sendmmsg$unix(r1, &(0x7f0000004c40)=[{&(0x7f0000000000)=@abs={0x0, 0x0, 0x4e24}, 0x6e, &(0x7f00000005c0)=[{&(0x7f0000000080)="08732cfd4bd4a1eb18bab8037cf9e658e3198f3edfc37d07afa87af321cc010b0f5e", 0x22}, {&(0x7f0000000200)="f75cb4d7d2c3b7cbe0042a98a81cb563886fb2baf5b7351d40bd3a56149b487153620e2b00ee434e7f41ac1b4ab1c48d7582f7b29b4e1c8a25c9f6c9da70f4191da88ba6315ada01faffea7bd7b3172a4f373cb2383baf3f1044aa74a2513c8b98bbe89b20efc46d1b52b0cbe281db24943b4017b112a8bf98a57cac94065de201e99d7ed26705999846aa5e56299953a6f22d6b7e918d2f36044f0ea0182db0e9ad08dd3179f9e80d0fc1ea06272a3bd479c141cdbc89a381040be053cc80173bfaa648", 0xc4}, {&(0x7f0000000300)="e1561194ffd1f3f6e93168a5dbe15a64c6817d318523a1577065d47806c95137e8b51c1874dfb2767abd799f5dbfcfb60d7c1f0144fc1de8f7927a6bfdb857a1a675eea18d4d324c54210b581e95f390be685a633a62a6613ef983dc4c325f8a1e30fd1b", 0x64}, {&(0x7f0000000380)="4c03be537bb170d5ca0e758ed885e4c20998f13525406bbb6af52e5c77b965e2461e3c1ea3ccabd0258dde2523", 0x2d}, {&(0x7f00000003c0)="7c7a56d6c05245b6600794093904c914fdee9d5ca9e69631f6184cb3de68b315bf823a252f02f1efc0ed51d2658b0cf371d48e6626dfdc111a3e97e33d33bc54ed1be5913b3c1129858808d8751bb858bcb5d1bb1693fdad95ec403f0e7bda", 0x5f}, {&(0x7f0000000440)="b6167ff07156d83ac9665db0009e3a52a3afae1cdb51a345fb1b65df6925db9faa4717a851c1167628b6b25617277e1e7f44681a691a52cf2937c56a1f87ae91eb8ff793dcc37d1180936f16e54dd07d461c3fd1f98720e6ea2d102021bfe17746c904b728f362f5ad889e472b3d2ef691eb7ff2f496b6757a53068e27057820a5aa6b36697351c4f5ce71f21523a1cc16f9e5cdbb5edc36f7396bd5352ba73e7af1f5758f639b069108bdcc5e77c304ea0991b5097bd3a0c4ce604d9f12865150ac88aad5da807659f8ce291977a3340432d8ca500d7ae6b7489c40fb010d8e7c1a0c5839b713143d825f15e6d47f3c5222", 0xf2}, {&(0x7f0000000540)="c06896cdb24d186cf4e45470ba573783c11ab03ef10af0fcb5bef62ef62e3102191570e04513f2b75d813c3c412e8184e0eb3b8ba57abb0902798191d8b39539def14c7a78c5526e44d768cb8721999463025fdfeb22cb924ac3830aacd0c44f6667fe158b74c3e266640c77ed65d8c45d6876f77f2de1", 0x77}], 0x7, 0x0, 0x0, 0x45}, {&(0x7f0000000640)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000840)=[{&(0x7f00000006c0)="e6419e7f359a44082a052081cee4f7126d0ffd1b334781f79d245c05522499c6b907827fc849d30f8b6920210461f4432072bfb5bd88c755c3159499049ee0c8687aec1545a4cc5df87fa0e9f504327eb3eb2310946a2a734486ba03a8432f010122411f4aac20e7b8285f44f13961c32175634fd6131374892ad8c8fda006b6172d6ae281b01aa0ee687ad967631d59be06bc38f91c5ef91f21c307674346d11fe628320fa262200b939e1e821fc9d83710f61e5e13cd14c4bfbf67f925f0937dab2afaa924e2", 0xc7}, {&(0x7f00000007c0)="294f439eed66fc66f43d799a8a9c411a28a13065733c74611db808bc260a402968a363925d5e9606f0b6545af793f6a72703e399263526e967a02cd833245b6295faa8a357fd", 0x46}], 0x2, 0x0, 0x0, 0x4008000}, {&(0x7f0000000880)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000000b00)=[{&(0x7f0000000900)="53f0244543f08035bae778e8f9c5914d8a387fcb16cf8dff3c6e5da1b646a907b9495acb091457a56ff06df30dbbef1002c66bd164dfc3762593d78def268e4ff72ea362f0fbe1af04362cca809a3ba296761cc465d6faf72d2198396839dfa4c87d04fe788dcb01545629b4bb332e38c575c8e8f0336032477335a9f03d2bf529492d9baabf", 0x86}, {&(0x7f00000009c0)="ccf568ab8056160572def3448d20f3b7ae2aaebb59c2a6b35c047edfbf0b9033718156418b8528ac720800718f7f6a637b1a9ee061d98e34a9de63b124eb6b70c8bb9f5b309982767965f3d2e259f449eaa88e2015a42f090d1968997f71482cef8dccd498737d5b5f79a36bc0cf6cb3f9cdb8bf65f4da93c6238f3198cc39179556274b", 0x84}, {&(0x7f0000000a80)="4d8dbc3a6fad16ceff22fbd9b136339cc539af89ae9bc2", 0x17}, {&(0x7f0000000ac0)="3681509b50fc75d8379b", 0xa}], 0x4, 0x0, 0x0, 0x20000000}, {&(0x7f0000000b40)=@abs={0x2, 0x0, 0x4e23}, 0x6e, &(0x7f0000000c80)=[{&(0x7f0000000bc0)="8ba8b51494a7680cb9ac92c96e4a2dff973ec8c6cb3e18a0e04ef6f0", 0x1c}, {&(0x7f0000000c00)="de129e03176d9469cf433ff960ff8b314515b2def566dee53396463e5b679e39af033044edeeb0e1a90e403d64cf1167e3b80798edbec79f54235a664684f5e06c634d25f63b6389366a5311308504698218bac93cac8d67e41fe91d07ca69e7dc626397dcc84798", 0x68}], 0x2, &(0x7f0000000e00)=[@rights={{0x14, 0x1, 0x1, [r2]}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, r2, r2, 0xffffffffffffffff, r2, r2, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {r0, 0xee00, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xffffffffffffffff}}}], 0x88, 0x20000040}, {&(0x7f0000000ec0)=@abs={0x0, 0x0, 0x4e21}, 0x6e, &(0x7f00000010c0)=[{&(0x7f0000000f40)="0089d2b40676dbf2bff83cecc21d2c3d9e280b18d323a5e26d0aa7dc2b3b40166a12527ed24413ba3c9cc93e3dc123a16ddde7d04544156cac1809da3914f0e7ec5c742cf0388d484c6eb6e314f64ad9a5a02669a66fe38d1d2f4c955d95f1e0c1fd972bf156106cb2ae9047bda4360d2b9f25d3b7d88ba9dd402c2525c0efc77a8bab09ad33ab152077c60030e12587968e814ca2318a01a9536ce2ace1361524d8aab7c183cefc11e2513805", 0xad}, {&(0x7f0000001000)="ef232f70763c2a858d249c9f1518a7dbe4ea90d369168428863664db7cd9fd0d7d111712ea337ca5130756a41e670f4229d51ecba5ad4176da240cde4765d0eac01eb6b210e8e43522e927354d1b6e155363b09e7cce57fcef63cb2d0a381d39a6f2a0e36dbeeb932a4c1314820475b3af2822e5390b377eabc20f696db4ac000a993c9e41b29e8baa0d19d4f8ef0529747e659e05a4", 0x96}], 0x2, 0x0, 0x0, 0x8000}, {&(0x7f0000001100)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000001600)=[{&(0x7f0000001180)="f9", 0x1}, {&(0x7f00000011c0)="8f562c7f63513544ce2c31d825daea10e9a1d57c8376289050af19af8366766f9f7f49eaf4463bcd75a2065e5c8de1f736d54ce3a913a53e2a574e6f3f626d20f9e3f7e8e3949683c4f2548120b296695512dc9c94f0a6406ea4c0717d9af83782dcc59f4aecb75a3905db98b05298c52eb82a544f1c01f7ffbddb3c6945a2df99b470dec34e781419250d8000c7e682eb2fe02214bdf392542c0dc61a081700ff8461c9f184585124ccefa67a4e28ba466a69efd123e0a5d3d6c16808eeeac31ef80b7a48ee8451b8225a3d3686fc53bbb3e598562e49e3f3cd48724bfb29cf9d45109202e32a90", 0xe8}, {&(0x7f00000012c0)="1319e56c318d46cbc6f005d3de3e706518cccc20ff31ac95d8b5cb880f04c0370ceebceed1252d7f38983675db273b36d8b551152a2754b427fa55ba3b4b8c4be2eec1279a100c5c31ba3a8b513921bb0f3996a1d1", 0x55}, {&(0x7f0000001340)="c110994b328776c504525358b8f99f841e5289047911e121a0167d48874a160f73c88646b6ad215351b83a3f2e44ae7bea", 0x31}, {&(0x7f0000001380)="4303164608bdd513888ca943d55dfd50ac0c1f35a23c9926c8673042f12b657f0215c2797962aca91c970f078ad9d641c18f650f5fff1f9c7396eea8903a67c083d6b1f08b469067cf962a55fac33b3964ce590c254385c8e8d19b09228d322100f6cc2ab1e154ed0b96e5890464fcdc8a59cef254519261fab95e64c74412cb0fc5dfed7d496600db47e1aa7c646dd42adb2ed33145d7053e39d89f35bb238a73a22f0c4a2071c16485d556a11dd141ac59d2fe45412205c22a32edf1c63c0859c6f69a", 0xc4}, {&(0x7f0000001480)="b02dc4858ac2d0c0de3dc439cf94e9541a4ddde523f7d243ab4c725777bfd5f83ce80e261ee76f87ced2a642ba477b018e32291f9293eaf0179666c7d0d6b72faadead8e986f30afcf39e60a75a2969ecd495dd98cece9023c7b045b8f7504aab91fab5e182585c2e943f46a44992cf816fe2e74ac9c7b7f17af6550d78cfaf7571e4f5b8df37cf1c1f989b24aa1dedf559587c07ea416c4323821a995756be665629c417acd7105473b26034c2a79c7d7d93b76079dc2578f30b667940c5d6893607e1b28554b9d63f0dbb58668cb71204645b0d17b9f4412a7009c96dc1f309b23374453e7", 0xe6}, {&(0x7f0000001580)="4395fc6c43d11dc57c176a6eadd066b4357aa1454a416af1a3083bc4efd5f1ccc65d1c09b44923173e738f4b7bc8a39f1dae2a519b600a544cfa72bed9c35a52af0da963667cc3c962158d5eb71de462f50edc1b6f99902bb586de478de9a52c6223b1a9be97dfc9bbeb0ac053aabb00095ba119", 0x74}], 0x7, &(0x7f0000004bc0)=ANY=[@ANYBLOB="1c000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32=r1, @ANYBLOB="0000000020000000000000000100000001000000", @ANYRES32=r1, @ANYRES32=r1, @ANYRES32=r1, @ANYRES32, @ANYBLOB="1c000000000000000100000002000000", @ANYRES32=r0, @ANYRES32=r3, @ANYRES32=r7, @ANYBLOB], 0x60, 0x841}], 0x6, 0x4000010) 22:51:38 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r3, 0x0, 0xfffffecc) splice(r2, 0x0, r4, 0x0, 0x4ffe2, 0x0) 22:51:38 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x0, 0x1000000}, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r3, 0x840, 0x0) 22:51:39 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ioctl$USBDEVFS_IOCTL(0xffffffffffffffff, 0xc0105512, &(0x7f0000000000)=@usbdevfs_disconnect={0x2}) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r0, 0x0, 0x0) [ 2270.776095] FAULT_INJECTION: forcing a failure. [ 2270.776095] name failslab, interval 1, probability 0, space 0, times 0 [ 2270.810698] CPU: 1 PID: 10794 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2270.818616] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2270.827973] Call Trace: [ 2270.830593] dump_stack+0x1b2/0x283 [ 2270.834263] should_fail.cold+0x10a/0x154 [ 2270.838427] should_failslab+0xd6/0x130 [ 2270.842439] kmem_cache_alloc_trace+0x47/0x3d0 [ 2270.847029] sctp_add_bind_addr+0x6c/0x350 [ 2270.851275] sctp_copy_local_addr_list+0x2ae/0x400 [ 2270.856220] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2270.860986] sctp_bind_addr_copy+0xde/0x430 [ 2270.865322] __sctp_connect+0x618/0xbe0 [ 2270.869313] ? sctp_wfree+0x600/0x600 [ 2270.873150] ? lock_sock_nested+0x98/0x100 [ 2270.877423] ? sctp_asconf_mgmt+0x340/0x340 [ 2270.881750] sctp_inet_connect+0x127/0x190 [ 2270.886024] ? sctp_asconf_mgmt+0x340/0x340 [ 2270.890347] SyS_connect+0x1f4/0x240 [ 2270.894064] ? SyS_accept+0x30/0x30 [ 2270.897695] ? fput+0xb/0x140 [ 2270.900797] ? SyS_write+0x14d/0x210 [ 2270.904505] ? SyS_read+0x210/0x210 [ 2270.908156] ? SyS_clock_settime+0x1a0/0x1a0 [ 2270.912576] ? do_syscall_64+0x4c/0x640 [ 2270.916547] ? SyS_accept+0x30/0x30 [ 2270.920186] do_syscall_64+0x1d5/0x640 [ 2270.924078] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2270.929268] RIP: 0033:0x45de29 [ 2270.932447] RSP: 002b:00007f99fea89c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2270.940170] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 [ 2270.947445] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 [ 2270.954715] RBP: 00007f99fea89ca0 R08: 0000000000000000 R09: 0000000000000000 [ 2270.961994] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000019 [ 2270.969270] R13: 00007ffe45e906cf R14: 00007f99fea8a9c0 R15: 000000000118bf2c 22:51:39 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x5, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = getpid() getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) sendmsg$unix(r1, &(0x7f0000001440)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=[@cred={{0x1c, 0x1, 0x2, {r2, 0x0, r3}}}], 0x20}, 0x0) ptrace$cont(0x1f, r0, 0xf7bb, 0x0) r4 = socket$inet_udplite(0x2, 0x2, 0x88) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$SNDCTL_DSP_GETFMTS(r5, 0x8004500b, &(0x7f0000000000)=0xffffffff) 22:51:39 executing program 2 (fault-call:3 fault-nth:26): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) 22:51:39 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_int(r1, 0x29, 0x48, &(0x7f0000000240)=0xd, 0x4) getsockopt$inet6_int(r1, 0x29, 0x48, 0x0, &(0x7f00007d0000)) fcntl$setpipe(r1, 0x407, 0x8000) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_bp={&(0x7f0000000000), 0x4}, 0x10010, 0x0, 0x4, 0x4, 0xfffffffffffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r2, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r3+30000000}, 0x0) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r4, 0x840, 0x0) [ 2271.078989] FAULT_INJECTION: forcing a failure. [ 2271.078989] name failslab, interval 1, probability 0, space 0, times 0 [ 2271.107341] CPU: 1 PID: 10818 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2271.115285] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2271.124644] Call Trace: [ 2271.127240] dump_stack+0x1b2/0x283 [ 2271.130904] should_fail.cold+0x10a/0x154 [ 2271.137766] should_failslab+0xd6/0x130 [ 2271.141759] kmem_cache_alloc_trace+0x47/0x3d0 [ 2271.146350] sctp_add_bind_addr+0x6c/0x350 [ 2271.150596] sctp_copy_local_addr_list+0x2ae/0x400 [ 2271.155539] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2271.160313] sctp_bind_addr_copy+0xde/0x430 [ 2271.164655] __sctp_connect+0x618/0xbe0 [ 2271.168649] ? sctp_wfree+0x600/0x600 [ 2271.172468] ? lock_sock_nested+0x98/0x100 [ 2271.176722] ? sctp_asconf_mgmt+0x340/0x340 [ 2271.181055] sctp_inet_connect+0x127/0x190 [ 2271.185297] ? sctp_asconf_mgmt+0x340/0x340 [ 2271.189643] SyS_connect+0x1f4/0x240 [ 2271.193380] ? SyS_accept+0x30/0x30 [ 2271.197031] ? fput+0xb/0x140 [ 2271.200148] ? SyS_write+0x14d/0x210 [ 2271.203866] ? SyS_read+0x210/0x210 [ 2271.207495] ? SyS_clock_settime+0x1a0/0x1a0 [ 2271.211913] ? do_syscall_64+0x4c/0x640 [ 2271.217037] ? SyS_accept+0x30/0x30 [ 2271.220692] do_syscall_64+0x1d5/0x640 [ 2271.224585] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2271.230144] RIP: 0033:0x45de29 [ 2271.233357] RSP: 002b:00007f99fea89c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2271.241758] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 [ 2271.249030] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 [ 2271.256301] RBP: 00007f99fea89ca0 R08: 0000000000000000 R09: 0000000000000000 [ 2271.264552] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000001a [ 2271.271826] R13: 00007ffe45e906cf R14: 00007f99fea8a9c0 R15: 000000000118bf2c 22:51:39 executing program 2 (fault-call:3 fault-nth:27): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) [ 2271.388105] FAULT_INJECTION: forcing a failure. [ 2271.388105] name failslab, interval 1, probability 0, space 0, times 0 [ 2271.413861] CPU: 1 PID: 10833 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2271.421773] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2271.431132] Call Trace: [ 2271.433747] dump_stack+0x1b2/0x283 [ 2271.437389] should_fail.cold+0x10a/0x154 [ 2271.441545] should_failslab+0xd6/0x130 [ 2271.445551] kmem_cache_alloc_trace+0x47/0x3d0 [ 2271.450137] sctp_add_bind_addr+0x6c/0x350 [ 2271.454381] sctp_copy_local_addr_list+0x2ae/0x400 [ 2271.459333] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2271.464141] sctp_bind_addr_copy+0xde/0x430 [ 2271.468474] __sctp_connect+0x618/0xbe0 [ 2271.473243] ? sctp_wfree+0x600/0x600 [ 2271.477070] ? lock_sock_nested+0x98/0x100 [ 2271.481321] ? sctp_asconf_mgmt+0x340/0x340 [ 2271.485650] sctp_inet_connect+0x127/0x190 [ 2271.490085] ? sctp_asconf_mgmt+0x340/0x340 [ 2271.495372] SyS_connect+0x1f4/0x240 [ 2271.499093] ? SyS_accept+0x30/0x30 [ 2271.502748] ? fput+0xb/0x140 [ 2271.505880] ? SyS_write+0x14d/0x210 [ 2271.509597] ? SyS_read+0x210/0x210 [ 2271.513234] ? SyS_clock_settime+0x1a0/0x1a0 [ 2271.517648] ? do_syscall_64+0x4c/0x640 [ 2271.521622] ? SyS_accept+0x30/0x30 [ 2271.525254] do_syscall_64+0x1d5/0x640 [ 2271.529158] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2271.534361] RIP: 0033:0x45de29 22:51:39 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r3, 0x0, 0xfffffecc) splice(r2, 0x0, r4, 0x0, 0x4ffe2, 0x0) [ 2271.537547] RSP: 002b:00007f99fea89c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2271.545893] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 [ 2271.553180] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 [ 2271.560452] RBP: 00007f99fea89ca0 R08: 0000000000000000 R09: 0000000000000000 [ 2271.567733] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000001b [ 2271.575008] R13: 00007ffe45e906cf R14: 00007f99fea8a9c0 R15: 000000000118bf2c 22:51:39 executing program 2 (fault-call:3 fault-nth:28): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) [ 2271.721116] FAULT_INJECTION: forcing a failure. [ 2271.721116] name failslab, interval 1, probability 0, space 0, times 0 [ 2271.744663] CPU: 1 PID: 10843 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2271.752605] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2271.762592] Call Trace: [ 2271.765188] dump_stack+0x1b2/0x283 [ 2271.769360] should_fail.cold+0x10a/0x154 [ 2271.773520] should_failslab+0xd6/0x130 [ 2271.777680] kmem_cache_alloc_trace+0x47/0x3d0 [ 2271.782976] sctp_add_bind_addr+0x6c/0x350 [ 2271.787948] sctp_copy_local_addr_list+0x2ae/0x400 [ 2271.792900] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2271.797864] sctp_bind_addr_copy+0xde/0x430 [ 2271.802209] __sctp_connect+0x618/0xbe0 [ 2271.806192] ? sctp_wfree+0x600/0x600 [ 2271.810318] ? lock_sock_nested+0x98/0x100 [ 2271.814684] ? sctp_asconf_mgmt+0x340/0x340 [ 2271.819024] sctp_inet_connect+0x127/0x190 [ 2271.823272] ? sctp_asconf_mgmt+0x340/0x340 [ 2271.827692] SyS_connect+0x1f4/0x240 [ 2271.831415] ? SyS_accept+0x30/0x30 [ 2271.835058] ? fput+0xb/0x140 [ 2271.838174] ? SyS_write+0x14d/0x210 [ 2271.841912] ? SyS_read+0x210/0x210 [ 2271.845747] ? SyS_clock_settime+0x1a0/0x1a0 [ 2271.850163] ? do_syscall_64+0x4c/0x640 [ 2271.854844] ? SyS_accept+0x30/0x30 [ 2271.858479] do_syscall_64+0x1d5/0x640 [ 2271.862385] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2271.867578] RIP: 0033:0x45de29 [ 2271.870800] RSP: 002b:00007f99fea89c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2271.879666] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 [ 2271.886941] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 [ 2271.894222] RBP: 00007f99fea89ca0 R08: 0000000000000000 R09: 0000000000000000 [ 2271.901522] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000001c [ 2271.908798] R13: 00007ffe45e906cf R14: 00007f99fea8a9c0 R15: 000000000118bf2c 22:51:42 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) ptrace$cont(0x1f, r0, 0x0, 0x0) 22:51:42 executing program 2 (fault-call:3 fault-nth:29): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) 22:51:42 executing program 0: r0 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000100)='/dev/nvme-fabrics\x00', 0x80, 0x0) openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r1 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000fef000/0x11000)=nil, 0x11000, 0x1000008, 0x11, 0xffffffffffffffff, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$BTRFS_IOC_DEV_INFO(r3, 0xd000941e, &(0x7f0000000240)={0x0, "9286dee621e418c0a6a19ea57fc48cf3"}) ioctl$BTRFS_IOC_SCRUB_PROGRESS(r0, 0xc400941d, &(0x7f0000001240)={r4, 0xa65, 0x3}) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$BLKPG(r3, 0x1269, &(0x7f0000000080)={0x6, 0x0, 0x3, &(0x7f0000000000)="d59a7a"}) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r5+30000000}, 0x0) r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r6, 0x840, 0x0) 22:51:42 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = socket$inet_udp(0x2, 0x2, 0x0) close(r3) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r2, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(0xffffffffffffffff, 0x0, r3, 0x0, 0x4ffe2, 0x0) [ 2273.862038] FAULT_INJECTION: forcing a failure. [ 2273.862038] name failslab, interval 1, probability 0, space 0, times 0 [ 2273.889343] CPU: 1 PID: 10861 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2273.897682] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2273.907042] Call Trace: [ 2273.909652] dump_stack+0x1b2/0x283 [ 2273.913310] should_fail.cold+0x10a/0x154 [ 2273.917487] should_failslab+0xd6/0x130 [ 2273.922455] kmem_cache_alloc_trace+0x47/0x3d0 [ 2273.927068] sctp_add_bind_addr+0x6c/0x350 [ 2273.931314] sctp_copy_local_addr_list+0x2ae/0x400 [ 2273.936247] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2273.941014] sctp_bind_addr_copy+0xde/0x430 [ 2273.945343] __sctp_connect+0x618/0xbe0 [ 2273.949344] ? sctp_wfree+0x600/0x600 [ 2273.953167] ? lock_sock_nested+0x98/0x100 [ 2273.957408] ? sctp_asconf_mgmt+0x340/0x340 [ 2273.961763] sctp_inet_connect+0x127/0x190 [ 2273.966012] ? sctp_asconf_mgmt+0x340/0x340 [ 2273.970334] SyS_connect+0x1f4/0x240 [ 2273.974174] ? SyS_accept+0x30/0x30 [ 2273.977812] ? fput+0xb/0x140 [ 2273.980909] ? SyS_write+0x14d/0x210 [ 2273.984617] ? SyS_read+0x210/0x210 [ 2273.988243] ? SyS_clock_settime+0x1a0/0x1a0 [ 2273.992646] ? do_syscall_64+0x4c/0x640 [ 2273.996612] ? SyS_accept+0x30/0x30 [ 2274.000239] do_syscall_64+0x1d5/0x640 [ 2274.004129] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2274.009328] RIP: 0033:0x45de29 [ 2274.012539] RSP: 002b:00007f99fea89c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2274.020265] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 [ 2274.027620] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 [ 2274.034894] RBP: 00007f99fea89ca0 R08: 0000000000000000 R09: 0000000000000000 [ 2274.042180] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000001d [ 2274.049459] R13: 00007ffe45e906cf R14: 00007f99fea8a9c0 R15: 000000000118bf2c 22:51:42 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000000)={0x28, 0x0, 0xcfaeea700fc29f91, 0x0, 0x0, {{0x5}, {@val={0x8, 0x6}, @val={0xc}}}}, 0x28}, 0x1, 0xe}, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000280)={'wlan0\x00', 0x0}) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00') sendmsg$NL80211_CMD_JOIN_MESH(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000480)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="1fda00000000000000004400000008000300", @ANYRES32=r3, @ANYBLOB="aeadd9560610c7ad006bf427e4049e937d23cd198911e265d400a4f6bb56bb1a4b677d9b5318ec2f9e4aff86e197be3479bd9b0e920b25bb1e74a2bb742cc70ce7f5e1fb5b5c24320dec6834ef5826cebb291b748feed58c1c62000f2b41375144bcf8581f98844440f83e0d52ddadc3b0b0afdb8eee44f9141458d429d7fbcd240d3cc07d5f5fc1753232707f2ab127e0f572d7596174f56129d5767900ffd4620ab3a0db7ec16f852e773e1b5a62dec802464489c7a531d4406dea508dcf489371ffbc0200ae3a08ad43542445832e43bf8b0a51cdc510bef35038e803b739a9557bbdf6b95ee901db0a542f652c521a1028fdd68d13bdd0ed4f0304d4d22b51d11e6610d1b6720b74c74c65ad9a0d5dc05ecbaf69550e38e7b167f8173cf92979debb41b08ad61d11606ea7e0cf8e1ded00"/316], 0x28}}, 0x0) sendmsg$NL80211_CMD_GET_INTERFACE(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x42040}, 0xc, &(0x7f00000001c0)={&(0x7f0000000100)={0x1c, 0x0, 0x20, 0x70bd26, 0x25dfdbff, {{}, {@val={0x8, 0x3, r3}, @void}}, [""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000081}, 0x20088005) r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r5, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r6+30000000}, 0x0) r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r7, 0x840, 0x0) 22:51:42 executing program 2 (fault-call:3 fault-nth:30): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) [ 2274.234068] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. [ 2274.244453] FAULT_INJECTION: forcing a failure. [ 2274.244453] name failslab, interval 1, probability 0, space 0, times 0 [ 2274.270912] CPU: 1 PID: 10873 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2274.278821] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2274.288176] Call Trace: [ 2274.290774] dump_stack+0x1b2/0x283 [ 2274.294406] should_fail.cold+0x10a/0x154 [ 2274.298583] should_failslab+0xd6/0x130 [ 2274.302558] kmem_cache_alloc_trace+0x47/0x3d0 [ 2274.307143] sctp_add_bind_addr+0x6c/0x350 [ 2274.311397] sctp_copy_local_addr_list+0x2ae/0x400 [ 2274.316340] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2274.321106] sctp_bind_addr_copy+0xde/0x430 [ 2274.325436] __sctp_connect+0x618/0xbe0 [ 2274.329436] ? sctp_wfree+0x600/0x600 [ 2274.333263] ? lock_sock_nested+0x98/0x100 [ 2274.337508] ? sctp_asconf_mgmt+0x340/0x340 [ 2274.341829] sctp_inet_connect+0x127/0x190 [ 2274.347543] ? sctp_asconf_mgmt+0x340/0x340 [ 2274.351862] SyS_connect+0x1f4/0x240 [ 2274.355589] ? SyS_accept+0x30/0x30 [ 2274.359219] ? fput+0xb/0x140 [ 2274.362326] ? SyS_write+0x14d/0x210 [ 2274.366048] ? SyS_read+0x210/0x210 [ 2274.369699] ? SyS_clock_settime+0x1a0/0x1a0 [ 2274.374140] ? do_syscall_64+0x4c/0x640 [ 2274.378134] ? SyS_accept+0x30/0x30 22:51:42 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r1 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setuid(r2) r3 = getpgrp(0x0) r4 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setuid(r5) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)=@proc={0x10, 0x0, 0x25dfdbfe, 0x1000000}, 0xc, &(0x7f0000000040)=[{&(0x7f0000000200)={0x156c, 0x1f, 0x4, 0x70bd25, 0x25dfdbfb, "", [@typed={0x8, 0x5e, 0x0, 0x0, @u32=0x1000}, @typed={0x6, 0x46, 0x0, 0x0, @str='.\x00'}, @generic="144a502356d3f2c5048b056f5e997f8417974590f9d4b0e14cdabaa22553d70f51635a638ca00ea425fc0acf666c4fc8f9a1e62352b70b7cd9d39f6dd9a9136c1494b72275ab6f03bca00d8593af52abd9a77f9e06de1df0a1bc162fed07219e948cdb2cf4ed92ae62d0c31f8e78710f87783880cd7705f0678d2f160cea579daa83b74f727ccbae3ade3e2bf4fc643e2f4782a23dd8058749aef3926bb56b7401ca91ddfbe971b879e659cc96cb2f8c10f96c", @typed={0x8, 0x5d, 0x0, 0x0, @uid=r2}, @generic="6049f1f1ada53597e3726090335bf9d9d1594c24cb92740711b577770d4f14dd8cd536a6cbadb03c332f0b251fd6d5a331af1164201b875b120a7b4d7bbf2066082fca5778851a600666", @nested={0x33c, 0x3d, 0x0, 0x1, [@typed={0x8, 0x91, 0x0, 0x0, @pid=r3}, @typed={0x5, 0x68, 0x0, 0x0, @str='\x00'}, @generic="711ebb5b8256ca43061b7957ece12cd79f527b357969d405695d918ab177918bdf05352a2d28c1a2db9cd1a0b9db600b79dcfda24763e4263d9eca7f2eb0cc4b9ad8f5723abed63a83cde2eb47bf659a9ab71d362dbf329879842f1d48be4190b43e922292d81c0222a1ed3472e8a5b89ad32e141d26f30f50", @generic="6909f2756f1357681cc660c5c4fc34e5159bc0a2bf9f86d0662df62c4774504d6ac989e3b1f82bbbd856ed72aa2fcefc24dff23b9e886e5d69db9bd377d7ab239354a46f115a2b0661104b8fa9929b2ee72f5b360835667af288607576eaffa30088de45234e81a7b3b9b3f0960a6230e309067ed1e636dfbc365d3cbbee2e7e4148c009c60383781be1caf72cc32435a7789b43622abf84375bd6bc8a4e975270d579f9a5f7a0bdc0fa798fb10fe9290dcfb062d075ea8cd6d17312d7779f1f7f7131c9729decf3d37d7790a7b259cc281c0dd8ff8df9eb", @generic="ed9a9bdb4b88efe0acb922d9668b359797cb27a638b4ec5b4069ac9918d92c5bb05d848c0003ef673b264e55b1649ef9dd9213257b0544d971552071f565951da9914a334a970f0176c5c38c3cf4a30076dcb8caaa09eac6551e003126a312930c52dc99e42fdcaf93fafffc89683e4779ace63f4d7dc7cfb9616608d1df6b35bd259943a23ab6142836d3d8315d88a19fc0d733f095ad2e14dc06c0e237e715acca6863ae54ae9c7b85e39bae56c986711a48c365240df570", @generic="8f9e3ab8a09a5d73369ac794229e74353bd2b21af623937e62aae85a935aab5d270403c19b413adfd36736609e1b016173aa31", @generic="736557df8b40421a5cf4d3b658343f0208c12305da967ef6bae87c42412bc00913f3c72db5c67fff345853cf603b01f45db158b045783a459fd7c6419bcf364d2e2445dc64fbe11823f19d1448c4367c5d92542cd28f73494b92abb33ccfa07673367a0afda99b2ee3f9bafb273c79fa0bd513694b7b7b94b023c4ffbf15b6ae40110bccd4944a66281419b05c4d9819e5bfa9576f3c3fcdb8ce24984030f9ba597f583efb59d4c8bda33f5e53b4e81410249eb91e90df0c08c299392559bfdc9864888e47ea3a03f3400489f19dfd49c56b57b9c97c06cb710194a0e9ca6232368b5a65f5fe", @generic="ef28c33227"]}, @generic="882e7ee2dc5211e1b7f357a6a36bc2dd6db4328451e01da9076d623314f1a79f9f9507469ed510b5804f6102273e689ba01df8a9b53e1fd718feb60fa166639ca7ae6c779ff1184e48f0ec10dd87be2761a848af2f2bad98b4aea7aeec4ea4b60e2d6d7e0416c41a8cd86ce8d52aba7039aa8e01433609936d29693c51bfbe6aeaa962be084985ef92be08a0a0448a00c48ce4272dc9fdf15a70723a3a4115fb330fbb98bcd978b8a939e0ab3e61c4ee30e1925f3eae34b9b5e9c244eda417683f711e9855f998e35ec990a0deba2e898074afe03e2f66abcc31ac9c757d94643ddbe53aff7da943d16a49e48913e81e8982de6dd343e000d5a7effb75d9c6117a1e346f30364cb064d1e7681412cb2b199c0b84a2be8af8f764bdbf0a51c0707ae8391520ff37e72f7988aaf77916b59510db017a2d734b6e21eabe755dd8302fc3bc6ddef110d2f20e21498d03104cf73b0917d5c7f61c0fe43127efb1eef588ffc34a11a3d6de3ff9941a14442d2ff75048ca72d7cc1c4fcbdb74a9f82f9506b8a149e9bf794bbe2e337d2f18ec74306aa897165b19e62a94b26652f9f4d078fed184fef40a98c091bda15f801d79f71527de8959eec07cdfb63e3d938d967da42bddf2ea627088565f357a67ae1411db9f01910ff4c020d8c39c76f2247a04fb086003022f25c082dfedad814969f987410d4e192d069069842fa3336a585bc84f973cf7dc2131cf61487bce17c16a4fe6f1136f959f644de6f88cb2cceabcf9a913473bf8b052b740562493e0085bb4ec2d56258928842dc24e164e33df319bdb4d020fcd5d15d053204ad0c3cd2ecc1bc15c06b442fa83ef43800bee997a761de56ae6a9ae0f668bd592b18f5ba9ba83142b2f4cde4ca12ca90cbbe3cdc5ff97e69f828d4d6bb0cd02b21294d0b3ff61578809979249743dd4e392b593239de147882fa961d617a490ed10215578c1ae01b0ac8dbf46673faaef03372ba764932cf54d747a99e8c88b68f803c7410ca56e14fc7dcf9af292b1f439d198bd7499a74b17ff877f287864e001f2e806e823362900f3899532bd1a2ec27d7d78b420fee7c6d1d6407114c39067219b39ee288e4570b1910bf3134fec9236573389e73bebac53f468f5eec5b2bb3b4d5f6bd9e843ade6c5e1ff53b6d3b8f81de340eeebaaff685a93cd114c61fe6dbd611008ae91e30fa20504ccc9fa11e13eec633c4cf8a8b71814e1ec03564b36083685fabfa4f5dfa012cd26952752220944e3d0a41462167c57d54c2323227178dda000121313cefb6e566f43608b43c4936f6c404898db8aa06bbecad8f4deadce2cb4b60e7e4bb846083e9442dc05a9553c0cc0a4878bccb9da8154ee1d332e7cef2e0604c26ac446745d7184988e0a7fe2558f2e8d483cfece6fc2c9e1ae0202650bb00364fd291b328fcb5dd5d16be7d86d222b3498b41b53d41c9a4c3c7492a093a957d6874eb6f6af52561efe9f4065cb1b78a7e13ae86b288eb79aa74833d38b794be06d73cc2c9164b7d6353f4868cbdcea72d3a748c1ec00381d21f1a5254e3d05d805f9c317fdb47fcc56c885b1a744a66d054072674d479711d24c8ed25550bc8d481b66fad979b52236f301df9942fa9ca5315753234a28075a7ebe301026c99e8a9aa91a2362725602a314b9ee0321e170e3cbc277ba1324587290af31c847fcdbd50e8fae3ed5c68d5923eb111f9db72d5a1fd1ddd046d137af64d95137eff165d86ee6848d10d1eaf82d14d5ce899110d575147710841969410ae039de98c61f91b13ba253547f75d19fe4ad94dfadc6d341c0c27ddb7f2b4a2c96d91dceb9f3df1b5bfdc320d178e3d926cd88f7cc5121367e81184b5ae53fabe6d3df18f6777b2c7a1c1dc8883364bdcc7ad6904a67ec9c45907265a9bf3b286c9ff5dcdefc69da05db1bc3b59a9aa6c6233503d7af456bd8da8d1ca06890b6ae3fecb557ff103386b63adace6905d5750e41fc0f82b11054bf8c34f16f955edac7dcf0e1628731aa09f70220253ebead1cbb2532f81e68ba678461df1363b31d677fe7318475e8978b71cbf56244d6cdfb2971fe15f0b7fa92048a0ccec3df1eabb5147c583f284667052369db7c92347d6699066dbdadbb09a7b0814ac8992e26e8e2578d7f2ce558d79bc8ddfdb1762181767350c0fc6f067b47332c44fd549abc132a660cdc7f550559e128808638567ea45985acba9dafebe15300f5d2082cd14a6190979594f006b1d96464210175026d6032754a9c3de6ff778b35cac87d7e3b8d74831e2b10ee473715a713958eca29759318bcae227667ff2a2d3b3a707b0b8b25653b1a2a31ab1a3fa8f582c9b7949691e77c5c156dd581169cd861ef5a2169824fdda2b877636a31b8fd2ab7b24fc388aa481dab41142412ca630dea22932b2bbc35656fe650b7a899155a620eedec72f6dd35df23839e42f0172c1db8b7ba1a7beb91734827c0ffd0a37860a652b9aeb0924b908f0c7ee899ada35a460424a117d8d01d7cfdb2245e81883248ca523a5941a39f6bfbf33b6eace23f687e52485e50abaedc41d58d4f300f733774408585deb94f9cd691908d59d77046700a32f4923e2bbfbdcc4c2d09a7d6b5625a3705ac0da4751f1a1a6e455adf0dc88df2e4b1edef926574482b1a785d5c2b0161b544e1a8ec6e7381413dedb35c831d54ae73ba724247e0e2035308c267475cac5ce4bd33758b905aeb8ec962e1ae0b12be62987addf608e6d36953377fa488561e956e141e2023a659259c1f93914c2c62b024386ef7afbeb9908742eef94270969410f38b87b8475f4755471765ecfda57c9370baf1eca31866266d1ac7396b2acfab1da83a97565eaa6b555087b441df5a9c4393b031bca746c95e8078fc4209d13f557e5b1116d77be90819794ec823f0cc146b615e38113ba80bb16793430059e3b038e910986c6ddbc488b4cc80adcb45be7206b20d23c2d63d094dddc7dfaf9ce5dc410894e65c3090b80df0d964ea04e53f3dfd17cbe566dc5681194eef54b86837c591b84680b4347087910e3d349ae601ce96f3087a946c58b609ca0f4c23a6539647d5b50b80d90dc9d7f442f0d4c4e44ef0f57bed04cbd042e0815c5a9f7e7954823eb19ce6d1720d180c744aa55d5c5635cabaefb36749092464e911d29ba06e21dcfaf301024e7a1ea8acb1be419ea6c7613de1110cdbaef7d379029101453c07897c7955808e84498849cd882281126b505488611da514105f89fd06dd57b8c3fc20b431ebf2aca4b9786f4126a63604ab2c32ddf8f506ec45a559d0ef9709a34f503e5860c26b810e2e91cc2cd8f9e9e03ce5cd821742627c12f95cd5cbf1ee4bbac61d1d422eeef59fb0cd19e38e6566166e8e795b0b47491b078a6fe133796bc4ad25cf5aa9ca779f9a0294aa0c52e0e955f3eca8b10c17ecf78436bd925f244de0ebdbdc62e8fe5d4d77e3631fe375df5de2363c6801dda04f9449e3fe695f3ad6cd11945e34c532494a31e3ee9dae5829fa43fd746fcd5155f292cbcfd87707a8a310eb665ed3d7a48315e28050243002b66849ab267a8c6ae434cd2f00b2f00643f3bbe7c1b636127c6ff84d23dbf2d0b0d52517da681db8e1a743a4b9c575f0a8f5aff1417310ae3674d407777c8da7f720e4341c3a4d8962ccad5e7e63f28179f55ee10491c139c98be184adbbb577ab7328fcd7acdedaaf75666f4f478ba73a1e09cb8342d7af3cf085fcad959284259d963f70f7c6df054b75f5a53de20076a8f2a9d46a3ae81bf5d13f6c8ba76cb9d637edeccad0834b3b7dbba5bf4dc41a7ca17531bae232b6f63c6fa082e6241ef428ba2ac8adf93354246cb4c9d10fed9a432c4265c7a435d487e0153544a1b32393adac2319ebb281f775a7e42e0d5d6aca8e82ac02eb3bf46062c3e0f29b14fbc7f5306d1ffa4ad7ac2a55052fb1dcc43221a0696b612ec883bd247ca0f4d213359b681e11d591f6c47a8bd478d9a223e33d234eb2c3163efd796e73b52858f1ffd3552a85e349d6e2f5e371708ea9459a03ddc9ec0ccb017375c0bb44048e55a355b57e94533b0ec7e80d29340bf839f77285207966fc3088d2c0a3cfedc5e0321a2b0c3fdd8c94a849f9ce49c46f17493af8e9670805ab8279a0d16fc0f86bafdeee7ac40ad8b3fe748ebcc900cd7c41b9fc1b5b9daf2334669be1a41b4631be03f244b33f0782e82bbb5b490342602216afca787a1316e289d2ca38608848a68b755d6d51141607014cd9e369700dcd5d254cbe1c7f5c8e4a55903922f9061cd7a56fa48622f987c08711c1dd77f15eb0f38dbb97deaef78fa0356211e7182c34fe40b900ab11c7ed1c5f536d0666716a619b685b0774e46229e4fd721c9f97520b74a4a556e20ed5f1761b583943575da72dce08f82c57331a147326f7f3f1c17e6a33d04198307327b0c288f8493d640beb9011c2335beac4fffae5e11d50d1daa3d95b0e3fd54198359477e374d1738e3bbb7552619b1fc5867540e4544c66754573c9d5b30a00dc9352e8b5564db370b0b48d96b938ab3044347473f5791965daf50b13169384ae2789df3a50fd4145c9f3f02f8d7e96c04edf6ea1d89f930e76a97dc6880b87c7b5caaf087bf27bf6b0458946e556738cf3469c40a8fbba27f5cf0957fd173409a355549e9a7b4d9188a15b7d5f6827426d35e0d29fab8878a187eeeb021aab59724450ac2a456e99c6e5eed433f2dc226100069199141e8d7a871addfeea8c4657f15bdde72e1aff0e60e099b745d2b6e3112f54003988cac62819e0a457ad3949c550ea2914912ae9cb6199c45655f0c8a5949c2ee5a5821cc1210887aee7bf3dd99c09c55a74208c66f0990bb943b44d5eed69e248279e131e044b35577f9036141f867e58293062523eca4828cabc2197e03e59ac02320503ef9b5ea245d565502cae6a67fe3adf41f23b9be853287e154ebf6d6b294e85a78084d7d6786409124f86ea13977d757eaf294801ac593675c31bb75ae1f5babb1d3c455ae53055f313198161f8d583937e2d8c64b316adbf9c865d9e6d9145c7a8dd658a23828c707840f5b65a53f11b9a05ce8ced7692d2cd9953b6bbcc0618fa05db343fb605cb71145ef7396a4b9606766c483f1c7f79eb61f9bed489a49483d92077cce378c18920b3b02c16855e06c7d734f7e29c5bad68175d13d2e3e9777360b273b44435abfa0e984641ea78c896ede9d7cbbcaff53ca01866e9c531bdd2a7e1aab9cfa69730c03fef546d1c1731a2687193045d0b12773fd694633393d7fbbc507b7eaa902a7bbeb7edc216c623f7486645cf4a3149ff3b42a1133a4f3211dd8089bcf6f8c291e1fa6409faf9e120f79cfed94af6a4d25189ddf03e53623349de3fab1f2b19686bcb91a94751d674f08a2964ca6609929bc6d3ca8ea694c01013db9f8cf9ed839ee4378535f7355cfb4b7162fb1150e089c4d1fd6fe223115653a24141db498cceac6b118f5fe05b4fc032fca20b1910181f2f3954ee048ea052e372d41886dd474f5c2aff11e24248ba3919589328cc3c29cd9e744a08e1828e6a27ed08d8ae86f7d9b7d2bdaa663dd4d4b44ac7450f2d25c1c80556c780792f2fbd188cdd6abb18744aa5cb74177a988ecbfffa986a490ab57c86fcbc884fa1bb5954473527096abf5fc5cc582e50ac18201247be0f2140d4afe41e4dd1de08a31e6b54f7a4735bce0803d45beb5491cee7a95fdb0ab8800d830e462e389f87d213f9d075fcfc82eb2f2f099b8bfd0600d78c", @nested={0x108, 0x4c, 0x0, 0x1, [@generic="7a9178d07190d5a614bdca427d143991f0ed4b6758aded69de05bacf0bd4605484b181fc6478063a4fac982b24bdaf8918045c93a46dc466262fcca43a407f152610bb8d7a08eea3c2b8817a6941b6ffa20e5a75244bd89524d3dd776d65ca46aa919888de278f1ae939791895cef9203df5865c8e6952fef1b2d799dfa5f3daa0255f253c48977157cf7bc210c096afa8a879869b3e44bc09cd7febece45d104f5420ad4896609014824ed3f080323e1706bd5f933adb4ea9d7392d0aa104f04ecb0d555655632b4d777b0b37a9aac55314a7f50f0b5d2000c5d67c3d950e61747fda201afa0ced2a9a3fe897aa338c", @typed={0x8, 0x28, 0x0, 0x0, @binary="58db7985"}, @typed={0xc, 0x35, 0x0, 0x0, @u64=0x2}]}]}, 0x156c}, {&(0x7f0000001780)={0x12c, 0x22, 0x200, 0x70bd25, 0x25dfdbfb, "", [@typed={0xc, 0x40, 0x0, 0x0, @u64=0xfffffffffffffffe}, @nested={0x110, 0x2a, 0x0, 0x1, [@typed={0x18, 0x87, 0x0, 0x0, @str='*-}\xde^\'-#:.$$)&,#:,/\x00'}, @typed={0x4, 0x4d}, @typed={0x8, 0x91, 0x0, 0x0, @uid=r5}, @typed={0xe8, 0x67, 0x0, 0x0, @binary="e190f961e4507c932edc9a14c864ddfb157d3e3936133bc1826aa9fe38159fbf1f7957ac74d2e2528412a0be199a0aa804b5f259547189d19d0f3667a0a4a9455c3402e16b9849d4d90abe342d25f8ab5ba5033c3d7b0a6f12034cafcf9c78065b016880f7af8f12f961ac678eb992d9f766fedcdfec138d294a783e291a72e1e0276a7139a9d95dad2435cf9990679ef2fcf0ed387a31b982c47311381f9176b3fbef725d3aa8d27c9b67ad2ec8d3cae3068f826fa614f346158135d3f9ac8d536584189db3c1af220d32e138409cbcdff7c9c7a1605b858910aee2c8e39e38e8d559aa"}]}]}, 0x12c}], 0x2, 0x0, 0x0, 0x20000000}, 0x4000814) ptrace$cont(0x1f, r0, 0x0, 0x0) [ 2274.381762] do_syscall_64+0x1d5/0x640 [ 2274.385678] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2274.390865] RIP: 0033:0x45de29 [ 2274.394050] RSP: 002b:00007f99fea89c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2274.401765] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 [ 2274.409468] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 [ 2274.416750] RBP: 00007f99fea89ca0 R08: 0000000000000000 R09: 0000000000000000 [ 2274.424048] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000001e [ 2274.431317] R13: 00007ffe45e906cf R14: 00007f99fea8a9c0 R15: 000000000118bf2c 22:51:42 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = socket$inet_udp(0x2, 0x2, 0x0) close(r3) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r2, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(0xffffffffffffffff, 0x0, r3, 0x0, 0x4ffe2, 0x0) 22:51:42 executing program 2 (fault-call:3 fault-nth:31): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) [ 2274.787647] FAULT_INJECTION: forcing a failure. [ 2274.787647] name failslab, interval 1, probability 0, space 0, times 0 [ 2274.810982] CPU: 1 PID: 10890 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2274.818892] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2274.828945] Call Trace: [ 2274.831544] dump_stack+0x1b2/0x283 [ 2274.835186] should_fail.cold+0x10a/0x154 [ 2274.839366] should_failslab+0xd6/0x130 [ 2274.843354] kmem_cache_alloc_trace+0x47/0x3d0 [ 2274.847948] sctp_add_bind_addr+0x6c/0x350 [ 2274.852189] sctp_copy_local_addr_list+0x2ae/0x400 [ 2274.857131] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2274.861904] sctp_bind_addr_copy+0xde/0x430 [ 2274.866239] __sctp_connect+0x618/0xbe0 [ 2274.870229] ? sctp_wfree+0x600/0x600 [ 2274.874055] ? lock_sock_nested+0x98/0x100 [ 2274.878324] ? sctp_asconf_mgmt+0x340/0x340 [ 2274.882963] sctp_inet_connect+0x127/0x190 [ 2274.887199] ? sctp_asconf_mgmt+0x340/0x340 [ 2274.891519] SyS_connect+0x1f4/0x240 [ 2274.895242] ? SyS_accept+0x30/0x30 [ 2274.898868] ? fput+0xb/0x140 [ 2274.901971] ? SyS_write+0x14d/0x210 [ 2274.905684] ? SyS_read+0x210/0x210 [ 2274.909307] ? SyS_clock_settime+0x1a0/0x1a0 [ 2274.913717] ? do_syscall_64+0x4c/0x640 [ 2274.917689] ? SyS_accept+0x30/0x30 [ 2274.921319] do_syscall_64+0x1d5/0x640 [ 2274.925217] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2274.930403] RIP: 0033:0x45de29 [ 2274.933586] RSP: 002b:00007f99fea89c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2274.941384] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 [ 2274.948658] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 [ 2274.956366] RBP: 00007f99fea89ca0 R08: 0000000000000000 R09: 0000000000000000 [ 2274.963651] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000001f [ 2274.970943] R13: 00007ffe45e906cf R14: 00007f99fea8a9c0 R15: 000000000118bf2c [ 2274.990278] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. 22:51:43 executing program 2 (fault-call:3 fault-nth:32): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) [ 2275.301897] FAULT_INJECTION: forcing a failure. [ 2275.301897] name failslab, interval 1, probability 0, space 0, times 0 [ 2275.344397] CPU: 1 PID: 10894 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2275.353450] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2275.362810] Call Trace: [ 2275.365442] dump_stack+0x1b2/0x283 [ 2275.369072] should_fail.cold+0x10a/0x154 [ 2275.373228] should_failslab+0xd6/0x130 [ 2275.377247] kmem_cache_alloc_trace+0x47/0x3d0 [ 2275.381839] sctp_add_bind_addr+0x6c/0x350 [ 2275.386081] sctp_copy_local_addr_list+0x2ae/0x400 22:51:43 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setuid(r2) r3 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setuid(r4) mount$9p_tcp(&(0x7f0000000000)='127.0.0.1\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000100)='9p\x00', 0x2000, &(0x7f0000000240)={'trans=tcp,', {'port', 0x3d, 0x4e24}, 0x2c, {[{@dfltuid={'dfltuid', 0x3d, 0xee00}}, {@access_user='access=user'}, {@cache_loose='cache=loose'}, {@access_user='access=user'}, {@access_client='access=client'}, {@debug={'debug', 0x3d, 0x8}}, {@dfltuid={'dfltuid', 0x3d, r2}}, {@loose='loose'}, {@aname={'aname', 0x3d, '/*|\xcc,.\\)*:'}}], [{@euid_lt={'euid<', r4}}, {@measure='measure'}, {@uid_lt={'uid<', 0xee01}}]}}) socket$inet_udp(0x2, 0x2, 0x0) r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r5, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r6+30000000}, 0x0) r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r7, 0x840, 0x0) [ 2275.391005] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2275.395756] sctp_bind_addr_copy+0xde/0x430 [ 2275.401325] __sctp_connect+0x618/0xbe0 [ 2275.405305] ? sctp_wfree+0x600/0x600 [ 2275.409196] ? lock_sock_nested+0x98/0x100 [ 2275.413441] ? sctp_asconf_mgmt+0x340/0x340 [ 2275.417768] sctp_inet_connect+0x127/0x190 [ 2275.422022] ? sctp_asconf_mgmt+0x340/0x340 [ 2275.426340] SyS_connect+0x1f4/0x240 [ 2275.430074] ? SyS_accept+0x30/0x30 [ 2275.433699] ? fput+0xb/0x140 [ 2275.436831] ? SyS_write+0x14d/0x210 [ 2275.440543] ? SyS_read+0x210/0x210 [ 2275.444166] ? SyS_clock_settime+0x1a0/0x1a0 [ 2275.448573] ? do_syscall_64+0x4c/0x640 [ 2275.452550] ? SyS_accept+0x30/0x30 [ 2275.456207] do_syscall_64+0x1d5/0x640 [ 2275.460104] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2275.465307] RIP: 0033:0x45de29 [ 2275.468506] RSP: 002b:00007f99fea89c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2275.476216] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 [ 2275.483498] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 22:51:43 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = socket$inet_udp(0x2, 0x2, 0x0) close(r3) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r2, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(0xffffffffffffffff, 0x0, r3, 0x0, 0x4ffe2, 0x0) [ 2275.490766] RBP: 00007f99fea89ca0 R08: 0000000000000000 R09: 0000000000000000 [ 2275.498041] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000020 [ 2275.505314] R13: 00007ffe45e906cf R14: 00007f99fea8a9c0 R15: 000000000118bf2c 22:51:45 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) ptrace$cont(0x1f, r0, 0x0, 0x0) 22:51:45 executing program 2 (fault-call:3 fault-nth:33): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) 22:51:45 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) setsockopt$inet_sctp_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000000)={0x4, 0x8, 0x0, 0x4, 0x1f, 0x5d, 0x1, 0x2c, 0x3f, 0x45, 0x1, 0x8, 0x1, 0x2}, 0xe) clock_gettime(0x4, &(0x7f0000000180)={0x0, 0x0}) r3 = openat$mice(0xffffffffffffff9c, &(0x7f0000001e80)='/dev/input/mice\x00', 0x100) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r3, 0x6, 0x16, &(0x7f0000001ec0)=[@sack_perm, @window={0x3, 0x9, 0x3}, @timestamp, @sack_perm, @mss={0x2, 0x8}], 0x5) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r4, 0x840, 0x0) 22:51:45 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x4ffe2, 0x0) [ 2276.861151] FAULT_INJECTION: forcing a failure. [ 2276.861151] name failslab, interval 1, probability 0, space 0, times 0 [ 2276.887610] CPU: 1 PID: 10919 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2276.895552] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2276.904905] Call Trace: 22:51:45 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) ptrace$cont(0x1f, r0, 0x0, 0x0) [ 2276.907500] dump_stack+0x1b2/0x283 [ 2276.912958] should_fail.cold+0x10a/0x154 [ 2276.917141] should_failslab+0xd6/0x130 [ 2276.921118] kmem_cache_alloc_trace+0x47/0x3d0 [ 2276.927448] sctp_add_bind_addr+0x6c/0x350 [ 2276.931687] sctp_copy_local_addr_list+0x2ae/0x400 [ 2276.936643] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2276.942277] sctp_bind_addr_copy+0xde/0x430 [ 2276.946608] __sctp_connect+0x618/0xbe0 [ 2276.950595] ? sctp_wfree+0x600/0x600 [ 2276.954396] ? lock_sock_nested+0x98/0x100 [ 2276.958639] ? sctp_asconf_mgmt+0x340/0x340 [ 2276.963182] sctp_inet_connect+0x127/0x190 [ 2276.967450] ? sctp_asconf_mgmt+0x340/0x340 [ 2276.971772] SyS_connect+0x1f4/0x240 [ 2276.975488] ? SyS_accept+0x30/0x30 [ 2276.979418] ? fput+0xb/0x140 [ 2276.982532] ? SyS_write+0x14d/0x210 [ 2276.986475] ? SyS_read+0x210/0x210 [ 2276.990566] ? SyS_clock_settime+0x1a0/0x1a0 [ 2276.994999] ? do_syscall_64+0x4c/0x640 [ 2276.998996] ? SyS_accept+0x30/0x30 [ 2277.002622] do_syscall_64+0x1d5/0x640 [ 2277.006519] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2277.011706] RIP: 0033:0x45de29 [ 2277.014888] RSP: 002b:00007f99fea89c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2277.023552] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 [ 2277.030839] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 [ 2277.038109] RBP: 00007f99fea89ca0 R08: 0000000000000000 R09: 0000000000000000 [ 2277.045473] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000021 [ 2277.052778] R13: 00007ffe45e906cf R14: 00007f99fea8a9c0 R15: 000000000118bf2c 22:51:45 executing program 2 (fault-call:3 fault-nth:34): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) [ 2277.171021] FAULT_INJECTION: forcing a failure. [ 2277.171021] name failslab, interval 1, probability 0, space 0, times 0 [ 2277.207033] CPU: 0 PID: 10930 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2277.214961] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2277.224780] Call Trace: [ 2277.227392] dump_stack+0x1b2/0x283 [ 2277.231557] should_fail.cold+0x10a/0x154 [ 2277.235716] should_failslab+0xd6/0x130 [ 2277.239698] kmem_cache_alloc_trace+0x47/0x3d0 [ 2277.244295] sctp_add_bind_addr+0x6c/0x350 [ 2277.248541] sctp_copy_local_addr_list+0x2ae/0x400 [ 2277.253490] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2277.258525] sctp_bind_addr_copy+0xde/0x430 [ 2277.262869] __sctp_connect+0x618/0xbe0 [ 2277.266852] ? sctp_wfree+0x600/0x600 [ 2277.270659] ? lock_sock_nested+0x98/0x100 [ 2277.274917] ? sctp_asconf_mgmt+0x340/0x340 [ 2277.279259] sctp_inet_connect+0x127/0x190 [ 2277.283507] ? sctp_asconf_mgmt+0x340/0x340 [ 2277.287825] SyS_connect+0x1f4/0x240 [ 2277.291542] ? SyS_accept+0x30/0x30 [ 2277.295203] ? fput+0xb/0x140 [ 2277.298312] ? SyS_write+0x14d/0x210 [ 2277.302023] ? SyS_read+0x210/0x210 [ 2277.305665] ? SyS_clock_settime+0x1a0/0x1a0 [ 2277.310096] ? do_syscall_64+0x4c/0x640 [ 2277.314068] ? SyS_accept+0x30/0x30 [ 2277.317700] do_syscall_64+0x1d5/0x640 [ 2277.321601] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2277.326814] RIP: 0033:0x45de29 [ 2277.330001] RSP: 002b:00007f99fea89c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2277.337733] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 [ 2277.345009] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 [ 2277.352279] RBP: 00007f99fea89ca0 R08: 0000000000000000 R09: 0000000000000000 [ 2277.359571] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000022 [ 2277.366847] R13: 00007ffe45e906cf R14: 00007f99fea8a9c0 R15: 000000000118bf2c 22:51:45 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x11392500, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() r1 = socket$packet(0x11, 0x3, 0x300) wait4(0x0, 0x0, 0x80000002, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_int(r2, 0x29, 0x48, &(0x7f0000000240)=0xd, 0x4) getsockopt$inet6_int(r2, 0x29, 0x48, 0x0, &(0x7f00007d0000)) connect(r2, &(0x7f0000000240)=@alg={0x26, 'hash\x00', 0x0, 0x0, 'sha256_mb\x00'}, 0x80) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f00000002c0)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000080)={r1, 0xfffffffffffffff9, 0x2, 0x7fffffff}) ioctl$TUNSETFILTEREBPF(r3, 0x800454e1, &(0x7f0000000200)) ptrace$setopts(0x4200, r0, 0xdce, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) socket$bt_rfcomm(0x1f, 0x1, 0x3) ptrace$setregs(0xd, r0, 0x7, &(0x7f0000000000)="10e96a045843b0c95b4a58055d356b9673ad8385d39828f896a9eff80d3422144518f596c72212568a75bf928a90ca1164c2596c") write$cgroup_freezer_state(0xffffffffffffffff, &(0x7f0000000040)='THAWED\x00', 0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)) ptrace$cont(0x1f, r0, 0x0, 0x0) 22:51:45 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() ptrace$setregs(0xf, r0, 0x6, &(0x7f0000000040)="981075a23a8be6b78e41292bca1b98e431e206d45de79183b720c6f6d58277d946d2d5b5025d39682b8d8644d31175b126a2402eb22562542b07b94a8243da08d01f26c596a8") wait4(0x0, 0x0, 0x80000002, 0x0) ioctl$BTRFS_IOC_DEFAULT_SUBVOL(0xffffffffffffffff, 0x40089413, &(0x7f0000000240)=0x8) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x795001, 0x81) ioctl$NBD_SET_SIZE(r1, 0xab02, 0x0) ioctl$sock_inet_SIOCGIFBRDADDR(r1, 0x8919, &(0x7f0000000200)={'bridge_slave_1\x00', {0x2, 0x0, @initdev}}) ptrace$setopts(0x4200, r0, 0x3, 0x7a) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)) ptrace$cont(0x1f, r0, 0x0, 0x0) 22:51:45 executing program 2 (fault-call:3 fault-nth:35): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) 22:51:45 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) mkdirat$cgroup(r2, &(0x7f0000000000)='syz1\x00', 0x1ff) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)) ioctl$USBDEVFS_CLEAR_HALT(0xffffffffffffffff, 0x80045515, &(0x7f0000000040)={0x6}) ptrace$cont(0x1f, r0, 0x0, 0x0) 22:51:45 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x4ffe2, 0x0) [ 2277.617977] FAULT_INJECTION: forcing a failure. [ 2277.617977] name failslab, interval 1, probability 0, space 0, times 0 [ 2277.654497] CPU: 1 PID: 10943 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2277.662439] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2277.671793] Call Trace: [ 2277.674389] dump_stack+0x1b2/0x283 [ 2277.678067] should_fail.cold+0x10a/0x154 [ 2277.682227] should_failslab+0xd6/0x130 [ 2277.686213] kmem_cache_alloc_trace+0x47/0x3d0 [ 2277.690805] sctp_add_bind_addr+0x6c/0x350 [ 2277.695078] sctp_copy_local_addr_list+0x2ae/0x400 [ 2277.700054] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2277.704826] sctp_bind_addr_copy+0xde/0x430 [ 2277.709214] __sctp_connect+0x618/0xbe0 [ 2277.713215] ? sctp_wfree+0x600/0x600 [ 2277.717030] ? lock_sock_nested+0x98/0x100 [ 2277.721274] ? sctp_asconf_mgmt+0x340/0x340 [ 2277.725604] sctp_inet_connect+0x127/0x190 [ 2277.729855] ? sctp_asconf_mgmt+0x340/0x340 [ 2277.734179] SyS_connect+0x1f4/0x240 [ 2277.737892] ? SyS_accept+0x30/0x30 [ 2277.741529] ? fput+0xb/0x140 [ 2277.744662] ? SyS_write+0x14d/0x210 [ 2277.748398] ? SyS_read+0x210/0x210 [ 2277.752031] ? SyS_clock_settime+0x1a0/0x1a0 [ 2277.756445] ? do_syscall_64+0x4c/0x640 [ 2277.760441] ? SyS_accept+0x30/0x30 [ 2277.764161] do_syscall_64+0x1d5/0x640 22:51:46 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newlink={0x40, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r1, 0x400}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @ipip6={{0xb, 0x1, 'ip6tnl\x00'}, {0x8, 0x2, 0x0, 0x1, [@IFLA_IPTUN_COLLECT_METADATA={0x4}]}}}, @IFLA_MASTER={0x8, 0x3, r1}]}, 0x40}}, 0x0) getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x14, &(0x7f0000001480)={@empty, 0x0}, &(0x7f00000014c0)=0x14) getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x14, &(0x7f0000001500)={@ipv4={[], [], @empty}, 0x0}, &(0x7f0000001540)=0x14) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket(0x1, 0x803, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newlink={0x40, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r6, 0x400}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @ipip6={{0xb, 0x1, 'ip6tnl\x00'}, {0x8, 0x2, 0x0, 0x1, [@IFLA_IPTUN_COLLECT_METADATA={0x4}]}}}, @IFLA_MASTER={0x8, 0x3, r6}]}, 0x40}}, 0x0) sendmsg$ETHTOOL_MSG_COALESCE_GET(0xffffffffffffffff, &(0x7f0000001700)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000016c0)={&(0x7f0000001580)={0x130, 0x0, 0x400, 0x70bd2a, 0x25dfdbfe, {}, [@HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_macvtap\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_team\x00'}]}, @HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14}]}, @HEADER={0x38, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan0\x00'}]}, @HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vxcan1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @HEADER={0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_macvtap\x00'}]}, @HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'caif0\x00'}]}]}, 0x130}, 0x1, 0x0, 0x0, 0x20000080}, 0x4000) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)) ptrace$cont(0x1f, r0, 0x0, 0x0) [ 2277.768085] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2277.773274] RIP: 0033:0x45de29 [ 2277.776455] RSP: 002b:00007f99fea89c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2277.784164] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 [ 2277.792153] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 [ 2277.799423] RBP: 00007f99fea89ca0 R08: 0000000000000000 R09: 0000000000000000 [ 2277.807301] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000023 [ 2277.814573] R13: 00007ffe45e906cf R14: 00007f99fea8a9c0 R15: 000000000118bf2c 22:51:46 executing program 2 (fault-call:3 fault-nth:36): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) 22:51:46 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') r4 = socket$inet_udplite(0x2, 0x2, 0x88) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$TIOCSSOFTCAR(r5, 0x541a, &(0x7f0000000000)=0x4) lseek(r3, 0x840, 0x0) [ 2277.945416] FAULT_INJECTION: forcing a failure. [ 2277.945416] name failslab, interval 1, probability 0, space 0, times 0 [ 2277.956957] CPU: 0 PID: 10972 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2277.964848] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2277.974204] Call Trace: [ 2277.976829] dump_stack+0x1b2/0x283 [ 2277.980487] should_fail.cold+0x10a/0x154 [ 2277.984644] should_failslab+0xd6/0x130 [ 2277.988624] kmem_cache_alloc_trace+0x47/0x3d0 [ 2277.993216] sctp_add_bind_addr+0x6c/0x350 [ 2277.997457] sctp_copy_local_addr_list+0x2ae/0x400 [ 2278.002408] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2278.007172] sctp_bind_addr_copy+0xde/0x430 [ 2278.011542] __sctp_connect+0x618/0xbe0 [ 2278.016921] ? sctp_wfree+0x600/0x600 [ 2278.020726] ? lock_sock_nested+0x98/0x100 [ 2278.024972] ? sctp_asconf_mgmt+0x340/0x340 [ 2278.029303] sctp_inet_connect+0x127/0x190 [ 2278.033537] ? sctp_asconf_mgmt+0x340/0x340 [ 2278.037863] SyS_connect+0x1f4/0x240 [ 2278.041579] ? SyS_accept+0x30/0x30 [ 2278.045238] ? fput+0xb/0x140 [ 2278.048343] ? SyS_write+0x14d/0x210 [ 2278.052081] ? SyS_read+0x210/0x210 [ 2278.055712] ? SyS_clock_settime+0x1a0/0x1a0 [ 2278.060137] ? do_syscall_64+0x4c/0x640 [ 2278.064124] ? SyS_accept+0x30/0x30 [ 2278.067789] do_syscall_64+0x1d5/0x640 [ 2278.071707] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2278.076924] RIP: 0033:0x45de29 [ 2278.080112] RSP: 002b:00007f99fea89c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2278.087824] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 22:51:46 executing program 2 (fault-call:3 fault-nth:37): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) [ 2278.095126] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 [ 2278.102398] RBP: 00007f99fea89ca0 R08: 0000000000000000 R09: 0000000000000000 [ 2278.109670] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000024 [ 2278.116943] R13: 00007ffe45e906cf R14: 00007f99fea8a9c0 R15: 000000000118bf2c [ 2278.196402] FAULT_INJECTION: forcing a failure. [ 2278.196402] name failslab, interval 1, probability 0, space 0, times 0 [ 2278.208218] CPU: 0 PID: 10979 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2278.216108] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2278.225487] Call Trace: [ 2278.228081] dump_stack+0x1b2/0x283 [ 2278.231715] should_fail.cold+0x10a/0x154 [ 2278.235870] should_failslab+0xd6/0x130 [ 2278.239841] kmem_cache_alloc_trace+0x47/0x3d0 [ 2278.244429] sctp_add_bind_addr+0x6c/0x350 [ 2278.248674] sctp_copy_local_addr_list+0x2ae/0x400 [ 2278.253610] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2278.258375] sctp_bind_addr_copy+0xde/0x430 [ 2278.262707] __sctp_connect+0x618/0xbe0 [ 2278.266693] ? sctp_wfree+0x600/0x600 [ 2278.271207] ? lock_sock_nested+0x98/0x100 [ 2278.275453] ? sctp_asconf_mgmt+0x340/0x340 [ 2278.279817] sctp_inet_connect+0x127/0x190 [ 2278.284066] ? sctp_asconf_mgmt+0x340/0x340 [ 2278.288396] SyS_connect+0x1f4/0x240 [ 2278.292119] ? SyS_accept+0x30/0x30 [ 2278.295761] ? fput+0xb/0x140 [ 2278.298870] ? SyS_write+0x14d/0x210 [ 2278.302584] ? SyS_read+0x210/0x210 [ 2278.306251] ? SyS_clock_settime+0x1a0/0x1a0 [ 2278.311713] ? do_syscall_64+0x4c/0x640 [ 2278.318565] ? SyS_accept+0x30/0x30 [ 2278.322203] do_syscall_64+0x1d5/0x640 [ 2278.326134] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2278.331364] RIP: 0033:0x45de29 [ 2278.334553] RSP: 002b:00007f99fea89c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2278.342268] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 [ 2278.349541] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 [ 2278.356811] RBP: 00007f99fea89ca0 R08: 0000000000000000 R09: 0000000000000000 [ 2278.364095] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000025 [ 2278.371920] R13: 00007ffe45e906cf R14: 00007f99fea8a9c0 R15: 000000000118bf2c 22:51:46 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x4ffe2, 0x0) 22:51:48 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) ptrace$cont(0x1f, r0, 0x0, 0x0) 22:51:48 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) ioctl$F2FS_IOC_RELEASE_VOLATILE_WRITE(0xffffffffffffffff, 0xf504, 0x0) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r3, 0x840, 0x0) 22:51:48 executing program 2 (fault-call:3 fault-nth:38): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) 22:51:48 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r2, 0x0, r4, 0x0, 0x0, 0x0) [ 2279.989730] FAULT_INJECTION: forcing a failure. [ 2279.989730] name failslab, interval 1, probability 0, space 0, times 0 [ 2280.008383] CPU: 0 PID: 10997 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2280.016415] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2280.025784] Call Trace: [ 2280.028387] dump_stack+0x1b2/0x283 [ 2280.032025] should_fail.cold+0x10a/0x154 [ 2280.036180] should_failslab+0xd6/0x130 [ 2280.040165] kmem_cache_alloc_trace+0x47/0x3d0 [ 2280.044755] sctp_add_bind_addr+0x6c/0x350 [ 2280.049031] sctp_copy_local_addr_list+0x2ae/0x400 [ 2280.053980] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2280.058762] sctp_bind_addr_copy+0xde/0x430 [ 2280.063105] __sctp_connect+0x618/0xbe0 [ 2280.067277] ? sctp_wfree+0x600/0x600 [ 2280.071094] ? lock_sock_nested+0x98/0x100 [ 2280.075349] ? sctp_asconf_mgmt+0x340/0x340 [ 2280.079686] sctp_inet_connect+0x127/0x190 [ 2280.083939] ? sctp_asconf_mgmt+0x340/0x340 [ 2280.088277] SyS_connect+0x1f4/0x240 [ 2280.092015] ? SyS_accept+0x30/0x30 [ 2280.096357] ? fput+0xb/0x140 [ 2280.099472] ? SyS_write+0x14d/0x210 [ 2280.103194] ? SyS_read+0x210/0x210 [ 2280.106831] ? SyS_clock_settime+0x1a0/0x1a0 [ 2280.111248] ? do_syscall_64+0x4c/0x640 [ 2280.116054] ? SyS_accept+0x30/0x30 [ 2280.119697] do_syscall_64+0x1d5/0x640 [ 2280.123603] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2280.128799] RIP: 0033:0x45de29 [ 2280.131991] RSP: 002b:00007f99fea89c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a 22:51:48 executing program 2 (fault-call:3 fault-nth:39): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) [ 2280.139733] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 [ 2280.147132] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 [ 2280.154411] RBP: 00007f99fea89ca0 R08: 0000000000000000 R09: 0000000000000000 [ 2280.161690] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000026 [ 2280.169043] R13: 00007ffe45e906cf R14: 00007f99fea8a9c0 R15: 000000000118bf2c [ 2280.250820] FAULT_INJECTION: forcing a failure. [ 2280.250820] name failslab, interval 1, probability 0, space 0, times 0 [ 2280.264678] CPU: 0 PID: 11008 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2280.272744] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2280.282374] Call Trace: [ 2280.284970] dump_stack+0x1b2/0x283 [ 2280.288611] should_fail.cold+0x10a/0x154 [ 2280.292851] should_failslab+0xd6/0x130 [ 2280.296857] kmem_cache_alloc_trace+0x47/0x3d0 [ 2280.301444] sctp_add_bind_addr+0x6c/0x350 [ 2280.305684] sctp_copy_local_addr_list+0x2ae/0x400 [ 2280.310854] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2280.315624] sctp_bind_addr_copy+0xde/0x430 [ 2280.319954] __sctp_connect+0x618/0xbe0 [ 2280.323942] ? sctp_wfree+0x600/0x600 [ 2280.327767] ? lock_sock_nested+0x98/0x100 [ 2280.332035] ? sctp_asconf_mgmt+0x340/0x340 [ 2280.336368] sctp_inet_connect+0x127/0x190 [ 2280.340603] ? sctp_asconf_mgmt+0x340/0x340 [ 2280.344954] SyS_connect+0x1f4/0x240 [ 2280.348672] ? SyS_accept+0x30/0x30 [ 2280.352310] ? fput+0xb/0x140 [ 2280.355417] ? SyS_write+0x14d/0x210 [ 2280.359479] ? SyS_read+0x210/0x210 [ 2280.363137] ? SyS_clock_settime+0x1a0/0x1a0 [ 2280.367722] ? do_syscall_64+0x4c/0x640 [ 2280.371695] ? SyS_accept+0x30/0x30 [ 2280.375331] do_syscall_64+0x1d5/0x640 [ 2280.379220] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2280.384583] RIP: 0033:0x45de29 [ 2280.387981] RSP: 002b:00007f99fea89c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a 22:51:48 executing program 0: timer_create(0x0, &(0x7f0000000000)={0x0, 0x14, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000040)=0x0) timer_settime(r0, 0x0, &(0x7f0000000180)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) clock_gettime(0x3, &(0x7f0000000280)={0x0, 0x0}) clock_gettime(0x0, &(0x7f0000000080)={0x0, 0x0}) timer_settime(r0, 0x1, &(0x7f0000000100)={{r1, r2+10000000}, {r3, r4+10000000}}, &(0x7f00000001c0)) openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r5 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r5, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r6 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r6, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r7+30000000}, 0x0) openat$bsg(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/bsg\x00', 0x8000, 0x0) r8 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') ioctl$TIOCGISO7816(r8, 0x80285442, &(0x7f0000000240)) lseek(r8, 0x840, 0x0) [ 2280.395697] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 [ 2280.403078] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 [ 2280.410347] RBP: 00007f99fea89ca0 R08: 0000000000000000 R09: 0000000000000000 [ 2280.417818] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000027 [ 2280.425094] R13: 00007ffe45e906cf R14: 00007f99fea8a9c0 R15: 000000000118bf2c 22:51:48 executing program 2 (fault-call:3 fault-nth:40): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) [ 2280.619456] FAULT_INJECTION: forcing a failure. [ 2280.619456] name failslab, interval 1, probability 0, space 0, times 0 [ 2280.630912] CPU: 1 PID: 11016 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2280.638812] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2280.648265] Call Trace: [ 2280.650861] dump_stack+0x1b2/0x283 [ 2280.654501] should_fail.cold+0x10a/0x154 [ 2280.658742] should_failslab+0xd6/0x130 [ 2280.662721] kmem_cache_alloc_trace+0x47/0x3d0 [ 2280.667340] sctp_add_bind_addr+0x6c/0x350 [ 2280.671588] sctp_copy_local_addr_list+0x2ae/0x400 [ 2280.679248] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2280.684285] sctp_bind_addr_copy+0xde/0x430 [ 2280.688628] __sctp_connect+0x618/0xbe0 [ 2280.692622] ? sctp_wfree+0x600/0x600 [ 2280.696436] ? lock_sock_nested+0x98/0x100 [ 2280.700689] ? sctp_asconf_mgmt+0x340/0x340 [ 2280.705041] sctp_inet_connect+0x127/0x190 [ 2280.709284] ? sctp_asconf_mgmt+0x340/0x340 [ 2280.713606] SyS_connect+0x1f4/0x240 [ 2280.717318] ? SyS_accept+0x30/0x30 [ 2280.720950] ? fput+0xb/0x140 [ 2280.724061] ? SyS_write+0x14d/0x210 [ 2280.727772] ? SyS_read+0x210/0x210 [ 2280.731398] ? SyS_clock_settime+0x1a0/0x1a0 [ 2280.735811] ? do_syscall_64+0x4c/0x640 [ 2280.739780] ? SyS_accept+0x30/0x30 [ 2280.743411] do_syscall_64+0x1d5/0x640 [ 2280.747310] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2280.752500] RIP: 0033:0x45de29 [ 2280.755688] RSP: 002b:00007f99fea89c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a 22:51:49 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000000)=[0x7f, 0x20, 0x6, 0x8, 0x5006, 0x5, 0x1, 0xfffffff9, 0x2, 0x80], 0xa, 0x0, 0x0, 0xffffffffffffffff}) write$P9_RFSYNC(r1, &(0x7f0000000080)={0x7, 0x33, 0x1}, 0x7) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)) ptrace$cont(0x1f, r0, 0x0, 0x0) 22:51:49 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r2, 0x0, r4, 0x0, 0x0, 0x0) [ 2280.763396] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 [ 2280.770674] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 [ 2280.777966] RBP: 00007f99fea89ca0 R08: 0000000000000000 R09: 0000000000000000 [ 2280.785240] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000028 [ 2280.792522] R13: 00007ffe45e906cf R14: 00007f99fea8a9c0 R15: 000000000118bf2c 22:51:49 executing program 2 (fault-call:3 fault-nth:41): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) [ 2280.913883] FAULT_INJECTION: forcing a failure. [ 2280.913883] name failslab, interval 1, probability 0, space 0, times 0 [ 2280.937528] CPU: 1 PID: 11026 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2280.946401] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2280.956112] Call Trace: [ 2280.959229] dump_stack+0x1b2/0x283 [ 2280.963995] should_fail.cold+0x10a/0x154 [ 2280.968238] should_failslab+0xd6/0x130 [ 2280.972217] kmem_cache_alloc_trace+0x47/0x3d0 [ 2280.976819] sctp_add_bind_addr+0x6c/0x350 [ 2280.981078] sctp_copy_local_addr_list+0x2ae/0x400 [ 2280.986018] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2280.990790] sctp_bind_addr_copy+0xde/0x430 [ 2280.995125] __sctp_connect+0x618/0xbe0 [ 2280.999108] ? sctp_wfree+0x600/0x600 [ 2281.002912] ? lock_sock_nested+0x98/0x100 [ 2281.008031] ? sctp_asconf_mgmt+0x340/0x340 [ 2281.012354] sctp_inet_connect+0x127/0x190 [ 2281.016594] ? sctp_asconf_mgmt+0x340/0x340 [ 2281.020935] SyS_connect+0x1f4/0x240 [ 2281.024658] ? SyS_accept+0x30/0x30 [ 2281.028299] ? fput+0xb/0x140 [ 2281.031408] ? SyS_write+0x14d/0x210 [ 2281.035136] ? SyS_read+0x210/0x210 [ 2281.038782] ? SyS_clock_settime+0x1a0/0x1a0 [ 2281.043217] ? do_syscall_64+0x4c/0x640 [ 2281.047220] ? SyS_accept+0x30/0x30 [ 2281.050887] do_syscall_64+0x1d5/0x640 [ 2281.054787] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2281.059994] RIP: 0033:0x45de29 [ 2281.063210] RSP: 002b:00007f99fea89c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2281.070924] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 [ 2281.078202] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 [ 2281.085477] RBP: 00007f99fea89ca0 R08: 0000000000000000 R09: 0000000000000000 [ 2281.092754] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000029 [ 2281.100048] R13: 00007ffe45e906cf R14: 00007f99fea8a9c0 R15: 000000000118bf2c 22:51:49 executing program 2 (fault-call:3 fault-nth:42): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) [ 2281.199421] FAULT_INJECTION: forcing a failure. [ 2281.199421] name failslab, interval 1, probability 0, space 0, times 0 [ 2281.217674] CPU: 1 PID: 11039 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2281.225602] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2281.234972] Call Trace: [ 2281.237584] dump_stack+0x1b2/0x283 [ 2281.241227] should_fail.cold+0x10a/0x154 [ 2281.245735] should_failslab+0xd6/0x130 [ 2281.249722] kmem_cache_alloc_trace+0x47/0x3d0 [ 2281.254842] sctp_add_bind_addr+0x6c/0x350 [ 2281.259091] sctp_copy_local_addr_list+0x2ae/0x400 [ 2281.264036] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2281.268817] sctp_bind_addr_copy+0xde/0x430 [ 2281.273145] __sctp_connect+0x618/0xbe0 [ 2281.277129] ? sctp_wfree+0x600/0x600 [ 2281.280930] ? lock_sock_nested+0x98/0x100 [ 2281.285178] ? sctp_asconf_mgmt+0x340/0x340 [ 2281.289501] sctp_inet_connect+0x127/0x190 [ 2281.293735] ? sctp_asconf_mgmt+0x340/0x340 [ 2281.298053] SyS_connect+0x1f4/0x240 [ 2281.302049] ? SyS_accept+0x30/0x30 [ 2281.305682] ? fput+0xb/0x140 [ 2281.308791] ? SyS_write+0x14d/0x210 [ 2281.312504] ? SyS_read+0x210/0x210 [ 2281.316143] ? SyS_clock_settime+0x1a0/0x1a0 [ 2281.320555] ? do_syscall_64+0x4c/0x640 [ 2281.324529] ? SyS_accept+0x30/0x30 [ 2281.328160] do_syscall_64+0x1d5/0x640 [ 2281.332050] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2281.337234] RIP: 0033:0x45de29 [ 2281.340436] RSP: 002b:00007f99fea89c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2281.348163] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 [ 2281.355432] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 [ 2281.362811] RBP: 00007f99fea89ca0 R08: 0000000000000000 R09: 0000000000000000 [ 2281.370887] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000002a [ 2281.378166] R13: 00007ffe45e906cf R14: 00007f99fea8a9c0 R15: 000000000118bf2c 22:51:49 executing program 2 (fault-call:3 fault-nth:43): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) [ 2281.514608] FAULT_INJECTION: forcing a failure. [ 2281.514608] name failslab, interval 1, probability 0, space 0, times 0 [ 2281.541077] CPU: 1 PID: 11045 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2281.549001] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2281.559053] Call Trace: [ 2281.561644] dump_stack+0x1b2/0x283 [ 2281.565274] should_fail.cold+0x10a/0x154 [ 2281.569425] should_failslab+0xd6/0x130 [ 2281.573424] kmem_cache_alloc_trace+0x47/0x3d0 [ 2281.578010] sctp_add_bind_addr+0x6c/0x350 [ 2281.582251] sctp_copy_local_addr_list+0x2ae/0x400 [ 2281.587272] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2281.592038] sctp_bind_addr_copy+0xde/0x430 [ 2281.596366] __sctp_connect+0x618/0xbe0 [ 2281.600372] ? sctp_wfree+0x600/0x600 [ 2281.604175] ? lock_sock_nested+0x98/0x100 [ 2281.608416] ? sctp_asconf_mgmt+0x340/0x340 [ 2281.612733] sctp_inet_connect+0x127/0x190 [ 2281.616963] ? sctp_asconf_mgmt+0x340/0x340 [ 2281.621277] SyS_connect+0x1f4/0x240 [ 2281.624989] ? SyS_accept+0x30/0x30 [ 2281.628631] ? fput+0xb/0x140 [ 2281.631737] ? SyS_write+0x14d/0x210 [ 2281.635450] ? SyS_read+0x210/0x210 [ 2281.639080] ? SyS_clock_settime+0x1a0/0x1a0 [ 2281.643508] ? do_syscall_64+0x4c/0x640 [ 2281.647478] ? SyS_accept+0x30/0x30 [ 2281.651106] do_syscall_64+0x1d5/0x640 [ 2281.654998] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2281.660626] RIP: 0033:0x45de29 [ 2281.663813] RSP: 002b:00007f99fea89c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2281.671615] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 [ 2281.678888] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 [ 2281.686170] RBP: 00007f99fea89ca0 R08: 0000000000000000 R09: 0000000000000000 [ 2281.693460] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000002b [ 2281.701690] R13: 00007ffe45e906cf R14: 00007f99fea8a9c0 R15: 000000000118bf2c 22:51:51 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) ptrace$cont(0x1f, r0, 0x0, 0x0) 22:51:51 executing program 2 (fault-call:3 fault-nth:44): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) 22:51:51 executing program 4: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r2, 0x0, r4, 0x0, 0x0, 0x0) [ 2283.011985] FAULT_INJECTION: forcing a failure. [ 2283.011985] name failslab, interval 1, probability 0, space 0, times 0 [ 2283.028466] CPU: 1 PID: 11056 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2283.036371] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2283.045745] Call Trace: [ 2283.048361] dump_stack+0x1b2/0x283 [ 2283.052275] should_fail.cold+0x10a/0x154 [ 2283.056465] should_failslab+0xd6/0x130 [ 2283.060481] kmem_cache_alloc_trace+0x47/0x3d0 [ 2283.065079] sctp_add_bind_addr+0x6c/0x350 [ 2283.069328] sctp_copy_local_addr_list+0x2ae/0x400 [ 2283.074275] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2283.079072] sctp_bind_addr_copy+0xde/0x430 [ 2283.083413] __sctp_connect+0x618/0xbe0 [ 2283.087403] ? sctp_wfree+0x600/0x600 [ 2283.091209] ? lock_sock_nested+0x98/0x100 [ 2283.095459] ? sctp_asconf_mgmt+0x340/0x340 [ 2283.099789] sctp_inet_connect+0x127/0x190 [ 2283.104037] ? sctp_asconf_mgmt+0x340/0x340 [ 2283.108449] SyS_connect+0x1f4/0x240 [ 2283.112166] ? SyS_accept+0x30/0x30 [ 2283.115824] ? fput+0xb/0x140 [ 2283.118934] ? SyS_write+0x14d/0x210 [ 2283.122651] ? SyS_read+0x210/0x210 [ 2283.126466] ? SyS_clock_settime+0x1a0/0x1a0 [ 2283.130881] ? do_syscall_64+0x4c/0x640 [ 2283.134877] ? SyS_accept+0x30/0x30 [ 2283.138507] do_syscall_64+0x1d5/0x640 [ 2283.142563] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2283.147752] RIP: 0033:0x45de29 [ 2283.150937] RSP: 002b:00007f99fea89c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2283.158669] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 [ 2283.166065] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 [ 2283.173354] RBP: 00007f99fea89ca0 R08: 0000000000000000 R09: 0000000000000000 [ 2283.181153] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000002c [ 2283.188432] R13: 00007ffe45e906cf R14: 00007f99fea8a9c0 R15: 000000000118bf2c 22:51:51 executing program 2 (fault-call:3 fault-nth:45): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) [ 2283.341580] FAULT_INJECTION: forcing a failure. [ 2283.341580] name failslab, interval 1, probability 0, space 0, times 0 [ 2283.367486] CPU: 0 PID: 11064 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2283.375407] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2283.384762] Call Trace: [ 2283.387383] dump_stack+0x1b2/0x283 [ 2283.391017] should_fail.cold+0x10a/0x154 [ 2283.395197] should_failslab+0xd6/0x130 [ 2283.399177] kmem_cache_alloc_trace+0x47/0x3d0 [ 2283.403765] sctp_add_bind_addr+0x6c/0x350 [ 2283.408007] sctp_copy_local_addr_list+0x2ae/0x400 [ 2283.412960] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2283.417727] sctp_bind_addr_copy+0xde/0x430 [ 2283.422195] __sctp_connect+0x618/0xbe0 [ 2283.426187] ? sctp_wfree+0x600/0x600 [ 2283.430004] ? lock_sock_nested+0x98/0x100 [ 2283.434253] ? sctp_asconf_mgmt+0x340/0x340 [ 2283.438587] sctp_inet_connect+0x127/0x190 [ 2283.442826] ? sctp_asconf_mgmt+0x340/0x340 [ 2283.447146] SyS_connect+0x1f4/0x240 [ 2283.450881] ? SyS_accept+0x30/0x30 [ 2283.454515] ? fput+0xb/0x140 [ 2283.457649] ? SyS_write+0x14d/0x210 [ 2283.461365] ? SyS_read+0x210/0x210 [ 2283.464993] ? SyS_clock_settime+0x1a0/0x1a0 [ 2283.469426] ? do_syscall_64+0x4c/0x640 [ 2283.473427] ? SyS_accept+0x30/0x30 [ 2283.477059] do_syscall_64+0x1d5/0x640 [ 2283.480981] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2283.486169] RIP: 0033:0x45de29 [ 2283.489373] RSP: 002b:00007f99fea89c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2283.497114] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 [ 2283.504386] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 [ 2283.511678] RBP: 00007f99fea89ca0 R08: 0000000000000000 R09: 0000000000000000 [ 2283.518949] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000002d [ 2283.526236] R13: 00007ffe45e906cf R14: 00007f99fea8a9c0 R15: 000000000118bf2c 22:51:51 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x2, 0x11, r1, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r3, 0x840, 0x0) 22:51:52 executing program 4: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) sendmsg$NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000000)={0x28, 0x0, 0xcfaeea700fc29f91, 0x0, 0x0, {{0x5}, {@val={0x8, 0x6}, @val={0xc}}}}, 0x28}, 0x1, 0xe}, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000280)={'wlan0\x00', 0x0}) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000)='nl80211\x00') sendmsg$NL80211_CMD_JOIN_MESH(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000480)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="1fda00000000000000004400000008000300", @ANYRES32=r3, @ANYBLOB="aeadd9560610c7ad006bf427e4049e937d23cd198911e265d400a4f6bb56bb1a4b677d9b5318ec2f9e4aff86e197be3479bd9b0e920b25bb1e74a2bb742cc70ce7f5e1fb5b5c24320dec6834ef5826cebb291b748feed58c1c62000f2b41375144bcf8581f98844440f83e0d52ddadc3b0b0afdb8eee44f9141458d429d7fbcd240d3cc07d5f5fc1753232707f2ab127e0f572d7596174f56129d5767900ffd4620ab3a0db7ec16f852e773e1b5a62dec802464489c7a531d4406dea508dcf489371ffbc0200ae3a08ad43542445832e43bf8b0a51cdc510bef35038e803b739a9557bbdf6b95ee901db0a542f652c521a1028fdd68d13bdd0ed4f0304d4d22b51d11e6610d1b6720b74c74c65ad9a0d5dc05ecbaf69550e38e7b167f8173cf92979debb41b08ad61d11606ea7e0cf8e1ded00"/316], 0x28}}, 0x0) sendmsg$NL80211_CMD_GET_INTERFACE(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x42040}, 0xc, &(0x7f00000001c0)={&(0x7f0000000100)={0x1c, 0x0, 0x20, 0x70bd26, 0x25dfdbff, {{}, {@val={0x8, 0x3, r3}, @void}}, [""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000081}, 0x20088005) r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r5, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r6+30000000}, 0x0) r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r7, 0x840, 0x0) 22:51:52 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r1 = semget$private(0x0, 0x1, 0x0) semop(r1, &(0x7f0000000040)=[{0x2, 0x0, 0x1800}, {}], 0x2) semctl$GETVAL(r1, 0x1, 0xc, &(0x7f0000000000)=""/177) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)) ptrace$cont(0x1f, r0, 0x0, 0x0) 22:51:52 executing program 2 (fault-call:3 fault-nth:46): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) [ 2284.004408] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'. [ 2284.086570] FAULT_INJECTION: forcing a failure. [ 2284.086570] name failslab, interval 1, probability 0, space 0, times 0 [ 2284.106710] CPU: 1 PID: 11088 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2284.114612] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2284.123969] Call Trace: [ 2284.126570] dump_stack+0x1b2/0x283 [ 2284.130220] should_fail.cold+0x10a/0x154 [ 2284.135005] should_failslab+0xd6/0x130 [ 2284.138993] kmem_cache_alloc_trace+0x47/0x3d0 [ 2284.143691] sctp_add_bind_addr+0x6c/0x350 [ 2284.149278] sctp_copy_local_addr_list+0x2ae/0x400 [ 2284.154235] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2284.159007] sctp_bind_addr_copy+0xde/0x430 [ 2284.164315] __sctp_connect+0x618/0xbe0 [ 2284.168312] ? sctp_wfree+0x600/0x600 [ 2284.172393] ? lock_sock_nested+0x98/0x100 [ 2284.176700] ? sctp_asconf_mgmt+0x340/0x340 [ 2284.181751] sctp_inet_connect+0x127/0x190 [ 2284.186009] ? sctp_asconf_mgmt+0x340/0x340 [ 2284.190344] SyS_connect+0x1f4/0x240 [ 2284.195112] ? SyS_accept+0x30/0x30 [ 2284.198775] ? fput+0xb/0x140 [ 2284.201885] ? SyS_write+0x14d/0x210 [ 2284.205600] ? SyS_read+0x210/0x210 [ 2284.209226] ? SyS_clock_settime+0x1a0/0x1a0 [ 2284.213637] ? do_syscall_64+0x4c/0x640 [ 2284.217620] ? SyS_accept+0x30/0x30 [ 2284.221257] do_syscall_64+0x1d5/0x640 [ 2284.225153] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2284.230341] RIP: 0033:0x45de29 [ 2284.233526] RSP: 002b:00007f99fea89c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2284.241248] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 [ 2284.248527] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 [ 2284.255896] RBP: 00007f99fea89ca0 R08: 0000000000000000 R09: 0000000000000000 [ 2284.269184] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000002e [ 2284.276478] R13: 00007ffe45e906cf R14: 00007f99fea8a9c0 R15: 000000000118bf2c 22:51:52 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x48, &(0x7f0000000240)=0xd, 0x4) getsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x48, 0x0, &(0x7f00007d0000)) ioctl$sock_bt_cmtp_CMTPCONNADD(0xffffffffffffffff, 0x400443c8, &(0x7f0000000180)={0xffffffffffffffff, 0x7}) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) pipe(&(0x7f0000000000)={0xffffffffffffffff}) r3 = fcntl$dupfd(r2, 0x406, r1) ioctl$KDSKBMODE(r3, 0x4b45, &(0x7f0000000100)=0x4) ioctl$VT_RELDISP(r2, 0x5605) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) clock_gettime(0x5, &(0x7f0000000080)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0)={0x4, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x2}, 0x0, &(0x7f0000000140)={0x1ff, 0x4160, 0x1, 0x101, 0x0, 0x0, 0x0, 0x20}, &(0x7f0000000200)={0x0, r4+30000000}, 0x0) r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r5, 0x840, 0x0) 22:51:52 executing program 2 (fault-call:3 fault-nth:47): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) 22:51:52 executing program 4: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x2, 0x11, r1, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r3, 0x840, 0x0) [ 2284.429807] FAULT_INJECTION: forcing a failure. [ 2284.429807] name failslab, interval 1, probability 0, space 0, times 0 [ 2284.454205] CPU: 0 PID: 11095 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2284.462227] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2284.471606] Call Trace: [ 2284.474220] dump_stack+0x1b2/0x283 [ 2284.477862] should_fail.cold+0x10a/0x154 [ 2284.482026] should_failslab+0xd6/0x130 [ 2284.486012] kmem_cache_alloc_trace+0x47/0x3d0 [ 2284.490603] sctp_add_bind_addr+0x6c/0x350 [ 2284.494852] sctp_copy_local_addr_list+0x2ae/0x400 [ 2284.499790] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2284.504574] sctp_bind_addr_copy+0xde/0x430 [ 2284.508900] __sctp_connect+0x618/0xbe0 [ 2284.512882] ? sctp_wfree+0x600/0x600 [ 2284.516683] ? lock_sock_nested+0x98/0x100 [ 2284.520930] ? sctp_asconf_mgmt+0x340/0x340 [ 2284.525257] sctp_inet_connect+0x127/0x190 [ 2284.529495] ? sctp_asconf_mgmt+0x340/0x340 [ 2284.533811] SyS_connect+0x1f4/0x240 [ 2284.537538] ? SyS_accept+0x30/0x30 [ 2284.541192] ? fput+0xb/0x140 [ 2284.544293] ? SyS_write+0x14d/0x210 [ 2284.548003] ? SyS_read+0x210/0x210 [ 2284.551629] ? SyS_clock_settime+0x1a0/0x1a0 [ 2284.556035] ? do_syscall_64+0x4c/0x640 [ 2284.560003] ? SyS_accept+0x30/0x30 [ 2284.563633] do_syscall_64+0x1d5/0x640 [ 2284.567523] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2284.572709] RIP: 0033:0x45de29 [ 2284.575920] RSP: 002b:00007f99fea89c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2284.584408] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 [ 2284.591691] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 [ 2284.598957] RBP: 00007f99fea89ca0 R08: 0000000000000000 R09: 0000000000000000 [ 2284.606515] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000002f [ 2284.613782] R13: 00007ffe45e906cf R14: 00007f99fea8a9c0 R15: 000000000118bf2c 22:51:52 executing program 4: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x2, 0x11, r1, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r3, 0x840, 0x0) 22:51:54 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) ptrace$cont(0x1f, r0, 0x0, 0x0) 22:51:54 executing program 4: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x0, 0x1, 0x0, 0x40}, 0x10) syz_emit_ethernet(0x52, &(0x7f0000000080)={@local, @multicast, @void, {@ipv4={0x800, @tcp={{0xc, 0x4, 0x0, 0x0, 0x44, 0x0, 0x0, 0x0, 0x6, 0x0, @remote={0xac, 0x14, 0x4}, @local, {[@timestamp_addr={0x44, 0x1c, 0x14, 0x1, 0x0, [{@multicast1}, {@multicast1}, {@broadcast}]}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x6, 0x5}}}}}}, 0x0) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x2, @perf_bp, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x2, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) r2 = syz_open_dev$vcsa(&(0x7f0000001640)='/dev/vcsa#\x00', 0x7, 0x400802) ioctl$SIOCX25SCALLUSERDATA(r2, 0x89e5, &(0x7f0000001680)={0x66, "2828681102983fbbaeb36f13acc7e08b27be331ecfbeee91fc9176b184b320bd261a0adb15216a73c2f8670f6ceaba17aab674879c9d95a7e423299eb6635e4e337ac6fbcc3019a69d5ca76e070552f961fbb7c73fe34a0f2323d38406803fafe5861f901952a92688aec2ef3404122de9aad0c3af9d1073dc80d29425c8f9c9"}) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff, 0x0, 0x0, 0x5, 0x1}, &(0x7f0000000200)={0x0, r3+30000000}, 0x0) syncfs(0xffffffffffffffff) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r4, 0x840, 0x0) set_thread_area(&(0x7f0000000080)={0x96ad669, 0x100000, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1}) 22:51:54 executing program 2 (fault-call:3 fault-nth:48): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) 22:51:54 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x81, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_bp={&(0x7f0000000080), 0x4}, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0xbd}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) getpeername$netrom(r0, &(0x7f0000000240)={{0x3, @null}, [@bcast, @netrom, @bcast, @bcast, @rose, @remote, @rose]}, &(0x7f0000000000)=0x48) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r3, 0x840, 0x0) 22:51:54 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x4) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r3, 0x840, 0x0) [ 2286.080015] FAULT_INJECTION: forcing a failure. [ 2286.080015] name failslab, interval 1, probability 0, space 0, times 0 [ 2286.108623] CPU: 0 PID: 11127 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2286.116538] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2286.125892] Call Trace: [ 2286.128503] dump_stack+0x1b2/0x283 [ 2286.132134] should_fail.cold+0x10a/0x154 [ 2286.136292] should_failslab+0xd6/0x130 [ 2286.140267] kmem_cache_alloc_trace+0x47/0x3d0 [ 2286.145466] sctp_add_bind_addr+0x6c/0x350 [ 2286.152071] sctp_copy_local_addr_list+0x2ae/0x400 [ 2286.157006] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2286.161768] sctp_bind_addr_copy+0xde/0x430 [ 2286.166100] __sctp_connect+0x618/0xbe0 [ 2286.170087] ? sctp_wfree+0x600/0x600 [ 2286.173891] ? lock_sock_nested+0x98/0x100 [ 2286.181927] ? sctp_asconf_mgmt+0x340/0x340 [ 2286.186258] sctp_inet_connect+0x127/0x190 [ 2286.190505] ? sctp_asconf_mgmt+0x340/0x340 [ 2286.194824] SyS_connect+0x1f4/0x240 [ 2286.198549] ? SyS_accept+0x30/0x30 [ 2286.202183] ? fput+0xb/0x140 [ 2286.205288] ? SyS_write+0x14d/0x210 [ 2286.209002] ? SyS_read+0x210/0x210 [ 2286.212628] ? SyS_clock_settime+0x1a0/0x1a0 [ 2286.217075] ? do_syscall_64+0x4c/0x640 [ 2286.221067] ? SyS_accept+0x30/0x30 [ 2286.224694] do_syscall_64+0x1d5/0x640 [ 2286.228584] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2286.233771] RIP: 0033:0x45de29 [ 2286.236966] RSP: 002b:00007f99fea89c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2286.245370] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 [ 2286.253596] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 [ 2286.263844] RBP: 00007f99fea89ca0 R08: 0000000000000000 R09: 0000000000000000 [ 2286.271114] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000030 [ 2286.278386] R13: 00007ffe45e906cf R14: 00007f99fea8a9c0 R15: 000000000118bf2c 22:51:54 executing program 4: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r0, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, &(0x7f0000000000)={0x0, 0x63}, &(0x7f0000000080)=0x8) getsockopt$inet_sctp6_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000100)={r2, 0x7ff, 0x9, 0x1, 0x437df490, 0x200}, &(0x7f00000001c0)=0x14) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r1+30000000}, 0x0) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r3, 0x840, 0x0) 22:51:55 executing program 4: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0)={0x0, 0xffffffffffffffff}, 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') 22:51:55 executing program 2 (fault-call:3 fault-nth:49): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) 22:51:55 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_int(r3, 0x29, 0x48, &(0x7f0000000240)=0xd, 0x4) getsockopt$inet6_int(r3, 0x29, 0x48, 0x0, &(0x7f00007d0000)) ioctl$VIDIOC_TRY_EXT_CTRLS(0xffffffffffffffff, 0xc0205649, &(0x7f0000000080)={0xa30000, 0xa85b, 0x400, r3, 0x0, &(0x7f0000000000)={0xa10905, 0x1, [], @ptr=0x3}}) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r4, 0x840, 0x0) [ 2287.119687] FAULT_INJECTION: forcing a failure. [ 2287.119687] name failslab, interval 1, probability 0, space 0, times 0 [ 2287.151105] CPU: 1 PID: 11156 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2287.159107] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2287.169427] Call Trace: [ 2287.172033] dump_stack+0x1b2/0x283 [ 2287.175670] should_fail.cold+0x10a/0x154 [ 2287.179825] should_failslab+0xd6/0x130 [ 2287.183806] kmem_cache_alloc_trace+0x47/0x3d0 [ 2287.188396] sctp_add_bind_addr+0x6c/0x350 [ 2287.192642] sctp_copy_local_addr_list+0x2ae/0x400 [ 2287.197689] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2287.202475] sctp_bind_addr_copy+0xde/0x430 [ 2287.207600] __sctp_connect+0x618/0xbe0 [ 2287.211596] ? sctp_wfree+0x600/0x600 [ 2287.215422] ? lock_sock_nested+0x98/0x100 [ 2287.221524] ? sctp_asconf_mgmt+0x340/0x340 [ 2287.225857] sctp_inet_connect+0x127/0x190 [ 2287.230110] ? sctp_asconf_mgmt+0x340/0x340 [ 2287.234438] SyS_connect+0x1f4/0x240 [ 2287.238192] ? SyS_accept+0x30/0x30 [ 2287.241832] ? fput+0xb/0x140 [ 2287.244974] ? SyS_write+0x14d/0x210 [ 2287.248725] ? SyS_read+0x210/0x210 [ 2287.252367] ? SyS_clock_settime+0x1a0/0x1a0 [ 2287.256787] ? do_syscall_64+0x4c/0x640 [ 2287.261239] ? SyS_accept+0x30/0x30 [ 2287.264870] do_syscall_64+0x1d5/0x640 [ 2287.268794] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2287.274071] RIP: 0033:0x45de29 [ 2287.277265] RSP: 002b:00007f99fea89c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2287.285172] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 [ 2287.292475] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 [ 2287.299865] RBP: 00007f99fea89ca0 R08: 0000000000000000 R09: 0000000000000000 [ 2287.307165] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000031 22:51:55 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) sendmsg$SMC_PNETID_GET(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000440)={0x44, 0x0, 0x400, 0x60bd26, 0x25dfdbff, {}, [@SMC_PNETID_IBPORT={0x5, 0x4, 0x1}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'ip6tnl0\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x1}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}]}, 0x44}, 0x1, 0x0, 0x0, 0x80}, 0x818) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) r1 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-monitor\x00', 0x80c0, 0x0) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r1, 0x40045542, &(0x7f0000000040)=0x8) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000200)='IPVS\x00') sendmsg$IPVS_CMD_ZERO(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)={0x28, r3, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_SERVICE={0x14, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_AF={0x6, 0x1, 0x2}, @IPVS_SVC_ATTR_FWMARK={0x8}]}]}, 0x28}}, 0x0) sendmsg$IPVS_CMD_NEW_SERVICE(r1, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x2c, r3, 0x200, 0x70bd2c, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x5afb917f}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x7f}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x2}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40000d0}, 0x20048800) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)) ptrace$cont(0x1f, r0, 0x0, 0x0) [ 2287.314709] R13: 00007ffe45e906cf R14: 00007f99fea8a9c0 R15: 000000000118bf2c 22:51:55 executing program 2 (fault-call:3 fault-nth:50): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) [ 2287.433475] FAULT_INJECTION: forcing a failure. [ 2287.433475] name failslab, interval 1, probability 0, space 0, times 0 [ 2287.465926] CPU: 1 PID: 11170 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2287.474104] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2287.483478] Call Trace: [ 2287.486099] dump_stack+0x1b2/0x283 [ 2287.490517] should_fail.cold+0x10a/0x154 [ 2287.494849] should_failslab+0xd6/0x130 [ 2287.498916] kmem_cache_alloc_trace+0x47/0x3d0 [ 2287.503513] sctp_add_bind_addr+0x6c/0x350 [ 2287.507757] sctp_copy_local_addr_list+0x2ae/0x400 [ 2287.512691] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2287.517920] sctp_bind_addr_copy+0xde/0x430 [ 2287.522279] __sctp_connect+0x618/0xbe0 [ 2287.526695] ? sctp_wfree+0x600/0x600 [ 2287.530496] ? lock_sock_nested+0x98/0x100 [ 2287.534749] ? sctp_asconf_mgmt+0x340/0x340 [ 2287.539077] sctp_inet_connect+0x127/0x190 [ 2287.543510] ? sctp_asconf_mgmt+0x340/0x340 [ 2287.547833] SyS_connect+0x1f4/0x240 [ 2287.551548] ? SyS_accept+0x30/0x30 [ 2287.555185] ? fput+0xb/0x140 [ 2287.558292] ? SyS_write+0x14d/0x210 [ 2287.562008] ? SyS_read+0x210/0x210 [ 2287.565637] ? SyS_clock_settime+0x1a0/0x1a0 [ 2287.570048] ? do_syscall_64+0x4c/0x640 [ 2287.574024] ? SyS_accept+0x30/0x30 [ 2287.577655] do_syscall_64+0x1d5/0x640 [ 2287.581577] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2287.586784] RIP: 0033:0x45de29 [ 2287.589986] RSP: 002b:00007f99fea89c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2287.598309] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 [ 2287.605587] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 [ 2287.612890] RBP: 00007f99fea89ca0 R08: 0000000000000000 R09: 0000000000000000 [ 2287.620171] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000032 22:51:55 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() r1 = socket$inet_udplite(0x2, 0x2, 0x88) dup(r1) setsockopt$inet_udp_int(r1, 0x11, 0x65, &(0x7f0000000000)=0x3e2, 0x4) wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)) ptrace$cont(0x1f, r0, 0x0, 0x0) [ 2287.627446] R13: 00007ffe45e906cf R14: 00007f99fea8a9c0 R15: 000000000118bf2c 22:51:57 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) ptrace$cont(0x1f, r0, 0x0, 0x0) 22:51:57 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0xfd, 0x0, 0x0, 0x403, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x7fffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x8) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r3, 0x840, 0x0) 22:51:57 executing program 2 (fault-call:3 fault-nth:51): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) 22:51:57 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) ptrace$cont(0x1f, r0, 0x0, 0x0) [ 2289.114894] FAULT_INJECTION: forcing a failure. [ 2289.114894] name failslab, interval 1, probability 0, space 0, times 0 [ 2289.139437] CPU: 1 PID: 11191 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2289.147353] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2289.156713] Call Trace: [ 2289.159328] dump_stack+0x1b2/0x283 [ 2289.162964] should_fail.cold+0x10a/0x154 [ 2289.167138] should_failslab+0xd6/0x130 [ 2289.171118] kmem_cache_alloc_trace+0x47/0x3d0 [ 2289.175705] sctp_add_bind_addr+0x6c/0x350 [ 2289.179945] sctp_copy_local_addr_list+0x2ae/0x400 [ 2289.184888] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2289.189658] sctp_bind_addr_copy+0xde/0x430 [ 2289.195065] __sctp_connect+0x618/0xbe0 [ 2289.199046] ? sctp_wfree+0x600/0x600 [ 2289.202848] ? lock_sock_nested+0x98/0x100 [ 2289.207099] ? sctp_asconf_mgmt+0x340/0x340 [ 2289.211425] sctp_inet_connect+0x127/0x190 [ 2289.215786] ? sctp_asconf_mgmt+0x340/0x340 [ 2289.220117] SyS_connect+0x1f4/0x240 [ 2289.223832] ? SyS_accept+0x30/0x30 [ 2289.227465] ? fput+0xb/0x140 [ 2289.230573] ? SyS_write+0x14d/0x210 [ 2289.234330] ? SyS_read+0x210/0x210 [ 2289.237958] ? SyS_clock_settime+0x1a0/0x1a0 [ 2289.242370] ? do_syscall_64+0x4c/0x640 [ 2289.246348] ? SyS_accept+0x30/0x30 [ 2289.249980] do_syscall_64+0x1d5/0x640 [ 2289.253905] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2289.259106] RIP: 0033:0x45de29 22:51:57 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$CHAR_RAW_PG(r1, 0x1269, &(0x7f0000000080)={0x9, 0x4, 0x12, &(0x7f0000000000)="3dfffb9ee0bdb8afa6aed6e0a775cea0fd09"}) openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r2 = socket(0x10, 0x3, 0x209) setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x450, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffefffc, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r3, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0)={0x2000000000000, 0x0, 0x3}, 0x0, &(0x7f0000000140)={0x40000001ff, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000000200)={0x0, r4+30000000}, 0x0) r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r5, 0x840, 0x0) [ 2289.262292] RSP: 002b:00007f99fea89c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2289.269997] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 [ 2289.277351] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 [ 2289.284626] RBP: 00007f99fea89ca0 R08: 0000000000000000 R09: 0000000000000000 [ 2289.291912] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000033 [ 2289.299182] R13: 00007ffe45e906cf R14: 00007f99fea8a9c0 R15: 000000000118bf2c 22:51:57 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x11, 0x3, 0x800) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000000)={0x5, 0xfffffff9}, 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x40000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r3, 0x840, 0x0) 22:51:57 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) ptrace$cont(0x1f, r0, 0x0, 0x0) 22:51:57 executing program 2 (fault-call:3 fault-nth:52): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) 22:51:57 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) ptrace$cont(0x1f, r0, 0x0, 0x0) [ 2289.463586] FAULT_INJECTION: forcing a failure. [ 2289.463586] name failslab, interval 1, probability 0, space 0, times 0 [ 2289.501293] CPU: 0 PID: 11210 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2289.509236] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2289.518614] Call Trace: [ 2289.521236] dump_stack+0x1b2/0x283 [ 2289.524876] should_fail.cold+0x10a/0x154 [ 2289.529057] should_failslab+0xd6/0x130 [ 2289.533036] kmem_cache_alloc_trace+0x47/0x3d0 [ 2289.537623] sctp_add_bind_addr+0x6c/0x350 [ 2289.541877] sctp_copy_local_addr_list+0x2ae/0x400 [ 2289.546828] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2289.551627] sctp_bind_addr_copy+0xde/0x430 [ 2289.555980] __sctp_connect+0x618/0xbe0 [ 2289.559964] ? sctp_wfree+0x600/0x600 [ 2289.563773] ? lock_sock_nested+0x98/0x100 [ 2289.568016] ? sctp_asconf_mgmt+0x340/0x340 [ 2289.572363] sctp_inet_connect+0x127/0x190 [ 2289.576604] ? sctp_asconf_mgmt+0x340/0x340 [ 2289.580922] SyS_connect+0x1f4/0x240 [ 2289.584637] ? SyS_accept+0x30/0x30 [ 2289.588265] ? fput+0xb/0x140 [ 2289.591374] ? SyS_write+0x14d/0x210 [ 2289.595088] ? SyS_read+0x210/0x210 [ 2289.598714] ? SyS_clock_settime+0x1a0/0x1a0 [ 2289.603126] ? do_syscall_64+0x4c/0x640 [ 2289.607103] ? SyS_accept+0x30/0x30 [ 2289.610735] do_syscall_64+0x1d5/0x640 [ 2289.614654] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2289.619842] RIP: 0033:0x45de29 [ 2289.623026] RSP: 002b:00007f99fea89c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2289.630736] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 [ 2289.638024] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 [ 2289.645293] RBP: 00007f99fea89ca0 R08: 0000000000000000 R09: 0000000000000000 [ 2289.652564] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000034 [ 2289.659839] R13: 00007ffe45e906cf R14: 00007f99fea8a9c0 R15: 000000000118bf2c 22:51:58 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000000)={0xffffffffffffffff, 0x6, 0x56, 0x4}) ioctl$KVM_SET_XSAVE(r1, 0x5000aea5, &(0x7f0000000200)={[0x1, 0x2, 0x9, 0x46a, 0x101, 0x1, 0x1, 0x3, 0x101, 0x60, 0xfffffffb, 0xa2, 0x6, 0x5, 0x7fffffff, 0x1, 0xf3, 0x3, 0xef1a, 0x6, 0x2, 0x0, 0x2, 0x268af4fa, 0x100, 0xe0000, 0x9, 0xffffb487, 0x0, 0x6, 0xa000, 0x9, 0xfff, 0x0, 0x5, 0x1000, 0x1, 0xfff, 0x1f, 0xed04, 0x1f, 0x90, 0x9, 0x5, 0x1, 0x3, 0x0, 0x3, 0x4, 0x3, 0x6, 0x9, 0x8, 0x1f7, 0xffff0000, 0x0, 0x200, 0x640, 0xfffffffd, 0x10000, 0x8000, 0x3, 0x8001, 0xffff, 0x400, 0x6, 0x5, 0x8000, 0x2, 0x80, 0x63e, 0x2, 0x3, 0xf1e, 0x39, 0x2, 0x7f, 0x3, 0x1, 0x1f, 0x7ff, 0xdbd, 0x0, 0x2, 0x5, 0x40, 0x7, 0xfff, 0x100, 0x8001, 0xf098, 0x8, 0x60, 0x7d6ae6ee, 0x9037, 0x0, 0x4, 0x0, 0x9, 0x2, 0x1000, 0xfff, 0x1ff, 0x6, 0x9, 0x7, 0x400, 0x290c, 0x8, 0x7, 0x1, 0x101, 0xcf7, 0x1ff, 0x1ff, 0xef, 0x4, 0x1, 0x5, 0x3, 0x200, 0x10001, 0x5, 0xbf2c, 0x5e1f, 0xb7, 0x7, 0x6, 0x1, 0x0, 0x8, 0x1ff, 0x3, 0x6, 0x10000, 0x9, 0x3f, 0x1, 0x8, 0x3, 0x0, 0x6, 0xfff, 0x2, 0x9, 0x3ff, 0x4, 0x0, 0x7ff, 0xff, 0x8, 0x6, 0x5, 0x1000, 0x7, 0x7f, 0x7, 0x20, 0xfffffff8, 0x80000001, 0xfff, 0x8000, 0xf4d, 0x7f, 0x2eda, 0x1ff, 0x8001, 0x6, 0x3, 0x5, 0x40, 0x40, 0x9, 0x3ff, 0xff, 0x2, 0x2, 0x6, 0x0, 0x10000, 0xff, 0x1, 0x5, 0x0, 0x796f0a9, 0x40, 0x9, 0xfffffffc, 0x6, 0x6ee, 0x6, 0x22, 0x28b, 0x6, 0x9, 0x3, 0x1, 0x12000, 0x8, 0x6, 0x9, 0xe0c9, 0x4, 0xee, 0x774e, 0xc2, 0x7fffffff, 0x5, 0x1, 0xb4a6, 0x0, 0xfffffffc, 0x180, 0xfaf5, 0x5, 0x20, 0xfffffff9, 0x5, 0xe5a, 0x0, 0x36, 0x80000001, 0x3, 0x4, 0x800, 0x200, 0x200, 0x42a, 0x4, 0xcf, 0x1, 0x1, 0x101, 0x80000001, 0x100, 0x9, 0x3, 0x5, 0x4, 0x0, 0x401, 0xcfe, 0x4, 0x6, 0x20, 0x7fff, 0x9, 0x0, 0x40, 0x0, 0x8000, 0x8, 0x40, 0x1a46, 0x1, 0x0, 0x8, 0x7, 0x401, 0xffffffff, 0x5, 0x6, 0x9, 0x3, 0x2, 0x7, 0x1, 0x2, 0x4, 0x2, 0x6, 0x7fffffff, 0x41e, 0xd6a, 0xffffffff, 0x6a, 0x4, 0x7ff, 0x1, 0x8001, 0x8000, 0xd36, 0x8001, 0x10000, 0x800, 0x1, 0x7, 0x488d, 0x0, 0x34b, 0x2, 0x100, 0x7750b6cd, 0xfffffb23, 0x20, 0x3f, 0x6, 0xe9, 0x6, 0xff, 0x5, 0x400, 0x80000000, 0x4, 0x8, 0x6, 0xfffff801, 0x0, 0x2, 0x4, 0x8, 0x4, 0x0, 0x3, 0x3, 0x1000, 0x1daa0000, 0x7, 0x5, 0x81, 0xff, 0xc7, 0x5, 0x80, 0x400, 0x101, 0xe, 0x1, 0xffffbff0, 0x8000, 0x81, 0x6c, 0x8, 0x6, 0x1f, 0x0, 0x9, 0x100, 0x9, 0x100, 0x0, 0x9, 0x1, 0x5, 0x2, 0x1f, 0x8, 0x3f, 0x2, 0x6, 0xffffffe1, 0x3, 0x7, 0xffff0001, 0x9, 0x68, 0x2, 0x0, 0x8, 0x9, 0x4, 0x87d1, 0x1, 0x20, 0x7, 0x33, 0x7, 0x200, 0xfff, 0x6cd, 0x3, 0x100, 0x7fff, 0x0, 0xffffffc0, 0x8, 0x4, 0xbc, 0x3, 0x7f00, 0x2, 0x8, 0x5, 0x7, 0x7, 0x1000, 0xe0000000, 0x4, 0x101, 0x7, 0x9, 0x8000, 0x1, 0x9d, 0x3, 0x1, 0x6, 0x8000, 0x0, 0x9bac, 0x7c9b, 0x1, 0x800, 0xc4, 0x10000, 0xee54, 0xffffff7f, 0x800, 0x7ff, 0x7f, 0xf46e5798, 0x0, 0x678, 0x14, 0x4, 0x200, 0x7f, 0xa02, 0xe2a6, 0xf7, 0x5, 0x1, 0x8, 0xed, 0x76cad84, 0x3, 0x4, 0xbb4, 0x5, 0x3, 0x8, 0x1, 0x800, 0x7, 0x40, 0x9, 0x83, 0xf6d9, 0x7, 0x34e, 0x6, 0x5, 0x4, 0x0, 0x7, 0x10000, 0xb7, 0x0, 0x6, 0x9, 0x68e8, 0x79bb, 0x4, 0x80000000, 0x8, 0x3ff, 0x7fff, 0x3, 0x6, 0xd6, 0x80000000, 0x6, 0x2c, 0x51dcfb6, 0x0, 0x7ff, 0xd, 0x5, 0x8001, 0xa5, 0x3, 0x9, 0x0, 0x400, 0x20, 0x101, 0x1000, 0xa85b, 0x0, 0xfffffbff, 0x2, 0x2, 0x5, 0x9, 0x3147, 0x0, 0x7, 0x3, 0x1f, 0xfc4, 0x4, 0xc1a2, 0x6, 0x3, 0x7fff, 0x1, 0x3, 0x1f, 0x7c6, 0xff, 0x8, 0x1, 0x32c4, 0x4, 0x5054, 0x0, 0x10000, 0x66, 0x7, 0x3, 0x1, 0x4000, 0xc16b, 0x9, 0x101, 0x5, 0x1, 0x7, 0x6, 0x10000, 0x0, 0x10000, 0x0, 0x2, 0x8, 0x5, 0xffffff3f, 0x8001, 0x7, 0xa035, 0x0, 0x1f, 0x1, 0x7f, 0xc516, 0x2, 0x0, 0x1, 0xffffff7f, 0x7, 0x6, 0x4, 0x1, 0x8, 0x4, 0x85f0, 0x0, 0x8, 0x7, 0xffff, 0x9, 0x9, 0xa1b2, 0x4, 0x1f, 0x167f, 0xf89a, 0x7, 0x6, 0x2, 0x7f0000, 0x6, 0xffff, 0x77, 0x4, 0x0, 0x1e, 0x4, 0x95, 0x1, 0x5, 0x2, 0x2, 0x7fff, 0x3, 0x12000000, 0x2, 0x8, 0x4, 0xfffffbff, 0x6de, 0x7, 0xad1, 0x1, 0xceed, 0x9, 0x3f, 0x4, 0x5, 0x10001, 0x1, 0x0, 0x9, 0x81, 0x95d, 0x4, 0x4, 0xfff, 0x0, 0x3a41, 0x7, 0x3, 0x9, 0x40, 0x4, 0x2, 0x8, 0x81, 0x3ff, 0x303b, 0x2, 0x9, 0x4, 0x7, 0x10001, 0x2, 0x800, 0x5, 0xc8, 0x9, 0xd2f, 0x0, 0xfff, 0x2, 0x7, 0x9, 0x0, 0x40, 0x34, 0x8, 0x1, 0x2, 0x5, 0x9d, 0xfffffff7, 0x9, 0x4, 0x1, 0x2f1d, 0x5, 0x0, 0x1d, 0x800, 0x444b, 0xfffff001, 0x3, 0xc, 0xfffffffd, 0x0, 0xffffffff, 0x99, 0x8, 0x8001, 0x4, 0x3, 0x0, 0xffffbd34, 0x440, 0x3, 0x7fff, 0x0, 0x5328421e, 0x2, 0x1, 0x6cb7fc00, 0x2, 0x88a, 0x7fffffff, 0x10000, 0x9, 0x9, 0x44f4, 0x0, 0x3, 0x1, 0x7, 0x2, 0x4, 0x3, 0x5, 0x2, 0x800, 0x0, 0x3, 0x3, 0x9, 0x5, 0x3, 0x5, 0x3, 0x1f, 0x1, 0x2, 0x0, 0x4, 0x4, 0x10001, 0x5, 0xa678, 0x0, 0x7, 0x8, 0x5, 0x8, 0x8, 0x1, 0x46d94be2, 0x1, 0x9, 0xc20, 0x3, 0xb04e, 0x1000, 0x84, 0xe0000000, 0x8, 0x2, 0x10000, 0xffff, 0x2bae, 0x7, 0x4, 0x7, 0x1, 0x1, 0x42, 0x6, 0xfff, 0x7, 0x7, 0x1fffc000, 0x3, 0xffffffff, 0x3, 0x2f0, 0x9, 0xfffffffe, 0x5, 0x2, 0x9, 0x7c0, 0x5, 0x5, 0x100, 0x2, 0x7ff, 0xa9e, 0x200, 0x7, 0xffffffe0, 0x1, 0x4, 0x9, 0x65, 0x2, 0xad, 0x9, 0x3, 0x7, 0x401, 0x0, 0x101, 0x1, 0x6cdbe24d, 0xffffffff, 0x20, 0x4, 0xc3, 0xf4, 0x441, 0x10000, 0x8, 0x800, 0x3, 0x8000, 0x6, 0xffff, 0x7bca, 0x542c664f, 0x6, 0x6, 0xff, 0x8000, 0x62ff, 0x3, 0x8, 0x327, 0x2, 0xfffffffb, 0xffffffff, 0x2, 0x193, 0x80, 0xad, 0xffff, 0xbe10, 0x7, 0x10000, 0x80, 0x400, 0x4, 0x8, 0x9, 0x81, 0x7fffffff, 0x5, 0x20, 0x6, 0x8, 0x0, 0x4, 0x40, 0x7, 0x9, 0x100, 0x893b, 0x7, 0x80000001, 0x5, 0x1, 0x7, 0x20, 0x9f2, 0x7, 0x1, 0xfffffffa, 0xff, 0x31c, 0x800, 0x0, 0x4, 0x7, 0x264, 0x5, 0x101, 0xfffffffa, 0x7fffffff, 0x4, 0x81, 0x2b, 0x9, 0x1, 0x80000001, 0x0, 0x10001, 0xffffffff, 0x1, 0x6, 0x5a000000, 0x1ad, 0x6, 0x6, 0x0, 0x9, 0x4, 0x7, 0x3, 0x7fff, 0x5, 0x3, 0x0, 0x7, 0x80000001, 0xb15c, 0x8, 0xfffffffa, 0x2, 0x20, 0x1ff000, 0x20, 0x3, 0x1f, 0x9, 0x5, 0xffff, 0x7, 0x1bf3, 0x9af3, 0x0, 0x7, 0x8, 0x4, 0x100, 0x5, 0xe, 0x401, 0x10000, 0x8, 0x40, 0xa472, 0xffff, 0x0, 0x400, 0x100, 0x8, 0x2, 0x0, 0x800, 0x6, 0xfffffffe, 0x0, 0x33f8, 0x1, 0x7a15, 0x0, 0x5, 0x0, 0xfff, 0x281, 0x40, 0x8, 0x9, 0x0, 0x8, 0x1000, 0xc4, 0x3, 0x0, 0xffff, 0x5, 0x0, 0x8, 0x7, 0x200, 0x80, 0x4, 0x161, 0xffff, 0x6, 0x3, 0x4, 0x8, 0x401, 0xfffff000, 0x0, 0xfba6, 0x5, 0x3, 0x2, 0x8, 0x3f, 0x3, 0x7fffffff, 0xfffff171, 0x7fffffff, 0x1ff, 0x5, 0x10000, 0x1, 0x1, 0x9, 0xffffff69, 0xffffff80, 0x8a33, 0x0, 0x6, 0x20000000, 0x0, 0xffff, 0x8, 0x7f, 0x80, 0x6, 0xfff, 0x7, 0x0, 0x7ff, 0x3, 0x300000, 0xfffffffc, 0xc0, 0x1ff, 0x2, 0x3, 0x2, 0xf9c, 0xfe, 0x54, 0x1ff, 0xf5a, 0x2, 0x1, 0x4, 0x8, 0x40, 0x9, 0xcb, 0x1d, 0xff, 0x80, 0x3, 0x42ef, 0x77ef, 0xfffffffd, 0x800, 0x7fff, 0x2a, 0xfffffffd, 0xcb0f, 0x7, 0x7, 0x216c, 0x3, 0x1, 0x3, 0x9, 0x2aa5, 0xffffff40, 0x7, 0x8, 0x3bc, 0x4, 0x6, 0x7ff, 0x8, 0x5, 0x8, 0x314c, 0x2, 0x20, 0x9, 0x5, 0x7ff, 0x80000001]}) getsockopt$IPT_SO_GET_ENTRIES(r1, 0x0, 0x41, &(0x7f0000000040)={'filter\x00', 0x5b, "88d618ea9607a56b4c9825526db1f68676c2a7456486e22fc9a53da5d262f06793a918aa582a461ff404ff03793e3bc9cfe5f3ab52ac0ed6e7c97dc4a326b039f8cb2102dd154a3a5397f4d5bcd6ab7b90945caef0031fc171ea62"}, &(0x7f0000001200)=0x7f) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_int(r2, 0x29, 0x48, &(0x7f0000000240)=0xd, 0x4) getsockopt$inet6_int(r2, 0x29, 0x48, 0x0, &(0x7f00007d0000)) fcntl$setlease(r2, 0x400, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)) ptrace$cont(0x1f, r0, 0x0, 0x0) 22:51:58 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) sendmsg$AUDIT_GET(r0, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x400001}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x10, 0x3e8, 0x800, 0x70bd27, 0x25dfdbfe, "", ["", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x400}, 0x4000) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$EVIOCSABS3F(r4, 0x401845ff, &(0x7f0000000000)={0x9, 0x0, 0xfff, 0x0, 0x0, 0xffff}) r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') openat$vnet(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhost-net\x00', 0x2, 0x0) lseek(r5, 0x840, 0x0) [ 2290.444695] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1000 sclass=netlink_route_socket pid=11228 comm=syz-executor.0 [ 2290.562771] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1000 sclass=netlink_route_socket pid=11228 comm=syz-executor.0 22:51:58 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() r1 = socket$inet_udplite(0x2, 0x2, 0x88) dup(r1) setsockopt$inet_udp_int(r1, 0x11, 0x65, &(0x7f0000000000)=0x3e2, 0x4) wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)) ptrace$cont(0x1f, r0, 0x0, 0x0) 22:51:58 executing program 2 (fault-call:3 fault-nth:53): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) 22:51:58 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) sendmsg$NL80211_CMD_DEL_STATION(r0, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000100)={&(0x7f00000002c0)={0xd8, 0x0, 0x400, 0x70bd26, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x800, 0x7f}}}}, [@NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES={0xae, 0xbe, "d1642c5359f437eac8fc0db7d5b9e2941cb74f433217fa588dac6c2c55ab3207c634430d8ee83ed573db1508990cc2ab494ed56d15b837bc355dd12b2d33137db8e9b85cb8477cf9f59d8f6306b480aa9f7f6f1373640cf531b3419fc793656b45a83651be7ddb8a3e2e2024ec306b6462d143d4e6c707d11db4d2cfa15fe2c95f442b99bbef8f2678cc57dd27f891fd23fa50ffc60a64847f4af3d9e485f0324b8155318071dddb5206"}, @NL80211_ATTR_AIRTIME_WEIGHT={0x6, 0x112, 0xa154}]}, 0xd8}, 0x1, 0x0, 0x0, 0x44001}, 0x4044800) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) clock_gettime(0x0, &(0x7f0000000180)) accept4$unix(r2, &(0x7f0000000240)=@abs, &(0x7f0000000000)=0x6e, 0x0) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff, 0x9, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x400000000000000}, &(0x7f0000000200)={0x0, 0x989680}, 0x0) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r3, 0x840, 0x0) [ 2290.750092] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11244 comm=syz-executor.0 [ 2290.771057] FAULT_INJECTION: forcing a failure. [ 2290.771057] name failslab, interval 1, probability 0, space 0, times 0 [ 2290.801945] CPU: 1 PID: 11240 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2290.809855] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2290.819219] Call Trace: [ 2290.821811] dump_stack+0x1b2/0x283 [ 2290.825445] should_fail.cold+0x10a/0x154 [ 2290.830312] should_failslab+0xd6/0x130 [ 2290.834299] kmem_cache_alloc_trace+0x47/0x3d0 [ 2290.840818] sctp_add_bind_addr+0x6c/0x350 [ 2290.845075] sctp_copy_local_addr_list+0x2ae/0x400 [ 2290.850004] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2290.854774] sctp_bind_addr_copy+0xde/0x430 [ 2290.859105] __sctp_connect+0x618/0xbe0 [ 2290.863091] ? sctp_wfree+0x600/0x600 [ 2290.867672] ? lock_sock_nested+0x98/0x100 [ 2290.871914] ? sctp_asconf_mgmt+0x340/0x340 [ 2290.876236] sctp_inet_connect+0x127/0x190 [ 2290.880481] ? sctp_asconf_mgmt+0x340/0x340 [ 2290.884802] SyS_connect+0x1f4/0x240 [ 2290.888515] ? SyS_accept+0x30/0x30 [ 2290.892143] ? fput+0xb/0x140 [ 2290.895297] ? SyS_write+0x14d/0x210 [ 2290.899031] ? SyS_read+0x210/0x210 [ 2290.902688] ? SyS_clock_settime+0x1a0/0x1a0 [ 2290.907097] ? do_syscall_64+0x4c/0x640 [ 2290.911062] ? SyS_accept+0x30/0x30 [ 2290.914689] do_syscall_64+0x1d5/0x640 [ 2290.918577] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2290.923760] RIP: 0033:0x45de29 [ 2290.926956] RSP: 002b:00007f99fea89c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2290.935444] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 [ 2290.942732] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 [ 2290.950008] RBP: 00007f99fea89ca0 R08: 0000000000000000 R09: 0000000000000000 [ 2290.957280] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000035 [ 2290.964576] R13: 00007ffe45e906cf R14: 00007f99fea8a9c0 R15: 000000000118bf2c [ 2291.000914] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11248 comm=syz-executor.0 22:51:59 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f0000000280)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) sendmsg$TIPC_CMD_GET_LINKS(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x24, 0x0, 0x0, 0x70bd29, 0x25dfdbfd, {{}, {}, {0x8, 0x11, 0x8001}}, ["", "", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x4804}, 0x4000004) socket$inet6(0xa, 0xa, 0x9e89) r2 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_int(r2, 0x29, 0x48, &(0x7f0000000240)=0xd, 0x4) getsockopt$inet6_int(r2, 0x29, 0x48, 0x0, &(0x7f00007d0000)) ioctl$F2FS_IOC_RELEASE_COMPRESS_BLOCKS(r2, 0x8008f512, &(0x7f0000000240)) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r3+30000000}, 0x0) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r4, 0x840, 0x0) 22:51:59 executing program 2 (fault-call:3 fault-nth:54): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) [ 2291.392257] FAULT_INJECTION: forcing a failure. [ 2291.392257] name failslab, interval 1, probability 0, space 0, times 0 [ 2291.411419] CPU: 1 PID: 11254 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2291.420018] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2291.429379] Call Trace: [ 2291.431967] dump_stack+0x1b2/0x283 [ 2291.436127] should_fail.cold+0x10a/0x154 [ 2291.440303] should_failslab+0xd6/0x130 [ 2291.444279] kmem_cache_alloc_trace+0x47/0x3d0 [ 2291.448862] sctp_add_bind_addr+0x6c/0x350 [ 2291.453103] sctp_copy_local_addr_list+0x2ae/0x400 [ 2291.459217] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2291.463983] sctp_bind_addr_copy+0xde/0x430 [ 2291.468322] __sctp_connect+0x618/0xbe0 [ 2291.472305] ? sctp_wfree+0x600/0x600 [ 2291.476143] ? lock_sock_nested+0x98/0x100 [ 2291.480393] ? sctp_asconf_mgmt+0x340/0x340 [ 2291.484717] sctp_inet_connect+0x127/0x190 [ 2291.488959] ? sctp_asconf_mgmt+0x340/0x340 [ 2291.493296] SyS_connect+0x1f4/0x240 [ 2291.497024] ? SyS_accept+0x30/0x30 [ 2291.500747] ? fput+0xb/0x140 [ 2291.503864] ? SyS_write+0x14d/0x210 [ 2291.507570] ? SyS_read+0x210/0x210 [ 2291.511203] ? SyS_clock_settime+0x1a0/0x1a0 [ 2291.515609] ? do_syscall_64+0x4c/0x640 [ 2291.519600] ? SyS_accept+0x30/0x30 [ 2291.523245] do_syscall_64+0x1d5/0x640 [ 2291.527151] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2291.532342] RIP: 0033:0x45de29 [ 2291.535524] RSP: 002b:00007f99fea89c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2291.543236] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 [ 2291.550526] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 [ 2291.557816] RBP: 00007f99fea89ca0 R08: 0000000000000000 R09: 0000000000000000 [ 2291.565096] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000036 [ 2291.572395] R13: 00007ffe45e906cf R14: 00007f99fea8a9c0 R15: 000000000118bf2c 22:52:00 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r2, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) setsockopt$inet_sctp6_SCTP_RECVRCVINFO(r0, 0x84, 0x20, &(0x7f0000000080)=0x1f, 0x4) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r4+30000000}, 0x0) r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') r6 = semget$private(0x0, 0x1, 0x0) semop(r6, &(0x7f0000000040)=[{0x2, 0x0, 0x1800}, {}], 0x2) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) sendmsg$unix(0xffffffffffffffff, &(0x7f0000001440)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0x0, r7}}}], 0x20}, 0x40000) kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r3, &(0x7f0000000100)={r5, r1, 0xfffffff9}) semctl$SETVAL(r6, 0x3, 0x10, &(0x7f0000000000)=0x7f) lseek(r5, 0x840, 0x0) 22:52:00 executing program 2 (fault-call:3 fault-nth:55): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) [ 2292.043522] FAULT_INJECTION: forcing a failure. [ 2292.043522] name failslab, interval 1, probability 0, space 0, times 0 [ 2292.076367] CPU: 1 PID: 11264 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2292.084306] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2292.093666] Call Trace: [ 2292.096269] dump_stack+0x1b2/0x283 [ 2292.099896] should_fail.cold+0x10a/0x154 [ 2292.104070] should_failslab+0xd6/0x130 [ 2292.108040] kmem_cache_alloc_trace+0x47/0x3d0 [ 2292.113328] sctp_add_bind_addr+0x6c/0x350 [ 2292.117571] sctp_copy_local_addr_list+0x2ae/0x400 [ 2292.122508] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2292.127882] sctp_bind_addr_copy+0xde/0x430 [ 2292.132218] __sctp_connect+0x618/0xbe0 [ 2292.136205] ? sctp_wfree+0x600/0x600 [ 2292.140006] ? lock_sock_nested+0x98/0x100 [ 2292.144253] ? sctp_asconf_mgmt+0x340/0x340 [ 2292.148584] sctp_inet_connect+0x127/0x190 [ 2292.152826] ? sctp_asconf_mgmt+0x340/0x340 [ 2292.157171] SyS_connect+0x1f4/0x240 [ 2292.160880] ? SyS_accept+0x30/0x30 [ 2292.164540] ? fput+0xb/0x140 [ 2292.167639] ? SyS_write+0x14d/0x210 [ 2292.171359] ? SyS_read+0x210/0x210 [ 2292.175087] ? SyS_clock_settime+0x1a0/0x1a0 [ 2292.179498] ? do_syscall_64+0x4c/0x640 [ 2292.183484] ? SyS_accept+0x30/0x30 [ 2292.187143] do_syscall_64+0x1d5/0x640 [ 2292.191038] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2292.196233] RIP: 0033:0x45de29 [ 2292.199413] RSP: 002b:00007f99fea89c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2292.207657] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 [ 2292.214924] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 [ 2292.222204] RBP: 00007f99fea89ca0 R08: 0000000000000000 R09: 0000000000000000 [ 2292.229474] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000037 [ 2292.236739] R13: 00007ffe45e906cf R14: 00007f99fea8a9c0 R15: 000000000118bf2c 22:52:00 executing program 2 (fault-call:3 fault-nth:56): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) 22:52:00 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x8}, 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r3, 0x840, 0x0) [ 2292.345363] FAULT_INJECTION: forcing a failure. [ 2292.345363] name failslab, interval 1, probability 0, space 0, times 0 [ 2292.358870] CPU: 1 PID: 11269 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2292.366763] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2292.376121] Call Trace: [ 2292.378717] dump_stack+0x1b2/0x283 [ 2292.382384] should_fail.cold+0x10a/0x154 [ 2292.386538] should_failslab+0xd6/0x130 [ 2292.390515] kmem_cache_alloc_trace+0x47/0x3d0 [ 2292.395102] sctp_add_bind_addr+0x6c/0x350 [ 2292.399352] sctp_copy_local_addr_list+0x2ae/0x400 [ 2292.404291] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2292.409066] sctp_bind_addr_copy+0xde/0x430 [ 2292.413420] __sctp_connect+0x618/0xbe0 [ 2292.417398] ? sctp_wfree+0x600/0x600 [ 2292.421198] ? lock_sock_nested+0x98/0x100 [ 2292.425567] ? sctp_asconf_mgmt+0x340/0x340 [ 2292.429891] sctp_inet_connect+0x127/0x190 [ 2292.434134] ? sctp_asconf_mgmt+0x340/0x340 [ 2292.438455] SyS_connect+0x1f4/0x240 [ 2292.442179] ? SyS_accept+0x30/0x30 [ 2292.445811] ? fput+0xb/0x140 [ 2292.448918] ? SyS_write+0x14d/0x210 [ 2292.452629] ? SyS_read+0x210/0x210 [ 2292.456256] ? SyS_clock_settime+0x1a0/0x1a0 [ 2292.460665] ? do_syscall_64+0x4c/0x640 [ 2292.464658] ? SyS_accept+0x30/0x30 [ 2292.468292] do_syscall_64+0x1d5/0x640 [ 2292.472200] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2292.477391] RIP: 0033:0x45de29 [ 2292.480576] RSP: 002b:00007f99fea89c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2292.488302] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 22:52:00 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) ptrace$cont(0x1f, r0, 0x0, 0x0) [ 2292.495576] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 [ 2292.502934] RBP: 00007f99fea89ca0 R08: 0000000000000000 R09: 0000000000000000 [ 2292.510205] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000038 [ 2292.517478] R13: 00007ffe45e906cf R14: 00007f99fea8a9c0 R15: 000000000118bf2c 22:52:01 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000200)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452da0de316e2b02430a791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fe3833ed92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be02434dc71496e2312415d2c71f47728dcff27789fcb04c9b3d96564410f61535d61bf292578bce6286f7b04f82cab95879", 0x12a}], 0x4, 0x3) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)) ptrace$cont(0x1f, r0, 0x0, 0x0) 22:52:01 executing program 2 (fault-call:3 fault-nth:57): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) [ 2293.458868] FAULT_INJECTION: forcing a failure. [ 2293.458868] name failslab, interval 1, probability 0, space 0, times 0 [ 2293.490537] CPU: 0 PID: 11285 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2293.498544] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2293.507905] Call Trace: [ 2293.510500] dump_stack+0x1b2/0x283 [ 2293.514134] should_fail.cold+0x10a/0x154 [ 2293.518299] should_failslab+0xd6/0x130 [ 2293.523202] kmem_cache_alloc_trace+0x47/0x3d0 [ 2293.529025] sctp_add_bind_addr+0x6c/0x350 [ 2293.533444] sctp_copy_local_addr_list+0x2ae/0x400 [ 2293.538393] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2293.543687] sctp_bind_addr_copy+0xde/0x430 [ 2293.548020] __sctp_connect+0x618/0xbe0 [ 2293.552015] ? sctp_wfree+0x600/0x600 [ 2293.555831] ? lock_sock_nested+0x98/0x100 [ 2293.560077] ? sctp_asconf_mgmt+0x340/0x340 [ 2293.564403] sctp_inet_connect+0x127/0x190 [ 2293.568638] ? sctp_asconf_mgmt+0x340/0x340 [ 2293.572964] SyS_connect+0x1f4/0x240 [ 2293.576675] ? SyS_accept+0x30/0x30 [ 2293.580313] ? fput+0xb/0x140 [ 2293.583421] ? SyS_write+0x14d/0x210 [ 2293.587139] ? SyS_read+0x210/0x210 [ 2293.590766] ? SyS_clock_settime+0x1a0/0x1a0 [ 2293.595176] ? do_syscall_64+0x4c/0x640 [ 2293.599154] ? SyS_accept+0x30/0x30 [ 2293.602803] do_syscall_64+0x1d5/0x640 [ 2293.606694] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2293.611885] RIP: 0033:0x45de29 [ 2293.615070] RSP: 002b:00007f99fea89c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2293.622778] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 [ 2293.632915] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 [ 2293.640186] RBP: 00007f99fea89ca0 R08: 0000000000000000 R09: 0000000000000000 [ 2293.647458] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000039 [ 2293.654729] R13: 00007ffe45e906cf R14: 00007f99fea8a9c0 R15: 000000000118bf2c 22:52:01 executing program 4: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() r1 = socket$inet_udplite(0x2, 0x2, 0x88) dup(r1) setsockopt$inet_udp_int(r1, 0x11, 0x65, &(0x7f0000000000)=0x3e2, 0x4) wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)) ptrace$cont(0x1f, r0, 0x0, 0x0) 22:52:01 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) ptrace$cont(0x1f, r0, 0x0, 0x0) 22:52:01 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext={0x3, 0x3}, 0x0, 0x9, 0x40007, 0x0, 0x0, 0x80000000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x1, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) syz_extract_tcp_res(&(0x7f0000000000), 0x7fff, 0x48b1) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r3, 0x840, 0x0) 22:52:01 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_int(r1, 0x29, 0x48, &(0x7f0000000240)=0xd, 0x4) getsockopt$inet6_int(r1, 0x29, 0x48, 0x0, &(0x7f00007d0000)) getsockopt$IP_VS_SO_GET_VERSION(r1, 0x0, 0x480, &(0x7f0000000000), &(0x7f0000000040)=0x40) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)) ptrace$cont(0x1f, r0, 0x0, 0x0) 22:52:01 executing program 2 (fault-call:3 fault-nth:58): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) [ 2293.816882] FAULT_INJECTION: forcing a failure. [ 2293.816882] name failslab, interval 1, probability 0, space 0, times 0 [ 2293.843876] CPU: 1 PID: 11307 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2293.851800] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2293.861158] Call Trace: [ 2293.863758] dump_stack+0x1b2/0x283 [ 2293.867419] should_fail.cold+0x10a/0x154 [ 2293.871594] should_failslab+0xd6/0x130 [ 2293.875577] kmem_cache_alloc_trace+0x47/0x3d0 [ 2293.880186] sctp_add_bind_addr+0x6c/0x350 [ 2293.884428] sctp_copy_local_addr_list+0x2ae/0x400 [ 2293.889371] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2293.894135] sctp_bind_addr_copy+0xde/0x430 [ 2293.898467] __sctp_connect+0x618/0xbe0 [ 2293.902447] ? sctp_wfree+0x600/0x600 [ 2293.906249] ? lock_sock_nested+0x98/0x100 [ 2293.910497] ? sctp_asconf_mgmt+0x340/0x340 [ 2293.914952] sctp_inet_connect+0x127/0x190 [ 2293.919208] ? sctp_asconf_mgmt+0x340/0x340 [ 2293.924320] SyS_connect+0x1f4/0x240 [ 2293.928043] ? SyS_accept+0x30/0x30 [ 2293.931674] ? fput+0xb/0x140 [ 2293.934777] ? SyS_write+0x14d/0x210 [ 2293.938495] ? SyS_read+0x210/0x210 [ 2293.942124] ? SyS_clock_settime+0x1a0/0x1a0 [ 2293.946558] ? do_syscall_64+0x4c/0x640 [ 2293.950540] ? SyS_accept+0x30/0x30 [ 2293.954168] do_syscall_64+0x1d5/0x640 [ 2293.958090] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2293.963285] RIP: 0033:0x45de29 [ 2293.966481] RSP: 002b:00007f99fea89c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2293.974190] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 [ 2293.982415] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 [ 2293.989703] RBP: 00007f99fea89ca0 R08: 0000000000000000 R09: 0000000000000000 [ 2293.996979] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000003a [ 2294.004255] R13: 00007ffe45e906cf R14: 00007f99fea8a9c0 R15: 000000000118bf2c 22:52:02 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/cache_bypass\x00', 0x2, 0x0) ioctl$SNDCTL_DSP_GETTRIGGER(r3, 0x80045010, &(0x7f0000000080)) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r4, 0x840, 0x0) 22:52:02 executing program 2 (fault-call:3 fault-nth:59): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) [ 2294.279532] FAULT_INJECTION: forcing a failure. [ 2294.279532] name failslab, interval 1, probability 0, space 0, times 0 [ 2294.302927] CPU: 1 PID: 11325 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2294.311383] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2294.320755] Call Trace: [ 2294.323344] dump_stack+0x1b2/0x283 [ 2294.326970] should_fail.cold+0x10a/0x154 [ 2294.331214] should_failslab+0xd6/0x130 [ 2294.335186] kmem_cache_alloc_trace+0x47/0x3d0 [ 2294.339786] sctp_add_bind_addr+0x6c/0x350 [ 2294.344109] sctp_copy_local_addr_list+0x2ae/0x400 [ 2294.349039] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2294.354880] sctp_bind_addr_copy+0xde/0x430 [ 2294.359735] __sctp_connect+0x618/0xbe0 [ 2294.363826] ? sctp_wfree+0x600/0x600 [ 2294.367629] ? lock_sock_nested+0x98/0x100 [ 2294.371877] ? sctp_asconf_mgmt+0x340/0x340 [ 2294.376224] sctp_inet_connect+0x127/0x190 [ 2294.380464] ? sctp_asconf_mgmt+0x340/0x340 [ 2294.384783] SyS_connect+0x1f4/0x240 [ 2294.388588] ? SyS_accept+0x30/0x30 [ 2294.392215] ? fput+0xb/0x140 [ 2294.395347] ? SyS_write+0x14d/0x210 [ 2294.399144] ? SyS_read+0x210/0x210 [ 2294.402770] ? SyS_clock_settime+0x1a0/0x1a0 [ 2294.407178] ? do_syscall_64+0x4c/0x640 [ 2294.411158] ? SyS_accept+0x30/0x30 [ 2294.415912] do_syscall_64+0x1d5/0x640 [ 2294.419827] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2294.425014] RIP: 0033:0x45de29 [ 2294.428207] RSP: 002b:00007f99fea89c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2294.435919] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 [ 2294.443625] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 [ 2294.450894] RBP: 00007f99fea89ca0 R08: 0000000000000000 R09: 0000000000000000 [ 2294.458171] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000003b [ 2294.465458] R13: 00007ffe45e906cf R14: 00007f99fea8a9c0 R15: 000000000118bf2c 22:52:02 executing program 2 (fault-call:3 fault-nth:60): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) 22:52:02 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x8, 0x0, 0x7ffe) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x6, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r3, 0x840, 0x0) 22:52:03 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) ioctl$SNDRV_PCM_IOCTL_READN_FRAMES(0xffffffffffffffff, 0x80184153, &(0x7f0000000100)={0x0, &(0x7f0000000080)=[&(0x7f0000000280)="8e107b3d328c00f7ed76c9ce756f340dd458cf0dd2327f89e3ef6962ff18dce83c82fb304726d03b197387931a1d5920a30b0c4328de83069e8746caa94751f53f2a469ce0e8a4a178aa5e5f5c71fe336f8507407ffc7d4118684e4c413ee0c9fd9a678795a8b7c2deefa9e5c37bbdbc8d11f23b007241db3b6d29ed54b2f5e06e8d89f02cfb2bd86a3dae7d27246e3ec8b1f2188f1295e639"]}) r1 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_int(r1, 0x29, 0x48, &(0x7f0000000240)=0xd, 0x4) getsockopt$inet6_int(r1, 0x29, 0x48, 0x0, &(0x7f00007d0000)) ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(r1, 0x8982, &(0x7f0000000000)={0x1, 'wg2\x00', {}, 0x3}) socket$inet_udp(0x2, 0x2, 0x0) r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r2, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r3+30000000}, 0x0) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r4, 0x840, 0x0) [ 2294.741107] FAULT_INJECTION: forcing a failure. [ 2294.741107] name failslab, interval 1, probability 0, space 0, times 0 [ 2294.757609] CPU: 0 PID: 11333 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2294.765520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2294.775049] Call Trace: [ 2294.777641] dump_stack+0x1b2/0x283 [ 2294.781301] should_fail.cold+0x10a/0x154 [ 2294.785477] should_failslab+0xd6/0x130 [ 2294.789466] kmem_cache_alloc_trace+0x47/0x3d0 [ 2294.794085] sctp_add_bind_addr+0x6c/0x350 [ 2294.798323] sctp_copy_local_addr_list+0x2ae/0x400 [ 2294.803282] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2294.808332] sctp_bind_addr_copy+0xde/0x430 [ 2294.812668] __sctp_connect+0x618/0xbe0 [ 2294.816654] ? sctp_wfree+0x600/0x600 [ 2294.820455] ? lock_sock_nested+0x98/0x100 [ 2294.824705] ? sctp_asconf_mgmt+0x340/0x340 [ 2294.829034] sctp_inet_connect+0x127/0x190 [ 2294.833276] ? sctp_asconf_mgmt+0x340/0x340 [ 2294.837598] SyS_connect+0x1f4/0x240 [ 2294.841329] ? SyS_accept+0x30/0x30 [ 2294.844964] ? fput+0xb/0x140 [ 2294.848103] ? SyS_write+0x14d/0x210 [ 2294.851816] ? SyS_read+0x210/0x210 [ 2294.855476] ? SyS_clock_settime+0x1a0/0x1a0 [ 2294.859889] ? do_syscall_64+0x4c/0x640 [ 2294.863862] ? SyS_accept+0x30/0x30 [ 2294.867499] do_syscall_64+0x1d5/0x640 [ 2294.871400] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2294.876590] RIP: 0033:0x45de29 [ 2294.879798] RSP: 002b:00007f99fea89c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a 22:52:03 executing program 2 (fault-call:3 fault-nth:61): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) [ 2294.887522] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 [ 2294.894796] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 [ 2294.906755] RBP: 00007f99fea89ca0 R08: 0000000000000000 R09: 0000000000000000 [ 2294.914032] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000003c [ 2294.921419] R13: 00007ffe45e906cf R14: 00007f99fea8a9c0 R15: 000000000118bf2c [ 2295.013019] FAULT_INJECTION: forcing a failure. [ 2295.013019] name failslab, interval 1, probability 0, space 0, times 0 [ 2295.028233] CPU: 1 PID: 11342 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2295.037353] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2295.046804] Call Trace: [ 2295.049424] dump_stack+0x1b2/0x283 [ 2295.053101] should_fail.cold+0x10a/0x154 [ 2295.057291] should_failslab+0xd6/0x130 [ 2295.061275] kmem_cache_alloc_trace+0x47/0x3d0 [ 2295.065868] sctp_add_bind_addr+0x6c/0x350 [ 2295.070379] sctp_copy_local_addr_list+0x2ae/0x400 [ 2295.075319] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2295.080090] sctp_bind_addr_copy+0xde/0x430 [ 2295.084422] __sctp_connect+0x618/0xbe0 [ 2295.088507] ? sctp_wfree+0x600/0x600 [ 2295.092340] ? lock_sock_nested+0x98/0x100 [ 2295.096601] ? sctp_asconf_mgmt+0x340/0x340 [ 2295.100946] sctp_inet_connect+0x127/0x190 [ 2295.105212] ? sctp_asconf_mgmt+0x340/0x340 [ 2295.109533] SyS_connect+0x1f4/0x240 [ 2295.113682] ? SyS_accept+0x30/0x30 [ 2295.117317] ? fput+0xb/0x140 [ 2295.120437] ? SyS_write+0x14d/0x210 [ 2295.124164] ? SyS_read+0x210/0x210 [ 2295.128155] ? SyS_clock_settime+0x1a0/0x1a0 [ 2295.132575] ? do_syscall_64+0x4c/0x640 [ 2295.139452] ? SyS_accept+0x30/0x30 [ 2295.143108] do_syscall_64+0x1d5/0x640 [ 2295.147009] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2295.152204] RIP: 0033:0x45de29 22:52:03 executing program 2 (fault-call:3 fault-nth:62): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) [ 2295.159211] RSP: 002b:00007f99fea89c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2295.166956] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 [ 2295.174250] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 [ 2295.181551] RBP: 00007f99fea89ca0 R08: 0000000000000000 R09: 0000000000000000 [ 2295.188845] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000003d [ 2295.196820] R13: 00007ffe45e906cf R14: 00007f99fea8a9c0 R15: 000000000118bf2c [ 2295.257381] FAULT_INJECTION: forcing a failure. [ 2295.257381] name failslab, interval 1, probability 0, space 0, times 0 [ 2295.273338] CPU: 1 PID: 11347 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2295.281322] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2295.290674] Call Trace: [ 2295.293268] dump_stack+0x1b2/0x283 [ 2295.296914] should_fail.cold+0x10a/0x154 [ 2295.301105] should_failslab+0xd6/0x130 [ 2295.305079] kmem_cache_alloc_trace+0x47/0x3d0 [ 2295.309663] sctp_add_bind_addr+0x6c/0x350 [ 2295.313919] sctp_copy_local_addr_list+0x2ae/0x400 [ 2295.318847] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2295.323606] sctp_bind_addr_copy+0xde/0x430 [ 2295.327932] __sctp_connect+0x618/0xbe0 [ 2295.332866] ? sctp_wfree+0x600/0x600 [ 2295.336670] ? lock_sock_nested+0x98/0x100 [ 2295.340915] ? sctp_asconf_mgmt+0x340/0x340 [ 2295.345266] sctp_inet_connect+0x127/0x190 [ 2295.349521] ? sctp_asconf_mgmt+0x340/0x340 [ 2295.353841] SyS_connect+0x1f4/0x240 [ 2295.357553] ? SyS_accept+0x30/0x30 [ 2295.361183] ? fput+0xb/0x140 [ 2295.364287] ? SyS_write+0x14d/0x210 [ 2295.368002] ? SyS_read+0x210/0x210 [ 2295.371632] ? SyS_clock_settime+0x1a0/0x1a0 [ 2295.376048] ? do_syscall_64+0x4c/0x640 [ 2295.380016] ? SyS_accept+0x30/0x30 [ 2295.383640] do_syscall_64+0x1d5/0x640 [ 2295.387532] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2295.392717] RIP: 0033:0x45de29 [ 2295.395901] RSP: 002b:00007f99fea89c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2295.403630] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 [ 2295.410899] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 [ 2295.418171] RBP: 00007f99fea89ca0 R08: 0000000000000000 R09: 0000000000000000 [ 2295.425439] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000003e [ 2295.432707] R13: 00007ffe45e906cf R14: 00007f99fea8a9c0 R15: 000000000118bf2c 22:52:05 executing program 4: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r2, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) setsockopt$inet_sctp6_SCTP_RECVRCVINFO(r0, 0x84, 0x20, &(0x7f0000000080)=0x1f, 0x4) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r4+30000000}, 0x0) r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') r6 = semget$private(0x0, 0x1, 0x0) semop(r6, &(0x7f0000000040)=[{0x2, 0x0, 0x1800}, {}], 0x2) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) sendmsg$unix(0xffffffffffffffff, &(0x7f0000001440)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0x0, r7}}}], 0x20}, 0x40000) kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r3, &(0x7f0000000100)={r5, r1, 0xfffffff9}) semctl$SETVAL(r6, 0x3, 0x10, &(0x7f0000000000)=0x7f) lseek(r5, 0x840, 0x0) 22:52:05 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) ptrace$cont(0x1f, r0, 0x0, 0x0) 22:52:05 executing program 2 (fault-call:3 fault-nth:63): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) 22:52:05 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) read$fb(0xffffffffffffffff, &(0x7f0000000000)=""/157, 0x9d) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)) ptrace$cont(0x1f, r0, 0x0, 0x0) 22:52:05 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f00000039c0)={'wg1\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000003a00)={@empty, @private2={0xfc, 0x2, [], 0x1}, @mcast1, 0x6, 0x6, 0xfff, 0x400, 0x4, 0x2400000, r4}) lseek(r3, 0x840, 0x0) 22:52:05 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) ptrace$cont(0x1f, r0, 0x0, 0x0) [ 2296.860249] FAULT_INJECTION: forcing a failure. [ 2296.860249] name failslab, interval 1, probability 0, space 0, times 0 [ 2296.892109] CPU: 0 PID: 11356 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2296.900026] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2296.909381] Call Trace: [ 2296.911969] dump_stack+0x1b2/0x283 [ 2296.915602] should_fail.cold+0x10a/0x154 [ 2296.920071] should_failslab+0xd6/0x130 [ 2296.924057] kmem_cache_alloc_trace+0x47/0x3d0 [ 2296.928646] sctp_add_bind_addr+0x6c/0x350 [ 2296.933411] sctp_copy_local_addr_list+0x2ae/0x400 [ 2296.938382] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2296.943167] sctp_bind_addr_copy+0xde/0x430 [ 2296.947526] __sctp_connect+0x618/0xbe0 [ 2296.951540] ? sctp_wfree+0x600/0x600 [ 2296.955350] ? lock_sock_nested+0x98/0x100 [ 2296.959603] ? sctp_asconf_mgmt+0x340/0x340 [ 2296.965582] sctp_inet_connect+0x127/0x190 [ 2296.969824] ? sctp_asconf_mgmt+0x340/0x340 [ 2296.974153] SyS_connect+0x1f4/0x240 [ 2296.978652] ? SyS_accept+0x30/0x30 [ 2296.982288] ? fput+0xb/0x140 [ 2296.985395] ? SyS_write+0x14d/0x210 [ 2296.989108] ? SyS_read+0x210/0x210 [ 2296.992736] ? SyS_clock_settime+0x1a0/0x1a0 [ 2296.997176] ? do_syscall_64+0x4c/0x640 [ 2297.001149] ? SyS_accept+0x30/0x30 [ 2297.005775] do_syscall_64+0x1d5/0x640 [ 2297.009673] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2297.014866] RIP: 0033:0x45de29 [ 2297.018053] RSP: 002b:00007f99fea89c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2297.025964] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 [ 2297.033246] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 [ 2297.040522] RBP: 00007f99fea89ca0 R08: 0000000000000000 R09: 0000000000000000 [ 2297.047800] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000003f [ 2297.057335] R13: 00007ffe45e906cf R14: 00007f99fea8a9c0 R15: 000000000118bf2c 22:52:05 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) ptrace$cont(0x1f, r0, 0x0, 0x0) 22:52:05 executing program 2 (fault-call:3 fault-nth:64): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) 22:52:05 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x5d7c}, 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, @perf_bp={&(0x7f0000000000), 0x1}, 0x0, 0x3, 0x0, 0x0, 0x0, 0xffff7fff}, 0x0, 0x200000, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r3+30000000}, 0x0) fcntl$getownex(r2, 0x10, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = getpid() r6 = socket$netlink(0x10, 0x3, 0x0) getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) sendmsg$unix(r4, &(0x7f0000001440)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=[@cred={{0x1c, 0x1, 0x2, {r5, 0x0, r7}}}], 0x20}, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)) r8 = syz_open_procfs(0x0, &(0x7f00000001c0)='pagemap\x00') lseek(r8, 0x840, 0x0) 22:52:05 executing program 4: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r2, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) setsockopt$inet_sctp6_SCTP_RECVRCVINFO(r0, 0x84, 0x20, &(0x7f0000000080)=0x1f, 0x4) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r4+30000000}, 0x0) r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') r6 = semget$private(0x0, 0x1, 0x0) semop(r6, &(0x7f0000000040)=[{0x2, 0x0, 0x1800}, {}], 0x2) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) sendmsg$unix(0xffffffffffffffff, &(0x7f0000001440)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0x0, r7}}}], 0x20}, 0x40000) kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r3, &(0x7f0000000100)={r5, r1, 0xfffffff9}) semctl$SETVAL(r6, 0x3, 0x10, &(0x7f0000000000)=0x7f) lseek(r5, 0x840, 0x0) 22:52:05 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(0x0, 0x3c) ptrace$cont(0x18, 0x0, 0x0, 0x0) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) ptrace$cont(0x1f, 0x0, 0x0, 0x0) 22:52:05 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(0x0, 0x3c) ptrace$cont(0x18, 0x0, 0x0, 0x0) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) ptrace$cont(0x1f, 0x0, 0x0, 0x0) 22:52:05 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, 0x0, 0x0, 0x0) tkill(0x0, 0x3c) ptrace$cont(0x18, 0x0, 0x0, 0x0) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) ptrace$cont(0x1f, 0x0, 0x0, 0x0) [ 2297.233251] FAULT_INJECTION: forcing a failure. [ 2297.233251] name failslab, interval 1, probability 0, space 0, times 0 22:52:05 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) ptrace$cont(0x1f, r0, 0x0, 0x0) [ 2297.277117] CPU: 0 PID: 11389 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2297.285041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2297.294426] Call Trace: [ 2297.297027] dump_stack+0x1b2/0x283 [ 2297.301526] should_fail.cold+0x10a/0x154 [ 2297.305678] should_failslab+0xd6/0x130 [ 2297.309660] kmem_cache_alloc_trace+0x47/0x3d0 [ 2297.314250] sctp_add_bind_addr+0x6c/0x350 [ 2297.318492] sctp_copy_local_addr_list+0x2ae/0x400 22:52:05 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) ptrace$cont(0x1f, r0, 0x0, 0x0) [ 2297.323429] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2297.328198] sctp_bind_addr_copy+0xde/0x430 [ 2297.332526] __sctp_connect+0x618/0xbe0 [ 2297.336511] ? sctp_wfree+0x600/0x600 [ 2297.340321] ? lock_sock_nested+0x98/0x100 [ 2297.344569] ? sctp_asconf_mgmt+0x340/0x340 [ 2297.348894] sctp_inet_connect+0x127/0x190 [ 2297.353138] ? sctp_asconf_mgmt+0x340/0x340 [ 2297.357552] SyS_connect+0x1f4/0x240 [ 2297.361272] ? SyS_accept+0x30/0x30 [ 2297.364904] ? fput+0xb/0x140 [ 2297.368011] ? SyS_write+0x14d/0x210 [ 2297.371727] ? SyS_read+0x210/0x210 [ 2297.375877] ? SyS_clock_settime+0x1a0/0x1a0 [ 2297.380294] ? do_syscall_64+0x4c/0x640 [ 2297.384269] ? SyS_accept+0x30/0x30 [ 2297.387899] do_syscall_64+0x1d5/0x640 [ 2297.391792] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2297.397934] RIP: 0033:0x45de29 [ 2297.401123] RSP: 002b:00007f99fea89c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2297.408865] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 [ 2297.416135] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 [ 2297.423407] RBP: 00007f99fea89ca0 R08: 0000000000000000 R09: 0000000000000000 [ 2297.430685] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000040 [ 2297.437964] R13: 00007ffe45e906cf R14: 00007f99fea8a9c0 R15: 000000000118bf2c 22:52:08 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) ptrace$cont(0x1f, r0, 0x0, 0x0) 22:52:08 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) chroot(&(0x7f0000000000)='./file0\x00') socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) write$FUSE_WRITE(0xffffffffffffffff, &(0x7f0000000080)={0x18, 0x0, 0x0, {0x4}}, 0x18) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r3, 0x840, 0x0) 22:52:08 executing program 2 (fault-call:3 fault-nth:65): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) 22:52:08 executing program 4: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r2, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) setsockopt$inet_sctp6_SCTP_RECVRCVINFO(r0, 0x84, 0x20, &(0x7f0000000080)=0x1f, 0x4) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r4+30000000}, 0x0) r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') r6 = semget$private(0x0, 0x1, 0x0) semop(r6, &(0x7f0000000040)=[{0x2, 0x0, 0x1800}, {}], 0x2) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) sendmsg$unix(0xffffffffffffffff, &(0x7f0000001440)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0x0, r7}}}], 0x20}, 0x40000) kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, 0x0, 0x7, r3, &(0x7f0000000100)={r5, r1, 0xfffffff9}) semctl$SETVAL(r6, 0x3, 0x10, &(0x7f0000000000)=0x7f) lseek(r5, 0x840, 0x0) 22:52:08 executing program 5: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f000007df80)={0x0, 0x0, "7ef385b299a90adae65c1b3ba3b95f3349d4f9bf3ca628813f892d2276e1decd298d0fb12f551ec4dc1df8b7cd4865a0925050380120cd9397bb74b892b5c74b57a88357caa54aa6702fde97436be5b200346a7c828f594e7b60b7c9e6a84d790415b4ee21d4b079edf95cf080d4d3a06045373ea6141d18bfa19c5c13a88819229878f19d76bb0b4b02a84fdf9b30291a97c29cab738840ace80ab8957c56514370fef9c146602793f5a030fb04c9c88e9501d5683eb23ce27efab0ac6d11d7f934f52b76beb97d5f668a1f07936a9bd49c8523ade938c8f13363461e5c26c82ac3008a5a16a4c6ebb16d96946134d06618d97bcee582892492831edeb36524", "84072bb87cc0659a50695030f4ed9d50ec0d4aa5a66f0192ad5bba0e51fed7fd5e8a909c531bbeb95c62f313f99818d9e29c9190d06218179379201bf88ce35dcce6f7cc16376470727da75788a235e19b34d5e3c66f8d6b55feecf48c7090d02ab08996b68af7852054d1adbd10a2bcc33406641a7482d4a80b392d17c4df4642d44c3324a9472d1f963a39f4187c5dc247121951a5c7207d3fdb8054f627654f2052f3771d577c5afd1f3ee0a3c265a56c2b6b8d866c38e716adc34acbff9e6836535cf24df98eb66a53fd5d751bdc90c3b945313251ee9f1c0cf2cce6c20c5ff515af8c7f43c54a51a8d8f55c83fe4b584f37eb54a8766eadc5e1d740988a5cef08a10315e69e7ba910fa928079daaa4510bccef1957ad9b0e959dfe4c60e2a0f30b7d2eb24696fa7f3f5821654e8f0211d6c672046545161f1d69025fb0cdc46eb9441fc0a4b09104557123ff0df6a0c7f83798cb724b46beaafd67b27e77b453eb0ca238ac90e0f5d1f3e6169500dd1d80bd63fb819fb01339fd64b1f53eb1952cb41386d3aa1f170dac06814184863a1dfcbe01d00bfd45d85919c9cd4286892b98a81845f63e8248e808961a3e7df79a06ed8d52062034a9842f558b087791da45886e25db9bce94e238f023d447d546b1c94ea55a15ef26d1ff5ed0d7a077fc59133daa0ce3b4d350d64a85fb8d37d555c7589fb5ac7a7f91c665a7dbf92b976cbe0f4d87172768e6f6c416ef29aa24584820f974ae9bae8f3c776a45168fe8d1c347cb4826d1b842d7c6ae9bb1447f9a8064f6b87cbcdbc1f4616de4306c5e357198edce8b295c13ca9ff76dbc2c974b8d37f2829bc756aa91c7475e695c5fb44df26078d049cdf9c74cc14f4c6ebe520ccb53825c81daf1e165ec8db9d6d2c2794f8147cef142c37ef2401f07ca9232d594f01b4c20c6866a3c6e0fe3f2fb8173051907d672ce628c67e3708fd4c592817ecda5d4fddb1fe115a8c5471752f2b655ef57534b008a8e4b11ce48ede3719db5b8b68f3e9011203d5441290b0791464c109ecdc98e7859c53b0548d21d16b585358dfa9bba12c34c9f77f0bc6f573b3f2e4f97905879ddecc00eaeafd46fc3719dcee1f36c0596e0aaaa546f795927d10c6019de6175d0fa406680aae2fbf6d231cd18e60e86aef89caded1c3d478eccb99bd2fa3c318a2446237923eb137ff90fc8aae936c01d5335c66e464cd8a9f71fad13ab708eb22f71ebaf65193edd95900b8775d7cc36282f623257dbdd1453524df19bd9fc573fe4eeaf809d54c6de849756dc5a55233fc0148db11eb1f37a55811fa191fa8568330ed7dc3a944ce5405fc6816026250aef97d47ae167cb3e1fbe9bb6f1c136862675d2c7c4c6ee47e5af6a9d48754c7389c353759206f8615fc7cd9cdaa69261b1ea8b4707c5a326481dd49622a8321707b19e647ab52efb7b64104383b2a8ed8b1d6f8ac34cd48d355e74312487df58e537a078e56cddf95d398d76d5a505bac4f27f9b1132a7cd3b225f40b060d4b1c1e0de8d03f639a0ef1571ec46d4c134f429d5b271f4a01e726616529c029732003f4f10809912cd8026e003d02d9434326f6092ae94f9a36bce48c22aacf61c74887b9846dc7698edc6ed3fb8af82e4b3e0a6b1e26c420b0bcefacd5dde6dc514155b0db61efdb4ad1fb0a2e024f52aad8c31250cabf9e60ce148764c33b1dcb6ac6b27907896bd6e20a9947b3762e64a2bf682ccee232eb06c4066a8e3272313d04cb58a4e066f9fb490bd60b7678c92819df5a8779be88c9be8942334e3007195dd86c87acabc3e2e90a308af00159797965406fc33ec915061eb6374d841b2c234c28d7992c3d498a984cba2d2e1173e2583ea731286afec682d9805d26a0bedfd873c677eb85c08fbddb90a261fc70ac2eb93b97b6f2ee9b13bff1a2160bce4d64509ad23ce5e0a067edc69ef6730aeef1370541ab08c721a5c19671e4ede96cee9fbc6660603859caa380b97368305335e843dbeb855f6acebb667a82f92a0fce4096128fba6dec9370ee802a3e89d4936113617fd7d4808e7730d882ae10bc27dfda6930993109cb8f50e5323b8661174566e1e36c8e5968150b15f92588c73d26fd131857cb2082a62f0130c11b350ea0a511c8b06e680fb1283f737a12042aca79bf1f169ac3d8a8ea8ad161f4972182b15601b1c04aff0c92da9efbd6c0277cbd23a439b2d0753ac99fafec7859a09896bc188634f25e1fa08265ca47ab3b78ad2e4625e7d7932c42a7784449735054cef9dc6d6309f1e85fb213dc1657f3da0c2a4f6d33f3d34fea7f7ac8e2c7f9981ee2a691cd24b2af6abc2d49ed117d4805e4d67ea19f8fff11f21e3315e21e01c9393a13852c65d1b1ccd592761923744cdeeadcdd7d2f3c0879cac4978536ed8a98fab61bd316539961a02e327add9df340398146d4bd9151741ca9a51ae6102f759fec7dbd2b765fb2ad7bc33fe5850dd06fbfda6255f30e3a613730f4e664ea1dc4d44778f55f8d0b537216cb11708f805b9aab799711007ae94b3e2455f589181fee2b21289be307553c27a611280b1d2ce3bc5992b283c13f41bb3fedf65fef0fabfeb93a036d3bd1ecf044b24479fdb513d040c86a96194c8ee42605c2f26bb710e37019c77b73ae92a221e0d80179bcbe566d3a7cd8610c8c567b97639d4bf3647352a90b9c6f9aa7ec2fefd1324a20ef1b65716ddc98cea02c464f24792d4fd44523780f5c3792dd13ed56e579b4bffaa24308f57413c8463fa5d25e0c02d1d878f03d20de1f859911fbd6d0c0c67edb5682c0ddf28fd5aa1c24b2e2df9e4900a2eb9553033662051693b9a3778fd5d8464861ac30d21addcef8282861f856cf2aa91ebb6e90338c47fe347d767ad832c0dae8e3e0b74add46aa2d25d10f582f1a3af1c8ea8329fa076503305ebab251f7f7b179811643db9d3feb780aef89ba3d246e9dc87de7c809f966ea097747dacb80606a059dfced22ffe5575642ad247cdff1f1a909935e930ff17f81128251d4bc1804514dd4a22ac3a4912e022b7c09567acd57775de34c7df854864285a634e98d73ab4b5b13008cc7868d4bd154e27a8411ef4163154c67bffd53c05236acd850bbb6d57cdb50644124de55222304942b67a887f0de9e327fdf885c7005cb4b3f289f59e767600b94f4b367584b0009312a991fd9c2bc996cb7c7b51deaa032eaa745216a77e8349582ddb2a25b05ab1a1378066590f6f16d74074bd5334d59e526353854ca127decbe157131f305d72e824580e57c57244720650b909e04d7cc423c062cce14ee7632a5fea7300f236e102b2e91071b82c5f84879ae641d92177cd72ab417bcef5d5008ce4b8e52c1dfed76581013b9336f75d8b1dc589d13f1f16c9254d182e8047b98a100ae72fc57fc0ca789fb493cecb0af5ae6e7d69c09fe8e96b818223974574495ee83606fedfaae7c384c57b2d14183435fa194aae41b2a3bd0473c512ab2690ad036a6c6a0cc2e65681efd303c429e9b1478903e1004c9b413465a35961d2a7cc0e4577557db973a00d49650dcc63fd35674b171760dc367c005090bbee6e4168a620e184247ded8fe7e643e1a0e379dad459e0da18e27414da435c94f7a77d8244d248a79c446bad166c5e84ead85944d8876c5b420121a2b02a0090626bfae0c338a9a2bcf799f0b4261ce92eec27bd6ee7971cf9fe3460c5fff43ab26f19f49d80e3b4d850d0bb7fb16f06cd4cbe0000c693aa5bfa5c03557bde659418431e1f7938edbdc75958d5c37861963354bf2f7a52476d9125083263a35b4f69f3815230c4539d27b765ec21288247ece8b70ba03c0daf298ab695a4c3c0a27833067db81869c8e24be9a63572dd1acc4eb5ba4f2bfcaf119030892e1a1c26a45ca181ece0b0c677b269760c4528a1c60af23f5cee4e80227f34d01605ed76a11102739ee3683664f267c0c6dc90811a6374c363b5fd3f81c5bb44fe2a663f86459c0b2d9ca754a161720ebd7b5a9d8d6e7ddef9963b2191d2d2232715add0114dde04e91a7ef4d3febdde79c0dc0cddcdc99ac65744171f1e316f477f65070a164d6dc99938548a548d602516db7b272c6d39632f36283be61d6c97902af8246fdd405e497bdea408a3c8d7b0507be4c14cfe6ce5fd117e2a164a14baeb8be61dd7b011b1434a107a4579ea9ff2dfd704d9d32b624c211fc308d1bb16fd92d4c1a1ac27be3ae504ba8be228ebbb1e3d9608904ee73780821798f1d4c5ba96a4dc599cea14abbd799a3fe51cece5171c42bb2eebad70a9bfe343fba9a38aacfb24e328365bbde967e5f40a4b432a05aad70b2bce4d351ada2206eb95e987b721c776df3fddb2b025e8479b17f1ee8019478d251f0eacf3eff295e7a216dd2d35596cc3464f03f4a531e01b9824e201cd46b5291bf08b5b2b500f1e7f35bf3a5e4673ea7c4a7bc2049ef617b329105880d4eaa75e93b22ac89f2ed0ccca1e72e8a9613f720abb8a83e8fc79bb1c7b0351693854aca98b8cf056b8ddd97812cc66d58475980f92f4ab7eee3c570de9c7a3938cbf473eab317e7130457e154261e9cb926ab6e03aacf1db42ca30c1e44a50e4c2783fd21a2531081ff7c09e7fc3614bb571c93c94fed9eaed6c7a365bedfb540bd3ff31723ce281cca398683c4f1aada4fbe33f4a986115df65142beb6795b220936433fae7742e8b98ce1be59238a154c34428061756b3c84c5e62f44405d781c60b2c7cd450566175b5342882ecbac96a05dfd524b65968a22cdab8a3383788c9a194df2663ea01f62185ab9322dfca440c7426e05d9310c5fb0fb6d99dd309e790797a0d87bfe3e4321968969e2ce0083405f8638c3a9dec5c27579bd166886ac5bd3c4d5d660c139f68fc9c413f7e117f2bae5f7bae3532aeb574f09a20604adcec16b202ecde25abcc14f3edf10146588f832585fbe1655c5980798e46f4f589fd0876831f37da5a6bca08aa2e2510b1bba0ce3dd4d0e7a8110a5494ae4a1257c65e1328e025022755c2420bc3142d85327b92b727fba7339b480343f470c05e2f505a6b69e79a8c11ceb039475e58419f18ff91f000b484793a23383141a3aa7ba8882effb59d0218f9a9205f747beaa6d9f66e903b7e629a5b34d597d9b51786798507fa451245b787a3d81b6fbf156f8e370c67e45d494b8b466a3dfb8881319f0102548ea6af72b6d89114a249b553399fe5df5b0be620a971de2b420f16e0f9e85612224ff329549ce54e29deb9d9a1d17f4d81a448716ab9e2f6589a11fa76d9af8acca4685defd3370e1adc9548ae2b510904915ebc2495d8c8a85fea1aaa4bc4b4dcae3f6acc7922ff86770045779c5f7f98f2f6c56f1b71d272c1ca3d389114f6b2ba5fc"}) ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f000007ef80)={0x0, 0x0, "975c1a2110a975bbdd41f336e24041c0becfd28d3c972bd9ca1772676db0ce134b95b3c74dd0464fb687845f6cbd06a12c8b31a62fa02adc588179f79e041ef2278737a36e984dc7f4b5eed56e3e01934ec5f6d30b7fb970acdb3cd59b47cb5a35673b8f5a97261f3905d80ef742ab1afb6626af622583be71d9c0410847b92ae5c0612ee313ec0c3bac140973ca55a365f8b6524d227ea8effa401a17656ada8a8141a59a895c015b70a41c65747f8494e622b95cfefd200795f971ee9f54ad503f4b228b181e84e888c9fc40d676fe48d29a52bf71a2793ab18134be7deff5b21582935421b897fbcf933093ea940e743f6a8c3449bf339e4a4420eba3fab9", "28a98fe33b6843e60705bc186925dd912ea085994f87fc0295f724ad741421e20b2375d392d3553a642f4bf554e7f1b0ad9fa4acfda131f5efcca1732c5736a6f78f471a0f95ccafd673fab2d08c0fe23416260ef069635e93f819bf2fdabe7322110d64065bb2931fd7e3303c0460b51c3f32343c6e4fe1e00e45e6a8064dc51f857d2638440b1e2fa1dcac564aaee074ce8f94cac975fb5e6b35c7258f666c392395a6b090cc4623741b0149eb3a87c171cc97b7f21fcdb83ea16a70b1ab65d60e72579a50cb45507543f50643904b4a885e60922257f61e4998294c8532bdf0df0ab59b673fcd2e6105a274fe6e0ba28adc16367ffd947348d7fab25242268c28622e096b4ae5c0cfb2953f0768390b94575578823daf14fe538c0605dda8188811fbfa395cef59f46b8a5af288620380063816366f19de2da5a6dda6b784300f9690333fa22facaee4e741534f07ff4a3efa9cd7fb09c4626611492ca631f2dd8ce1ec325d9a41d439da7dfeac4cafba3de72e1dcd1a00cfa5f67cd1b82702ec8582eac3f3ae4d9d15e6123437f4f5c0af597ebabe03bd34bfcfd4dd82514e0d1c57897fb74a6a9c6dc815ea863a78b9dd06538ccca1e16a3f7636b126c9e25998ecd0bdcb2dc4fbeabb65d6d85bc7fb9131c973100d4e972e6ddac6a4bf2f5e746b9b3e366069e99f3b8f443c850b125eb2a595a85ae593cbe02df54014a52be7de71a62419f9e7c75c8f9874fc838a2582369e64bbd4602360e57f528ac424b3db3e004b39f0eb7452d4d8a03068892a8a36abbb90aed6e4613c6f741cb725399e33e5c9a0acc8c2b41a1d1044b87aceca2f7d83c21b50a99d0d2fe578b18e2e7a62e0bd030f807acf3627bdd5d17877dc69e835f2916581aeef9fe1b770258ed0ba8358324a4cc5f9dd6d8266c6a79982231cb8e37bee11413d49da2f833cdabeef4b6a9576b7e68f5ce3c0b668751c0dc0ecde4b43835c9ca3d45ea84c861de361061feb78c59b7c7a97674209148dd45b1f9eab3c09e293c2b39bf8e04521ca76d4923fae2b4484b888a6198ebff23f34103a95cc9eb0c4cbf6b176a8a1b90e4271dbcbce019415cb677c018571c29ed09073dd589b52370e3bfd4a0af6e2bfd201e4b531185529a475ca9d13238446fe95f76a838814c0d707969110723fc5f17679e9f1b3795860aa7a16a6933b6f1e31793ce884c274065d439d6c1aa8d8357a634491cde5e8a57568f10d08e4a6fda08fd201620d81d514d0d65de2747215c5d78ee7fdefdca07702e438775ea4062a9c3660f0f2a3a095f2b3755d38ccc1c64c65925fd652958d50da79c2367796eb542ef7ddc82fbc0315b394f457083f1e861f1f7c5ed99b4f210d63896d4c012f2120bb1ebb174e33be692e8e9778974fceec4952f0f4c7faa890b8909fa08434d84f736dfa18623adaf527aa177bbeec5ba4323a67c6af51312a2f85a70d9b0f12bd350e77cbc6f1315f5a1d5e935c9cbe38d84356b80de796c5459b27ab33e20f334d5f8530f04935fafb878e1f8535f5605323c4a405148ca2a46e25e45b9ad15f7dbd94a64ea0be20428d71ad16424b7324b0e1510d7a59c728929ddf779a3638a4b42eca67f7002d16c0e422a748da7fbd76b4e25a76443860886caa1dd0568665cc5e2b4c1593b90971159289cfcb49fe22a40dc0b1daaa2d44276749458867b53bfde3817b060168a73d995753ef63af72adff577ad8e62b0cd0c0f074111884a12a4d787c079133f15a28cf59616c6c80179985d1998510c711bb954f324adb5a942e3da1292ccc934e8febefc94f075afd56fc22f1426a43b7d7689d379e288ed60a9b0dfa7db04d690913bbfb8b82d18bf2622d343b73e7f1b9b3fa47fb41bad6196ca9e0770a67669d80c522bd5e91e33eb99663c3b9eec6c330bfcac2ff04e78f9ab78a35435d7d685537659f6012d25f0ecba14491052c423e891fa40e76e7f08c0ac563bd0b526fe05b4f6750faded240329513509b06e3b79eb35e08d2378ce9f00754ab9f4d5e2197ba4839df25bed6c72c3a4d45e033c3030cb3cec097ab6a034e46c5d61c5ce1ad8a1a359a24a258ea6d130a4d4e3a3ae625f1c6bcf48313275035c99f7ee686c803f816737dcbc57a613f09919560526c8fc15c5f23b72e77840fe34894d381e2b5c5a9b1ac29bc8e7ca3ee030ae47a401dc12ccf8aba5911d58536c24cf6f6efbc561b8668715abc1b5d071d996a3834dbb7a93ee8d925219762ca0b60880882e6904d32af9e13143a9907aa08ebd15815962b59aa4679938c8a6ed06a85af8b63fdfc67cb97e1cbe1b9baea6a197868f49baed7dd9951402afb61f09888defdc2f7e8652ff5d823d00bffe4b78552f08f9dc6d62ace1b752c909bdebb8b18adfe0781cc763da07693abc3d084a9f8f2f63705cd85745f95e76ec8bef3f6760f773164b012a425c3ca77d962b593f618e52fcf63658b9a591783d4ef6ff5831466e2687b9e4ef95860b1bd35499cb6dc4e68c5749fcae158346bb11f231f301db68de4016ce3680921b1530aafde19094a6a01a6942ea5c290e44a2c9d62386aa4cc33dacfe13431f7009207833c6b070740f845d4e0ee614e4e4e614668c39aa14837c1d76eaabfa7a72adcc6f5d83bccc1eae161ed3f3d40062c5639f3da9ba81cf029afa6686ad5f6ce25a8d222e72a8b8bd37167a4db49910623f47ed473f3776c39c940c7857b9ee353a94c8325f903b2be7f9b9eb89ada726581384b74aeee2eaa14e3657e39e57f62a1eb4ae370fe0c695b11f42aabd6094139dae05e92574ad72d933f00d97973f401328095b386a74ba09faeeb2788832bd296ef467f3529ad35a5be2f6d671fdbd2279337736eb4a007883e01ac0b500b946b3471258848ea3376910d9381b19253e7233dd1854e7bacd7e7b750e7886f67918ba3237f052549ed1812d69b319866d7495d5b6b89275de2088467c19f10ed09056e001db47511995b50a158e0e4c198d5535cfea75b7806e52ece8af0beaf47d78d017673970b1d7bbbe02f0a373bb434f75cd4ec7ae309b73ef00cb91b1c9ec1df3e4512f345cb24bf3850af9f8e2cb3b02b9cb65513ef615ee845a943dbb2ce69b64636615c93afd851a2847a505391610bda47d9f08e77f109a7b5e9e85177aee06d65d8003cddd5e466c1745ab142d5fa402e27707fd46afc3b690c7ddf30428d9bebd64078c27ef6276c3ab124867ee3460c537c511beabf0846da66ead5923ef43b2bdda8ffd1ac70dcd5b48d5d2aa92a56cd5f920b797c5b40a589c9f69a6e3535601fd29bb22f29493d035ea970d3f2e36ab0e3472f96aa8aa18ee9ecaf40c3e62876573a693624f6e9aca3e653d7c592543ff2f28fbb53770304f2b68be040ff143ee10f07e02195a09dc95122f8021d07c5b0df0ca02b5ba899731ed8c490aebb5c173aaf3e82133c5788a5c920368be7d4332d730d87b2f50852c754f8635d8ec3bdae080513226f39b4ee9b2ba028974e9cd0efdf7df8be6e2aee397dfc03f67f59f84de8d8cd5ebc0b39a23a6b40d73fa4182767eb8ab5f22f25364d667af86837044f08e08e1358000529463f5a6b72de315d59698dee73fc99356d12f02137e2d054cf3f6be8c6b1cd46904b5d973dd1d3aaa8b6b215af94ebef81f30283619f93e5f2f05041d70a5eaa201581d600cebec23ab3551cd3f3a429a6fca019106e12b497b5855dc921205f1ef564eeb0b458e77486308b54e0150bdc1fb0c6cad10086116de5caeb272f88112ebcaceb26995fee6891fd31286d74a2fd2766f5dec2b6a8d2c4c180e2d179434db80c9e659ca170de9200455df6a5e7d4ac9d813084cfcbed6c748edea52352a0bed694a9ec7c93f6d2d1b61141ef119e3834b4ca58b11feab53372a2224b0e6a77e7ff3797e859a1f3eafc7dea77e74d5f85a364645178168b19e2a5df50d203bc8de7c996ed95b22369c5276abb707da0b7fe21b782ffdee3dd41045da50fb4ebe1afaed3d9fc852853393d60aeb3f6245ed31ba7b711692a0cc7f269e530b01b730235098f205cfcce21084ceb460cecc14fc34db4eaa7ee06405a72886fb3501d6a2c59d2bddd8fec479fb35f545a214197af860558515ce418b20bbe3632ec0f59d64a7ce151126f93e2c19dbe468fdb7f86d8c98938a6955bdb9940678568d8493c0e5860337452ab6c92123d2a752e63d8ced2c667c83fa42cb0cd6b7a29eb8f73bf402242f17066456a866452b4fdb8a4b0cd9e28966f9b07333af12ea6fde494d7f9dc7a924fa7907be6dcbc25d3ff3ae7d66b6dde4b72a2470aae733433b9d0d772d82a0c936ba9f9d7b33091804b96d29c00b7215d1eb4c2965c9914ef53cf119600f89c5208303edba113aa6b3aa7fcbcb1cae4e45f73df9a19f3cd6403ec420ea39c1f1c3cec28b74caaa883ab07851270ae6f55cf2631932aa0775fa08020a61e77956103da90df9a60d488ff3a81291128c5559e15e544abb2f15e136a5a2ebb0a670b7903a18db239b64eaeecbb3d6c3292ea79f18ce1b3401d8faa3e49137cde547a880005403d089e79475cf0a50de6903e74ccccb107a21926e3bbc04359f6f21d20ba388dec1b41f3bd8ff9d0ad080ddd9895ce7bb421ffa02352049f362f25c898087cd53718959bdca74a7fcba13c1232780abe3495c8c4389cdc57b5fe6d24a868482fdf5a10b5633da0a260459e9a7210cd4c787207262938126592d389d86f5fa3d33495cdc9baac803181b52b0ef42b7c4c4518faaaa2d290555ea4b4e06249ebc7e7797970c8673dba252eb502c11b3cfbba0838904d41f51ac49318357c39e2a210cb577580570320850155d666617f9f9386428336d3147daf397cff93fec3983acf10c57abb226b98e5172efee3e9d13dcdacb983b87cdb996800b3f2c6ddd2ee9f016c52f7f234ba6ae495d5fa8874f38d2509a6a02fae829dd2d7dd272c200b28e3b0d56ac01895b6db0bcf2c786ebfd92b9aca070bdb21c077a0bf59328dc244fc7e27fc1c8dd8dcc581a43149e45ba0f0dfd8ea00abb240f3e77fc58a48e9a9c42c9d076fa3bf7e3d12505936b3a909469f29237dc3e552b604e0dc96329e2d6fc0cbda05b18e284224e0a29a9402db92b25e91a55dab1304d29f6f1258086bebfae589a9fbc23cef2683a954993a1cac32419fd916e431c220abbbf2f02c4c8984261fddf6d2e6f136e93ed03f3b25bbab4492ee031822535e07a43d20b23ef17d2a328fc547931edb727398dd8c073313b1bcc9c508b801531b269a367ce65157c008caec8a08becfda2459087365ffa2ed739e10ab4fcce87065d923d5c715244427c940d748f370edc26cd7d3fc87f61a30997c23fcc2540f71b92ba77527d9878645780db4"}) ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f000007ff80)={0x0, 0x0, "c98f0e91427e67b44c7692ea02d0a8e85d4ac99ab29b5ecc88e622ceeafd032f23f42accf22f4e9aae574b539dcd9213d07a3ce1b4f0db2d5d78d2ad98766f59a81171fee826374ba92e46eed1302496c2e15ef93060988fcbd934f34bd1106fe1423a5b83cc343179076a623473b2bc39856fc95cbf60968d1205d408ee7558c4c36fb84431488983f08338ade9934fbb88ee6afc7480255d3b80560578fc7bee77eff4bdbac36e5721543fb4779e98b6238f80a23e3a09bcc66ad4cbda7ffaf094231200263249ef056da9174a4cf858a5787a5347866eb05ba7a7e3c201b23d9b32613b2bc037f842f7f8532faa910462dee10d679db76f1f2986cf4c279e", "0350c22c480a1d65141203c0d86b7712ab641a5c8fe06d82bbceb2a512a976df7f75bd6b8a45f6a5fcfa85c70b3bfe16eb4493eea8cd3c1990501cf58e305e5219a635940c7741d3729e774f595954c4b2f2d0a6fcd6f217f0b2fecd2b0565a0dc3743b1f1c57f823d39ebfb34eda5288c1287ac11c8aba698d1f43f8cc2eb14970c809f03302215e067bb4c07fe226f83bd17d0b89bdcf9ef24a7ce1df8b74b2b5a23f72a7af7769d0338b99c55055b20b6de667f61484da1c8389ebd75acf67572d92779d9fc028f8f771f12e9f3ad45665e2dd78610b7ab9b94757f881ded0c992fbafa078ee8aedbf773be7b03a4ea628e46e6d22ebede4aabefb35cf1ece69fdd42c21078928f85713a9a3cc05118d0393292212ef32c293747e7a2ab4e5a9ed5071efcb7407f42c5cdd5ab2599dc41caccdc44709e1b23d30c4d50b30bcb9635253be4b309f964f7d9669ec9ca7f70f3b73e7efd2ecd8cd6b318e867e606305a84f27368dc19c05ae62a76ce005278950f39d7e84d6d3a3d1a1e2918711abb60225b6814ff446564080f07ffccc888e7aefc7b02cfad57d614f5186f2057aaf4637ae6e1cacb1f493e91fe57b07c8bf2b2c303aeeac16f14a79ade8f61dfedeb0fe087ccaa81147af5d843e5755234d26fb48bded10a7d04cfe4d559acf177afe8b0c70a4965942fe430077688e9801a55183588e5ed26d77262356af761a526fd9e08266d7355e844a6d7eb718f24d9e6ff897a4c5e69046c2a2f60d3523f028222978ed80a77762f9f8d1b26a2a12544b87aa35f234144770a71dd86d5070202c41f3c69f24ace6510af2e95193234ec955a0d39d8458b95890c67cc1b419d3bc25ce31140d14dae1e8ffa134b218ce96460f523aacc666d8fa1554e750fe42055307de448f20148561c3f03b5adaa09ef9782a44f605bf3386e591872fe1df4253e4f756d24a62f6e4adc22132750f0396cfed27dc9ec7444f79f33e8bf3de3784286eb23ac6a489440061b73679afcd88c2d647c765407b8c3577d82d3d4d69fd6a1be38c5ca0ccd0645dd6a094767838cc1f96e0d634cdce753a1e20c7844cf0fab25e825e074c767918bae3f0ba55fe655c836acf4a6ba52cd60e4684c52c0fb8b0adbd58917551edca63ab16cd909324f3a739fecf5b7bd7a27bfd25c204b4762523a1ab502f20e15c8e9634ee8d4f3de1ab39d3a82c1019b1534f775f6fd0ded9cbe4a8026d24a5d809c5474305df14f103b77183450cadd54b22029abe61ca075666f993c18b43b329040dcc165c5ce99071bfe4f990a280a99ead3e5eda2a17c09463ac2910138d88965b65b72236c1d0143d8be18d630e3526dac4363a2491892d8b017eb13f7f2ac7ece76bb6090f32561c78871adb121d7d489f565ec8b71cae07f630eb78f20056a81d151a1a64e160fdabf243d279c875e6cc24e65578d18b74bf54b3498cf2dd5bf3b487df96d94fccd7b5256c870789a4fec2c2b91d7ddb0a1cce99fc81f95b7d701de9ecc9687e0a56dedaecbce1de9991ca1137bb5cfa3831dfd2e4664a7d9277456d42c5078128d17375d05776d0f61ecf0fb6151709ce2e059ac732b3a0edd747f78594b06c3b6aa55321dafbf9fd796c7ecca5987b1a7b8c26bf180f6d864e126897bc4b7abe7a4adf53a103a9242a0e0a12fc1e3d6810ffec89f423dcdd7683ffbdb79c294dcc3cef9ce531a26a179b75635adee4ff1f64e12e97b04df5710a359c6f4e4f9453fb841616d01909e24a63844d8e627a91ea4b1b066ce81dd788de891dbd225d4b8d168d0011f235ea70fa1161373bc3f4809015f3ac4d84fa62f4c38d457042c90eceb67818e6ab9377ecf691d1aff4562bb59723bd71297277859900d4e31b85a8f411c4af26a8d77d87f5d055b51ec7274328b35d765501da9620de9c232ef600550d029711f1ef78302fa14765986547ec9e8b4b779b4c0d346c397fd64429c33260d589387619e6f0b82352190da0cc932d857602b79e1c817263ef974a65f763c92b15252f8b02889dbb6df6cadd9b2c3be2373887a1794bebce35f1e5843119addd339b2c3d4762d9899c442bbae0e2c796ba88e56fe6a06667025078342c02b679b9b2d8b3d2d44cf2d647e355df4f373f1addd5203e975d14cf4e5774328ccbb4951a267ca1a2e659a220de865b90a405967d57ed1cb7cbf18574b7b571e3ae4b2a7701bb3497964cbac071b17a3e3dd14ff5de174980fc38f7ee287b70f6c7b490f6008fc1403cb5beecd95c7121e6122b4743bdf187fce7315361111b09bcf139444279e8201f025a00e273b949e20fdfe305b67757d6f8f1143d4d9ab4639614e0765e0ec641ea1489f312b3bfb46a30f6a893f3d3ca10a15c6fec7bb9401f541fa481af544ccf5e17c92a48dbca13a8a79c74e8455d954c86c84e537b83b2b33d5756b12f6102d7f41ffb2ef85c518e11726434dd0789e5d7bed11e12cdc390b7f241eea3560ee22ccc046aeb1ab5e74000fb1c6a90986d84b23e3532e03ad84f07e32a51937b52375f4750bc70ef917290aa7c5f6a8272ffed1b65e885e5b7f094e36270029ad674942c96a08b5e992fe81bf0d0f6d49c4f147d4580450dea59e8188addde7a9b728002b68bfd34acbedd996e5a5df9e81c285672fe2208146131b4b802f924230557f1b120fd693ebe3ea56ebbbd54729cd9e1426fc1fae68b868da36de9a898e57a68f331d821174e62edd3a7c716cd200f9c06d5846380e9ce161bf9a42fd5c023872fa47cad85a9217f27d022d8e28d1dc97f45de5125aa9714a507f694fad4fc102ae206df2a4e79549b2d68e0d92c1dd32d8fddd58a043b5964fcf05992f3788b643b9843d648461ed3511735963c92c36824062feb16cb0383aa15fe9f38625d5a711527736ff0813f161fc96d47bb80610e99b48acdafd81d45d906d6aeaaddfe3d8f406e9d607b93d8e714eb5eb8b03f5d2a451171d3baf04dc3cd2c7f94f3bc7ccf6febcf7a16bfd7f29dc8e2e6b28f8240924ec32b8f3c44b3f01ab69273f71703b8756c4e4e7c73f48ea8dabac9e55f7c27d04079733cf5086824e45e441f703101e0c492c01e9f96d196c150eb5fbae6692717ce243e106d85f3a68c80bdfcf7bfbac497bfae08e0e58336d13e90ec95a5e1d82319af36d27ce9d4f0c7136145be443b610e6c7c00f7b9381286c49e881bcf90ac882aed077d6acc3ed192e1ea1ecc32982f2d3f0da1b5f2dff434b44afc537ad9e5631010654d6f56db9f3237bed7878bb358d14f52856776b5c8ee23d854dac6a1b09028e7cd7d32da88bd6027d5fd21e4a514cfcede957fb8e0bc011ff860ef5f2ee9d7c941b753139b5a130185226cf01580e63151eebdda26acb7a7aef3b2a478535354d5283a477f0071d204df7d97dea6d726e007c2086c8d0cbbb90a5fb0be7f0edb033cf7417a60be0547c86c7a4433d994a7496193c4648e2b6bc8ed1daded1a225426c417775cef8327f4b12c8e8c0a45922bfcff7eeff50c10ec895fc2a73d03eadb38826f8e45d464108d81c55c9b4519b3b63336d55c3c39cac9047c4624a9dd239105b8acbf9f5a228e703ff1f3d4ad7a6835b717457af89a58b428d16ed361d98a0f98b151d0a574fa01c585f902e26b28d6217d836d597e9c20cb5f764a277177a1a7dfbd4e26de2f61df1970f203eb50606a6692fa2c014696d1a56e62c24710e3f488ffd7684e7fb2a0462f7df5d47acb47a189fe185025e0aa3b7f7569b43c084b4bd43b079f74f1ca882cb09c80a89b4618c50cafb4b78addb7adbdd59ad5b035fbcd7b592985e3899593fa39cbfd369ea4a5cf771b735cc80800f6144c3d1e1093d479fae5efacf5a08ad3153ad953a9b7ff3e464373ed71328c14fc24aff41672987a686f2af5c3b735e5eea5a51de1ebb62624ed93ca86cdb4c0396807d5b367e74d00dc9ad7940327bb6b3e0ee0c09f15e6b72856bc909d77f77b29fb2622aed6f03f9049f6cd19c6e21a43181aec3e6733b8c89e99489802e2d7e3223c37773bd798ba8cf8acdc472f7249f84c303ffb7ceec3665a4ee696ebce42bce35254856f2cb43073d5ef471465924b55a84f7543524223e2d2b0ab6cdd4cb019fd8f606175a4138ec1e99df4dce06a04f66f142905de412591e37fea3ddf6b3158b630aaf9c1a96c9fad867c435553c66c370bc5dc3878b4dd616ed5a19cef9880a1a63af1e41b98ddae3952d4c21663bad83b837dad9a67f048f55ffb4f7258542b99f41db3db528458697c1cbe2d1c71232e4184c81fe974d2924912e5f71f7e9ff0fdee8167d7fe50626c09ab0bdc4a41834315fdea38b4ae357bd22f55764da0223deb6844d5489ad30a2378296a0627aae7ecc8e00cae0a1db1bd42c587a92212cb54365a53e5d3ed1ca69e26591183a3659251cef94ec1762443034fb0f8ffdf55af6d43964c42bb34563678640a97cf7df98568695534b2b8fdff91e406fa202ac84c43f968cbc39dd80612d19780ecc9d001c4dede3833b576548211e4b3bd4b073530204f12e583c59e4fd5a7fba05cac40688b120e1048c35449584f6c1e64045bfb18fafcdf64ba2c58374a0aafce8b17d4b5d45d23a30710da51bf8f134322f29f54e01cf981e0a3eac861292839b8d54eb91a32063f06f27e53084e9e777b0aaba98f18ccdc05001c85b4245f681961de2fd00f5676a846b92c602ebb7e39059aefe93f714ab6bb830f3e3cee78716f55c617d4bfdf2ec37c4fecae92134717ceb3c3d3effc576250a7635f4837b8e7f0d121aa942684ae73e9c0f8d0b4422d29630c668ce16251f400500ed6967df629d423b43a366e416cab12d1980f1e438c25731c16dcfc161a8e226e3dd8f356d58c816bbe9b80fa325a58c35885846cfa61ab2557a60f6ea0c241d0309c0e6d8f7f06d5feb3c68281922a2d5add00ecb43e6a692275eb0ea9e197c4af60b6283ecdd9a669bcb16a3655b6aa6c15629ea696af625200837115c0c0d3b8191174282148600737615bd5437e91c4220b5241ee5690ae49945ab8da9a04046abfe3cf890aedee7e68e4a89d376a5f415c250abbde19522b38ceba73f49bb2392bc36d9b28de9f7c9a3913d73ac8310c3c5cb1ea1e7140dc8d4bdfed630af016db66f13386661cf2d24e81df47545d36c910cfef318406adc1907abe2b544be6a23c65ee0141e25f10b7c831b0723cc20ec2db727f06be6dbe87bb72d2cdc984c7fe402a2f90cdd41fc1adb3b03539920f4dbacb607e885529b75343de0c38eae7436639332149aaa94f1f99c22125d00951f3dbb1c21a54ea4ef68c39e9ab5452795609732d1220758cf2a0ebc7ef77acfa21a7999d4431b2c44bcdd6a3643c17377d84ced327c8551592fa848e1ecf5"}) ioctl$BTRFS_IOC_TREE_SEARCH(0xffffffffffffffff, 0xd0009411, &(0x7f0000080f80)={{0x0, 0xc6, 0x8, 0x3ff, 0x441, 0x1, 0x0, 0x80000001, 0x2, 0x7, 0x2, 0x8001, 0xfffffffffffffffc, 0x12, 0x1000}}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000081f80)={0x8, [{}, {}, {}, {0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0}], 0x3f, "d78708e32319a2"}) ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f0000082f80)={0x0, 0x0, "f5bc21050cb0b94bcd60eaa43ef9273aad65f5a69c8ef94721f3a1b67fad62921d78d4f40ab34219a459ac834c9407fc32d33826add35bfa0e097f06fdd5e1587fe7355f2d86cb8ed073542b55d0c4ae879a0767af16029b7fbe966a14955ca40e281ec64b90d44c42995f42fef39d0d1bf465ac85bef1992efbcf57cc8aaf364b4229e5476c9388f78d54858664387971f2447581ea58a83f2476048e3606e712d8b338d5623c2d97853a58a98e0f515b03f5ab48112030ac1439b25f586e9c609db1b139bc7c336246d08f3fe63da10e88e8f7b2aa311ec1674385f0eb180200dfc929454acb1b0fd3a16b459b57de9a7e438c87440e88aff94b67f3bf8a69", "1e11797c5b10858eb60d71933a727b54a68ec8f8436702fedc22eb1912e81493b76570533044fb4243f836c59cf2073f7c47adf65c9ad068eacca3613166b870a8f6b1bbaa0dba6c208e018595b494cc61e4c34769c34f452c2aa64a4f40dd3ac4d32cb1741d7f9ff575db9b82e5736e3c50d5ab534f49fccfd31effae41be348eaaea855c6ea62f67ee2cd44987974cb58c83972d9d0d2fd51434f8c4f0b9bba9818ba95c9ffce147b24702b4590572515bf645b4623a4bf7dbc70def81d053407296a83e3cffda4db25ecab1e82ee7612906e4575923c2a9521e9760adf30d51eb75e30a037acd19a28d17a4f7ff101536e36d051b2ba12139f966af41f70dbcb1d576fb348df7d395b269797b0ccfaa334c8a9ff38ef6be92d812b68243cf7a6d59ca4f7c0c2004d1692cdb1d1d914fba9b2042d274c056f6d0bdcd7f1620e282766d69231c40f84b58adf179e76d7b1f3cad160e5c0eecfc90067b51d69ad9119d0f15caaef4832651e1f8b53683d752cd74d267be351fa2d86db8fbb96879ef92ef4fadfbcd4864da1a318279e4e16205e49465eeac2c3dcf855430bcf77a3b571168a0f13885a5d8e3805ef7216bc08326281a3667f6dd0feb11dc77cbbee13043874dc17d4aea79d529e3e67cd8fe6330d73a0c56a7d7619416f311142fcdbc8fdbe4ada9480e8a980952f1688f3b431e232e7a7e5b4fa874297cab37e6787310048a55834aaf484ac1b237a355ced106230f6d40572c034eca162cbe0866b07fede6c41d35a4cf7a203f6b3a81249f778cb7c09210f0e96b2cbae746d79a86b7301573e005f24eae584cc2a2a82690fe1d636f8334b7d5c2b46081067ff49b98bd9c9d121b5d8fcb78f6a67c28a20ae07617c88a166f4063c90d48eee947a5fdb9ceaa012e55677460c03a36af26e5ee892015e69aebc50c81eaf221db931daff14ed20f3a2ec36539e8fd1edb3e83c1d5b8e51e622cf028245e99bcf49771f844a8ba2bddd17891d0844bb31c938c8392d149915168ea2816e7187527c384c09f7d697444d4acaa1bae40c7a0b265ea2ce91482be7d074e88c30e9be91ae5a0be2010c231a2515dcd2eeffd93ddbd27723ed64c5e12bc37cc92067815ec770f4222eabbf2b5f6b436f8fd8ee80f4b07d811a86d6f543c3027134cbc26f708a97b0784d9349d088d632ccbfd7dbb078bd25bb69519fe58fdef50597f547d9d8b33aa5a4219e6204e3ec12f2c39cb7f3b8c4b925ba5f46f454dbbc620ea826c595d8338cd5c809b1c81e69f98a88568e7cf2d8e01f8fe1334f476e11db825934f12a6600d31f299b68569586e40174033be4e5dbe0bcb343eb71082d62f794d988b83ac6945b40de8de5ae2700ec20c446002ddd9cdb53f318c8aedc4a3ae82dc308e9e92f52b831caa8fcbfad72ca819268d2a96b1145900dbd8a5ba03f8c4cd8b1e219928976087ad80e47a5b6d410ebaf487069f408e633a45faaddec320457433bb2037d8e7e51bb30fde76791d4e494e79919353490ca8480d2d5ba59e27ec86baf17bf9ec4683197cdbf76a162cd8f585e028dd12310a0e63b275f0cb0c1627de014461491ab026f3ae4d2583c09ba1eab16e1c34ea656a803893e94a6c225069c800756f8f84b8f6474589faf9101d1549be46ecc8d6682d76322e3c98fd430d93f346ac6b81b61989434924b0b2822a94c407b54d17076fd763dbaffecf5b60781b9b96ad355d8dab78395ac3b0540ec3d88518d6f52649cbb8b4bfc5120b040c2f352a9ff1c7c09cea899d0cfc4674397ebb3804069cb1a78df5dc9a67f89d65c4757992e9d9f681f886b99985713c84c519bf84e6463cd911cd6685b6752064d817d25fe785f816416b47b217bec50c892100fecc332836a2fb39bcccb2c2be653ffe65bae90faddfc08fca100009796e8247750992b566f6dd0ad44ce8b7b7837a3bdf60fa0bf78f33183d4bec733d13019815adb69e089bc434c6e3855cdd6765d16ae363f96847dff1237dcabdd81d3da597a3d1751c3f4e32750095f74ae6c6d34ff4a265ab313aba0ef4b4d826924c449bbbda366d06e0d5575b0cc5437ae456f30e4734a8a2e2173b4a62b7056d8be1e469fb7e772ee593b847e9226a4374a199bd94bff150219c8ff3a00cfc0a426a1e16d2e479c27ed8b0b35d53a62c1772be6d5e0bf1bfcd289be8c5b7a830f8b331a36baf25fb451f451c31da8138d2019ddfc8b74b9c1e11c688944eee1a17485fe9d54a9cc5c3487840b550ba380c3eaa8e982d00634a145f4af64974d2be40da3d60a312a6a48d1ae8329a3110cf0af4f5ee0c10d337ebc5c9d3ef57f711dd76245ba7eabbaf798c71060cab16fbe7b3c8bc951582b8137e155c17ef31b0727ab2f090540de506dda938bc39d10a8329b01fad6c86557a0b6b86752028f9f8de5e5855db9cfd46d035d3b51c88db67f4c2ae8984938aa171f846be3360afcfbc5e8f80c792ed4f398cb32bb77adc1a669d5f43c40028dfa3d65c32e0b02f3d7802eb0bf2208dba99d200340043b7aeebd5305b28c2e72f8a32ddf118aee1648ac5dd356ecd6eccf8f7483dd343c7a6e98e3017285f5509d09a2bf5b30751a9f7c428946fff5be423d18ca07e2345b73926aa72342562d044beb5efce76711144473f40baf540e47c58e75c0de94c5129b333e19c99603d138b25b6604bd054f03b32c81ede39bda23ae938c76ec970c5fb1d71e8560262904a361395cd16f9b3e7f1f23711bb75df31d81b7c2f2f152d63c19e70159cb017deb2b22bbc197f8dbb6685a34a912ac6f4233df89a64d958d86a4fe50fb43a91bca910c81e21f014aa61b72448c75085f6552425993119b21f57f7c8a68310cd044a8b48f42074be37127c8312339edf39cda719a7847f321b68973d2cda9bae4dab27c64d875369c60c9e6209983f8b97f7206cfd04d473d1f985d851e4aa165bae4eab5e24ab0fe50da7450df20d51b9bd953828a8ea678c831ae4919bebd7c4de89abc08e64cd0c0b2334b3fd1383a2125c1be5e82f7fa35331ff881edbcc4110908c069d7df4956359dce2b8a6594565a7ef334d6e34b9f27d653cef00453689d852dfb7295a9a45ba37ac9e7ba3469af14ca20bc1884c14f15681251bbfd67a4ced3b6f0a538d07d44414a3b7994979e4c2fac70d757cc77759db3656f49ae37a350978dafdb380550b948840ac98c95526c305d4b9d1407639dc5c4666e20e4455d60babcca3afac05aead61ba06c0835d52784a25dde47f03d98d3e0a66aeedd0129f63dd8a7044333a73abd18102c8afa1b57c15184f9031ecaa0938d2552b811bccc0320252c118c5a01e36c98665c988798b496f29d1a86eec96e3aeeb9e46686521ed5398763b714b34bed8f9dfcd626e7a39fe6734e61ce2884560932a0afc4a72f55cd9c1fe6e5417d2147fe3d454ac860c25ac8bb932ec8840853a19ae40dd44335c4d627dc02013d2d2d707fc9796f150050d7adf9a7ce33a59356968beb45009c78dcfe79666a274a73288363a8d98bd876fa46da551b642be00d92f934fb849a845e6559399d891ddd2aae9ff7a3ed61b2569ab0ef7188be3ac5f223dbdb9bcaac37787f4513c783efd8b7485ec380e8e4120c1a25ec4406db8eb4076d206058b6388c9950354322da4a68834ebf73b47da5553e77504677a92cbe6d092c92776cf73d9f93d2f008df67bc4b2357fe08afa1a689cd66d228055cf5ae9fc37c25bebace3db0ccccfb1550445cbe8973c55ead6a2160dfa8269ffbf2c54b5d840469cc93d7e5b6e1f3d8100270fd0bd44efe2b112e3186a7381632b42f900bb6c19ccf299ab403d41fe1a7341562b45d1b77732f318acf8d8b15b82c88afb64fd5c29412dddadff854cb5504e50ed33f45cf88c57057132e48438bf8ed4b7822e20e14c86264babfba865f00c7d0183713b26aa224593de0f1bb6258aa028d5d91bd55c164a899a5f25d5f9012eff4506d09b1af9ad101112f28bebc6e38f40c6166286346559f70eb9517ae607844883cd02bc64ffecf7ee16a8dab0010ee9abbc9ce6eadc28229d31cfb98feba54b9b67ed0850353fa3120ed24c52d05e01229036ffc816fe9073e304b321d3342215a7daef85711a16337e9f2516e42ec522ad991d1015c1de7c8431af61e1d1cbf08fd6cdb6e78894407568021cf4cf03c096b0fb76b2014f34f9e72cb3bc84492a95ea7460854224eb2c9c61dba6771898692db2a43f4d6ad0d19029e53704356264900f5e1066f35f1977bf4d98c3e390cd1ef7faab1d444763680c143a5bc4a7daab9a7f73ae8c3036c21331eac234e0bf9ea36b435865b0e623b2bc209178dae696b5f7922ec3f3948e3db7b67e090d939f83b05f5084b9457ac125547c4dc736bad02b861c9cb60e92810d36bfcdf0c8b4574ffdd77ed5c1c192d92b40e405d12648f4e1f5b3054990f2f74ca561f55fdf75fda171b7e10f9946d13e096d9063b0f8a226da3efd2bcf4429f4da3aad7830a38489c54d44d824275901dc6a0dfd02ed05861a29590e4f1880f4abf842bf03afc6f317882137f12db55273af8dbbb019974d2023d08ac94116b0f346a41642ce506d5211d54131e22cc43eb46e833fcfc9b139d0d3d091bd7d9b0f457bfe2ecd8eba7f8530e11a9fce1e5608d2737e30da121690c5aa8eab0514f6c7dd73cd4446bfb1f08a4ba9036a5d2f93eb57f191bc173c31160c69ec3cb8848fd40328c493a492b310a9e5dd8ea5ea7265051ff68822923409f1050995ddd6aa6da88240f6773217451cff9ffe0fb931091673d69ce3dbe7998be64b3302011900da2e3c937d7c54d8db439220f692ab329179d8230db384aa6cfa602a617fcf83f3eae55dfb1ee8f74fa6b54cae3c5d08af3594a37181b463edb2d52967ea8827aae3edca2da9b75a29c8df04263f465f30c753e406962996f48343fe1354953fc4bb792f95dd9306d43dea154ad209ee7f06c7406a84858f756747c75a8a616108a150e58a8fb5550580f39e4f66ffd552cbe4b5164ec0fb99e336939e21179f836ef5e3db624b8aacd64267895d215cc8e82dca88e49d1d26ac85aae276c7fd180a95d00a820d02a7354f2341eee7f3651387d5f997f2cd8768327652887a4083fc19a2a666d99771fd1944f0a17d85194301b4a503624d0730308ac04399f0a7bade1af5498ccdbd3da26bc57bdb00969025cfc1416fe96718fb489fffa03ed114293873926dca252e1fb4a6ae46053dc3166c7998d5f78ad0b4ec0c7b2d25bc0785917bef5775247f8b01694cf05a4df3d7cebfe1ae01ea1bbf2ba98735a53ea5c5f556bd7739303a55820780e4f9f0bc5d9f0ad3dabfd51966dfef8480821e228b5105b7c85db49cc049a3c5975f64f6a6d7"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f0000083f80)={0x81, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}, {}, {}, {}, {}, {}, {r5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r1}, {}, {}, {}, {}, {}, {0x0, r2}, {}, {r3}, {}, {}, {r4, r7}, {}, {r9}], 0x2, "d80192d7cc9e70"}) ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, &(0x7f000004c640)={0x0, ""/256, 0x0}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000004c840)={0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r11}, {}, {}, {}, {}, {}, {}, {0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r8}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r12}], 0xf9, "b64448f8c48a59"}) ioctl$BTRFS_IOC_GET_SUBVOL_ROOTREF(0xffffffffffffffff, 0xd000943d, &(0x7f000004d840)={0xfffffffffffffffb, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r15}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r17}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {r10}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, r14}, {}, {}, {}, {r13, r16}], 0x3f, "a9ab266c726a36"}) r18 = socket$inet_udp(0x2, 0x2, 0x0) close(r18) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYRESOCT=r18, @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) r19 = socket$inet_udplite(0x2, 0x2, 0x88) r20 = dup(r19) ioctl$PERF_EVENT_IOC_ENABLE(r20, 0x8912, 0x400200) ioctl$PPPIOCGL2TPSTATS(r20, 0x80487436, &(0x7f0000000100)="449216442ab183feda952f8f63ed359fd139087774d1128d641eac686f298e317301472273e486e27ab75e3b386272b4b79dd184b3fd1b38f28d44393eecdfe6b6ee31ab879f8b7350c3413124488d4ca9fd6dd3721e14546edf2074ed6f231f10ed4837be8c4bffac2efe6dd63f4d0662d65a96e7fafbbcf02dc3dc628ab878243509aa51a557807f1dca9a39f85a212deb2253688879c739eaa2da96200af2a72d3f1137b0aba899aa325ac51defffdb08845fa3eb745018b0140b44d83eb1fe14ad1b785fa2dfb84ccbf3de48c726869e9895b788f285ee3895f1317149588712c4449bba591b12f7e66112b34c0d1a74") write$binfmt_misc(r0, &(0x7f0000000000)=ANY=[], 0xfffffecc) 22:52:08 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000002c0), 0x1000000000000194, 0x1) openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x86280, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)) r1 = getpid() r2 = socket$netlink(0x10, 0x3, 0x0) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000340)=ANY=[@ANYBLOB="05000000000000003906000000001216fa95000000000000350a000000000000750d000000000000fd09000000000010b845ee4a000042ab120e4ea9651828e73c8ea432e70000c9150000000000000100000000000000060b0000000000000500000000000000ad08e98884bccf4d9e39ffd99588c98e20c8ca00ba69f554792a44edb16e7ece0ee99b57f69eaa4ecb5fdf39a89206b165a138ecd7935f8c8592689edd9c7545e2583bb9fead86c07a138697dd5a8c77fdaa7cbdc9902265870aa5211f37055196e107ed970cf7d632336d03fda54785737e66e7780b7570ed69d56ca72aae48fcb0ebce2aec64c3f39adc099ab4823ce4e83680aeab161b094332a2bf64e59fc64fbecb2611741aaca411d8ec9a1558f590c9d4c7ccf19151d8994c0fd822beb1e6"]) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) syz_open_dev$sndpcmp(&(0x7f0000000080)='/dev/snd/pcmC#D#p\x00', 0x6, 0x22040) sendmsg$unix(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=[@cred={{0x1c, 0x1, 0x2, {0x0, r3, r4}}}], 0x20, 0x5}, 0x0) tkill(r1, 0x0) ptrace$cont(0x9, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) getsockopt$inet6_mtu(0xffffffffffffffff, 0x29, 0x17, &(0x7f0000000200), &(0x7f0000000240)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)) ptrace$cont(0x1f, r0, 0x0, 0x0) 22:52:08 executing program 3: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) ptrace$cont(0x1f, r0, 0x0, 0x0) [ 2299.919706] FAULT_INJECTION: forcing a failure. [ 2299.919706] name failslab, interval 1, probability 0, space 0, times 0 [ 2299.980752] CPU: 1 PID: 11436 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2299.988661] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2299.998018] Call Trace: [ 2300.000614] dump_stack+0x1b2/0x283 [ 2300.004246] should_fail.cold+0x10a/0x154 [ 2300.008401] should_failslab+0xd6/0x130 [ 2300.012379] kmem_cache_alloc_trace+0x47/0x3d0 [ 2300.016966] sctp_add_bind_addr+0x6c/0x350 [ 2300.021211] sctp_copy_local_addr_list+0x2ae/0x400 [ 2300.026172] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2300.030933] sctp_bind_addr_copy+0xde/0x430 [ 2300.035284] __sctp_connect+0x618/0xbe0 [ 2300.039263] ? sctp_wfree+0x600/0x600 [ 2300.043064] ? lock_sock_nested+0x98/0x100 [ 2300.047315] ? sctp_asconf_mgmt+0x340/0x340 [ 2300.051639] sctp_inet_connect+0x127/0x190 [ 2300.055893] ? sctp_asconf_mgmt+0x340/0x340 [ 2300.060213] SyS_connect+0x1f4/0x240 [ 2300.063925] ? SyS_accept+0x30/0x30 [ 2300.067556] ? fput+0xb/0x140 [ 2300.070670] ? SyS_write+0x14d/0x210 [ 2300.074383] ? SyS_read+0x210/0x210 [ 2300.078011] ? SyS_clock_settime+0x1a0/0x1a0 [ 2300.082597] ? do_syscall_64+0x4c/0x640 [ 2300.086570] ? SyS_accept+0x30/0x30 [ 2300.090200] do_syscall_64+0x1d5/0x640 [ 2300.094099] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2300.099309] RIP: 0033:0x45de29 [ 2300.102495] RSP: 002b:00007f99fea68c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2300.110208] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 [ 2300.117483] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 22:52:08 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) gettid() ioctl$IOC_PR_PREEMPT_ABORT(r2, 0x401870cc, &(0x7f0000000000)={0xcd6, 0x4800000, 0x9, 0x1e5}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)) ptrace$cont(0x1f, r0, 0x0, 0x0) [ 2300.124762] RBP: 00007f99fea68ca0 R08: 0000000000000000 R09: 0000000000000000 [ 2300.132040] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000041 [ 2300.139320] R13: 00007ffe45e906cf R14: 00007f99fea699c0 R15: 000000000118bfd4 [ 2300.157547] ptrace attach of "/root/syz-executor.3"[11442] was attempted by "/root/syz-executor.3"[11443] 22:52:08 executing program 3: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) ptrace$cont(0x1f, r0, 0x0, 0x0) 22:52:08 executing program 4: openat$vnet(0xffffffffffffff9c, &(0x7f0000000280)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) sendmsg$TIPC_CMD_GET_LINKS(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x24, 0x0, 0x0, 0x70bd29, 0x25dfdbfd, {{}, {}, {0x8, 0x11, 0x8001}}, ["", "", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x4804}, 0x4000004) socket$inet6(0xa, 0xa, 0x9e89) r2 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_int(r2, 0x29, 0x48, &(0x7f0000000240)=0xd, 0x4) getsockopt$inet6_int(r2, 0x29, 0x48, 0x0, &(0x7f00007d0000)) ioctl$F2FS_IOC_RELEASE_COMPRESS_BLOCKS(r2, 0x8008f512, &(0x7f0000000240)) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r3+30000000}, 0x0) r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r4, 0x840, 0x0) 22:52:08 executing program 3: clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) ptrace$cont(0x1f, r0, 0x0, 0x0) [ 2300.281038] ptrace attach of "/root/syz-executor.3"[11458] was attempted by "/root/syz-executor.3"[11459] 22:52:08 executing program 2 (fault-call:3 fault-nth:66): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) 22:52:08 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) ptrace$cont(0x1f, r0, 0x0, 0x0) [ 2300.449402] ptrace attach of "/root/syz-executor.3"[11468] was attempted by "/root/syz-executor.3"[11470] [ 2300.535768] FAULT_INJECTION: forcing a failure. [ 2300.535768] name failslab, interval 1, probability 0, space 0, times 0 [ 2300.563204] CPU: 1 PID: 11472 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2300.571118] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2300.580467] Call Trace: [ 2300.583073] dump_stack+0x1b2/0x283 [ 2300.586701] should_fail.cold+0x10a/0x154 [ 2300.590873] should_failslab+0xd6/0x130 [ 2300.595192] kmem_cache_alloc_trace+0x47/0x3d0 [ 2300.599777] sctp_add_bind_addr+0x6c/0x350 [ 2300.604012] sctp_copy_local_addr_list+0x2ae/0x400 [ 2300.609893] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2300.614651] sctp_bind_addr_copy+0xde/0x430 [ 2300.618974] __sctp_connect+0x618/0xbe0 [ 2300.622947] ? sctp_wfree+0x600/0x600 [ 2300.626747] ? lock_sock_nested+0x98/0x100 [ 2300.630991] ? sctp_asconf_mgmt+0x340/0x340 [ 2300.635308] sctp_inet_connect+0x127/0x190 [ 2300.639545] ? sctp_asconf_mgmt+0x340/0x340 [ 2300.643861] SyS_connect+0x1f4/0x240 [ 2300.647592] ? SyS_accept+0x30/0x30 [ 2300.651222] ? fput+0xb/0x140 [ 2300.654322] ? SyS_write+0x14d/0x210 [ 2300.658054] ? SyS_read+0x210/0x210 [ 2300.661685] ? SyS_clock_settime+0x1a0/0x1a0 [ 2300.666092] ? do_syscall_64+0x4c/0x640 [ 2300.670066] ? SyS_accept+0x30/0x30 [ 2300.673793] do_syscall_64+0x1d5/0x640 [ 2300.677692] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2300.682904] RIP: 0033:0x45de29 [ 2300.686087] RSP: 002b:00007f99fea89c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2300.693794] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 [ 2300.701089] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 [ 2300.708356] RBP: 00007f99fea89ca0 R08: 0000000000000000 R09: 0000000000000000 [ 2300.716316] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000042 [ 2300.723580] R13: 00007ffe45e906cf R14: 00007f99fea8a9c0 R15: 000000000118bf2c 22:52:09 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) sendmsg$TIPC_NL_NAME_TABLE_GET(r0, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000100)={0x20, 0x0, 0x800, 0x70bd27, 0x25dfdbfd, {}, [@TIPC_NLA_MON={0xc, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x7ff}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x1}, 0x4040094) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) ioctl$DRM_IOCTL_GEM_OPEN(0xffffffffffffffff, 0xc010640b, &(0x7f0000000000)) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1000001, 0x100010, r1, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r3, 0x840, 0x0) 22:52:09 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) ptrace$cont(0x1f, r0, 0x0, 0x0) 22:52:09 executing program 2 (fault-call:3 fault-nth:67): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) [ 2300.817247] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11485 comm=syz-executor.0 [ 2300.881248] FAULT_INJECTION: forcing a failure. [ 2300.881248] name failslab, interval 1, probability 0, space 0, times 0 [ 2300.900349] CPU: 0 PID: 11490 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2300.908282] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2300.917638] Call Trace: [ 2300.920229] dump_stack+0x1b2/0x283 [ 2300.923875] should_fail.cold+0x10a/0x154 22:52:09 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) ptrace$cont(0x1f, r0, 0x0, 0x0) [ 2300.928031] should_failslab+0xd6/0x130 [ 2300.932013] kmem_cache_alloc_trace+0x47/0x3d0 [ 2300.936633] sctp_add_bind_addr+0x6c/0x350 [ 2300.940879] sctp_copy_local_addr_list+0x2ae/0x400 [ 2300.945818] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2300.950589] sctp_bind_addr_copy+0xde/0x430 [ 2300.954925] __sctp_connect+0x618/0xbe0 [ 2300.958917] ? sctp_wfree+0x600/0x600 [ 2300.962721] ? lock_sock_nested+0x98/0x100 [ 2300.967022] ? sctp_asconf_mgmt+0x340/0x340 [ 2300.971372] sctp_inet_connect+0x127/0x190 [ 2300.975613] ? sctp_asconf_mgmt+0x340/0x340 [ 2300.979937] SyS_connect+0x1f4/0x240 [ 2300.983664] ? SyS_accept+0x30/0x30 [ 2300.987302] ? fput+0xb/0x140 [ 2300.990417] ? SyS_write+0x14d/0x210 [ 2300.994132] ? SyS_read+0x210/0x210 [ 2300.997757] ? SyS_clock_settime+0x1a0/0x1a0 [ 2301.002164] ? do_syscall_64+0x4c/0x640 [ 2301.006162] ? SyS_accept+0x30/0x30 [ 2301.009792] do_syscall_64+0x1d5/0x640 [ 2301.013688] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2301.018885] RIP: 0033:0x45de29 [ 2301.022767] RSP: 002b:00007f99fea89c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2301.030486] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 [ 2301.038717] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 [ 2301.048376] RBP: 00007f99fea89ca0 R08: 0000000000000000 R09: 0000000000000000 [ 2301.055770] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000043 [ 2301.063060] R13: 00007ffe45e906cf R14: 00007f99fea8a9c0 R15: 000000000118bf2c 22:52:09 executing program 4: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) sendmsg$NL80211_CMD_DEL_STATION(r0, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000100)={&(0x7f00000002c0)={0xd8, 0x0, 0x400, 0x70bd26, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x800, 0x7f}}}}, [@NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES={0xae, 0xbe, "d1642c5359f437eac8fc0db7d5b9e2941cb74f433217fa588dac6c2c55ab3207c634430d8ee83ed573db1508990cc2ab494ed56d15b837bc355dd12b2d33137db8e9b85cb8477cf9f59d8f6306b480aa9f7f6f1373640cf531b3419fc793656b45a83651be7ddb8a3e2e2024ec306b6462d143d4e6c707d11db4d2cfa15fe2c95f442b99bbef8f2678cc57dd27f891fd23fa50ffc60a64847f4af3d9e485f0324b8155318071dddb5206"}, @NL80211_ATTR_AIRTIME_WEIGHT={0x6, 0x112, 0xa154}]}, 0xd8}, 0x1, 0x0, 0x0, 0x44001}, 0x4044800) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) clock_gettime(0x0, &(0x7f0000000180)) accept4$unix(r2, &(0x7f0000000240)=@abs, &(0x7f0000000000)=0x6e, 0x0) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff, 0x9, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x400000000000000}, &(0x7f0000000200)={0x0, 0x989680}, 0x0) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r3, 0x840, 0x0) [ 2301.092567] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11499 comm=syz-executor.0 [ 2301.160308] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11504 comm=syz-executor.4 22:52:09 executing program 0: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = open(&(0x7f0000000080)='./file0\x00', 0x400, 0x1) ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, &(0x7f0000000100)={{&(0x7f0000ffc000/0x4000)=nil, 0x4000}}) setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000040), 0x10) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000240)={0x102000, 0xc, 0x4, 0xe000, 0x7fff, {}, {0x5, 0x1, 0x7f, 0x5, 0xe, 0x6, "18b0139d"}, 0x9, 0x4, @planes=&(0x7f0000000000)={0x5, 0x38, @fd, 0x6}, 0x0, 0x0, r2}) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) ioctl$BTRFS_IOC_DEFRAG(0xffffffffffffffff, 0x50009402, 0x0) r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r3, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0)={0x0, 0x2}, 0x0, &(0x7f0000000140)={0x1ff, 0xd3d, 0x9, 0x6, 0x0, 0x0, 0x7fff, 0x100000000040000}, &(0x7f0000000200)={0x0, r4+30000000}, 0x0) getsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f00000001c0), 0x10) r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r5, 0x840, 0x0) 22:52:11 executing program 5: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$USBDEVFS_CONNECTINFO(r1, 0x40085511, &(0x7f0000000040)) close(r2) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES16=0x0, @ANYRES16=r3], 0x3}}, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r4 = open(&(0x7f0000000080)='./file0\x00', 0xa440, 0x0) r5 = socket$inet6(0xa, 0x3, 0x6) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r5, 0x29, 0x20, &(0x7f0000000000)={@mcast1, 0x0, 0x0, 0x2, 0x1, 0x1f, 0x0, 0x400000000}, 0x20) r6 = syz_open_procfs(0x0, &(0x7f00000004c0)='net/ip6_flowlabel\x00') sendfile(r5, r6, &(0x7f0000000240)=0x202, 0x4000000000dc) r7 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000300)='NLBL_UNLBL\x00') sendmsg$NLBL_UNLABEL_C_STATICADD(r6, &(0x7f00000017c0)={&(0x7f00000016c0)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001780)={&(0x7f0000001740)={0x1c, r7, 0x200, 0x70bd2d, 0x25dfdbfe, {}, [@NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @multicast2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8}, 0x20008004) sendmsg$NLBL_UNLABEL_C_STATICADDDEF(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000100)={&(0x7f0000000240)={0x7c, r7, 0x4, 0x1, 0x8, {}, [@NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @initdev={0xfe, 0x88, [], 0x0, 0x0}}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'bridge_slave_1\x00'}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'caif0\x00'}, @NLBL_UNLABEL_A_IPV6ADDR={0x14, 0x2, @rand_addr=' \x01\x00'}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @loopback}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @loopback}]}, 0x7c}, 0x1, 0x0, 0x0, 0x24000000}, 0xc001) sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x2c, r7, 0x400, 0x70bd2a, 0x25dfdbfd, {}, [@NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @private=0xa010100}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @local}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @rand_addr=0x64010102}]}, 0x2c}, 0x1, 0x0, 0x0, 0xc001}, 0x0) r8 = creat(&(0x7f0000000000)='./file0\x00', 0x5d) ioctl$MON_IOCH_MFLUSH(r8, 0x9208, 0x6) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0) 22:52:11 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) prctl$PR_SET_NAME(0xf, &(0x7f0000000000)='^,*^:\\\x9e\x00') clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)) ptrace$cont(0x1f, r0, 0x0, 0x0) 22:52:11 executing program 2 (fault-call:3 fault-nth:68): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) 22:52:11 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) ptrace$cont(0x1f, r0, 0x0, 0x0) 22:52:11 executing program 4: openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) sendmsg$NL80211_CMD_DEL_STATION(r0, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000100)={&(0x7f00000002c0)={0xd8, 0x0, 0x400, 0x70bd26, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x800, 0x7f}}}}, [@NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES={0xae, 0xbe, "d1642c5359f437eac8fc0db7d5b9e2941cb74f433217fa588dac6c2c55ab3207c634430d8ee83ed573db1508990cc2ab494ed56d15b837bc355dd12b2d33137db8e9b85cb8477cf9f59d8f6306b480aa9f7f6f1373640cf531b3419fc793656b45a83651be7ddb8a3e2e2024ec306b6462d143d4e6c707d11db4d2cfa15fe2c95f442b99bbef8f2678cc57dd27f891fd23fa50ffc60a64847f4af3d9e485f0324b8155318071dddb5206"}, @NL80211_ATTR_AIRTIME_WEIGHT={0x6, 0x112, 0xa154}]}, 0xd8}, 0x1, 0x0, 0x0, 0x44001}, 0x4044800) socket$inet_udp(0x2, 0x2, 0x0) r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0) clock_gettime(0x0, &(0x7f0000000180)) accept4$unix(r2, &(0x7f0000000240)=@abs, &(0x7f0000000000)=0x6e, 0x0) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff, 0x9, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x400000000000000}, &(0x7f0000000200)={0x0, 0x989680}, 0x0) r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r3, 0x840, 0x0) 22:52:11 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$SNDCTL_TMR_SELECT(r1, 0x40045408) openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r2 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) r4 = syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x4, 0x2) sendmsg$NL80211_CMD_SET_MULTICAST_TO_UNICAST(r4, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="10002d180cc107b19905d8638308a3bd6100fedbdf257900000000e3be56033cdab6b30400f4000400f400000000b38b22612f3300"/66], 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x80) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r3, 0x0) clock_gettime(0x7, &(0x7f0000000080)={0x0, 0x0}) pselect6(0x40, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000}, 0x0, &(0x7f0000000140)={0xfffffffffffffffa, 0x9}, &(0x7f0000000200)={0x0, r5+30000000}, 0x0) ioctl$IOC_PR_RELEASE(r4, 0x401070ca, &(0x7f00000001c0)={0x1, 0xe8e, 0x1}) r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r6, 0x840, 0x0) 22:52:11 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) ptrace$cont(0x1f, r0, 0x0, 0x0) [ 2303.289635] audit: type=1804 audit(1602197531.524:363): pid=11526 uid=0 auid=0 ses=4 subj=system_u:system_r:kernel_t:s0 op="invalid_pcr" cause="ToMToU" comm="syz-executor.5" name="/root/syzkaller-testdir511078750/syzkaller.hvgXmL/2176/file0" dev="sda1" ino=17178 res=1 [ 2303.316874] FAULT_INJECTION: forcing a failure. [ 2303.316874] name failslab, interval 1, probability 0, space 0, times 0 22:52:11 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) ptrace$cont(0x1f, r0, 0x0, 0x0) [ 2303.333925] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11531 comm=syz-executor.4 [ 2303.381118] CPU: 1 PID: 11525 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2303.389046] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2303.398435] Call Trace: [ 2303.401034] dump_stack+0x1b2/0x283 [ 2303.404675] should_fail.cold+0x10a/0x154 [ 2303.408837] should_failslab+0xd6/0x130 [ 2303.412826] kmem_cache_alloc_trace+0x47/0x3d0 [ 2303.417417] sctp_add_bind_addr+0x6c/0x350 [ 2303.422042] sctp_copy_local_addr_list+0x2ae/0x400 [ 2303.427087] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2303.432212] sctp_bind_addr_copy+0xde/0x430 [ 2303.436551] __sctp_connect+0x618/0xbe0 [ 2303.440541] ? sctp_wfree+0x600/0x600 [ 2303.444352] ? lock_sock_nested+0x98/0x100 [ 2303.448630] ? sctp_asconf_mgmt+0x340/0x340 [ 2303.453195] sctp_inet_connect+0x127/0x190 [ 2303.457440] ? sctp_asconf_mgmt+0x340/0x340 [ 2303.461803] SyS_connect+0x1f4/0x240 [ 2303.465610] ? SyS_accept+0x30/0x30 [ 2303.469246] ? fput+0xb/0x140 [ 2303.472354] ? SyS_write+0x14d/0x210 [ 2303.476072] ? SyS_read+0x210/0x210 [ 2303.479742] ? SyS_clock_settime+0x1a0/0x1a0 [ 2303.484160] ? do_syscall_64+0x4c/0x640 [ 2303.488150] ? SyS_accept+0x30/0x30 [ 2303.491786] do_syscall_64+0x1d5/0x640 [ 2303.495701] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2303.500982] RIP: 0033:0x45de29 [ 2303.504170] RSP: 002b:00007f99fea89c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2303.511908] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 [ 2303.519213] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 22:52:11 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) ptrace$cont(0x1f, r0, 0x0, 0x0) [ 2303.527050] RBP: 00007f99fea89ca0 R08: 0000000000000000 R09: 0000000000000000 [ 2303.534322] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000044 [ 2303.541811] R13: 00007ffe45e906cf R14: 00007f99fea8a9c0 R15: 000000000118bf2c 22:52:11 executing program 2 (fault-call:3 fault-nth:69): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) 22:52:11 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$CHAR_RAW_PG(r1, 0x1269, &(0x7f0000000080)={0x9, 0x4, 0x12, &(0x7f0000000000)="3dfffb9ee0bdb8afa6aed6e0a775cea0fd09"}) openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-net\x00', 0x2, 0x0) r2 = socket(0x10, 0x3, 0x209) setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000040), 0x10) sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r3 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x450, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffefffc, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$unix(0x1, 0x5, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x11, r3, 0x0) clock_gettime(0x0, &(0x7f0000000180)={0x0, 0x0}) pselect6(0x40, &(0x7f00000000c0)={0x2000000000000, 0x0, 0x3}, 0x0, &(0x7f0000000140)={0x40000001ff, 0x0, 0x0, 0x0, 0x1}, &(0x7f0000000200)={0x0, r4+30000000}, 0x0) r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/arp\x00') lseek(r5, 0x840, 0x0) [ 2303.672149] FAULT_INJECTION: forcing a failure. [ 2303.672149] name failslab, interval 1, probability 0, space 0, times 0 [ 2303.703389] CPU: 1 PID: 11556 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2303.711423] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2303.720786] Call Trace: [ 2303.723384] dump_stack+0x1b2/0x283 [ 2303.727013] should_fail.cold+0x10a/0x154 [ 2303.731192] should_failslab+0xd6/0x130 [ 2303.735186] kmem_cache_alloc_trace+0x47/0x3d0 [ 2303.739793] sctp_add_bind_addr+0x6c/0x350 [ 2303.744035] sctp_copy_local_addr_list+0x2ae/0x400 [ 2303.748974] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2303.753765] sctp_bind_addr_copy+0xde/0x430 [ 2303.758112] __sctp_connect+0x618/0xbe0 [ 2303.762119] ? sctp_wfree+0x600/0x600 [ 2303.765926] ? lock_sock_nested+0x98/0x100 [ 2303.770178] ? sctp_asconf_mgmt+0x340/0x340 [ 2303.774499] sctp_inet_connect+0x127/0x190 [ 2303.778738] ? sctp_asconf_mgmt+0x340/0x340 [ 2303.783059] SyS_connect+0x1f4/0x240 [ 2303.786775] ? SyS_accept+0x30/0x30 [ 2303.790410] ? fput+0xb/0x140 [ 2303.793522] ? SyS_write+0x14d/0x210 [ 2303.797239] ? SyS_read+0x210/0x210 [ 2303.800872] ? SyS_clock_settime+0x1a0/0x1a0 [ 2303.805287] ? do_syscall_64+0x4c/0x640 [ 2303.809264] ? SyS_accept+0x30/0x30 [ 2303.812931] do_syscall_64+0x1d5/0x640 [ 2303.816833] entry_SYSCALL_64_after_hwframe+0x46/0xbb 22:52:12 executing program 0 (fault-call:9 fault-nth:0): r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r2, 0x0, r4, 0x0, 0x4ffe2, 0x0) [ 2303.822030] RIP: 0033:0x45de29 [ 2303.825214] RSP: 002b:00007f99fea89c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2303.832929] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 [ 2303.840210] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 [ 2303.847862] RBP: 00007f99fea89ca0 R08: 0000000000000000 R09: 0000000000000000 [ 2303.855139] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000045 [ 2303.862415] R13: 00007ffe45e906cf R14: 00007f99fea8a9c0 R15: 000000000118bf2c [ 2303.981660] FAULT_INJECTION: forcing a failure. [ 2303.981660] name failslab, interval 1, probability 0, space 0, times 0 [ 2304.010772] CPU: 1 PID: 11568 Comm: syz-executor.0 Not tainted 4.14.198-syzkaller #0 [ 2304.019240] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2304.028685] Call Trace: [ 2304.031309] dump_stack+0x1b2/0x283 [ 2304.035066] should_fail.cold+0x10a/0x154 [ 2304.039227] should_failslab+0xd6/0x130 [ 2304.043214] kmem_cache_alloc_node_trace+0x25a/0x400 [ 2304.048337] __get_vm_area_node+0xed/0x340 [ 2304.052587] ? netlink_sendmsg+0x41a/0xb80 [ 2304.056947] vmalloc+0x98/0x150 [ 2304.060231] ? netlink_sendmsg+0x41a/0xb80 [ 2304.064469] netlink_sendmsg+0x41a/0xb80 [ 2304.068545] ? nlmsg_notify+0x170/0x170 [ 2304.072529] ? security_socket_sendmsg+0x83/0xb0 [ 2304.077288] ? nlmsg_notify+0x170/0x170 22:52:12 executing program 5: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0) [ 2304.081299] sock_sendmsg+0xb5/0x100 [ 2304.085017] sock_no_sendpage+0xe2/0x110 [ 2304.089102] ? __sk_mem_schedule+0xd0/0xd0 [ 2304.093361] ? __sk_mem_schedule+0xd0/0xd0 [ 2304.097603] sock_sendpage+0xdf/0x140 [ 2304.101445] pipe_to_sendpage+0x226/0x2d0 [ 2304.105597] ? sockfs_setattr+0x140/0x140 [ 2304.111152] ? direct_splice_actor+0x160/0x160 [ 2304.115752] __splice_from_pipe+0x326/0x7a0 [ 2304.120099] ? direct_splice_actor+0x160/0x160 [ 2304.125177] generic_splice_sendpage+0xc1/0x110 [ 2304.131638] ? vmsplice_to_user+0x1b0/0x1b0 [ 2304.136209] ? rw_verify_area+0xe1/0x2a0 [ 2304.140804] ? vmsplice_to_user+0x1b0/0x1b0 [ 2304.145160] SyS_splice+0xd59/0x1380 [ 2304.148874] ? SyS_write+0x14d/0x210 [ 2304.152594] ? compat_SyS_vmsplice+0x150/0x150 [ 2304.157159] ? SyS_clock_settime+0x1a0/0x1a0 [ 2304.161960] ? do_syscall_64+0x4c/0x640 [ 2304.166151] ? compat_SyS_vmsplice+0x150/0x150 [ 2304.171442] do_syscall_64+0x1d5/0x640 [ 2304.175786] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2304.183289] RIP: 0033:0x45de29 [ 2304.187086] RSP: 002b:00007f073af1cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 2304.196660] RAX: ffffffffffffffda RBX: 00000000000350c0 RCX: 000000000045de29 [ 2304.204892] RDX: 0000000000000007 RSI: 0000000000000000 RDI: 0000000000000005 [ 2304.212170] RBP: 00007f073af1cca0 R08: 000000000004ffe2 R09: 0000000000000000 [ 2304.219428] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2304.226720] R13: 00007ffdf141e46f R14: 00007f073af1d9c0 R15: 000000000118bfd4 [ 2304.240334] syz-executor.0: vmalloc: allocation failure: 4416 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) [ 2304.254573] syz-executor.0 cpuset=/ mems_allowed=0-1 [ 2304.259730] CPU: 1 PID: 11568 Comm: syz-executor.0 Not tainted 4.14.198-syzkaller #0 [ 2304.267629] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2304.277324] Call Trace: [ 2304.279931] dump_stack+0x1b2/0x283 [ 2304.283541] warn_alloc.cold+0x96/0x1cc [ 2304.287509] ? zone_watermark_ok_safe+0x220/0x220 [ 2304.292343] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 2304.297814] ? __get_vm_area_node+0xed/0x340 [ 2304.302233] ? __get_vm_area_node+0x27d/0x340 [ 2304.306738] vmalloc+0x122/0x150 [ 2304.310106] netlink_sendmsg+0x41a/0xb80 [ 2304.314185] ? nlmsg_notify+0x170/0x170 [ 2304.318176] ? security_socket_sendmsg+0x83/0xb0 [ 2304.323032] ? nlmsg_notify+0x170/0x170 [ 2304.326996] sock_sendmsg+0xb5/0x100 [ 2304.330800] sock_no_sendpage+0xe2/0x110 [ 2304.334857] ? __sk_mem_schedule+0xd0/0xd0 [ 2304.339100] ? __sk_mem_schedule+0xd0/0xd0 [ 2304.343525] sock_sendpage+0xdf/0x140 [ 2304.347327] pipe_to_sendpage+0x226/0x2d0 [ 2304.351463] ? sockfs_setattr+0x140/0x140 [ 2304.355606] ? direct_splice_actor+0x160/0x160 [ 2304.360185] __splice_from_pipe+0x326/0x7a0 [ 2304.364493] ? direct_splice_actor+0x160/0x160 [ 2304.369064] generic_splice_sendpage+0xc1/0x110 [ 2304.373778] ? vmsplice_to_user+0x1b0/0x1b0 [ 2304.378127] ? rw_verify_area+0xe1/0x2a0 [ 2304.382182] ? vmsplice_to_user+0x1b0/0x1b0 [ 2304.386689] SyS_splice+0xd59/0x1380 [ 2304.390427] ? SyS_write+0x14d/0x210 [ 2304.394142] ? compat_SyS_vmsplice+0x150/0x150 [ 2304.399522] ? SyS_clock_settime+0x1a0/0x1a0 [ 2304.403928] ? do_syscall_64+0x4c/0x640 [ 2304.407915] ? compat_SyS_vmsplice+0x150/0x150 [ 2304.412488] do_syscall_64+0x1d5/0x640 [ 2304.416379] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2304.421652] RIP: 0033:0x45de29 [ 2304.424868] RSP: 002b:00007f073af1cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 2304.432559] RAX: ffffffffffffffda RBX: 00000000000350c0 RCX: 000000000045de29 [ 2304.439874] RDX: 0000000000000007 RSI: 0000000000000000 RDI: 0000000000000005 [ 2304.447144] RBP: 00007f073af1cca0 R08: 000000000004ffe2 R09: 0000000000000000 [ 2304.454798] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2304.462110] R13: 00007ffdf141e46f R14: 00007f073af1d9c0 R15: 000000000118bfd4 [ 2304.479681] Mem-Info: [ 2304.482428] active_anon:321782 inactive_anon:5607 isolated_anon:0 [ 2304.482428] active_file:34198 inactive_file:49162 isolated_file:0 [ 2304.482428] unevictable:1 dirty:337 writeback:0 unstable:0 [ 2304.482428] slab_reclaimable:18792 slab_unreclaimable:128112 [ 2304.482428] mapped:63979 shmem:5799 pagetables:14179 bounce:0 [ 2304.482428] free:947428 free_pcp:464 free_cma:0 [ 2304.518973] Node 0 active_anon:1284360kB inactive_anon:22416kB active_file:123404kB inactive_file:196368kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:255960kB dirty:1348kB writeback:0kB shmem:23188kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 854016kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 2304.548417] Node 1 active_anon:2840kB inactive_anon:8kB active_file:13388kB inactive_file:280kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:8kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 2304.575113] Node 0 DMA free:10428kB min:220kB low:272kB high:324kB active_anon:4100kB inactive_anon:0kB active_file:60kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 2304.603547] lowmem_reserve[]: 0 2557 2557 2557 2557 [ 2304.609771] Node 0 DMA32 free:57244kB min:36272kB low:45340kB high:54408kB active_anon:1280260kB inactive_anon:22416kB active_file:123344kB inactive_file:196368kB unevictable:4kB writepending:1348kB present:3129332kB managed:2621180kB mlocked:4kB kernel_stack:19456kB pagetables:54152kB bounce:0kB free_pcp:1264kB local_pcp:648kB free_cma:0kB [ 2304.641213] lowmem_reserve[]: 0 0 0 0 0 [ 2304.645863] Node 0 Normal free:0kB min:4kB low:4kB high:4kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:328kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 2304.672671] lowmem_reserve[]: 0 0 0 0 0 [ 2304.677362] Node 1 Normal free:3721168kB min:53612kB low:67012kB high:80412kB active_anon:2840kB inactive_anon:8kB active_file:13388kB inactive_file:280kB unevictable:0kB writepending:0kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:3072kB pagetables:2564kB bounce:0kB free_pcp:588kB local_pcp:256kB free_cma:0kB [ 2304.707277] lowmem_reserve[]: 0 0 0 0 0 [ 2304.711318] Node 0 DMA: 3*4kB (UM) 4*8kB (ME) 5*16kB (ME) 4*32kB (UME) 5*64kB (UME) 3*128kB (UME) 1*256kB (E) 2*512kB (ME) 2*1024kB (ME) 1*2048kB (E) 1*4096kB (M) = 10428kB [ 2304.728045] Node 0 DMA32: 679*4kB (UMEH) 616*8kB (UMEH) 582*16kB (UMEH) 193*32kB (UMEH) 95*64kB (UH) 18*128kB (UM) 29*256kB (UH) 33*512kB (U) 1*1024kB (U) 0*2048kB 0*4096kB = 56860kB [ 2304.747199] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 2304.758638] Node 1 Normal: 220*4kB (UM) 32*8kB (UME) 44*16kB (ME) 50*32kB (UME) 44*64kB (M) 29*128kB (M) 19*256kB (M) 9*512kB (UM) 1*1024kB (M) 1*2048kB (E) 903*4096kB (M) = 3721200kB [ 2304.775945] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 2304.786577] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 2304.795843] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 2304.805364] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 2304.814504] 45020 total pagecache pages [ 2304.818500] 0 pages in swap cache [ 2304.821963] Swap cache stats: add 0, delete 0, find 0/0 [ 2304.828784] Free swap = 0kB [ 2304.831813] Total swap = 0kB [ 2304.835611] 1965979 pages RAM [ 2304.838706] 0 pages HighMem/MovableOnly [ 2304.843165] 339077 pages reserved [ 2304.847993] 0 pages cma reserved 22:52:14 executing program 4 (fault-call:6 fault-nth:0): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x14) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(r0, 0x1ff) r1 = socket$inet_sctp(0x2, 0x801, 0x84) sendmsg(r1, &(0x7f0000000040)={&(0x7f0000000240)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x36}}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b2", 0xffe0}], 0x1, 0x0, 0x0, 0x9000004}, 0x0) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) 22:52:14 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) semctl$IPC_RMID(0x0, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)) ptrace$setregs(0xf, r0, 0x4, &(0x7f0000000000)="1afe40682d21d16c87a4d63db93a2284349a7b6febb958b35be8b32fcf7887e37920f988ca22819d26a0b7b3972864a2ffa392d678404ea8deda82628c97f70d50") ptrace$cont(0x1f, r0, 0x0, 0x0) 22:52:14 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) ptrace$cont(0x1f, r0, 0x0, 0x0) 22:52:14 executing program 2 (fault-call:3 fault-nth:70): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) 22:52:14 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) r5 = syz_open_procfs(0x0, &(0x7f0000000040)='schedstat\x00') ioctl$KVM_GET_MP_STATE(r5, 0x8004ae98, &(0x7f0000000100)) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r2, 0x0, r4, 0x0, 0x4ffe2, 0x0) 22:52:14 executing program 5: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) socket$inet_udp(0x2, 0x2, 0x0) r2 = getuid() mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$bpf(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0x2001001, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f00000001c0)=ANY=[]) socket(0x3, 0x1, 0x40000) socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x8914, &(0x7f0000000040)='lo\x00\x96o\xd6Q\xb9Y\xa9\xc8J,\x00\xd2\x97\x04\x03\xdc\r') syz_open_procfs(0xffffffffffffffff, &(0x7f0000dec000)='smaps\x00') sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x320f) ioctl$TIOCMIWAIT(0xffffffffffffffff, 0x545c, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x8923, &(0x7f0000000680)='lo\x00\x96o8\x0fd\xa1\xe3\xd7]b}\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\x1b\xe7\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\x186\xc5q@n\xb4\xb6s\xb0\x00\x00\x00\x00\x00\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2aj\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x16\x7fT\x11\xd3\r7\xe6\"f\xcf\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xf8s2\x9cVF\xd5\x18\xfe\x0e\x8f \x01\x00\x00y.\xfc*\x82\xa5\xa1p5\xc8{\xf7\xef\xab\xe8\x99\xebw#\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\xb9\rh^J-\xd1\xbaUn\x04\'l\x1b\xe0o\xdb\xc8\x91%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x03\x93\xe1\xcc\xe7m\x80\'\xf0\xa5\xed(\r\xa8\x0f&\xb1\xf3\xff0\f\x82%_\x92\x8bD\xb9\xd9\xe7\xf2\xe4\xc1i#\xdc\x87A\xb9\xc7\r\x92\xfa\x11\x11\xb5\x1f\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02P\xc3!N\xa1\x86\"\xd7\x04\xf1\xc0!\xed\xff\xee$\xc89\x8cB0\xd1dD\xe0IP\x88\xa2\xf2Y\x9af$$\xf1\x81\x96\xf7P\xac\xca\x80:!\xb4\x94#\xcb^\x9f\'\x03\xe3\x93\xb9\x82\xbf\xcf\xc4\xe3\xf7\x03Oh\xf2r\xca\x8ff\xbb/\x9f*\xaf\x1a \xa5\xa0?%M\xa5\x86\x98\xfa4\'1\xc7\f<\xcc@\xe8\x8a\xac.\xde\xe4\xc7\xf5\x9ck\xa40!\xe9\x14$\xb3\x05m\xb5m\xed\ft\x93\xd8\xa3\x80\'Y\xb9\x05\xbbt|\xbe\xbcz\n\xf3\xf5p\xf8\x9f~\x1b\xd0\v\x1cQ') ioctl$BTRFS_IOC_BALANCE(0xffffffffffffffff, 0x5000940c, 0x0) pivot_root(&(0x7f0000000340)='./file0\x00', &(0x7f0000000040)='./file0\x00') socket$nl_route(0x10, 0x3, 0x0) setsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000000100)={{{@in=@broadcast, @in6=@mcast2, 0x4e23, 0x1, 0x4e21, 0x400, 0x2, 0x80, 0x80, 0x17, 0x0, r2}, {0x8000, 0x0, 0xfffffffffffff001, 0xd1a, 0x2, 0x4, 0xd67, 0x9}, {0x5, 0x6, 0x9b8e, 0x9}, 0x9, 0x0, 0x1, 0x0, 0x1, 0x3}, {{@in6=@mcast1, 0x4d2, 0x33}, 0xa, @in=@loopback, 0x0, 0x2, 0x3, 0x81, 0x20, 0xfffffffb, 0x2}}, 0xe8) close(r0) socket$netlink(0x10, 0x3, 0x0) [ 2306.308832] FAULT_INJECTION: forcing a failure. [ 2306.308832] name failslab, interval 1, probability 0, space 0, times 0 [ 2306.321531] CPU: 1 PID: 11587 Comm: syz-executor.4 Not tainted 4.14.198-syzkaller #0 [ 2306.329419] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2306.332703] FAULT_INJECTION: forcing a failure. [ 2306.332703] name failslab, interval 1, probability 0, space 0, times 0 [ 2306.338767] Call Trace: [ 2306.338811] dump_stack+0x1b2/0x283 22:52:14 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) ptrace$cont(0x1f, r0, 0x0, 0x0) [ 2306.338826] should_fail.cold+0x10a/0x154 [ 2306.338840] should_failslab+0xd6/0x130 [ 2306.338849] kmem_cache_alloc+0x40/0x3c0 [ 2306.338865] sctp_get_port_local+0x2df/0xf60 [ 2306.365632] ptrace attach of "/root/syz-executor.3"[11595] was attempted by "/root/syz-executor.3"[11596] [ 2306.368462] ? sctp_unhash+0x10/0x10 [ 2306.368474] ? sctp_bind_addr_match+0x184/0x260 [ 2306.368486] sctp_do_bind+0x1df/0x550 [ 2306.394720] sctp_sendmsg+0x25a8/0x2cd0 [ 2306.398976] ? sctp_id2assoc+0x210/0x210 [ 2306.403057] ? rw_copy_check_uvector+0x1dd/0x2b0 [ 2306.407825] ? selinux_socket_sendmsg+0x1d8/0x260 [ 2306.412673] ? selinux_socket_getpeername+0x260/0x260 [ 2306.417875] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 2306.422903] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2306.427662] ? retint_kernel+0x2d/0x2d [ 2306.431555] inet_sendmsg+0x11a/0x4e0 [ 2306.435356] ? security_socket_sendmsg+0x83/0xb0 [ 2306.440133] ? inet_recvmsg+0x4d0/0x4d0 [ 2306.444112] sock_sendmsg+0xb5/0x100 [ 2306.447831] ___sys_sendmsg+0x6c8/0x800 [ 2306.451807] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 2306.456570] ? __schedule+0x893/0x1de0 [ 2306.460468] ? lock_downgrade+0x740/0x740 [ 2306.465325] ? retint_kernel+0x2d/0x2d [ 2306.469234] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 2306.474260] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2306.479062] ? retint_kernel+0x2d/0x2d [ 2306.483082] ? sockfd_lookup_light+0xb2/0x160 [ 2306.487583] __sys_sendmsg+0xa3/0x120 [ 2306.491405] ? SyS_shutdown+0x160/0x160 [ 2306.495398] ? wait_for_completion_io+0x10/0x10 [ 2306.500077] ? SyS_read+0x210/0x210 [ 2306.503724] ? SyS_clock_settime+0x1a0/0x1a0 [ 2306.508131] SyS_sendmsg+0x27/0x40 [ 2306.511661] ? __sys_sendmsg+0x120/0x120 [ 2306.515719] do_syscall_64+0x1d5/0x640 [ 2306.519641] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2306.524826] RIP: 0033:0x45de29 [ 2306.528012] RSP: 002b:00007f35fe88cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2306.535742] RAX: ffffffffffffffda RBX: 0000000000028100 RCX: 000000000045de29 [ 2306.543010] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 2306.550280] RBP: 00007f35fe88cca0 R08: 0000000000000000 R09: 0000000000000000 [ 2306.557551] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 2306.564814] R13: 00007fff731b57af R14: 00007f35fe88d9c0 R15: 000000000118bf2c [ 2306.572096] CPU: 0 PID: 11591 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2306.579991] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2306.589352] Call Trace: [ 2306.591944] dump_stack+0x1b2/0x283 [ 2306.595591] should_fail.cold+0x10a/0x154 [ 2306.599762] should_failslab+0xd6/0x130 [ 2306.603765] kmem_cache_alloc_trace+0x47/0x3d0 [ 2306.608353] sctp_add_bind_addr+0x6c/0x350 [ 2306.612592] sctp_copy_local_addr_list+0x2ae/0x400 [ 2306.617558] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2306.622348] sctp_bind_addr_copy+0xde/0x430 [ 2306.626678] __sctp_connect+0x618/0xbe0 [ 2306.630666] ? sctp_wfree+0x600/0x600 [ 2306.634471] ? lock_sock_nested+0x98/0x100 [ 2306.638768] ? sctp_asconf_mgmt+0x340/0x340 [ 2306.643124] sctp_inet_connect+0x127/0x190 [ 2306.647380] ? sctp_asconf_mgmt+0x340/0x340 [ 2306.651684] SyS_connect+0x1f4/0x240 [ 2306.655407] ? SyS_accept+0x30/0x30 [ 2306.659019] ? fput+0xb/0x140 [ 2306.662105] ? SyS_write+0x14d/0x210 [ 2306.665822] ? SyS_read+0x210/0x210 [ 2306.669437] ? SyS_clock_settime+0x1a0/0x1a0 [ 2306.673848] ? do_syscall_64+0x4c/0x640 [ 2306.677807] ? SyS_accept+0x30/0x30 [ 2306.681635] do_syscall_64+0x1d5/0x640 [ 2306.685541] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2306.690734] RIP: 0033:0x45de29 [ 2306.693922] RSP: 002b:00007f99fea89c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2306.701628] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 22:52:14 executing program 2 (fault-call:3 fault-nth:71): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) 22:52:15 executing program 4 (fault-call:6 fault-nth:1): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x14) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(r0, 0x1ff) r1 = socket$inet_sctp(0x2, 0x801, 0x84) sendmsg(r1, &(0x7f0000000040)={&(0x7f0000000240)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x36}}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b2", 0xffe0}], 0x1, 0x0, 0x0, 0x9000004}, 0x0) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) [ 2306.708910] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 [ 2306.716182] RBP: 00007f99fea89ca0 R08: 0000000000000000 R09: 0000000000000000 [ 2306.723437] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000046 [ 2306.730711] R13: 00007ffe45e906cf R14: 00007f99fea8a9c0 R15: 000000000118bf2c [ 2306.741736] device lo entered promiscuous mode [ 2306.780921] Y­4`Ò˜: renamed from lo 22:52:15 executing program 5: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f00110000421800280012076536e33008e3dc39800a00010076786c616e00"], 0x3}}, 0x0) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0) [ 2306.975365] FAULT_INJECTION: forcing a failure. [ 2306.975365] name failslab, interval 1, probability 0, space 0, times 0 [ 2307.062377] FAULT_INJECTION: forcing a failure. [ 2307.062377] name failslab, interval 1, probability 0, space 0, times 0 22:52:15 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) openat$nullb(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x8aa96751ed471680, 0x0) pipe2(&(0x7f0000000040)={0xffffffffffffffff}, 0x80800) ioctl$SOUND_MIXER_READ_RECSRC(r2, 0x80044dff, &(0x7f0000000100)) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = openat$cgroup_ro(r3, &(0x7f0000000180)='io.stat\x00', 0x0, 0x0) sendmsg$nl_route_sched(r4, &(0x7f0000000400)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000240)=@deltaction={0x178, 0x31, 0x100, 0x70bd27, 0x25dfdbfd, {}, [@TCA_ACT_TAB={0x58, 0x1, [{0xc, 0x4, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x7}}, {0xc, 0x3, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x100}}, {0x14, 0xa, 0x0, 0x0, @TCA_ACT_KIND={0xd, 0x1, 'connmark\x00'}}, {0x10, 0x16, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'vlan\x00'}}, {0xc, 0x0, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x9}}, {0xc, 0x19, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x80}}]}, @TCA_ACT_TAB={0x30, 0x1, [{0xc, 0xe, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xc9ba}}, {0x10, 0x20, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'sample\x00'}}, {0x10, 0x507, 0x0, 0x0, @TCA_ACT_KIND={0xc, 0x1, 'skbedit\x00'}}]}, @TCA_ACT_TAB={0x20, 0x1, [{0xc, 0x16, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x80}}, {0x10, 0x1d, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'mirred\x00'}}]}, @TCA_ACT_TAB={0x38, 0x1, [{0xc, 0x9, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x3ff}}, {0x10, 0x12, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'vlan\x00'}}, {0xc, 0x5, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'bpf\x00'}}, {0xc, 0x13, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xcd9}}]}, @TCA_ACT_TAB={0x84, 0x1, [{0xc, 0x18, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ife\x00'}}, {0x10, 0xf, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'police\x00'}}, {0x10, 0x5, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'gact\x00'}}, {0xc, 0x16, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ife\x00'}}, {0xc, 0x12, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xffff}}, {0x10, 0xb, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'gact\x00'}}, {0xc, 0x11, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ipt\x00'}}, {0x14, 0x7, 0x0, 0x0, @TCA_ACT_KIND={0xf, 0x1, 'tunnel_key\x00'}}, {0xc, 0x5, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x80}}]}]}, 0x178}, 0x1, 0x0, 0x0, 0x20000010}, 0x40804) r5 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$BLKZEROOUT(0xffffffffffffffff, 0x127f, &(0x7f0000000480)={0x7, 0xfffffffffffffff7}) close(r5) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="4800000010001ffb000000000000000000000000e1860ec681a8dce19e258cafa575ecd00d1ae6e49366bcc9f07e1185f1b346ff9b2a0efb8c922befc0f4d138ced5ef4a936fed4c5f934cce1443dcb954b24df785575aec68b31f8efe74b43753a91a667fa0eaa90d6e4318a462fbcb42b905ac71a986037575d36ae489dea975171f68b3c0a8a6a9b6a4", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc) r6 = socket$inet_udplite(0x2, 0x2, 0x88) r7 = dup(r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) ioctl$SIOCRSSL2CALL(r7, 0x89e2, &(0x7f0000000440)=@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}) [ 2307.167692] CPU: 1 PID: 11623 Comm: syz-executor.4 Not tainted 4.14.198-syzkaller #0 [ 2307.176233] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2307.186851] Call Trace: [ 2307.189975] dump_stack+0x1b2/0x283 [ 2307.193621] should_fail.cold+0x10a/0x154 [ 2307.198851] ? sctp_get_port_local+0xa47/0xf60 [ 2307.204602] should_failslab+0xd6/0x130 [ 2307.208590] kmem_cache_alloc_trace+0x47/0x3d0 [ 2307.213178] sctp_add_bind_addr+0x6c/0x350 [ 2307.217414] sctp_do_bind+0x2a9/0x550 [ 2307.221245] sctp_sendmsg+0x25a8/0x2cd0 [ 2307.225226] ? sctp_id2assoc+0x210/0x210 [ 2307.229289] ? rw_copy_check_uvector+0x1dd/0x2b0 [ 2307.234081] ? retint_kernel+0x2d/0x2d [ 2307.237974] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 2307.243373] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2307.248156] ? check_preemption_disabled+0x35/0x240 [ 2307.253189] ? retint_kernel+0x2d/0x2d [ 2307.257078] ? inet_recvmsg+0x4d0/0x4d0 [ 2307.261086] inet_sendmsg+0x11a/0x4e0 [ 2307.264907] ? inet_recvmsg+0x4d0/0x4d0 [ 2307.268881] sock_sendmsg+0xb5/0x100 [ 2307.272689] ___sys_sendmsg+0x6c8/0x800 [ 2307.276655] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 2307.281421] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2307.286179] ? check_preemption_disabled+0x35/0x240 [ 2307.291188] ? retint_kernel+0x2d/0x2d [ 2307.295075] ? __fget+0x1fe/0x360 [ 2307.298526] ? lock_acquire+0x170/0x3f0 [ 2307.302497] ? lock_downgrade+0x740/0x740 [ 2307.306654] ? sockfd_lookup_light+0xb2/0x160 [ 2307.311144] __sys_sendmsg+0xa3/0x120 [ 2307.314941] ? SyS_shutdown+0x160/0x160 [ 2307.318940] ? wait_for_completion_io+0x10/0x10 [ 2307.323610] ? SyS_read+0x210/0x210 [ 2307.327234] ? SyS_clock_settime+0x1a0/0x1a0 [ 2307.331650] SyS_sendmsg+0x27/0x40 [ 2307.335192] ? __sys_sendmsg+0x120/0x120 [ 2307.339253] do_syscall_64+0x1d5/0x640 [ 2307.343170] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2307.348482] RIP: 0033:0x45de29 [ 2307.351664] RSP: 002b:00007f35fe88cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2307.359717] RAX: ffffffffffffffda RBX: 0000000000028100 RCX: 000000000045de29 [ 2307.367005] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 2307.374273] RBP: 00007f35fe88cca0 R08: 0000000000000000 R09: 0000000000000000 [ 2307.381542] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 2307.388837] R13: 00007fff731b57af R14: 00007f35fe88d9c0 R15: 000000000118bf2c [ 2307.411020] CPU: 0 PID: 11626 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2307.419058] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2307.428443] Call Trace: [ 2307.431041] dump_stack+0x1b2/0x283 [ 2307.434678] should_fail.cold+0x10a/0x154 [ 2307.438868] should_failslab+0xd6/0x130 [ 2307.442867] kmem_cache_alloc_trace+0x47/0x3d0 [ 2307.447565] sctp_add_bind_addr+0x6c/0x350 [ 2307.452009] sctp_copy_local_addr_list+0x2ae/0x400 [ 2307.456959] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2307.461765] sctp_bind_addr_copy+0xde/0x430 [ 2307.466106] __sctp_connect+0x618/0xbe0 [ 2307.470082] ? sctp_wfree+0x600/0x600 [ 2307.473881] ? lock_sock_nested+0x98/0x100 [ 2307.478465] ? sctp_asconf_mgmt+0x340/0x340 [ 2307.482765] sctp_inet_connect+0x127/0x190 [ 2307.486981] ? sctp_asconf_mgmt+0x340/0x340 [ 2307.491278] SyS_connect+0x1f4/0x240 [ 2307.494987] ? SyS_accept+0x30/0x30 [ 2307.498596] ? fput+0xb/0x140 [ 2307.501677] ? SyS_write+0x14d/0x210 [ 2307.505383] ? SyS_read+0x210/0x210 [ 2307.508993] ? SyS_clock_settime+0x1a0/0x1a0 [ 2307.513396] ? do_syscall_64+0x4c/0x640 [ 2307.517350] ? SyS_accept+0x30/0x30 [ 2307.520959] do_syscall_64+0x1d5/0x640 [ 2307.524831] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2307.530001] RIP: 0033:0x45de29 [ 2307.533189] RSP: 002b:00007f99fea89c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2307.541191] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 [ 2307.548558] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 [ 2307.555827] RBP: 00007f99fea89ca0 R08: 0000000000000000 R09: 0000000000000000 22:52:15 executing program 4 (fault-call:6 fault-nth:2): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x14) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(r0, 0x1ff) r1 = socket$inet_sctp(0x2, 0x801, 0x84) sendmsg(r1, &(0x7f0000000040)={&(0x7f0000000240)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x36}}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b2", 0xffe0}], 0x1, 0x0, 0x0, 0x9000004}, 0x0) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) [ 2307.563097] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000047 [ 2307.570353] R13: 00007ffe45e906cf R14: 00007f99fea8a9c0 R15: 000000000118bf2c 22:52:15 executing program 2 (fault-call:3 fault-nth:72): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) [ 2307.658583] FAULT_INJECTION: forcing a failure. [ 2307.658583] name failslab, interval 1, probability 0, space 0, times 0 [ 2307.679597] CPU: 1 PID: 11645 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2307.681082] FAULT_INJECTION: forcing a failure. [ 2307.681082] name failslab, interval 1, probability 0, space 0, times 0 [ 2307.687532] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2307.687538] Call Trace: [ 2307.687561] dump_stack+0x1b2/0x283 [ 2307.687579] should_fail.cold+0x10a/0x154 [ 2307.687596] should_failslab+0xd6/0x130 [ 2307.687607] kmem_cache_alloc_trace+0x47/0x3d0 [ 2307.687620] sctp_add_bind_addr+0x6c/0x350 [ 2307.687635] sctp_copy_local_addr_list+0x2ae/0x400 [ 2307.687650] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2307.687667] sctp_bind_addr_copy+0xde/0x430 [ 2307.687683] __sctp_connect+0x618/0xbe0 [ 2307.687700] ? sctp_wfree+0x600/0x600 [ 2307.687713] ? lock_sock_nested+0x98/0x100 [ 2307.687735] ? sctp_asconf_mgmt+0x340/0x340 [ 2307.687748] sctp_inet_connect+0x127/0x190 [ 2307.687759] ? sctp_asconf_mgmt+0x340/0x340 [ 2307.687766] SyS_connect+0x1f4/0x240 [ 2307.687787] ? SyS_accept+0x30/0x30 [ 2307.778400] ? fput+0xb/0x140 [ 2307.781503] ? SyS_write+0x14d/0x210 [ 2307.785228] ? SyS_read+0x210/0x210 [ 2307.788857] ? SyS_clock_settime+0x1a0/0x1a0 [ 2307.793266] ? do_syscall_64+0x4c/0x640 [ 2307.797412] ? SyS_accept+0x30/0x30 [ 2307.801068] do_syscall_64+0x1d5/0x640 [ 2307.804965] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2307.810162] RIP: 0033:0x45de29 [ 2307.813368] RSP: 002b:00007f99fea89c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2307.821253] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 [ 2307.828547] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 [ 2307.835843] RBP: 00007f99fea89ca0 R08: 0000000000000000 R09: 0000000000000000 [ 2307.843563] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000048 [ 2307.850843] R13: 00007ffe45e906cf R14: 00007f99fea8a9c0 R15: 000000000118bf2c [ 2307.858144] CPU: 0 PID: 11646 Comm: syz-executor.4 Not tainted 4.14.198-syzkaller #0 [ 2307.866068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2307.875427] Call Trace: [ 2307.878025] dump_stack+0x1b2/0x283 [ 2307.881686] should_fail.cold+0x10a/0x154 [ 2307.885856] should_failslab+0xd6/0x130 [ 2307.889837] kmem_cache_alloc_trace+0x29a/0x3d0 [ 2307.894511] sctp_association_new+0x6d/0x1e70 [ 2307.899010] ? sctp_v4_scope+0xf7/0x120 [ 2307.902994] sctp_sendmsg+0x1bf1/0x2cd0 [ 2307.906983] ? sctp_id2assoc+0x210/0x210 [ 2307.911075] ? rw_copy_check_uvector+0x1dd/0x2b0 [ 2307.915844] ? selinux_socket_sendmsg+0x1d8/0x260 [ 2307.920696] ? selinux_socket_getpeername+0x260/0x260 [ 2307.925894] ? dup_iter+0x240/0x240 [ 2307.929563] ? kernel_recvmsg+0x210/0x210 [ 2307.933717] inet_sendmsg+0x11a/0x4e0 [ 2307.939083] ? security_socket_sendmsg+0x83/0xb0 [ 2307.944546] ? inet_recvmsg+0x4d0/0x4d0 [ 2307.948562] sock_sendmsg+0xb5/0x100 [ 2307.952283] ___sys_sendmsg+0x6c8/0x800 [ 2307.956323] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 2307.961093] ? check_preemption_disabled+0x35/0x240 [ 2307.966118] ? retint_kernel+0x2d/0x2d [ 2307.970028] ? __fget+0x1fe/0x360 [ 2307.973485] ? lock_downgrade+0x740/0x740 [ 2307.977624] ? sockfd_lookup_light+0xb2/0x160 [ 2307.982099] __sys_sendmsg+0xa3/0x120 [ 2307.985881] ? SyS_shutdown+0x160/0x160 [ 2307.989835] ? wait_for_completion_io+0x10/0x10 [ 2307.994537] ? SyS_read+0x210/0x210 [ 2307.998151] SyS_sendmsg+0x27/0x40 [ 2308.001674] ? __sys_sendmsg+0x120/0x120 [ 2308.005728] do_syscall_64+0x1d5/0x640 [ 2308.009613] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2308.014813] RIP: 0033:0x45de29 [ 2308.017999] RSP: 002b:00007f35fe88cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2308.025739] RAX: ffffffffffffffda RBX: 0000000000028100 RCX: 000000000045de29 [ 2308.033039] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 2308.040660] RBP: 00007f35fe88cca0 R08: 0000000000000000 R09: 0000000000000000 [ 2308.047935] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 2308.055196] R13: 00007fff731b57af R14: 00007f35fe88d9c0 R15: 000000000118bf2c [ 2308.080538] device .0 left promiscuous mode [ 2308.175343] device .1 left promiscuous mode [ 2308.654418] IPVS: stopping master sync thread 2113 ... [ 2308.761147] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 2308.768720] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 2308.777014] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 2308.783983] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 2308.791451] device bridge_slave_1 left promiscuous mode [ 2308.797822] bridge0: port 2(bridge_slave_1) entered disabled state [ 2308.805203] device bridge_slave_0 left promiscuous mode [ 2308.810799] bridge0: port 1(bridge_slave_0) entered disabled state [ 2308.820221] device veth1_macvtap left promiscuous mode [ 2308.825604] device veth0_macvtap left promiscuous mode [ 2308.830922] device veth1_vlan left promiscuous mode [ 2308.836086] device veth0_vlan left promiscuous mode [ 2308.906135] device hsr_slave_1 left promiscuous mode [ 2308.913279] device hsr_slave_0 left promiscuous mode [ 2308.929036] team0 (unregistering): Port device team_slave_1 removed [ 2308.939056] team0 (unregistering): Port device team_slave_0 removed [ 2308.949133] bond0 (unregistering): Releasing backup interface bond_slave_1 [ 2308.960530] bond0 (unregistering): Releasing backup interface bond_slave_0 [ 2308.987934] bond0 (unregistering): Released all slaves 22:52:17 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) r5 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_int(r5, 0x29, 0x48, &(0x7f0000000240)=0xd, 0x4) getsockopt$inet6_int(r5, 0x29, 0x48, 0x0, &(0x7f00007d0000)) ioctl$F2FS_IOC_ABORT_VOLATILE_WRITE(r5, 0xf505, 0x0) seccomp$SECCOMP_GET_NOTIF_SIZES(0x3, 0x0, &(0x7f00000002c0)) r6 = creat(&(0x7f0000000040)='./file0\x00', 0x2) sendmsg$nl_generic(r6, &(0x7f0000001640)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000001600)={&(0x7f0000001680)={0x13a4, 0x40, 0x800, 0x70bd27, 0x25dfdbfd, {0xe}, [@nested={0x50, 0x6a, 0x0, 0x1, [@typed={0xb, 0x63, 0x0, 0x0, @str=').]:\x84-\x00'}, @generic="3f1949befe8b38e4035fe8db0f0b9b8fc32063d5ccbd9d9e0bfa5b6647e595c672955af9fd552549e52e455017d8a8eae88e7aa66668c75ff0972be5b8d900f7"]}, @nested={0x30d, 0xb, 0x0, 0x1, [@generic="980ac22362cb8db39be756e0fb172d255a39cbbc9dd248c452ef57ec898d554fb08fdcb6b5ad1cac425037df23c5c237f7e50bff54476c48b967bddd0a4cf46a84ec2930157cdbf320df4f5236f58c7ba50f05c47ac5a204123d5440fab094e7b5340c6f378ed6d3047c27938563b3626f489357d9401e12922c189a1b7e497d5f2258778086ec8dbb01d9e2aa21c132619bf4ae73319be00c959e522728ae531c656da729a1835032083fbff87c78613f00a0de2e87fe2aa7373d8f669d83629632adb0ba9e13ff88ffcfb78f7fe0c4d65698f03a21001c7bca2600635c652c3b58c1b7b3", @typed={0x23, 0x42, 0x0, 0x0, @str='/sys/kernel/debug/binder/state\x00'}, @typed={0x8, 0x8, 0x0, 0x0, @fd}, @typed={0x4, 0x1a}, @typed={0x8, 0x45, 0x0, 0x0, @uid=0xee01}, @generic="08e4ad7913bbb94198046194de7c8a56d21fe184ee99d60adeaab4aac3ffe47516f5fa74a4753e548a74a1f0cece169a76c4", @typed={0xc, 0x42, 0x0, 0x0, @u64=0x8}, @generic="0c0b93e06e54395c7c920c9a1ec5b995da06f7ea4e3a833ef882c68612a7a7013ffffd5a72797ca1e96401007ef59dadef2bf6409a234eb1f89302f0b6bf353161a5b005c0a0f8581775984d6f207f0dfb41213c2a7a378f42b5a8c167150ea16a78add0fff15bc9bc122a1d38fb697629c5e9fbe3bb673c53af8192892c4857c2444ea62b191d934c89fe7d153ba91b6d0e9083fec655545e059ebe7503784458b1fb671fb6492b3f163fce67136f92dda36072ed7d9e1c223a69408b4dc6ccce7d89c93e12135ff66a7ad542c2d6abb7ff", @typed={0x8, 0x93, 0x0, 0x0, @ipv4=@empty}, @generic="d466155a475649e3ffeede0998eb3ddc7b5c02bc6d0d6e81700c2b3befb9f551dc6d694e5bf634301a11b9d32afdd207a4e65cd5a753db1eefc2bed97a8e2e3b4cdf0c18f10fa3d5f8238fbfe78089fe017f8e70295251c303dd52e0db1181c86bd5092d492456d11a48ecc1795d820f23e45857c3b4201d64de4b6b15879ea87b546cdffb8b4216845c1499c4ef963f11345b0ad4adfaedf546981803e55573809c2bf0c383f26e79fc458d2ef680d68c41af6916e6047e94875c4d1e6cd1da0761fc97399bb5824d2fe293ce89c21b6dfb01fa"]}, @nested={0x20, 0x8d, 0x0, 0x1, [@typed={0x8, 0xb, 0x0, 0x0, @str='*{:\x00'}, @typed={0x14, 0x1e, 0x0, 0x0, @ipv6=@private0}]}, @nested={0x1010, 0x92, 0x0, 0x1, [@typed={0x8, 0x3, 0x0, 0x0, @uid=0xee01}, @typed={0x1004, 0x2c, 0x0, 0x0, @binary="25230a5303ff48d62c50f8027dd1f707907a4c7feb47790dcd7d30611e268503eb94342c3f2bc765514c03ac0a6f5af1459fc16efa686b25734ce46eec24d5c3ae4a7ba50f0b647f8cb8155cd605e8b9eddd3ec1e280312ce4cf1e17605881b0fc83c35f2224b3ad7857fa119efd3c8d0b19d71993a9f69240ffd52ebc7977a7cfd3ea070e65eb65b384ae850b43dc0098cc41f61e12f02e7a6b003bf72916050d2309a8571fd0d640b4e433abf7880155eaebc4a670df0f2509f01d594a8a209dcb427601b28c9968d1d6ef0e10a1aae998fe2f706a7880ba22c4b74fa1d50f8cf03e919de272dcfed1171cd4483bb0ab8016ac69ae63160627e315de1650006810e5d0f4458bf0aef090ca528e8bba229b85753b09a35366915f63384069cbdbf68fa7c641905d0dbc5b39f90964617f4897f19a4d9949d65d773e9cc365abcdb3080fcaf09c9c3f8405b899e9f6dc6794a7514c63e6836e4f76eed764332305cdea57b3f1240725075fdeffe0e280b27b123489757576b055a9daecaf7f05f8e1220463b700c7ad89eb96a719fb87cbb42b41cbc28608c991d01a9a93e1857bec3820f2aa5507b2d78099ffe6c05516427f137d0519bdcb864cfc36904dfc81f116dc8729624d89214f7d4c4fca61addf7aac8ce7b60a2def2d240e7be27bb24a9495690b1ffacdea045785d864f17c87f2395989c4f8eaf0039616ef0bbbce0f6e22d19bbe7e59f1a2daeeccac379565fedba44b155866092024e1a5a604d7ce1c5518b1e51b63721e0254d2b7640ff8f0fcdb4eb5edd338c3d45e0f3e209c1dfc102e8e47958748438524ae3f8d5e451521d15781b2d9ef3311b3ed951b0072e8ab51953a13d36751f4bfce6cc49d524dd59e2dfff28456697d0585e4cd15e7a8516050dbc6c2b402b34a47a0c5a4b9501d6ccfdd731392f8d7bb7cdcaad247593b4c2f4112c1dfeea61f824ccf62baae1aa123d739d6d1efe0f28197bdd9daa1a23831b29114c698eafa731e5815590ba9867ebca34d5f4f0bf7c4f79a3497e78811784c6a8fdc753967eb7b7a47f341b3a85a3a9a66ce25fc819cde721585304958295f04adcf24af8d9ff060a6bad41493b0abe388490ffb2578ec4a02d7dbff8d30e57d2a3cf92f358250909cd5fe8cc09031a03d27296da42ae144544e898dde4d2bb4beeb54971c99bfeaa1b3ca66bf91a44ebd6a5d219c75aea79e441509665c4830a369ba86a03fa8b8b685e723b4f5e9a0a533ca8a35299947ba2df914172f8a0caee08f628769e66316acd8429ef99ab1233af39e77aff36d78adc91a0e096b1df7194a92c0b259443e7999a69f33b2b06137cdc50b53a6529c4c12610cc62bfc4136b0eec1d4014a39ec0e2a17ada863e7bea0859a7a78163a385e6f608645692d38f6f625f34bc24e60d9b24a978016fb5ff610cc4970f7677f14335dfd61ed71e66824e342f1f4b49499ae4f71e62a8bfacb5b40db9c7251bc975b3ef6fe3405d7c75c4bf0d999297d8368e7443b136d586107aa17fd02da316b6798df8bff8b417fae46081b5ecc4788e316a24515a4c2816b8628558efa0fd59b017e10fe405f454ced48ad430d9d1fb9557bb5ae3ac38e9b2c46437f86d3db00d49a104c12c3361f5ced8da940aa2ad463cd1c5d4571b5ee71c68a828112bc06d1e68f21fa67c0174cb63d52b38dce9b7190bb440c2b2bfe7f56cd5ab62724ea3bd9478617b32c8d93771743a4ea22b08e0cb8af52aab3b573a5a21631e13d6e7bf2746b17e972ebcc3a3f1dcf8a56cb3e3efa59fb250fb173029d1e0aa79c26e28caa41f5ea0516931919d3b2159ab657353738be60c75ba67affcbce5636d1df0203fbf023e5c6ce5e34b1cc5d651dd9fa994b9454e3bf20428a0e31110595e034aecaf0e291c9f3259244f61ce514c2d27af1ceb03e014a247a30e3fc91e00c76a7f3e4c9710f0b7788fb48ce24694cac629848505a6ac5d992af1be99cadea3af9e0eb33f3c31d7cd7e05584609c90063b4e743b31da493e31e2f8c93808218e81da489a09d18731b12b364b797c9876344c8c58885c8dfb5edc96c89635f7bac05eaec6b2cb3d280e84e09e4bd9df2479edbae23d62b72dbfd1719dfe39df1818678fe20c3b1f5a09b8c30924dc6815a398a50a87e99bc0a8b7cb99a564d4aa5bf27246b8d063cd47dc97a34e3b5a943c0c79c3af1169396bb520c476a67c8231786e6f4f882fa8c438b7dd804d7f8866eab991a87f4046746eea2accc6a41f64c6838a4b09b26c05d86f0bc3502c614aaa29e7f35e12631df9c40a4f431124c0ebd836d521433c192ec57dabe052f3a032edb024b1eba7eadab7df2a625f4ae1676f0faca65a9f73bc2c9f5284f2254d66384c3b9edb1a7fb212c1ecf97b1b06c690f3ea77e3649cfd2980ac4fab67a3269cca0690f9ddbfab3b0ce77afaa87475abd1a476a53a3f6c79b682ebb1ad68fb223c61de1281a79458bb9e1f74f0718cb0f0019a4f44d7ff7c9c716107fb765ed944d17e01aadd8bcb800ff5c3f8369eff6622d4a0d8125b44993416f490ef681e9e4437263127fe03bc8d8a14a21b54bfa6504289807d0f9f437405b2343284222225c32ed2bff51af54cfc40f3f37ed42b7c75ba806444f940f50a049f785fec933bbf0b508a10800b31a5dcd7a340942ffd86772c37cf0f5ec0a678485c7f4c9f917b9b4208e785fb4f8be356ee9155d277f20f1f59b6371dfd035df89575bc53cecde9e5ada4cd323433b8a0f03e49ca152ec46e5f75cef7d5aeccf60dd577cef4359c5d9580faba61b9c5525a88ef0eda110882d807795f7533275c41bcc5063b695038ea5a5616636d26aa8d532f16007e5ae961fd19b9572f26af3ee5c8e1cb4ad88127cfc9b5a593ef88d6bef8e31658afb2d513d744fca86bf744c2f688c2b0d0ffb4a824dbcf2cd1b5ef9d2ed06a825f34b6079c4e966daf8e8fd537fd0807704852eead9e7d531dcb9bc1672f5d441d388b82ff3ed1b511e48c99895c15173563372fdd9ea4cab46091eba6a4649f8c522c22b3cf478c3a19e31d03434067bfe2e1579385053d28aac1cbee9c27c123607bc0c50549ce134940a823fe52b839838d43e103e3a223c1bf1900085c8139efbd1db091826195034a1a253c282892e16724801d3ae7d28ce1e50c4cef3872b58c5afda59bb3ac6685473814bfc5b9f35c90e7a3c2d47d08c4b1cc71ad9608c3f516f9a89a55937410c6a06bb4db99da9b74bf05b2d34b2d76ced9b259aeaf757e5050760550fa93af7389fe7410366e5d101fbebff651e06df0949afe68ea0f6c2e5fa7c780da39b012da90ae7c0407c90fc33b6e0a5d211a3fc63897584c4748cf8b1fff844f932a750638ad5feefbc356020f3495ad48828bffab30b6f048be7cc912b5995aa4c8af89eadc8ad1b35130df40595c2f556ea3c35486c9e73cf2819b078ab8715a2ee3ee135f5694e25695b5110289c206c715d4a0740c389dc88784d60ee7419b21abac3cc768d1c4ff3d29e2375f383843df4922c3a054c9b0778241c4b3302f0b2e859ec78b7b7a9d11564d307e099bf8da1ab006cfe413aa93ade5a720cd137e80049a3e967bb668c3492edb52f683b25a90b5997849f850696b95b37fc95803ed9ccee8f60c44f5780bb12fcaa3551b9e8163107c920f76d77095f2e753929c32f7d0044ea0d569c244c315ee2a688de028da0e09666605e2c81b6b95ba9b06e221918370d97317118530b2ef0c255223581d915c12c40e9a9bfeb7a08cf20b7813c25c00b6a5f1e358983f864e4a41f67ff36d3cbf87baee7f75ae09eabe2ba5a1cc5cf6123a2ba01f185ba8840d1c96134b587d8e1f6456d487c6136e4ea05071eab7aa6f70cda52628a0c347d286c75010db54bbfee7b20c706e71781c5546228a898282362143fc887eec5df1fafacaad5febebf63a6217a01b44c74a441bd96c68405372578b979187cae28d2c7e89601c788539d41854cb8f7056419dd897b9de2c59b11cd187a67d860bab3e0f398b065aac999ff31ea665dc31289d54b24128ca6fef9f5d7a336a70f0174368a4a4660d1295ec636ade19a8623b2e2d4bdcb6a8e302dac5e77beeb6c3306ae0957b4032e558c468878a80ad82bb99dc22cc2ec7ca70d52e595bf50880fae39f12112b470f22d3508b1f191ac0ff5c1c862d70714489967e29ed800b2a05fef1dd3925a83d5a0ab6bf1f9cab3cae8323cfc0ab477852756765091c735bf0da9ffca1a0a8f22eec96b8dbc1fb670f820fb22c9bac080c2ec6f366cd9dc7e7c0199aa85471bf75b8bc4b8740f0478cd5e90d2a03f3ce428cf074192ade4b8f5f18bc4d78a1de1bf9db61a579c9650339d9bb51c9ed3d8477fdfa8c2ac8a99920e7fa5a5932f609289f124b59adb517dac4ad011682d549abf5404f256e782a03b705b9100ddd19834d43215338836e984803e33be2c37a58359146310f2c1595bfe2e555ffa1336b455a9bfab80fc61e06af7d714d76dbd1cf19b75524029e5a1a3f3249c1d7404745c44c42489b1c2cda6f1760cb1c79e41713a00d43824ddf84f69536d6d7496b5f9995833ba731e71f8361a9ff1c556b8fe6720fa9d18fd1db41601cbd0b87ed11651ca9a9666768ed6258a2574ee411442ff8621045a806010320695b34c3faad3ca16fb75cf28c61e6f69f66aceb15d8d4a630c5fe6422e83566a79213339861773b2d982debe0d00273f7e711abc11f040268c09ceccb89e996a584eb2437846e69fda3e4ffe0437184dddc69184d25289138b79fb011a4710ded027810acc2955c93edb9bd45dd236df9637f34a51adfcbeb35c5b0ed22a91f5bc11b9793ad0021b78751caed2c79c011aeb1be04f3ecd72206644ed65892b6d81de616ceef767f94864d9ff30d5b68fdb9b0769ec1792ebc3260de85d07fd624726108dd4ff62c48707fb17a2b61ad3d1ad8b10e53db884b466b11117d9bc3938f57e0bdf319671f91646a6bf3a86f28e72ee1b5466c5b252aa349067bff8da0b27921349d6448122210a2c58d2f7392ade4cb41249bbcac9abc5ae36a9b0c9fddc0b6a2d5f771516d738188f1a9e0ad1fe4889afd6b94ae8988078bdc72a31cea16fe4279fbc6fdcfd01efc7eb68543ad901aea2aea3b07c58ba5197aecc5f69c5121d598ad69828043759a1fce7501bb44050021dcbf3ade7c19d6022a9c0ed77e791006bf58945139fe89a873720d984592958e392be9602171b1e887d2f308b8da5d173e4585d81d3e128359a938ae67910b0e3e9bed0db05157f8c66b75dbd333c4e2e3cc6640a1f92788b3bbb8e7ecba3d6e95273c758514705d10b6addf4d44f769efd6405b0d8a17c1fa0c100a6a28b0d7ab6e8c2230bf84ab26f131ff2875277992afa4c047d02376925f59bc2c5e39483d718b9570ef27bb22664a69f74f2bdab91ef754cba47a66cb450bbc322c468947061a23fc455dc952c59eb9a7d19a001a143d14f0f0f5ed3515fa6ace274271725dd64378d720ff9e1fe077708ac726cc5af363b71707ff718b2ca38867f9aa3fde2e81e4665ecf85750714eedd67785c095767c95ce9d876228420833f9914092719303d0488733f19f6f8bc7d1603f737cfcd5f01b5236d64af5c2005ff86a976fd24892ee3839147abb1be1454a16bd288a7caf62e7a66c0cff510784ea3adcf022bf08e1bd0a80f7cd47f80673e8f4daf8d3f7341e91e22655e9d5237e34011dda5a9e3e2aa77d32af7203918265640f5d9c224cce01323aae176c737a0"}]}]}, 0x13a4}, 0x1, 0x0, 0x0, 0x24008080}, 0x20000000) ioctl$KVM_REGISTER_COALESCED_MMIO(r6, 0x4010ae67, &(0x7f0000000100)={0x4001, 0x1000}) close(r4) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[], 0x3}}, 0xd05c) r7 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) ioctl$vim2m_VIDIOC_PREPARE_BUF(r7, 0xc058565d, &(0x7f0000000240)={0x5, 0x3, 0x4, 0x8, 0x7243, {0x77359400}, {0x2, 0x8, 0x0, 0x8, 0x20, 0x6, "000100"}, 0x1, 0x1, @planes=&(0x7f0000000180)={0xffff, 0x4, @mem_offset=0x3, 0x9}, 0x4fc, 0x0, r2}) write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r2, 0x0, r4, 0x0, 0x4ffe2, 0x0) 22:52:17 executing program 2 (fault-call:3 fault-nth:73): socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) 22:52:17 executing program 5: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) sendmsg$AUDIT_SIGNAL_INFO(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x10, 0x3f2, 0x4, 0x70bd27, 0x25dfdbfe, "", [""]}, 0x10}, 0x1, 0x0, 0x0, 0x40002}, 0x10) close(r2) ioctl$EVIOCSABS2F(r0, 0x401845ef, &(0x7f0000000000)={0x80000001, 0x6, 0x6, 0x7ff, 0xfffffff7, 0x1ff}) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f83fefab6c3fcccc5bdbee1ff9b9c00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) syz_open_dev$dmmidi(&(0x7f0000000040)='/dev/dmmidi#\x00', 0xffff, 0x7051c0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_int(r3, 0x29, 0x48, &(0x7f0000000240)=0xd, 0x4) getsockopt$inet6_int(r3, 0x29, 0x48, 0x0, &(0x7f00007d0000)) write$binfmt_misc(r1, &(0x7f00000004c0)=ANY=[@ANYBLOB="d99c29b8910aec865f59e68427468a64968786979a4bcbc3ddc902a7c2d39ec7e4109f7990b59afa6d02a1c6032aa25e8d6265ecedef6f72bd822b63c00bf06379d9b7ebb6475cc74d8929fd051f1cdf43db262598b9b67bc58a316ce020ee202fe44c9a2b5af0bfdf35077167ee281694472853f52fa272b3098a8a274d30d05df736e0fdfff3d93b563b2556176047a9a1ea39cc6db63c6556bc9098eb646711347e8c9afe65ed1eb164621b0db24a4b92724ebdb120dcb51656e9598a40c6d98540e74cbbef3e85a17177413d81be13765e53eee283daadcf", @ANYRES64=r3], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0) sendmsg$NL80211_CMD_PROBE_CLIENT(r1, &(0x7f0000000400)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000340)={0x7c, 0x0, 0x400, 0x70bd26, 0x25dfdbff, {{}, {@val={0x8}, @val={0xc, 0x99, {0xfffffff7, 0x1d}}}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa}]}, 0x7c}, 0x1, 0x0, 0x0, 0x24000040}, 0xc8894) syz_open_dev$dmmidi(&(0x7f0000000180)='/dev/dmmidi#\x00', 0x1, 0x301001) 22:52:17 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() shmget(0x3, 0x1000, 0x4, &(0x7f0000fff000/0x1000)=nil) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$VIDIOC_CREATE_BUFS(r2, 0xc100565c, &(0x7f0000000280)={0x7, 0x8, 0x4, {0xa, @raw_data="da1fb7849c944133ef2a5a601751c13946103ec214d64138751227e5c19f0a8c282aa43b438dbc749c104242ab3fc2892cd4f4344d34d9182295af3dfd631f1e34a662723ac08b8b3680a4a2ce054a32f9028a5ffb08d012d560d877aee543a7a529ac70cff261e38e0452ef3311c48d45b2479cd5f62e21334c38a0e852acd0bfc1edb5eecd57b57118cfb894ecbd4b8fddd6ec2285616df90269fc6bc7b7f54b6816358ba2877e223ad08b99856b81a602382d956fa789d0623beae7e9ea4339ad3ed0d9360338"}, 0x2658913d}) wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) sendmsg$NFT_MSG_GETTABLE(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000080)={&(0x7f0000000240)={0x40, 0x1, 0xa, 0x101, 0x0, 0x0, {0x0, 0x0, 0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}, @NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x5}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x40}, 0x1, 0x0, 0x0, 0x40440c0}, 0x20040800) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)) ptrace$cont(0x1f, r0, 0x0, 0x0) 22:52:17 executing program 4 (fault-call:6 fault-nth:3): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x14) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(r0, 0x1ff) r1 = socket$inet_sctp(0x2, 0x801, 0x84) sendmsg(r1, &(0x7f0000000040)={&(0x7f0000000240)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x36}}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b2", 0xffe0}], 0x1, 0x0, 0x0, 0x9000004}, 0x0) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) [ 2309.390098] FAULT_INJECTION: forcing a failure. [ 2309.390098] name failslab, interval 1, probability 0, space 0, times 0 [ 2309.436845] FAULT_INJECTION: forcing a failure. [ 2309.436845] name failslab, interval 1, probability 0, space 0, times 0 [ 2309.442734] CPU: 1 PID: 11675 Comm: syz-executor.4 Not tainted 4.14.198-syzkaller #0 [ 2309.457015] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2309.466848] Call Trace: [ 2309.469441] dump_stack+0x1b2/0x283 [ 2309.473073] should_fail.cold+0x10a/0x154 [ 2309.477229] should_failslab+0xd6/0x130 [ 2309.481206] __kmalloc+0x2c1/0x400 [ 2309.484754] ? sctp_stream_init+0x8e/0x2b0 [ 2309.489005] sctp_stream_init+0x8e/0x2b0 [ 2309.493074] sctp_association_new+0x10e4/0x1e70 [ 2309.497753] sctp_sendmsg+0x1bf1/0x2cd0 [ 2309.501747] ? sctp_id2assoc+0x210/0x210 [ 2309.505826] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2309.511984] ? retint_kernel+0x2d/0x2d [ 2309.515994] ? selinux_socket_sendmsg+0x1d8/0x260 [ 2309.520841] ? selinux_socket_getpeername+0x260/0x260 [ 2309.526057] ? copy_msghdr_from_user+0x218/0x3b0 [ 2309.530817] ? kernel_recvmsg+0x210/0x210 [ 2309.534976] inet_sendmsg+0x11a/0x4e0 [ 2309.538775] ? security_socket_sendmsg+0x83/0xb0 [ 2309.543533] ? inet_recvmsg+0x4d0/0x4d0 [ 2309.547984] sock_sendmsg+0xb5/0x100 [ 2309.551701] ___sys_sendmsg+0x6c8/0x800 [ 2309.555675] ? get_pid_task+0x91/0x130 [ 2309.559664] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 2309.564420] ? lock_downgrade+0x740/0x740 [ 2309.568573] ? __fget+0x1fe/0x360 [ 2309.572047] ? lock_acquire+0x170/0x3f0 [ 2309.576018] ? lock_downgrade+0x740/0x740 [ 2309.580373] ? sockfd_lookup_light+0xb2/0x160 [ 2309.584933] __sys_sendmsg+0xa3/0x120 [ 2309.588757] ? SyS_shutdown+0x160/0x160 [ 2309.592734] ? check_preemption_disabled+0x35/0x240 [ 2309.597775] SyS_sendmsg+0x27/0x40 [ 2309.601331] ? __sys_sendmsg+0x120/0x120 [ 2309.605402] do_syscall_64+0x1d5/0x640 [ 2309.609315] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2309.614528] RIP: 0033:0x45de29 [ 2309.617714] RSP: 002b:00007f35fe88cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2309.625420] RAX: ffffffffffffffda RBX: 0000000000028100 RCX: 000000000045de29 [ 2309.632779] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 2309.640049] RBP: 00007f35fe88cca0 R08: 0000000000000000 R09: 0000000000000000 [ 2309.647411] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003 [ 2309.654709] R13: 00007fff731b57af R14: 00007f35fe88d9c0 R15: 000000000118bf2c [ 2309.662000] CPU: 0 PID: 11677 Comm: syz-executor.2 Not tainted 4.14.198-syzkaller #0 [ 2309.669894] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2309.679253] Call Trace: [ 2309.681863] dump_stack+0x1b2/0x283 [ 2309.685531] should_fail.cold+0x10a/0x154 [ 2309.689697] should_failslab+0xd6/0x130 [ 2309.693681] kmem_cache_alloc_trace+0x47/0x3d0 [ 2309.698303] sctp_add_bind_addr+0x6c/0x350 [ 2309.702548] sctp_copy_local_addr_list+0x2ae/0x400 [ 2309.707491] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2309.712261] sctp_bind_addr_copy+0xde/0x430 [ 2309.716968] __sctp_connect+0x618/0xbe0 [ 2309.720958] ? sctp_wfree+0x600/0x600 [ 2309.725118] ? lock_sock_nested+0x98/0x100 [ 2309.730188] ? sctp_asconf_mgmt+0x340/0x340 [ 2309.734552] sctp_inet_connect+0x127/0x190 [ 2309.738798] ? sctp_asconf_mgmt+0x340/0x340 [ 2309.743146] SyS_connect+0x1f4/0x240 [ 2309.746891] ? SyS_accept+0x30/0x30 [ 2309.750522] ? fput+0xb/0x140 [ 2309.753622] ? SyS_write+0x14d/0x210 [ 2309.757334] ? SyS_read+0x210/0x210 [ 2309.760962] ? SyS_clock_settime+0x1a0/0x1a0 [ 2309.765376] ? do_syscall_64+0x4c/0x640 [ 2309.769380] ? SyS_accept+0x30/0x30 [ 2309.773017] do_syscall_64+0x1d5/0x640 [ 2309.776915] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2309.782140] RIP: 0033:0x45de29 22:52:18 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}], 0x3, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) ptrace$cont(0x1f, r0, 0x0, 0x0) [ 2309.785326] RSP: 002b:00007f99fea89c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 2309.793042] RAX: ffffffffffffffda RBX: 0000000000002380 RCX: 000000000045de29 [ 2309.800409] RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000003 [ 2309.807686] RBP: 00007f99fea89ca0 R08: 0000000000000000 R09: 0000000000000000 [ 2309.814989] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000049 [ 2309.822284] R13: 00007ffe45e906cf R14: 00007f99fea8a9c0 R15: 000000000118bf2c 22:52:18 executing program 4 (fault-call:6 fault-nth:4): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x14) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(r0, 0x1ff) r1 = socket$inet_sctp(0x2, 0x801, 0x84) sendmsg(r1, &(0x7f0000000040)={&(0x7f0000000240)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x36}}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b2", 0xffe0}], 0x1, 0x0, 0x0, 0x9000004}, 0x0) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) [ 2309.982739] FAULT_INJECTION: forcing a failure. [ 2309.982739] name failslab, interval 1, probability 0, space 0, times 0 [ 2310.031810] CPU: 1 PID: 11704 Comm: syz-executor.4 Not tainted 4.14.198-syzkaller #0 [ 2310.039731] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2310.049124] Call Trace: [ 2310.051721] dump_stack+0x1b2/0x283 [ 2310.055362] should_fail.cold+0x10a/0x154 [ 2310.059515] should_failslab+0xd6/0x130 [ 2310.063504] kmem_cache_alloc_trace+0x29a/0x3d0 [ 2310.068181] sctp_auth_shkey_create+0x58/0x130 [ 2310.072768] sctp_auth_asoc_copy_shkeys+0x1d1/0x2a0 [ 2310.077793] sctp_association_new+0x149a/0x1e70 [ 2310.082500] sctp_sendmsg+0x1bf1/0x2cd0 [ 2310.086520] ? sctp_id2assoc+0x210/0x210 [ 2310.090612] ? rw_copy_check_uvector+0x1dd/0x2b0 [ 2310.095382] ? selinux_socket_sendmsg+0x1d8/0x260 [ 2310.100233] ? selinux_socket_getpeername+0x260/0x260 [ 2310.105428] ? dup_iter+0x240/0x240 [ 2310.109068] ? kernel_recvmsg+0x210/0x210 [ 2310.113225] inet_sendmsg+0x11a/0x4e0 [ 2310.117376] ? security_socket_sendmsg+0x83/0xb0 [ 2310.122677] ? inet_recvmsg+0x4d0/0x4d0 [ 2310.126678] sock_sendmsg+0xb5/0x100 [ 2310.133707] ___sys_sendmsg+0x6c8/0x800 [ 2310.137695] ? get_pid_task+0x91/0x130 [ 2310.141588] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 2310.146374] ? lock_downgrade+0x740/0x740 [ 2310.150539] ? __fget+0x1fe/0x360 [ 2310.154608] ? lock_acquire+0x170/0x3f0 [ 2310.158587] ? lock_downgrade+0x740/0x740 [ 2310.162754] ? sockfd_lookup_light+0xb2/0x160 [ 2310.167265] __sys_sendmsg+0xa3/0x120 [ 2310.171078] ? SyS_shutdown+0x160/0x160 [ 2310.175067] ? wait_for_completion_io+0x10/0x10 [ 2310.179753] ? SyS_read+0x210/0x210 [ 2310.183388] SyS_sendmsg+0x27/0x40 [ 2310.186936] ? __sys_sendmsg+0x120/0x120 [ 2310.191028] do_syscall_64+0x1d5/0x640 [ 2310.194950] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2310.200584] RIP: 0033:0x45de29 [ 2310.203765] RSP: 002b:00007f35fe88cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2310.211599] RAX: ffffffffffffffda RBX: 0000000000028100 RCX: 000000000045de29 [ 2310.218959] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 2310.226231] RBP: 00007f35fe88cca0 R08: 0000000000000000 R09: 0000000000000000 [ 2310.233587] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 2310.241464] R13: 00007fff731b57af R14: 00007f35fe88d9c0 R15: 000000000118bf2c 22:52:18 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) socket$netlink(0x10, 0x3, 0x0) r5 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm-monitor\x00', 0x109400, 0x0) sendmsg$nl_route(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) setsockopt$inet_MCAST_LEAVE_GROUP(r5, 0x0, 0x2d, &(0x7f0000000100)={0x0, {{0x2, 0x4e20, @initdev={0xac, 0x1e, 0x1, 0x0}}}}, 0x18) write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc) r6 = socket$inet_udplite(0x2, 0x2, 0x88) r7 = dup(r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) r8 = socket$inet6(0xa, 0x6, 0x0) ioctl$sock_kcm_SIOCKCMUNATTACH(r7, 0x89e1, &(0x7f00000001c0)={r8}) splice(r2, 0x0, r4, 0x0, 0x4ffe2, 0x0) 22:52:18 executing program 2: r0 = socket(0x0, 0x0, 0x0) poll(0x0, 0x12, 0xfffffffe) pivot_root(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00') ioctl$BTRFS_IOC_INO_LOOKUP_USER(r0, 0xd000943e, &(0x7f00000000c0)={0x0, 0x0, "093b65fd555ad57fdb414b22c12b74f3be512e38268870f0588a4ca5ad2f932f65f88222aee5b002089db208d659a8db6de7b7eb5dbe4c84c614e51297c85aeb4fd5d293e7893d814e82d1f120d077368bdb822a755ec48bb66784660d3a7e4ab262576d888c9ca7005c27fd4ad35aabda8e4917f40fb0391ccd58f502e0f17c7ad9568bbfdbb137bb18448c02ab829d31b7ebb72943c645571a3f5b1a49a6cd0f44e88adf11bb4caaf61dc6cd2a1a185c3c94536d331bfd448cbdfcfe546b382b2a61b190e88336601a8e098d59d3512446351393a91761b159691e7165f07a458841ad4f4121d987ed979d5166d877b9a464bd6148c3d7c1e37a0d92eb2cf5", "0682308b1634bf885799df60f9485ee6c952da4f7c7222fb6f9f8e0b296a2392b59327412c01a5640b58a4d4dcfc241654bcad2f1170174389caaadc0745f1bdae803edcab7c00cfecec7b6d3567de2fbc390ea03796009d2ff545f8c05353420c01bcfcc4360c9553956566decaee2d49a88525718dab6be9fb4e11b5c87b732c84be099d053bab6cd1b85ef81c88bea06a5b57c3ce274f01df37fd3ef77576faa63201d4df41541492a2aa0370d2d77506f8b71b2bbbba913370bb2642ffb8ef30fa671729043af939534819bcfb22fe7a421aff1e4b3b55b251f8946d0ec001fd5cdcef2f175ae25ff68fa62d4aea4e4f40e9e70068eda42e789429ab665b6a57e8232cb141e71dabe42a618873539906b92708d1cc0cece949fb8f4536b8c7150b42616d591eef03d930d80120cc9a5bc46adcfe26930a49bd2e12aa2ddf0a8d97119c67426b983b309611264e310938ab45e905f3bc38a57b3c7670ccdc84160f8e7b79e1225e5a6938b612818b699472ac544f83b142832894ccd74c11db2e58872d0e3fb34243a32a7f9d7f67d0ebd042cfb2eb4d42342ba3aecdee1ba62aa7dda5469f186fd2576e881a7a9fec596abeb83c64a8624f11ec5d65c8405f01a2a0b77752b905648e1c95b48c16acffe03384e481f93cda2acfc2f31386e2d92b7ad61763d83e0034ee294b59c5e944c4a2330a6f73742c05c49eeb16d4c9600a8c94de1d2fbacf4890f0663fb9c99e73e567b96e3ee672161c558bea25e38289ef87225fd59a46bc9b20d67a4a4c702c6cf3bbd6789054f353766142cd1cdc7d9df2c995c3e4702135e7b60eeb4153506fd380e24ffe84672607922655b43ac3c27aa98d4b5617057584d557962f5f658c019d7451c1ed6693a3d9a5371e90d69eaefab48f0ae7570591f0eea1cd895d69f84552c97eed1faa70705a2ee80fc77cbed081d73abea2600a8cfdab55b4cadf73a6e3cf0eb5cb18c1dc5d86a1a9552ff4c4d2b83ec7b5f0b74b9211e8e426142d63e33cb4537643e41127b99a6a087e38c08feecaf43823ec4ab1b4f13e30ee48fd6665b775fe73e69fc2536c1c469881755f830516d6093471c28bdac21725b84f99ae622b8a6fd2f01e2fe9c3068a0e6bf3687739ba30d951ade89f269d880ed25eb487eb3e51082e967b48a94c1c9c0b15b9d787e39a81c04b911d5dc5659d5ab73af25c054be04d1279422a767d20156700fae2aec8ae7ae5c05b6d61cc9346b67934a01295babb8d1eac3aa1c7f95abc63549b1e3e94c3a63f93e2fbb29cd48dbed9c81569afbed0f82e659bfad13ab0ea04af8331d1bea264669355b181b28cb97cb6fa18d1d76982c16443465855c8412a78ee812a4367c61b1356aa7f7876143b675c81c7035c6e40406c54236d17257f587ef5e06379f8a46badd831230dd223f698e6f1db6557df981bd635e816d6370fe3878d613eafacd6dafed5e61ec1d31703336efdb1228d7d62cf9c0a099e13f14720235f07cb2fcaf68a6e90653042a2097c23edd890c1caa073a071aa9cb5bcda689d62f380c00c4c80270b7e89e5dd4b8285979515f127e95a43ba8972093becf5b12007db17b60fdd368e534e7211ff045498a0c943e45ce9eef21b50bff13c326b3506da8ed8a69582d0d34cb848ef94a0d791c31b107fed7c3298712ffafdfd20bea9124c7ed46f7bb48aae6f6cd58ac3f814569f2a55cf5a0efee3d1822b7fed286d98e127f144e4cca68a2f900b915bcf7a8657f1b205a4330881fc926ced72b6a52af79eaa659a753696139f03ee653b9161076be76ca8b2fb4890c557a373ef86bb0caa788e7c18b7258b0327a463eae7e0580206cfc3a79e5c898807ba7f000f9907b49290327f46bdf289342b324b18a23638492f4afd7e2f257bc6f5c7d4a1c9cff2b9e97107d76211b330c0075fb5609c06a5cef5868f84a0bbe680f3482370d7094ca1aadc68ec9d94aabfe6d050f19e1d401e492af6cb872c42d85602803fefe06d6bbb4da7a33bfe42456101b04e83daf542a09789abd39be37055ec68ae20e1761d48346c8ace3446de4a3237ec3cc2fcf484e2b485911e348305a9b86fc300f6e81610883383e317e53a7b4619d283efea9fa030fb254dcfa055020f0d6853a44fd931f2e14911fc1cab42aed49092997b9f4b603b4596d0d4ad079ff8f55d1d681f356c77fe8bde287add71481f4ff0d0e4455ae19e798451e8cab103f3afac85483abcd9c3e50acfbedc6e4fda7409b5fd49a5c616707e148fab44bc0de3107a5358cfa226be62b8d02d2c8062eac9eed187dd0f71f53abd21460f623677057ab41347629ba4ef557da46ab0ee3ad8e9acb37b7bdde5b4cd1fed9c7fbb95a8afaeae5a396e90a965c52e92420a90540ddd66e95c601666e0a75582715ad05b1c4e1e216e881e1d6808eb015ad50a3bbad7d1a776c5bb2af7fe510d4fa24ba03283d83126979022891ba672fb5420e9e5db32614824c016831a4156d4f2791871ba72ece84415e26f77e6c62a1ee840218171a322db460e1cda5454fb526402143029facfa71a2194ccc15e3e224a2c78771d183dfa290acc50e775536f1094d49d8acf8972a90be021625109f4a5b451b950bbb86c2fd27c85640666ee84d9a32a34dfb865195ee44f210c4b28f54fb92d4ea060677d61d6a756e8392bda79460789ad6812999a9ea8092668653d47c9225270d1eaa35f6f568c3d726580cb0a68f2716d041210e619388fd2b704c4f3ad2dde80b53486703a67f86134c479c514b4c9fb1090d66e3f5db51e78009e51a2dda3c22a6f9e10b12b5cd96322ace5973fbe440a6f7b10c74f42ac6de26aea5c7aa4b853d969798b9be661dcc18ba53282d59c4667057785cb8fdaafe7bcb909441dc0832786375bdf95e60c94058955eefc72562225594f124091bd4f5986f7e4ae8beddc9d273d8530213f1933438900509c21120f4548970148d65efb3475cd86f5d6414a60e23170b95c98f58e83ab3105ca694c7dbe343896f9880078ee8a6f244f35ee0becef1901a9455e6fee9ac69eeb46a6dcb3189e07891bab5d8b616b4be297eb8269590d1a1712c28f03df2c33b6f4731d4bc5dc17e66e35c8540eb887dd8326a0915df49db6c87f184c7cd0053e17ed579d67e85b4cfeb34b4df2c33bf14a4ef8b44fc0eb967d7b5264ea3f3f661ac51bb51cdc4a143c0b589812bb9c2abe3d9afd64cefe4215921998b7b31249fc3e2fa81dddf0f230ce690c1cdf36b2ad47accc073deaaa0a030ad82bb3a6dfa1908e235d3a6bf1474fdc5afc64c12e801924ab5d61e3dd5e81dc5f280b451b1065b8cdaf81844229fe0f75ea48755c38952a879e6bf3c1efd0b6a661b6cb0ab8b1c147a95c8ea29db9760027cd0d4cd98627d2132f8bfbfb9c30a2e85a163e70cabbcc4a2e3c4cd6bdd58c07d8c0c8f612f7c4296b0e181df048e85aeaddf5ed770de4ba6201bfcb637bdfbe9798638970f981522bca9cbf1160fd33c61ea13c6776c19ea91d920681ac66ecdd3783a0ed94ae85a01336c544bad5fa5ad6d48be8f602dab72529dd469da4d4bb2ae2c58a1ba8f38e42cbdf47744b0a80c0ae3aa556d38d36850307093f4777376847d06c7997a07f12b56bf6e21dd618efc7891b870a8126b5eb485ba6e77beddd167db241ba7f369e8d9d2ce61c19416e30a991e173ee09cec64748de5704e15e1f8589f054b4115d45cecf30914b868fdd61af1bf616781bda7ea8d9fac4223af290f00da1dc8f6823a8260f64fc99242f7133d53913a4edda54819414517347f2dc980740fd6c6e55801946d5dda3f9d3d73c5a8ec571426d145165166f4fc11f3f4d5a3e5474bf9ab45ae62711c46202af062f2dbae924529c37ffeb6d5816548f475466db9f5262f07570462c8bc97d297ca0ad4d8d292fe123cf1b41453d6dc00d524f0ff5cf37eb6c4a7cd108721e56e3d5e0840b74b001a79b8204915d43d4db36b3c72aed4d821f55bc177c758034270ae07ffbcb1068b743d5e11209391582d0d7ca6dbc32669ac09027ba53f8db99685e97ca4ada99f6c5f9d8b56b2d6d448e4541ed4be45861e1950b162b5a5db4310d32a5038e1437dc4d7081393c250e7c2233012326de888004ae6b01db831e136adb4880af7285800cc9bdc7a54995de329af7824b5b31e1bd1f978f57589465b7c182af97538f8e301e5300316902c3f8fab833313dcaf8c7cc3a5a7ad00095039ae3165c542b5a0ef51e103c88d6d9435d45e520efccd9e8458397861e4a149e9517ec2820c602771eed54c0902040ca195ba6461f2a0c2a061f3a2be4cdf20cb211b59a9a674c09146a6bfb8f4f65280c4fa733c261a5cf49223299ab4b9cd45de5bdf4cf2f8542994fff156dc9d58f8093329155228d3e2fb7e795220b85ab8eef969a79033f954c519d1882f7425becd99529220e41cf799863a6d2c3171c7cc7f053ed97a858cc745efbc6d64bd28d445a6f85f755b2665f48c358ad18fe49e8ec6b828570fbf28b827e8ec5d992a17ad61edc59a19a4e37ed71362a08cc3c69bdc9943989e59e7db614e148e919c91fc87d678421d9b7ad3062e184f8da711593b1d917c5bde9062dea6bdda171930306be82639056a7194e816f5e10ede84a1f3aa284e12b5b8c76731e268a110b036d6c42679cdf1b18c02cfceaaf063c5bc8ba9885417b7ac83e79793f0c478071ab6af5818f5dcd776c1b02bf7c1f1231a2436bc24c12285f77c2e1ffb27774af48ad693f76b2ce63cc29910e76221da9c213b5243ece846d25a7a3755b95a05d268206c380119dbe70f3fc58d8c666618a97d1bd904661d7dc38810977df46691473724353bfd541f49322d0b7cbce5855c227c8cc36c46f995d462884e26b051b5206431697b645845e18f623705dec556f14a2527a4fba655bb5c5704ab9884d162a75cf94fccad814c913561bbecdaddcb443d2925bf1ea56715da62bdb943b723a591b7329eae2b0087e487db913b27943037059146fbf97164e91aae46a967b6b834100c2ebe4ce0884dd4c94ba9bc0fcd098ba321c4a292ebfe3a9bf6f8c0685914c0eb5d4430f7a0e43a62b96cd00954f8f847cddb3f5f2db03da64f751920f45aa9196bfe6950cf59e478f60d868746bb6949f22235c4ad2d88f7dc3f0e23ec14f45edbe980a7495810da655f8c1ea53cc947b09ba00436181e4160d944df8778dda69947188841eddd5c4035ee4a3f885ed0ed456625df760375e00eaaae5b407fceeab05bc69cbd412d202a0945646d862e9545e07555a51104af215777d5672cc13b260371fcde1ec11aadb3aadd2cd9b085bc59eeb15e5e360193d32d30af538f2a4b542038a5cef14c800bef7aa550effab697075e111e9f79032"}) ioctl$VIDIOC_QUERYBUF(0xffffffffffffffff, 0xc0585609, &(0x7f00000020c0)={0x1f, 0x8, 0x4, 0xe020, 0x401, {0x77359400}, {0x3, 0x0, 0x1, 0x8, 0x3, 0x5, "42f9b562"}, 0x2, 0x4, @userptr=0x7cf35040, 0x200}) ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f00000010c0)={r1, 0x0, "c21f1bcd13a1342ab5f469e07e7800c617f29ea76c5c3702451daa4f68637e2bad269955bf5221661d4b4e3515e3beaeed1b7fd6aa3155506325a6379ecb5e235302c9eb258331f316f070061e0c3305bb9707aa4afccd1acf114bd2ad604e1f47f9d915ea467d8867803cca0d2c38114980dd017f52bfed4379b1990ce724bcc0bf809315b851000f4589b53ae0565288369552850cb1c72319aa5451dbfee871d3197de121149fcf24838b691352a831c4607470f885a658d657762159475a602d21b871d589e7350e9cd3a3efebe24096ac2856261e4e7d0192a3dcfcefe76fa2e1b33cb6dc64fba040baa88c01fb6b876cc7f52f1b06010d420b53840982", "6ed54cff46312560ed78f65d96ba3269d45661b75e9f848965aa568cc9d96d0d5d741a39ec4517b0054152b9ef89545275e9fbc45cc039be7720f793c72d359939ea5cab9953d47ebaa75e627571e4acad55bbff9d7758f132f103db3c8999e49b64e5bdcaeb68cc7eeef78a7ddf2a19b38ef29f503bb31f8c2708984d52543dd3fe2d76bfdd1798c39ae58b674a6145b9d71f7421756348277e25b35d752633daae4a76743848bb4a629741d10353601f69704a021dc73eb3d107ca68ba70fa246bd280db5a8abce21237c50622825fc2e9056714776f001e6c712bb40ac14603efa178335f4cdfd0d93fb42660c119039c2f66ad496bc6409a3eca95c4724cda6f2b5fb18b5fdcb8a99d61ebc37d9ca3f1739fd92e7c639c1f7b7f329b65316d1f91c170f577dfbe516e76b14d0cf73b50a2a9f695bc79e544663ee9b9bc061547be23896809a93e1e90c91cec7e7ef1920fbc885325948cb2c04f8ae6b491e03970abf1c9f32e274050f89ce802e795b734e16d2238a4788062eba6de694e68e9a3d55eff28ce9f63d13aed9db67ae30b9df8d5e2301961aebf69bc5a6152b6c0f62ca82631fa50d1c821807845377fac5baac5947f42945f4dddbf5a6bd39de9779c821367481bb4505a8956fdeaabbe77baa5981a4a3d7527f0170631c8e87724e5be6700a59671f17ddd7c2ddaf057407c761cd01ff84eba61c8c630e59c8e0643b8557b2f27b50a37503c1c49a4509185a70cec8cfe701a72ebd3f88c397795628abc6f1310c476a29d801967c410fc8eb0586519c0728d24521648ac37f5f82eabf10144e6ad3a965af0bac949219a422c0bcfa3fcadf4ddc9631ea4dfde0b06191e0e57fe61092106e886381b45e4c737bba2613b84b56a31892d1a979bf9879b5dac8cf6ee695daf029ea20de00a9b69252c5e68d94d2ee586f08af99db2fb5b4a5315c60e047b6859d1b944e9b1f908e4b0cbdfec36aede4b63ad03fd9b52354373aae52de4c52ac2741f619088c7d83533f470234c9dadde93d0e9d9353797bc30dde522008f3a784ceb9f08ec455b21af2723bb244ef303b008883bceb5b5bfd71a82908f8c651b274f4f0dd8086080932e012f7f73f1c03641b576d16ddf32c9ce9f353620946d32bb753fdfa9dafabd8d7f81f02bac5fc61d56658930edfc3735f30026b48513304c49675ca57716b841de2578cf5acc3d943974814cce8ce8884c990fe0a14600c296527de5349682aa777ae03bbd6c1af458ac0754bdaf9a61b2aafb66b73e80696a3a44ef1c57d792d15d2c53166c09b4eacb03930373cf6b7df8a36a1b6405e21d09593a4f81dfe0c8875d8e611cebb2f3b494a2c2fc12d70b2fe4d396e132f96537df08756de7ec2a47188aa39310dc080566e7c70004d257425e3a3b635976db86d20a1ac8d5918ba48cbdea9ccb03ab9535946c8d1cfff8ecdda5c7383b2fb4e3e5944934016c79d06d4ee6d0eec539c6a95b1bc8c9afe2528909c9eeaae2fb2d317605f97d0644c6254e27c6351b3399259d10da9f53ff70ffcea7da3ab77497e2ff4cbd1c3084ae61ee7bb5f9ccda4faa15fbf245e0f6e95dc80c7615e1e5caf92859bb19e7f9670bfab39ad239392bb508a1a4a9936fed1c7ebcd7d3de04543ab7ac22c95ad440cf4d7d00ebb85f6368f0e11e9bbe3f0bf48644d13552d5840e309fd316cb1871d56ccd3908e4c0290f73595dd8dd41d1a86477e85506f8d77bcb5e655d4e5cc199165dc4fbca945ebf7a6521fadeda94a5c88d42361ebc12a1cf0cf35e6caca47044c02cee52148d822d546ede9ba09020f417bb560fec5d8e3e791c58fbeb2f9bbbf02be53e2d4f361bd7bcdfe6995d9597105bef5055c28e81914fbc39d32fef37e75dbf93bb3464c93235d66229455660c673b1d5231fdf81bfc001c30f23bff3d158e2c3f2424c97be24d89fc0133ac60aa20549d9b2570b958f20460f765c4e8843b7cb58b638d95b2289b81d2f879f68e555487918d58f025e3229156018c8de83f42a448e8428b4e358bc5bfaf45461ad4c3420bb08df07995f7ae3b7db4e5381666ec656d1ddbc885b6364275177b3cdfb9e363e0e4409dc085058220d66d191dcadb3ff2b387bf8c60ff857275154dd2d6604d94ddbd13cb4cb3c06e8bb3496f621eac0a6a443dc5edb654f0e8ca8c60e0c5b6ec8d1ae344ea623fd1f8211026e49c480ff513a8bf4642bd002329d23244b760c58ab88bea80a2eb2e8392b2138f756bca955829522137b31692b9a41d39a1a8d3f7e9108c76207b50240fc92765d6a59b44c0edcc0fab0edc8872b0c8897a7d8d796ccc090516f2d612196f8673e0f830e73d35f3e0398997f263d3325b7f8892c3dd2d828ce7f437daf669d0088e29eb6e56aa2b13199142ec0a3183a69c2268dd1e6d013dc6bbce96f0a5b7a2683cad004d24d7956634080e8c568634b39c07f2b99d56f54ca6f220511860734c9eb47afe9b370783d74a1c93da470e001edb6d75b44539a50c7a5a5513f968cc96dca2efa6dfaf4d7308d2c8d69e8cba6f8f0467859a7774d3bbcdbc5b1abce356be1222f87128f77cb62966a660966203f4c5db697da5125c5e65ff698edb9a93586bdcd829d839fd37a757b6240f40af78bb648e102ceb7ec752a578993e8289cbb93ec6fa467f327a919fc52a163baf9972e6866d8ac294ca8b9b2114bb5e6ddf3ae53aca62aaf05c5727c8549bd009e059fc28f98113388d06683fcc6e1ec5c525f73a93b5113d5a34422187324a8c21f76a66c66c1545907001886db2dac0fbe4cf5be6fd3f0a583f31210a454d9dbd66693f39489ccbf8f082b7d34bb027199da4d228d8d84520f8aeb66ce804d9e7b490d1bdc85d8563d7f4c32cfb56f86166abbb401ae95441c06529d73b647d24dd1c859e8deacb37ee0aef4d8af2277d6accfd3bc0b9f9fb26fa9c04fe10c43b0ebff38d76ab1843233284613bc654b78c7567da7d3a94d163a3d23fff293f71158fa814ed989878fae0b72842ab4b19ccf92a7bd681ec6781ef16595ef56f16e6ac73b15c76512a9ba1c6a9c65e3ba4bd1b95ccb037c2c7e46dcd75cc1c13e887c6dfcb6d5dc973ef194b47d9f79aaf38735e5a214439db46ba75797e06e2bdbe4673b0c42071515a0d69975dd7d5d0e2d53666717ae1de0330ca01d820583a58a0c860fdf0152c719ec7a4eb4d7e74ea9c5d2f72d224be6cc3b51342c442faf6cb276f00dd002017528ecefb11f0484e6ecbf4c76990617e097879b91dcfc57fc3bce906c6a7fb42761ccc4f78117d61f1e41b04b1f2c9b4449113f1170a1a26f823f28867bc1a4c3f6b1f519cd53f2999e6fb015de524e70d8992715aa1c23d40ba918f79b4ef2687ad4b0c95f5d250bc6f576250917b41d18f43d2a22a5f71428391f0aa4daa23ecf9c33ca5b37149ef2d9ca8d93c7a8132125d0bca52f18016994aef0c9638b74deca9006f747fc56fe0a7f55a8570cba54d4a9889705603c6937b35a01b9c80bf43b3fbf7d29bec8530ba2ff6ab02f11f378fc30d7158b76942b12906357d693455856045ff931f836b3b0bfe4c7c4449f36374f52dc8711395de32ab6f2b269c802322089978e2315eec804e27447248d9b1097733f7a2a5253a28112ed73c73705209ed3577d6a13b2ca7d0bae35c7c17dcd42830a7bf09210ccacd98a4c902ac53243b8499dffb47bf4896c1bd29ba2a74e969bc087de880c58ae3cb7544506ee8bf89bac2fee65aed422d988f76311f0a45fa2f951c7e7e545beaa574a4cff1f7e400e0b2313d7ca447c12c5fad15934e236081ef76e7f1067573edf9ec998debc24fd08a0f7d84ce309dd3806182cd8fe5e3933d4f2e326a0d2217ad7b9708a2a95b1ec94860469d20711136b4b7c8fdee0eb22e645d3602f8ebde29db36aa21a1743e8759ef4ed888d5623b959f91dd5b0fa4564bcf6db7227c86a5e5ac160e3a04b657bf65e2230cf19f8141ebe03798ef4826ccd91b96b30beb1d513d184f6baca462555d3ca8ba3d3d9075f4186b9f8862101433d0adfedc8f17a7118f6a9127232772e66831d9caeda00747c197651473d2f8abf01f18e9083fc6a223e392b92f3bcc3ad1978c22df1deb512cae60c0f72cc4d3015f9f34e74cc4075510214014569d4060f6cc0804f1b40fdf5394c9300a5c18387df22cf6036d26a80498c522bf20218970702a53147189d48a71c81231366ed4e72ed2091551f0c6a0221033147fd2c033144acc3b8a756a45586cdc58a8660cef665ceba278c714c4c830f032450d98151f8f248567c7dfba8115f403f74a9744231e563de0d2ea2a66db65a82cdf4aa3673e090755296001f60ca0a2dcf0200219b80490a0896ba3350a37ff801f9a34ace8795441b6c278856b4fc3f5c088489706b981da79678d50bd50d333aa0203496e07b5b43734b1632a900558c1c2f870010f5fe8e0f8cb1ea90c26882dd40a2c23096b363ddd785dac6db40776e509a8bb0a0b815bb3369b9648ddddf00fb9205a2833c8dbd4293851f7c35fbe4d2bc454bcddf45052f38f19530005a3d77114b3ea1fbd879b917e54cd90a7a0f704644baf9764d07284043c9b0117814c1704b7517f56610b1caa51b55f92ee372c2db9cf60fb8c7d4e46391f0d96150a44b082bc98b81c1538254a20772a46040d88fd89012ef5b3a1fa519ff3717c18c7d2069eb7b0be62d01e0a08a4d66f4947c57edb84ae6ddc095d04d5f913138d40832afeb948698759b1f738ac5cc61283207b02548afbd863fcc3f299b344a9011e09324f116c46c29d0513ac92a161248fd003ed61ca356ec629825f7b4ae4dfea1f82514bc91881ba66cfd8ff93c4870617306aa84e8d4915021ec301341f9f46d64b800fa9c742bf0db65d01ae9e0e85bf61df45484675505b896ab9c7e026f6b204c415b5f7b81802fc5bbbf5b2e06a1cf3a0b1e17b3e4a9d9099cb8938833733598af8918ed3550b696fe418e0eb4bec041586ab712c6cbea842aff3e5033422bb7360dad0020776337b25ce930c71b69619bf5020bdfd57f94098a3c68427ec120a9af380357a1c92d66246533799db1bf0a8875e94e0511e788796925d9291ba660a08a32476396d8e5f2002e3ad7ecd67806d2e4f8ab2297da9e4eb321245007a2c5ab65979e0c7e9e44a88dc1f743723120b96ad9df2ad308bdd54c86288d75916c1cc3b7b76dc5f4f9b5d0e87eea022eaa77c5d9be2665ff899d8717f8f6b72116ab702a464d60483997cb6a5f05825f9672718000fd0ea0713b1e76c8d7516068a09a9afe060e23c7cb060280611fda51e810661142974898fffef03638829ee9f59c8eaa8519810b082e13e413ed00"}) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) sendmsg$NLBL_MGMT_C_LISTDEF(r0, &(0x7f0000002240)={&(0x7f0000002140)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000002200)={&(0x7f0000002180)={0x4c, 0x0, 0x100, 0x70bd27, 0x25dfdbfb, {}, [@NLBL_MGMT_A_IPV6ADDR={0x14, 0x5, @private2={0xfc, 0x2, [], 0x1}}, @NLBL_MGMT_A_DOMAIN={0x9, 0x1, '-(:[\x00'}, @NLBL_MGMT_A_IPV4MASK={0x8, 0x8, @rand_addr=0x64010101}, @NLBL_MGMT_A_CV4DOI={0x8, 0x4, 0x1}, @NLBL_MGMT_A_CLPDOI={0x8, 0xc, 0x3}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20000040}, 0x20000004) connect$inet6(r2, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) 22:52:19 executing program 4 (fault-call:6 fault-nth:5): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x14) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(r0, 0x1ff) r1 = socket$inet_sctp(0x2, 0x801, 0x84) sendmsg(r1, &(0x7f0000000040)={&(0x7f0000000240)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x36}}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b2", 0xffe0}], 0x1, 0x0, 0x0, 0x9000004}, 0x0) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) [ 2310.905557] FAULT_INJECTION: forcing a failure. [ 2310.905557] name failslab, interval 1, probability 0, space 0, times 0 [ 2310.917352] CPU: 0 PID: 11724 Comm: syz-executor.4 Not tainted 4.14.198-syzkaller #0 [ 2310.925241] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2310.934586] Call Trace: [ 2310.937163] dump_stack+0x1b2/0x283 [ 2310.940804] should_fail.cold+0x10a/0x154 [ 2310.944951] should_failslab+0xd6/0x130 [ 2310.948917] kmem_cache_alloc_trace+0x47/0x3d0 [ 2310.953504] sctp_add_bind_addr+0x6c/0x350 [ 2310.957833] sctp_copy_local_addr_list+0x2ae/0x400 [ 2310.962768] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2310.967531] sctp_bind_addr_copy+0xde/0x430 [ 2310.971965] sctp_sendmsg+0x1c15/0x2cd0 [ 2310.975941] ? sctp_id2assoc+0x210/0x210 [ 2310.980018] ? retint_kernel+0x2d/0x2d [ 2310.983904] ? selinux_socket_sendmsg+0x1d8/0x260 [ 2310.988746] ? selinux_socket_getpeername+0x260/0x260 [ 2310.993942] ? retint_kernel+0x2d/0x2d [ 2310.997853] ? selinux_socket_sendmsg+0x8/0x260 [ 2311.003211] inet_sendmsg+0x11a/0x4e0 [ 2311.007003] ? security_socket_sendmsg+0x83/0xb0 [ 2311.011754] ? inet_recvmsg+0x4d0/0x4d0 [ 2311.015723] sock_sendmsg+0xb5/0x100 [ 2311.019433] ___sys_sendmsg+0x6c8/0x800 [ 2311.023497] ? get_pid_task+0x91/0x130 [ 2311.027402] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 2311.032166] ? mark_held_locks+0xa6/0xf0 [ 2311.036242] ? retint_kernel+0x2d/0x2d [ 2311.040142] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 2311.045161] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2311.049910] ? __fget+0x1fe/0x360 [ 2311.053374] ? lock_acquire+0x170/0x3f0 [ 2311.057350] ? lock_downgrade+0x740/0x740 [ 2311.061501] ? sockfd_lookup_light+0xb2/0x160 [ 2311.066005] __sys_sendmsg+0xa3/0x120 [ 2311.070491] ? SyS_shutdown+0x160/0x160 [ 2311.074455] ? check_preemption_disabled+0x35/0x240 [ 2311.079471] SyS_sendmsg+0x27/0x40 [ 2311.082997] ? __sys_sendmsg+0x120/0x120 [ 2311.087045] do_syscall_64+0x1d5/0x640 [ 2311.090928] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2311.096105] RIP: 0033:0x45de29 22:52:19 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) socket$netlink(0x10, 0x3, 0x0) r5 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_int(r5, 0x29, 0x48, &(0x7f0000000240)=0xd, 0x4) getsockopt$inet6_int(r5, 0x29, 0x48, 0x0, &(0x7f00007d0000)) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYRESHEX=r5, @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc) ioctl$SNDRV_PCM_IOCTL_HW_REFINE(r2, 0xc2604110, &(0x7f0000000280)={0x80000000, [[0x993e, 0x800, 0x0, 0x9, 0x3, 0xa6030, 0xffff, 0x1ff], [0x737e, 0x10001, 0x4, 0x0, 0x2, 0x3ff, 0x8, 0x5c], [0x5, 0x0, 0x6, 0x787, 0x200, 0x40, 0x7fff, 0x2]], [], [{0xf2f2d81f, 0x28, 0x0, 0x1, 0x1, 0x1}, {0x8, 0x0, 0x0, 0x1, 0x1}, {0x1f, 0x3fe, 0x1, 0x1, 0x1, 0x1}, {0x8, 0x1ff, 0x1, 0x1, 0x0, 0x1}, {0x103, 0x200, 0x0, 0x1, 0x1}, {0x6, 0x6, 0x1, 0x0, 0x1}, {0xfffffffb, 0x7, 0x0, 0x0, 0x1}, {0x7fff, 0x40000006}, {0x8001, 0x80, 0x0, 0x0, 0x1, 0x1}, {0x4, 0xffff, 0x0, 0x0, 0x0, 0x1}, {0x3bb1, 0xf94f, 0x1, 0x1, 0x0, 0x1}, {0x4f16, 0x10001}], [], 0x3}) splice(r2, 0x0, r4, 0x0, 0x4ffe2, 0x0) [ 2311.099281] RSP: 002b:00007f35fe88cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2311.106985] RAX: ffffffffffffffda RBX: 0000000000028100 RCX: 000000000045de29 [ 2311.114257] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 2311.121531] RBP: 00007f35fe88cca0 R08: 0000000000000000 R09: 0000000000000000 [ 2311.128900] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 2311.136261] R13: 00007fff731b57af R14: 00007f35fe88d9c0 R15: 000000000118bf2c 22:52:19 executing program 4 (fault-call:6 fault-nth:6): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x14) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(r0, 0x1ff) r1 = socket$inet_sctp(0x2, 0x801, 0x84) sendmsg(r1, &(0x7f0000000040)={&(0x7f0000000240)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x36}}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b2", 0xffe0}], 0x1, 0x0, 0x0, 0x9000004}, 0x0) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) [ 2311.307063] FAULT_INJECTION: forcing a failure. [ 2311.307063] name failslab, interval 1, probability 0, space 0, times 0 [ 2311.322186] CPU: 1 PID: 11736 Comm: syz-executor.4 Not tainted 4.14.198-syzkaller #0 [ 2311.330091] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2311.339452] Call Trace: [ 2311.342065] dump_stack+0x1b2/0x283 [ 2311.345702] should_fail.cold+0x10a/0x154 [ 2311.349877] should_failslab+0xd6/0x130 [ 2311.353854] kmem_cache_alloc_trace+0x47/0x3d0 [ 2311.358465] sctp_add_bind_addr+0x6c/0x350 [ 2311.362710] sctp_copy_local_addr_list+0x2ae/0x400 [ 2311.367649] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2311.373282] ? __sanitizer_cov_trace_pc+0x29/0x50 [ 2311.378143] sctp_bind_addr_copy+0xde/0x430 [ 2311.382476] sctp_sendmsg+0x1c15/0x2cd0 [ 2311.386471] ? sctp_id2assoc+0x210/0x210 [ 2311.390543] ? rw_copy_check_uvector+0x1dd/0x2b0 [ 2311.395313] ? selinux_socket_sendmsg+0x1d8/0x260 [ 2311.400230] ? selinux_socket_getpeername+0x260/0x260 [ 2311.405427] ? dup_iter+0x240/0x240 [ 2311.409078] ? kernel_recvmsg+0x210/0x210 [ 2311.413237] inet_sendmsg+0x11a/0x4e0 [ 2311.417042] ? security_socket_sendmsg+0x83/0xb0 [ 2311.421799] ? inet_recvmsg+0x4d0/0x4d0 [ 2311.425773] sock_sendmsg+0xb5/0x100 [ 2311.429496] ___sys_sendmsg+0x6c8/0x800 [ 2311.433566] ? get_pid_task+0x91/0x130 [ 2311.437449] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 2311.442203] ? lock_downgrade+0x740/0x740 [ 2311.446349] ? __fget+0x1fe/0x360 [ 2311.449792] ? lock_acquire+0x170/0x3f0 [ 2311.453754] ? lock_downgrade+0x740/0x740 [ 2311.457903] ? sockfd_lookup_light+0xb2/0x160 [ 2311.462391] __sys_sendmsg+0xa3/0x120 [ 2311.466185] ? SyS_shutdown+0x160/0x160 [ 2311.470150] ? wait_for_completion_io+0x10/0x10 [ 2311.474828] ? SyS_read+0x210/0x210 [ 2311.478462] ? SyS_clock_settime+0x1a0/0x1a0 [ 2311.482873] SyS_sendmsg+0x27/0x40 [ 2311.486404] ? __sys_sendmsg+0x120/0x120 [ 2311.490455] do_syscall_64+0x1d5/0x640 [ 2311.494339] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2311.499521] RIP: 0033:0x45de29 [ 2311.502696] RSP: 002b:00007f35fe88cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2311.510934] RAX: ffffffffffffffda RBX: 0000000000028100 RCX: 000000000045de29 [ 2311.518203] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 2311.525470] RBP: 00007f35fe88cca0 R08: 0000000000000000 R09: 0000000000000000 [ 2311.532823] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 2311.541667] R13: 00007fff731b57af R14: 00007f35fe88d9c0 R15: 000000000118bf2c 22:52:19 executing program 4 (fault-call:6 fault-nth:7): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x14) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(r0, 0x1ff) r1 = socket$inet_sctp(0x2, 0x801, 0x84) sendmsg(r1, &(0x7f0000000040)={&(0x7f0000000240)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x36}}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b2", 0xffe0}], 0x1, 0x0, 0x0, 0x9000004}, 0x0) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) [ 2311.608360] FAULT_INJECTION: forcing a failure. [ 2311.608360] name failslab, interval 1, probability 0, space 0, times 0 [ 2311.621884] CPU: 0 PID: 11745 Comm: syz-executor.4 Not tainted 4.14.198-syzkaller #0 [ 2311.630821] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2311.640181] Call Trace: [ 2311.642806] dump_stack+0x1b2/0x283 [ 2311.646433] should_fail.cold+0x10a/0x154 [ 2311.650593] should_failslab+0xd6/0x130 [ 2311.654563] kmem_cache_alloc_trace+0x47/0x3d0 [ 2311.659158] sctp_add_bind_addr+0x6c/0x350 [ 2311.663393] sctp_copy_local_addr_list+0x2ae/0x400 [ 2311.668339] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2311.673120] sctp_bind_addr_copy+0xde/0x430 [ 2311.677453] sctp_sendmsg+0x1c15/0x2cd0 [ 2311.681435] ? sctp_id2assoc+0x210/0x210 [ 2311.685496] ? retint_kernel+0x2d/0x2d [ 2311.689402] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 2311.694425] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2311.699193] ? selinux_socket_sendmsg+0x1d8/0x260 [ 2311.704559] ? selinux_socket_getpeername+0x260/0x260 [ 2311.709756] ? check_preemption_disabled+0x35/0x240 [ 2311.714761] ? retint_kernel+0x2d/0x2d [ 2311.718658] inet_sendmsg+0x11a/0x4e0 [ 2311.722450] ? security_socket_sendmsg+0x83/0xb0 [ 2311.727199] ? inet_recvmsg+0x4d0/0x4d0 [ 2311.731170] sock_sendmsg+0xb5/0x100 [ 2311.734877] ___sys_sendmsg+0x6c8/0x800 [ 2311.738854] ? get_pid_task+0x91/0x130 [ 2311.742732] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 2311.747485] ? lock_downgrade+0x740/0x740 [ 2311.751631] ? __fget+0x1fe/0x360 [ 2311.755081] ? lock_acquire+0x170/0x3f0 [ 2311.759049] ? lock_downgrade+0x740/0x740 [ 2311.763209] ? sockfd_lookup_light+0xb2/0x160 [ 2311.767706] __sys_sendmsg+0xa3/0x120 [ 2311.771509] ? SyS_shutdown+0x160/0x160 [ 2311.775614] ? wait_for_completion_io+0x10/0x10 [ 2311.781047] ? SyS_read+0x210/0x210 [ 2311.785763] ? SyS_clock_settime+0x1a0/0x1a0 [ 2311.791166] SyS_sendmsg+0x27/0x40 [ 2311.794710] ? __sys_sendmsg+0x120/0x120 [ 2311.798829] do_syscall_64+0x1d5/0x640 [ 2311.802765] entry_SYSCALL_64_after_hwframe+0x46/0xbb 22:52:20 executing program 2: socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_int(r0, 0x29, 0xce, &(0x7f0000000240)=0xd, 0x4) getsockopt$inet6_int(r0, 0x29, 0x48, 0x0, &(0x7f00007d0000)) ioctl$sock_ifreq(r0, 0x8932, &(0x7f0000000000)={'syzkaller1\x00', @ifru_mtu}) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) [ 2311.807964] RIP: 0033:0x45de29 [ 2311.811175] RSP: 002b:00007f35fe88cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2311.818896] RAX: ffffffffffffffda RBX: 0000000000028100 RCX: 000000000045de29 [ 2311.826166] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 2311.834491] RBP: 00007f35fe88cca0 R08: 0000000000000000 R09: 0000000000000000 [ 2311.841779] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 [ 2311.849072] R13: 00007fff731b57af R14: 00007f35fe88d9c0 R15: 000000000118bf2c [ 2313.093355] IPVS: ftp: loaded support on port[0] = 21 [ 2313.208972] chnl_net:caif_netlink_parms(): no params data found [ 2313.265495] bridge0: port 1(bridge_slave_0) entered blocking state [ 2313.271943] bridge0: port 1(bridge_slave_0) entered disabled state [ 2313.279705] device bridge_slave_0 entered promiscuous mode [ 2313.287397] bridge0: port 2(bridge_slave_1) entered blocking state [ 2313.293915] bridge0: port 2(bridge_slave_1) entered disabled state [ 2313.300908] device bridge_slave_1 entered promiscuous mode [ 2313.319698] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 2313.328878] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 2313.351781] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 2313.359139] team0: Port device team_slave_0 added [ 2313.365164] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 2313.372459] team0: Port device team_slave_1 added [ 2313.391004] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 2313.397312] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2313.422554] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 2313.433626] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 2313.439964] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 2313.466185] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 2313.477133] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 2313.485377] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 2313.512471] device hsr_slave_0 entered promiscuous mode [ 2313.518186] device hsr_slave_1 entered promiscuous mode [ 2313.524424] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 2313.531427] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 2313.610405] bridge0: port 2(bridge_slave_1) entered blocking state [ 2313.616800] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2313.623419] bridge0: port 1(bridge_slave_0) entered blocking state [ 2313.629841] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2313.661005] IPv6: ADDRCONF(NETDEV_UP): bond0: link is not ready [ 2313.668566] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2313.678161] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 2313.688315] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 2313.706611] bridge0: port 1(bridge_slave_0) entered disabled state [ 2313.713559] bridge0: port 2(bridge_slave_1) entered disabled state [ 2313.724132] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 2313.730367] 8021q: adding VLAN 0 to HW filter on device team0 [ 2313.739649] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 2313.747399] bridge0: port 1(bridge_slave_0) entered blocking state [ 2313.753833] bridge0: port 1(bridge_slave_0) entered forwarding state [ 2313.763338] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 2313.771189] bridge0: port 2(bridge_slave_1) entered blocking state [ 2313.777621] bridge0: port 2(bridge_slave_1) entered forwarding state [ 2313.793680] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 2313.802091] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 2313.816906] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 2313.827676] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 2313.838846] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 2313.848125] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 2313.856027] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 2313.863574] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 2313.871498] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 2313.886117] IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready [ 2313.893493] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 2313.901200] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 2313.912233] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 2313.974604] IPv6: ADDRCONF(NETDEV_UP): veth0_virt_wifi: link is not ready [ 2313.986538] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 2314.023268] IPv6: ADDRCONF(NETDEV_UP): veth0_vlan: link is not ready [ 2314.030553] IPv6: ADDRCONF(NETDEV_UP): vlan0: link is not ready [ 2314.038691] IPv6: ADDRCONF(NETDEV_UP): vlan1: link is not ready [ 2314.051024] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 2314.059218] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 2314.066271] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 2314.078128] device veth0_vlan entered promiscuous mode [ 2314.087567] device veth1_vlan entered promiscuous mode [ 2314.093333] IPv6: ADDRCONF(NETDEV_UP): macvlan0: link is not ready [ 2314.103235] IPv6: ADDRCONF(NETDEV_UP): macvlan1: link is not ready [ 2314.114859] IPv6: ADDRCONF(NETDEV_UP): veth0_macvtap: link is not ready [ 2314.124728] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready [ 2314.131987] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready [ 2314.139597] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 2314.152109] device veth0_macvtap entered promiscuous mode [ 2314.158800] IPv6: ADDRCONF(NETDEV_UP): macvtap0: link is not ready [ 2314.168322] device veth1_macvtap entered promiscuous mode [ 2314.178270] IPv6: ADDRCONF(NETDEV_UP): veth0_to_batadv: link is not ready [ 2314.187727] IPv6: ADDRCONF(NETDEV_UP): veth1_to_batadv: link is not ready [ 2314.196593] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 2314.206777] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 2314.214961] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 2314.225386] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2314.235591] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 2314.246081] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2314.255823] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 2314.267960] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2314.277676] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 2314.288128] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2314.297745] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 [ 2314.307806] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2314.318006] IPv6: ADDRCONF(NETDEV_UP): batadv_slave_0: link is not ready [ 2314.325408] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 2314.332068] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 2314.339998] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 2314.350806] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 2314.360720] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2314.369950] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 2314.379744] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2314.388920] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 2314.398689] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2314.408616] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 2314.418728] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2314.427891] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 [ 2314.437708] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 2314.447908] IPv6: ADDRCONF(NETDEV_UP): batadv_slave_1: link is not ready [ 2314.454909] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 2314.462037] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 2314.470946] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 2314.583197] IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready [ 2314.591092] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2314.614551] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2314.621650] IPv6: ADDRCONF(NETDEV_UP): wlan1: link is not ready [ 2314.628740] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready [ 2314.645164] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 2314.645171] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 2314.659805] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready [ 2315.123844] Bluetooth: hci2 command 0x0409 tx timeout 22:52:23 executing program 5: ioctl$TIOCSCTTY(0xffffffffffffffff, 0x540e, 0x3) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYRESDEC, @ANYRES32, @ANYBLOB="1f0200777ffda794000000187f02801400101014cc7156000000000000000000000000001658f4642bc3805a736d6e539b319e810000000ac0c90442c1665ddc7465826de80100000000000000ea4be43fbbb8b82504b02935c0ad0074c47446d597b2be87718a935e72accdef5ddf7a4531def4b04ed9d392c1cc6cde0abf1cba15eb490cced8b198d64d0952f43f0fe70a8d8fbf0640768e42bfdbe4604487e87edf15967726fc61d96233a1b303bd560e5ecb70b491a90a513c351f9a1819837ca88a70475ef4a904d6170df45e978b8c8b14d77f879e27fb07c558332090c6a513e6c7159d1c842cfe783f2291f7168071a195255f8cc95900a8a838424b6f907d56d90737d52a787a017f3929ba5aeb07dacc944e106660b263b5475435eaea329584c1eb8685da1326d70c7f671dae53f8ef1a44a79204a279d236da767b78aef99fb9063255edffd07f019f11ecd1ab751094735cbfca1c2c04872aee68d00b94b213e2c5a46d53a838738111750e9ec69f5691ab78c88b74f7d69a60b83b828b72c8356f5b5132f4cc9b"], 0x3}, 0x1, 0x0, 0x0, 0x20000000}, 0x4044080) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff}, 0x0) r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snd/seq\x00', 0x2) r5 = dup(r4) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000200)='9p\x00', 0x0, &(0x7f0000000580)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[], [], 0x6b}}) splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0) 22:52:23 executing program 4 (fault-call:6 fault-nth:8): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x14) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(r0, 0x1ff) r1 = socket$inet_sctp(0x2, 0x801, 0x84) sendmsg(r1, &(0x7f0000000040)={&(0x7f0000000240)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x36}}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b2", 0xffe0}], 0x1, 0x0, 0x0, 0x9000004}, 0x0) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) 22:52:23 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a000100d9642f2b6e00000018000280140010"], 0x3}, 0x1, 0x0, 0x0, 0x40000}, 0x8010) write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r2, 0x0, r4, 0x0, 0x4ffe2, 0x0) 22:52:23 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) waitid(0x0, 0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000000)) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)) ptrace$cont(0x1f, r0, 0x0, 0x0) 22:52:23 executing program 2: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000280)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000200)={0xffffffffffffffff}, 0x106}}, 0x20) write$RDMA_USER_CM_CMD_LISTEN(r0, &(0x7f0000000000)={0x7, 0x8, 0xfa00, {r1}}, 0x10) chroot(&(0x7f00000000c0)='./file0\x00') write$RDMA_USER_CM_CMD_BIND(r0, &(0x7f0000000300)={0x14, 0x88, 0xfa00, {r1, 0x10, 0x0, @in={0x2, 0x0, @multicast2}}}, 0x90) ioctl$F2FS_IOC_GET_FEATURES(r0, 0x8004f50c, &(0x7f00000001c0)) socket(0x0, 0x0, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$KVM_DEASSIGN_DEV_IRQ(r3, 0x4040ae75, &(0x7f0000000140)={0x7, 0x0, 0x80000000, 0x205}) poll(0x0, 0x0, 0x0) r4 = socket$inet6_sctp(0xa, 0x1, 0x84) ioctl$BTRFS_IOC_INO_PATHS(r4, 0xc0389423, &(0x7f0000000180)={0xfffffffffffffffb, 0x28, [0x625, 0x1000, 0x0, 0x3], &(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0, 0x0]}) connect$inet6(r4, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) 22:52:23 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}], 0x3, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) ptrace$cont(0x1f, r0, 0x0, 0x0) [ 2315.562071] FAULT_INJECTION: forcing a failure. [ 2315.562071] name failslab, interval 1, probability 0, space 0, times 0 [ 2315.575877] CPU: 1 PID: 12044 Comm: syz-executor.4 Not tainted 4.14.198-syzkaller #0 [ 2315.583768] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2315.593118] Call Trace: [ 2315.595706] dump_stack+0x1b2/0x283 [ 2315.599338] should_fail.cold+0x10a/0x154 [ 2315.603508] should_failslab+0xd6/0x130 [ 2315.607488] kmem_cache_alloc_trace+0x47/0x3d0 [ 2315.612075] sctp_add_bind_addr+0x6c/0x350 [ 2315.616314] sctp_copy_local_addr_list+0x2ae/0x400 [ 2315.621248] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2315.626012] sctp_bind_addr_copy+0xde/0x430 [ 2315.630338] sctp_sendmsg+0x1c15/0x2cd0 [ 2315.634324] ? sctp_id2assoc+0x210/0x210 [ 2315.638388] ? rw_copy_check_uvector+0x1dd/0x2b0 [ 2315.642762] ptrace attach of "/root/syz-executor.1"[12053] was attempted by "/root/syz-executor.1"[12056] [ 2315.643149] ? selinux_socket_sendmsg+0x1d8/0x260 [ 2315.657815] ? selinux_socket_getpeername+0x260/0x260 [ 2315.663057] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 2315.668116] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2315.668533] ptrace attach of "/root/syz-executor.3"[12055] was attempted by "/root/syz-executor.3"[12057] [ 2315.672880] ? retint_kernel+0x2d/0x2d [ 2315.672895] inet_sendmsg+0x11a/0x4e0 [ 2315.672905] ? security_socket_sendmsg+0x83/0xb0 [ 2315.672915] ? inet_recvmsg+0x4d0/0x4d0 [ 2315.698986] sock_sendmsg+0xb5/0x100 [ 2315.702714] ___sys_sendmsg+0x6c8/0x800 [ 2315.706690] ? get_pid_task+0x91/0x130 [ 2315.710575] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 2315.715446] ? retint_kernel+0x2d/0x2d [ 2315.719347] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 2315.724373] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2315.729128] ? __fget+0x1fe/0x360 [ 2315.732586] ? lock_downgrade+0x740/0x740 [ 2315.736745] ? sockfd_lookup_light+0xb2/0x160 [ 2315.741271] __sys_sendmsg+0xa3/0x120 [ 2315.745071] ? SyS_shutdown+0x160/0x160 [ 2315.749044] ? wait_for_completion_io+0x10/0x10 [ 2315.753719] ? SyS_read+0x210/0x210 [ 2315.757359] ? SyS_clock_settime+0x1a0/0x1a0 [ 2315.761774] SyS_sendmsg+0x27/0x40 [ 2315.766272] ? __sys_sendmsg+0x120/0x120 [ 2315.771094] do_syscall_64+0x1d5/0x640 [ 2315.775768] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2315.780956] RIP: 0033:0x45de29 [ 2315.784138] RSP: 002b:00007f35fe88cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2315.791854] RAX: ffffffffffffffda RBX: 0000000000028100 RCX: 000000000045de29 [ 2315.799123] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 22:52:24 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}], 0x3, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) ptrace$cont(0x1f, r0, 0x0, 0x0) 22:52:24 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) ioctl$sock_SIOCSPGRP(0xffffffffffffffff, 0x8902, &(0x7f0000000080)=0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0xfffffffffffffffd, 0x24) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)) getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, &(0x7f0000000000)={0x0, 0x80000000}, &(0x7f0000000040)=0x8) r1 = socket$inet_udplite(0x2, 0x2, 0x88) dup(r1) ioctl$sock_inet_SIOCRTMSG(r1, 0x890d, &(0x7f0000000240)={0x0, {0x2, 0x4e24, @rand_addr=0x64010101}, {0x2, 0x4e24, @private=0xa010102}, {0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x43, 0x0, 0x0, 0x0, 0xffff, &(0x7f0000000200)='syz_tun\x00', 0x0, 0x6, 0x8}) ptrace$cont(0x1f, r0, 0x0, 0x0) [ 2315.806393] RBP: 00007f35fe88cca0 R08: 0000000000000000 R09: 0000000000000000 [ 2315.813656] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000008 [ 2315.820922] R13: 00007fff731b57af R14: 00007f35fe88d9c0 R15: 000000000118bf2c 22:52:24 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)) ptrace$cont(0x1f, r0, 0x0, 0x0) r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x12800, 0x8) setsockopt$inet6_tcp_TCP_QUEUE_SEQ(r1, 0x6, 0x15, &(0x7f0000000040)=0x5, 0x4) 22:52:24 executing program 4 (fault-call:6 fault-nth:9): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x14) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(r0, 0x1ff) r1 = socket$inet_sctp(0x2, 0x801, 0x84) sendmsg(r1, &(0x7f0000000040)={&(0x7f0000000240)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x36}}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b2", 0xffe0}], 0x1, 0x0, 0x0, 0x9000004}, 0x0) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) [ 2316.003512] FAULT_INJECTION: forcing a failure. [ 2316.003512] name failslab, interval 1, probability 0, space 0, times 0 [ 2316.017433] CPU: 1 PID: 12089 Comm: syz-executor.4 Not tainted 4.14.198-syzkaller #0 [ 2316.025411] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2316.034765] Call Trace: [ 2316.037367] dump_stack+0x1b2/0x283 [ 2316.040992] should_fail.cold+0x10a/0x154 [ 2316.046163] should_failslab+0xd6/0x130 [ 2316.050141] kmem_cache_alloc_trace+0x47/0x3d0 [ 2316.054718] sctp_add_bind_addr+0x6c/0x350 [ 2316.058948] sctp_copy_local_addr_list+0x2ae/0x400 [ 2316.063874] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2316.068645] sctp_bind_addr_copy+0xde/0x430 [ 2316.072973] sctp_sendmsg+0x1c15/0x2cd0 [ 2316.076951] ? sctp_id2assoc+0x210/0x210 [ 2316.081023] ? rw_copy_check_uvector+0x1dd/0x2b0 [ 2316.085792] ? selinux_socket_sendmsg+0x1d8/0x260 [ 2316.090624] ? selinux_socket_getpeername+0x260/0x260 [ 2316.095806] ? dup_iter+0x240/0x240 [ 2316.099429] ? kernel_recvmsg+0x210/0x210 [ 2316.103567] inet_sendmsg+0x11a/0x4e0 [ 2316.107365] ? security_socket_sendmsg+0x83/0xb0 [ 2316.112112] ? inet_recvmsg+0x4d0/0x4d0 [ 2316.116082] sock_sendmsg+0xb5/0x100 [ 2316.119790] ___sys_sendmsg+0x6c8/0x800 [ 2316.123769] ? get_pid_task+0x91/0x130 [ 2316.127675] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 2316.132427] ? lock_downgrade+0x740/0x740 [ 2316.136573] ? __fget+0x1fe/0x360 [ 2316.140026] ? lock_acquire+0x170/0x3f0 [ 2316.143990] ? lock_downgrade+0x740/0x740 [ 2316.148156] ? sockfd_lookup_light+0xb2/0x160 [ 2316.152645] __sys_sendmsg+0xa3/0x120 [ 2316.156435] ? SyS_shutdown+0x160/0x160 [ 2316.160416] ? wait_for_completion_io+0x10/0x10 [ 2316.165103] ? SyS_read+0x210/0x210 [ 2316.168723] ? SyS_clock_settime+0x1a0/0x1a0 [ 2316.173138] SyS_sendmsg+0x27/0x40 [ 2316.176671] ? __sys_sendmsg+0x120/0x120 [ 2316.180729] do_syscall_64+0x1d5/0x640 [ 2316.184615] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2316.189795] RIP: 0033:0x45de29 [ 2316.192972] RSP: 002b:00007f35fe88cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2316.201454] RAX: ffffffffffffffda RBX: 0000000000028100 RCX: 000000000045de29 [ 2316.208717] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 2316.215984] RBP: 00007f35fe88cca0 R08: 0000000000000000 R09: 0000000000000000 [ 2316.227070] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000009 [ 2316.234334] R13: 00007fff731b57af R14: 00007f35fe88d9c0 R15: 000000000118bf2c 22:52:24 executing program 4 (fault-call:6 fault-nth:10): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x14) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(r0, 0x1ff) r1 = socket$inet_sctp(0x2, 0x801, 0x84) sendmsg(r1, &(0x7f0000000040)={&(0x7f0000000240)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x36}}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b2", 0xffe0}], 0x1, 0x0, 0x0, 0x9000004}, 0x0) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) 22:52:24 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r2, 0x0, r4, 0x0, 0x4ffe2, 0x0) r5 = getpgrp(0xffffffffffffffff) wait4(r5, &(0x7f0000000040), 0x1, &(0x7f0000000100)) [ 2316.387092] FAULT_INJECTION: forcing a failure. [ 2316.387092] name failslab, interval 1, probability 0, space 0, times 0 [ 2316.408958] CPU: 1 PID: 12098 Comm: syz-executor.4 Not tainted 4.14.198-syzkaller #0 [ 2316.416869] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2316.426228] Call Trace: [ 2316.428810] dump_stack+0x1b2/0x283 [ 2316.432433] should_fail.cold+0x10a/0x154 [ 2316.436588] should_failslab+0xd6/0x130 [ 2316.440565] kmem_cache_alloc_trace+0x47/0x3d0 [ 2316.445171] sctp_add_bind_addr+0x6c/0x350 [ 2316.449410] sctp_copy_local_addr_list+0x2ae/0x400 [ 2316.454358] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2316.459102] ? sctp_association_new+0x1688/0x1e70 [ 2316.463948] sctp_bind_addr_copy+0xde/0x430 [ 2316.468269] sctp_sendmsg+0x1c15/0x2cd0 [ 2316.472236] ? _copy_from_user+0xb1/0x100 [ 2316.476378] ? sctp_id2assoc+0x210/0x210 [ 2316.480447] ? rw_copy_check_uvector+0x1dd/0x2b0 [ 2316.485198] ? selinux_socket_sendmsg+0x1d8/0x260 [ 2316.490042] ? selinux_socket_getpeername+0x260/0x260 [ 2316.495236] ? dup_iter+0x240/0x240 [ 2316.498866] ? kernel_recvmsg+0x210/0x210 [ 2316.503013] inet_sendmsg+0x11a/0x4e0 [ 2316.506821] ? security_socket_sendmsg+0x83/0xb0 [ 2316.511584] ? inet_recvmsg+0x4d0/0x4d0 [ 2316.515561] sock_sendmsg+0xb5/0x100 [ 2316.519469] ___sys_sendmsg+0x6c8/0x800 [ 2316.523448] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 2316.528187] ? check_preemption_disabled+0x35/0x240 [ 2316.533198] ? retint_kernel+0x2d/0x2d [ 2316.537112] ? __fget+0x1fe/0x360 [ 2316.540554] ? lock_downgrade+0x740/0x740 [ 2316.544711] ? sockfd_lookup_light+0xb2/0x160 [ 2316.549207] __sys_sendmsg+0xa3/0x120 [ 2316.553313] ? SyS_shutdown+0x160/0x160 [ 2316.557324] ? wait_for_completion_io+0x10/0x10 [ 2316.562063] ? SyS_read+0x210/0x210 [ 2316.565678] ? SyS_clock_settime+0x1a0/0x1a0 [ 2316.570078] SyS_sendmsg+0x27/0x40 [ 2316.573623] ? __sys_sendmsg+0x120/0x120 [ 2316.577680] do_syscall_64+0x1d5/0x640 [ 2316.581553] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2316.586742] RIP: 0033:0x45de29 [ 2316.589924] RSP: 002b:00007f35fe88cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2316.597609] RAX: ffffffffffffffda RBX: 0000000000028100 RCX: 000000000045de29 [ 2316.604863] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 2316.612138] RBP: 00007f35fe88cca0 R08: 0000000000000000 R09: 0000000000000000 [ 2316.619483] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000a [ 2316.626775] R13: 00007fff731b57af R14: 00007f35fe88d9c0 R15: 000000000118bf2c 22:52:24 executing program 5: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) r3 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0) r4 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r4, 0x84, 0x6e, &(0x7f0000000080)=[@in6={0xa, 0x0, 0x0, @private1}, @in={0x2, 0x0, @loopback}], 0x2c) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r4, 0x84, 0x1d, &(0x7f0000000900)={0x1, [0x0]}, &(0x7f0000000940)=0x8) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r4, 0x84, 0x1f, &(0x7f0000000100)={r5, @in6={{0xa, 0x0, 0x0, @empty}}}, 0x90) getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r3, 0x84, 0x13, &(0x7f0000000100)={r5}, &(0x7f0000000140)=0x8) close(r2) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}, 0x1, 0x0, 0x0, 0x4000010}, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0) 22:52:24 executing program 2: r0 = socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) ioctl$FIONCLEX(r0, 0x5450) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) write$bt_hci(r3, &(0x7f0000000000)={0x1, @write_current_iac_lap={{0xc3a, 0x7}, {0x6, "2a5b581495fc"}}}, 0xb) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) 22:52:24 executing program 4 (fault-call:6 fault-nth:11): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x14) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(r0, 0x1ff) r1 = socket$inet_sctp(0x2, 0x801, 0x84) sendmsg(r1, &(0x7f0000000040)={&(0x7f0000000240)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x36}}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b2", 0xffe0}], 0x1, 0x0, 0x0, 0x9000004}, 0x0) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) [ 2316.763565] FAULT_INJECTION: forcing a failure. [ 2316.763565] name failslab, interval 1, probability 0, space 0, times 0 [ 2316.791122] CPU: 0 PID: 12116 Comm: syz-executor.4 Not tainted 4.14.198-syzkaller #0 [ 2316.799054] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2316.808404] Call Trace: [ 2316.811001] dump_stack+0x1b2/0x283 [ 2316.814640] should_fail.cold+0x10a/0x154 [ 2316.818790] should_failslab+0xd6/0x130 [ 2316.822758] kmem_cache_alloc_trace+0x47/0x3d0 [ 2316.827369] sctp_add_bind_addr+0x6c/0x350 [ 2316.831631] sctp_copy_local_addr_list+0x2ae/0x400 [ 2316.836567] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2316.841330] ? sctp_bind_addr_copy+0x31/0x430 [ 2316.845820] sctp_bind_addr_copy+0xde/0x430 [ 2316.850145] sctp_sendmsg+0x1c15/0x2cd0 [ 2316.854150] ? sctp_id2assoc+0x210/0x210 [ 2316.858207] ? rw_copy_check_uvector+0x1dd/0x2b0 [ 2316.862948] ? retint_kernel+0x2d/0x2d [ 2316.866853] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 2316.871884] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2316.876637] ? check_preemption_disabled+0x35/0x240 [ 2316.881659] ? retint_kernel+0x2d/0x2d [ 2316.885535] ? inet_recvmsg+0x4d0/0x4d0 [ 2316.889501] inet_sendmsg+0x11a/0x4e0 [ 2316.893305] ? inet_recvmsg+0x4d0/0x4d0 [ 2316.897273] sock_sendmsg+0xb5/0x100 [ 2316.901071] ___sys_sendmsg+0x6c8/0x800 [ 2316.905068] ? get_pid_task+0x91/0x130 [ 2316.908950] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 2316.913713] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 2316.918719] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2316.923490] ? check_preemption_disabled+0x35/0x240 [ 2316.928510] ? __fget+0x1fe/0x360 [ 2316.931965] ? lock_downgrade+0x740/0x740 [ 2316.936114] ? sockfd_lookup_light+0xb2/0x160 [ 2316.940589] __sys_sendmsg+0xa3/0x120 [ 2316.944380] ? SyS_shutdown+0x160/0x160 [ 2316.948359] ? wait_for_completion_io+0x10/0x10 [ 2316.953019] ? SyS_read+0x210/0x210 [ 2316.956645] ? SyS_clock_settime+0x1a0/0x1a0 [ 2316.961044] SyS_sendmsg+0x27/0x40 [ 2316.964594] ? __sys_sendmsg+0x120/0x120 [ 2316.968662] do_syscall_64+0x1d5/0x640 [ 2316.972546] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2316.977724] RIP: 0033:0x45de29 [ 2316.980896] RSP: 002b:00007f35fe88cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2316.988629] RAX: ffffffffffffffda RBX: 0000000000028100 RCX: 000000000045de29 [ 2316.995897] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 2317.003170] RBP: 00007f35fe88cca0 R08: 0000000000000000 R09: 0000000000000000 22:52:25 executing program 4 (fault-call:6 fault-nth:12): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x14) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(r0, 0x1ff) r1 = socket$inet_sctp(0x2, 0x801, 0x84) sendmsg(r1, &(0x7f0000000040)={&(0x7f0000000240)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x36}}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b2", 0xffe0}], 0x1, 0x0, 0x0, 0x9000004}, 0x0) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) [ 2317.010432] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000b [ 2317.017710] R13: 00007fff731b57af R14: 00007f35fe88d9c0 R15: 000000000118bf2c [ 2317.123152] FAULT_INJECTION: forcing a failure. [ 2317.123152] name failslab, interval 1, probability 0, space 0, times 0 [ 2317.134828] CPU: 0 PID: 12133 Comm: syz-executor.4 Not tainted 4.14.198-syzkaller #0 [ 2317.142716] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2317.152061] Call Trace: [ 2317.154645] dump_stack+0x1b2/0x283 [ 2317.158294] should_fail.cold+0x10a/0x154 [ 2317.162466] should_failslab+0xd6/0x130 [ 2317.166454] kmem_cache_alloc_trace+0x47/0x3d0 [ 2317.171037] sctp_add_bind_addr+0x6c/0x350 [ 2317.175289] sctp_copy_local_addr_list+0x2ae/0x400 [ 2317.180215] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2317.184969] sctp_bind_addr_copy+0xde/0x430 [ 2317.189302] sctp_sendmsg+0x1c15/0x2cd0 [ 2317.193275] ? sctp_id2assoc+0x210/0x210 [ 2317.197337] ? retint_kernel+0x2d/0x2d [ 2317.201215] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 2317.206226] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2317.210995] ? check_preemption_disabled+0x35/0x240 [ 2317.216009] ? retint_kernel+0x2d/0x2d [ 2317.219892] ? inet_sendmsg+0xaf/0x4e0 [ 2317.223770] inet_sendmsg+0x11a/0x4e0 [ 2317.227575] ? security_socket_sendmsg+0x83/0xb0 [ 2317.232317] ? inet_recvmsg+0x4d0/0x4d0 [ 2317.236286] sock_sendmsg+0xb5/0x100 [ 2317.239987] ___sys_sendmsg+0x6c8/0x800 [ 2317.243968] ? get_pid_task+0x91/0x130 [ 2317.247843] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 2317.252599] ? lock_downgrade+0x740/0x740 [ 2317.256752] ? __fget+0x1fe/0x360 [ 2317.260198] ? lock_acquire+0x170/0x3f0 [ 2317.264173] ? lock_downgrade+0x740/0x740 [ 2317.268327] ? sockfd_lookup_light+0xb2/0x160 [ 2317.272810] __sys_sendmsg+0xa3/0x120 [ 2317.276632] ? SyS_shutdown+0x160/0x160 [ 2317.280593] ? wait_for_completion_io+0x10/0x10 [ 2317.285261] ? SyS_read+0x210/0x210 [ 2317.288882] ? SyS_clock_settime+0x1a0/0x1a0 [ 2317.293288] SyS_sendmsg+0x27/0x40 [ 2317.296834] ? __sys_sendmsg+0x120/0x120 [ 2317.300907] do_syscall_64+0x1d5/0x640 [ 2317.304792] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2317.309980] RIP: 0033:0x45de29 [ 2317.313158] RSP: 002b:00007f35fe88cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2317.321569] RAX: ffffffffffffffda RBX: 0000000000028100 RCX: 000000000045de29 [ 2317.328834] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 2317.336114] RBP: 00007f35fe88cca0 R08: 0000000000000000 R09: 0000000000000000 [ 2317.343389] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000c [ 2317.350661] R13: 00007fff731b57af R14: 00007f35fe88d9c0 R15: 000000000118bf2c 22:52:25 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=ANY=[@ANYBLOB="4800000010001fff00000500000000002cece1705ca700870000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r2, 0x0, r4, 0x0, 0x4ffe2, 0x0) r5 = socket$inet6_udplite(0xa, 0x2, 0x88) getsockopt$inet6_mreq(r5, 0x29, 0x14, &(0x7f0000000040)={@mcast2}, &(0x7f0000000100)=0x14) [ 2317.371286] Bluetooth: hci2 command 0x041b tx timeout 22:52:25 executing program 4 (fault-call:6 fault-nth:13): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x14) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(r0, 0x1ff) r1 = socket$inet_sctp(0x2, 0x801, 0x84) sendmsg(r1, &(0x7f0000000040)={&(0x7f0000000240)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x36}}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b2", 0xffe0}], 0x1, 0x0, 0x0, 0x9000004}, 0x0) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) [ 2317.513027] FAULT_INJECTION: forcing a failure. [ 2317.513027] name failslab, interval 1, probability 0, space 0, times 0 [ 2317.525308] CPU: 0 PID: 12144 Comm: syz-executor.4 Not tainted 4.14.198-syzkaller #0 [ 2317.533198] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2317.542549] Call Trace: [ 2317.545148] dump_stack+0x1b2/0x283 [ 2317.548787] should_fail.cold+0x10a/0x154 [ 2317.552940] should_failslab+0xd6/0x130 [ 2317.556917] kmem_cache_alloc_trace+0x47/0x3d0 [ 2317.561500] sctp_add_bind_addr+0x6c/0x350 [ 2317.565740] sctp_copy_local_addr_list+0x2ae/0x400 [ 2317.570678] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2317.575441] sctp_bind_addr_copy+0xde/0x430 [ 2317.579791] sctp_sendmsg+0x1c15/0x2cd0 [ 2317.583786] ? sctp_id2assoc+0x210/0x210 [ 2317.587851] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2317.592610] ? retint_kernel+0x2d/0x2d [ 2317.596496] ? selinux_socket_sendmsg+0x1d8/0x260 [ 2317.601340] ? selinux_socket_getpeername+0x260/0x260 [ 2317.606524] ? import_iovec+0x1df/0x360 [ 2317.610496] ? kernel_recvmsg+0x210/0x210 [ 2317.614635] inet_sendmsg+0x11a/0x4e0 [ 2317.618427] ? security_socket_sendmsg+0x83/0xb0 [ 2317.623168] ? inet_recvmsg+0x4d0/0x4d0 [ 2317.627151] sock_sendmsg+0xb5/0x100 [ 2317.630845] ___sys_sendmsg+0x6c8/0x800 [ 2317.634805] ? get_pid_task+0x91/0x130 [ 2317.638677] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 2317.643434] ? lock_downgrade+0x740/0x740 [ 2317.647691] ? __fget+0x1fe/0x360 [ 2317.651154] ? lock_acquire+0x170/0x3f0 [ 2317.655120] ? lock_downgrade+0x740/0x740 [ 2317.659279] ? sockfd_lookup_light+0xb2/0x160 [ 2317.663763] __sys_sendmsg+0xa3/0x120 [ 2317.667574] ? SyS_shutdown+0x160/0x160 [ 2317.671557] SyS_sendmsg+0x27/0x40 [ 2317.675089] ? __sys_sendmsg+0x120/0x120 [ 2317.679132] do_syscall_64+0x1d5/0x640 [ 2317.683002] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2317.688185] RIP: 0033:0x45de29 [ 2317.691349] RSP: 002b:00007f35fe88cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2317.699047] RAX: ffffffffffffffda RBX: 0000000000028100 RCX: 000000000045de29 [ 2317.706308] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 2317.713583] RBP: 00007f35fe88cca0 R08: 0000000000000000 R09: 0000000000000000 [ 2317.720835] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000d [ 2317.728099] R13: 00007fff731b57af R14: 00007f35fe88d9c0 R15: 000000000118bf2c 22:52:27 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {0x0}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) ptrace$cont(0x1f, r0, 0x0, 0x0) 22:52:27 executing program 5: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$BINDER_GET_NODE_INFO_FOR_REF(0xffffffffffffffff, 0xc018620c, &(0x7f0000000040)) close(r2) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0) 22:52:27 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) syz_open_dev$char_raw(&(0x7f0000000200)='/dev/raw/raw#\x00', 0x0, 0x2082) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) r1 = perf_event_open(&(0x7f00000000c0)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_open_dev$ttys(0xc, 0x2, 0x1) r3 = dup2(r1, r2) ptrace$cont(0x18, r0, 0x0, 0x0) r4 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_int(r4, 0x29, 0x48, &(0x7f0000000240)=0xd, 0x4) getsockopt$inet6_int(r4, 0x29, 0x48, 0x0, &(0x7f00007d0000)) pwrite64(r3, &(0x7f0000000280)="b4a4ce95eb4e6a6a10c8ddab02148ca6880a471d4071eab19aeab6f869810201d1999f0933ade0642ff2c2f180f211f1e9de0fa6c80ba488e04e9fee5bf13a79c9b50cd1153d273480a160cdfda74379c2df6148e127ce1c0476f27127a2fabe28713258e4ed12c273ea971fb96a64449a70835f436d06532025c80d6086264611c4c8062a32ae429a0b09bf5dfc990bb450676b2abf03513ff195cf6c659e4eb25ebb595aae102cbb1f690f4da17d4798edbd2def31cc90b4278b37c84251de1d4502d7c0b0aad9f33b7f111319a90d30", 0xd1, 0x74238953) ioctl$VIDIOC_TRY_EXT_CTRLS(r3, 0xc0205649, &(0x7f0000000080)={0x9f0000, 0xff, 0xae, r4, 0x0, &(0x7f0000000040)={0x9a091e, 0x6, [], @p_u32=&(0x7f0000000000)=0x8}}) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)) ptrace$cont(0x1f, r0, 0x0, 0x0) 22:52:27 executing program 2: setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_REM(0xffffffffffffffff, 0x84, 0x65, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x7, @loopback, 0x9}, @in={0x2, 0x4e21, @multicast2}, @in6={0xa, 0x4e21, 0xf5f, @ipv4={[], [], @loopback}, 0x8f8}, @in={0x2, 0x4e21, @broadcast}], 0x58) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) 22:52:27 executing program 4 (fault-call:6 fault-nth:14): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x14) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(r0, 0x1ff) r1 = socket$inet_sctp(0x2, 0x801, 0x84) sendmsg(r1, &(0x7f0000000040)={&(0x7f0000000240)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x36}}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b2", 0xffe0}], 0x1, 0x0, 0x0, 0x9000004}, 0x0) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) 22:52:27 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[], 0x3}, 0x1, 0x0, 0x0, 0x811}, 0x0) write$binfmt_misc(r3, &(0x7f0000000240)=ANY=[], 0xfffffecc) r5 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000040)={0xffffffffffffffff, 0x572ca292, 0x18}, 0xc) splice(r2, 0x0, r5, 0x0, 0x4ffe2, 0x8) r6 = socket$inet_udplite(0x2, 0x2, 0x88) r7 = dup(r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) sendmsg$NBD_CMD_RECONFIGURE(r7, &(0x7f00000001c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x20, 0x0, 0x400, 0x70bd29, 0x25dfdbff, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0x7fff}]}, 0x20}, 0x1, 0x0, 0x0, 0x1}, 0x11) [ 2318.998720] FAULT_INJECTION: forcing a failure. [ 2318.998720] name failslab, interval 1, probability 0, space 0, times 0 [ 2319.010430] CPU: 0 PID: 12177 Comm: syz-executor.4 Not tainted 4.14.198-syzkaller #0 [ 2319.018330] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2319.027670] Call Trace: [ 2319.030257] dump_stack+0x1b2/0x283 [ 2319.033912] should_fail.cold+0x10a/0x154 [ 2319.038066] should_failslab+0xd6/0x130 [ 2319.042314] kmem_cache_alloc_trace+0x47/0x3d0 [ 2319.046895] sctp_add_bind_addr+0x6c/0x350 [ 2319.051140] sctp_copy_local_addr_list+0x2ae/0x400 [ 2319.056055] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2319.060799] sctp_bind_addr_copy+0xde/0x430 [ 2319.065190] sctp_sendmsg+0x1c15/0x2cd0 [ 2319.069172] ? sctp_id2assoc+0x210/0x210 [ 2319.073232] ? rw_copy_check_uvector+0x1dd/0x2b0 [ 2319.077970] ? retint_kernel+0x2d/0x2d [ 2319.082026] ? selinux_socket_sendmsg+0x1d8/0x260 [ 2319.086852] ? selinux_socket_getpeername+0x260/0x260 [ 2319.092023] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2319.099906] inet_sendmsg+0x11a/0x4e0 [ 2319.103690] ? security_socket_sendmsg+0x83/0xb0 [ 2319.108783] ? inet_recvmsg+0x4d0/0x4d0 [ 2319.112759] sock_sendmsg+0xb5/0x100 [ 2319.116481] ___sys_sendmsg+0x6c8/0x800 [ 2319.120530] ? get_pid_task+0x91/0x130 [ 2319.124457] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 2319.129249] ? retint_kernel+0x2d/0x2d [ 2319.133131] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 2319.138929] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2319.143692] ? __fget+0x1fe/0x360 [ 2319.147149] ? lock_downgrade+0x740/0x740 [ 2319.151310] ? sockfd_lookup_light+0xb2/0x160 [ 2319.155788] __sys_sendmsg+0xa3/0x120 [ 2319.159579] ? SyS_shutdown+0x160/0x160 [ 2319.163582] ? wait_for_completion_io+0x10/0x10 [ 2319.168270] ? SyS_read+0x210/0x210 [ 2319.171907] ? SyS_clock_settime+0x1a0/0x1a0 [ 2319.176410] SyS_sendmsg+0x27/0x40 [ 2319.179930] ? __sys_sendmsg+0x120/0x120 [ 2319.183974] do_syscall_64+0x1d5/0x640 [ 2319.187864] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2319.193032] RIP: 0033:0x45de29 [ 2319.196222] RSP: 002b:00007f35fe88cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2319.203915] RAX: ffffffffffffffda RBX: 0000000000028100 RCX: 000000000045de29 [ 2319.211199] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 2319.218828] RBP: 00007f35fe88cca0 R08: 0000000000000000 R09: 0000000000000000 [ 2319.226086] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000e [ 2319.233351] R13: 00007fff731b57af R14: 00007f35fe88d9c0 R15: 000000000118bf2c 22:52:27 executing program 4 (fault-call:6 fault-nth:15): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x14) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(r0, 0x1ff) r1 = socket$inet_sctp(0x2, 0x801, 0x84) sendmsg(r1, &(0x7f0000000040)={&(0x7f0000000240)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x36}}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b2", 0xffe0}], 0x1, 0x0, 0x0, 0x9000004}, 0x0) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) [ 2319.366419] FAULT_INJECTION: forcing a failure. [ 2319.366419] name failslab, interval 1, probability 0, space 0, times 0 [ 2319.378969] CPU: 1 PID: 12189 Comm: syz-executor.4 Not tainted 4.14.198-syzkaller #0 [ 2319.386852] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2319.396198] Call Trace: [ 2319.399211] dump_stack+0x1b2/0x283 [ 2319.402822] should_fail.cold+0x10a/0x154 [ 2319.406952] should_failslab+0xd6/0x130 [ 2319.410913] kmem_cache_alloc_trace+0x47/0x3d0 [ 2319.416105] sctp_add_bind_addr+0x6c/0x350 [ 2319.420338] sctp_copy_local_addr_list+0x2ae/0x400 [ 2319.425266] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2319.430045] sctp_bind_addr_copy+0xde/0x430 [ 2319.434378] sctp_sendmsg+0x1c15/0x2cd0 [ 2319.438356] ? sctp_id2assoc+0x210/0x210 [ 2319.442412] ? rw_copy_check_uvector+0x1dd/0x2b0 [ 2319.447170] ? selinux_socket_sendmsg+0x1d8/0x260 [ 2319.452038] ? selinux_socket_getpeername+0x260/0x260 [ 2319.457232] ? dup_iter+0x240/0x240 [ 2319.460855] ? kernel_recvmsg+0x210/0x210 [ 2319.464992] inet_sendmsg+0x11a/0x4e0 [ 2319.468780] ? security_socket_sendmsg+0x83/0xb0 [ 2319.473526] ? inet_recvmsg+0x4d0/0x4d0 [ 2319.477490] sock_sendmsg+0xb5/0x100 [ 2319.481190] ___sys_sendmsg+0x6c8/0x800 [ 2319.485153] ? get_pid_task+0x91/0x130 [ 2319.489551] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 2319.494316] ? lock_downgrade+0x740/0x740 [ 2319.498457] ? __fget+0x1fe/0x360 [ 2319.501916] ? retint_kernel+0x2d/0x2d [ 2319.505792] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 2319.510797] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2319.515557] __sys_sendmsg+0xa3/0x120 [ 2319.519364] ? SyS_shutdown+0x160/0x160 [ 2319.523327] ? wait_for_completion_io+0x10/0x10 [ 2319.528023] ? SyS_read+0x210/0x210 [ 2319.531639] ? SyS_clock_settime+0x1a0/0x1a0 [ 2319.536051] SyS_sendmsg+0x27/0x40 [ 2319.539594] ? __sys_sendmsg+0x120/0x120 [ 2319.543660] do_syscall_64+0x1d5/0x640 [ 2319.547559] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2319.552736] RIP: 0033:0x45de29 [ 2319.555910] RSP: 002b:00007f35fe88cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2319.563611] RAX: ffffffffffffffda RBX: 0000000000028100 RCX: 000000000045de29 [ 2319.570886] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 2319.578157] RBP: 00007f35fe88cca0 R08: 0000000000000000 R09: 0000000000000000 [ 2319.585414] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000f [ 2319.592677] R13: 00007fff731b57af R14: 00007f35fe88d9c0 R15: 000000000118bf2c [ 2319.604169] Bluetooth: hci2 command 0x040f tx timeout 22:52:27 executing program 5: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket$netlink(0x10, 0x3, 0x0) mknod(&(0x7f0000000040)='./file0\x00', 0x4, 0x1) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a76786c616e00000018000280140010"], 0x3}}, 0x40000) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0) 22:52:27 executing program 4 (fault-call:6 fault-nth:16): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x14) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(r0, 0x1ff) r1 = socket$inet_sctp(0x2, 0x801, 0x84) sendmsg(r1, &(0x7f0000000040)={&(0x7f0000000240)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x36}}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b2", 0xffe0}], 0x1, 0x0, 0x0, 0x9000004}, 0x0) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) 22:52:28 executing program 2: socket(0x0, 0x0, 0x0) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8924, &(0x7f0000000200)={'wlan0\x00', @broadcast}) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000240)={'veth0_to_bridge\x00'}) r1 = syz_mount_image$vfat(&(0x7f0000000000)='vfat\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000140)=[{&(0x7f00000000c0)="249bd240e4d2a7ecf5fcbf85b9aff1707a9894aad2c58ddf9a28beff965b5434d39c7f7d2a2cc34ddbf8f545d2e675a11d2a039a9a2261475ccf4b803597e27f3b92cd2ff3aa", 0x46, 0x7}], 0x41804, &(0x7f0000000180)=ANY=[@ANYBLOB="73686f72746e616d653d77696e39352c6681757569643d62023433663535352d5c3939662d333934342d366233302d34393761640038642c00"]) r2 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x9, 0x2100) tee(r1, r2, 0x8b55, 0x1) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) [ 2319.810529] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.5'. [ 2319.840318] FAULT_INJECTION: forcing a failure. [ 2319.840318] name failslab, interval 1, probability 0, space 0, times 0 [ 2319.874786] CPU: 0 PID: 12208 Comm: syz-executor.4 Not tainted 4.14.198-syzkaller #0 [ 2319.882690] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2319.892039] Call Trace: [ 2319.894632] dump_stack+0x1b2/0x283 [ 2319.898263] should_fail.cold+0x10a/0x154 [ 2319.902515] should_failslab+0xd6/0x130 [ 2319.906497] kmem_cache_alloc_trace+0x47/0x3d0 [ 2319.911082] sctp_add_bind_addr+0x6c/0x350 [ 2319.915326] sctp_copy_local_addr_list+0x2ae/0x400 [ 2319.920255] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2319.925023] sctp_bind_addr_copy+0xde/0x430 [ 2319.929346] sctp_sendmsg+0x1c15/0x2cd0 [ 2319.933340] ? sctp_id2assoc+0x210/0x210 [ 2319.937410] ? rw_copy_check_uvector+0x1dd/0x2b0 [ 2319.942175] ? selinux_socket_sendmsg+0x1d8/0x260 [ 2319.947019] ? selinux_socket_getpeername+0x260/0x260 [ 2319.952213] ? dup_iter+0x240/0x240 [ 2319.955846] ? kernel_recvmsg+0x210/0x210 [ 2319.960004] inet_sendmsg+0x11a/0x4e0 [ 2319.963801] ? security_socket_sendmsg+0x83/0xb0 [ 2319.968561] ? inet_recvmsg+0x4d0/0x4d0 22:52:28 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) r5 = syz_open_dev$vcsn(&(0x7f0000000040)='/dev/vcs#\x00', 0x5af, 0x8040) bind$unix(r5, &(0x7f0000000100)=@abs={0x0, 0x0, 0x4e24}, 0x6e) r6 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$FS_IOC_GETFSMAP(r6, 0xc0c0583b, &(0x7f0000000240)={0x0, 0x0, 0x1, 0x0, [], [{0x6, 0x3, 0x80000000, 0x80000001, 0x56}, {0x7, 0x7, 0x60b91b1c, 0xa6e, 0x8, 0x200}], [[]]}) close(r4) socket$netlink(0x10, 0x3, 0x0) getsockopt$inet_dccp_buf(r2, 0x21, 0xc, &(0x7f0000000340)=""/4096, &(0x7f0000000180)=0x1000) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="080000005bd5de0f239f9f10001fff00", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r2, 0x0, r4, 0x0, 0x4ffe2, 0x0) r7 = shmget$private(0x0, 0x400000, 0x0, &(0x7f000000e000/0x400000)=nil) shmat(r7, &(0x7f0000000000/0x13000)=nil, 0x0) r8 = shmget$private(0x0, 0x3000, 0x1, &(0x7f0000ffa000/0x3000)=nil) shmat(r8, &(0x7f00002c0000/0x3000)=nil, 0x8bd0d4b7ce1a2907) shmctl$SHM_STAT(r7, 0xd, &(0x7f0000001340)=""/155) [ 2319.972540] sock_sendmsg+0xb5/0x100 [ 2319.976252] ___sys_sendmsg+0x6c8/0x800 [ 2319.980231] ? get_pid_task+0x91/0x130 [ 2319.984113] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 2319.988872] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 2319.993886] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2319.998664] ? check_preemption_disabled+0x35/0x240 [ 2320.003685] ? __fget+0x1fe/0x360 [ 2320.007141] ? lock_downgrade+0x740/0x740 [ 2320.011308] ? sockfd_lookup_light+0xb2/0x160 [ 2320.017234] __sys_sendmsg+0xa3/0x120 [ 2320.017244] ? SyS_shutdown+0x160/0x160 [ 2320.017258] ? wait_for_completion_io+0x10/0x10 [ 2320.029794] ? SyS_read+0x210/0x210 [ 2320.033420] ? SyS_clock_settime+0x1a0/0x1a0 [ 2320.037830] SyS_sendmsg+0x27/0x40 [ 2320.041401] ? __sys_sendmsg+0x120/0x120 [ 2320.045460] do_syscall_64+0x1d5/0x640 [ 2320.049341] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2320.054562] RIP: 0033:0x45de29 [ 2320.057732] RSP: 002b:00007f35fe88cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2320.065417] RAX: ffffffffffffffda RBX: 0000000000028100 RCX: 000000000045de29 22:52:28 executing program 4 (fault-call:6 fault-nth:17): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x14) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(r0, 0x1ff) r1 = socket$inet_sctp(0x2, 0x801, 0x84) sendmsg(r1, &(0x7f0000000040)={&(0x7f0000000240)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x36}}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b2", 0xffe0}], 0x1, 0x0, 0x0, 0x9000004}, 0x0) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) [ 2320.072676] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 2320.079946] RBP: 00007f35fe88cca0 R08: 0000000000000000 R09: 0000000000000000 [ 2320.087217] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000010 [ 2320.094483] R13: 00007fff731b57af R14: 00007f35fe88d9c0 R15: 000000000118bf2c [ 2320.290081] FAULT_INJECTION: forcing a failure. [ 2320.290081] name failslab, interval 1, probability 0, space 0, times 0 [ 2320.302208] CPU: 0 PID: 12233 Comm: syz-executor.4 Not tainted 4.14.198-syzkaller #0 [ 2320.310123] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2320.319482] Call Trace: [ 2320.322056] dump_stack+0x1b2/0x283 [ 2320.325692] should_fail.cold+0x10a/0x154 [ 2320.329856] should_failslab+0xd6/0x130 [ 2320.333826] kmem_cache_alloc_trace+0x47/0x3d0 [ 2320.338422] sctp_add_bind_addr+0x6c/0x350 [ 2320.342655] sctp_copy_local_addr_list+0x2ae/0x400 [ 2320.347585] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2320.352335] sctp_bind_addr_copy+0xde/0x430 [ 2320.356645] sctp_sendmsg+0x1c15/0x2cd0 [ 2320.360624] ? sctp_id2assoc+0x210/0x210 [ 2320.364669] ? rw_copy_check_uvector+0x1dd/0x2b0 [ 2320.369412] ? selinux_socket_sendmsg+0x1d8/0x260 [ 2320.374264] ? selinux_socket_getpeername+0x260/0x260 [ 2320.379445] ? dup_iter+0x240/0x240 [ 2320.383057] ? kernel_recvmsg+0x210/0x210 [ 2320.387195] inet_sendmsg+0x11a/0x4e0 [ 2320.390994] ? security_socket_sendmsg+0x83/0xb0 [ 2320.395734] ? inet_recvmsg+0x4d0/0x4d0 [ 2320.399725] sock_sendmsg+0xb5/0x100 [ 2320.403437] ___sys_sendmsg+0x6c8/0x800 [ 2320.407393] ? get_pid_task+0x91/0x130 [ 2320.411273] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 2320.416026] ? lock_downgrade+0x740/0x740 [ 2320.420173] ? __fget+0x1fe/0x360 [ 2320.423628] ? lock_acquire+0x170/0x3f0 [ 2320.427595] ? lock_downgrade+0x740/0x740 [ 2320.431744] ? sockfd_lookup_light+0xb2/0x160 [ 2320.436225] __sys_sendmsg+0xa3/0x120 [ 2320.440004] ? SyS_shutdown+0x160/0x160 [ 2320.443961] ? wait_for_completion_io+0x10/0x10 [ 2320.448611] ? SyS_read+0x210/0x210 [ 2320.452235] ? SyS_clock_settime+0x1a0/0x1a0 [ 2320.456629] SyS_sendmsg+0x27/0x40 [ 2320.460157] ? __sys_sendmsg+0x120/0x120 [ 2320.465012] do_syscall_64+0x1d5/0x640 [ 2320.468894] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2320.474095] RIP: 0033:0x45de29 [ 2320.477275] RSP: 002b:00007f35fe88cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2320.485666] RAX: ffffffffffffffda RBX: 0000000000028100 RCX: 000000000045de29 [ 2320.492931] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 2320.500185] RBP: 00007f35fe88cca0 R08: 0000000000000000 R09: 0000000000000000 [ 2320.507439] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000011 [ 2320.515227] R13: 00007fff731b57af R14: 00007f35fe88d9c0 R15: 000000000118bf2c [ 2321.683993] Bluetooth: hci2 command 0x0419 tx timeout 22:52:30 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {0x0}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) ptrace$cont(0x1f, r0, 0x0, 0x0) 22:52:30 executing program 5: setsockopt$pppl2tp_PPPOL2TP_SO_RECVSEQ(0xffffffffffffffff, 0x111, 0x2, 0x0, 0x4) r0 = socket$inet_udp(0x2, 0x2, 0x0) close(r0) r1 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f000000004200"/32], 0x3}}, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000240)={{{@in6=@empty, @in=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@empty}, 0x0, @in=@remote}}, &(0x7f0000000180)=0xe8) sendmsg$nl_route(r1, &(0x7f0000000380)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000340)={&(0x7f00000001c0)=@RTM_GETMDB={0x18, 0x56, 0x200, 0x70bd27, 0x25dfdbff, {0x7, r2}, ["", "", "", "", "", "", "", "", ""]}, 0x18}}, 0x4000085) recvfrom$ax25(0xffffffffffffffff, &(0x7f0000000040)=""/10, 0xa, 0x2062, 0x0, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000000)=ANY=[], 0xfffffecc) syz_open_dev$ptys(0xc, 0x3, 0x0) setsockopt$inet_sctp6_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000100)=@assoc_value, 0x8) sendmsg$NL80211_CMD_GET_KEY(r1, &(0x7f0000000480)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)={0x60, 0x0, 0x200, 0x70bd28, 0x25dfdbfc, {{}, {@void, @void}}, [@NL80211_ATTR_KEY_TYPE={0x8}, @NL80211_ATTR_KEY_DEFAULT={0x4}, @NL80211_ATTR_KEY_SEQ={0xd, 0xa, "d940e5ad1250d2076a"}, @NL80211_ATTR_KEY={0x28, 0x50, 0x0, 0x1, [@NL80211_KEY_MODE={0x5, 0x9, 0x1}, @NL80211_KEY_DEFAULT_TYPES={0xc, 0x8, 0x0, 0x1, [@NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}]}, @NL80211_KEY_IDX={0x5, 0x2, 0x4}, @NL80211_KEY_SEQ={0x7, 0x4, "8166d9"}]}, @NL80211_ATTR_KEY_CIPHER={0x8, 0x9, 0xfac01}]}, 0x60}, 0x1, 0x0, 0x0, 0x7bc5741a00931b2c}, 0x41) splice(0xffffffffffffffff, 0x0, r0, 0x0, 0x4ffe2, 0x0) 22:52:30 executing program 2: socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r1, 0x84, 0x6e, &(0x7f0000000080)=[@in6={0xa, 0x0, 0x0, @private1}, @in={0x2, 0x0, @loopback}], 0x2c) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000900)={0x1, [0x0]}, &(0x7f0000000940)=0x8) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000100)={r2, @in6={{0xa, 0x0, 0x0, @empty}}}, 0x90) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000140)={r2, @in6={{0xa, 0x4e20, 0x1, @local, 0x80}}}, &(0x7f0000000200)=0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x2, @loopback}, 0x1c) ioctl$sock_inet6_SIOCDELRT(r0, 0x890c, &(0x7f00000000c0)={@initdev={0xfe, 0x88, [], 0x0, 0x0}, @remote, @mcast2, 0x0, 0xfffa, 0x4, 0x500, 0xffffffffffffffff, 0x80083}) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000000)={0x0, 0x8}, &(0x7f0000000040)=0x8) 22:52:30 executing program 4 (fault-call:6 fault-nth:18): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x14) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(r0, 0x1ff) r1 = socket$inet_sctp(0x2, 0x801, 0x84) sendmsg(r1, &(0x7f0000000040)={&(0x7f0000000240)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x36}}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b2", 0xffe0}], 0x1, 0x0, 0x0, 0x9000004}, 0x0) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) 22:52:30 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc) fsetxattr$security_ima(r0, &(0x7f0000000040)='security.ima\x00', &(0x7f0000000100)=@sha1={0x1, "4516a448d537338f60e7b1ee39dd58c9b26a10e8"}, 0x15, 0x0) splice(r2, 0x0, r4, 0x0, 0x4ffe2, 0x0) 22:52:30 executing program 5: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_int(r4, 0x29, 0x48, &(0x7f0000000240)=0xd, 0x4) getsockopt$inet6_int(r4, 0x29, 0x48, 0x0, &(0x7f00007d0000)) r5 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_int(r5, 0x29, 0x48, &(0x7f0000000240)=0xd, 0x4) getsockopt$inet6_int(r5, 0x29, 0x48, 0x0, &(0x7f00007d0000)) r6 = syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x9, 0x42200) r7 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_int(r7, 0x29, 0x48, &(0x7f0000000240)=0xd, 0x4) getsockopt$inet6_int(r7, 0x29, 0x48, 0x0, &(0x7f00007d0000)) sendmsg$nl_route(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=ANY=[@ANYRES16=r4, @ANYRES16=r7, @ANYBLOB="1f00000000421800280012800a00010076786c616e000000180002801400101d20e5159d37e0beef4c119d3fdd8120dc00c7057ff22dfa442775ed"], 0x3}}, 0x4048001) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) renameat(r3, &(0x7f0000000040)='./file0\x00', r0, &(0x7f0000000100)='./file0\x00') splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0) 22:52:30 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {0x0}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) ptrace$cont(0x1f, r0, 0x0, 0x0) 22:52:30 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_int(r1, 0x29, 0x18, &(0x7f0000000240)=0xbd3, 0xfffffda3) getsockopt$inet6_int(r1, 0x29, 0x48, 0x0, &(0x7f00007d0000)) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000000)=0x0) fcntl$setown(r1, 0x8, r2) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) r3 = openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x10080, 0x0) sendmsg$NL80211_CMD_SET_CQM(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000080)={&(0x7f0000000400)=ANY=[@ANYRES16, @ANYRES16=0x0, @ANYBLOB="080028bd7000fbdbdf253f0000000c00990006000000670000000c005e80080007006a050000"], 0x2c}, 0x1, 0x0, 0x0, 0xc820}, 0x1) ioctl$sock_ax25_SIOCADDRT(r3, 0x890b, &(0x7f0000000280)={@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, 0x6, [@null, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @default, @default, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)) prctl$PR_GET_SECUREBITS(0x1b) ptrace$cont(0x1f, r0, 0x0, 0x0) [ 2322.027675] FAULT_INJECTION: forcing a failure. [ 2322.027675] name failslab, interval 1, probability 0, space 0, times 0 [ 2322.039653] CPU: 0 PID: 12275 Comm: syz-executor.4 Not tainted 4.14.198-syzkaller #0 [ 2322.048167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2322.059257] Call Trace: [ 2322.061838] dump_stack+0x1b2/0x283 [ 2322.065485] should_fail.cold+0x10a/0x154 [ 2322.069628] should_failslab+0xd6/0x130 [ 2322.074596] kmem_cache_alloc_trace+0x47/0x3d0 [ 2322.079344] sctp_add_bind_addr+0x6c/0x350 [ 2322.084366] sctp_copy_local_addr_list+0x2ae/0x400 [ 2322.089291] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2322.094040] ? sctp_association_new+0x1708/0x1e70 [ 2322.098874] sctp_bind_addr_copy+0xde/0x430 [ 2322.103200] sctp_sendmsg+0x1c15/0x2cd0 [ 2322.107172] ? sctp_id2assoc+0x210/0x210 [ 2322.111221] ? audit_add_tree_rule.cold+0x2f/0x2f [ 2322.116052] ? rw_copy_check_uvector+0x1dd/0x2b0 [ 2322.120817] ? selinux_socket_sendmsg+0x1d8/0x260 [ 2322.125671] ? selinux_socket_getpeername+0x260/0x260 [ 2322.130862] ? dup_iter+0x240/0x240 [ 2322.134757] ? kernel_recvmsg+0x210/0x210 [ 2322.138911] inet_sendmsg+0x11a/0x4e0 [ 2322.142713] ? security_socket_sendmsg+0x83/0xb0 [ 2322.147470] ? inet_recvmsg+0x4d0/0x4d0 [ 2322.151437] sock_sendmsg+0xb5/0x100 [ 2322.155145] ___sys_sendmsg+0x6c8/0x800 [ 2322.159130] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 2322.163968] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 2322.169049] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2322.173808] ? check_preemption_disabled+0x35/0x240 [ 2322.178815] ? __fget+0x1fe/0x360 [ 2322.182275] ? lock_downgrade+0x740/0x740 [ 2322.186444] ? sockfd_lookup_light+0xb2/0x160 [ 2322.190931] __sys_sendmsg+0xa3/0x120 [ 2322.194722] ? SyS_shutdown+0x160/0x160 [ 2322.198690] ? wait_for_completion_io+0x10/0x10 [ 2322.203366] ? SyS_read+0x210/0x210 [ 2322.206989] ? SyS_clock_settime+0x1a0/0x1a0 [ 2322.211398] SyS_sendmsg+0x27/0x40 [ 2322.214930] ? __sys_sendmsg+0x120/0x120 [ 2322.219000] do_syscall_64+0x1d5/0x640 [ 2322.222892] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2322.228080] RIP: 0033:0x45de29 [ 2322.231265] RSP: 002b:00007f35fe88cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2322.238971] RAX: ffffffffffffffda RBX: 0000000000028100 RCX: 000000000045de29 [ 2322.246234] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 2322.253509] RBP: 00007f35fe88cca0 R08: 0000000000000000 R09: 0000000000000000 [ 2322.260769] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000012 [ 2322.268030] R13: 00007fff731b57af R14: 00007f35fe88d9c0 R15: 000000000118bf2c 22:52:30 executing program 4 (fault-call:6 fault-nth:19): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x14) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(r0, 0x1ff) r1 = socket$inet_sctp(0x2, 0x801, 0x84) sendmsg(r1, &(0x7f0000000040)={&(0x7f0000000240)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x36}}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b2", 0xffe0}], 0x1, 0x0, 0x0, 0x9000004}, 0x0) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) [ 2322.369239] FAULT_INJECTION: forcing a failure. [ 2322.369239] name failslab, interval 1, probability 0, space 0, times 0 [ 2322.381923] CPU: 0 PID: 12291 Comm: syz-executor.4 Not tainted 4.14.198-syzkaller #0 [ 2322.389912] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2322.399268] Call Trace: [ 2322.401893] dump_stack+0x1b2/0x283 [ 2322.405530] should_fail.cold+0x10a/0x154 [ 2322.409708] should_failslab+0xd6/0x130 [ 2322.413717] kmem_cache_alloc_trace+0x47/0x3d0 [ 2322.418308] sctp_add_bind_addr+0x6c/0x350 [ 2322.422535] sctp_copy_local_addr_list+0x2ae/0x400 [ 2322.427455] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2322.432206] sctp_bind_addr_copy+0xde/0x430 [ 2322.436523] sctp_sendmsg+0x1c15/0x2cd0 [ 2322.440500] ? sctp_id2assoc+0x210/0x210 [ 2322.444730] ? rw_copy_check_uvector+0x1dd/0x2b0 [ 2322.449482] ? selinux_socket_sendmsg+0x1d8/0x260 [ 2322.454321] ? selinux_socket_getpeername+0x260/0x260 [ 2322.459505] ? dup_iter+0x240/0x240 [ 2322.463151] ? kernel_recvmsg+0x210/0x210 [ 2322.467298] inet_sendmsg+0x11a/0x4e0 [ 2322.471091] ? security_socket_sendmsg+0x83/0xb0 [ 2322.476548] ? inet_recvmsg+0x4d0/0x4d0 [ 2322.480519] sock_sendmsg+0xb5/0x100 [ 2322.484259] ___sys_sendmsg+0x6c8/0x800 [ 2322.488248] ? get_pid_task+0x91/0x130 [ 2322.492129] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 2322.496903] ? lock_downgrade+0x740/0x740 [ 2322.501050] ? __fget+0x1fe/0x360 [ 2322.504497] ? lock_acquire+0x170/0x3f0 [ 2322.508461] ? lock_downgrade+0x740/0x740 [ 2322.512618] ? sockfd_lookup_light+0xb2/0x160 [ 2322.517105] __sys_sendmsg+0xa3/0x120 [ 2322.520899] ? SyS_shutdown+0x160/0x160 [ 2322.524863] ? wait_for_completion_io+0x10/0x10 [ 2322.529537] ? SyS_read+0x210/0x210 [ 2322.533152] ? SyS_clock_settime+0x1a0/0x1a0 [ 2322.537557] SyS_sendmsg+0x27/0x40 [ 2322.541084] ? __sys_sendmsg+0x120/0x120 [ 2322.545136] do_syscall_64+0x1d5/0x640 [ 2322.549032] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2322.554217] RIP: 0033:0x45de29 [ 2322.557409] RSP: 002b:00007f35fe88cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2322.565120] RAX: ffffffffffffffda RBX: 0000000000028100 RCX: 000000000045de29 [ 2322.572392] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 2322.579654] RBP: 00007f35fe88cca0 R08: 0000000000000000 R09: 0000000000000000 [ 2322.586937] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000013 [ 2322.594221] R13: 00007fff731b57af R14: 00007f35fe88d9c0 R15: 000000000118bf2c 22:52:30 executing program 4 (fault-call:6 fault-nth:20): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x14) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(r0, 0x1ff) r1 = socket$inet_sctp(0x2, 0x801, 0x84) sendmsg(r1, &(0x7f0000000040)={&(0x7f0000000240)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x36}}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b2", 0xffe0}], 0x1, 0x0, 0x0, 0x9000004}, 0x0) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) 22:52:31 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff}) r3 = socket$inet_udp(0x2, 0x2, 0x0) close(r3) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="4800000010001fff0000050000be000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012805193340a00010076786c616e00000018000284670aa289902dec9db8fe3660ddb74dd45fd6b253c2aad8bd273b7c96615b59b8f8061fbe89383e747e06352f8f4fa1c6348d418b0bb1831c730231f67a5c513238d46e0a2cf6ecf14cd15fa970b45d3d1e5049a3237ad9398297553c8e312c0f09cc6bacb4a9525ac49400cb61c96b3db81b4b85017a80951602ce5dfb8ab7b00b614d7219f6a039fbcbb95d57d86956b165c501a100f3a960757620f1ac9325c2d9cc7599ca481032cd679b636af1f04156872f98e1424662b2e9555ecf24d7ad204ce7e2c84c8df2e0b732209692f7f385486e1d23fe6021122b1ee9c8cc5849f44b"], 0x3}}, 0x0) r5 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_int(r5, 0x29, 0x48, &(0x7f0000000240)=0xd, 0x4) getsockopt$inet6_int(r5, 0x29, 0x48, 0x0, &(0x7f00007d0000)) write$binfmt_misc(r5, &(0x7f0000000100)=ANY=[@ANYBLOB="b3f8adbb5b5d4b141f9047b72bd844bc63b5d01e0400d8d2601a2fa5ec6bf07301c53cc2e627e178c6e299b382bdd340ccdd679361076f4b27d15d286da20fd7bf5b04bae469caed", @ANYRES16=r5, @ANYRESOCT=r4, @ANYRESHEX, @ANYRES16=r2], 0xfffffecc) splice(r2, 0x0, r3, 0x0, 0x4ffe2, 0x0) [ 2322.769576] FAULT_INJECTION: forcing a failure. [ 2322.769576] name failslab, interval 1, probability 0, space 0, times 0 [ 2322.781520] CPU: 1 PID: 12302 Comm: syz-executor.4 Not tainted 4.14.198-syzkaller #0 [ 2322.789433] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2322.798778] Call Trace: [ 2322.801377] dump_stack+0x1b2/0x283 [ 2322.805022] should_fail.cold+0x10a/0x154 [ 2322.809183] should_failslab+0xd6/0x130 [ 2322.813173] kmem_cache_alloc_trace+0x47/0x3d0 22:52:31 executing program 5: pipe(&(0x7f0000000080)) r0 = socket$inet_udp(0x2, 0x2, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) write$P9_RVERSION(r2, &(0x7f0000000100)={0x15, 0x65, 0xffff, 0x2, 0x8, '9P2000.u'}, 0x15) close(r0) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000040)={'wlan0\x00'}) write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc) [ 2322.817762] sctp_add_bind_addr+0x6c/0x350 [ 2322.822014] sctp_copy_local_addr_list+0x2ae/0x400 [ 2322.826951] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2322.831735] sctp_bind_addr_copy+0xde/0x430 [ 2322.836065] sctp_sendmsg+0x1c15/0x2cd0 [ 2322.840074] ? sctp_id2assoc+0x210/0x210 [ 2322.844140] ? retint_kernel+0x2d/0x2d [ 2322.848031] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 2322.853055] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2322.857826] ? check_preemption_disabled+0x35/0x240 [ 2322.862840] ? retint_kernel+0x2d/0x2d [ 2322.866733] ? inet_sendmsg+0x4e/0x4e0 [ 2322.870622] inet_sendmsg+0x11a/0x4e0 [ 2322.874423] ? security_socket_sendmsg+0x83/0xb0 [ 2322.879198] ? inet_recvmsg+0x4d0/0x4d0 [ 2322.883184] sock_sendmsg+0xb5/0x100 [ 2322.886929] ___sys_sendmsg+0x6c8/0x800 [ 2322.890909] ? get_pid_task+0x91/0x130 [ 2322.894796] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 2322.899589] ? retint_kernel+0x2d/0x2d [ 2322.903503] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 2322.908529] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2322.913302] ? __fget+0x1fe/0x360 22:52:31 executing program 5: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0) ioctl$SIOCAX25DELFWD(r1, 0x89eb, &(0x7f0000000040)={@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}}) [ 2322.917717] ? lock_downgrade+0x740/0x740 [ 2322.921876] ? sockfd_lookup_light+0xb2/0x160 [ 2322.926383] __sys_sendmsg+0xa3/0x120 [ 2322.935055] ? SyS_shutdown+0x160/0x160 [ 2322.939034] ? wait_for_completion_io+0x10/0x10 [ 2322.943714] ? SyS_read+0x210/0x210 [ 2322.948034] ? SyS_clock_settime+0x1a0/0x1a0 [ 2322.952476] SyS_sendmsg+0x27/0x40 [ 2322.956020] ? __sys_sendmsg+0x120/0x120 [ 2322.960086] do_syscall_64+0x1d5/0x640 [ 2322.963991] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2322.969210] RIP: 0033:0x45de29 [ 2322.972832] RSP: 002b:00007f35fe88cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2322.980544] RAX: ffffffffffffffda RBX: 0000000000028100 RCX: 000000000045de29 [ 2322.987823] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 2322.995100] RBP: 00007f35fe88cca0 R08: 0000000000000000 R09: 0000000000000000 [ 2323.002380] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014 [ 2323.009650] R13: 00007fff731b57af R14: 00007f35fe88d9c0 R15: 000000000118bf2c 22:52:31 executing program 2: socket(0x0, 0x0, 0x0) socket(0x2c, 0x4, 0x8) poll(0x0, 0x0, 0x1) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$inet_udplite(0x2, 0x2, 0x88) r4 = dup(r3) r5 = socket$inet_udplite(0x2, 0x2, 0x88) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400204) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x4001fe) accept$ax25(r4, &(0x7f0000000000)={{0x3, @null}, [@rose, @null, @bcast, @rose, @netrom, @null, @bcast, @netrom]}, &(0x7f00000000c0)=0x48) 22:52:31 executing program 4 (fault-call:6 fault-nth:21): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x14) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(r0, 0x1ff) r1 = socket$inet_sctp(0x2, 0x801, 0x84) sendmsg(r1, &(0x7f0000000040)={&(0x7f0000000240)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x36}}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b2", 0xffe0}], 0x1, 0x0, 0x0, 0x9000004}, 0x0) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) [ 2323.200524] FAULT_INJECTION: forcing a failure. [ 2323.200524] name failslab, interval 1, probability 0, space 0, times 0 [ 2323.212214] CPU: 0 PID: 12336 Comm: syz-executor.4 Not tainted 4.14.198-syzkaller #0 [ 2323.220101] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2323.229440] Call Trace: [ 2323.232014] dump_stack+0x1b2/0x283 [ 2323.235626] should_fail.cold+0x10a/0x154 [ 2323.239781] should_failslab+0xd6/0x130 [ 2323.243747] kmem_cache_alloc_trace+0x47/0x3d0 [ 2323.248342] sctp_add_bind_addr+0x6c/0x350 [ 2323.252589] sctp_copy_local_addr_list+0x2ae/0x400 [ 2323.257506] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2323.262270] ? sctp_bind_addr_copy+0x118/0x430 [ 2323.266847] sctp_bind_addr_copy+0xde/0x430 [ 2323.276020] sctp_sendmsg+0x1c15/0x2cd0 [ 2323.279986] ? check_preemption_disabled+0x35/0x240 [ 2323.284992] ? sctp_id2assoc+0x210/0x210 [ 2323.289047] ? selinux_socket_sendmsg+0xa8/0x260 [ 2323.293798] ? selinux_socket_sendmsg+0x1d8/0x260 [ 2323.298643] ? selinux_socket_getpeername+0x260/0x260 [ 2323.303838] ? dup_iter+0x240/0x240 [ 2323.307474] ? kernel_recvmsg+0x210/0x210 [ 2323.311629] inet_sendmsg+0x11a/0x4e0 [ 2323.316416] ? security_socket_sendmsg+0x83/0xb0 [ 2323.321964] ? inet_recvmsg+0x4d0/0x4d0 [ 2323.325942] sock_sendmsg+0xb5/0x100 [ 2323.329661] ___sys_sendmsg+0x6c8/0x800 [ 2323.333645] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 2323.338399] ? retint_kernel+0x2d/0x2d [ 2323.342333] ? lock_release+0x41e/0x870 [ 2323.346308] ? lock_acquire+0x170/0x3f0 [ 2323.350277] ? lock_downgrade+0x740/0x740 [ 2323.354450] ? sockfd_lookup_light+0xb2/0x160 [ 2323.358935] __sys_sendmsg+0xa3/0x120 [ 2323.362718] ? SyS_shutdown+0x160/0x160 [ 2323.366677] SyS_sendmsg+0x27/0x40 [ 2323.370201] ? __sys_sendmsg+0x120/0x120 [ 2323.374462] do_syscall_64+0x1d5/0x640 [ 2323.378348] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2323.383566] RIP: 0033:0x45de29 [ 2323.386737] RSP: 002b:00007f35fe88cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e 22:52:31 executing program 4 (fault-call:6 fault-nth:22): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x14) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(r0, 0x1ff) r1 = socket$inet_sctp(0x2, 0x801, 0x84) sendmsg(r1, &(0x7f0000000040)={&(0x7f0000000240)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x36}}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b2", 0xffe0}], 0x1, 0x0, 0x0, 0x9000004}, 0x0) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) [ 2323.394432] RAX: ffffffffffffffda RBX: 0000000000028100 RCX: 000000000045de29 [ 2323.401684] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 2323.408950] RBP: 00007f35fe88cca0 R08: 0000000000000000 R09: 0000000000000000 [ 2323.416983] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015 [ 2323.424248] R13: 00007fff731b57af R14: 00007f35fe88d9c0 R15: 000000000118bf2c [ 2323.542725] FAULT_INJECTION: forcing a failure. [ 2323.542725] name failslab, interval 1, probability 0, space 0, times 0 [ 2323.559137] CPU: 1 PID: 12343 Comm: syz-executor.4 Not tainted 4.14.198-syzkaller #0 [ 2323.567086] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2323.576436] Call Trace: [ 2323.579052] dump_stack+0x1b2/0x283 [ 2323.582688] should_fail.cold+0x10a/0x154 [ 2323.586850] should_failslab+0xd6/0x130 [ 2323.590840] kmem_cache_alloc_trace+0x47/0x3d0 [ 2323.595460] sctp_add_bind_addr+0x6c/0x350 [ 2323.599713] sctp_copy_local_addr_list+0x2ae/0x400 [ 2323.605524] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2323.610381] sctp_bind_addr_copy+0xde/0x430 [ 2323.614703] sctp_sendmsg+0x1c15/0x2cd0 [ 2323.618684] ? sctp_id2assoc+0x210/0x210 [ 2323.623533] ? rw_copy_check_uvector+0x1dd/0x2b0 [ 2323.628292] ? selinux_socket_sendmsg+0x1d8/0x260 [ 2323.633141] ? selinux_socket_getpeername+0x260/0x260 [ 2323.638342] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 2323.643356] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2323.648116] ? retint_kernel+0x2d/0x2d [ 2323.652000] inet_sendmsg+0x11a/0x4e0 [ 2323.655808] ? security_socket_sendmsg+0x83/0xb0 [ 2323.660562] ? inet_recvmsg+0x4d0/0x4d0 [ 2323.664532] sock_sendmsg+0xb5/0x100 [ 2323.668240] ___sys_sendmsg+0x6c8/0x800 [ 2323.672645] ? get_pid_task+0x91/0x130 [ 2323.676537] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 2323.681306] ? lock_downgrade+0x740/0x740 [ 2323.685467] ? __fget+0x1fe/0x360 [ 2323.688918] ? lock_acquire+0x170/0x3f0 [ 2323.692895] ? lock_downgrade+0x740/0x740 [ 2323.697049] ? sockfd_lookup_light+0xb2/0x160 [ 2323.701536] __sys_sendmsg+0xa3/0x120 [ 2323.705332] ? SyS_shutdown+0x160/0x160 [ 2323.709298] ? check_preemption_disabled+0x35/0x240 [ 2323.714315] SyS_sendmsg+0x27/0x40 [ 2323.717868] ? __sys_sendmsg+0x120/0x120 [ 2323.721922] do_syscall_64+0x1d5/0x640 [ 2323.725806] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2323.730988] RIP: 0033:0x45de29 [ 2323.734163] RSP: 002b:00007f35fe88cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e 22:52:32 executing program 5: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$SEG6_CMD_SET_TUNSRC(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000040)={0x2c, 0x0, 0x20, 0x70bd29, 0x25dfdbff, {}, [@SEG6_ATTR_HMACKEYID={0x8, 0x3, 0xffff8001}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x1}, @SEG6_ATTR_ALGID={0x5, 0x6, 0xf9}]}, 0x2c}, 0x1, 0x0, 0x0, 0x50010}, 0x44884) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRESDEC=r3, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) sendmsg$NL80211_CMD_TESTMODE(r0, &(0x7f0000000780)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000740)={&(0x7f0000000340)={0x400, 0x0, 0x300, 0x70bd29, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x8, 0x47}}}}, [@NL80211_ATTR_TESTDATA={0x7b, 0x45, "a3c089cdec89ae8c6173b875a4f51c81de2fdfa27ec0021b80862821ac0a2bfd373733769bf4c20df9e4578e7be2b96142341768c25547c9d28f9f25541b3db5dff15d69df49b6abae968e19382ba9672a35f1532b1269d6b1db5452f6b35b03f027d0ebf251b5b027f7aeaa2c183970c9832d0d13eb41"}, @NL80211_ATTR_TESTDATA={0x30, 0x45, "500d45195ec735f3ca8dd28ad2717e8d65f52127979c7b8afc841bcb904d9b7520d6eca88e1a9edc032d4c2c"}, @NL80211_ATTR_TESTDATA={0x64, 0x45, "16abcacfdc54f3c77326896229e84d4dc2b2ab3eb402a0b6c58e4655a2135becf362aca59114c12dc88bb9c16db280c560fd21396e8008e7b25f47054cb57302db80196e79f6e609d89f7384a33c34172ef54466b607d5aeec711b294bb3c8b4"}, @NL80211_ATTR_TESTDATA={0x17, 0x45, "81a15130af8b1396ba460135e0b0c1326595c1"}, @NL80211_ATTR_TESTDATA={0x7d, 0x45, "fec3eafa69586956905adb63029522d3fc6e40a116797108d44589c959d94dc78755ec924e6354d5a6985c3e756ed83f3cb24c4bfb9d4a9f12691a4334a398e9385bb1d327352fa0895b2886d1bc5aa00d25a8039aad98ccfc910b163a39bf738cbc4a28d1429e5e58b339b75ab57e7a5ab6e02cd14e354f66"}, @NL80211_ATTR_TESTDATA={0x100, 0x45, "3e81eaede5c9d1b28aa95855eddf5c7af15400717600a40a7a4474795304ba8874ee6f59c610d557951a770a21fa9212fb2a0912171809c87b2b25154f509e60a0abe0f4b9d42b333fb7bf326613f30b8c5be5c633f32a525b5d1956e8292a2b27e28dfdcdb0a5ad51958dcb70e2c385554e76f98c4ff8ba51a076479b0f757f83019825df42c924a115f4cdf0d08d7c5aa2cf89f01728f93cf4b54baa8c9ae25d2aabddac4f1ffd6b3394c4eb0bca9dc03e2b1575603aed0362070b14b31a64f4c11be12ced7a5d4dba93ef4364e1aec3e77092e44ac329f2ad833f80154d9f13024f5abf6b5c02df95ce20ab3b8e54fd296bada892b08b550a0649"}, @NL80211_ATTR_TESTDATA={0xe6, 0x45, "84ecd17ffc609e25184374ede07d57417212bdd0bb22673bd14f04970c75b4611d849f84138f4c8fa0ac90bf300a95b907ce21fb04a0e568a5497ba087f7071c52a0ae93a2064d97f6b562eac5bf378d536e0f58b12f618ce3a1e2da5ab76ca306af9610481d1acf83a3b911117878e995393b81b345641723d32012f61f7148b0239e1e63b9e7192b2f0809c2f545e4feba5f4ec2d20b53753bd23d86007f3522e8f8690e0e03159429d04ec8cefa8b20ef446357f4ab57a5afed36be925195a6457c7074bc8e5592b797274ad4aaf6f7fb92ee20dff30eb12b8239ff5aad86d16b"}, @NL80211_ATTR_TESTDATA={0x50, 0x45, "88e6421637209c8242f07038dd64d7251e9879848855dc5315fefc0ce78631ed6644bf36a8d21ed92fcfe76fca9c7308405b781885c9b6b3f24639f3005cabc3635821c1f2ac82da0a211e4c"}]}, 0x400}, 0x1, 0x0, 0x0, 0x10}, 0x800) prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000240)="775eda0daf74f4eb383a167f8ab8114ff7ba012254473cae050f737a686a8d26662c8844ffedf4c1bf053ab2b9c46ae304cf597c61c96114013d3ab613ada62a08c1fdab06aa909f5bcb35d42d2651ac052d7a575f8ba12297136497a3927ac04492b43d70e7cf1d1eb56b6437676af74cc496ddf2ed2b1a93bcb3f1c5bfaed77f06ccedbfd6e7e2ebb3d9bbd96476107e48b5a687ebae75ced76b3ef64ac0dedfffc7993aa1", 0xa6) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0) [ 2323.741866] RAX: ffffffffffffffda RBX: 0000000000028100 RCX: 000000000045de29 [ 2323.749145] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 2323.756430] RBP: 00007f35fe88cca0 R08: 0000000000000000 R09: 0000000000000000 [ 2323.763694] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016 [ 2323.770960] R13: 00007fff731b57af R14: 00007f35fe88d9c0 R15: 000000000118bf2c 22:52:32 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc) socket$l2tp6(0xa, 0x2, 0x73) splice(r2, 0x0, r4, 0x0, 0x4ffe2, 0x0) [ 2323.917898] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=12360 comm=syz-executor.5 22:52:33 executing program 2: socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1) r1 = open(&(0x7f0000000000)='./file0\x00', 0xc01, 0x41) ioctl$ASHMEM_SET_NAME(r1, 0x41007701, &(0x7f0000000040)='%\'/[*\xd0\x00') connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) 22:52:33 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) r1 = semget(0x1, 0x4, 0x4) semop(r1, &(0x7f0000000000)=[{0x4, 0xa83}, {0x3, 0x2, 0x1800}, {0x0, 0x0, 0x800}, {0x4, 0x5, 0x800}, {0x3, 0x8000, 0x1800}, {0x1, 0xf60}, {0x4, 0x8000}, {0x2, 0x2d6, 0x1800}, {0x4, 0x5, 0x2800}], 0x9) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)) ptrace$cont(0x1f, r0, 0x0, 0x0) 22:52:33 executing program 4 (fault-call:6 fault-nth:23): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x14) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(r0, 0x1ff) r1 = socket$inet_sctp(0x2, 0x801, 0x84) sendmsg(r1, &(0x7f0000000040)={&(0x7f0000000240)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x36}}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b2", 0xffe0}], 0x1, 0x0, 0x0, 0x9000004}, 0x0) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) 22:52:33 executing program 5: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket$netlink(0x10, 0x3, 0x0) r3 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x401, 0x10000) sendmsg$nl_route(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="48dfff0010001f0b6d157dafff00000500000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0) 22:52:33 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) ptrace$cont(0x1f, r0, 0x0, 0x0) 22:52:33 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = epoll_create1(0x0) r3 = epoll_create1(0x0) close(r2) fanotify_init(0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000c85000)) epoll_ctl$EPOLL_CTL_MOD(r3, 0x3, r2, &(0x7f0000f2cff4)) pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = socket$inet_udp(0x2, 0x2, 0x0) close(r6) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRESDEC=r0, @ANYRES16=r4], 0x3}}, 0x24040080) write$binfmt_misc(r5, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r4, 0x0, r6, 0x0, 0x4ffe2, 0x0) [ 2325.033723] FAULT_INJECTION: forcing a failure. [ 2325.033723] name failslab, interval 1, probability 0, space 0, times 0 [ 2325.063230] CPU: 1 PID: 12374 Comm: syz-executor.4 Not tainted 4.14.198-syzkaller #0 [ 2325.071235] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2325.080769] Call Trace: [ 2325.083451] dump_stack+0x1b2/0x283 [ 2325.088479] should_fail.cold+0x10a/0x154 [ 2325.093337] should_failslab+0xd6/0x130 [ 2325.097445] kmem_cache_alloc_trace+0x47/0x3d0 [ 2325.102229] sctp_add_bind_addr+0x6c/0x350 [ 2325.106663] sctp_copy_local_addr_list+0x2ae/0x400 [ 2325.111613] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2325.116387] sctp_bind_addr_copy+0xde/0x430 [ 2325.121249] sctp_sendmsg+0x1c15/0x2cd0 [ 2325.125273] ? sctp_id2assoc+0x210/0x210 [ 2325.129341] ? rw_copy_check_uvector+0x1dd/0x2b0 [ 2325.134129] ? selinux_socket_sendmsg+0x1d8/0x260 [ 2325.138977] ? selinux_socket_getpeername+0x260/0x260 [ 2325.144347] ? dup_iter+0x240/0x240 [ 2325.147980] ? kernel_recvmsg+0x210/0x210 [ 2325.152125] inet_sendmsg+0x11a/0x4e0 [ 2325.155921] ? security_socket_sendmsg+0x83/0xb0 [ 2325.160687] ? inet_recvmsg+0x4d0/0x4d0 [ 2325.164668] sock_sendmsg+0xb5/0x100 [ 2325.168385] ___sys_sendmsg+0x6c8/0x800 [ 2325.172360] ? get_pid_task+0x91/0x130 [ 2325.176249] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 2325.181761] ? lock_downgrade+0x740/0x740 [ 2325.185915] ? __fget+0x1fe/0x360 [ 2325.189366] ? lock_acquire+0x170/0x3f0 [ 2325.193426] ? lock_downgrade+0x740/0x740 [ 2325.197590] ? sockfd_lookup_light+0xb2/0x160 [ 2325.202108] __sys_sendmsg+0xa3/0x120 [ 2325.205907] ? SyS_shutdown+0x160/0x160 [ 2325.209889] SyS_sendmsg+0x27/0x40 [ 2325.213421] ? __sys_sendmsg+0x120/0x120 [ 2325.217494] do_syscall_64+0x1d5/0x640 [ 2325.221404] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2325.226595] RIP: 0033:0x45de29 [ 2325.229805] RSP: 002b:00007f35fe88cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2325.237540] RAX: ffffffffffffffda RBX: 0000000000028100 RCX: 000000000045de29 [ 2325.244809] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 2325.252080] RBP: 00007f35fe88cca0 R08: 0000000000000000 R09: 0000000000000000 [ 2325.259370] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000017 [ 2325.266660] R13: 00007fff731b57af R14: 00007f35fe88d9c0 R15: 000000000118bf2c 22:52:33 executing program 4 (fault-call:6 fault-nth:24): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x14) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(r0, 0x1ff) r1 = socket$inet_sctp(0x2, 0x801, 0x84) sendmsg(r1, &(0x7f0000000040)={&(0x7f0000000240)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x36}}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b2", 0xffe0}], 0x1, 0x0, 0x0, 0x9000004}, 0x0) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) [ 2325.413230] FAULT_INJECTION: forcing a failure. [ 2325.413230] name failslab, interval 1, probability 0, space 0, times 0 [ 2325.428548] CPU: 0 PID: 12402 Comm: syz-executor.4 Not tainted 4.14.198-syzkaller #0 [ 2325.436435] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2325.446330] Call Trace: [ 2325.448917] dump_stack+0x1b2/0x283 [ 2325.452549] should_fail.cold+0x10a/0x154 [ 2325.456727] should_failslab+0xd6/0x130 [ 2325.460793] kmem_cache_alloc_trace+0x47/0x3d0 [ 2325.465375] sctp_add_bind_addr+0x6c/0x350 [ 2325.469629] sctp_copy_local_addr_list+0x2ae/0x400 [ 2325.474556] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2325.479517] sctp_bind_addr_copy+0xde/0x430 [ 2325.483841] sctp_sendmsg+0x1c15/0x2cd0 [ 2325.488272] ? sctp_id2assoc+0x210/0x210 [ 2325.492945] ? rw_copy_check_uvector+0x1dd/0x2b0 [ 2325.497718] ? selinux_socket_sendmsg+0x1d8/0x260 [ 2325.502566] ? selinux_socket_getpeername+0x260/0x260 [ 2325.507759] ? dup_iter+0x240/0x240 [ 2325.511579] ? kernel_recvmsg+0x210/0x210 [ 2325.515741] inet_sendmsg+0x11a/0x4e0 [ 2325.519535] ? security_socket_sendmsg+0x83/0xb0 [ 2325.524308] ? inet_recvmsg+0x4d0/0x4d0 [ 2325.528278] sock_sendmsg+0xb5/0x100 [ 2325.532164] ___sys_sendmsg+0x6c8/0x800 [ 2325.536221] ? get_pid_task+0x91/0x130 [ 2325.540105] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 2325.544890] ? lock_downgrade+0x740/0x740 [ 2325.549035] ? __fget+0x1fe/0x360 [ 2325.552501] ? lock_acquire+0x170/0x3f0 [ 2325.556467] ? lock_downgrade+0x740/0x740 [ 2325.560619] ? sockfd_lookup_light+0xb2/0x160 [ 2325.565107] __sys_sendmsg+0xa3/0x120 [ 2325.568898] ? SyS_shutdown+0x160/0x160 [ 2325.573128] ? check_preemption_disabled+0x35/0x240 [ 2325.578148] SyS_sendmsg+0x27/0x40 [ 2325.581721] ? __sys_sendmsg+0x120/0x120 [ 2325.585778] do_syscall_64+0x1d5/0x640 [ 2325.589665] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2325.595306] RIP: 0033:0x45de29 [ 2325.598594] RSP: 002b:00007f35fe88cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2325.606318] RAX: ffffffffffffffda RBX: 0000000000028100 RCX: 000000000045de29 22:52:33 executing program 4 (fault-call:6 fault-nth:25): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x14) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(r0, 0x1ff) r1 = socket$inet_sctp(0x2, 0x801, 0x84) sendmsg(r1, &(0x7f0000000040)={&(0x7f0000000240)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x36}}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b2", 0xffe0}], 0x1, 0x0, 0x0, 0x9000004}, 0x0) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) [ 2325.613604] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 2325.620888] RBP: 00007f35fe88cca0 R08: 0000000000000000 R09: 0000000000000000 [ 2325.628177] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000018 [ 2325.635448] R13: 00007fff731b57af R14: 00007f35fe88d9c0 R15: 000000000118bf2c [ 2325.770705] FAULT_INJECTION: forcing a failure. [ 2325.770705] name failslab, interval 1, probability 0, space 0, times 0 [ 2325.782340] CPU: 0 PID: 12411 Comm: syz-executor.4 Not tainted 4.14.198-syzkaller #0 [ 2325.790251] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2325.799656] Call Trace: [ 2325.802271] dump_stack+0x1b2/0x283 [ 2325.805899] should_fail.cold+0x10a/0x154 [ 2325.810046] should_failslab+0xd6/0x130 [ 2325.814038] kmem_cache_alloc_trace+0x47/0x3d0 [ 2325.818640] sctp_add_bind_addr+0x6c/0x350 [ 2325.822874] sctp_copy_local_addr_list+0x2ae/0x400 [ 2325.827801] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2325.832576] sctp_bind_addr_copy+0xde/0x430 [ 2325.836905] sctp_sendmsg+0x1c15/0x2cd0 [ 2325.841404] ? sctp_id2assoc+0x210/0x210 [ 2325.845465] ? rw_copy_check_uvector+0x1dd/0x2b0 [ 2325.850716] ? selinux_socket_sendmsg+0x1d8/0x260 [ 2325.856164] ? selinux_socket_getpeername+0x260/0x260 [ 2325.861437] ? dup_iter+0x240/0x240 [ 2325.865082] ? kernel_recvmsg+0x210/0x210 [ 2325.869226] inet_sendmsg+0x11a/0x4e0 [ 2325.873038] ? security_socket_sendmsg+0x83/0xb0 [ 2325.877802] ? inet_recvmsg+0x4d0/0x4d0 [ 2325.881774] sock_sendmsg+0xb5/0x100 [ 2325.885492] ___sys_sendmsg+0x6c8/0x800 [ 2325.889465] ? get_pid_task+0x91/0x130 [ 2325.893368] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 2325.898131] ? lock_downgrade+0x740/0x740 [ 2325.902293] ? retint_kernel+0x2d/0x2d [ 2325.906178] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 2325.911190] ? __fget+0x1fe/0x360 [ 2325.914639] ? lock_acquire+0x170/0x3f0 [ 2325.918604] ? lock_downgrade+0x740/0x740 [ 2325.922763] ? sockfd_lookup_light+0xb2/0x160 [ 2325.927344] __sys_sendmsg+0xa3/0x120 [ 2325.931142] ? SyS_shutdown+0x160/0x160 [ 2325.935200] ? wait_for_completion_io+0x10/0x10 [ 2325.939875] ? SyS_read+0x210/0x210 [ 2325.943511] ? SyS_clock_settime+0x1a0/0x1a0 [ 2325.947918] SyS_sendmsg+0x27/0x40 [ 2325.951454] ? __sys_sendmsg+0x120/0x120 [ 2325.955514] do_syscall_64+0x1d5/0x640 [ 2325.959510] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2325.964693] RIP: 0033:0x45de29 22:52:34 executing program 5: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYBLOB="e6dfe50c2e7a80a76962a125d8b88f8a810289cb85db4fc549125b64fb56dc22bc6a6c1d6b7c52fb79efb18788eda0e911a98939221591b1bc13e0c78e3395752ac55c049c2ec70ca7ced5431cd73e5b12c1f4e7dca1fc0fb559fd7c10c1822336f10e70983372ddf8954b475fef40903648986be90aa34421489407698a5e36f9eae839f97bf8da9b9d9439ba5bbd61cc185707f883c059c748b02645d791fd1cf20a2f02e46d6e", @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) setsockopt$TIPC_SRC_DROPPABLE(r0, 0x10f, 0x80, &(0x7f0000000040)=0x32b, 0x4) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0) [ 2325.967873] RSP: 002b:00007f35fe88cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2325.975582] RAX: ffffffffffffffda RBX: 0000000000028100 RCX: 000000000045de29 [ 2325.982875] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 2325.990146] RBP: 00007f35fe88cca0 R08: 0000000000000000 R09: 0000000000000000 [ 2325.997435] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000019 [ 2326.004703] R13: 00007fff731b57af R14: 00007f35fe88d9c0 R15: 000000000118bf2c 22:52:34 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff}) r3 = socket$inet_udp(0x2, 0x2, 0x0) close(r3) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f000600004218800a00010076786c416e0000001800028014001000000000"], 0x3}}, 0x0) r4 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_int(r4, 0x29, 0x48, &(0x7f0000000240)=0xd, 0x4) getsockopt$inet6_int(r4, 0x29, 0x48, 0x0, &(0x7f00007d0000)) openat$cgroup(r2, &(0x7f0000000100)='syz1\x00', 0x200002, 0x0) r5 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_int(r5, 0x29, 0x48, &(0x7f0000000240)=0xd, 0x4) getsockopt$inet6_int(r5, 0x29, 0x48, 0x0, &(0x7f00007d0000)) r6 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_int(r6, 0x29, 0x48, &(0x7f0000000240)=0xd, 0x4) getsockopt$inet6_int(r6, 0x29, 0x48, 0x0, &(0x7f00007d0000)) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], 0xfffffecc) splice(r2, 0x0, r3, 0x0, 0x4ffe2, 0x0) 22:52:34 executing program 4 (fault-call:6 fault-nth:26): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x14) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(r0, 0x1ff) r1 = socket$inet_sctp(0x2, 0x801, 0x84) sendmsg(r1, &(0x7f0000000040)={&(0x7f0000000240)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x36}}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b2", 0xffe0}], 0x1, 0x0, 0x0, 0x9000004}, 0x0) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) 22:52:34 executing program 2: socket(0x0, 0x0, 0x0) rt_sigsuspend(&(0x7f0000000000)={[0xffffffffffffffff]}, 0x8) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e20, 0xfffffffd, @private2={0xfc, 0x2, [], 0xfe}}, 0x1c) [ 2326.215647] FAULT_INJECTION: forcing a failure. [ 2326.215647] name failslab, interval 1, probability 0, space 0, times 0 [ 2326.228211] CPU: 0 PID: 12433 Comm: syz-executor.4 Not tainted 4.14.198-syzkaller #0 [ 2326.236098] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2326.245452] Call Trace: [ 2326.248039] dump_stack+0x1b2/0x283 [ 2326.251679] should_fail.cold+0x10a/0x154 [ 2326.255814] should_failslab+0xd6/0x130 [ 2326.259771] kmem_cache_alloc_trace+0x47/0x3d0 [ 2326.266250] sctp_add_bind_addr+0x6c/0x350 [ 2326.270615] sctp_copy_local_addr_list+0x2ae/0x400 [ 2326.275653] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2326.280748] ? retint_kernel+0x2d/0x2d [ 2326.285592] sctp_bind_addr_copy+0xde/0x430 [ 2326.289901] sctp_sendmsg+0x1c15/0x2cd0 [ 2326.293871] ? sctp_id2assoc+0x210/0x210 [ 2326.297942] ? rw_copy_check_uvector+0x1dd/0x2b0 [ 2326.302950] ? selinux_socket_sendmsg+0x1d8/0x260 [ 2326.308070] ? selinux_socket_getpeername+0x260/0x260 [ 2326.313439] ? dup_iter+0x240/0x240 [ 2326.317414] ? kernel_recvmsg+0x210/0x210 [ 2326.321783] inet_sendmsg+0x11a/0x4e0 [ 2326.325708] ? security_socket_sendmsg+0x83/0xb0 [ 2326.332285] ? inet_recvmsg+0x4d0/0x4d0 [ 2326.336250] sock_sendmsg+0xb5/0x100 [ 2326.340197] ___sys_sendmsg+0x6c8/0x800 [ 2326.344523] ? get_pid_task+0x91/0x130 [ 2326.348525] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 2326.354550] ? lock_downgrade+0x740/0x740 [ 2326.358787] ? __fget+0x1fe/0x360 [ 2326.362253] ? lock_acquire+0x170/0x3f0 [ 2326.366218] ? lock_downgrade+0x740/0x740 [ 2326.370461] ? sockfd_lookup_light+0xb2/0x160 [ 2326.374976] __sys_sendmsg+0xa3/0x120 [ 2326.378762] ? SyS_shutdown+0x160/0x160 [ 2326.382748] ? wait_for_completion_io+0x10/0x10 [ 2326.387418] ? SyS_read+0x210/0x210 [ 2326.391025] ? SyS_clock_settime+0x1a0/0x1a0 [ 2326.395424] SyS_sendmsg+0x27/0x40 [ 2326.398953] ? __sys_sendmsg+0x120/0x120 [ 2326.402995] do_syscall_64+0x1d5/0x640 [ 2326.408347] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2326.413785] RIP: 0033:0x45de29 [ 2326.416970] RSP: 002b:00007f35fe88cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2326.425590] RAX: ffffffffffffffda RBX: 0000000000028100 RCX: 000000000045de29 [ 2326.434244] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 2326.442164] RBP: 00007f35fe88cca0 R08: 0000000000000000 R09: 0000000000000000 [ 2326.449515] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000001a [ 2326.458895] R13: 00007fff731b57af R14: 00007f35fe88d9c0 R15: 000000000118bf2c 22:52:34 executing program 4 (fault-call:6 fault-nth:27): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x14) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(r0, 0x1ff) r1 = socket$inet_sctp(0x2, 0x801, 0x84) sendmsg(r1, &(0x7f0000000040)={&(0x7f0000000240)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x36}}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b2", 0xffe0}], 0x1, 0x0, 0x0, 0x9000004}, 0x0) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) [ 2326.529314] FAULT_INJECTION: forcing a failure. [ 2326.529314] name failslab, interval 1, probability 0, space 0, times 0 [ 2326.542104] CPU: 0 PID: 12441 Comm: syz-executor.4 Not tainted 4.14.198-syzkaller #0 [ 2326.550025] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2326.559378] Call Trace: [ 2326.561986] dump_stack+0x1b2/0x283 [ 2326.565621] should_fail.cold+0x10a/0x154 [ 2326.569765] should_failslab+0xd6/0x130 [ 2326.573728] kmem_cache_alloc_trace+0x47/0x3d0 [ 2326.578323] sctp_add_bind_addr+0x6c/0x350 [ 2326.582552] sctp_copy_local_addr_list+0x2ae/0x400 [ 2326.588266] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2326.593008] sctp_bind_addr_copy+0xde/0x430 [ 2326.597316] sctp_sendmsg+0x1c15/0x2cd0 [ 2326.601294] ? sctp_id2assoc+0x210/0x210 [ 2326.605352] ? retint_kernel+0x2d/0x2d [ 2326.609225] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 2326.615191] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2326.619927] ? selinux_socket_sendmsg+0x1d8/0x260 [ 2326.624761] ? selinux_socket_getpeername+0x260/0x260 [ 2326.629997] ? check_preemption_disabled+0x35/0x240 [ 2326.635877] ? retint_kernel+0x2d/0x2d [ 2326.639778] inet_sendmsg+0x11a/0x4e0 [ 2326.643589] ? security_socket_sendmsg+0x83/0xb0 [ 2326.648326] ? inet_recvmsg+0x4d0/0x4d0 [ 2326.652288] sock_sendmsg+0xb5/0x100 [ 2326.655994] ___sys_sendmsg+0x6c8/0x800 [ 2326.659991] ? get_pid_task+0x91/0x130 [ 2326.663869] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 2326.668634] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 2326.673660] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2326.678410] ? check_preemption_disabled+0x35/0x240 [ 2326.683534] ? __fget+0x1fe/0x360 [ 2326.687005] ? lock_downgrade+0x740/0x740 [ 2326.691167] ? sockfd_lookup_light+0xb2/0x160 [ 2326.695672] __sys_sendmsg+0xa3/0x120 [ 2326.699486] ? SyS_shutdown+0x160/0x160 [ 2326.703462] SyS_sendmsg+0x27/0x40 [ 2326.707015] ? __sys_sendmsg+0x120/0x120 [ 2326.711074] do_syscall_64+0x1d5/0x640 [ 2326.714957] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2326.720159] RIP: 0033:0x45de29 [ 2326.723330] RSP: 002b:00007f35fe88cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2326.731648] RAX: ffffffffffffffda RBX: 0000000000028100 RCX: 000000000045de29 [ 2326.738934] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 2326.746210] RBP: 00007f35fe88cca0 R08: 0000000000000000 R09: 0000000000000000 [ 2326.753472] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000001b [ 2326.760721] R13: 00007fff731b57af R14: 00007f35fe88d9c0 R15: 000000000118bf2c 22:52:36 executing program 5: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) fsetxattr$security_ima(r2, &(0x7f0000000040)='security.ima\x00', &(0x7f0000000100)=@v2={0x3, 0x2, 0xd, 0x6dce, 0x67, "1785f92c7e7faa3e45b3333909f3027176aa08e5698db409ac28f1b401c3ca6752023bd896d87d30406eb665574eb2bfb105249de555aa2d0d9b1c085cdeaf3376dcc291654566a0eff593e71040b9e38e6c6c68b5a97cb5b662139166243fd639f0c1258e6473"}, 0x70, 0x3) splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0) 22:52:36 executing program 4 (fault-call:6 fault-nth:28): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x14) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(r0, 0x1ff) r1 = socket$inet_sctp(0x2, 0x801, 0x84) sendmsg(r1, &(0x7f0000000040)={&(0x7f0000000240)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x36}}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b2", 0xffe0}], 0x1, 0x0, 0x0, 0x9000004}, 0x0) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) 22:52:36 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) socket$netlink(0x10, 0x3, 0x0) r5 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_int(r5, 0x29, 0x48, &(0x7f0000000240)=0xd, 0x4) getsockopt$inet6_int(r5, 0x29, 0x48, 0x0, &(0x7f00007d0000)) r6 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_int(r6, 0x29, 0x48, &(0x7f0000000240)=0xd, 0x4) getsockopt$inet6_int(r6, 0x29, 0x48, 0x0, &(0x7f00007d0000)) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[], 0x3}, 0x1, 0x0, 0x0, 0x40}, 0x0) write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r2, 0x0, r4, 0x0, 0x4ffe2, 0x0) 22:52:36 executing program 2: socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) modify_ldt$write(0x1, &(0x7f0000000000)={0x80000000, 0x20000000, 0x1000, 0x1, 0x2, 0x1, 0x1}, 0x10) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) 22:52:36 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000000, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0, 0x8}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = socket$inet_udplite(0x2, 0x2, 0x88) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) ioctl$vim2m_VIDIOC_QUERYBUF(r2, 0xc0585609, &(0x7f0000000040)={0xdb, 0x2, 0x4, 0x0, 0xffffffff, {0x0, 0x2710}, {0x1, 0xc, 0x4, 0x3f, 0xd7, 0xfe, '\rCcn'}, 0x7ff, 0x1, @offset=0xd4, 0x7fb, 0x0, r4}) ioctl$DRM_IOCTL_AGP_RELEASE(r2, 0x6431) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x5, &(0x7f0000000200)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)) ptrace$cont(0x1f, r0, 0x0, 0x2001) chroot(&(0x7f0000000000)='./file0\x00') 22:52:36 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) ptrace$cont(0x1f, r0, 0x0, 0x0) [ 2328.106476] FAULT_INJECTION: forcing a failure. [ 2328.106476] name failslab, interval 1, probability 0, space 0, times 0 [ 2328.120876] CPU: 0 PID: 12468 Comm: syz-executor.4 Not tainted 4.14.198-syzkaller #0 [ 2328.128790] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2328.138169] Call Trace: [ 2328.140762] dump_stack+0x1b2/0x283 [ 2328.144397] should_fail.cold+0x10a/0x154 [ 2328.149349] should_failslab+0xd6/0x130 [ 2328.153334] kmem_cache_alloc_trace+0x47/0x3d0 [ 2328.157954] sctp_add_bind_addr+0x6c/0x350 [ 2328.162193] sctp_copy_local_addr_list+0x2ae/0x400 [ 2328.167129] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2328.171910] ? retint_kernel+0x2d/0x2d [ 2328.175802] sctp_bind_addr_copy+0xde/0x430 [ 2328.180130] sctp_sendmsg+0x1c15/0x2cd0 [ 2328.184115] ? sctp_id2assoc+0x210/0x210 [ 2328.188176] ? rw_copy_check_uvector+0x127/0x2b0 [ 2328.192931] ? rw_copy_check_uvector+0x13d/0x2b0 [ 2328.197684] ? retint_kernel+0x2d/0x2d [ 2328.201555] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 2328.206565] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2328.211313] ? check_preemption_disabled+0x35/0x240 [ 2328.216316] ? retint_kernel+0x2d/0x2d [ 2328.220191] inet_sendmsg+0x11a/0x4e0 [ 2328.224517] ? security_socket_sendmsg+0x83/0xb0 [ 2328.229275] ? inet_recvmsg+0x4d0/0x4d0 [ 2328.233231] sock_sendmsg+0xb5/0x100 [ 2328.236946] ___sys_sendmsg+0x6c8/0x800 [ 2328.240903] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 2328.245650] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 2328.250677] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2328.255438] ? check_preemption_disabled+0x35/0x240 [ 2328.260453] ? __fget+0x1fe/0x360 [ 2328.263942] ? lock_acquire+0x170/0x3f0 [ 2328.267906] ? lock_downgrade+0x740/0x740 [ 2328.272053] ? sockfd_lookup_light+0xb2/0x160 [ 2328.276531] __sys_sendmsg+0xa3/0x120 [ 2328.280310] ? SyS_shutdown+0x160/0x160 [ 2328.284284] ? SyS_read+0x210/0x210 [ 2328.288248] ? SyS_clock_settime+0x1a0/0x1a0 [ 2328.292638] SyS_sendmsg+0x27/0x40 [ 2328.296171] ? __sys_sendmsg+0x120/0x120 [ 2328.300218] do_syscall_64+0x1d5/0x640 [ 2328.304099] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2328.309279] RIP: 0033:0x45de29 [ 2328.312539] RSP: 002b:00007f35fe88cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2328.320224] RAX: ffffffffffffffda RBX: 0000000000028100 RCX: 000000000045de29 [ 2328.327475] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 2328.334747] RBP: 00007f35fe88cca0 R08: 0000000000000000 R09: 0000000000000000 [ 2328.342020] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000001c [ 2328.349268] R13: 00007fff731b57af R14: 00007f35fe88d9c0 R15: 000000000118bf2c 22:52:36 executing program 4 (fault-call:6 fault-nth:29): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x14) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(r0, 0x1ff) r1 = socket$inet_sctp(0x2, 0x801, 0x84) sendmsg(r1, &(0x7f0000000040)={&(0x7f0000000240)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x36}}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b2", 0xffe0}], 0x1, 0x0, 0x0, 0x9000004}, 0x0) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) [ 2328.480124] FAULT_INJECTION: forcing a failure. [ 2328.480124] name failslab, interval 1, probability 0, space 0, times 0 [ 2328.502650] CPU: 1 PID: 12489 Comm: syz-executor.4 Not tainted 4.14.198-syzkaller #0 [ 2328.510561] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2328.519911] Call Trace: [ 2328.522521] dump_stack+0x1b2/0x283 [ 2328.526179] should_fail.cold+0x10a/0x154 [ 2328.530327] should_failslab+0xd6/0x130 [ 2328.534294] kmem_cache_alloc_trace+0x47/0x3d0 [ 2328.538880] sctp_add_bind_addr+0x6c/0x350 [ 2328.543130] sctp_copy_local_addr_list+0x2ae/0x400 [ 2328.548079] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2328.552850] sctp_bind_addr_copy+0xde/0x430 [ 2328.557177] sctp_sendmsg+0x1c15/0x2cd0 [ 2328.561160] ? sctp_id2assoc+0x210/0x210 [ 2328.565214] ? rw_copy_check_uvector+0x1dd/0x2b0 [ 2328.569968] ? selinux_socket_sendmsg+0x1d8/0x260 [ 2328.574823] ? selinux_socket_getpeername+0x260/0x260 [ 2328.580025] ? dup_iter+0x240/0x240 [ 2328.583660] ? kernel_recvmsg+0x210/0x210 [ 2328.587806] inet_sendmsg+0x11a/0x4e0 [ 2328.591604] ? security_socket_sendmsg+0x83/0xb0 [ 2328.596384] ? inet_recvmsg+0x4d0/0x4d0 [ 2328.600359] sock_sendmsg+0xb5/0x100 [ 2328.604066] ___sys_sendmsg+0x6c8/0x800 [ 2328.608040] ? get_pid_task+0x91/0x130 [ 2328.611927] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 2328.616680] ? lock_downgrade+0x740/0x740 [ 2328.620832] ? __fget+0x1fe/0x360 [ 2328.624292] ? lock_acquire+0x170/0x3f0 [ 2328.629220] ? lock_downgrade+0x740/0x740 [ 2328.633380] ? sockfd_lookup_light+0xb2/0x160 [ 2328.637867] __sys_sendmsg+0xa3/0x120 [ 2328.641667] ? SyS_shutdown+0x160/0x160 [ 2328.645632] ? wait_for_completion_io+0x10/0x10 [ 2328.650914] ? SyS_read+0x210/0x210 [ 2328.654534] ? SyS_clock_settime+0x1a0/0x1a0 [ 2328.658934] SyS_sendmsg+0x27/0x40 [ 2328.662470] ? __sys_sendmsg+0x120/0x120 [ 2328.666528] do_syscall_64+0x1d5/0x640 [ 2328.670426] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2328.675643] RIP: 0033:0x45de29 [ 2328.678830] RSP: 002b:00007f35fe88cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2328.686550] RAX: ffffffffffffffda RBX: 0000000000028100 RCX: 000000000045de29 [ 2328.693826] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 2328.701089] RBP: 00007f35fe88cca0 R08: 0000000000000000 R09: 0000000000000000 [ 2328.708375] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000001d [ 2328.715645] R13: 00007fff731b57af R14: 00007f35fe88d9c0 R15: 000000000118bf2c 22:52:37 executing program 4 (fault-call:6 fault-nth:30): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x14) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(r0, 0x1ff) r1 = socket$inet_sctp(0x2, 0x801, 0x84) sendmsg(r1, &(0x7f0000000040)={&(0x7f0000000240)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x36}}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b2", 0xffe0}], 0x1, 0x0, 0x0, 0x9000004}, 0x0) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) [ 2328.782352] FAULT_INJECTION: forcing a failure. [ 2328.782352] name failslab, interval 1, probability 0, space 0, times 0 [ 2328.794897] CPU: 1 PID: 12496 Comm: syz-executor.4 Not tainted 4.14.198-syzkaller #0 [ 2328.802787] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2328.812764] Call Trace: [ 2328.815349] dump_stack+0x1b2/0x283 [ 2328.818972] should_fail.cold+0x10a/0x154 [ 2328.823136] should_failslab+0xd6/0x130 [ 2328.827101] kmem_cache_alloc_trace+0x47/0x3d0 [ 2328.831681] sctp_add_bind_addr+0x6c/0x350 [ 2328.835909] sctp_copy_local_addr_list+0x2ae/0x400 [ 2328.840836] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2328.845607] sctp_bind_addr_copy+0xde/0x430 [ 2328.849924] sctp_sendmsg+0x1c15/0x2cd0 [ 2328.854687] ? sctp_id2assoc+0x210/0x210 [ 2328.859439] ? rw_copy_check_uvector+0x1dd/0x2b0 [ 2328.864193] ? selinux_socket_sendmsg+0x1d8/0x260 [ 2328.869026] ? selinux_socket_getpeername+0x260/0x260 [ 2328.874214] ? dup_iter+0x240/0x240 [ 2328.877836] ? kernel_recvmsg+0x210/0x210 [ 2328.881992] inet_sendmsg+0x11a/0x4e0 [ 2328.885787] ? security_socket_sendmsg+0x83/0xb0 [ 2328.890556] ? inet_recvmsg+0x4d0/0x4d0 [ 2328.894538] sock_sendmsg+0xb5/0x100 [ 2328.898253] ___sys_sendmsg+0x6c8/0x800 [ 2328.902232] ? get_pid_task+0x91/0x130 [ 2328.906112] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 2328.910877] ? lock_downgrade+0x740/0x740 [ 2328.915024] ? __fget+0x1fe/0x360 [ 2328.918471] ? lock_acquire+0x170/0x3f0 [ 2328.922445] ? lock_downgrade+0x740/0x740 [ 2328.926599] ? sockfd_lookup_light+0xb2/0x160 [ 2328.931086] __sys_sendmsg+0xa3/0x120 [ 2328.934973] ? SyS_shutdown+0x160/0x160 [ 2328.938940] ? check_preemption_disabled+0x35/0x240 [ 2328.943966] SyS_sendmsg+0x27/0x40 [ 2328.947492] ? __sys_sendmsg+0x120/0x120 [ 2328.951562] do_syscall_64+0x1d5/0x640 [ 2328.955450] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2328.960644] RIP: 0033:0x45de29 [ 2328.963822] RSP: 002b:00007f35fe88cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2328.971524] RAX: ffffffffffffffda RBX: 0000000000028100 RCX: 000000000045de29 22:52:37 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000200)={'geneve1\x00', 0x0}) sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r5}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @geneve={{0xb, 0x1, 'geneve\x00'}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GENEVE_REMOTE={0x8, 0x2, @empty}]}}}]}, 0x3c}}, 0x0) r6 = socket$inet_udp(0x2, 0x2, 0x0) r7 = socket$inet_udplite(0x2, 0x2, 0x88) r8 = dup(r7) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r8, 0xc04c5349, &(0x7f0000000100)={0x8, 0xf13, 0x9}) close(r6) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r2, 0x0, r6, 0x0, 0x4ffe2, 0x0) [ 2328.978790] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 2328.986065] RBP: 00007f35fe88cca0 R08: 0000000000000000 R09: 0000000000000000 [ 2328.993328] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000001e [ 2329.000606] R13: 00007fff731b57af R14: 00007f35fe88d9c0 R15: 000000000118bf2c 22:52:37 executing program 5: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) r4 = socket$inet_udplite(0x2, 0x2, 0x88) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r5, 0x6, 0x21, &(0x7f0000000040)="676facac19c6b4f00773b4750ef99ec1", 0x10) socket$inet(0x2, 0x3, 0x0) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) r6 = socket$nl_route(0x10, 0x3, 0x0) r7 = socket(0x1, 0x803, 0x0) getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newlink={0x40, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r8, 0x400}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @ipip6={{0xb, 0x1, 'ip6tnl\x00'}, {0x8, 0x2, 0x0, 0x1, [@IFLA_IPTUN_COLLECT_METADATA={0x4}]}}}, @IFLA_MASTER={0x8, 0x3, r8}]}, 0x40}}, 0x0) sendmsg$nl_route(r3, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)=@getlink={0x4c, 0x12, 0x200, 0x70bd26, 0x25dfdbff, {0x0, 0x0, 0x0, r8, 0x800, 0x1200}, [@IFLA_PROTO_DOWN={0x5, 0x27, 0x6}, @IFLA_CARRIER_CHANGES={0x8, 0x23, 0x6}, @IFLA_GSO_MAX_SIZE={0x8, 0x29, 0x7869}, @IFLA_IFNAME={0x14, 0x3, 'dummy0\x00'}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000000) splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0) 22:52:37 executing program 4 (fault-call:6 fault-nth:31): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x14) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(r0, 0x1ff) r1 = socket$inet_sctp(0x2, 0x801, 0x84) sendmsg(r1, &(0x7f0000000040)={&(0x7f0000000240)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x36}}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b2", 0xffe0}], 0x1, 0x0, 0x0, 0x9000004}, 0x0) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) 22:52:37 executing program 2: socket(0x0, 0x0, 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) getsockopt$inet_sctp6_SCTP_ASSOCINFO(r1, 0x84, 0x1, &(0x7f0000000380)={0x0, 0x20, 0x7fff, 0x7318, 0x1, 0x4}, &(0x7f00000003c0)=0x14) poll(0x0, 0x0, 0x0) r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000340)={r2, 0xc0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=0x400, 0x0, 0x0, 0x0, &(0x7f0000000180)={0x9, 0x5}, 0x0, 0x0, &(0x7f00000001c0)={0x3, 0x7, 0x1000, 0xffffffff}, &(0x7f0000000200)=0x5, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)=0x5}}, 0x10) r3 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r3, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) bpf$MAP_CREATE(0xd00000000000000, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, [0x0, 0x0, 0x0, 0x400100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1b]}, 0x2c) lsetxattr$security_capability(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='security.capability\x00', &(0x7f00000000c0)=@v2={0x2000000, [{0x81, 0x6}, {0x2, 0x7}]}, 0x14, 0x2) [ 2329.189540] FAULT_INJECTION: forcing a failure. [ 2329.189540] name failslab, interval 1, probability 0, space 0, times 0 [ 2329.205833] CPU: 1 PID: 12520 Comm: syz-executor.4 Not tainted 4.14.198-syzkaller #0 [ 2329.213738] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2329.223093] Call Trace: [ 2329.225695] dump_stack+0x1b2/0x283 [ 2329.229353] should_fail.cold+0x10a/0x154 [ 2329.233537] should_failslab+0xd6/0x130 [ 2329.237515] kmem_cache_alloc_trace+0x47/0x3d0 [ 2329.242105] sctp_add_bind_addr+0x6c/0x350 [ 2329.246372] sctp_copy_local_addr_list+0x2ae/0x400 [ 2329.251318] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2329.256089] sctp_bind_addr_copy+0xde/0x430 [ 2329.260413] sctp_sendmsg+0x1c15/0x2cd0 [ 2329.264424] ? sctp_id2assoc+0x210/0x210 [ 2329.269189] ? rw_copy_check_uvector+0x1dd/0x2b0 [ 2329.273983] ? retint_kernel+0x2d/0x2d [ 2329.277876] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 2329.282914] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2329.287683] ? check_preemption_disabled+0x35/0x240 [ 2329.292703] ? retint_kernel+0x2d/0x2d [ 2329.296593] ? inet_recvmsg+0x4d0/0x4d0 [ 2329.300560] inet_sendmsg+0x11a/0x4e0 [ 2329.304342] ? inet_recvmsg+0x4d0/0x4d0 [ 2329.308299] sock_sendmsg+0xb5/0x100 [ 2329.312019] ___sys_sendmsg+0x6c8/0x800 [ 2329.316003] ? get_pid_task+0x91/0x130 [ 2329.319917] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 2329.324673] ? retint_kernel+0x2d/0x2d [ 2329.328552] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 2329.333563] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2329.338416] ? __fget+0x1fe/0x360 [ 2329.341867] ? lock_acquire+0x170/0x3f0 [ 2329.345829] ? lock_downgrade+0x740/0x740 [ 2329.349988] ? sockfd_lookup_light+0xb2/0x160 [ 2329.354464] __sys_sendmsg+0xa3/0x120 [ 2329.358334] ? SyS_shutdown+0x160/0x160 [ 2329.362290] ? wait_for_completion_io+0x10/0x10 [ 2329.366954] ? SyS_read+0x210/0x210 [ 2329.370572] ? SyS_clock_settime+0x1a0/0x1a0 [ 2329.374968] SyS_sendmsg+0x27/0x40 [ 2329.378512] ? __sys_sendmsg+0x120/0x120 [ 2329.382561] do_syscall_64+0x1d5/0x640 [ 2329.386461] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2329.391639] RIP: 0033:0x45de29 [ 2329.394821] RSP: 002b:00007f35fe88cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2329.402515] RAX: ffffffffffffffda RBX: 0000000000028100 RCX: 000000000045de29 [ 2329.409788] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 2329.417066] RBP: 00007f35fe88cca0 R08: 0000000000000000 R09: 0000000000000000 [ 2329.424343] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000001f [ 2329.431599] R13: 00007fff731b57af R14: 00007f35fe88d9c0 R15: 000000000118bf2c 22:52:37 executing program 4 (fault-call:6 fault-nth:32): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x14) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(r0, 0x1ff) r1 = socket$inet_sctp(0x2, 0x801, 0x84) sendmsg(r1, &(0x7f0000000040)={&(0x7f0000000240)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x36}}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b2", 0xffe0}], 0x1, 0x0, 0x0, 0x9000004}, 0x0) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) [ 2329.592759] FAULT_INJECTION: forcing a failure. [ 2329.592759] name failslab, interval 1, probability 0, space 0, times 0 [ 2329.605176] CPU: 0 PID: 12535 Comm: syz-executor.4 Not tainted 4.14.198-syzkaller #0 [ 2329.613058] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2329.622404] Call Trace: [ 2329.625013] dump_stack+0x1b2/0x283 [ 2329.628661] should_fail.cold+0x10a/0x154 [ 2329.632811] should_failslab+0xd6/0x130 [ 2329.636819] kmem_cache_alloc_trace+0x47/0x3d0 [ 2329.641383] sctp_add_bind_addr+0x6c/0x350 [ 2329.645615] sctp_copy_local_addr_list+0x2ae/0x400 [ 2329.650542] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2329.655300] sctp_bind_addr_copy+0xde/0x430 [ 2329.659622] sctp_sendmsg+0x1c15/0x2cd0 [ 2329.663605] ? sctp_id2assoc+0x210/0x210 [ 2329.667659] ? rw_copy_check_uvector+0x1dd/0x2b0 [ 2329.672415] ? retint_kernel+0x2d/0x2d [ 2329.676299] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 2329.681336] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2329.686093] ? check_preemption_disabled+0x35/0x240 [ 2329.691124] ? retint_kernel+0x2d/0x2d [ 2329.695004] ? inet_recvmsg+0x4d0/0x4d0 [ 2329.698967] inet_sendmsg+0x11a/0x4e0 [ 2329.702748] ? inet_recvmsg+0x4d0/0x4d0 [ 2329.706711] sock_sendmsg+0xb5/0x100 [ 2329.710427] ___sys_sendmsg+0x6c8/0x800 [ 2329.714388] ? get_pid_task+0x91/0x130 [ 2329.718277] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 2329.723069] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 2329.728104] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2329.732855] ? check_preemption_disabled+0x35/0x240 [ 2329.737867] ? __fget+0x1fe/0x360 [ 2329.741335] ? lock_downgrade+0x740/0x740 [ 2329.745498] ? sockfd_lookup_light+0xb2/0x160 [ 2329.749988] __sys_sendmsg+0xa3/0x120 [ 2329.753780] ? SyS_shutdown+0x160/0x160 [ 2329.757752] ? wait_for_completion_io+0x10/0x10 [ 2329.762444] ? SyS_read+0x210/0x210 [ 2329.766585] ? SyS_clock_settime+0x1a0/0x1a0 [ 2329.771019] SyS_sendmsg+0x27/0x40 [ 2329.774556] ? __sys_sendmsg+0x120/0x120 [ 2329.778619] do_syscall_64+0x1d5/0x640 [ 2329.783713] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2329.788897] RIP: 0033:0x45de29 [ 2329.792076] RSP: 002b:00007f35fe88cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2329.799800] RAX: ffffffffffffffda RBX: 0000000000028100 RCX: 000000000045de29 [ 2329.807064] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 2329.814354] RBP: 00007f35fe88cca0 R08: 0000000000000000 R09: 0000000000000000 [ 2329.822321] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000020 [ 2329.829589] R13: 00007fff731b57af R14: 00007f35fe88d9c0 R15: 000000000118bf2c 22:52:38 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x50000, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[@ANYBLOB="b00100003100010029bd7000ffdbdf250000000030000100100004000b0001006d697272656400000c000c0008000100627066001000070009000100766c616e000000003c000100140015000d000100636f6e6e6d61726b000000000c001c0008000300030000000c00130008000300ffffffff0c0004000800030004000000e9fd010014000e000d000100636f6e6e6d61726b0000000010001c000b000100736b626d6f640000400001000000000c001e0008000300ff0000000c00030008000300020000000c000c00040003004aec00000c0015000800030000000000440001000c0001000800030008000000100011000b000100736b626d6f6400000c00110008000300570000000c001a00080003009e0600000c002000080001006e617400840001000c000c000000030004000000100015000a000100706564697400000010011a000b00ee00706f6c69636519000c001a0008000300040000000c008d000800030000000000100009000b000100706f6c69636500000c000200070001007874000014000d000d000100636f6e6e6d61726b000000000c0008000800030001040000"], 0x1b0}, 0x1, 0x0, 0x0, 0x20040818}, 0x20000) r2 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff}) r4 = socket$inet_udplite(0x2, 0x2, 0x88) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000400)={0x0, 0x400, 0x30}, &(0x7f0000000440)=0xc) setsockopt$inet_sctp_SCTP_AUTH_DEACTIVATE_KEY(r5, 0x84, 0x23, &(0x7f0000000480)={r6, 0x5}, 0x8) r7 = socket$inet_udp(0x2, 0x2, 0x0) close(r7) r8 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="480010001fff00000500"/20, @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r8, &(0x7f0000000100)=ANY=[@ANYRESOCT=r0], 0xfffffecc) splice(r3, 0x0, r7, 0x0, 0x4ffe2, 0x0) 22:52:38 executing program 4 (fault-call:6 fault-nth:33): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x14) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(r0, 0x1ff) r1 = socket$inet_sctp(0x2, 0x801, 0x84) sendmsg(r1, &(0x7f0000000040)={&(0x7f0000000240)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x36}}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b2", 0xffe0}], 0x1, 0x0, 0x0, 0x9000004}, 0x0) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) 22:52:38 executing program 5: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYRES32=r3], 0x3}}, 0x0) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0) [ 2329.970039] FAULT_INJECTION: forcing a failure. [ 2329.970039] name failslab, interval 1, probability 0, space 0, times 0 [ 2329.981928] CPU: 1 PID: 12546 Comm: syz-executor.4 Not tainted 4.14.198-syzkaller #0 [ 2329.989820] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2329.999184] Call Trace: [ 2330.001777] dump_stack+0x1b2/0x283 [ 2330.005534] should_fail.cold+0x10a/0x154 [ 2330.009686] should_failslab+0xd6/0x130 [ 2330.013659] kmem_cache_alloc_trace+0x47/0x3d0 [ 2330.018249] sctp_add_bind_addr+0x6c/0x350 [ 2330.023099] sctp_copy_local_addr_list+0x2ae/0x400 [ 2330.028054] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2330.032821] sctp_bind_addr_copy+0xde/0x430 [ 2330.037185] sctp_sendmsg+0x1c15/0x2cd0 [ 2330.041173] ? sctp_id2assoc+0x210/0x210 [ 2330.045236] ? rw_copy_check_uvector+0x127/0x2b0 [ 2330.050041] ? __sanitizer_cov_trace_pc+0x4a/0x50 [ 2330.054898] ? rw_copy_check_uvector+0x1dd/0x2b0 [ 2330.059667] ? selinux_socket_sendmsg+0x1d8/0x260 [ 2330.063142] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.5'. [ 2330.064512] ? selinux_socket_getpeername+0x260/0x260 [ 2330.064525] ? dup_iter+0x240/0x240 [ 2330.064542] ? kernel_recvmsg+0x210/0x210 [ 2330.064555] inet_sendmsg+0x11a/0x4e0 [ 2330.064564] ? security_socket_sendmsg+0x83/0xb0 [ 2330.064572] ? inet_recvmsg+0x4d0/0x4d0 [ 2330.064586] sock_sendmsg+0xb5/0x100 [ 2330.102317] ___sys_sendmsg+0x6c8/0x800 [ 2330.106333] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 2330.111107] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 2330.116129] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2330.120883] ? __fget+0x1fe/0x360 [ 2330.124440] ? lock_acquire+0x170/0x3f0 [ 2330.128397] ? lock_downgrade+0x740/0x740 [ 2330.132552] ? sockfd_lookup_light+0xb2/0x160 [ 2330.137031] __sys_sendmsg+0xa3/0x120 [ 2330.140825] ? SyS_shutdown+0x160/0x160 [ 2330.144821] SyS_sendmsg+0x27/0x40 [ 2330.148342] ? __sys_sendmsg+0x120/0x120 [ 2330.152401] do_syscall_64+0x1d5/0x640 [ 2330.156289] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2330.161477] RIP: 0033:0x45de29 [ 2330.164651] RSP: 002b:00007f35fe88cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2330.173272] RAX: ffffffffffffffda RBX: 0000000000028100 RCX: 000000000045de29 [ 2330.180540] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 2330.187837] RBP: 00007f35fe88cca0 R08: 0000000000000000 R09: 0000000000000000 [ 2330.195555] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000021 [ 2330.202823] R13: 00007fff731b57af R14: 00007f35fe88d9c0 R15: 000000000118bf2c 22:52:39 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xf, r0, 0x1, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)) ptrace$cont(0x1f, r0, 0x0, 0x0) 22:52:39 executing program 2: socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) ioctl$CHAR_RAW_ROTATIONAL(0xffffffffffffffff, 0x127e, &(0x7f0000000000)) 22:52:39 executing program 4 (fault-call:6 fault-nth:34): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x14) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(r0, 0x1ff) r1 = socket$inet_sctp(0x2, 0x801, 0x84) sendmsg(r1, &(0x7f0000000040)={&(0x7f0000000240)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x36}}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b2", 0xffe0}], 0x1, 0x0, 0x0, 0x9000004}, 0x0) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) 22:52:39 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(0xffffffffffffffff, 0x800443d2, &(0x7f0000000040)={0x4, &(0x7f0000000100)=[{@none}, {@fixed}, {@fixed}, {@none}]}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r2, 0x0, r4, 0x0, 0x4ffe2, 0x0) 22:52:39 executing program 5: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x4ffde, 0x0) 22:52:39 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) ptrace$cont(0x1f, r0, 0x0, 0x0) [ 2331.140957] FAULT_INJECTION: forcing a failure. [ 2331.140957] name failslab, interval 1, probability 0, space 0, times 0 [ 2331.158481] CPU: 0 PID: 12574 Comm: syz-executor.4 Not tainted 4.14.198-syzkaller #0 [ 2331.166384] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2331.175855] Call Trace: [ 2331.178449] dump_stack+0x1b2/0x283 [ 2331.182698] should_fail.cold+0x10a/0x154 [ 2331.186872] should_failslab+0xd6/0x130 [ 2331.190853] kmem_cache_alloc_trace+0x47/0x3d0 [ 2331.195441] sctp_add_bind_addr+0x6c/0x350 [ 2331.199686] sctp_copy_local_addr_list+0x2ae/0x400 [ 2331.204623] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2331.209378] ? retint_kernel+0x2d/0x2d [ 2331.213266] sctp_bind_addr_copy+0xde/0x430 [ 2331.217624] sctp_sendmsg+0x1c15/0x2cd0 [ 2331.221612] ? check_preemption_disabled+0x35/0x240 [ 2331.226667] ? sctp_id2assoc+0x210/0x210 [ 2331.230830] ? selinux_socket_sendmsg+0x9b/0x260 [ 2331.235590] ? selinux_socket_sendmsg+0x1d8/0x260 [ 2331.240418] ? selinux_socket_getpeername+0x260/0x260 [ 2331.245591] ? dup_iter+0x240/0x240 [ 2331.249239] ? kernel_recvmsg+0x210/0x210 [ 2331.253374] inet_sendmsg+0x11a/0x4e0 [ 2331.258015] ? security_socket_sendmsg+0x83/0xb0 [ 2331.262762] ? inet_recvmsg+0x4d0/0x4d0 [ 2331.266718] sock_sendmsg+0xb5/0x100 [ 2331.270435] ___sys_sendmsg+0x6c8/0x800 [ 2331.274413] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 2331.279166] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 2331.284172] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2331.288922] ? check_preemption_disabled+0x35/0x240 [ 2331.293920] ? __fget+0x1fe/0x360 [ 2331.297389] ? lock_acquire+0x170/0x3f0 [ 2331.301361] ? lock_downgrade+0x740/0x740 [ 2331.305535] ? sockfd_lookup_light+0xb2/0x160 [ 2331.310008] __sys_sendmsg+0xa3/0x120 [ 2331.313903] ? SyS_shutdown+0x160/0x160 [ 2331.319171] ? SyS_read+0x210/0x210 [ 2331.322815] ? SyS_clock_settime+0x1a0/0x1a0 [ 2331.327218] SyS_sendmsg+0x27/0x40 [ 2331.330743] ? __sys_sendmsg+0x120/0x120 [ 2331.334791] do_syscall_64+0x1d5/0x640 [ 2331.338682] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2331.343857] RIP: 0033:0x45de29 [ 2331.347036] RSP: 002b:00007f35fe88cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2331.354724] RAX: ffffffffffffffda RBX: 0000000000028100 RCX: 000000000045de29 [ 2331.361980] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 2331.369259] RBP: 00007f35fe88cca0 R08: 0000000000000000 R09: 0000000000000000 [ 2331.376532] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000022 [ 2331.383803] R13: 00007fff731b57af R14: 00007f35fe88d9c0 R15: 000000000118bf2c 22:52:39 executing program 4 (fault-call:6 fault-nth:35): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x14) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(r0, 0x1ff) r1 = socket$inet_sctp(0x2, 0x801, 0x84) sendmsg(r1, &(0x7f0000000040)={&(0x7f0000000240)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x36}}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b2", 0xffe0}], 0x1, 0x0, 0x0, 0x9000004}, 0x0) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) [ 2331.526273] FAULT_INJECTION: forcing a failure. [ 2331.526273] name failslab, interval 1, probability 0, space 0, times 0 [ 2331.538677] CPU: 0 PID: 12596 Comm: syz-executor.4 Not tainted 4.14.198-syzkaller #0 [ 2331.547461] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2331.556908] Call Trace: [ 2331.559495] dump_stack+0x1b2/0x283 [ 2331.563128] should_fail.cold+0x10a/0x154 [ 2331.567290] should_failslab+0xd6/0x130 [ 2331.571269] kmem_cache_alloc_trace+0x47/0x3d0 [ 2331.575856] sctp_add_bind_addr+0x6c/0x350 [ 2331.580106] sctp_copy_local_addr_list+0x2ae/0x400 [ 2331.585081] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2331.589851] sctp_bind_addr_copy+0xde/0x430 [ 2331.594438] sctp_sendmsg+0x1c15/0x2cd0 [ 2331.598415] ? sctp_id2assoc+0x210/0x210 [ 2331.602484] ? rw_copy_check_uvector+0x1dd/0x2b0 [ 2331.607243] ? selinux_socket_sendmsg+0x1d8/0x260 [ 2331.612086] ? selinux_socket_getpeername+0x260/0x260 [ 2331.617271] ? dup_iter+0x240/0x240 [ 2331.620897] ? kernel_recvmsg+0x210/0x210 [ 2331.625053] inet_sendmsg+0x11a/0x4e0 [ 2331.628852] ? security_socket_sendmsg+0x83/0xb0 [ 2331.633615] ? inet_recvmsg+0x4d0/0x4d0 [ 2331.637584] sock_sendmsg+0xb5/0x100 [ 2331.641289] ___sys_sendmsg+0x6c8/0x800 [ 2331.645264] ? get_pid_task+0x91/0x130 [ 2331.649143] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 2331.653928] ? lock_downgrade+0x740/0x740 [ 2331.658077] ? __fget+0x1fe/0x360 [ 2331.661541] ? lock_acquire+0x170/0x3f0 [ 2331.665525] ? lock_downgrade+0x740/0x740 [ 2331.669681] ? sockfd_lookup_light+0xb2/0x160 [ 2331.674195] __sys_sendmsg+0xa3/0x120 [ 2331.677993] ? SyS_shutdown+0x160/0x160 [ 2331.682404] ? wait_for_completion_io+0x10/0x10 [ 2331.687132] ? SyS_read+0x210/0x210 [ 2331.690758] ? SyS_clock_settime+0x1a0/0x1a0 [ 2331.695164] SyS_sendmsg+0x27/0x40 [ 2331.698694] ? __sys_sendmsg+0x120/0x120 [ 2331.702748] do_syscall_64+0x1d5/0x640 [ 2331.706643] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2331.711830] RIP: 0033:0x45de29 [ 2331.715009] RSP: 002b:00007f35fe88cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2331.722725] RAX: ffffffffffffffda RBX: 0000000000028100 RCX: 000000000045de29 [ 2331.729997] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 2331.737781] RBP: 00007f35fe88cca0 R08: 0000000000000000 R09: 0000000000000000 [ 2331.745049] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000023 [ 2331.752834] R13: 00007fff731b57af R14: 00007f35fe88d9c0 R15: 000000000118bf2c 22:52:40 executing program 4 (fault-call:6 fault-nth:36): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x14) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(r0, 0x1ff) r1 = socket$inet_sctp(0x2, 0x801, 0x84) sendmsg(r1, &(0x7f0000000040)={&(0x7f0000000240)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x36}}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b2", 0xffe0}], 0x1, 0x0, 0x0, 0x9000004}, 0x0) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) [ 2331.909107] FAULT_INJECTION: forcing a failure. [ 2331.909107] name failslab, interval 1, probability 0, space 0, times 0 [ 2331.922806] CPU: 0 PID: 12606 Comm: syz-executor.4 Not tainted 4.14.198-syzkaller #0 [ 2331.930704] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2331.940065] Call Trace: [ 2331.942658] dump_stack+0x1b2/0x283 [ 2331.946294] should_fail.cold+0x10a/0x154 [ 2331.950447] should_failslab+0xd6/0x130 [ 2331.954427] kmem_cache_alloc_trace+0x47/0x3d0 [ 2331.959015] sctp_add_bind_addr+0x6c/0x350 [ 2331.963292] sctp_copy_local_addr_list+0x2ae/0x400 [ 2331.968255] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2331.976858] sctp_bind_addr_copy+0xde/0x430 [ 2331.981213] sctp_sendmsg+0x1c15/0x2cd0 [ 2331.985201] ? sctp_id2assoc+0x210/0x210 [ 2331.989263] ? rw_copy_check_uvector+0x18a/0x2b0 [ 2331.994029] ? audit_add_tree_rule.cold+0x2f/0x2f [ 2331.998880] ? rw_copy_check_uvector+0x1dd/0x2b0 [ 2332.003671] ? selinux_socket_sendmsg+0x1d8/0x260 [ 2332.008646] ? selinux_socket_getpeername+0x260/0x260 [ 2332.013853] ? dup_iter+0x240/0x240 [ 2332.017525] ? kernel_recvmsg+0x210/0x210 [ 2332.021675] inet_sendmsg+0x11a/0x4e0 [ 2332.025475] ? security_socket_sendmsg+0x83/0xb0 [ 2332.030233] ? inet_recvmsg+0x4d0/0x4d0 [ 2332.034221] sock_sendmsg+0xb5/0x100 [ 2332.037956] ___sys_sendmsg+0x6c8/0x800 [ 2332.041937] ? get_pid_task+0x91/0x130 [ 2332.045847] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 2332.050612] ? lock_downgrade+0x740/0x740 [ 2332.054768] ? __fget+0x1fe/0x360 22:52:40 executing program 5: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0) sendmsg$NLBL_CALIPSO_C_LIST(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x24, 0x0, 0x400, 0x70bd2a, 0x25dfdbfd, {}, [@NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x40001) 22:52:40 executing program 2: r0 = socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) socket$inet_udplite(0x2, 0x2, 0x88) socket$inet6_udp(0xa, 0x2, 0x0) r2 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) r3 = syz_genetlink_get_family_id$nbd(&(0x7f0000000040)='nbd\x00') r4 = signalfd4(r0, &(0x7f00000000c0)={[0xfa9f]}, 0x8, 0x0) r5 = socket$inet_udplite(0x2, 0x2, 0x88) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) r7 = socket$inet_udplite(0x2, 0x2, 0x88) r8 = dup(r7) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) r9 = socket$inet_udplite(0x2, 0x2, 0x88) r10 = dup(r9) ioctl$PERF_EVENT_IOC_ENABLE(r10, 0x8912, 0x400200) sendmsg$NBD_CMD_RECONFIGURE(r2, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f00000001c0)={&(0x7f0000000100)={0x94, r3, 0x200, 0x70bd2d, 0x25dfdbfe, {}, [@NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0xa}, @NBD_ATTR_SOCKETS={0x3c, 0x7, 0x0, 0x1, [{0x8, 0x1, r4}, {0x8, 0x1, r6}, {0x8, 0x1, r0}, {0x8, 0x1, r0}, {0x8, 0x1, r8}, {0x8, 0x1, r0}, {0x8, 0x1, r10}]}, @NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x5f6}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x22}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x2}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x48}]}, 0x94}}, 0xc044810) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) [ 2332.058831] ? retint_kernel+0x2d/0x2d [ 2332.062743] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 2332.067768] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2332.072549] __sys_sendmsg+0xa3/0x120 [ 2332.076345] ? SyS_shutdown+0x160/0x160 [ 2332.080918] ? wait_for_completion_io+0x10/0x10 [ 2332.085604] ? SyS_read+0x210/0x210 [ 2332.089266] ? SyS_clock_settime+0x1a0/0x1a0 [ 2332.093678] SyS_sendmsg+0x27/0x40 [ 2332.097217] ? __sys_sendmsg+0x120/0x120 [ 2332.101295] do_syscall_64+0x1d5/0x640 22:52:40 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/timer_list\x00', 0x0, 0x0) connect$pptp(r5, &(0x7f0000000140)={0x18, 0x2, {0x0, @empty}}, 0x1e) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r2, 0x0, r4, 0x0, 0x4ffe2, 0x0) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$F2FS_IOC_GET_PIN_FILE(r6, 0x8004f50e, &(0x7f0000000040)) [ 2332.105214] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2332.110388] RIP: 0033:0x45de29 [ 2332.113666] RSP: 002b:00007f35fe88cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2332.121384] RAX: ffffffffffffffda RBX: 0000000000028100 RCX: 000000000045de29 [ 2332.129380] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 2332.136682] RBP: 00007f35fe88cca0 R08: 0000000000000000 R09: 0000000000000000 [ 2332.143942] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000024 [ 2332.151230] R13: 00007fff731b57af R14: 00007f35fe88d9c0 R15: 000000000118bf2c 22:52:40 executing program 4 (fault-call:6 fault-nth:37): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x14) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(r0, 0x1ff) r1 = socket$inet_sctp(0x2, 0x801, 0x84) sendmsg(r1, &(0x7f0000000040)={&(0x7f0000000240)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x36}}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b2", 0xffe0}], 0x1, 0x0, 0x0, 0x9000004}, 0x0) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) [ 2332.269130] FAULT_INJECTION: forcing a failure. [ 2332.269130] name failslab, interval 1, probability 0, space 0, times 0 [ 2332.280857] CPU: 0 PID: 12629 Comm: syz-executor.4 Not tainted 4.14.198-syzkaller #0 [ 2332.288738] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2332.298216] Call Trace: [ 2332.300805] dump_stack+0x1b2/0x283 [ 2332.304437] should_fail.cold+0x10a/0x154 [ 2332.308591] should_failslab+0xd6/0x130 [ 2332.312665] kmem_cache_alloc_trace+0x47/0x3d0 [ 2332.317262] sctp_add_bind_addr+0x6c/0x350 [ 2332.321498] sctp_copy_local_addr_list+0x2ae/0x400 [ 2332.326426] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2332.331178] sctp_bind_addr_copy+0xde/0x430 [ 2332.335498] sctp_sendmsg+0x1c15/0x2cd0 [ 2332.339476] ? sctp_id2assoc+0x210/0x210 [ 2332.343534] ? rw_copy_check_uvector+0x1dd/0x2b0 [ 2332.348310] ? selinux_socket_sendmsg+0x1d8/0x260 [ 2332.353150] ? selinux_socket_getpeername+0x260/0x260 [ 2332.358352] ? dup_iter+0x240/0x240 [ 2332.361973] ? kernel_recvmsg+0x210/0x210 [ 2332.366116] inet_sendmsg+0x11a/0x4e0 [ 2332.369912] ? security_socket_sendmsg+0x83/0xb0 [ 2332.374659] ? inet_recvmsg+0x4d0/0x4d0 [ 2332.378636] sock_sendmsg+0xb5/0x100 [ 2332.382345] ___sys_sendmsg+0x6c8/0x800 [ 2332.387287] ? get_pid_task+0x91/0x130 [ 2332.391173] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 2332.395943] ? lock_downgrade+0x740/0x740 [ 2332.400084] ? __fget+0x1fe/0x360 [ 2332.403538] ? lock_acquire+0x170/0x3f0 [ 2332.407519] ? lock_downgrade+0x740/0x740 [ 2332.411670] ? sockfd_lookup_light+0xb2/0x160 [ 2332.416175] __sys_sendmsg+0xa3/0x120 [ 2332.419966] ? SyS_shutdown+0x160/0x160 [ 2332.423932] ? wait_for_completion_io+0x10/0x10 [ 2332.428609] ? SyS_read+0x210/0x210 [ 2332.432223] ? SyS_clock_settime+0x1a0/0x1a0 [ 2332.436650] SyS_sendmsg+0x27/0x40 [ 2332.440188] ? __sys_sendmsg+0x120/0x120 [ 2332.444245] do_syscall_64+0x1d5/0x640 [ 2332.448136] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2332.453327] RIP: 0033:0x45de29 [ 2332.456504] RSP: 002b:00007f35fe88cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2332.465956] RAX: ffffffffffffffda RBX: 0000000000028100 RCX: 000000000045de29 [ 2332.473220] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 2332.480832] RBP: 00007f35fe88cca0 R08: 0000000000000000 R09: 0000000000000000 [ 2332.488116] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000025 [ 2332.495390] R13: 00007fff731b57af R14: 00007f35fe88d9c0 R15: 000000000118bf2c [ 2332.896731] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=12641 comm=syz-executor.5 [ 2332.910111] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=12641 comm=syz-executor.5 22:52:42 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) ioctl$SNDRV_TIMER_IOCTL_INFO(0xffffffffffffffff, 0x80e85411, &(0x7f0000000000)=""/190) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)) ptrace$cont(0x1f, r0, 0x0, 0x0) 22:52:42 executing program 4 (fault-call:6 fault-nth:38): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x14) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(r0, 0x1ff) r1 = socket$inet_sctp(0x2, 0x801, 0x84) sendmsg(r1, &(0x7f0000000040)={&(0x7f0000000240)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x36}}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b2", 0xffe0}], 0x1, 0x0, 0x0, 0x9000004}, 0x0) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) 22:52:42 executing program 2: socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e21, 0x0, @mcast2, 0x1}, 0x1c) 22:52:42 executing program 5: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket$inet_udp(0x2, 0x2, 0x0) close(r1) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f0000d0f7f618a672ffd969647ac100000018000280140010000000000000"], 0x3}}, 0x0) write$binfmt_misc(r0, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r2, 0x0, r0, 0x0, 0x4ffe2, 0x0) 22:52:42 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) socket$netlink(0x10, 0x3, 0x2) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r2, 0x0, r4, 0x0, 0x4ffe2, 0x0) 22:52:42 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e669", 0x79}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) ptrace$cont(0x1f, r0, 0x0, 0x0) [ 2334.159383] FAULT_INJECTION: forcing a failure. [ 2334.159383] name failslab, interval 1, probability 0, space 0, times 0 22:52:42 executing program 2: r0 = socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) ioctl$sock_inet6_udp_SIOCOUTQ(r0, 0x5411, &(0x7f0000000000)) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) ioctl$SOUND_MIXER_READ_RECSRC(0xffffffffffffffff, 0x80044dff, &(0x7f0000000040)) [ 2334.217072] CPU: 0 PID: 12649 Comm: syz-executor.4 Not tainted 4.14.198-syzkaller #0 [ 2334.224985] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2334.234350] Call Trace: [ 2334.236945] dump_stack+0x1b2/0x283 [ 2334.240599] should_fail.cold+0x10a/0x154 [ 2334.244787] should_failslab+0xd6/0x130 [ 2334.248771] kmem_cache_alloc_trace+0x47/0x3d0 [ 2334.253362] sctp_add_bind_addr+0x6c/0x350 [ 2334.257609] sctp_copy_local_addr_list+0x2ae/0x400 [ 2334.262557] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2334.267346] sctp_bind_addr_copy+0xde/0x430 [ 2334.272641] sctp_sendmsg+0x1c15/0x2cd0 [ 2334.276633] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2334.281395] ? sctp_id2assoc+0x210/0x210 [ 2334.285458] ? retint_kernel+0x2d/0x2d [ 2334.289353] ? retint_kernel+0x2d/0x2d [ 2334.293285] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 2334.298304] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2334.303055] ? check_preemption_disabled+0x35/0x240 [ 2334.308065] ? retint_kernel+0x2d/0x2d [ 2334.312007] inet_sendmsg+0x11a/0x4e0 [ 2334.315819] ? security_socket_sendmsg+0x83/0xb0 [ 2334.320587] ? inet_recvmsg+0x4d0/0x4d0 [ 2334.324599] sock_sendmsg+0xb5/0x100 [ 2334.328328] ___sys_sendmsg+0x6c8/0x800 [ 2334.332315] ? get_pid_task+0x91/0x130 [ 2334.336220] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 2334.340976] ? lock_downgrade+0x740/0x740 [ 2334.345774] ? __fget+0x1fe/0x360 [ 2334.349213] ? lock_acquire+0x170/0x3f0 [ 2334.353168] ? lock_downgrade+0x740/0x740 [ 2334.357325] ? sockfd_lookup_light+0xb2/0x160 [ 2334.361813] __sys_sendmsg+0xa3/0x120 [ 2334.365608] ? SyS_shutdown+0x160/0x160 [ 2334.369592] ? check_preemption_disabled+0x35/0x240 [ 2334.374610] SyS_sendmsg+0x27/0x40 [ 2334.378154] ? __sys_sendmsg+0x120/0x120 [ 2334.382213] do_syscall_64+0x1d5/0x640 [ 2334.386083] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2334.391253] RIP: 0033:0x45de29 [ 2334.394423] RSP: 002b:00007f35fe88cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2334.402110] RAX: ffffffffffffffda RBX: 0000000000028100 RCX: 000000000045de29 [ 2334.409389] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 2334.416651] RBP: 00007f35fe88cca0 R08: 0000000000000000 R09: 0000000000000000 [ 2334.423910] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000026 [ 2334.431170] R13: 00007fff731b57af R14: 00007f35fe88d9c0 R15: 000000000118bf2c 22:52:42 executing program 4 (fault-call:6 fault-nth:39): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x14) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(r0, 0x1ff) r1 = socket$inet_sctp(0x2, 0x801, 0x84) sendmsg(r1, &(0x7f0000000040)={&(0x7f0000000240)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x36}}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b2", 0xffe0}], 0x1, 0x0, 0x0, 0x9000004}, 0x0) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) [ 2334.531644] FAULT_INJECTION: forcing a failure. [ 2334.531644] name failslab, interval 1, probability 0, space 0, times 0 [ 2334.544619] CPU: 0 PID: 12681 Comm: syz-executor.4 Not tainted 4.14.198-syzkaller #0 [ 2334.552623] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2334.561975] Call Trace: [ 2334.564568] dump_stack+0x1b2/0x283 [ 2334.568204] should_fail.cold+0x10a/0x154 [ 2334.572537] should_failslab+0xd6/0x130 [ 2334.576526] kmem_cache_alloc_trace+0x47/0x3d0 [ 2334.581106] sctp_add_bind_addr+0x6c/0x350 [ 2334.585334] sctp_copy_local_addr_list+0x2ae/0x400 [ 2334.590259] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2334.595010] sctp_bind_addr_copy+0xde/0x430 [ 2334.599340] sctp_sendmsg+0x1c15/0x2cd0 [ 2334.603313] ? sctp_id2assoc+0x210/0x210 [ 2334.607389] ? rw_copy_check_uvector+0x1dd/0x2b0 [ 2334.612140] ? selinux_socket_sendmsg+0x1d8/0x260 [ 2334.616973] ? selinux_socket_getpeername+0x260/0x260 [ 2334.622152] ? dup_iter+0x240/0x240 [ 2334.625778] ? kernel_recvmsg+0x210/0x210 [ 2334.629930] inet_sendmsg+0x11a/0x4e0 [ 2334.633720] ? security_socket_sendmsg+0x83/0xb0 [ 2334.638479] ? inet_recvmsg+0x4d0/0x4d0 [ 2334.642445] sock_sendmsg+0xb5/0x100 [ 2334.646153] ___sys_sendmsg+0x6c8/0x800 [ 2334.650126] ? get_pid_task+0x91/0x130 [ 2334.654003] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 2334.658756] ? lock_downgrade+0x740/0x740 [ 2334.662917] ? __fget+0x1fe/0x360 [ 2334.666379] ? lock_acquire+0x170/0x3f0 [ 2334.670350] ? lock_downgrade+0x740/0x740 [ 2334.674513] ? sockfd_lookup_light+0xb2/0x160 [ 2334.679071] __sys_sendmsg+0xa3/0x120 [ 2334.682875] ? SyS_shutdown+0x160/0x160 [ 2334.686855] ? wait_for_completion_io+0x10/0x10 [ 2334.691532] ? SyS_read+0x210/0x210 [ 2334.695151] ? SyS_clock_settime+0x1a0/0x1a0 [ 2334.699577] SyS_sendmsg+0x27/0x40 [ 2334.703108] ? __sys_sendmsg+0x120/0x120 [ 2334.707160] do_syscall_64+0x1d5/0x640 [ 2334.711064] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2334.716242] RIP: 0033:0x45de29 [ 2334.719426] RSP: 002b:00007f35fe88cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2334.727142] RAX: ffffffffffffffda RBX: 0000000000028100 RCX: 000000000045de29 [ 2334.734406] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 2334.741685] RBP: 00007f35fe88cca0 R08: 0000000000000000 R09: 0000000000000000 [ 2334.748953] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000027 [ 2334.756304] R13: 00007fff731b57af R14: 00007f35fe88d9c0 R15: 000000000118bf2c 22:52:43 executing program 4 (fault-call:6 fault-nth:40): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x14) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(r0, 0x1ff) r1 = socket$inet_sctp(0x2, 0x801, 0x84) sendmsg(r1, &(0x7f0000000040)={&(0x7f0000000240)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x36}}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b2", 0xffe0}], 0x1, 0x0, 0x0, 0x9000004}, 0x0) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) [ 2334.851132] FAULT_INJECTION: forcing a failure. [ 2334.851132] name failslab, interval 1, probability 0, space 0, times 0 [ 2334.862845] CPU: 1 PID: 12690 Comm: syz-executor.4 Not tainted 4.14.198-syzkaller #0 [ 2334.870727] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2334.880074] Call Trace: [ 2334.882675] dump_stack+0x1b2/0x283 [ 2334.886298] should_fail.cold+0x10a/0x154 [ 2334.890440] should_failslab+0xd6/0x130 [ 2334.894409] kmem_cache_alloc_trace+0x47/0x3d0 [ 2334.899029] sctp_add_bind_addr+0x6c/0x350 [ 2334.903267] sctp_copy_local_addr_list+0x2ae/0x400 [ 2334.908198] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2334.912952] sctp_bind_addr_copy+0xde/0x430 [ 2334.917292] sctp_sendmsg+0x1c15/0x2cd0 [ 2334.921271] ? sctp_id2assoc+0x210/0x210 [ 2334.925332] ? rw_copy_check_uvector+0x1dd/0x2b0 [ 2334.930088] ? selinux_socket_sendmsg+0x1d8/0x260 [ 2334.934925] ? selinux_socket_getpeername+0x260/0x260 [ 2334.940116] ? dup_iter+0x240/0x240 [ 2334.943754] ? kernel_recvmsg+0x210/0x210 [ 2334.947901] inet_sendmsg+0x11a/0x4e0 [ 2334.951695] ? security_socket_sendmsg+0x83/0xb0 [ 2334.956468] ? inet_recvmsg+0x4d0/0x4d0 [ 2334.960438] sock_sendmsg+0xb5/0x100 [ 2334.964152] ___sys_sendmsg+0x6c8/0x800 [ 2334.968120] ? get_pid_task+0x91/0x130 [ 2334.972003] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 2334.976776] ? lock_downgrade+0x740/0x740 [ 2334.980936] ? __fget+0x1fe/0x360 [ 2334.984381] ? lock_acquire+0x170/0x3f0 [ 2334.988348] ? lock_downgrade+0x740/0x740 [ 2334.992499] ? sockfd_lookup_light+0xb2/0x160 [ 2334.996990] __sys_sendmsg+0xa3/0x120 [ 2335.000785] ? SyS_shutdown+0x160/0x160 [ 2335.004754] ? wait_for_completion_io+0x10/0x10 [ 2335.009442] ? SyS_read+0x210/0x210 [ 2335.013076] ? SyS_clock_settime+0x1a0/0x1a0 [ 2335.017494] SyS_sendmsg+0x27/0x40 [ 2335.021042] ? __sys_sendmsg+0x120/0x120 [ 2335.025379] do_syscall_64+0x1d5/0x640 [ 2335.029278] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2335.034464] RIP: 0033:0x45de29 [ 2335.037642] RSP: 002b:00007f35fe88cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e 22:52:43 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = semget(0x0, 0x3, 0x4) semtimedop(r2, &(0x7f0000000040)=[{0x0, 0x81, 0x1800}], 0x1, &(0x7f0000000100)) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$CHAR_RAW_ROTATIONAL(r1, 0x127e, &(0x7f0000000140)) r5 = socket$inet_udp(0x2, 0x2, 0x0) close(r5) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r4, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r3, 0x0, r5, 0x0, 0x4ffe2, 0x0) [ 2335.045612] RAX: ffffffffffffffda RBX: 0000000000028100 RCX: 000000000045de29 [ 2335.052883] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 2335.060148] RBP: 00007f35fe88cca0 R08: 0000000000000000 R09: 0000000000000000 [ 2335.067411] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000028 [ 2335.074682] R13: 00007fff731b57af R14: 00007f35fe88d9c0 R15: 000000000118bf2c 22:52:43 executing program 5: pipe(&(0x7f0000000080)={0xffffffffffffffff}) r1 = socket$inet_udp(0x2, 0x2, 0x0) close(r1) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$TIOCOUTQ(r3, 0x5411, &(0x7f0000000040)) r4 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_int(r4, 0x29, 0x48, &(0x7f0000000240)=0xd, 0x4) getsockopt$inet6_int(r4, 0x29, 0x48, 0x0, &(0x7f00007d0000)) write$binfmt_misc(r4, &(0x7f0000000040)=ANY=[], 0xfffffecc) socket$inet6_udp(0xa, 0x2, 0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000100)) splice(r0, 0x0, r1, 0x0, 0x4ffe2, 0x0) 22:52:43 executing program 2: socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_int(r0, 0x29, 0x48, &(0x7f0000000240)=0xd, 0x4) getsockopt$inet6_int(r0, 0x29, 0x48, 0x0, &(0x7f00007d0000)) ioctl$sock_SIOCSIFVLAN_GET_VLAN_REALDEV_NAME_CMD(r0, 0x8983, &(0x7f0000000000)={0x8, 'vlan0\x00', {'team_slave_0\x00'}, 0x8}) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, &(0x7f0000000040), 0x4) 22:52:45 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)) ptrace$cont(0x1f, r0, 0x0, 0x0) 22:52:45 executing program 4 (fault-call:6 fault-nth:41): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x14) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(r0, 0x1ff) r1 = socket$inet_sctp(0x2, 0x801, 0x84) sendmsg(r1, &(0x7f0000000040)={&(0x7f0000000240)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x36}}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b2", 0xffe0}], 0x1, 0x0, 0x0, 0x9000004}, 0x0) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) 22:52:45 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) dup(0xffffffffffffffff) r4 = socket$inet_udp(0x2, 0x2, 0x0) r5 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_int(r5, 0x29, 0x48, &(0x7f0000000240)=0xd, 0x4) getsockopt$inet6_int(r5, 0x29, 0x48, 0x0, &(0x7f00007d0000)) close(r5) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="480000001000"/20, @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r2, 0x0, r4, 0x0, 0x4ffe2, 0x0) r6 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm-monitor\x00', 0x68000, 0x0) ioctl$VT_SETMODE(r6, 0x5602, &(0x7f0000000100)={0x3, 0xbb, 0x8, 0xfbb5, 0x3}) 22:52:45 executing program 5: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f00000001c0)={0x4, 0x18, 0x0, 0xffffffffffffffff}) ioctl$F2FS_IOC_GET_FEATURES(r3, 0x8004f50c, &(0x7f0000000240)) close(r2) socket$netlink(0x10, 0x3, 0x0) getsockopt$netrom_NETROM_N2(r1, 0x103, 0x3, &(0x7f0000000000)=0x7f, &(0x7f0000000180)=0x4) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYBLOB="49e2f52207290c698225d0ebfc7e1fcd3e24c9858a01f8624d4453cc6fe2c5108e9257745b351704af04ec579bd36deb8a6ab7381c5cd3f4", @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}, 0x1, 0x0, 0x0, 0x20000020}, 0x40010) setsockopt$sock_timeval(r1, 0x1, 0x42, &(0x7f0000000040)={0x0, 0x2710}, 0x10) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0) 22:52:45 executing program 2: r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000000000)='/dev/input/mice\x00', 0x103200) ioctl$SCSI_IOCTL_BENCHMARK_COMMAND(r0, 0x3) r1 = openat$cgroup_ro(r0, &(0x7f0000000180)='cpuacct.usage_user\x00', 0x0, 0x0) bind$rose(r1, &(0x7f00000001c0)=@full={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null, 0x1, [@default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default]}, 0x40) socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f00000000c0)=[@in={0x2, 0x4e20, @loopback}, @in6={0xa, 0x4e24, 0x7fffffff, @local, 0x3}, @in={0x2, 0x4e21, @private=0xa010101}, @in={0x2, 0x4e23, @multicast1}, @in={0x2, 0x4e22, @rand_addr=0x64010102}, @in6={0xa, 0x4e24, 0x80000001, @empty, 0x5}, @in6={0xa, 0x4e24, 0x7, @private2={0xfc, 0x2, [], 0x1}, 0x7ff}], 0x94) connect$inet6(r2, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vhost-vsock\x00', 0x2, 0x0) 22:52:45 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e669", 0x79}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) ptrace$cont(0x1f, r0, 0x0, 0x0) [ 2337.224936] FAULT_INJECTION: forcing a failure. [ 2337.224936] name failslab, interval 1, probability 0, space 0, times 0 [ 2337.236960] CPU: 0 PID: 12727 Comm: syz-executor.4 Not tainted 4.14.198-syzkaller #0 [ 2337.244854] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2337.254213] Call Trace: [ 2337.256816] dump_stack+0x1b2/0x283 [ 2337.260455] should_fail.cold+0x10a/0x154 [ 2337.264727] should_failslab+0xd6/0x130 [ 2337.268723] kmem_cache_alloc_trace+0x47/0x3d0 [ 2337.273313] sctp_add_bind_addr+0x6c/0x350 [ 2337.277561] sctp_copy_local_addr_list+0x2ae/0x400 [ 2337.282499] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2337.287236] ? retint_kernel+0x2d/0x2d [ 2337.291119] sctp_bind_addr_copy+0xde/0x430 [ 2337.295495] sctp_sendmsg+0x1c15/0x2cd0 [ 2337.300181] ? sctp_id2assoc+0x210/0x210 [ 2337.304243] ? rw_copy_check_uvector+0x1dd/0x2b0 [ 2337.309006] ? selinux_socket_sendmsg+0x1d8/0x260 [ 2337.313838] ? selinux_socket_getpeername+0x260/0x260 [ 2337.319021] ? dup_iter+0x240/0x240 [ 2337.322631] ? kernel_recvmsg+0x210/0x210 [ 2337.327488] inet_sendmsg+0x11a/0x4e0 [ 2337.331276] ? security_socket_sendmsg+0x83/0xb0 [ 2337.336014] ? inet_recvmsg+0x4d0/0x4d0 [ 2337.339979] sock_sendmsg+0xb5/0x100 [ 2337.343729] ___sys_sendmsg+0x6c8/0x800 [ 2337.347704] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 2337.353185] ? check_preemption_disabled+0x35/0x240 [ 2337.358197] ? retint_kernel+0x2d/0x2d [ 2337.362082] ? __fget+0x1fe/0x360 [ 2337.365534] ? lock_downgrade+0x740/0x740 [ 2337.369688] ? sockfd_lookup_light+0xb2/0x160 [ 2337.374186] __sys_sendmsg+0xa3/0x120 [ 2337.377977] ? SyS_shutdown+0x160/0x160 [ 2337.381946] ? wait_for_completion_io+0x10/0x10 [ 2337.386628] ? SyS_read+0x210/0x210 [ 2337.390262] ? SyS_clock_settime+0x1a0/0x1a0 [ 2337.394666] SyS_sendmsg+0x27/0x40 [ 2337.398183] ? __sys_sendmsg+0x120/0x120 [ 2337.402243] do_syscall_64+0x1d5/0x640 [ 2337.406133] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2337.411310] RIP: 0033:0x45de29 [ 2337.414478] RSP: 002b:00007f35fe88cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2337.422179] RAX: ffffffffffffffda RBX: 0000000000028100 RCX: 000000000045de29 [ 2337.429446] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 2337.436695] RBP: 00007f35fe88cca0 R08: 0000000000000000 R09: 0000000000000000 [ 2337.443959] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000029 [ 2337.451228] R13: 00007fff731b57af R14: 00007f35fe88d9c0 R15: 000000000118bf2c [ 2337.461528] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=12743 comm=syz-executor.5 22:52:45 executing program 4 (fault-call:6 fault-nth:42): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x14) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(r0, 0x1ff) r1 = socket$inet_sctp(0x2, 0x801, 0x84) sendmsg(r1, &(0x7f0000000040)={&(0x7f0000000240)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x36}}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b2", 0xffe0}], 0x1, 0x0, 0x0, 0x9000004}, 0x0) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) [ 2337.595286] FAULT_INJECTION: forcing a failure. [ 2337.595286] name failslab, interval 1, probability 0, space 0, times 0 [ 2337.607204] CPU: 1 PID: 12752 Comm: syz-executor.4 Not tainted 4.14.198-syzkaller #0 [ 2337.615099] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2337.624459] Call Trace: [ 2337.627044] dump_stack+0x1b2/0x283 [ 2337.630694] should_fail.cold+0x10a/0x154 [ 2337.634838] should_failslab+0xd6/0x130 [ 2337.638803] kmem_cache_alloc_trace+0x47/0x3d0 [ 2337.643391] sctp_add_bind_addr+0x6c/0x350 [ 2337.647620] sctp_copy_local_addr_list+0x2ae/0x400 [ 2337.652538] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2337.657379] sctp_bind_addr_copy+0xde/0x430 [ 2337.661695] sctp_sendmsg+0x1c15/0x2cd0 [ 2337.665707] ? check_preemption_disabled+0x35/0x240 [ 2337.670714] ? sctp_id2assoc+0x210/0x210 [ 2337.674802] ? selinux_socket_sendmsg+0xe3/0x260 [ 2337.679573] ? selinux_socket_sendmsg+0x1d8/0x260 [ 2337.684419] ? selinux_socket_getpeername+0x260/0x260 [ 2337.691104] ? dup_iter+0x240/0x240 [ 2337.694743] ? kernel_recvmsg+0x210/0x210 [ 2337.698893] inet_sendmsg+0x11a/0x4e0 [ 2337.702682] ? security_socket_sendmsg+0x83/0xb0 [ 2337.707415] ? inet_recvmsg+0x4d0/0x4d0 [ 2337.711381] sock_sendmsg+0xb5/0x100 [ 2337.715091] ___sys_sendmsg+0x6c8/0x800 [ 2337.719079] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 2337.723829] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 2337.728845] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2337.733605] ? check_preemption_disabled+0x35/0x240 [ 2337.738604] ? __fget+0x1fe/0x360 [ 2337.742089] ? lock_downgrade+0x740/0x740 [ 2337.746247] ? sockfd_lookup_light+0xb2/0x160 [ 2337.750723] __sys_sendmsg+0xa3/0x120 [ 2337.754514] ? SyS_shutdown+0x160/0x160 [ 2337.758477] ? wait_for_completion_io+0x10/0x10 [ 2337.763129] ? SyS_read+0x210/0x210 [ 2337.766824] ? SyS_clock_settime+0x1a0/0x1a0 [ 2337.771222] SyS_sendmsg+0x27/0x40 [ 2337.774749] ? __sys_sendmsg+0x120/0x120 [ 2337.778803] do_syscall_64+0x1d5/0x640 [ 2337.782679] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2337.787854] RIP: 0033:0x45de29 [ 2337.791027] RSP: 002b:00007f35fe88cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2337.798818] RAX: ffffffffffffffda RBX: 0000000000028100 RCX: 000000000045de29 [ 2337.806112] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 2337.813404] RBP: 00007f35fe88cca0 R08: 0000000000000000 R09: 0000000000000000 [ 2337.820676] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000002a [ 2337.827959] R13: 00007fff731b57af R14: 00007f35fe88d9c0 R15: 000000000118bf2c 22:52:46 executing program 4 (fault-call:6 fault-nth:43): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x14) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(r0, 0x1ff) r1 = socket$inet_sctp(0x2, 0x801, 0x84) sendmsg(r1, &(0x7f0000000040)={&(0x7f0000000240)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x36}}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b2", 0xffe0}], 0x1, 0x0, 0x0, 0x9000004}, 0x0) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) [ 2337.960295] FAULT_INJECTION: forcing a failure. [ 2337.960295] name failslab, interval 1, probability 0, space 0, times 0 [ 2337.972152] CPU: 0 PID: 12759 Comm: syz-executor.4 Not tainted 4.14.198-syzkaller #0 [ 2337.980058] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2337.990053] Call Trace: [ 2337.992640] dump_stack+0x1b2/0x283 [ 2337.993739] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=12761 comm=syz-executor.5 [ 2337.996280] should_fail.cold+0x10a/0x154 [ 2337.996297] should_failslab+0xd6/0x130 [ 2337.996308] kmem_cache_alloc_trace+0x47/0x3d0 [ 2337.996321] sctp_add_bind_addr+0x6c/0x350 [ 2337.996340] sctp_copy_local_addr_list+0x2ae/0x400 [ 2338.030654] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2338.035438] sctp_bind_addr_copy+0xde/0x430 [ 2338.039779] sctp_sendmsg+0x1c15/0x2cd0 [ 2338.044635] ? sctp_id2assoc+0x210/0x210 [ 2338.048700] ? rw_copy_check_uvector+0x1dd/0x2b0 [ 2338.053465] ? selinux_socket_sendmsg+0x1d8/0x260 [ 2338.058314] ? selinux_socket_getpeername+0x260/0x260 [ 2338.063530] ? dup_iter+0x240/0x240 [ 2338.067173] ? kernel_recvmsg+0x210/0x210 [ 2338.071318] inet_sendmsg+0x11a/0x4e0 [ 2338.075110] ? security_socket_sendmsg+0x83/0xb0 [ 2338.079864] ? inet_recvmsg+0x4d0/0x4d0 [ 2338.083835] sock_sendmsg+0xb5/0x100 [ 2338.087540] ___sys_sendmsg+0x6c8/0x800 [ 2338.091525] ? get_pid_task+0x91/0x130 [ 2338.095431] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 2338.100191] ? lock_downgrade+0x740/0x740 [ 2338.104345] ? __fget+0x1fe/0x360 [ 2338.107811] ? lock_acquire+0x170/0x3f0 [ 2338.111781] ? lock_downgrade+0x740/0x740 [ 2338.115961] ? sockfd_lookup_light+0xb2/0x160 [ 2338.120468] __sys_sendmsg+0xa3/0x120 [ 2338.124267] ? SyS_shutdown+0x160/0x160 [ 2338.132938] ? wait_for_completion_io+0x10/0x10 [ 2338.137606] ? SyS_read+0x210/0x210 [ 2338.141222] ? SyS_clock_settime+0x1a0/0x1a0 [ 2338.145634] SyS_sendmsg+0x27/0x40 [ 2338.149162] ? __sys_sendmsg+0x120/0x120 [ 2338.153213] do_syscall_64+0x1d5/0x640 [ 2338.157098] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2338.162278] RIP: 0033:0x45de29 [ 2338.165465] RSP: 002b:00007f35fe88cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2338.173197] RAX: ffffffffffffffda RBX: 0000000000028100 RCX: 000000000045de29 [ 2338.180476] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 2338.187760] RBP: 00007f35fe88cca0 R08: 0000000000000000 R09: 0000000000000000 [ 2338.195035] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000002b [ 2338.202329] R13: 00007fff731b57af R14: 00007f35fe88d9c0 R15: 000000000118bf2c 22:52:46 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000100)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd) r3 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f0000000240)={'syz', 0x1}, 0x0, 0x0, r2) request_key(&(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={'syz', 0x1}, 0x0, r3) r4 = add_key$keyring(&(0x7f0000000180)='keyring\x00', &(0x7f0000000100)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffd) r5 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f0000000240)={'syz', 0x1}, 0x0, 0x0, r4) request_key(&(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={'syz', 0x1}, 0x0, r5) keyctl$reject(0x13, r3, 0x80000001, 0x5, r5) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r8 = socket$inet_udp(0x2, 0x2, 0x0) close(r8) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r7, &(0x7f0000000000)=ANY=[], 0xfffffecc) prctl$PR_CAPBSET_READ(0x17, 0x1) splice(r6, 0x0, r8, 0x0, 0x4ffe2, 0x0) 22:52:46 executing program 5: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000340)='/dev/hwrng\x00', 0x200000, 0x0) ioctl$sock_rose_SIOCRSCLRRT(r3, 0x89e4) r4 = socket$netlink(0x10, 0x3, 0x0) r5 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_int(r5, 0x29, 0x48, &(0x7f0000000240)=0xd, 0x4) getsockopt$inet6_int(r5, 0x29, 0x48, 0x0, &(0x7f00007d0000)) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x13, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYRESHEX=r2, @ANYRES32=r5, @ANYRES64=r4], 0x3}, 0x1, 0x0, 0x0, 0x14}, 0x4000010) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) r6 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vsock\x00', 0x200000, 0x0) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f00000001c0)={'syztnl2\x00', &(0x7f0000000140)={'ip6tnl0\x00', 0x0, 0x4, 0x9, 0x39, 0x10000, 0x1d, @remote, @mcast1, 0x8000, 0x40, 0x8, 0x100}}) sendmsg$nl_route(r6, &(0x7f0000000300)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)=@ipv6_newroute={0x38, 0x18, 0x100, 0x70bd29, 0x25dfdbfd, {0xa, 0x20, 0x0, 0xfa, 0xff, 0x2, 0xff, 0x9, 0x2000}, [@RTA_OIF={0x8, 0x4, r7}, @RTA_MARK={0x8, 0x10, 0x20}, @RTA_METRICS={0xc, 0x8, 0x0, 0x1, "ee938d9605a6f4f1"}]}, 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x4000004) splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0) 22:52:46 executing program 4 (fault-call:6 fault-nth:44): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x14) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(r0, 0x1ff) r1 = socket$inet_sctp(0x2, 0x801, 0x84) sendmsg(r1, &(0x7f0000000040)={&(0x7f0000000240)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x36}}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b2", 0xffe0}], 0x1, 0x0, 0x0, 0x9000004}, 0x0) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) 22:52:46 executing program 2: r0 = socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) r2 = dup3(r1, r0, 0x80000) setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r0, 0x84, 0x15, &(0x7f0000000280)={0x5}, 0x1) r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040)='batadv\x00') sendmsg$BATADV_CMD_TP_METER(r2, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x4c, r3, 0x400, 0x70bd2b, 0x25dfdbfe, {}, [@BATADV_ATTR_VLANID={0x6, 0x28, 0x1}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5}, @BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x9304}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_ISOLATION_MARK={0x8, 0x2b, 0x5}]}, 0x4c}}, 0x20040080) r4 = signalfd4(r0, &(0x7f00000001c0)={[0x80]}, 0x8, 0x80000) getsockopt$inet_mreqsrc(r4, 0x0, 0x25, &(0x7f0000000200)={@remote, @private, @broadcast}, &(0x7f0000000240)=0xc) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) [ 2338.430233] FAULT_INJECTION: forcing a failure. [ 2338.430233] name failslab, interval 1, probability 0, space 0, times 0 [ 2338.454810] CPU: 1 PID: 12782 Comm: syz-executor.4 Not tainted 4.14.198-syzkaller #0 [ 2338.462723] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2338.472096] Call Trace: [ 2338.474705] dump_stack+0x1b2/0x283 [ 2338.478349] should_fail.cold+0x10a/0x154 [ 2338.482497] should_failslab+0xd6/0x130 [ 2338.487282] kmem_cache_alloc_trace+0x47/0x3d0 [ 2338.491894] sctp_add_bind_addr+0x6c/0x350 [ 2338.496150] sctp_copy_local_addr_list+0x2ae/0x400 [ 2338.501082] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2338.505832] ? sctp_bind_addr_copy+0x118/0x430 [ 2338.510409] sctp_bind_addr_copy+0xde/0x430 [ 2338.514730] sctp_sendmsg+0x1c15/0x2cd0 [ 2338.518710] ? sctp_id2assoc+0x210/0x210 [ 2338.522971] ? rw_copy_check_uvector+0x1dd/0x2b0 [ 2338.527726] ? selinux_socket_sendmsg+0x1d8/0x260 [ 2338.532573] ? selinux_socket_getpeername+0x260/0x260 [ 2338.538128] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 2338.543145] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2338.547904] ? retint_kernel+0x2d/0x2d [ 2338.551818] inet_sendmsg+0x11a/0x4e0 [ 2338.555615] ? security_socket_sendmsg+0x83/0xb0 [ 2338.561066] ? inet_recvmsg+0x4d0/0x4d0 [ 2338.565034] sock_sendmsg+0xb5/0x100 [ 2338.568755] ___sys_sendmsg+0x6c8/0x800 [ 2338.572730] ? get_pid_task+0x91/0x130 [ 2338.576618] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 2338.581387] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 2338.587103] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2338.591864] ? check_preemption_disabled+0x35/0x240 [ 2338.596882] ? __fget+0x1fe/0x360 [ 2338.600359] ? lock_downgrade+0x740/0x740 [ 2338.604537] ? sockfd_lookup_light+0xb2/0x160 [ 2338.609038] __sys_sendmsg+0xa3/0x120 [ 2338.612837] ? SyS_shutdown+0x160/0x160 [ 2338.616815] ? wait_for_completion_io+0x10/0x10 [ 2338.621591] ? SyS_read+0x210/0x210 [ 2338.625222] ? SyS_clock_settime+0x1a0/0x1a0 [ 2338.629907] SyS_sendmsg+0x27/0x40 [ 2338.633438] ? __sys_sendmsg+0x120/0x120 [ 2338.637499] do_syscall_64+0x1d5/0x640 [ 2338.641389] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2338.646570] RIP: 0033:0x45de29 [ 2338.649764] RSP: 002b:00007f35fe88cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2338.657485] RAX: ffffffffffffffda RBX: 0000000000028100 RCX: 000000000045de29 [ 2338.664745] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 2338.672025] RBP: 00007f35fe88cca0 R08: 0000000000000000 R09: 0000000000000000 [ 2338.680958] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000002c [ 2338.688234] R13: 00007fff731b57af R14: 00007f35fe88d9c0 R15: 000000000118bf2c 22:52:48 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x40) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)) sched_getparam(0x0, &(0x7f0000000000)) ptrace$cont(0x1f, r0, 0x0, 0x0) 22:52:48 executing program 4 (fault-call:6 fault-nth:45): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x14) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(r0, 0x1ff) r1 = socket$inet_sctp(0x2, 0x801, 0x84) sendmsg(r1, &(0x7f0000000040)={&(0x7f0000000240)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x36}}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b2", 0xffe0}], 0x1, 0x0, 0x0, 0x9000004}, 0x0) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) 22:52:48 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) sendmsg$AUDIT_SET(r2, &(0x7f0000000580)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x84000}, 0xc, &(0x7f0000000540)={&(0x7f0000000500)={0x38, 0x3e9, 0x20, 0x70bd28, 0x25dfdbfc, {0x1c, 0x0, 0x0, 0x0, 0xfff, 0x7, 0x200, 0xd8f, 0x0, 0xffff}, ["", "", "", "", ""]}, 0x38}, 0x1, 0x0, 0x0, 0x800}, 0x400d) close(r4) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/timers\x00', 0x0, 0x0) sendmsg$DEVLINK_CMD_PORT_UNSPLIT(r5, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000240)={&(0x7f0000000140)={0x84, 0x0, 0x800, 0xe5, 0x25dfdbfd, {}, [{{@pci={{0x8, 0x1, 'pci\x00'}, {0x11, 0x2, '0000:00:10.0\x00'}}, {0x8, 0x3, 0x1}}}, {{@nsim={{0xe, 0x1, 'netdevsim\x00'}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x1}}}, {{@pci={{0x8, 0x1, 'pci\x00'}, {0x11, 0x2, '0000:00:10.0\x00'}}, {0x8}}}]}, 0x84}, 0x1, 0x0, 0x0, 0x80}, 0x4) r6 = socket$inet_udplite(0x2, 0x2, 0x88) r7 = dup(r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) getsockopt$TIPC_NODE_RECVQ_DEPTH(r7, 0x10f, 0x83, &(0x7f00000002c0), &(0x7f0000000300)=0x4) r8 = accept4$inet(r5, &(0x7f0000000340)={0x2, 0x0, @multicast2}, &(0x7f0000000380)=0x10, 0x80000) getsockopt$IPT_SO_GET_INFO(r8, 0x0, 0x40, &(0x7f00000003c0)={'raw\x00'}, &(0x7f0000000440)=0x54) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="89a0808200000000000000001f000000000000006e00000018ff7f00000007"], 0x3}}, 0x0) ioctl$VIDIOC_SUBDEV_S_SELECTION(r1, 0xc040563e, &(0x7f0000000480)={0x1, 0x0, 0x102, 0x2, {0x9, 0x3, 0x5, 0x101}}) write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r2, 0x0, r4, 0x0, 0x4ffe2, 0x0) 22:52:48 executing program 5: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket$netlink(0x10, 0x3, 0x1f) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0) 22:52:48 executing program 2: socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) prctl$PR_MCE_KILL(0x21, 0x1, 0x2) 22:52:48 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e669", 0x79}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) ptrace$cont(0x1f, r0, 0x0, 0x0) [ 2340.221901] FAULT_INJECTION: forcing a failure. [ 2340.221901] name failslab, interval 1, probability 0, space 0, times 0 [ 2340.254615] CPU: 0 PID: 12805 Comm: syz-executor.4 Not tainted 4.14.198-syzkaller #0 [ 2340.262533] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2340.271885] Call Trace: [ 2340.274474] dump_stack+0x1b2/0x283 [ 2340.278111] should_fail.cold+0x10a/0x154 [ 2340.282269] should_failslab+0xd6/0x130 [ 2340.286248] kmem_cache_alloc_trace+0x47/0x3d0 [ 2340.290837] sctp_add_bind_addr+0x6c/0x350 [ 2340.295460] sctp_copy_local_addr_list+0x2ae/0x400 [ 2340.301006] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2340.305772] sctp_bind_addr_copy+0xde/0x430 [ 2340.310138] sctp_sendmsg+0x1c15/0x2cd0 [ 2340.314125] ? sctp_id2assoc+0x210/0x210 [ 2340.318196] ? retint_kernel+0x2d/0x2d [ 2340.322089] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 2340.327099] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2340.331861] ? check_preemption_disabled+0x35/0x240 [ 2340.336877] ? retint_kernel+0x2d/0x2d [ 2340.340755] inet_sendmsg+0x11a/0x4e0 [ 2340.344540] ? security_socket_sendmsg+0x83/0xb0 [ 2340.349295] ? inet_recvmsg+0x4d0/0x4d0 [ 2340.353373] sock_sendmsg+0xb5/0x100 [ 2340.357081] ___sys_sendmsg+0x6c8/0x800 [ 2340.361049] ? get_pid_task+0x91/0x130 [ 2340.364917] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 2340.369652] ? retint_kernel+0x2d/0x2d [ 2340.373531] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 2340.378538] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2340.383769] ? __fget+0x1fe/0x360 [ 2340.387253] ? lock_downgrade+0x740/0x740 [ 2340.391403] ? sockfd_lookup_light+0xb2/0x160 [ 2340.395893] __sys_sendmsg+0xa3/0x120 [ 2340.399683] ? SyS_shutdown+0x160/0x160 [ 2340.403652] ? wait_for_completion_io+0x10/0x10 [ 2340.408332] ? SyS_read+0x210/0x210 [ 2340.411979] SyS_sendmsg+0x27/0x40 [ 2340.415510] ? __sys_sendmsg+0x120/0x120 [ 2340.419556] do_syscall_64+0x1d5/0x640 [ 2340.423428] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2340.428614] RIP: 0033:0x45de29 [ 2340.432491] RSP: 002b:00007f35fe88cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2340.440789] RAX: ffffffffffffffda RBX: 0000000000028100 RCX: 000000000045de29 [ 2340.448044] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 2340.455301] RBP: 00007f35fe88cca0 R08: 0000000000000000 R09: 0000000000000000 [ 2340.462559] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000002d [ 2340.469811] R13: 00007fff731b57af R14: 00007f35fe88d9c0 R15: 000000000118bf2c 22:52:48 executing program 4 (fault-call:6 fault-nth:46): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x14) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(r0, 0x1ff) r1 = socket$inet_sctp(0x2, 0x801, 0x84) sendmsg(r1, &(0x7f0000000040)={&(0x7f0000000240)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x36}}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b2", 0xffe0}], 0x1, 0x0, 0x0, 0x9000004}, 0x0) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) [ 2340.633199] FAULT_INJECTION: forcing a failure. [ 2340.633199] name failslab, interval 1, probability 0, space 0, times 0 [ 2340.649733] CPU: 1 PID: 12835 Comm: syz-executor.4 Not tainted 4.14.198-syzkaller #0 [ 2340.657805] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2340.667144] Call Trace: [ 2340.669755] dump_stack+0x1b2/0x283 [ 2340.673380] should_fail.cold+0x10a/0x154 [ 2340.677542] should_failslab+0xd6/0x130 [ 2340.681509] kmem_cache_alloc_trace+0x47/0x3d0 [ 2340.686099] sctp_add_bind_addr+0x6c/0x350 [ 2340.691205] sctp_copy_local_addr_list+0x2ae/0x400 [ 2340.696123] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2340.704515] sctp_bind_addr_copy+0xde/0x430 [ 2340.708848] sctp_sendmsg+0x1c15/0x2cd0 [ 2340.712814] ? sctp_id2assoc+0x210/0x210 [ 2340.716873] ? rw_copy_check_uvector+0x1dd/0x2b0 [ 2340.721612] ? retint_kernel+0x2d/0x2d [ 2340.725493] ? selinux_socket_sendmsg+0x1d8/0x260 [ 2340.730345] ? selinux_socket_getpeername+0x260/0x260 [ 2340.735527] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2340.741001] inet_sendmsg+0x11a/0x4e0 [ 2340.744794] ? security_socket_sendmsg+0x83/0xb0 [ 2340.749537] ? inet_recvmsg+0x4d0/0x4d0 [ 2340.753500] sock_sendmsg+0xb5/0x100 [ 2340.757209] ___sys_sendmsg+0x6c8/0x800 [ 2340.761180] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 2340.765929] ? lock_downgrade+0x740/0x740 [ 2340.770064] ? __fget+0x1fe/0x360 [ 2340.773508] ? lock_acquire+0x170/0x3f0 [ 2340.777465] ? lock_downgrade+0x740/0x740 [ 2340.781605] ? sockfd_lookup_light+0xb2/0x160 [ 2340.786090] __sys_sendmsg+0xa3/0x120 [ 2340.789895] ? SyS_shutdown+0x160/0x160 [ 2340.793865] ? check_preemption_disabled+0x35/0x240 [ 2340.798915] ? SyS_shutdown+0x160/0x160 [ 2340.802872] SyS_sendmsg+0x27/0x40 [ 2340.806409] ? __sys_sendmsg+0x120/0x120 [ 2340.810463] do_syscall_64+0x1d5/0x640 [ 2340.814352] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2340.819547] RIP: 0033:0x45de29 [ 2340.822714] RSP: 002b:00007f35fe88cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2340.830414] RAX: ffffffffffffffda RBX: 0000000000028100 RCX: 000000000045de29 [ 2340.841061] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 2340.848330] RBP: 00007f35fe88cca0 R08: 0000000000000000 R09: 0000000000000000 [ 2340.855929] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000002e [ 2340.863178] R13: 00007fff731b57af R14: 00007f35fe88d9c0 R15: 000000000118bf2c 22:52:49 executing program 4 (fault-call:6 fault-nth:47): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x14) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(r0, 0x1ff) r1 = socket$inet_sctp(0x2, 0x801, 0x84) sendmsg(r1, &(0x7f0000000040)={&(0x7f0000000240)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x36}}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b2", 0xffe0}], 0x1, 0x0, 0x0, 0x9000004}, 0x0) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) [ 2340.961953] FAULT_INJECTION: forcing a failure. [ 2340.961953] name failslab, interval 1, probability 0, space 0, times 0 [ 2340.974625] CPU: 0 PID: 12842 Comm: syz-executor.4 Not tainted 4.14.198-syzkaller #0 [ 2340.982512] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2340.991855] Call Trace: [ 2340.994457] dump_stack+0x1b2/0x283 [ 2340.999059] should_fail.cold+0x10a/0x154 [ 2341.003241] should_failslab+0xd6/0x130 [ 2341.007217] kmem_cache_alloc_trace+0x47/0x3d0 [ 2341.011816] sctp_add_bind_addr+0x6c/0x350 [ 2341.016057] sctp_copy_local_addr_list+0x2ae/0x400 [ 2341.020998] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2341.025765] sctp_bind_addr_copy+0xde/0x430 [ 2341.030100] sctp_sendmsg+0x1c15/0x2cd0 [ 2341.034258] ? sctp_id2assoc+0x210/0x210 [ 2341.038328] ? retint_kernel+0x2d/0x2d [ 2341.042224] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 2341.047515] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2341.052298] ? selinux_socket_sendmsg+0x1d8/0x260 [ 2341.057150] ? selinux_socket_getpeername+0x260/0x260 [ 2341.062390] ? check_preemption_disabled+0x35/0x240 [ 2341.067413] ? retint_kernel+0x2d/0x2d [ 2341.071325] inet_sendmsg+0x11a/0x4e0 [ 2341.075153] ? security_socket_sendmsg+0x83/0xb0 [ 2341.079907] ? inet_recvmsg+0x4d0/0x4d0 [ 2341.083908] sock_sendmsg+0xb5/0x100 [ 2341.087642] ___sys_sendmsg+0x6c8/0x800 [ 2341.091616] ? get_pid_task+0x91/0x130 [ 2341.095502] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 2341.100264] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 2341.105307] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2341.110070] ? check_preemption_disabled+0x35/0x240 [ 2341.115087] ? __fget+0x1fe/0x360 [ 2341.118549] ? lock_downgrade+0x740/0x740 [ 2341.122710] ? sockfd_lookup_light+0xb2/0x160 [ 2341.127206] __sys_sendmsg+0xa3/0x120 [ 2341.131012] ? SyS_shutdown+0x160/0x160 [ 2341.134987] ? wait_for_completion_io+0x10/0x10 [ 2341.139665] ? SyS_read+0x210/0x210 [ 2341.143298] ? SyS_clock_settime+0x1a0/0x1a0 [ 2341.147708] SyS_sendmsg+0x27/0x40 [ 2341.151251] ? __sys_sendmsg+0x120/0x120 [ 2341.155341] do_syscall_64+0x1d5/0x640 22:52:49 executing program 2: socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback}, 0x1c) 22:52:49 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) r5 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_int(r5, 0x29, 0x48, &(0x7f0000000240)=0xd, 0x4) getsockopt$inet6_int(r5, 0x29, 0x48, 0x0, &(0x7f00007d0000)) accept4$ax25(r1, &(0x7f0000000100)={{0x3, @bcast}, [@remote, @rose, @null, @rose, @null, @remote, @netrom, @null]}, &(0x7f0000000040)=0x48, 0x0) write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r2, 0x0, r4, 0x0, 0x4ffe2, 0x0) [ 2341.159238] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2341.164429] RIP: 0033:0x45de29 [ 2341.167613] RSP: 002b:00007f35fe88cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2341.175411] RAX: ffffffffffffffda RBX: 0000000000028100 RCX: 000000000045de29 [ 2341.183401] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 2341.190760] RBP: 00007f35fe88cca0 R08: 0000000000000000 R09: 0000000000000000 [ 2341.198032] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000002f [ 2341.205302] R13: 00007fff731b57af R14: 00007f35fe88d9c0 R15: 000000000118bf2c 22:52:49 executing program 4 (fault-call:6 fault-nth:48): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x14) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(r0, 0x1ff) r1 = socket$inet_sctp(0x2, 0x801, 0x84) sendmsg(r1, &(0x7f0000000040)={&(0x7f0000000240)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x36}}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b2", 0xffe0}], 0x1, 0x0, 0x0, 0x9000004}, 0x0) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) [ 2341.413727] FAULT_INJECTION: forcing a failure. [ 2341.413727] name failslab, interval 1, probability 0, space 0, times 0 [ 2341.431269] CPU: 0 PID: 12869 Comm: syz-executor.4 Not tainted 4.14.198-syzkaller #0 [ 2341.439163] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2341.448866] Call Trace: [ 2341.451457] dump_stack+0x1b2/0x283 [ 2341.455086] should_fail.cold+0x10a/0x154 [ 2341.459232] should_failslab+0xd6/0x130 [ 2341.463210] kmem_cache_alloc_trace+0x47/0x3d0 [ 2341.467804] sctp_add_bind_addr+0x6c/0x350 [ 2341.472560] sctp_copy_local_addr_list+0x2ae/0x400 [ 2341.482272] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2341.487025] ? sctp_bind_addr_copy+0x118/0x430 [ 2341.491621] sctp_bind_addr_copy+0xde/0x430 [ 2341.495942] sctp_sendmsg+0x1c15/0x2cd0 [ 2341.499922] ? sctp_id2assoc+0x210/0x210 [ 2341.503987] ? retint_kernel+0x2d/0x2d [ 2341.507873] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 2341.513237] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2341.517997] ? check_preemption_disabled+0x35/0x240 [ 2341.523006] ? retint_kernel+0x2d/0x2d [ 2341.526914] inet_sendmsg+0x11a/0x4e0 [ 2341.530713] ? security_socket_sendmsg+0x83/0xb0 [ 2341.535487] ? inet_recvmsg+0x4d0/0x4d0 [ 2341.539454] sock_sendmsg+0xb5/0x100 [ 2341.543166] ___sys_sendmsg+0x6c8/0x800 [ 2341.547142] ? get_pid_task+0x91/0x130 [ 2341.551044] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 2341.555797] ? retint_kernel+0x2d/0x2d [ 2341.559681] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 2341.564705] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2341.569900] ? __fget+0x1fe/0x360 [ 2341.573361] ? lock_downgrade+0x740/0x740 [ 2341.577517] ? sockfd_lookup_light+0xb2/0x160 [ 2341.582536] __sys_sendmsg+0xa3/0x120 [ 2341.586325] ? SyS_shutdown+0x160/0x160 [ 2341.590304] ? wait_for_completion_io+0x10/0x10 [ 2341.595071] ? SyS_read+0x210/0x210 [ 2341.598693] SyS_sendmsg+0x27/0x40 [ 2341.602227] ? __sys_sendmsg+0x120/0x120 [ 2341.607253] do_syscall_64+0x1d5/0x640 [ 2341.611174] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2341.616371] RIP: 0033:0x45de29 [ 2341.619571] RSP: 002b:00007f35fe88cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2341.627712] RAX: ffffffffffffffda RBX: 0000000000028100 RCX: 000000000045de29 [ 2341.634994] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 2341.642254] RBP: 00007f35fe88cca0 R08: 0000000000000000 R09: 0000000000000000 [ 2341.649524] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000030 [ 2341.656810] R13: 00007fff731b57af R14: 00007f35fe88d9c0 R15: 000000000118bf2c 22:52:49 executing program 4 (fault-call:6 fault-nth:49): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x14) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(r0, 0x1ff) r1 = socket$inet_sctp(0x2, 0x801, 0x84) sendmsg(r1, &(0x7f0000000040)={&(0x7f0000000240)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x36}}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b2", 0xffe0}], 0x1, 0x0, 0x0, 0x9000004}, 0x0) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) [ 2341.887638] FAULT_INJECTION: forcing a failure. [ 2341.887638] name failslab, interval 1, probability 0, space 0, times 0 [ 2341.917610] CPU: 0 PID: 12879 Comm: syz-executor.4 Not tainted 4.14.198-syzkaller #0 [ 2341.925616] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2341.934975] Call Trace: [ 2341.937595] dump_stack+0x1b2/0x283 [ 2341.941233] should_fail.cold+0x10a/0x154 [ 2341.945395] should_failslab+0xd6/0x130 [ 2341.949385] kmem_cache_alloc_trace+0x47/0x3d0 [ 2341.953971] sctp_add_bind_addr+0x6c/0x350 [ 2341.958215] sctp_copy_local_addr_list+0x2ae/0x400 [ 2341.963152] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2341.967941] sctp_bind_addr_copy+0xde/0x430 [ 2341.973142] sctp_sendmsg+0x1c15/0x2cd0 [ 2341.977158] ? sctp_id2assoc+0x210/0x210 [ 2341.981230] ? rw_copy_check_uvector+0x1dd/0x2b0 [ 2341.985995] ? selinux_socket_sendmsg+0x1d8/0x260 [ 2341.991543] ? selinux_socket_getpeername+0x260/0x260 [ 2341.996745] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 2342.001771] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2342.006603] ? retint_kernel+0x2d/0x2d [ 2342.010522] inet_sendmsg+0x11a/0x4e0 [ 2342.014322] ? security_socket_sendmsg+0x83/0xb0 [ 2342.019084] ? inet_recvmsg+0x4d0/0x4d0 [ 2342.023064] sock_sendmsg+0xb5/0x100 [ 2342.026799] ___sys_sendmsg+0x6c8/0x800 [ 2342.031562] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 2342.036327] ? retint_kernel+0x2d/0x2d [ 2342.040232] ? __fget+0x1fe/0x360 [ 2342.043725] ? lock_downgrade+0x740/0x740 [ 2342.047892] ? sockfd_lookup_light+0xb2/0x160 [ 2342.053357] __sys_sendmsg+0xa3/0x120 [ 2342.058046] ? SyS_shutdown+0x160/0x160 [ 2342.062024] ? wait_for_completion_io+0x10/0x10 [ 2342.066705] ? SyS_read+0x210/0x210 [ 2342.070341] SyS_sendmsg+0x27/0x40 [ 2342.073886] ? __sys_sendmsg+0x120/0x120 [ 2342.077973] do_syscall_64+0x1d5/0x640 [ 2342.081871] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2342.087086] RIP: 0033:0x45de29 [ 2342.090272] RSP: 002b:00007f35fe88cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2342.098690] RAX: ffffffffffffffda RBX: 0000000000028100 RCX: 000000000045de29 [ 2342.105980] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 2342.113257] RBP: 00007f35fe88cca0 R08: 0000000000000000 R09: 0000000000000000 [ 2342.121141] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000031 [ 2342.128783] R13: 00007fff731b57af R14: 00007f35fe88d9c0 R15: 000000000118bf2c 22:52:51 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = getpid() r3 = socket$netlink(0x10, 0x3, 0x0) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) sendmsg$unix(r1, &(0x7f0000001440)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=[@cred={{0x1c, 0x1, 0x2, {r2, 0x0, r4}}}], 0x20}, 0x0) ptrace$cont(0x9, r2, 0x0, 0x4000) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)) ptrace$cont(0x1f, r0, 0x0, 0x0) 22:52:51 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) mmap$dsp(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000002, 0x4010, r3, 0x0) close(r4) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r2, 0x0, r4, 0x0, 0x4ffe2, 0x0) 22:52:51 executing program 2: socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @private1={0xfc, 0x1, [], 0x1}}, 0x1c) 22:52:51 executing program 4 (fault-call:6 fault-nth:50): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x14) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(r0, 0x1ff) r1 = socket$inet_sctp(0x2, 0x801, 0x84) sendmsg(r1, &(0x7f0000000040)={&(0x7f0000000240)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x36}}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b2", 0xffe0}], 0x1, 0x0, 0x0, 0x9000004}, 0x0) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) 22:52:51 executing program 5: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket$netlink(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) r4 = syz_genetlink_get_family_id$nbd(&(0x7f00000000c0)='nbd\x00') sendmsg$NBD_CMD_DISCONNECT(r3, &(0x7f00000002c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x34, r4, 0x10, 0x70bd2c, 0x25dfdbfe, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_TIMEOUT={0xc, 0x4, 0x9}, @NBD_ATTR_SERVER_FLAGS={0xc}]}, 0x34}, 0x1, 0x0, 0x0, 0x854}, 0x8880) sendmsg$NBD_CMD_DISCONNECT(r1, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x5c, r4, 0x501, 0x70bd2a, 0x25dfdbfe, {}, [@NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x10001}, @NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x2}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x2}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x1}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0xb}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x8}]}, 0x5c}, 0x1, 0x0, 0x0, 0x22000000}, 0x400c8d6) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0) r5 = socket$inet_udplite(0x2, 0x2, 0x88) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$USBDEVFS_RELEASE_PORT(r6, 0x80045519, &(0x7f0000000040)=0x8000) 22:52:51 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e123", 0xb5}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) ptrace$cont(0x1f, r0, 0x0, 0x0) [ 2343.258990] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=12899 comm=syz-executor.5 [ 2343.281528] FAULT_INJECTION: forcing a failure. [ 2343.281528] name failslab, interval 1, probability 0, space 0, times 0 [ 2343.317709] CPU: 0 PID: 12897 Comm: syz-executor.4 Not tainted 4.14.198-syzkaller #0 [ 2343.325628] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2343.335004] Call Trace: [ 2343.337596] dump_stack+0x1b2/0x283 [ 2343.341226] should_fail.cold+0x10a/0x154 [ 2343.345379] should_failslab+0xd6/0x130 [ 2343.349359] kmem_cache_alloc_trace+0x47/0x3d0 [ 2343.353943] sctp_add_bind_addr+0x6c/0x350 [ 2343.358186] sctp_copy_local_addr_list+0x2ae/0x400 [ 2343.363122] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2343.367887] sctp_bind_addr_copy+0xde/0x430 [ 2343.372220] sctp_sendmsg+0x1c15/0x2cd0 [ 2343.376209] ? sctp_id2assoc+0x210/0x210 [ 2343.380274] ? rw_copy_check_uvector+0x1dd/0x2b0 [ 2343.385060] ? selinux_socket_sendmsg+0x1d8/0x260 [ 2343.389898] ? selinux_socket_getpeername+0x260/0x260 [ 2343.395078] ? dup_iter+0x240/0x240 [ 2343.398690] ? kernel_recvmsg+0x210/0x210 [ 2343.402831] inet_sendmsg+0x11a/0x4e0 [ 2343.406615] ? security_socket_sendmsg+0x83/0xb0 [ 2343.411381] ? inet_recvmsg+0x4d0/0x4d0 [ 2343.415361] sock_sendmsg+0xb5/0x100 [ 2343.419085] ___sys_sendmsg+0x6c8/0x800 [ 2343.423052] ? get_pid_task+0x91/0x130 [ 2343.426920] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 2343.431759] ? lock_downgrade+0x740/0x740 [ 2343.435895] ? __fget+0x1fe/0x360 [ 2343.439350] ? lock_acquire+0x170/0x3f0 [ 2343.443420] ? lock_downgrade+0x740/0x740 [ 2343.447579] ? sockfd_lookup_light+0xb2/0x160 [ 2343.452149] __sys_sendmsg+0xa3/0x120 [ 2343.455936] ? SyS_shutdown+0x160/0x160 [ 2343.459907] ? wait_for_completion_io+0x10/0x10 [ 2343.464670] ? SyS_read+0x210/0x210 [ 2343.468294] ? SyS_clock_settime+0x1a0/0x1a0 [ 2343.472692] SyS_sendmsg+0x27/0x40 [ 2343.476230] ? __sys_sendmsg+0x120/0x120 [ 2343.480287] do_syscall_64+0x1d5/0x640 [ 2343.484166] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2343.489349] RIP: 0033:0x45de29 [ 2343.492540] RSP: 002b:00007f35fe88cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2343.500667] RAX: ffffffffffffffda RBX: 0000000000028100 RCX: 000000000045de29 [ 2343.507938] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 2343.515204] RBP: 00007f35fe88cca0 R08: 0000000000000000 R09: 0000000000000000 [ 2343.522459] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000032 [ 2343.529712] R13: 00007fff731b57af R14: 00007f35fe88d9c0 R15: 000000000118bf2c 22:52:51 executing program 4 (fault-call:6 fault-nth:51): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x14) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(r0, 0x1ff) r1 = socket$inet_sctp(0x2, 0x801, 0x84) sendmsg(r1, &(0x7f0000000040)={&(0x7f0000000240)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x36}}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b2", 0xffe0}], 0x1, 0x0, 0x0, 0x9000004}, 0x0) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) [ 2343.707935] FAULT_INJECTION: forcing a failure. [ 2343.707935] name failslab, interval 1, probability 0, space 0, times 0 [ 2343.721014] CPU: 0 PID: 12926 Comm: syz-executor.4 Not tainted 4.14.198-syzkaller #0 [ 2343.728908] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2343.739090] Call Trace: [ 2343.741671] dump_stack+0x1b2/0x283 [ 2343.745305] should_fail.cold+0x10a/0x154 [ 2343.749468] should_failslab+0xd6/0x130 [ 2343.753455] kmem_cache_alloc_trace+0x47/0x3d0 [ 2343.758062] sctp_add_bind_addr+0x6c/0x350 [ 2343.762282] sctp_copy_local_addr_list+0x2ae/0x400 [ 2343.767228] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2343.772003] sctp_bind_addr_copy+0xde/0x430 [ 2343.776343] sctp_sendmsg+0x1c15/0x2cd0 [ 2343.780323] ? sctp_id2assoc+0x210/0x210 [ 2343.784381] ? rw_copy_check_uvector+0x1dd/0x2b0 [ 2343.789135] ? retint_kernel+0x2d/0x2d [ 2343.793027] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 2343.798058] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2343.802811] ? check_preemption_disabled+0x35/0x240 [ 2343.807813] ? retint_kernel+0x2d/0x2d [ 2343.811701] ? inet_recvmsg+0x4d0/0x4d0 [ 2343.815660] inet_sendmsg+0x11a/0x4e0 [ 2343.819446] ? inet_recvmsg+0x4d0/0x4d0 [ 2343.824023] sock_sendmsg+0xb5/0x100 [ 2343.827746] ___sys_sendmsg+0x6c8/0x800 [ 2343.831712] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 2343.836466] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 2343.841477] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2343.846232] ? check_preemption_disabled+0x35/0x240 [ 2343.851248] ? __fget+0x1fe/0x360 [ 2343.854698] ? lock_downgrade+0x740/0x740 [ 2343.858832] ? check_preemption_disabled+0x35/0x240 [ 2343.863877] ? sockfd_lookup_light+0xb2/0x160 [ 2343.868371] __sys_sendmsg+0xa3/0x120 [ 2343.872160] ? SyS_shutdown+0x160/0x160 [ 2343.876136] ? wait_for_completion_io+0x10/0x10 [ 2343.880790] ? SyS_read+0x210/0x210 [ 2343.884456] ? SyS_clock_settime+0x1a0/0x1a0 [ 2343.888911] SyS_sendmsg+0x27/0x40 [ 2343.892491] ? __sys_sendmsg+0x120/0x120 [ 2343.896550] do_syscall_64+0x1d5/0x640 [ 2343.900463] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2343.905636] RIP: 0033:0x45de29 [ 2343.908813] RSP: 002b:00007f35fe88cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2343.916556] RAX: ffffffffffffffda RBX: 0000000000028100 RCX: 000000000045de29 [ 2343.925697] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 2343.932971] RBP: 00007f35fe88cca0 R08: 0000000000000000 R09: 0000000000000000 [ 2343.940331] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000033 [ 2343.947608] R13: 00007fff731b57af R14: 00007f35fe88d9c0 R15: 000000000118bf2c 22:52:52 executing program 4 (fault-call:6 fault-nth:52): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x14) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(r0, 0x1ff) r1 = socket$inet_sctp(0x2, 0x801, 0x84) sendmsg(r1, &(0x7f0000000040)={&(0x7f0000000240)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x36}}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b2", 0xffe0}], 0x1, 0x0, 0x0, 0x9000004}, 0x0) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) 22:52:52 executing program 5: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$netlink(0x10, 0x3, 0x0) ioctl$SNDCTL_DSP_GETOSPACE(r1, 0x8010500c, &(0x7f0000000040)) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="480000930c001f81110bf34527ae5d6013f4e8fc50b56842baea1e6a56f4d5a53fa02c588274c87b0e1c8d6c4f4416d8c316c2361eaf5e32e888a16021fcf930e14db8d2012805c83a352041d8c5f586c972dd53438fd2a785186bb25913db50a57c7eaa31c8a8dbb3eb4d9bcd00"/121, @ANYRES32=r3, @ANYBLOB="1f0032a80f00006c616e0000001800028014001000"/31], 0x3}}, 0x0) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) r4 = socket$inet_udplite(0x2, 0x2, 0x88) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(0xffffffffffffffff, 0x8982, &(0x7f0000000140)={0x1, 'rose0\x00', {}, 0x8000}) connect$l2tp(r5, &(0x7f0000000100)={0x2, 0x0, @empty}, 0x10) splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0) 22:52:52 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r3) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f0000000042001c00180002801400103ab6c1ceccc5adf7eb48c14952751026136d8c95776b409d91ca1c2685d438283b9e616e15e4a9570f5070da27043f78aaf6ec83cbfead652c662f52b2e66b284ae602c0db956542e58a2f781cc2547a00"/111], 0x3}}, 0x0) write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc) r5 = socket$inet_udplite(0x2, 0x2, 0x88) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$SG_GET_VERSION_NUM(r6, 0x2282, &(0x7f0000000000)) splice(r2, 0x0, r4, 0x0, 0x4ffe2, 0x0) [ 2344.108002] FAULT_INJECTION: forcing a failure. [ 2344.108002] name failslab, interval 1, probability 0, space 0, times 0 [ 2344.136763] CPU: 1 PID: 12935 Comm: syz-executor.4 Not tainted 4.14.198-syzkaller #0 [ 2344.144678] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2344.154031] Call Trace: 22:52:52 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$VT_RELDISP(r1, 0x5605) socket(0x22, 0x0, 0x0) r2 = creat(&(0x7f0000000000)='./file0\x00', 0x14) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) socket$inet_udplite(0x2, 0x2, 0x88) r4 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x10001) ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000040)={r3, r4}) poll(0x0, 0x0, 0x0) r5 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r5, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) 22:52:52 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) r5 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_int(r5, 0x29, 0x48, &(0x7f0000000240)=0xd, 0x4) getsockopt$inet6_int(r5, 0x29, 0x48, 0x0, &(0x7f00007d0000)) tee(r5, r1, 0x7, 0x5) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r2, 0x0, r4, 0x0, 0x4ffe2, 0x0) [ 2344.156620] dump_stack+0x1b2/0x283 [ 2344.160950] should_fail.cold+0x10a/0x154 [ 2344.165370] should_failslab+0xd6/0x130 [ 2344.169878] kmem_cache_alloc_trace+0x47/0x3d0 [ 2344.174468] sctp_add_bind_addr+0x6c/0x350 [ 2344.178711] sctp_copy_local_addr_list+0x2ae/0x400 [ 2344.183646] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2344.188437] ? sctp_auth_asoc_copy_shkeys+0x1f5/0x2a0 [ 2344.193633] sctp_bind_addr_copy+0xde/0x430 [ 2344.197957] sctp_sendmsg+0x1c15/0x2cd0 [ 2344.201946] ? sctp_id2assoc+0x210/0x210 [ 2344.206014] ? rw_copy_check_uvector+0x1dd/0x2b0 [ 2344.210780] ? selinux_socket_sendmsg+0x1d8/0x260 [ 2344.215624] ? selinux_socket_getpeername+0x260/0x260 [ 2344.220818] ? dup_iter+0x240/0x240 [ 2344.224576] ? kernel_recvmsg+0x210/0x210 [ 2344.228756] inet_sendmsg+0x11a/0x4e0 [ 2344.233347] ? security_socket_sendmsg+0x83/0xb0 [ 2344.238133] ? inet_recvmsg+0x4d0/0x4d0 [ 2344.242113] sock_sendmsg+0xb5/0x100 [ 2344.245833] ___sys_sendmsg+0x6c8/0x800 [ 2344.249813] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 2344.254579] ? check_preemption_disabled+0x35/0x240 [ 2344.260560] ? retint_kernel+0x2d/0x2d [ 2344.264461] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 2344.269506] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2344.274271] ? check_preemption_disabled+0x35/0x240 [ 2344.279286] ? retint_kernel+0x2d/0x2d [ 2344.283200] ? ___sys_sendmsg+0x22/0x800 [ 2344.287263] __sys_sendmsg+0xa3/0x120 [ 2344.291102] ? SyS_shutdown+0x160/0x160 [ 2344.295095] ? wait_for_completion_io+0x10/0x10 [ 2344.299755] ? SyS_read+0x210/0x210 [ 2344.303374] SyS_sendmsg+0x27/0x40 [ 2344.306997] ? __sys_sendmsg+0x120/0x120 [ 2344.311047] do_syscall_64+0x1d5/0x640 [ 2344.314938] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2344.320289] RIP: 0033:0x45de29 [ 2344.323466] RSP: 002b:00007f35fe88cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2344.331172] RAX: ffffffffffffffda RBX: 0000000000028100 RCX: 000000000045de29 [ 2344.338463] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 2344.345749] RBP: 00007f35fe88cca0 R08: 0000000000000000 R09: 0000000000000000 [ 2344.353022] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000034 [ 2344.360287] R13: 00007fff731b57af R14: 00007f35fe88d9c0 R15: 000000000118bf2c 22:52:54 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000000)={0x1, 0xffffffffffffffff, 0x1}) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)) ptrace$cont(0x1f, r0, 0x0, 0x0) 22:52:54 executing program 4 (fault-call:6 fault-nth:53): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x14) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(r0, 0x1ff) r1 = socket$inet_sctp(0x2, 0x801, 0x84) sendmsg(r1, &(0x7f0000000040)={&(0x7f0000000240)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x36}}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b2", 0xffe0}], 0x1, 0x0, 0x0, 0x9000004}, 0x0) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) 22:52:54 executing program 5: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}, 0x1, 0x0, 0x0, 0x80}, 0x0) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0) 22:52:54 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="2a05305188cfba09270012430a00010076786c616e00000018000280140010706c6a879658b05b772d264c9ddf36db1bc2fd5528bc312736e773d8ddea39d110a4802ffff3c0544827ea43195aa74e5ba302b587e34c767ab41a1b67f3caedf4febfbe82d33fad499f74e1b52c23805b1c815b4b7dbf237849855cbe8d7b373071859efb13f9622545bfb2434eff11e96854ae5a5fdee2ea76a3ae019de0c505cb775345585044176345c0368345a1478c07339d2bfaecb55402747e06355b920eaa6ec81d6e1f"], 0x3}}, 0x0) write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r2, 0x0, r4, 0x0, 0x4ffe2, 0x0) 22:52:54 executing program 2: r0 = socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x80100900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) ioctl$sock_SIOCGIFVLAN_SET_VLAN_INGRESS_PRIORITY_CMD(r0, 0x8982, &(0x7f0000000000)={0x2, 'bond_slave_1\x00', {0x1}, 0x1}) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34eedd7627277b17b287", 0xb}], 0x1, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000280)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x50, 0x50, 0x3, [@int, @enum={0x0, 0x5, 0x0, 0x6, 0x4, [{}, {}, {}, {}, {}]}, @enum]}, {0x0, [0x0]}}, 0x0, 0x6b}, 0x20) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f00000193c0)=""/102389, 0x18ff5}], 0x3, 0x0, 0x0, 0x0) tkill(r1, 0x40) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r1, 0x0, 0x0) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r2, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) 22:52:54 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e123", 0xb5}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) ptrace$cont(0x1f, r0, 0x0, 0x0) [ 2346.328349] FAULT_INJECTION: forcing a failure. [ 2346.328349] name failslab, interval 1, probability 0, space 0, times 0 [ 2346.340178] CPU: 0 PID: 12975 Comm: syz-executor.4 Not tainted 4.14.198-syzkaller #0 [ 2346.348066] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2346.357453] Call Trace: [ 2346.360044] dump_stack+0x1b2/0x283 [ 2346.363681] should_fail.cold+0x10a/0x154 [ 2346.367859] should_failslab+0xd6/0x130 [ 2346.371834] kmem_cache_alloc_trace+0x47/0x3d0 [ 2346.376420] sctp_add_bind_addr+0x6c/0x350 [ 2346.380659] sctp_copy_local_addr_list+0x2ae/0x400 [ 2346.385593] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2346.390366] sctp_bind_addr_copy+0xde/0x430 [ 2346.394694] sctp_sendmsg+0x1c15/0x2cd0 [ 2346.398676] ? sctp_id2assoc+0x210/0x210 [ 2346.402740] ? retint_kernel+0x2d/0x2d [ 2346.406654] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 2346.411671] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2346.416431] ? check_preemption_disabled+0x35/0x240 [ 2346.421445] ? retint_kernel+0x2d/0x2d [ 2346.425340] inet_sendmsg+0x11a/0x4e0 [ 2346.429138] ? security_socket_sendmsg+0x83/0xb0 [ 2346.433896] ? inet_recvmsg+0x4d0/0x4d0 [ 2346.437919] sock_sendmsg+0xb5/0x100 [ 2346.441611] ___sys_sendmsg+0x6c8/0x800 [ 2346.445568] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 2346.450303] ? retint_kernel+0x2d/0x2d [ 2346.454197] ? lock_release+0x41e/0x870 [ 2346.459198] ? lock_acquire+0x170/0x3f0 [ 2346.463170] ? lock_downgrade+0x740/0x740 [ 2346.467329] ? sockfd_lookup_light+0xb2/0x160 [ 2346.472563] __sys_sendmsg+0xa3/0x120 [ 2346.476358] ? SyS_shutdown+0x160/0x160 [ 2346.480329] ? wait_for_completion_io+0x10/0x10 [ 2346.484983] ? SyS_read+0x210/0x210 [ 2346.488595] SyS_sendmsg+0x27/0x40 [ 2346.492127] ? __sys_sendmsg+0x120/0x120 [ 2346.496182] do_syscall_64+0x1d5/0x640 [ 2346.500077] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2346.505261] RIP: 0033:0x45de29 [ 2346.508447] RSP: 002b:00007f35fe88cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2346.516172] RAX: ffffffffffffffda RBX: 0000000000028100 RCX: 000000000045de29 [ 2346.524401] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 2346.531691] RBP: 00007f35fe88cca0 R08: 0000000000000000 R09: 0000000000000000 [ 2346.538960] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000035 [ 2346.546617] R13: 00007fff731b57af R14: 00007f35fe88d9c0 R15: 000000000118bf2c 22:52:54 executing program 4 (fault-call:6 fault-nth:54): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x14) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(r0, 0x1ff) r1 = socket$inet_sctp(0x2, 0x801, 0x84) sendmsg(r1, &(0x7f0000000040)={&(0x7f0000000240)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x36}}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b2", 0xffe0}], 0x1, 0x0, 0x0, 0x9000004}, 0x0) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) [ 2346.697638] FAULT_INJECTION: forcing a failure. [ 2346.697638] name failslab, interval 1, probability 0, space 0, times 0 [ 2346.709552] CPU: 1 PID: 13000 Comm: syz-executor.4 Not tainted 4.14.198-syzkaller #0 [ 2346.717455] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2346.726813] Call Trace: [ 2346.729450] dump_stack+0x1b2/0x283 [ 2346.733091] should_fail.cold+0x10a/0x154 [ 2346.737242] should_failslab+0xd6/0x130 [ 2346.741222] kmem_cache_alloc_trace+0x47/0x3d0 [ 2346.745814] sctp_add_bind_addr+0x6c/0x350 [ 2346.750059] sctp_copy_local_addr_list+0x2ae/0x400 [ 2346.755007] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2346.760133] sctp_bind_addr_copy+0xde/0x430 [ 2346.764457] sctp_sendmsg+0x1c15/0x2cd0 [ 2346.768438] ? sctp_id2assoc+0x210/0x210 [ 2346.772515] ? rw_copy_check_uvector+0x1dd/0x2b0 [ 2346.777293] ? selinux_socket_sendmsg+0x1d8/0x260 [ 2346.782133] ? selinux_socket_getpeername+0x260/0x260 [ 2346.787319] ? dup_iter+0x240/0x240 [ 2346.790963] ? kernel_recvmsg+0x210/0x210 [ 2346.795106] inet_sendmsg+0x11a/0x4e0 [ 2346.798900] ? security_socket_sendmsg+0x83/0xb0 [ 2346.803650] ? inet_recvmsg+0x4d0/0x4d0 [ 2346.807631] sock_sendmsg+0xb5/0x100 [ 2346.811346] ___sys_sendmsg+0x6c8/0x800 [ 2346.815317] ? get_pid_task+0x91/0x130 [ 2346.819198] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 2346.823952] ? lock_downgrade+0x740/0x740 [ 2346.829247] ? __fget+0x1fe/0x360 [ 2346.832695] ? lock_acquire+0x170/0x3f0 [ 2346.836674] ? lock_downgrade+0x740/0x740 [ 2346.840833] ? sockfd_lookup_light+0xb2/0x160 [ 2346.845323] __sys_sendmsg+0xa3/0x120 [ 2346.849120] ? SyS_shutdown+0x160/0x160 [ 2346.853090] ? wait_for_completion_io+0x10/0x10 [ 2346.857770] ? SyS_read+0x210/0x210 [ 2346.861389] SyS_sendmsg+0x27/0x40 [ 2346.865005] ? __sys_sendmsg+0x120/0x120 [ 2346.869070] do_syscall_64+0x1d5/0x640 [ 2346.872955] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2346.878517] RIP: 0033:0x45de29 [ 2346.881706] RSP: 002b:00007f35fe88cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2346.890369] RAX: ffffffffffffffda RBX: 0000000000028100 RCX: 000000000045de29 22:52:55 executing program 4 (fault-call:6 fault-nth:55): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x14) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(r0, 0x1ff) r1 = socket$inet_sctp(0x2, 0x801, 0x84) sendmsg(r1, &(0x7f0000000040)={&(0x7f0000000240)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x36}}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b2", 0xffe0}], 0x1, 0x0, 0x0, 0x9000004}, 0x0) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) [ 2346.898522] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 2346.905790] RBP: 00007f35fe88cca0 R08: 0000000000000000 R09: 0000000000000000 [ 2346.913594] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000036 [ 2346.920858] R13: 00007fff731b57af R14: 00007f35fe88d9c0 R15: 000000000118bf2c [ 2346.981939] FAULT_INJECTION: forcing a failure. [ 2346.981939] name failslab, interval 1, probability 0, space 0, times 0 [ 2346.995365] CPU: 1 PID: 13007 Comm: syz-executor.4 Not tainted 4.14.198-syzkaller #0 [ 2347.003234] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2347.012577] Call Trace: [ 2347.015179] dump_stack+0x1b2/0x283 [ 2347.018882] should_fail.cold+0x10a/0x154 [ 2347.023122] should_failslab+0xd6/0x130 [ 2347.027099] kmem_cache_alloc_trace+0x47/0x3d0 [ 2347.031676] sctp_add_bind_addr+0x6c/0x350 [ 2347.035907] sctp_copy_local_addr_list+0x2ae/0x400 [ 2347.040831] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2347.045583] sctp_bind_addr_copy+0xde/0x430 [ 2347.049896] sctp_sendmsg+0x1c15/0x2cd0 [ 2347.053895] ? sctp_id2assoc+0x210/0x210 [ 2347.057959] ? rw_copy_check_uvector+0x1dd/0x2b0 [ 2347.062711] ? selinux_socket_sendmsg+0x1d8/0x260 [ 2347.067626] ? selinux_socket_getpeername+0x260/0x260 [ 2347.072812] ? dup_iter+0x240/0x240 [ 2347.076434] ? kernel_recvmsg+0x210/0x210 22:52:55 executing program 5: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket$netlink(0x10, 0x3, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000040)={0x5, 0x400, 0x7, 0x5, 0x0}, &(0x7f0000000100)=0x10) ioctl$EVIOCSABS2F(r1, 0x401845ef, &(0x7f0000000180)={0x1, 0x8, 0x9, 0x9, 0xffff, 0x1}) setsockopt$inet_sctp_SCTP_ADD_STREAMS(r1, 0x84, 0x79, &(0x7f0000000140)={r3, 0x3}, 0x8) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00', @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) r4 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_int(r4, 0x29, 0x48, &(0x7f0000000240)=0xd, 0x4) getsockopt$inet6_int(r4, 0x29, 0x48, 0x0, &(0x7f00007d0000)) splice(r4, 0x0, r2, 0x0, 0x4ffde, 0x0) setsockopt$IP_VS_SO_SET_DEL(r1, 0x0, 0x484, &(0x7f00000001c0)={0x2, @multicast2, 0x4e24, 0x4, 'lc\x00', 0x4, 0xfffffffd, 0x18}, 0x2c) [ 2347.080583] inet_sendmsg+0x11a/0x4e0 [ 2347.084374] ? security_socket_sendmsg+0x83/0xb0 [ 2347.089486] ? inet_recvmsg+0x4d0/0x4d0 [ 2347.093470] sock_sendmsg+0xb5/0x100 [ 2347.097166] ___sys_sendmsg+0x6c8/0x800 [ 2347.101129] ? get_pid_task+0x91/0x130 [ 2347.105046] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 2347.109801] ? lock_downgrade+0x740/0x740 [ 2347.113979] ? __fget+0x1fe/0x360 [ 2347.117440] ? lock_acquire+0x170/0x3f0 [ 2347.121414] ? lock_downgrade+0x740/0x740 [ 2347.125576] ? sockfd_lookup_light+0xb2/0x160 22:52:55 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc) r5 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cachefiles\x00', 0x210400, 0x0) setsockopt$CAN_RAW_FILTER(r5, 0x65, 0x1, &(0x7f0000000100)=[{{0x1}, {0x2, 0x0, 0x1, 0x1}}, {{0x1, 0x0, 0x1}, {0x2, 0x1}}, {{0x2}, {0x3, 0x0, 0x1}}, {{0x3, 0x1}, {0x2, 0x0, 0x1}}, {{0x4}, {0x2, 0x1, 0x1}}, {{0x3, 0x0, 0x1, 0x1}, {0x1, 0x0, 0x1, 0x1}}, {{0x0, 0x1, 0x0, 0x1}, {0x1}}, {{0x2, 0x1}, {0x4, 0x1, 0x0, 0x1}}], 0x40) splice(r2, 0x0, r4, 0x0, 0x4ffe2, 0x0) [ 2347.130163] __sys_sendmsg+0xa3/0x120 [ 2347.133963] ? SyS_shutdown+0x160/0x160 [ 2347.137936] ? wait_for_completion_io+0x10/0x10 [ 2347.142615] ? SyS_read+0x210/0x210 [ 2347.146243] ? SyS_clock_settime+0x1a0/0x1a0 [ 2347.151527] SyS_sendmsg+0x27/0x40 [ 2347.155155] ? __sys_sendmsg+0x120/0x120 [ 2347.159831] do_syscall_64+0x1d5/0x640 [ 2347.163930] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2347.169123] RIP: 0033:0x45de29 [ 2347.172297] RSP: 002b:00007f35fe88cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2347.180081] RAX: ffffffffffffffda RBX: 0000000000028100 RCX: 000000000045de29 [ 2347.187336] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 2347.194597] RBP: 00007f35fe88cca0 R08: 0000000000000000 R09: 0000000000000000 [ 2347.201866] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000037 [ 2347.209399] R13: 00007fff731b57af R14: 00007f35fe88d9c0 R15: 000000000118bf2c 22:52:55 executing program 4 (fault-call:6 fault-nth:56): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x14) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(r0, 0x1ff) r1 = socket$inet_sctp(0x2, 0x801, 0x84) sendmsg(r1, &(0x7f0000000040)={&(0x7f0000000240)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x36}}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b2", 0xffe0}], 0x1, 0x0, 0x0, 0x9000004}, 0x0) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) [ 2347.398787] FAULT_INJECTION: forcing a failure. [ 2347.398787] name failslab, interval 1, probability 0, space 0, times 0 [ 2347.410565] CPU: 1 PID: 13031 Comm: syz-executor.4 Not tainted 4.14.198-syzkaller #0 [ 2347.418445] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2347.427786] Call Trace: [ 2347.430374] dump_stack+0x1b2/0x283 [ 2347.434012] should_fail.cold+0x10a/0x154 [ 2347.438181] should_failslab+0xd6/0x130 [ 2347.442140] kmem_cache_alloc_trace+0x47/0x3d0 [ 2347.446718] sctp_add_bind_addr+0x6c/0x350 [ 2347.450952] sctp_copy_local_addr_list+0x2ae/0x400 [ 2347.455862] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2347.460598] sctp_bind_addr_copy+0xde/0x430 [ 2347.464915] sctp_sendmsg+0x1c15/0x2cd0 [ 2347.468897] ? sctp_id2assoc+0x210/0x210 [ 2347.472972] ? rw_copy_check_uvector+0x1dd/0x2b0 [ 2347.477719] ? selinux_socket_sendmsg+0x1d8/0x260 [ 2347.482550] ? selinux_socket_getpeername+0x260/0x260 [ 2347.487737] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 2347.492750] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2347.497508] ? retint_kernel+0x2d/0x2d [ 2347.501385] inet_sendmsg+0x11a/0x4e0 [ 2347.505192] ? security_socket_sendmsg+0x83/0xb0 [ 2347.509945] ? inet_recvmsg+0x4d0/0x4d0 [ 2347.513914] sock_sendmsg+0xb5/0x100 [ 2347.517608] ___sys_sendmsg+0x6c8/0x800 [ 2347.521567] ? get_pid_task+0x91/0x130 [ 2347.525451] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 2347.530888] ? lock_downgrade+0x740/0x740 [ 2347.535041] ? retint_kernel+0x2d/0x2d [ 2347.538915] ? __fget+0x1fe/0x360 [ 2347.542363] ? lock_acquire+0x170/0x3f0 [ 2347.546320] ? lock_downgrade+0x740/0x740 [ 2347.550460] ? sockfd_lookup_light+0xb2/0x160 [ 2347.554968] __sys_sendmsg+0xa3/0x120 [ 2347.558766] ? SyS_shutdown+0x160/0x160 [ 2347.562729] ? wait_for_completion_io+0x10/0x10 [ 2347.567398] ? SyS_read+0x210/0x210 [ 2347.571004] ? SyS_clock_settime+0x1a0/0x1a0 [ 2347.575396] SyS_sendmsg+0x27/0x40 [ 2347.578914] ? __sys_sendmsg+0x120/0x120 [ 2347.582987] do_syscall_64+0x1d5/0x640 [ 2347.586861] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2347.592045] RIP: 0033:0x45de29 [ 2347.595236] RSP: 002b:00007f35fe88cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2347.602936] RAX: ffffffffffffffda RBX: 0000000000028100 RCX: 000000000045de29 [ 2347.610212] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 2347.617471] RBP: 00007f35fe88cca0 R08: 0000000000000000 R09: 0000000000000000 [ 2347.624735] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000038 [ 2347.631995] R13: 00007fff731b57af R14: 00007f35fe88d9c0 R15: 000000000118bf2c 22:52:55 executing program 4 (fault-call:6 fault-nth:57): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x14) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(r0, 0x1ff) r1 = socket$inet_sctp(0x2, 0x801, 0x84) sendmsg(r1, &(0x7f0000000040)={&(0x7f0000000240)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x36}}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b2", 0xffe0}], 0x1, 0x0, 0x0, 0x9000004}, 0x0) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) [ 2347.711273] FAULT_INJECTION: forcing a failure. [ 2347.711273] name failslab, interval 1, probability 0, space 0, times 0 [ 2347.722758] CPU: 1 PID: 13039 Comm: syz-executor.4 Not tainted 4.14.198-syzkaller #0 [ 2347.730629] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2347.739985] Call Trace: [ 2347.742560] dump_stack+0x1b2/0x283 [ 2347.746186] should_fail.cold+0x10a/0x154 [ 2347.750351] should_failslab+0xd6/0x130 [ 2347.754332] kmem_cache_alloc_trace+0x47/0x3d0 [ 2347.758927] sctp_add_bind_addr+0x6c/0x350 [ 2347.763169] sctp_copy_local_addr_list+0x2ae/0x400 [ 2347.768094] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2347.772847] sctp_bind_addr_copy+0xde/0x430 [ 2347.777254] sctp_sendmsg+0x1c15/0x2cd0 [ 2347.781247] ? sctp_id2assoc+0x210/0x210 [ 2347.785305] ? rw_copy_check_uvector+0x1dd/0x2b0 [ 2347.790077] ? selinux_socket_sendmsg+0x1d8/0x260 [ 2347.794930] ? selinux_socket_getpeername+0x260/0x260 [ 2347.800138] ? dup_iter+0x240/0x240 [ 2347.803773] ? kernel_recvmsg+0x210/0x210 [ 2347.807933] inet_sendmsg+0x11a/0x4e0 [ 2347.811743] ? security_socket_sendmsg+0x83/0xb0 [ 2347.816505] ? inet_recvmsg+0x4d0/0x4d0 [ 2347.820480] sock_sendmsg+0xb5/0x100 [ 2347.824194] ___sys_sendmsg+0x6c8/0x800 [ 2347.828957] ? get_pid_task+0x91/0x130 [ 2347.832858] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 2347.837619] ? lock_downgrade+0x740/0x740 [ 2347.841794] ? __fget+0x1fe/0x360 [ 2347.845509] ? lock_acquire+0x170/0x3f0 [ 2347.849483] ? lock_downgrade+0x740/0x740 [ 2347.853647] ? sockfd_lookup_light+0xb2/0x160 [ 2347.858139] __sys_sendmsg+0xa3/0x120 [ 2347.861951] ? SyS_shutdown+0x160/0x160 [ 2347.865950] SyS_sendmsg+0x27/0x40 [ 2347.869480] ? __sys_sendmsg+0x120/0x120 [ 2347.873538] do_syscall_64+0x1d5/0x640 [ 2347.877431] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2347.882711] RIP: 0033:0x45de29 [ 2347.885896] RSP: 002b:00007f35fe88cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2347.893612] RAX: ffffffffffffffda RBX: 0000000000028100 RCX: 000000000045de29 [ 2347.900875] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 2347.908134] RBP: 00007f35fe88cca0 R08: 0000000000000000 R09: 0000000000000000 [ 2347.915412] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000039 [ 2347.922689] R13: 00007fff731b57af R14: 00007f35fe88d9c0 R15: 000000000118bf2c 22:52:57 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() getsockopt$IPT_SO_GET_REVISION_TARGET(0xffffffffffffffff, 0x0, 0x43, &(0x7f0000000600)={'ah\x00'}, &(0x7f0000000640)=0x1e) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$GIO_FONTX(r2, 0x4b6b, &(0x7f0000000000)={0x145, 0x12, &(0x7f0000000200)}) wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) getsockopt$IPT_SO_GET_REVISION_TARGET(r2, 0x0, 0x43, &(0x7f0000000040)={'ah\x00'}, &(0x7f0000000080)=0x1e) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)) ptrace$cont(0x1f, r0, 0x0, 0x0) 22:52:57 executing program 4 (fault-call:6 fault-nth:58): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x14) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(r0, 0x1ff) r1 = socket$inet_sctp(0x2, 0x801, 0x84) sendmsg(r1, &(0x7f0000000040)={&(0x7f0000000240)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x36}}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b2", 0xffe0}], 0x1, 0x0, 0x0, 0x9000004}, 0x0) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) 22:52:57 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) socket$netlink(0x10, 0x3, 0x2) sendmsg$NFT_MSG_GETTABLE(r3, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x20, 0x1, 0xa, 0x101, 0x0, 0x0, {0x5, 0x0, 0x5}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x24000080}, 0x4040040) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r2, 0x0, r4, 0x0, 0x4ffe2, 0x0) 22:52:57 executing program 5: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYRES64], 0x3}}, 0x0) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0) 22:52:57 executing program 2: r0 = socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000140)='/dev/null\x00', 0x240400, 0x0) setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r2, 0x84, 0x15, &(0x7f0000000180)={0x20}, 0x1) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000200)='IPVS\x00') sendmsg$IPVS_CMD_SET_DEST(r0, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x14, r3, 0x800, 0x70bd2c, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x800) sendmsg$RDMA_NLDEV_CMD_PORT_GET(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x20, 0x1405, 0x2, 0x70bd28, 0x25dfdbfe, "", [{{0x8}, {0x8}}]}, 0x20}, 0x1, 0x0, 0x0, 0x4048000}, 0x4008800) 22:52:57 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e123", 0xb5}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) ptrace$cont(0x1f, r0, 0x0, 0x0) [ 2349.347725] FAULT_INJECTION: forcing a failure. [ 2349.347725] name failslab, interval 1, probability 0, space 0, times 0 [ 2349.379205] CPU: 1 PID: 13049 Comm: syz-executor.4 Not tainted 4.14.198-syzkaller #0 [ 2349.387217] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2349.396600] Call Trace: [ 2349.399212] dump_stack+0x1b2/0x283 [ 2349.402879] should_fail.cold+0x10a/0x154 [ 2349.407929] should_failslab+0xd6/0x130 [ 2349.411917] kmem_cache_alloc_trace+0x47/0x3d0 [ 2349.416512] sctp_add_bind_addr+0x6c/0x350 [ 2349.420766] sctp_copy_local_addr_list+0x2ae/0x400 [ 2349.425708] ? sctp_inet_bind_verify+0x1c0/0x1c0 [ 2349.430558] sctp_bind_addr_copy+0xde/0x430 [ 2349.434897] sctp_sendmsg+0x1c15/0x2cd0 [ 2349.438883] ? sctp_id2assoc+0x210/0x210 [ 2349.442950] ? retint_kernel+0x2d/0x2d [ 2349.446847] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 2349.451865] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2349.456628] ? check_preemption_disabled+0x35/0x240 [ 2349.461641] ? retint_kernel+0x2d/0x2d [ 2349.465528] ? inet_sendmsg+0x4e/0x4e0 [ 2349.469415] inet_sendmsg+0x11a/0x4e0 [ 2349.473215] ? security_socket_sendmsg+0x83/0xb0 [ 2349.478003] ? inet_recvmsg+0x4d0/0x4d0 [ 2349.481989] sock_sendmsg+0xb5/0x100 [ 2349.485707] ___sys_sendmsg+0x6c8/0x800 [ 2349.489687] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 2349.494447] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 2349.499466] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2349.504235] ? check_preemption_disabled+0x35/0x240 [ 2349.509266] ? retint_kernel+0x2d/0x2d [ 2349.513155] ? __fget+0x1fe/0x360 [ 2349.516611] ? lock_downgrade+0x740/0x740 [ 2349.520771] ? sockfd_lookup_light+0xb2/0x160 [ 2349.525273] __sys_sendmsg+0xa3/0x120 [ 2349.529066] ? SyS_shutdown+0x160/0x160 [ 2349.533031] ? wait_for_completion_io+0x10/0x10 [ 2349.537713] ? SyS_read+0x210/0x210 [ 2349.541367] ? SyS_clock_settime+0x1a0/0x1a0 [ 2349.545781] SyS_sendmsg+0x27/0x40 [ 2349.549313] ? __sys_sendmsg+0x120/0x120 [ 2349.553365] do_syscall_64+0x1d5/0x640 [ 2349.557264] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2349.562463] RIP: 0033:0x45de29 [ 2349.565649] RSP: 002b:00007f35fe88cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2349.573357] RAX: ffffffffffffffda RBX: 0000000000028100 RCX: 000000000045de29 [ 2349.583937] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 2349.591209] RBP: 00007f35fe88cca0 R08: 0000000000000000 R09: 0000000000000000 [ 2349.598478] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000003a [ 2349.605741] R13: 00007fff731b57af R14: 00007f35fe88d9c0 R15: 000000000118bf2c 22:52:57 executing program 4 (fault-call:6 fault-nth:59): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x14) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(r0, 0x1ff) r1 = socket$inet_sctp(0x2, 0x801, 0x84) sendmsg(r1, &(0x7f0000000040)={&(0x7f0000000240)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x36}}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b2", 0xffe0}], 0x1, 0x0, 0x0, 0x9000004}, 0x0) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) [ 2349.643435] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.5'. [ 2349.702080] FAULT_INJECTION: forcing a failure. [ 2349.702080] name failslab, interval 1, probability 0, space 0, times 0 [ 2349.714878] CPU: 1 PID: 13081 Comm: syz-executor.4 Not tainted 4.14.198-syzkaller #0 [ 2349.722816] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2349.732179] Call Trace: [ 2349.734772] dump_stack+0x1b2/0x283 [ 2349.738413] should_fail.cold+0x10a/0x154 [ 2349.742547] should_failslab+0xd6/0x130 [ 2349.746527] kmem_cache_alloc+0x40/0x3c0 [ 2349.750584] dst_alloc+0xed/0x6d0 [ 2349.754029] rt_dst_alloc+0x6b/0x430 [ 2349.757751] ip_route_output_key_hash_rcu+0xab7/0x2990 [ 2349.763068] ip_route_output_key_hash+0x195/0x2a0 [ 2349.767912] ? ip_route_output_key_hash_rcu+0x2990/0x2990 [ 2349.773446] ? mark_held_locks+0xa6/0xf0 [ 2349.777503] ? sock_sendmsg+0xb5/0x100 [ 2349.781395] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 2349.786414] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2349.791167] ip_route_output_flow+0x22/0xb0 [ 2349.795481] sctp_v4_get_dst+0x324/0xf10 [ 2349.799537] ? mark_held_locks+0xa6/0xf0 [ 2349.803594] ? _raw_spin_unlock_irqrestore+0x79/0xe0 [ 2349.808692] ? sctp_v4_create_accept_sk+0x1c0/0x1c0 [ 2349.814568] ? memset+0x20/0x40 [ 2349.817838] ? memzero_explicit+0xe/0x10 [ 2349.822000] ? _get_random_bytes+0x23c/0x640 [ 2349.826430] sctp_transport_route+0xa1/0x410 [ 2349.830833] sctp_assoc_add_peer+0x4d7/0x1020 [ 2349.835334] sctp_sendmsg+0x1df5/0x2cd0 [ 2349.839324] ? sctp_id2assoc+0x210/0x210 [ 2349.843397] ? rw_copy_check_uvector+0x1dd/0x2b0 [ 2349.848418] ? selinux_socket_sendmsg+0x1d8/0x260 [ 2349.853266] ? selinux_socket_getpeername+0x260/0x260 [ 2349.858478] ? dup_iter+0x240/0x240 [ 2349.862383] ? kernel_recvmsg+0x210/0x210 [ 2349.866538] inet_sendmsg+0x11a/0x4e0 [ 2349.872880] ? security_socket_sendmsg+0x83/0xb0 [ 2349.877638] ? inet_recvmsg+0x4d0/0x4d0 [ 2349.881610] sock_sendmsg+0xb5/0x100 [ 2349.885325] ___sys_sendmsg+0x6c8/0x800 [ 2349.889314] ? get_pid_task+0x91/0x130 [ 2349.893205] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 2349.897975] ? lock_downgrade+0x740/0x740 [ 2349.902124] ? __fget+0x1fe/0x360 [ 2349.905573] ? lock_acquire+0x170/0x3f0 [ 2349.909544] ? lock_downgrade+0x740/0x740 [ 2349.913696] ? sockfd_lookup_light+0xb2/0x160 [ 2349.918184] __sys_sendmsg+0xa3/0x120 [ 2349.921985] ? SyS_shutdown+0x160/0x160 [ 2349.925965] ? wait_for_completion_io+0x10/0x10 [ 2349.930634] ? SyS_read+0x210/0x210 [ 2349.934254] ? SyS_clock_settime+0x1a0/0x1a0 [ 2349.938668] SyS_sendmsg+0x27/0x40 [ 2349.942220] ? __sys_sendmsg+0x120/0x120 [ 2349.946280] do_syscall_64+0x1d5/0x640 [ 2349.950169] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2349.955351] RIP: 0033:0x45de29 [ 2349.958525] RSP: 002b:00007f35fe88cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2349.966233] RAX: ffffffffffffffda RBX: 0000000000028100 RCX: 000000000045de29 [ 2349.973510] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 2349.980778] RBP: 00007f35fe88cca0 R08: 0000000000000000 R09: 0000000000000000 [ 2349.988068] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000003b [ 2349.995334] R13: 00007fff731b57af R14: 00007f35fe88d9c0 R15: 000000000118bf2c 22:52:58 executing program 5: move_pages(0x0, 0x2, &(0x7f0000000040)=[&(0x7f0000001000/0x2000)=nil, &(0x7f0000001000/0x3000)=nil], &(0x7f0000000100)=[0x9, 0x7, 0x80000000, 0x2, 0x4, 0x3ff, 0x20], &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0) 22:52:58 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) socket$inet6_tcp(0xa, 0x1, 0x0) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) socket$netlink(0x10, 0x3, 0x0) r5 = socket$inet_udplite(0x2, 0x2, 0x88) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) bind$inet(r6, &(0x7f0000000100)={0x2, 0x4e20, @empty}, 0x10) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc) r7 = socket$inet(0x2, 0x2, 0x5) ioctl$sock_inet_SIOCGIFNETMASK(r7, 0x891b, &(0x7f0000000240)={'hsr0\x00', {0x2, 0x0, @initdev}}) write$binfmt_misc(r4, &(0x7f0000000280)=ANY=[@ANYBLOB="73797a309f892c767b589487ceb4ede7aac4e1d4d6b87882859e47871c4e066edc395ec4e0a125588c591228c91fc84466b4c9bd56856c501b5d9044a8a4decf06e3a1e1ef87baac9edec7d46a676a88198c661b39432d59638dc8d10abb1854e153b173fffdeb407cc641c6eabd34b6411e6f980c3242274b9d1cb4c7350b4be5378d60c2fd0ad28ac0855bce2d90f9063f801b4612974896ca8a1862be13d98b098670214fbbe6cc8880f7b25eb1278b579be24cd451d1a4555f5edf0d7c47e572cfdf34b9a90ed4070b5b930fb4a088d097e0035b82e76aee698700b66012d72f19a83864c5a4fffb7b19a69b013654ec429966daf2ae6d6043c16bfb5b08000000000000053859ef00000000000000"], 0x69) lsetxattr$trusted_overlay_redirect(&(0x7f0000000040)='./file0\x00', &(0x7f0000000180)='trusted.overlay.redirect\x00', &(0x7f00000001c0)='./file0\x00', 0x8, 0x1) splice(r2, 0x0, r4, 0x0, 0x4ffe2, 0x0) 22:52:58 executing program 2: socket(0x0, 0x0, 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) getsockopt$inet_sctp_SCTP_ASSOCINFO(r1, 0x84, 0x1, &(0x7f0000000000)={0x0, 0x6, 0x1, 0x8, 0xfffffffd, 0xffffffff}, &(0x7f0000000040)=0x14) poll(0x0, 0x0, 0x0) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r2, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) 22:52:58 executing program 4 (fault-call:6 fault-nth:60): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x14) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(r0, 0x1ff) r1 = socket$inet_sctp(0x2, 0x801, 0x84) sendmsg(r1, &(0x7f0000000040)={&(0x7f0000000240)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x36}}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b2", 0xffe0}], 0x1, 0x0, 0x0, 0x9000004}, 0x0) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) [ 2350.623706] FAULT_INJECTION: forcing a failure. [ 2350.623706] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2350.635700] CPU: 0 PID: 13112 Comm: syz-executor.4 Not tainted 4.14.198-syzkaller #0 [ 2350.643578] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2350.652936] Call Trace: [ 2350.655533] dump_stack+0x1b2/0x283 [ 2350.659166] should_fail.cold+0x10a/0x154 [ 2350.663315] __alloc_pages_nodemask+0x22c/0x2720 [ 2350.668093] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 2350.672922] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 2350.682944] ? fib4_rule_action+0x1f5/0x320 [ 2350.687310] ? fib_rules_lookup+0x2f9/0x940 [ 2350.691628] cache_grow_begin+0x8f/0x420 [ 2350.695677] cache_alloc_refill+0x273/0x350 [ 2350.699997] kmem_cache_alloc+0x333/0x3c0 [ 2350.704163] dst_alloc+0xed/0x6d0 [ 2350.707622] rt_dst_alloc+0x6b/0x430 [ 2350.711337] ip_route_output_key_hash_rcu+0xab7/0x2990 [ 2350.716615] ip_route_output_key_hash+0x195/0x2a0 [ 2350.721468] ? ip_route_output_key_hash_rcu+0x2990/0x2990 [ 2350.727011] ? retint_kernel+0x2d/0x2d [ 2350.730885] ip_route_output_flow+0x22/0xb0 [ 2350.735197] sctp_v4_get_dst+0x324/0xf10 [ 2350.739264] ? mark_held_locks+0xa6/0xf0 [ 2350.744973] ? _raw_spin_unlock_irqrestore+0x79/0xe0 [ 2350.750065] ? sctp_v4_create_accept_sk+0x1c0/0x1c0 [ 2350.755074] ? memset+0x20/0x40 [ 2350.758530] ? memzero_explicit+0xe/0x10 [ 2350.762598] ? _get_random_bytes+0x23c/0x640 [ 2350.767005] sctp_transport_route+0xa1/0x410 [ 2350.771402] sctp_assoc_add_peer+0x4d7/0x1020 [ 2350.775903] sctp_sendmsg+0x1df5/0x2cd0 [ 2350.779875] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2350.784629] ? sctp_id2assoc+0x210/0x210 [ 2350.788706] ? retint_kernel+0x2d/0x2d [ 2350.793399] ? import_iovec+0xa6/0x360 [ 2350.797286] ? __sanitizer_cov_trace_pc+0x23/0x50 [ 2350.802218] ? selinux_socket_sendmsg+0x1d8/0x260 [ 2350.807057] ? selinux_socket_getpeername+0x260/0x260 [ 2350.812264] ? dup_iter+0x240/0x240 [ 2350.815901] ? kernel_recvmsg+0x210/0x210 [ 2350.820071] inet_sendmsg+0x11a/0x4e0 [ 2350.823876] ? security_socket_sendmsg+0x83/0xb0 [ 2350.828617] ? inet_recvmsg+0x4d0/0x4d0 [ 2350.832577] sock_sendmsg+0xb5/0x100 [ 2350.836297] ___sys_sendmsg+0x6c8/0x800 [ 2350.840729] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 2350.845680] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2350.850438] ? check_preemption_disabled+0x35/0x240 [ 2350.855457] ? retint_kernel+0x2d/0x2d [ 2350.859363] ? __fget+0x1fe/0x360 [ 2350.862804] ? lock_acquire+0x170/0x3f0 [ 2350.867019] ? lock_downgrade+0x740/0x740 [ 2350.871162] ? sockfd_lookup_light+0xb2/0x160 [ 2350.875674] __sys_sendmsg+0xa3/0x120 [ 2350.879514] ? SyS_shutdown+0x160/0x160 [ 2350.883479] ? check_preemption_disabled+0x35/0x240 [ 2350.888497] SyS_sendmsg+0x27/0x40 [ 2350.892022] ? __sys_sendmsg+0x120/0x120 [ 2350.896067] do_syscall_64+0x1d5/0x640 [ 2350.899957] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2350.905141] RIP: 0033:0x45de29 [ 2350.908308] RSP: 002b:00007f35fe88cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2350.916005] RAX: ffffffffffffffda RBX: 0000000000028100 RCX: 000000000045de29 22:52:59 executing program 5: pipe(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) bind$x25(r1, &(0x7f0000000240)={0x9, @remote={[], 0x3}}, 0x12) close(r2) socket$netlink(0x10, 0x3, 0x15) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[@ANYBLOB="480000aa5f3d1a00f893433d3e28ac0010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) r3 = socket$inet_udplite(0x2, 0x2, 0x88) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) sendmsg$L2TP_CMD_SESSION_MODIFY(r4, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000180)={&(0x7f0000000040)={0x30, 0x0, 0x20, 0x70bd28, 0x25dfdbfb, {}, [@L2TP_ATTR_PROTO_VERSION={0x5, 0x7, 0x2}, @L2TP_ATTR_IP_SADDR={0x8, 0x18, @multicast1}, @L2TP_ATTR_RECV_TIMEOUT={0xc, 0x16, 0xffffffff}]}, 0x30}, 0x1, 0x0, 0x0, 0x20000804}, 0x20000000) splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0) [ 2350.923379] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 2350.930634] RBP: 00007f35fe88cca0 R08: 0000000000000000 R09: 0000000000000000 [ 2350.937910] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000003c [ 2350.945340] R13: 00007fff731b57af R14: 00007f35fe88d9c0 R15: 000000000118bf2c 22:53:00 executing program 2: socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000640)="1f5583624999c4665398664c3fd64362f39caf15e2c9f0f6a2c251", 0x1b}], 0x4, 0x0) write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000080)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xee01, 0xffffffff}}}, 0x78) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x25) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x1f, r0, 0x0, 0x0) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, 0x1c) 22:53:00 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r2, 0x0, r4, 0x0, 0x4ffe2, 0x0) r5 = socket$inet_udplite(0x2, 0x2, 0x88) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) r7 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r7, 0x84, 0x6e, &(0x7f0000000080)=[@in6={0xa, 0x0, 0x0, @private1}, @in={0x2, 0x0, @loopback}], 0x2c) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r7, 0x84, 0x1d, &(0x7f0000000900)={0x1, [0x0]}, &(0x7f0000000940)=0x8) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r7, 0x84, 0x1f, &(0x7f0000000100)={r8, @in6={{0xa, 0x0, 0x0, @empty}}}, 0x90) getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(r6, 0x84, 0x70, &(0x7f0000000100)={r8, @in6={{0xa, 0x4e21, 0x8, @mcast1}}, [0xffffffff, 0x5, 0x65, 0xff, 0xffff, 0xfffffffffffffffc, 0x0, 0x9, 0x101, 0x10000, 0xbe7, 0x100, 0x6, 0x53, 0x9]}, &(0x7f0000000040)=0x100) 22:53:00 executing program 4 (fault-call:6 fault-nth:61): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x14) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(r0, 0x1ff) r1 = socket$inet_sctp(0x2, 0x801, 0x84) sendmsg(r1, &(0x7f0000000040)={&(0x7f0000000240)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x36}}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b2", 0xffe0}], 0x1, 0x0, 0x0, 0x9000004}, 0x0) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) 22:53:00 executing program 5: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket$netlink(0x10, 0x3, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_int(r3, 0x29, 0x48, &(0x7f0000000240)=0xd, 0x4) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000180)={r1, 0x6, 0xfffffffffffffffe, 0x420}) getsockopt$inet6_int(r4, 0x29, 0x7, 0x0, &(0x7f0000000000)) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES64=r3, @ANYRES32], 0x3}}, 0x0) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) ioctl$KVM_HAS_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee3, &(0x7f00000002c0)={0x0, 0x5, 0xffff, &(0x7f0000000280)}) splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0) r5 = socket$inet_udplite(0x2, 0x2, 0x88) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r2, &(0x7f0000000040)={0x80000000}) r7 = socket$inet_udplite(0x2, 0x2, 0x88) r8 = dup(r7) ioctl$PERF_EVENT_IOC_ENABLE(r8, 0x8912, 0x400200) ioctl$USBDEVFS_CLAIM_PORT(r8, 0x80045518, &(0x7f0000000100)=0x1) 22:53:00 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)) ptrace$cont(0x1f, r0, 0x0, 0x0) r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x400000, 0x0) sendmsg$NL80211_CMD_GET_SURVEY(r1, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000500)={&(0x7f00000015c0)=ANY=[@ANYRES16, @ANYBLOB="43554d6f10a7c926ba961ec992b462106bc9c0fa649c282737dacaddfd9429a5aafae64caca75bbd26a89381d079f0b0185ae3553eb46caeb8542954ccce4a61aa67760b82d59b1a1335bbe8f61a26b56b38ec4f909b0b40f5a55c1dc6bae4b189641fe408efe660d62564df9e3239307b3299da9fa578b038f41661436b7f443f2926581642a5ce6e0acc1b492154d2a317d79583057eb81262cb621d284ab5d244c4498985ab9104eea1b48dfa145d057a280dc64dbb4a85386a84d2b0ec0273a000ac410bdc5ca2de7db5e76fe6e2f79743dabaffe1f8e0521c4feabb12f8cc5133360112c404185506c0e91cfde6dec1a48d6b98a4c98fbef5e8c5cded93b3f0e0b86998d0e1722a820bfd2104e956589dc97d77fb7238401c2b10ee52639866c3ec5d93e16d7f371603d4808f8f328a09bb837218ea0efd9c574d960d9b264a8b43dce9dc970ac8ecee9bc03702087d4f1600f89686f2299f00a8b0b0c059b68279d7a35b462091d84f705db5b581389ff8ad97e1f8141a1e175d0d66e108565a17f23f830692d2fb074fd0e1e36963057dc9d5f872d2c9ff208541fbe07ee25f1d9025743c4b45799da4784554731f5809e9064b080e6acba53adf079453dc0720ae7b4b77ebe077816a295b3e2e50b0079836263bf539a21354e2a72c44cedf334b5d4dce2c5c3847a4a47ec254b87add0ae0de406a925087530ce16a45d781ef8fe624eee81a348612bda409b3b9d5923555cf995cbc14ab00d42a032f1c72f450a28be80800640961f56b9f2e86e844dd265cb3c35601a419f7d983d778f48feaebc641157cc3ab8b0ed48138f1ba4681aca4a43f9a8b134930a07a5755ed60beca1f511c10f332b50ac01c891ab0e61500cb9221ea6ed6e4990360af68844ca0095408a0a89bef904ebd7f3becab99cb5eee3b5abc27c7d699328b4bdf6e875365ef0ba78eb2f63aacf666196a32efb99b666ae2a7623f588829ceb8920360f8cf66212d724a69d8731083c6edb6a7c6272c846c0242baedea6e9a6854a9c74a3d059445c154eb34a8b54b431c646339ca155f30f8bf556fef5a510718010462b571e32e0b46de81686ae6e56de5483c4a31a926539f0636fec018aab366179d12b27178da72fb1ae6b7229b73f62cf4319a6c3b24504ec473ee37f161bcea57a22a7408ca16eac117deb7457c0560278fb555ff0a64887878a2877118aa23df518d16cec2a688354d1af7d3f51e6bd7b93c5791393b0320076e59834c070e79f76d4aca38ee4357732935ebb92408beb8f363053cffe8869ee9fbcac72f8782a8f6f80346aac2880e9b3a099af66f80eaebe135478e5ba7eb6c501c9ce3099314e286fbbbf7d39d0e3dab07588bb0f8d9c77a3b4c89a8763f5519d92104a9e6492dbe57670a918bcecdd7fd6ed2739c42afd85e45e2da2d2f89332ea339f488ae0760a5aa9663ceb444cd705f21ea0aaebd804ef9b180be89fcbec3ec8e94c388c21d8a9ed40a30913dee685abbfe4ec44ea8aa1bedc6dec212fbf07aa7428a41ffc6c9736bf4f2433642f06c3fc6ca35e3940659526af7a282238ec76b94464c7d9e6f349077461d82554147aadf79aeebead2e26da75c5f50491345ea6f0d63a24557f6429cf88ba79ddf6b91e434d5aa31a1ccdd083b30f700aedf490ff384fa09dfc8e88af75a1f21d5850eb033264d36938e5af3f22988f390f6fbb4399f3b07f2287943666708f56acd82f9095ea704716a91db6ca16fed148ca42bba4de16722d73b1af634bf910585bad008d585877a7e2fe02bbd5918b76cf625d88c4e5766113b1d862395a39e6092f390ef18ea0807e9efebf883fc6073c01aba70cfeaf298638af4ce0dc3ab799455bbef0c2e1fcc58c1f49f2ca6431221053b53589369ff06216f930e561755dde00da0a130bf88c9dbe44d943e5af170a17c3c19119f4d38d4d262896791740fa8df78f6a4f10f3bc77606352c09a75e48f22b2063c445de888d1481ecbd0a72dfa1a7d0dd69a8440710e6c298fe9b55e8875f4ab3fbb7b69e1f19e73c7db43f719ea9dafa134351610399e290397fa8ed02c13d1cf83a168f400d205ce9af61d26e76f7cd412d2c9a4bd5c18b4171dcfcf177a9723c5faee84f96d75aa7399462e4adb0e7a4c1b8df188d59350c3d79fece89ce2440b7eec7f863b3addb7610c36e849ff46ce208f273a63f816a2608727514a5ffdb87fd29a48b55ec24b9f382eb0b377b40dac94ae7e6e4b0237b9fe8ad6495295ee490c27629141585be48eb2bb7d84c05000000c63df95149668e150146da55eb9890281a049d7cdc7a5039bc670b51cef65dcf204c541f09d230a1968043c5196c59b3f59d87c4a5ac0c40d3ca7eb10bbc4ba00f7266644dfc21a16e9951d59d374a4728b2043e62201e6af4500d4e22ae41a13d7603e94886bd1c474a2ea4bb977e85ef23d8e45f219bedac0fff66e173ee915634a1d41f6f3610bb4fc484ca2525f272a0f7d25611d29ba84b3e1967ea1847978539f14888e7deb68fb08cacb71cd701ee0e67e64064c6346217281733e077ba895aaf6115164bcb60ad1938d24a11e7de80c17b7484af76e77e36db48286d17b817f917de06d5e90ee37296370f89dbec6b9f802b50247028e2c50a89a2eadb2d960a3b5d4b964391c813696057e69b659d8c45d955a7ff094ec444d79013257b785e9797eb1f24afff6fdbc3c46a92ccc6e874c4c13dcfb64d9c870d0b855a38afa9cae10065d43dca85d37a4f5af727c744455b9cc3d12d221bb08184de8583a474e0de5c377c949e4522f410ca09ceeb139128ffb3c138596a6c319eb3b2f8ca362d524dbb507055ddef6f87707d143f13b3c01706ee25f7088bdb0ce78a713c4dbbde701c4fa402f5b88704008314397962e631c1d8cad301eeb051fe683b6db754e802a1e32d9c2eb7584001d3a439bc82d08c0d190d8ed9b383a80b9c294f5cbe6ceb2e21b3472d1f2bdeffc7bff1ac5cfb8cb7bd8e30a4344e172812352278ddfa291ead3e4c237cf8509a4d8fdb72814b20b91be38634f57253cb99dae608b24d4ccbbba409294c4201349e7a679c178b19d62b5b2a404aa50dab51777ce96314ad6fa165dfac8018cf81ae6e4e346712cc2b1cac8aa4b924731697f07911abd4709d0aac830db340aa9fe2230081ef3018199f88e56d3b80c330175eedf4e5c2c9953404fe72d6c5e4935139bc70e339922186ce2260993a1097e2e4788c0fd56186a040fa9440d522359a8faf9f6dd948646d5cf224a3f929417687fe82ff1f03780c076f8e986c354021401fcdd9f0d5aeb1e2937ea2a6ea97357478582bb8e0475ddd9159fed9751aac94fca66d9108937960ccae173872758501b13a3543da43466d1bdc5b51251816219c08b941c15e81c56764575d6f0b24a73e3d879897ec19c8fdbee83e833ba9199c627c37fcc3b33adbe47175af19edb6737f7b1e6003e40fcdc077592ee998bd17fd14b4381e97842aea352202abaf44798992b2a910bde4c0f305110b0f7b357dbeea017b6fa75871c8e54454cf1b5b819718da503cc89ff7c03000eb56fcde4762b9a700994b82a0857fe14a3ecb00e28651e39f665f5154f6dbe99507beaa29bde8ac9833b4c25bab16c5b3a8b83e038f7eca11c5f90ca11519b3c4330f619a90aafed3c4b16571dbbf361fe738ec764d1f27ac261942bfcf6d54e61c340bc1008be8e1b784dead57387c5585361b38f58abf7a13206605b30d1a6f098dad4f8e5484d9f1f1bbe2a48b1df31fbd985e43af5d63c00d13a6b1f9a8a1b141af4b1f64f9755bcf68661e76fa67fb0f507577d9df62d07a07d51e9114b3020f8e81411ebb36f4f73ed3e65ce4a7a7e286bd4f3a8bb6fbd5b36cc4f34319b66558dca4ea623d300b37cd3614b082bd0be678f24a82f7992232b17b97f3df41653eac3cce79c8aa766617a2fe2b2e219d4f63f9ad19354a991e0fbb13e9f50d1a4eff2cf837bbd491584aa2e037d00fecc06596cbb9c0f3bf96e4b04dde79dd95dde4dc91fd568052749408c9afd748a1a4c97021f55d5a86b24832f5416659bdffc1f94c240198017ac95f0f68e927f157405b8f3a884f91cd431ab32aa1f87e5f5daf7d88417a3324df12ba7da90775c2ed71ce7451b2e2c66993861f9c96c6a73093b728b58f78ee5b038e8a01a08ab7caf7b4609fe3ecd7fce07e43a97f3381c5fa788a199714544a1c8cadf10f5335a79762bbc3ef35b99c54abc448ff045291e1f778c83e936c9f868cf10221f6e89386be87c5ba6807fb8071ef94f432bb0066a9be0173b78335958b65b4579b932845fae576dd5faf84af2628156443a0fa133e27a3c8fd422ecda0d3dcfa1e265d7b6276f5a6d50dc8f1fb5200b553409080f14c51d9cd0fd3ac4f449eaadd8034e1bad8600f28530ddf8a69355729ebe39571037cae3d2619a8834938424253067fa475e1e9449aae7d226b14ffeca5fff99a93ca061aa2923c27553fbbac43926d111818ec7907e990772c59683e95aa265e45c171d98eed899a46a28bc0dd0fdc084054cfd238bdc95775a735ab4bb755e0961824c1992e345cd3c8df9a6c7750b9f29d3afe1a085836fbb67ebca3c3fb1b3cadb4aa185d27729fe306976295413e5b38d652391d992e2ea243d04108f87f33e29423ce26727bd8eaa445a732d9450b8e7c7a8da2c7aa3e68c3e51cd4460030d96e1b3295e193cecff8ea00f0359ef423787b69072210b98a4253fbca47dea0a601dda343dca17e0f0b9ccc33db03e9e6740b7e8b6b9f2f8604e889bd025a8383d7763ff60b0ab98ad3a68de491afa74d15cc4de12c9179575291427fffb75f4a73428f3c8fb4f27b00bf523ccab25a86899dfe53e01aa032d598901f246a67996b600d0fb2404e75fa0d0806cb1bbb9f472422c0e2ca019f608a81d75c000ad8564a9b98cd31409c988deba7469068e5a9f204b4e25ffecc473ff71cf5d8fb6dd15edd2cc3d5df022c41aa15916f6dee8f7b14ace4470e35a9adc7f64d69f4eab1c4ad3dac2430cf2cfa9a39bc591f16ce6b1faea5b524571e260aa2aa645ea3a2d1c5a92e749c4ebcf88cb43702c41f0f27b88641a5dcced44a7be2e7ad6733b6e41bf0941313da802ae78189cfa35a0e09d823b4cc367342c79d32dc99055c9df7401416d15386219810cfb7e7d160e286faee1c34201dce73a1a022b9526f4a58fb1a82006e747679eebde176ad0520800a8037e1b5a8cf4150d32e170434549970aaa225b94a1055cc72dafdcb76c1bf6eec9a1b75a59fe5f19e77ce986add6d3dca442c0343e2b391017bd2e2f41df0f818ba38453f893e8ce541d95a6f004b8540db379fb9788ad2642d0df1e7e6d8476ea3f02e4841c1ebd173d730dfc81d699e462ae99af586bda3ff8dbec3bde982769421cb667a78b2f019537244d8689a540b797e04f28b9d5b5c9d0199a1bcd91ee0292b1b0a5fbb88d073af78ca2785dff9e089e26536dfbc2043e63d85f002b41ec2b556abc133e000bcb1377edd2f4b9e8db7dbb8eaf97678e82882d72b9a08bf5539176b3e6c57cfe7c1407c151cdc82eb041807cf63d63e17dccbebb4601d2b3b8ab0c77144369c811caee3c3c4e722b6f1c0459b752bd617fd783fd325db4ad2abbd339a13cfcc5d80a2ec01b57af753a6484c2cca824d1f1cae362b4f6a5bbe8456d4243391b9da1c5536ac2d88cdadb446ffdb7a57979c60e40cfe9e655b7c69745109a9f6cf94a619a40965140e58824fa8d5be64f3661ff88082391b36dc1d7cb30945c643eaa79334570ad3f77fe99df3bf2c575cb5744df73e623ef4dfd469270716328f2d2d2d26152e9802332eaed84f91e25146fbf03920d380a39d8cd400c3e5d601c3", @ANYRES16], 0x20}}, 0x4000000) setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x48, &(0x7f0000000240)=0xd, 0x4) r2 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setuid(r3) lstat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0}) mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x80, &(0x7f00000003c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',version=9p2000.L,version=9p2000,noextend,version=9p2000,version=9p2000.L,dfltuid=', @ANYRESHEX=r3, @ANYBLOB='0xffffffffffffffff}) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) ptrace$cont(0x1f, r0, 0x0, 0x0) [ 2352.371597] FAULT_INJECTION: forcing a failure. [ 2352.371597] name failslab, interval 1, probability 0, space 0, times 0 [ 2352.392891] CPU: 0 PID: 13140 Comm: syz-executor.4 Not tainted 4.14.198-syzkaller #0 [ 2352.401231] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2352.410613] Call Trace: [ 2352.413203] dump_stack+0x1b2/0x283 [ 2352.417136] should_fail.cold+0x10a/0x154 [ 2352.421296] should_failslab+0xd6/0x130 [ 2352.425282] kmem_cache_alloc_node+0x54/0x410 [ 2352.431442] __alloc_skb+0x5c/0x510 [ 2352.435162] _sctp_make_chunk+0x4e/0x460 [ 2352.439752] sctp_make_init+0x5ad/0xb60 [ 2352.443740] ? sctp_init_cause+0xd0/0xd0 [ 2352.447878] ? finish_task_switch+0x178/0x610 [ 2352.453377] ? trace_hardirqs_on+0x10/0x10 [ 2352.457615] ? _raw_spin_unlock_irq+0x24/0x80 [ 2352.462139] sctp_sf_do_prm_asoc+0xbb/0x340 [ 2352.466469] sctp_do_sm+0xf6/0x48a0 [ 2352.470102] ? sctp_do_8_2_transport_strike.constprop.0+0x860/0x860 [ 2352.476498] ? _raw_spin_unlock_irqrestore+0x79/0xe0 [ 2352.481721] ? mark_held_locks+0xa6/0xf0 [ 2352.486986] ? retint_kernel+0x2d/0x2d [ 2352.490878] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 2352.495929] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2352.500690] ? check_preemption_disabled+0x35/0x240 [ 2352.505703] ? retint_kernel+0x2d/0x2d [ 2352.509613] ? sctp_assoc_set_primary+0xce/0x2b0 [ 2352.514357] ? sctp_assoc_set_primary+0x105/0x2b0 [ 2352.519991] ? sctp_assoc_add_peer+0x241/0x1020 [ 2352.527278] sctp_primitive_ASSOCIATE+0x98/0xc0 [ 2352.536045] sctp_sendmsg+0x12c6/0x2cd0 [ 2352.543894] ? check_preemption_disabled+0x35/0x240 [ 2352.549510] ? sctp_id2assoc+0x210/0x210 [ 2352.553572] ? __sanitizer_cov_trace_pc+0x29/0x50 [ 2352.558463] ? selinux_socket_sendmsg+0x1d8/0x260 [ 2352.563511] ? selinux_socket_getpeername+0x260/0x260 [ 2352.568718] ? kernel_recvmsg+0x210/0x210 [ 2352.572884] inet_sendmsg+0x11a/0x4e0 [ 2352.576668] ? security_socket_sendmsg+0x83/0xb0 [ 2352.582401] ? inet_recvmsg+0x4d0/0x4d0 [ 2352.586393] sock_sendmsg+0xb5/0x100 [ 2352.590204] ___sys_sendmsg+0x6c8/0x800 [ 2352.594198] ? get_pid_task+0x91/0x130 [ 2352.598075] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 2352.602827] ? lock_downgrade+0x740/0x740 [ 2352.607003] ? __fget+0x1fe/0x360 [ 2352.610454] ? lock_acquire+0x170/0x3f0 [ 2352.614509] ? lock_downgrade+0x740/0x740 [ 2352.620053] ? sockfd_lookup_light+0xb2/0x160 [ 2352.624833] __sys_sendmsg+0xa3/0x120 [ 2352.630442] ? SyS_shutdown+0x160/0x160 [ 2352.634413] ? wait_for_completion_io+0x10/0x10 [ 2352.639089] ? SyS_read+0x210/0x210 [ 2352.642707] ? SyS_clock_settime+0x1a0/0x1a0 [ 2352.647834] SyS_sendmsg+0x27/0x40 [ 2352.651509] ? __sys_sendmsg+0x120/0x120 [ 2352.655564] do_syscall_64+0x1d5/0x640 [ 2352.659447] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2352.664730] RIP: 0033:0x45de29 [ 2352.667925] RSP: 002b:00007f35fe88cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2352.675718] RAX: ffffffffffffffda RBX: 0000000000028100 RCX: 000000000045de29 [ 2352.683339] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 2352.690625] RBP: 00007f35fe88cca0 R08: 0000000000000000 R09: 0000000000000000 [ 2352.698067] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000003d [ 2352.706112] R13: 00007fff731b57af R14: 00007f35fe88d9c0 R15: 000000000118bf2c 22:53:01 executing program 4 (fault-call:6 fault-nth:62): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x14) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(r0, 0x1ff) r1 = socket$inet_sctp(0x2, 0x801, 0x84) sendmsg(r1, &(0x7f0000000040)={&(0x7f0000000240)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x36}}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b2", 0xffe0}], 0x1, 0x0, 0x0, 0x9000004}, 0x0) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) [ 2352.835513] FAULT_INJECTION: forcing a failure. [ 2352.835513] name failslab, interval 1, probability 0, space 0, times 0 [ 2352.847337] CPU: 1 PID: 13171 Comm: syz-executor.4 Not tainted 4.14.198-syzkaller #0 [ 2352.855317] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2352.864681] Call Trace: [ 2352.867273] dump_stack+0x1b2/0x283 [ 2352.870914] should_fail.cold+0x10a/0x154 [ 2352.875061] should_failslab+0xd6/0x130 [ 2352.879032] kmem_cache_alloc_node_trace+0x58/0x400 [ 2352.884049] __kmalloc_node_track_caller+0x38/0x70 [ 2352.888989] __alloc_skb+0x96/0x510 [ 2352.892613] _sctp_make_chunk+0x4e/0x460 [ 2352.896672] sctp_make_init+0x5ad/0xb60 [ 2352.900998] ? sctp_init_cause+0xd0/0xd0 [ 2352.905077] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2352.909831] ? check_preemption_disabled+0x35/0x240 [ 2352.915013] ? retint_kernel+0x2d/0x2d [ 2352.918991] sctp_sf_do_prm_asoc+0xbb/0x340 [ 2352.923319] sctp_do_sm+0xf6/0x48a0 [ 2352.926964] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 2352.931983] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2352.936757] ? sctp_do_8_2_transport_strike.constprop.0+0x860/0x860 [ 2352.943861] ? check_preemption_disabled+0x35/0x240 [ 2352.948879] ? retint_kernel+0x2d/0x2d [ 2352.952757] ? sctp_hash_transport+0x1630/0x1f50 [ 2352.957599] ? lock_downgrade+0x740/0x740 [ 2352.961739] ? mark_held_locks+0xa6/0xf0 [ 2352.965790] ? sctp_hash_transport+0xcb/0x1f50 [ 2352.970364] ? retint_kernel+0x2d/0x2d [ 2352.974267] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 2352.979276] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2352.984040] ? retint_kernel+0x2d/0x2d [ 2352.987928] sctp_primitive_ASSOCIATE+0x98/0xc0 [ 2352.993148] sctp_sendmsg+0x12c6/0x2cd0 [ 2352.997303] ? sctp_id2assoc+0x210/0x210 [ 2353.001444] ? rw_copy_check_uvector+0x1dd/0x2b0 [ 2353.006202] ? selinux_socket_sendmsg+0x1d8/0x260 [ 2353.011064] ? selinux_socket_getpeername+0x260/0x260 [ 2353.016263] ? kernel_recvmsg+0x210/0x210 [ 2353.020432] inet_sendmsg+0x11a/0x4e0 [ 2353.025294] ? security_socket_sendmsg+0x83/0xb0 [ 2353.030498] ? inet_recvmsg+0x4d0/0x4d0 [ 2353.034489] sock_sendmsg+0xb5/0x100 [ 2353.038735] ___sys_sendmsg+0x6c8/0x800 [ 2353.042718] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 2353.047508] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2353.052287] ? check_preemption_disabled+0x35/0x240 [ 2353.057313] ? retint_kernel+0x2d/0x2d [ 2353.061227] ? __fget+0x1fe/0x360 [ 2353.064688] ? lock_acquire+0x170/0x3f0 [ 2353.068665] ? lock_downgrade+0x740/0x740 [ 2353.072831] ? sockfd_lookup_light+0xb2/0x160 [ 2353.077352] __sys_sendmsg+0xa3/0x120 [ 2353.081163] ? SyS_shutdown+0x160/0x160 [ 2353.085137] ? check_preemption_disabled+0x35/0x240 [ 2353.090247] SyS_sendmsg+0x27/0x40 [ 2353.093783] ? __sys_sendmsg+0x120/0x120 [ 2353.097847] do_syscall_64+0x1d5/0x640 [ 2353.102091] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2353.107295] RIP: 0033:0x45de29 [ 2353.110491] RSP: 002b:00007f35fe88cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2353.118993] RAX: ffffffffffffffda RBX: 0000000000028100 RCX: 000000000045de29 [ 2353.126279] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 22:53:01 executing program 5: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) r3 = socket(0xf, 0x6, 0x5) setsockopt$ALG_SET_AEAD_AUTHSIZE(r3, 0x117, 0x5, 0x0, 0x0) splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0) 22:53:01 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="48001fff000005006700"/20, @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e0000f3b7d95a80140010"], 0x3}}, 0x20000000) write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r2, 0x0, r4, 0x0, 0x4ffe2, 0x0) [ 2353.133562] RBP: 00007f35fe88cca0 R08: 0000000000000000 R09: 0000000000000000 [ 2353.140832] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000003e [ 2353.148130] R13: 00007fff731b57af R14: 00007f35fe88d9c0 R15: 000000000118bf2c 22:53:01 executing program 4 (fault-call:6 fault-nth:63): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x14) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(r0, 0x1ff) r1 = socket$inet_sctp(0x2, 0x801, 0x84) sendmsg(r1, &(0x7f0000000040)={&(0x7f0000000240)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x36}}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b2", 0xffe0}], 0x1, 0x0, 0x0, 0x9000004}, 0x0) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) [ 2353.314566] FAULT_INJECTION: forcing a failure. [ 2353.314566] name failslab, interval 1, probability 0, space 0, times 0 [ 2353.333415] CPU: 1 PID: 13185 Comm: syz-executor.4 Not tainted 4.14.198-syzkaller #0 [ 2353.341325] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2353.350708] Call Trace: [ 2353.353306] dump_stack+0x1b2/0x283 [ 2353.356958] should_fail.cold+0x10a/0x154 [ 2353.361137] should_failslab+0xd6/0x130 [ 2353.365118] kmem_cache_alloc+0x40/0x3c0 [ 2353.369190] _sctp_make_chunk+0x133/0x460 [ 2353.373350] sctp_make_init+0x5ad/0xb60 [ 2353.377790] ? sctp_init_cause+0xd0/0xd0 [ 2353.381867] ? __lock_acquire+0x5fc/0x3f20 [ 2353.386118] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2353.391840] sctp_sf_do_prm_asoc+0xbb/0x340 [ 2353.396181] sctp_do_sm+0xf6/0x48a0 [ 2353.399811] ? mark_held_locks+0xa6/0xf0 [ 2353.403888] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 2353.409586] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2353.414352] ? sctp_do_8_2_transport_strike.constprop.0+0x860/0x860 [ 2353.420751] ? sctp_hash_transport+0x1630/0x1f50 [ 2353.425513] ? mark_held_locks+0xa6/0xf0 [ 2353.429576] ? retint_kernel+0x2d/0x2d [ 2353.433839] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 2353.439483] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2353.444245] ? check_preemption_disabled+0x35/0x240 [ 2353.449786] ? retint_kernel+0x2d/0x2d [ 2353.453664] ? sctp_assoc_lookup_paddr+0x9c/0x140 [ 2353.459110] sctp_primitive_ASSOCIATE+0x98/0xc0 [ 2353.463885] sctp_sendmsg+0x12c6/0x2cd0 [ 2353.467887] ? sctp_id2assoc+0x210/0x210 [ 2353.471955] ? rw_copy_check_uvector+0x1dd/0x2b0 [ 2353.476709] ? rw_copy_check_uvector+0x1dd/0x2b0 [ 2353.481922] ? rw_copy_check_uvector+0x1dd/0x2b0 [ 2353.486693] ? selinux_socket_sendmsg+0x1d8/0x260 [ 2353.491551] ? selinux_socket_getpeername+0x260/0x260 [ 2353.496736] ? kernel_recvmsg+0x210/0x210 [ 2353.500902] inet_sendmsg+0x11a/0x4e0 [ 2353.504702] ? security_socket_sendmsg+0x83/0xb0 [ 2353.509466] ? inet_recvmsg+0x4d0/0x4d0 [ 2353.513460] sock_sendmsg+0xb5/0x100 [ 2353.517179] ___sys_sendmsg+0x6c8/0x800 [ 2353.521140] ? get_pid_task+0x91/0x130 [ 2353.525015] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 2353.529772] ? lock_downgrade+0x740/0x740 [ 2353.533926] ? __fget+0x1fe/0x360 [ 2353.537385] ? lock_acquire+0x170/0x3f0 [ 2353.541349] ? lock_downgrade+0x740/0x740 [ 2353.545508] ? sockfd_lookup_light+0xb2/0x160 [ 2353.549996] __sys_sendmsg+0xa3/0x120 [ 2353.553792] ? SyS_shutdown+0x160/0x160 [ 2353.557822] ? check_preemption_disabled+0x35/0x240 [ 2353.562857] ? SyS_shutdown+0x160/0x160 [ 2353.566825] SyS_sendmsg+0x27/0x40 [ 2353.570381] ? __sys_sendmsg+0x120/0x120 [ 2353.574456] do_syscall_64+0x1d5/0x640 [ 2353.578347] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2353.583630] RIP: 0033:0x45de29 [ 2353.586812] RSP: 002b:00007f35fe88cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2353.594543] RAX: ffffffffffffffda RBX: 0000000000028100 RCX: 000000000045de29 [ 2353.602804] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 2353.610080] RBP: 00007f35fe88cca0 R08: 0000000000000000 R09: 0000000000000000 [ 2353.617350] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000003f [ 2353.624609] R13: 00007fff731b57af R14: 00007f35fe88d9c0 R15: 000000000118bf2c 22:53:01 executing program 4 (fault-call:6 fault-nth:64): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x14) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(r0, 0x1ff) r1 = socket$inet_sctp(0x2, 0x801, 0x84) sendmsg(r1, &(0x7f0000000040)={&(0x7f0000000240)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x36}}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b2", 0xffe0}], 0x1, 0x0, 0x0, 0x9000004}, 0x0) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) [ 2353.701224] FAULT_INJECTION: forcing a failure. [ 2353.701224] name failslab, interval 1, probability 0, space 0, times 0 [ 2353.714666] CPU: 1 PID: 13193 Comm: syz-executor.4 Not tainted 4.14.198-syzkaller #0 [ 2353.722550] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2353.731895] Call Trace: [ 2353.734504] dump_stack+0x1b2/0x283 [ 2353.738176] should_fail.cold+0x10a/0x154 [ 2353.742367] ? should_failslab+0xe/0x130 [ 2353.746440] should_failslab+0xd6/0x130 [ 2353.750410] kmem_cache_alloc_node+0x263/0x410 [ 2353.755955] __alloc_skb+0x5c/0x510 [ 2353.759595] sctp_packet_transmit+0x2ee/0x2d40 [ 2353.764186] ? sctp_packet_config+0x5fe/0x9e0 [ 2353.768772] ? sctp_packet_config+0x9e0/0x9e0 [ 2353.773274] ? sctp_packet_append_chunk+0x4db/0xac0 [ 2353.779171] sctp_outq_flush+0x7c5/0x2e00 [ 2353.783357] ? _raw_spin_unlock_irqrestore+0xa3/0xe0 [ 2353.788485] ? sctp_insert_list+0x380/0x380 [ 2353.793163] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 2353.798379] ? msleep_interruptible+0xf0/0xf0 [ 2353.802895] ? sctp_outq_tail+0x460/0x630 [ 2353.807066] sctp_do_sm+0x400/0x48a0 [ 2353.810805] ? retint_kernel+0x2d/0x2d [ 2353.815236] ? sctp_do_8_2_transport_strike.constprop.0+0x860/0x860 [ 2353.821654] ? sctp_hash_transport+0x1630/0x1f50 [ 2353.826505] ? lock_downgrade+0x740/0x740 [ 2353.830656] ? __local_bh_enable_ip+0xc1/0x170 [ 2353.835240] ? sctp_hash_transport+0xcb/0x1f50 [ 2353.839845] ? sctp_assoc_set_primary+0x105/0x2b0 [ 2353.845491] ? sctp_assoc_add_peer+0x241/0x1020 [ 2353.850175] sctp_primitive_ASSOCIATE+0x98/0xc0 [ 2353.854845] sctp_sendmsg+0x12c6/0x2cd0 [ 2353.859451] ? sctp_id2assoc+0x210/0x210 [ 2353.863548] ? rw_copy_check_uvector+0x1dd/0x2b0 [ 2353.868336] ? selinux_socket_sendmsg+0x1d8/0x260 [ 2353.873193] ? selinux_socket_getpeername+0x260/0x260 [ 2353.878410] ? kernel_recvmsg+0x210/0x210 [ 2353.882565] inet_sendmsg+0x11a/0x4e0 [ 2353.886385] ? security_socket_sendmsg+0x83/0xb0 [ 2353.891153] ? inet_recvmsg+0x4d0/0x4d0 [ 2353.895140] sock_sendmsg+0xb5/0x100 [ 2353.898863] ___sys_sendmsg+0x6c8/0x800 [ 2353.902828] ? get_pid_task+0x91/0x130 [ 2353.906716] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 2353.911555] ? lock_downgrade+0x740/0x740 [ 2353.915716] ? __fget+0x1fe/0x360 [ 2353.919163] ? lock_acquire+0x170/0x3f0 [ 2353.923133] ? lock_downgrade+0x740/0x740 [ 2353.927991] ? sockfd_lookup_light+0xb2/0x160 [ 2353.932490] __sys_sendmsg+0xa3/0x120 [ 2353.936298] ? SyS_shutdown+0x160/0x160 [ 2353.940287] ? wait_for_completion_io+0x10/0x10 [ 2353.944963] ? SyS_read+0x210/0x210 [ 2353.948584] ? SyS_clock_settime+0x1a0/0x1a0 [ 2353.953427] SyS_sendmsg+0x27/0x40 [ 2353.956964] ? __sys_sendmsg+0x120/0x120 [ 2353.961018] do_syscall_64+0x1d5/0x640 [ 2353.964902] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2353.970086] RIP: 0033:0x45de29 [ 2353.973315] RSP: 002b:00007f35fe88cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2353.981030] RAX: ffffffffffffffda RBX: 0000000000028100 RCX: 000000000045de29 [ 2353.988317] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 2353.995702] RBP: 00007f35fe88cca0 R08: 0000000000000000 R09: 0000000000000000 22:53:02 executing program 5: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x9) [ 2354.002972] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000040 [ 2354.010259] R13: 00007fff731b57af R14: 00007f35fe88d9c0 R15: 000000000118bf2c 22:53:03 executing program 2: r0 = socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) mkdir(&(0x7f0000000180)='./file0\x00', 0x8) fchownat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0xffffffffffffffff, 0x0, 0x1000) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendmsg$nl_route_sched(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000002a00000426bd7000fddbdf2500000000", @ANYRES32=0x0, @ANYBLOB="0a0052de67"], 0x24}, 0x1, 0x0, 0x0, 0x4000004}, 0x101) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e21, 0x200, @initdev={0xfe, 0x88, [], 0x1, 0x0}}, 0x1c) 22:53:03 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) socket$netlink(0x10, 0x3, 0x0) ioctl$EVIOCGKEYCODE(r2, 0x80084504, &(0x7f0000000100)=""/164) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r2, 0x0, r4, 0x0, 0x4ffe2, 0x0) 22:53:03 executing program 4 (fault-call:6 fault-nth:65): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x14) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(r0, 0x1ff) r1 = socket$inet_sctp(0x2, 0x801, 0x84) sendmsg(r1, &(0x7f0000000040)={&(0x7f0000000240)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x36}}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b2", 0xffe0}], 0x1, 0x0, 0x0, 0x9000004}, 0x0) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) 22:53:03 executing program 5: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) r4 = dup(r3) ioctl$KDSETKEYCODE(r4, 0x4b4d, &(0x7f0000000040)={0x2, 0x1}) 22:53:03 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195e8083b0c00ade4a54bd32932f9671a6ec9642e8a4fb6f987dbfeb3ffa2be", 0xf1}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0xfffffffffffbfffb, 0x36) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) sendmsg$RDMA_NLDEV_CMD_RES_QP_GET(r2, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x20, 0x140a, 0x100, 0x70bd25, 0x25dfdbfb, "", [@RDMA_NLDEV_ATTR_RES_LQPN={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}]}, 0x20}, 0x1, 0x0, 0x0, 0x40000}, 0x4054000) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x3, 0x3ff) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)) ptrace$cont(0x1f, r0, 0x0, 0x0) ioctl$TIOCCBRK(r2, 0x5428) [ 2355.377165] FAULT_INJECTION: forcing a failure. [ 2355.377165] name failslab, interval 1, probability 0, space 0, times 0 [ 2355.389773] CPU: 0 PID: 13215 Comm: syz-executor.4 Not tainted 4.14.198-syzkaller #0 [ 2355.397840] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2355.407198] Call Trace: [ 2355.409789] dump_stack+0x1b2/0x283 [ 2355.414292] should_fail.cold+0x10a/0x154 [ 2355.418451] should_failslab+0xd6/0x130 [ 2355.422432] kmem_cache_alloc_node_trace+0x25a/0x400 [ 2355.427541] __kmalloc_node_track_caller+0x38/0x70 [ 2355.432563] __alloc_skb+0x96/0x510 [ 2355.436221] sctp_packet_transmit+0x2ee/0x2d40 [ 2355.440827] ? sctp_packet_config+0x5fe/0x9e0 [ 2355.445338] ? sctp_packet_config+0x9e0/0x9e0 [ 2355.449832] ? sctp_packet_append_chunk+0x4db/0xac0 [ 2355.454854] sctp_outq_flush+0x7c5/0x2e00 [ 2355.459008] ? trace_hardirqs_on_caller+0x377/0x580 [ 2355.464058] ? sctp_insert_list+0x380/0x380 [ 2355.468390] ? sctp_outq_tail+0x460/0x630 [ 2355.472546] sctp_do_sm+0x400/0x48a0 [ 2355.476268] ? check_preemption_disabled+0x35/0x240 [ 2355.481289] ? sctp_do_8_2_transport_strike.constprop.0+0x860/0x860 [ 2355.488490] ? sctp_hash_transport+0x1630/0x1f50 [ 2355.493277] ? lock_downgrade+0x740/0x740 [ 2355.497441] ? __local_bh_enable_ip+0xc1/0x170 [ 2355.502059] ? mark_held_locks+0xa6/0xf0 [ 2355.506115] ? sctp_hash_transport+0xcb/0x1f50 [ 2355.510684] ? retint_kernel+0x2d/0x2d [ 2355.514574] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 2355.519598] ? retint_kernel+0x2d/0x2d [ 2355.523484] sctp_primitive_ASSOCIATE+0x98/0xc0 [ 2355.528164] sctp_sendmsg+0x12c6/0x2cd0 [ 2355.532144] ? sctp_id2assoc+0x210/0x210 [ 2355.536191] ? retint_kernel+0x2d/0x2d [ 2355.540061] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 2355.545060] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2355.549798] ? check_preemption_disabled+0x35/0x240 [ 2355.554818] inet_sendmsg+0x11a/0x4e0 [ 2355.558603] ? security_socket_sendmsg+0x83/0xb0 [ 2355.563344] ? inet_recvmsg+0x4d0/0x4d0 [ 2355.567301] sock_sendmsg+0xb5/0x100 [ 2355.571017] ___sys_sendmsg+0x6c8/0x800 [ 2355.574989] ? get_pid_task+0x91/0x130 [ 2355.578855] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 2355.583605] ? lock_downgrade+0x740/0x740 [ 2355.587746] ? retint_kernel+0x2d/0x2d [ 2355.591635] ? __fget+0x1fe/0x360 [ 2355.595084] ? lock_acquire+0x170/0x3f0 [ 2355.599047] ? lock_downgrade+0x740/0x740 [ 2355.603184] ? sockfd_lookup_light+0xb2/0x160 [ 2355.607660] __sys_sendmsg+0xa3/0x120 [ 2355.611453] ? SyS_shutdown+0x160/0x160 [ 2355.615420] ? wait_for_completion_io+0x10/0x10 [ 2355.620079] ? SyS_read+0x210/0x210 [ 2355.623695] SyS_sendmsg+0x27/0x40 [ 2355.627223] ? __sys_sendmsg+0x120/0x120 [ 2355.631273] do_syscall_64+0x1d5/0x640 [ 2355.635168] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2355.640336] RIP: 0033:0x45de29 [ 2355.643510] RSP: 002b:00007f35fe88cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2355.651212] RAX: ffffffffffffffda RBX: 0000000000028100 RCX: 000000000045de29 [ 2355.658475] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 2355.665761] RBP: 00007f35fe88cca0 R08: 0000000000000000 R09: 0000000000000000 22:53:03 executing program 2: socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@setneightbl={0x1c, 0x43, 0x1, 0x0, 0x0, {}, [@NDTA_NAME={0x5, 0x3, '\x00'}]}, 0x1c}}, 0x0) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) 22:53:03 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195", 0xd3}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) ptrace$cont(0x1f, r0, 0x0, 0x0) 22:53:03 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$VT_RELDISP(r1, 0x5605) socket(0x22, 0x0, 0x0) r2 = creat(&(0x7f0000000000)='./file0\x00', 0x14) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) socket$inet_udplite(0x2, 0x2, 0x88) r4 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x10001) ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000040)={r3, r4}) poll(0x0, 0x0, 0x0) r5 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r5, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) [ 2355.673947] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000041 [ 2355.684102] R13: 00007fff731b57af R14: 00007f35fe88d9c0 R15: 000000000118bf2c 22:53:04 executing program 4 (fault-call:6 fault-nth:66): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x14) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(r0, 0x1ff) r1 = socket$inet_sctp(0x2, 0x801, 0x84) sendmsg(r1, &(0x7f0000000040)={&(0x7f0000000240)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x36}}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b2", 0xffe0}], 0x1, 0x0, 0x0, 0x9000004}, 0x0) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) 22:53:04 executing program 1: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket$netlink(0x10, 0x3, 0x0) r3 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x401, 0x10000) sendmsg$nl_route(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="48dfff0010001f0b6d157dafff00000500000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0) [ 2355.916635] FAULT_INJECTION: forcing a failure. [ 2355.916635] name failslab, interval 1, probability 0, space 0, times 0 [ 2355.945902] CPU: 1 PID: 13247 Comm: syz-executor.4 Not tainted 4.14.198-syzkaller #0 [ 2355.954100] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2355.963453] Call Trace: [ 2355.966040] dump_stack+0x1b2/0x283 [ 2355.969663] should_fail.cold+0x10a/0x154 [ 2355.973982] should_failslab+0xd6/0x130 [ 2355.977977] kmem_cache_alloc_trace+0x29a/0x3d0 [ 2355.983420] sctp_datamsg_from_user+0x84/0xdd0 [ 2355.988039] ? sctp_assoc_lookup_paddr+0x19/0x140 [ 2355.993161] ? sctp_primitive_ASSOCIATE+0x98/0xc0 [ 2355.998292] sctp_sendmsg+0x12ed/0x2cd0 [ 2356.002281] ? sctp_id2assoc+0x210/0x210 [ 2356.006348] ? rw_copy_check_uvector+0x1dd/0x2b0 [ 2356.012607] ? selinux_socket_sendmsg+0x1d8/0x260 [ 2356.017491] ? selinux_socket_getpeername+0x260/0x260 [ 2356.022689] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2356.027452] ? retint_kernel+0x2d/0x2d [ 2356.031348] inet_sendmsg+0x11a/0x4e0 [ 2356.035197] ? security_socket_sendmsg+0x83/0xb0 [ 2356.040029] ? inet_recvmsg+0x4d0/0x4d0 [ 2356.044297] sock_sendmsg+0xb5/0x100 [ 2356.048008] ___sys_sendmsg+0x6c8/0x800 [ 2356.052028] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 2356.056783] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 2356.061814] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2356.066593] ? check_preemption_disabled+0x35/0x240 [ 2356.071630] ? __fget+0x1fe/0x360 [ 2356.075086] ? lock_downgrade+0x740/0x740 [ 2356.079274] ? sockfd_lookup_light+0xb2/0x160 [ 2356.084434] __sys_sendmsg+0xa3/0x120 [ 2356.090564] ? SyS_shutdown+0x160/0x160 [ 2356.094778] ? wait_for_completion_io+0x10/0x10 [ 2356.099482] ? SyS_read+0x210/0x210 [ 2356.103127] ? SyS_clock_settime+0x1a0/0x1a0 [ 2356.107552] SyS_sendmsg+0x27/0x40 [ 2356.111092] ? __sys_sendmsg+0x120/0x120 [ 2356.115617] do_syscall_64+0x1d5/0x640 [ 2356.119492] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2356.124789] RIP: 0033:0x45de29 [ 2356.128020] RSP: 002b:00007f35fe88cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2356.135952] RAX: ffffffffffffffda RBX: 0000000000028100 RCX: 000000000045de29 [ 2356.143218] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 2356.150483] RBP: 00007f35fe88cca0 R08: 0000000000000000 R09: 0000000000000000 [ 2356.158449] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000042 22:53:04 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r2, 0x0, r4, 0x0, 0x4ffe2, 0x0) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f511, &(0x7f0000000180)) r5 = syz_open_dev$vivid(&(0x7f0000000040)='/dev/video#\x00', 0x1, 0x2) ioctl$VIDIOC_ENUMOUTPUT(r5, 0xc0485630, &(0x7f0000000100)={0x1, "f07e3bdc368d773c2179c62337308cf27c92dad1e43c9fa0d15408f1cc608fa7", 0x3, 0x10001, 0xc52, 0x800000, 0x2}) 22:53:04 executing program 5: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) r3 = socket$netlink(0x10, 0x3, 0x0) sendmsg$IPCTNL_MSG_CT_GET_STATS_CPU(r3, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x14, 0x4, 0x1, 0x201, 0x0, 0x0, {0x0, 0x0, 0x8}, ["", "", "", ""]}, 0x14}}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800f25402991fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0) [ 2356.165743] R13: 00007fff731b57af R14: 00007f35fe88d9c0 R15: 000000000118bf2c 22:53:04 executing program 4 (fault-call:6 fault-nth:67): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x14) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(r0, 0x1ff) r1 = socket$inet_sctp(0x2, 0x801, 0x84) sendmsg(r1, &(0x7f0000000040)={&(0x7f0000000240)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x36}}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b2", 0xffe0}], 0x1, 0x0, 0x0, 0x9000004}, 0x0) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) [ 2356.230765] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=260 sclass=netlink_route_socket pid=13260 comm=syz-executor.5 [ 2356.379974] FAULT_INJECTION: forcing a failure. [ 2356.379974] name failslab, interval 1, probability 0, space 0, times 0 [ 2356.391604] CPU: 0 PID: 13270 Comm: syz-executor.4 Not tainted 4.14.198-syzkaller #0 [ 2356.399475] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2356.408826] Call Trace: [ 2356.411410] dump_stack+0x1b2/0x283 [ 2356.415051] should_fail.cold+0x10a/0x154 [ 2356.419222] should_failslab+0xd6/0x130 [ 2356.423207] kmem_cache_alloc_node+0x263/0x410 [ 2356.427772] __alloc_skb+0x5c/0x510 [ 2356.431397] _sctp_make_chunk+0x4e/0x460 [ 2356.435450] sctp_make_datafrag_empty+0x146/0x210 [ 2356.441147] ? sctp_make_ecne+0x1f0/0x1f0 [ 2356.445291] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 2356.450320] ? kmem_cache_alloc_trace+0x36c/0x3d0 [ 2356.455166] sctp_datamsg_from_user+0x5ea/0xdd0 [ 2356.459837] sctp_sendmsg+0x12ed/0x2cd0 [ 2356.463820] ? sctp_id2assoc+0x210/0x210 [ 2356.467903] ? rw_copy_check_uvector+0x1dd/0x2b0 [ 2356.472651] ? retint_kernel+0x2d/0x2d [ 2356.476534] ? selinux_socket_sendmsg+0x1d8/0x260 [ 2356.481367] ? selinux_socket_getpeername+0x260/0x260 [ 2356.487103] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2356.491872] inet_sendmsg+0x11a/0x4e0 [ 2356.495688] ? security_socket_sendmsg+0x83/0xb0 [ 2356.500459] ? inet_recvmsg+0x4d0/0x4d0 [ 2356.504444] sock_sendmsg+0xb5/0x100 [ 2356.508589] ___sys_sendmsg+0x6c8/0x800 [ 2356.512553] ? get_pid_task+0x91/0x130 [ 2356.516447] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 2356.521187] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 2356.526362] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2356.531106] ? check_preemption_disabled+0x35/0x240 [ 2356.536122] ? __fget+0x1fe/0x360 [ 2356.539581] ? lock_downgrade+0x740/0x740 [ 2356.543728] ? sockfd_lookup_light+0xb2/0x160 [ 2356.548205] __sys_sendmsg+0xa3/0x120 [ 2356.552180] ? SyS_shutdown+0x160/0x160 [ 2356.556161] ? wait_for_completion_io+0x10/0x10 [ 2356.560840] ? SyS_read+0x210/0x210 [ 2356.564467] SyS_sendmsg+0x27/0x40 [ 2356.568039] ? __sys_sendmsg+0x120/0x120 [ 2356.572116] do_syscall_64+0x1d5/0x640 [ 2356.576009] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2356.581199] RIP: 0033:0x45de29 [ 2356.584393] RSP: 002b:00007f35fe88cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2356.595488] RAX: ffffffffffffffda RBX: 0000000000028100 RCX: 000000000045de29 [ 2356.602760] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 2356.610049] RBP: 00007f35fe88cca0 R08: 0000000000000000 R09: 0000000000000000 [ 2356.617318] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000043 22:53:04 executing program 2: syz_genetlink_get_family_id$tipc(&(0x7f0000000000)='TIPC\x00') poll(0x0, 0x0, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$inet_udplite(0x2, 0x2, 0x88) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$KVM_GET_NESTED_STATE(r2, 0xc080aebe, &(0x7f0000000280)={{0x0, 0x0, 0x80}}) connect$inet6(r0, &(0x7f0000000080)={0xa, 0xfffe, 0x0, @private1, 0x6a}, 0x1c) r3 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_int(r3, 0x29, 0x48, &(0x7f0000000240)=0xd, 0x4) getsockopt$inet6_int(r3, 0x29, 0x48, 0x0, &(0x7f00007d0000)) ioctl$FS_IOC_GET_ENCRYPTION_NONCE(r3, 0x8010661b, &(0x7f0000000040)) [ 2356.624594] R13: 00007fff731b57af R14: 00007f35fe88d9c0 R15: 000000000118bf2c 22:53:04 executing program 4 (fault-call:6 fault-nth:68): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x14) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(r0, 0x1ff) r1 = socket$inet_sctp(0x2, 0x801, 0x84) sendmsg(r1, &(0x7f0000000040)={&(0x7f0000000240)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x36}}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b2", 0xffe0}], 0x1, 0x0, 0x0, 0x9000004}, 0x0) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) [ 2356.722064] FAULT_INJECTION: forcing a failure. [ 2356.722064] name failslab, interval 1, probability 0, space 0, times 0 [ 2356.735215] CPU: 0 PID: 13285 Comm: syz-executor.4 Not tainted 4.14.198-syzkaller #0 [ 2356.743163] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2356.752507] Call Trace: [ 2356.755110] dump_stack+0x1b2/0x283 [ 2356.758739] should_fail.cold+0x10a/0x154 [ 2356.762892] should_failslab+0xd6/0x130 [ 2356.766869] kmem_cache_alloc_node_trace+0x25a/0x400 [ 2356.772076] __kmalloc_node_track_caller+0x38/0x70 [ 2356.777046] __alloc_skb+0x96/0x510 [ 2356.780674] _sctp_make_chunk+0x4e/0x460 [ 2356.784736] sctp_make_datafrag_empty+0x146/0x210 [ 2356.789582] ? sctp_make_ecne+0x1f0/0x1f0 [ 2356.793752] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 2356.799478] ? kmem_cache_alloc_trace+0x36c/0x3d0 [ 2356.804345] sctp_datamsg_from_user+0x5ea/0xdd0 [ 2356.809024] sctp_sendmsg+0x12ed/0x2cd0 [ 2356.813010] ? sctp_id2assoc+0x210/0x210 [ 2356.817069] ? retint_kernel+0x2d/0x2d [ 2356.820969] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 2356.826809] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2356.831578] ? check_preemption_disabled+0x35/0x240 [ 2356.837402] inet_sendmsg+0x11a/0x4e0 [ 2356.841194] ? security_socket_sendmsg+0x83/0xb0 [ 2356.845958] ? inet_recvmsg+0x4d0/0x4d0 [ 2356.849924] sock_sendmsg+0xb5/0x100 [ 2356.853628] ___sys_sendmsg+0x6c8/0x800 [ 2356.857594] ? get_pid_task+0x91/0x130 [ 2356.861484] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 2356.866236] ? lock_downgrade+0x740/0x740 [ 2356.870398] ? __fget+0x1fe/0x360 [ 2356.873844] ? lock_acquire+0x170/0x3f0 [ 2356.877808] ? lock_downgrade+0x740/0x740 [ 2356.881963] ? sockfd_lookup_light+0xb2/0x160 [ 2356.886451] __sys_sendmsg+0xa3/0x120 [ 2356.890244] ? SyS_shutdown+0x160/0x160 [ 2356.894213] ? wait_for_completion_io+0x10/0x10 [ 2356.898882] ? SyS_read+0x210/0x210 [ 2356.902588] ? SyS_clock_settime+0x1a0/0x1a0 [ 2356.906990] SyS_sendmsg+0x27/0x40 [ 2356.910520] ? __sys_sendmsg+0x120/0x120 [ 2356.914568] do_syscall_64+0x1d5/0x640 [ 2356.918450] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2356.923629] RIP: 0033:0x45de29 [ 2356.926813] RSP: 002b:00007f35fe88cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2356.934510] RAX: ffffffffffffffda RBX: 0000000000028100 RCX: 000000000045de29 [ 2356.942554] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 2356.949816] RBP: 00007f35fe88cca0 R08: 0000000000000000 R09: 0000000000000000 [ 2356.957086] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000044 [ 2356.964346] R13: 00007fff731b57af R14: 00007f35fe88d9c0 R15: 000000000118bf2c 22:53:05 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) r5 = syz_open_dev$vcsn(&(0x7f0000000040)='/dev/vcs#\x00', 0x5af, 0x8040) bind$unix(r5, &(0x7f0000000100)=@abs={0x0, 0x0, 0x4e24}, 0x6e) r6 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$FS_IOC_GETFSMAP(r6, 0xc0c0583b, &(0x7f0000000240)={0x0, 0x0, 0x1, 0x0, [], [{0x6, 0x3, 0x80000000, 0x80000001, 0x56}, {0x7, 0x7, 0x60b91b1c, 0xa6e, 0x8, 0x200}], [[]]}) close(r4) socket$netlink(0x10, 0x3, 0x0) getsockopt$inet_dccp_buf(r2, 0x21, 0xc, &(0x7f0000000340)=""/4096, &(0x7f0000000180)=0x1000) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="080000005bd5de0f239f9f10001fff00", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r2, 0x0, r4, 0x0, 0x4ffe2, 0x0) r7 = shmget$private(0x0, 0x400000, 0x0, &(0x7f000000e000/0x400000)=nil) shmat(r7, &(0x7f0000000000/0x13000)=nil, 0x0) r8 = shmget$private(0x0, 0x3000, 0x1, &(0x7f0000ffa000/0x3000)=nil) shmat(r8, &(0x7f00002c0000/0x3000)=nil, 0x8bd0d4b7ce1a2907) shmctl$SHM_STAT(r7, 0xd, &(0x7f0000001340)=""/155) 22:53:05 executing program 5: syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="7000000090a750022fb55eea5b9ade3a3e303db2", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0) [ 2357.133677] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=42896 sclass=netlink_route_socket pid=13301 comm=syz-executor.5 22:53:07 executing program 3: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="1f5583624999c4665398664c3fd64362f39caf1701d25c2fd6d42bce84c2e238b5eae719fd6321452d791cc0576c8624862bd395fea6432d69e5cc27d7b0ca5e61ca9791d9da035fcb039c7c6138b7c754ff41c5d3cd1b6eabd323eb69bf5ec29954197b5564e6ac851909cf99421f46b04fff0c935433e6691f8b25bee7df03b08db40ba73ac381dd4dea5dac2707112e51a13a19863b5e2e3300bbd04055fff98a5c92c4b0b0deb44d872aa7bb025d0118d0e12363949f0f52917f95dc079f7c82a8e9eb1c1c840ec3dc93d87be6f6ed2195", 0xd3}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) ptrace$cont(0x1f, r0, 0x0, 0x0) 22:53:07 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_udp(0x2, 0x2, 0x0) close(r4) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r3, &(0x7f0000000000)=ANY=[], 0xfffffecc) r5 = signalfd(r0, &(0x7f0000000040)={[0x100000000]}, 0x8) sendmsg$IPCTNL_MSG_CT_NEW(r5, &(0x7f0000000280)={&(0x7f0000000100), 0xc, &(0x7f0000000240)={&(0x7f0000000140)={0x8c, 0x0, 0x1, 0x102, 0x0, 0x0, {0x7, 0x0, 0x5}, [@CTA_STATUS={0x8, 0x3, 0x1, 0x0, 0x4}, @CTA_LABELS_MASK={0x14, 0x17, [0x5, 0x10000, 0x8, 0x7]}, @CTA_PROTOINFO={0x38, 0x4, 0x0, 0x1, @CTA_PROTOINFO_SCTP={0x34, 0x3, 0x0, 0x1, [@CTA_PROTOINFO_SCTP_VTAG_ORIGINAL={0x8, 0x2, 0x1, 0x0, 0x2}, @CTA_PROTOINFO_SCTP_VTAG_REPLY={0x8, 0x3, 0x1, 0x0, 0xffffff91}, @CTA_PROTOINFO_SCTP_VTAG_REPLY={0x8, 0x3, 0x1, 0x0, 0x401}, @CTA_PROTOINFO_SCTP_VTAG_REPLY={0x8, 0x3, 0x1, 0x0, 0x8001}, @CTA_PROTOINFO_SCTP_VTAG_ORIGINAL={0x8, 0x2, 0x1, 0x0, 0x1}, @CTA_PROTOINFO_SCTP_STATE={0x5, 0x1, 0xc8}]}}, @CTA_LABELS_MASK={0x1c, 0x17, [0x1000, 0x0, 0x7, 0x3, 0x4, 0x8]}, @CTA_ID={0x8, 0xc, 0x1, 0x0, 0x1}]}, 0x8c}, 0x1, 0x0, 0x0, 0x50}, 0x800) splice(r2, 0x0, r4, 0x0, 0x4ffe2, 0x0) 22:53:07 executing program 4 (fault-call:6 fault-nth:69): r0 = socket$inet6(0xa, 0x5, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x14) perf_event_open(&(0x7f0000001340)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(r0, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c) listen(r0, 0x1ff) r1 = socket$inet_sctp(0x2, 0x801, 0x84) sendmsg(r1, &(0x7f0000000040)={&(0x7f0000000240)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x36}}, 0x80, &(0x7f0000000180)=[{&(0x7f00000000c0)="b2", 0xffe0}], 0x1, 0x0, 0x0, 0x9000004}, 0x0) syz_mount_image$iso9660(&(0x7f0000000000)='iso9660\x00', 0x0, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0) 22:53:07 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x40, 0x0, 0x4, 0x70bd2b, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0xa2d0}, @IPVS_CMD_ATTR_DEST={0x24, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_TUN_FLAGS={0x6}, @IPVS_DEST_ATTR_TUN_FLAGS={0x6, 0xf, 0x101}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x7}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x7d42}]}]}, 0x40}, 0x1, 0x0, 0x0, 0x20}, 0x0) r2 = socket(0x0, 0x0, 0x0) poll(0x0, 0x0, 0x0) r3 = socket$inet6_sctp(0xa, 0x1, 0x84) connect$inet6(r3, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) sendmsg$SMC_PNETID_GET(r2, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, 0x0, 0x200, 0x70bd2c, 0x8, {}, [@SMC_PNETID_IBPORT={0x5, 0x4, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8044}, 0x0) 22:53:07 executing program 1: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = socket$inet_udp(0x2, 0x2, 0x0) r3 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0) r4 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r4, 0x84, 0x6e, &(0x7f0000000080)=[@in6={0xa, 0x0, 0x0, @private1}, @in={0x2, 0x0, @loopback}], 0x2c) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r4, 0x84, 0x1d, &(0x7f0000000900)={0x1, [0x0]}, &(0x7f0000000940)=0x8) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r4, 0x84, 0x1f, &(0x7f0000000100)={r5, @in6={{0xa, 0x0, 0x0, @empty}}}, 0x90) getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r3, 0x84, 0x13, &(0x7f0000000100)={r5}, &(0x7f0000000140)=0x8) close(r2) socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}, 0x1, 0x0, 0x0, 0x4000010}, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0) 22:53:07 executing program 5: pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$F2FS_IOC_GET_FEATURES(r0, 0x8004f50c, &(0x7f0000000040)) r2 = socket$inet_udp(0x2, 0x2, 0x0) close(r2) socket$netlink(0x10, 0x3, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(r1, 0xc0206434, &(0x7f0000000100)={0x8, 0x0, 0x10000}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x44, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff000005000000000000000000", @ANYRES32, @ANYBLOB="1f00000000421800280012800a00010076786c616e00000018000280140010"], 0x3}}, 0x0) write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc) r3 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_int(r3, 0x29, 0x4b, &(0x7f0000000240)=0xd, 0x4) getsockopt$inet6_int(r3, 0x29, 0x48, 0x0, &(0x7f00007d0000)) r4 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_int(r4, 0x29, 0x48, &(0x7f0000000240)=0xd, 0x4) getsockopt$inet6_int(r4, 0x29, 0x48, 0x0, &(0x7f00007d0000)) splice(r4, 0x0, r3, 0x0, 0xfbfffffffffffffa, 0x10) [ 2358.866161] FAULT_INJECTION: forcing a failure. [ 2358.866161] name failslab, interval 1, probability 0, space 0, times 0 [ 2358.882109] CPU: 0 PID: 13318 Comm: syz-executor.4 Not tainted 4.14.198-syzkaller #0 [ 2358.890012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2358.899370] Call Trace: [ 2358.901961] dump_stack+0x1b2/0x283 [ 2358.905589] should_fail.cold+0x10a/0x154 [ 2358.909737] should_failslab+0xd6/0x130 [ 2358.913709] kmem_cache_alloc_node_trace+0x25a/0x400 [ 2358.918810] __kmalloc_node_track_caller+0x38/0x70 [ 2358.923770] __alloc_skb+0x96/0x510 [ 2358.927391] _sctp_make_chunk+0x4e/0x460 [ 2358.931454] sctp_make_datafrag_empty+0x146/0x210 [ 2358.936285] ? sctp_make_ecne+0x1f0/0x1f0 [ 2358.940421] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 2358.945430] ? kmem_cache_alloc_trace+0x36c/0x3d0 [ 2358.950277] sctp_datamsg_from_user+0x5ea/0xdd0 [ 2358.954948] sctp_sendmsg+0x12ed/0x2cd0 [ 2358.958924] ? sctp_id2assoc+0x210/0x210 [ 2358.962974] ? rw_copy_check_uvector+0x15e/0x2b0 [ 2358.967728] ? rw_copy_check_uvector+0x1dd/0x2b0 [ 2358.972491] ? selinux_socket_sendmsg+0x1d8/0x260 [ 2358.977326] ? selinux_socket_getpeername+0x260/0x260 [ 2358.982518] ? kernel_recvmsg+0x210/0x210 [ 2358.987265] inet_sendmsg+0x11a/0x4e0 [ 2358.991067] ? security_socket_sendmsg+0x83/0xb0 [ 2358.995810] ? inet_recvmsg+0x4d0/0x4d0 [ 2358.999772] sock_sendmsg+0xb5/0x100 [ 2359.003479] ___sys_sendmsg+0x6c8/0x800 [ 2359.007457] ? get_pid_task+0x91/0x130 [ 2359.011332] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 2359.016102] ? mark_held_locks+0xa6/0xf0 [ 2359.020265] ? retint_kernel+0x2d/0x2d [ 2359.024176] ? __fget+0x1fe/0x360 [ 2359.027621] ? lock_acquire+0x170/0x3f0 [ 2359.031592] ? lock_downgrade+0x740/0x740 [ 2359.035743] ? sockfd_lookup_light+0xb2/0x160 [ 2359.040231] __sys_sendmsg+0xa3/0x120 [ 2359.044027] ? SyS_shutdown+0x160/0x160 [ 2359.048002] SyS_sendmsg+0x27/0x40 [ 2359.051529] ? __sys_sendmsg+0x120/0x120 [ 2359.055583] do_syscall_64+0x1d5/0x640 [ 2359.059468] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2359.064649] RIP: 0033:0x45de29 [ 2359.067858] RSP: 002b:00007f35fe88cc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 2359.076360] RAX: ffffffffffffffda RBX: 0000000000028100 RCX: 000000000045de29 [ 2359.083625] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005 [ 2359.090891] RBP: 00007f35fe88cca0 R08: 0000000000000000 R09: 0000000000000000 [ 2359.098166] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000045 [ 2359.105438] R13: 00007fff731b57af R14: 00007f35fe88d9c0 R15: 000000000118bf2c [ 2359.140565] kasan: CONFIG_KASAN_INLINE enabled [ 2359.155502] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 2359.174014] general protection fault: 0000 [#1] PREEMPT SMP KASAN [ 2359.180272] Modules linked in: [ 2359.183469] CPU: 1 PID: 13335 Comm: syz-executor.1 Not tainted 4.14.198-syzkaller #0 [ 2359.191344] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2359.200708] task: ffff8880558e6480 task.stack: ffff88804a508000 [ 2359.206776] RIP: 0010:__vxlan_dev_create+0x5d6/0x970 [ 2359.211886] RSP: 0018:ffff88804a50f178 EFLAGS: 00010a02 [ 2359.217337] RAX: dffffc0000000000 RBX: 1ffff110094a1e31 RCX: ffffc90008710000 [ 2359.224602] RDX: 1bd5a00000000040 RSI: ffffffff83e98884 RDI: ffff888088026c08 [ 2359.231868] RBP: 0000000000000000 R08: ffffffff8a0a99f8 R09: 0000000000000000 [ 2359.240091] R10: 0000000000000000 R11: 0000000000000000 R12: 00000000fffffff0 [ 2359.247356] R13: ffff888088026c00 R14: dead000000000200 R15: ffff88804cc30cc0 [ 2359.254617] FS: 00007f4e1a404700(0000) GS:ffff8880aeb00000(0000) knlGS:0000000000000000 [ 2359.262836] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 2359.268716] CR2: 00007f99fea47db8 CR3: 000000008b04c000 CR4: 00000000001406e0 [ 2359.276007] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 2359.283281] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 2359.290541] Call Trace: [ 2359.293119] ? vxlan_fdb_add+0x2e0/0x2e0 [ 2359.297171] ? vxlan_setup+0x460/0x460 [ 2359.301038] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 2359.306055] ? kmem_cache_alloc_node_trace+0x383/0x400 [ 2359.311321] vxlan_newlink+0xa3/0xe0 [ 2359.315040] ? __vxlan_dev_create+0x970/0x970 [ 2359.319545] ? rtnl_create_link+0x129/0x890 [ 2359.325160] rtnl_newlink+0xf88/0x1830 [ 2359.329061] ? __lock_acquire+0x5fc/0x3f20 [ 2359.333325] ? __vxlan_dev_create+0x970/0x970 [ 2359.337821] ? kmem_cache_free+0x7c/0x2b0 [ 2359.341959] ? rtnl_dellink+0x6a0/0x6a0 [ 2359.345927] ? trace_hardirqs_on+0x10/0x10 [ 2359.350147] ? lock_acquire+0x170/0x3f0 [ 2359.354153] ? lock_acquire+0x170/0x3f0 [ 2359.358121] ? lock_downgrade+0x740/0x740 [ 2359.362257] ? rtnl_dellink+0x6a0/0x6a0 [ 2359.366223] rtnetlink_rcv_msg+0x3be/0xb10 [ 2359.370436] ? rtnl_calcit.isra.0+0x3a0/0x3a0 [ 2359.374920] ? netdev_pick_tx+0x2e0/0x2e0 [ 2359.379067] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 2359.384084] netlink_rcv_skb+0x125/0x390 [ 2359.388152] ? rtnl_calcit.isra.0+0x3a0/0x3a0 [ 2359.392630] ? netlink_ack+0x9a0/0x9a0 [ 2359.396508] netlink_unicast+0x437/0x610 [ 2359.400560] ? netlink_sendskb+0xd0/0xd0 [ 2359.404601] netlink_sendmsg+0x62e/0xb80 [ 2359.408670] ? nlmsg_notify+0x170/0x170 [ 2359.412632] ? security_socket_sendmsg+0x83/0xb0 [ 2359.417376] ? nlmsg_notify+0x170/0x170 [ 2359.421342] sock_sendmsg+0xb5/0x100 [ 2359.425041] sock_no_sendpage+0xe2/0x110 [ 2359.429090] ? __sk_mem_schedule+0xd0/0xd0 [ 2359.433303] ? __sk_mem_schedule+0xd0/0xd0 [ 2359.437537] sock_sendpage+0xdf/0x140 [ 2359.441319] pipe_to_sendpage+0x226/0x2d0 [ 2359.445454] ? sockfs_setattr+0x140/0x140 [ 2359.449609] ? direct_splice_actor+0x160/0x160 [ 2359.454194] __splice_from_pipe+0x326/0x7a0 [ 2359.458502] ? direct_splice_actor+0x160/0x160 [ 2359.463081] generic_splice_sendpage+0xc1/0x110 [ 2359.467726] ? vmsplice_to_user+0x1b0/0x1b0 [ 2359.472037] ? rw_verify_area+0xe1/0x2a0 [ 2359.476108] ? vmsplice_to_user+0x1b0/0x1b0 [ 2359.480424] SyS_splice+0xd59/0x1380 [ 2359.484193] ? compat_SyS_vmsplice+0x150/0x150 [ 2359.488953] ? SyS_clock_settime+0x1a0/0x1a0 [ 2359.493345] ? do_syscall_64+0x4c/0x640 [ 2359.497301] ? compat_SyS_vmsplice+0x150/0x150 [ 2359.501862] do_syscall_64+0x1d5/0x640 [ 2359.507431] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 2359.512619] RIP: 0033:0x45de29 [ 2359.515789] RSP: 002b:00007f4e1a403c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 2359.523490] RAX: ffffffffffffffda RBX: 00000000000350c0 RCX: 000000000045de29 [ 2359.530764] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000003 [ 2359.538026] RBP: 000000000118c0c8 R08: 000000000004ffe2 R09: 0000000000000000 [ 2359.545283] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000118c07c [ 2359.552531] R13: 00007ffc5d77ad2f R14: 00007f4e1a4049c0 R15: 000000000118c07c [ 2359.559782] Code: 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 09 03 00 00 48 b8 00 00 00 00 00 fc ff df 4d 8b 75 08 4c 89 f2 48 c1 ea 03 <80> 3c 02 00 0f 85 dd 02 00 00 49 89 2e 4d 8d 7d 10 48 85 ed 0f [ 2359.578888] RIP: __vxlan_dev_create+0x5d6/0x970 RSP: ffff88804a50f178 [ 2359.595056] ---[ end trace 29a53fae68b6d2df ]--- [ 2359.599833] Kernel panic - not syncing: Fatal exception [ 2359.606227] Kernel Offset: disabled [ 2359.609836] Rebooting in 86400 seconds..