k2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000040)=""/21)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000400))
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0x289}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:05 executing program 5:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
clock_gettime(0x1, &(0x7f0000000300))
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f00000007c0)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x2)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

[  179.764284] binder: 20923:20926 got transaction with invalid offset (0, min 24 max 40) or object.
[  179.777127] binder: 20923:20926 transaction failed 29201/-22, size 40-16 line 3026
2018/03/30 10:05:05 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x0, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:05 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r9, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}], 0x3, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

[  179.870911] binder_alloc: 20923: binder_alloc_buf, no vma
[  179.876634] binder: 20923:20947 transaction failed 29189/-3, size 40-16 line 2963
2018/03/30 10:05:05 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x0, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:05 executing program 5:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x2)
pkey_free(r6)
r7 = accept(r0, &(0x7f00000007c0)=@sco, &(0x7f0000504ffc)=0x5)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:05 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r9, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}], 0x3, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

[  179.914144] binder: BINDER_SET_CONTEXT_MGR already set
[  179.937477] binder: 20923:20926 ioctl 40046207 0 returned -16
2018/03/30 10:05:05 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x0, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:05 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r9, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}], 0x3, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

2018/03/30 10:05:05 executing program 6:
r0 = syz_open_dev$binder(&(0x7f0000236ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
tee(r0, r0, 0x4000000000000001, 0x4)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
pipe(&(0x7f00000001c0)={<r1=>0xffffffffffffffff})
ioctl$TUNATTACHFILTER(r1, 0x401054d5, &(0x7f0000000580)={0x4, &(0x7f00000004c0)=[{0x5, 0x2, 0x74, 0x4}, {0x0, 0x8000, 0xffffffffffff0001, 0x8}, {0x3, 0x2, 0x8000, 0xffffffffffffff78}, {0x9, 0x7c8a, 0x6, 0x5}]})
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008000)={0x44, 0x0, &(0x7f0000004fbc)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x28, 0x10, &(0x7f000026c000)=[@ptr={0x73622a85, 0x0, &(0x7f00004edf8a), 0x1}], &(0x7f000000afd0)=[0x0, 0x0]}}], 0x0, 0x0, &(0x7f0000009000)})
setns(r0, 0x8000000)
r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x0, 0x0)
r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DEST(r2, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x6c, r3, 0x100, 0x70bd29, 0x25dfdbfb, {0x5}, [@IPVS_CMD_ATTR_DAEMON={0x58, 0x3, [@IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @local={0xfe, 0x80, [], 0xaa}}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @local={0xfe, 0x80, [], 0xaa}}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x1f}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e24}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast2={0xff, 0x2, [], 0x1}}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0x4}, 0x20040004)
fcntl$F_GET_FILE_RW_HINT(r1, 0x40d, &(0x7f0000000300))
ioctl$sock_inet_SIOCSIFPFLAGS(r1, 0x8934, &(0x7f0000000280)={'ip6gre0\x00', 0x2e})
syz_open_pts(r2, 0x2000)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000400)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DEST(r0, &(0x7f0000000540)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x2000400}, 0xc, &(0x7f0000000500)={&(0x7f0000000440)={0x78, r4, 0x0, 0x70bd2c, 0x25dfdbfb, {0x5}, [@IPVS_CMD_ATTR_SERVICE={0x4, 0x1}, @IPVS_CMD_ATTR_DAEMON={0x4c, 0x3, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x4}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e21}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'ipddp0\x00'}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0xffff}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast1={0xff, 0x1, [], 0x1}}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}]}, @IPVS_CMD_ATTR_DEST={0x14, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0xfff}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x9}]}]}, 0x78}, 0x1, 0x0, 0x0, 0x10}, 0x4)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000240)='IPVS\x00')
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000340)={&(0x7f00000005c0)=ANY=[@ANYBLOB="b021166b48e3d5d6938fe924eb08a7c8bfd16f98e59920fe592df2f887866f4a17392aa2db1637e00f360737bd1d037b0cfcada487c5b99f3b2a1701a4a8e941c0828dfc40a7da6cf5623cc380cf21f80b5731791f14f4be0fed25ed731308a9a41106b6410f3eb4c43b19a2abe223efbff19dad8aedf3587ff69dba98167c5441456256172329"], 0x1}, 0x1, 0x0, 0x0, 0x4}, 0x0)
nanosleep(&(0x7f00000002c0), 0x0)

[  180.037573] binder: undelivered TRANSACTION_ERROR: 29189
[  180.043390] binder: undelivered TRANSACTION_ERROR: 29201
[  180.072211] binder: 20974:20976 got transaction with invalid offset (0, min 24 max 40) or object.
2018/03/30 10:05:05 executing program 5:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0x8001, 0x101800)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x2)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:05 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r9, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

[  180.092269] binder: 20974:20976 transaction failed 29201/-22, size 40-16 line 3026
[  180.194521] binder_alloc: 20974: binder_alloc_buf, no vma
[  180.200218] binder: 20974:20989 transaction failed 29189/-3, size 40-16 line 2963
[  180.212549] binder: BINDER_SET_CONTEXT_MGR already set
[  180.219744] binder: 20974:20976 ioctl 40046207 0 returned -16
[  180.300876] binder: undelivered TRANSACTION_ERROR: 29189
[  180.306833] binder: undelivered TRANSACTION_ERROR: 29201
2018/03/30 10:05:06 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x0, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:06 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r9, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

2018/03/30 10:05:06 executing program 6:
r0 = syz_open_dev$binder(&(0x7f0000236ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
tee(r0, 0xffffffffffffffff, 0x1, 0x4)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
pipe(&(0x7f00000001c0)={<r1=>0xffffffffffffffff})
ioctl$TUNATTACHFILTER(r1, 0x401054d5, &(0x7f0000000580)={0x4, &(0x7f00000004c0)=[{0x5, 0x2, 0x74, 0x4}, {0x0, 0x8000, 0xffffffffffff0001, 0x8}, {0x3, 0x2, 0x8000, 0xffffffffffffff78}, {0x9, 0x7c8a, 0x6, 0x5}]})
creat(&(0x7f00000002c0)='./file0\x00', 0x100)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008000)={0x44, 0x0, &(0x7f0000004fbc)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x28, 0x10, &(0x7f000026c000)=[@ptr={0x73622a85, 0x0, &(0x7f00004edf8a), 0x1}], &(0x7f000000afd0)=[0x0, 0x0]}}], 0x0, 0x0, &(0x7f0000009000)})
setns(r0, 0x8000000)
r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x0, 0x0)
r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DEST(r2, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x6c, r3, 0x100, 0x70bd29, 0x25dfdbfb, {0x5}, [@IPVS_CMD_ATTR_DAEMON={0x58, 0x3, [@IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @local={0xfe, 0x80, [], 0xaa}}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @local={0xfe, 0x80, [], 0xaa}}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x1f}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e24}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast2={0xff, 0x2, [], 0x1}}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0x4}, 0x20040004)
syz_open_pts(r2, 0x2000)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000400)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DEST(r0, &(0x7f0000000540)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x2000400}, 0xc, &(0x7f0000000500)={&(0x7f0000000440)={0x78, r4, 0x0, 0x70bd2c, 0x25dfdbfb, {0x5}, [@IPVS_CMD_ATTR_SERVICE={0x4, 0x1}, @IPVS_CMD_ATTR_DAEMON={0x4c, 0x3, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x4}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e21}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'ipddp0\x00'}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0xffff}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast1={0xff, 0x1, [], 0x1}}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}]}, @IPVS_CMD_ATTR_DEST={0x14, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0xfff}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x9}]}]}, 0x78}, 0x1, 0x0, 0x0, 0x10}, 0x4)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000240)='IPVS\x00')
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000280)=ANY=[@ANYBLOB="80000000"], 0x1}, 0x1, 0x0, 0x0, 0x4}, 0x0)

2018/03/30 10:05:06 executing program 2:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
r2 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
fcntl$F_SET_FILE_RW_HINT(r0, 0x40e, &(0x7f0000000480)=0x6)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000040)=""/21)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000400))
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0x289}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))
setsockopt$RDS_CONG_MONITOR(r0, 0x114, 0x6, &(0x7f0000000000), 0x4)

2018/03/30 10:05:06 executing program 4:
syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r0 = getpgrp(0x0)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
process_vm_readv(r0, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}], 0x1, 0x0)
ptrace$getregset(0x4204, r0, 0x0, &(0x7f0000000000)={&(0x7f00000007c0)=""/200, 0xc8})
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:06 executing program 0:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0xfffffd62, &(0x7f0000000000)=0x8)
r2 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000040)=""/21)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000400))
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0x289}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))
getsockname(r0, &(0x7f0000002dc0)=@hci={0x0, <r3=>0x0}, &(0x7f0000002e40)=0x80)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000002e80)={'ifb0\x00', r3})

2018/03/30 10:05:06 executing program 5:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000080)='./file2\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3c, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5290700000095f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x513, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000a00)={0xa, 0x4e23}, 0x1c)
listen(r2, 0x4008002)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x4, @loopback={0x0, 0x1}, 0x6}, 0x1c)
getsockopt$netrom_NETROM_T2(r2, 0x103, 0x2, &(0x7f0000000840)=0xd4e8, &(0x7f00000009c0)=0x4)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
r6 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
socket$vsock_dgram(0x28, 0x2, 0x0)
r7 = pkey_alloc(0x0, 0x2)
pkey_free(r7)
ioctl$KVM_SET_VAPIC_ADDR(r6, 0x4008ae93, &(0x7f0000000940))
getsockopt$inet_sctp6_SCTP_MAX_BURST(r3, 0x84, 0x14, &(0x7f0000000980)=@assoc_value, &(0x7f0000000880)=0x8)
r8 = accept(r5, &(0x7f00000008c0)=@sco, &(0x7f0000504ffc)=0x80)
getsockopt$sock_timeval(r8, 0x1, 0x0, &(0x7f00000007c0), &(0x7f0000000800)=0x10)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000a40)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:06 executing program 3:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x0, 0x4001)
ioctl$TIOCGSID(r0, 0x5429, &(0x7f0000000400)=<r1=>0x0)
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000a40)={{{@in6=@mcast2, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in=@local}, 0x0, @in=@broadcast}}, &(0x7f0000000600)=0xe8)
ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f00000059c0)=<r3=>0x0)
lstat(&(0x7f0000005a00)='./file0\x00', &(0x7f0000005a40)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
r5 = getgid()
sendmsg$netlink(r0, &(0x7f0000005b40)={&(0x7f0000000000)=@proc={0x10, 0x0, 0x25dfdbfe, 0x800}, 0xc, &(0x7f0000005940)=[{&(0x7f0000000480)={0x18, 0x2d, 0x100, 0x70bd2d, 0x25dfdbff, "", [@typed={0x8, 0x88, @pid=r1}]}, 0x18}, {&(0x7f00000004c0)={0x3c, 0x32, 0x8, 0x70bd26, 0x25dfdbfd, "", [@generic="1c04c1799c10a9a0c1760d57041a85ff9cb8a7285fe9e700d7f4a56d210bea3394e72c36f5f0ae7bb961"]}, 0x3c}, {&(0x7f0000000b40)={0x13a8, 0x27, 0x20, 0x70bd26, 0x25dfdbfd, "", [@generic="4a687774cc62a644cf5a5b765bbf268ac3b1dc02ce5c5eea4b6d1f684b899d512286312f3570003f62aa747e7eb7cf3061a1da155f1465dde7d1e7dc202ca668cfdae3f242b08bd462d4f979664b7b5ea3f61377c8247d36c5692714f2bcf444cd96a0c8c1a42d66e4308ec7f71a8a0a8dda7d4e2638a238932356f650937b63a8fc4e2f70b47db8f5e3e031293cbd01c85b6cae00d4e220725f1e9ed898f43488dc0a0e9a6f92607de8db12c8de8a4c2f58d6c79d08589777", @generic="4641bb12f38e88896a6745c3889889b5efa5acb6e1de16fafefcbdc4c1d26fc29c80568d229b88ca3e1acc7e6d20f93dc15a62f111f2647314064b02bd06411db9c9372f5ce9e4078e8eb6c0ba507afddd5b8626a80fead3c5e5e10245a51afa5d63adf44101f48660d0a64a4edfff441a9addbede44bf19d7ed6839f08adab86f6fb55d35760c425963fb13632b005e2512821128f94f7e56b77e8f3a6aadd70ccaf236f1800d15bc7ada05c94c8a8ccc0b4ef5c8cc8fbe5a3e256ab8236a8a30e7055aa3bbdaa5ec4ab7f80a33f14813f6c2c61c14fb", @nested={0x1144, 0x7f, [@typed={0x8, 0x77, @uid=r2}, @typed={0x8, 0x18, @u32=0x6}, @generic="925be4b5205a6f919a0224abd43f87a1f3504d499add29bb8b8bbfad9275d2a43a9dcd62bf397c7aea983b6f74b2ab704b28279a7356cef4c24cc2062452d2440ae2478fa6c6ca01543206a26c0e249350305ccafa1bbf5469dd2ac294e96f7e8d09612e8c1bd151091b164cec271a47fcdc3f3e8d7afd7b2eb927325889b2a5e2a746459be7bc9125957ff9045f2672b8d248aaf5835fd5cccc799f6e1ce0fcfb4eea96e008973254b6e8ce82dc721b642673e9b4d615695d717bf9fcc52f5a7d87142ca1e841ff1867fb7dd03aba51279ec9f2101275b95f91a1ff073e738de963853c68b1454cf02b84fef830551f29979dcc94051dbc25dba14929698d11defcdfc996681fdae0a878579e65f8897a267f3aab70edebf542fe72da44f3055ae8332d7bc319e6bc54e72b5c924ab5c5adfceb0198d170af7274467d0e213ed1c81103ac3c345840f2a599cdc15a2adc81c72367ed08861348c08f2bd6766956d8c8e680e9c06c0a4abc41bc93e62c424fdbd0f0289b27df2bb69e172b42e7c569fd397c4fd5606c40ac8ca66c90fda89fae876255b0f4c0827e630193eedd327223c3a8d2dfe5fb74db63733402c2fe41f304903e6c442696b8dc54e2ac1865b305722dce71f3283cb53a12d4b298946e12eee41157f75d4ddd07c02a9db5658acac9503524f7ca878bf07d5df5f21d24ce3313747b3783e2ac9214b5aa2f25f3e4285861116cb1eda8310884a8b27b961f4a53c64f2534846353fd8aafaf81855a7083bf66afb21157f935dd5af4b69dd77e274c55a175a6d5505cfe851de96a2d0f4cc978df7c58d31c2f61863aed0b978107fd134ff71a42e359b403ec86c136e77dd67fa38838f395ceb37869baa42263c3a9a44bf8caf84eb78f3821ca0fb19b0a6ca385c01b9b2a51c39c8d10ed0370904a4497ad2f46d0de78b19ae0f02f554e2d560526c724eb7225263e0d8f3d1dde672748c22637704de3b28fcc606f7f1f6290765f3ce3a5036f2aa8f5a5f293ed2a4a9fac4f6f0ec3c57a953fdab3aed6a1a27d8ddc47e266e79c5688ad35bf4daf0bf1c34427f90d5e59f04007baaf3caba7d0ee6bb02f6e86d00f5598dc99ff6ecb6edd2de6a4f637de253a90c3c13295c6688c2f02338db7dcd64e4b776a83f879c54153105e38a96a44573cda3f2f6c9845cdfaa5ce81b11dafb58736c1146a859eba1ea1fd86bd736536cdd42eea26d7f3f87072e048513d7e1306fbe2576ac174e586aacddac1b8d252edd19d27dd90609fe0f655e00144fdcec6fab333dbdd52f83461183873016d5621f0b0adc4a3848952c8139138a38d1ba813964357b46a4de65650c1e98f7d17d675bd069ed431927f67f404340ff4dfa73160a8bb8a70a115dbfad14656ef12f2df6ee3c28bb7df59dc157b54c22235ed621603869563000b40487555c4cfc8ab71dd922c9406669fa89a2e0f205832340c4beda9efcd66a74804111a9f36c35b0a09677061f3aa9367f979a9cf73934c7fa7d28a8c24b56a36c35e2a6c41611815c8a0a8f0444ccd448ebb2d9b8868266feeb3aba41c277a8cb9832be143a299b08f2226d7378b624faa812e70effb561728f53a4b0b775bc36f6bf801bf036d777fa2be1a74853d80e0aa34b56f70296cf9ea7c7f050775305253661e2e67fbd6477cacba5aabcb51917abfadef79eda3f7adc0149b9fcb3521c895252a4e528f906dc2fa3ca2417b24043a53492139393966abeaccfc8bcd1e833c55d90491423bcd4b414a8b3c402dbd6ed366dd15636fb9275938e62529ba8e2ceea3126543b1445a8cbb2a25f6b36e9c93d15e06c95045b974572d9e10f57de19fecb9a1b42cae7e1f4f0a494d4c733bc394dcb5eff734b20f0e431aa12bbef33e0f4e47fa554874081900fd4c9daafa81f5ef96d86278ab99b48874c651ec151edb8f23d5ac995a7b9387d8a9fa40543b37db7f32affded94b564710746e16054aa80bf174abdbba2d73b7a8f512748ce4f0b7bd8fa781b835bc7969bb88915780dab4a699c6583c24dffac44b1047116d3b69ebcebb2024a75794dc8d74eee24e3bc4e1c8d1e85b30c0b11ac7e73061439304a35e7fa2f36e0c34d0e56e6bd0ca637f3d76017f70c8aacf2e0ae20c73a23a0fe447616ab9e397fed5578a1bfdb2988cec610345dace38bae39baf331ba0a4b25fc8608f8c4daa28075b89cfd19aaa8d4c3d0ef19eb07d79592142a8dd67f94ea025ce738eec064e6441e92ca2bd587bc24d2b9bf69ef671f2f1c80811574fcb05efedcded709254146c1f26ec949a060736b8f0db20054300ff5610d6d50109c6ec3558828e23ad0dcbb15df8bfe93e5889a1f5ee13f48cc6b80efb1d3e7f7ff66e9d54adf5841723ded7c94892f68204478a26860d0280b2557e6249ee0331b381c47099fe9c78c66c8dde6b4b96c662ddf11893ad5d8c8f74a06bedd2039d37611c769912b68cf81187674c618a6a7cad7a515a3bc1d432db98a9c2c7dcfa3ecc1dd96fc1300dc4434153ef6a21f7646c022d1064905d07ecf384eae54172bc574d049f84baec1d00150195b095cdbb66a480235661b1ea57af3f0473ae4e10e297bd9e5e792a4b415518067da10d726d0a8298379fca413028c653109ebea2cdefa13f8501590dabe496e2428d94061a3586999012e1cf4b45e8640284f6ab1b8250464df9e64268cd601fa27f2c4c81c4174d7332c871c50f7d87468b482dcbc4c2f6c2459eaf829742ec0222ff155af5ede63e0558d0fe7e8fd8979c54082bc243c1de945ef5c126c04002d0409c7d177c39d27c17187a61c181d8f389f162acda53e9e47df0fd9aa5a685edf511e33cc6941cca5f820a86045c4d1937fa143f329716b53b8fcb7cf02a9d8c7384052459fe3fcc0448d49a52b11ac40dc61f8c36c467f97cda8ccbe5c326ba333b9e4f98356045d5b3f430764528c5492c3b1997fe2f8b32a748b3700967e2ebb422521876492da7252d4dd8ba408d9544d3d7b46630267521db4c1688fb9d7b1fa603ba7f683ff4e4bceef0378704ed5c66a9b1c433c82a4d591b27731e8fc133aa0d2100b3b743179511aac808f11f420b0552f353c1970a6ae1b23aefc24d955967cb61ed344890778aa89a2bdd38df0328e36e789219b4f0256b14629da39ac11c9d63c711954e5be1fda5511ca73cc1d5aa0a6d7f79e2c9c86a817b075c0393688aee5876bb260ff8b7e425f5e453af37dacc1823ee3e59c3dea742df1d8f744ac53fa9a767810e2dc6de3ddf30055875ce589ab88260c6b2f5ae47e126ebb7281fd411e488e18ae8b9c7c6c3e1944814d8aafbfd3df73b6b8cd7cf9341e6969c63d3cff3ce1e4fe27647d66211a7d1fbb1d9b646e1ea76712d32dc37e1f156f0e819068d2e521550370bda6e59d25caaa33f3a445cf509be84b0dd54c04400f6cd1835f5a271ec881f9b215ca0a3db679b7f89ee02847cad18287906738c4c9d9d8a932e12d7232144c2c99e650b750a9750733641f4750e7cfb27cfd3431489b273715a61650ad8897d996948bf2d1162eb6dbd640e1bcbf1a0147d5928f0d9232d3d25e13ef2375fb10cc32527d8665f5d33f7264dbd42d4ba07151b3f599d1e18d17104ecbcd99c6633a6d73941c80c93c3f8ad38a7de7dd9be7e6bbd1cd4bf90c4b1c0fcd29844cea1d1d28988818c09c89fe5768c309f3fa5bbd5c4d11ea8e5655b7f488d3fb7d9e1079d6625c9237a890b83999b301d13c449f616dc3be9f195ba8fc684c9324806e9fe017d8dc550027367bb2e0b236db60da9e811f4e00375100841357003bd861680fb5d98e4fca3789ceb356c81877e0d10d305e3dde49d21133fd2456758a60e5b475400f3cda1084ffe2349aa306034be0b1f2f7a0f90682b0ed375460400052c39fcc65df64baba7ba80225ba80d6a9ce2bc4e2216a2b0c4f91fb6940aa133cf642e53dc76eec4305c10b4623f734a588e8fa3d84c917c879dd865ed00974ff41e683cfb86bafb26050217fe0f03e7419855ef3bc3a56936f91aa573cee655ab2d82c6df1d004e948ac53d19bfd5fde575e2137fd48073b5f56f3424b5358a1f850cbbeac1195389c91c5bd70aa90e8711a0eb08dd21f08c91c7521e4ae2f44f4e9c9a8474aa281b56897a778a392dc5a5399d51e7449b64e293d7c2ea21a791e1fcea9fdbf0b30733bcb257c350c80d1787c17cb4f07196dcddbba457e99fb4f2cec7bd943b8f1b89a0ff88338097ffa2484c2a0a5adf6a655e5a4584aeba071ab5b26eb453ed6d24cd68261368c0492d30c9ee83ebee2d9432afcd8cf4be1e684a57cdbbf4a535319637ef0d1114c01bf1cbde7f9501ab537d65772bddd855cd8926f44b82e3610cac455104c06a8308a81ab07ce11c6030ed9b9597784c967eb9b8ca9981197742c51c55984c3f8eac06a5e40c42f17d96c214fe16830b15bdec4170a3cba6c1733833fe3bda50c979121ac4bc322e3036a2b8c21ab18037d8d9ad7eccd5cf293460352bdcc94ea16c235c2b49366b24fdeece49195c1bb74e36c5a71a773a01e113230768a6077c7300a5d00527600b9463749c48daee2e22e0bb3c05b0840b221ceacf68a1dfb6812eb8b9534ebb55a052e3478f1d7ea97d301dac3c7db28a886071b80b824892290f95c5d3c45c3e92a4c115bc39e9bba6b625b681fc78d952f0c4274b9a1581144c283c6aed17d51786fd80851b6c6c142cf5998f87e4ffcead2795e7608be364fd032684b3ade24471e2595119eca48fdef600fc1898c6e0634933a2f2153f42bcdbdf7d4a460287095926f6cc0ba3acffe32cd2d0734d9e5b24546160db89a561b49e02205344a9d92534857bde7f21a60da18fa76823325e90c7c5f203189db8057124360cc843e9d4040222647c3432f2793b97daf5ea3af87e1f174181a961b6aa279e3d2f612547e84cf2b59c792eeb76f958b13917e04a8f354751ffcf0de9885df64d15c2743b35a26cf12e532ba33d638b6a11df1aca6d70bce323d30a81f4e0c7e2952e50236be9a3243a9f139f71c696cb8feb550c94667436f1436832dab6f39355b71e952c10eb5f085fdc09cc67f9f89186171f31112d0b1ea46046ffe45ee24a4e28f2ac34917796a9275bb78a7210d2afaca805b2216309d549bd89ecea462d099020c63851108d89aa8a87d4128f87a8cee856380b8c27a568de62b1d48bd6caf3d2502249b6a902dc560010e5915fe0ef3a2a04f00ed7173c668a829c07a910ddf43830128871d256829ef23dad5f8d603f7c4041a11072da270ecc2d0561b80f291ef11a2cff6dfad25a65de6fa057a51373b29dbc2eae83e3a7a91788e7dbd0a26540b58f3ac97c8cb65e2d1f7175f7a007fef11e6d41bf46fc63dea057f09d53d3c99c74316aa8a1ac6c1ac9c3b851679c01e11f973b34e394a936a26ff36fe1456f449269e1fea4388b3b0eb572a1de0ddde0a1e02708956d0b234f98e4795eae5e8fc6884eb20c837d96e96aaacfe0fe2e8d3390a63eed3f7bd6a0b37760c2543f9bed09cffb004f8665c3991dddb77c504dd224d9a1d6f564ebf7970ea64f7d619467a0449b026dea96d44a73f299b9b0be3d2b9615f2eac3ced7e5d1d3489b43e1948eb61d4d62932b62f80c5a01973a4541db3eae35ffe948303468d68736385bf55e1065f709ef3f7aa3bcec539a7fdca3d2512288e48ac91309797ce9a8ef810cddd4bc35734f114acb467c98785743de2ce2ceeda0fc6ae5636b5a0bb23a637d42a0442872843ec49a92f91b72eb0b1", @generic="142d93a993a3af8f039b48eb77d98b626abecfd5a6fba403def269cc1346167db87022ed850c139bdd7806adf0ef50bca4", @typed={0xfc, 0x63, @binary="b31b3a982c0b6fd4b503c07cade2bcaa152b7c2a435b0b3d647569c08740528c8769d2071f2c5b74319cb7ab7b309d857af462200d37e4eef6d7d8dae1dd7509a7ca31c109b9ae6cccce12273769ede4b3854d642e1cd7d5cd491778279d8fabca6eb69c873972a4cd9487c882d2039e84ac2cb85c9360a1268cfe8f3413cbf41c4839ac6eec8b8de6b1635a78f3c85d43675b6aeb73299ca1c2903f8b3a6ee98ee68241a3b36c81f56ba5b993aa4d88aefc5a073756defde99ba62c3aad65bf3eb83f02cc742e4af99a08c99bc081c9d180a8c28657bb8a7aa4991e01c73fc423ae62c1ca9ce54f476424b9af2932fec2bfc0ddde"}]}, @generic="f4e59d6c8d9b5d681793c50a442b6a9c798dd35cc1782a06bdf631e42346d23081523f459226a2dbbc0e9f30797da59ea78a749fbf9c9647d6ad07f2f162b50f241cf4e2c85c0d7b8f98f6d3a964079723f0", @generic="cbc35e060f4e1de1d1f087da6378be25464cd5b7ec8fb1530213953fd9808e854de0896a9b0bb64d8c31d901072665a4fa97077ca7f9c7d6cbe9af609ffde8f32ceae53b974c825c95ca35fb2b59a284138fd4401621bcca191f658a1f1fad7314efac03d6d1e31579dd9e3725eb6b59"]}, 0x13a8}, {&(0x7f0000001f00)={0x2344, 0x1c, 0x1, 0x70bd2a, 0x25dfdbff, "", [@generic="8fd4687f930ea6bbea149f671caa3c31ec9b5537d5f18bae8421d1d763f4188b8236afa73ca48eedccb958e4004a1b530c48bf049fecbdc94dcc54ae89c23602ed79a7dbb8a0d063f850da7cc42501cf492d6f8e529599029b374c7b44a32f787eb205625b1dc485aa6185a29531308fc04162ba6c7fe9b37708f28feb75dca00dddc1777a40a87b2851a6a58b9be026a0e1f161013416d30c5e3f770aa89a07ced7da67f23da22be3a9006275b8b2a295417f12fcdfc707febab9e087397adfc6693591b06c58563b0b0197030d52900c71f8425a8d7b50d8a2eeedafa198474b02c0b91bba73591c881eab32bfee6e3d5d4ba19e08840bd84b377bff7f7c164760a22d33b7400831edcafad3a5ff4fc95832ace6ef79912e14b14129ade9c76c5b85e31e58322f61f1a2c74309adac36cfbf5da396abc544aab7427fa77756007208fdbcdeee8a3e7b174d48918cd1c36f42785b616256bab3db55205e43029688f2933cb557639f818694df695cdea1b0b0c7221bfba3cec8b47988329dbd2b1da97a4e328a2ddfe2a56c1cbed19d1938e47f6dac24cbc2fa8128f8cae1734c43bcad6fa1649051b2fde6027f485aa3641eb115fa2f938e99b8257f699b7bfea3bd0fabf3b3716b0552dcd0ed58eaab89c83ba1fe8a3a272c93dcfb7ccb77d75947af2eea3ece52ec372ec62f2f1d952b8c2a542770c0e54e611fb258259269d565c84998d05ad6c2fa981bfc6770423146ddc5803a9d9dfc23c5252c488363592c72c208ab43ab4d7a3b61495a5cdb5b0888baf03b48a83f8fdaec2f75075954c19b2a53dc955c991c382f61db0c04115d8792562350c6519e59f11f681ba62beed687011d4d6b5a1af8ff5c90309eebc0c884c863dc857058ea88f8f5df155157ec6bb009c75c26acb5c4a386aa06ea2249670cfbd7fa33902f2f52c1bf16c0139d1f3e0f1d1c9d76464df99a2aa0bcd10f4209a300c79e2d418931f7c60ca9c77aced980daf5133c4e56aff85bbd615e2a8f94a62a7a5e953d52ac8e66c86d00427c4a7ab28bced21e77dba26c59c8bb48e445be4b2d926442d76037fef56f937e67f7525369e6b0d7d865fabad4e8e761a810a0ce1590a281d295dc2dda78c3f64a1dd676a89f9426d378bd55f45b9b87003d5883e59a3b29ddfa91a55f9b1523422d4958d0c6eac19ada9eb264a5f560a4ae5eb4e194141cb8ab78226da63f903fd35e553e904c71fef06e3274d8d8d5c500934b611d9c44a5e823fc8b23cfde20b7f7c5cd27389cf436a42bafd4aefb8317764d7113682c5c3cf9861d0ee8df2755963a531181d9c1bb23842e59396eff8295cad0f8f297a591fc30b2934f0ec59a6c43814e320cabe6109977bd71ea95c97c4ea2aa8dc481f46d247966dbac5c1ac2860d1fcbb1fc244aa79eacec6eefa0163cad0df6cae9584eefaf16752be949d60ffd2a7866c120bbdb621420a979978be0ed220b304073e1f95e92f893545b810cd4676d736f2b8087b7a2b464f5d458fda33b7b90a29fef94ae3b0bca713e0caa701cc801590d1826d1ebc56a4bb3ee2fa631e69d1abf6d0787ca6d3ef975083576db2c3018201cbb53b38404107970fc526256719e4773d18ba14a9add71443f99dc59fe8e0045ff5893ac89ce5cffa0055c0225cb693dfe7f7070d84e60add2e68e4c978e3848fd987a967a354ba65c8bf26b72f829d7cab01d30c0701ccf0025ebf0f1f335c29a1c735cd3d72976f1b4da39bb04a0c525ebcfaadc9b9e91d9744f5f5267079f730e9bb042b857f1bdba9d4efa03bde36167b14a0cacfebd32da245444c48382efab8126b8348d499dae2a6c0297b9e6c7842a8eef82f97281f4297161df39ce9e5abcbc8827fb86fb6b69a5bf1ffd9148f4b7e530ae7087e3cb755af26c450b495c6984ef102f8a3a3cd45ea062900b0e95656a2d619d0758155709be03157a42f06f2b164f9a431ec6185dffc6f54ef63317aace21e7f0199be78829e95b9c682c27284bd835f429d9d40636f81fa5a59a6db7efb718b5cf67ef1e9c00691ca2a375d11587ac148e66fbaa0543065ab6a4d70bd54e93a1e5edd8636a63665b4ba288f2f6c10468311ec23095da17324dbeeb517d8bcfee4319ec762df1a9cc74fa99ca2df411ec03eddd7bbc8e618ebc82f77ad7984f9245cf3b7710b5274112bba020498f41c98e2bccbbf9d5c0b33583fa8feb52a1d0cbece13617e8a7535d85f51524b9ff48142b81edf2554c5e4705356918a2ea82931b361aa1e36aa42ff5e126d4d1c4ac35f1c240434abb34ba5fd2946e38e63f8765b53a20c01d6b6e22b60fe4c5ec7ef47b20874a32e40ed8d4e9038071d0a61785338ccc2a467c0598e87ca0a379e5935516772bc8d9ef4aa438f19a8ae5e06446a2d65f431145779060d702a2a5475b014d8d395c6d71a46c11b4cb8a90e28b69932bc3255fc1ae6a28db1c4ebe8ff447444902b1d737e7eced22cf670643010e77c0be9520178ae16a7520da8a6ff3a01b1142972fa84be56b72188da1e3d2913a7409f4d75f26361872b0233fac1e373aae6f398df1f22feb6190655f42ef791cbeaf2f975ad0a8dfce6714c99385a5259c3bb8adcd3e2d2fd2b0c34bd8bc648bd455faf4c06ce3b578227094a73c316a311d5fc7cc0ce13fedd2d38ff7875a450604c6cdabdf3c868bc9fb8284edb1d1b7d2daa7e5ef98b1a691de376e721eec8266840082699591712b7cf8cc12812af3abc9bb8e71bd7d182a102a5db108af08e470d4234cb4282802ca14201d39a54238ef4e1fdbddfb8e38a0aafe5db20b0c904ed6af611398270465ceaea8a4c692f1b87455f5c515f6fd033fd82bdbd06e335e4d40640e1538fb055c301cd614aeb9dd3bc5b1f7985a2c398f5ad6e3beb812acb3d14cc1b681fac5a22f4acd3c3fb8104f8d03fe41edc044c42599f69ba411d694d8937a22e12395cd9160b1a9b198c761e519bbfa5d5936030cac711c538ee58421c8d8f75dc6c1af4ec699df4762b689b142645e8c117102da7677a97ae644a1d987ad01887d149c1d2353163fdbc47a022edacc72de6acc4d70cfe8e9a07a2d056ae5add55f91264c99f40bded8b3e248879ffea91315fe8ce7499bccd7166eeb8452e352e9efbd604f7348f3539fa58f831f499660e9099b85d273c603565bbd4291ecdf53251f9e797e3a553e745daf844a171999d50ce634db3093bc37357aeedd41b59977e8d22d4153fc370d4d98e49d00afc2e1e5c176beac73f2cb23b35612cf9bfdd281eb5c2470f7147f1d573e5d76820b8aa82e99ddf8006517d2fdf82bd95e3c7fd4b96cde3f9e55e90e7cc5809cf24829d8cf9fd8726847b8deebc684301b37e4a5f7acc8835eeabd8ed007334b0feb67a581e0000ee93c3915b0e75bd60eb0501d2112b02618b373359309720f92eddc568b973f11c56e731f4bab0ea93386a7fe51f2966b24a24d486c3299b75e99aa6ae2b024c861d9cd744f2b3c17201aa8bd3bbd527ab92b9ee27bccc340b62579e744ba94794dba204a85cb09aa1292e36ef74d578a46a0aa3b4b55f3377ebe8a9491bc6500a0d93ff7c64415bb429592a11f675fcfdc5c78c6a7376bf66cc5c4d499dbdd49376d0b309a4d0dc50279d60103fa1c01e56341eafe9151a1083ca7d0de9e67300146ea2f7e6bd7857ae7da3950d26070eab9d96dc7c30d21d6617b57ff953d4c73fca329738adab998f7a559f5a5b3872b45837e90e35fde5d54c63e7cda6b80950a9e8fda91bdb445d58d97ef4f1d3fc6fa8bc718ae294897527575b717ae5438ee484cc90d2b543227bb6db73d41f0aa8dcf593806a66b02698ab4abc30fe9fa0a266f104429f77e1f48f8307c906c2b17627eb6b389c929921d8233b266cc61fecc786929ce4bbdcac1960a97d0d355113523795f977b897d5f30dfc635412ac0cdafa63003c9970fe4d62d86c844d854bb877f6542bfcf58931e8968032ba6f2cb644af91bbee05c8224230d24d09cd7129ab3b996a426ec837287d56de2043cbffe2c907e31f42d5b46495cd8bc6f76a39ab4c882f01f4ff4c06d2c02f32d21ee535ba505c2bb4d4a4e8540e83983804a3c0e108a8a7b79dd66d0b4522779f66937d4a3b2fbdb2fd5b19ba04b62951528f6ce380740c0d07dbb31cd471da4decc89bf4487878516272ee295564caa21fdc4114aaa1d9d5cff8a0c90afa938636bbb1fbc37c1a2e70f816173476ed4b798f676449039e2e6c5cad9308b79a8652d1265128a977a7aaf3e94e4d97f7fd5345f82dc3860399a204d2e49a99642c93080cf8708cb02307bb12375325ae378083ae140e86262417ac787524f291da5c80ab2bb7d63da7715cedbdbe3bd5744d547310e3ad1e35943c6dfb886718abd219766bc64a837095a7bbfde60b382ae780a5420c7fcef7fc1ed03ae5c7995ae6d6adec984c585b1f01328cdfbdf50a6e8958bc79b71877f22e32a638a20a68fb0e4891bd58d04527be060ecb5388bbbe167c82644ba3883ffb44f02d14ca87f45a661a5bd81289a09ce8e913e32d67e4b944dcc655ee9016d26c320e2ca484e4a704eec03421542b6f52fc017dbefbce1fc9f7f9a941669258b5cccf4dc797247728834f8d60e6f7db519f6705173342c46c18f5b21eaefef67564339116ec822fd6cad316b87f407d88b6f3a53231122688775f30b348ce52675325e2c6409e8197e0b376781ab3aaa4317be7a4180237fbe3c85a7f5f8fa498142a744bc23bd3f70ff5af89ba5ef4e5eaf8cdc83bfe09af7fe38ed2696393942f5208b74505e1e3b58e95f0cd456ef73cbf235cd5135ecd02188541d19cf7a7c2bf8a1d21b0a338fa6857bce0aa446f14e3326f8b92a649e20bffc7987c402b6ceceba744bb90ef7465839e893c9481028bf41c24c1af96fe495ddd11c5b77fa90846c53c5d2a639528f20ac334ff366ac59664a938a5880d9767fbcf2a886a982e891d158f3b69f527b76c4ec1bc02ca72f89f2a16815aa9075b9a68c2baf826113153040beeb8a4917e037121dd2fdac8fe4326b8d334816cbcec7877f14683a1973b68fcd4225be3796f2440e469abca133e4fd005f5d0f44194d477614dbcf9167df6f93899148d3ff21a5378f2d5ac2271af0823f1ca8609492bbf21d980745cea5b340af22ffc93a1ea1485daf754f03047c8a405f24ba4ca1869bdd42c3f510db965ce8a84e8563cc33e8ab555fe94fe6a7633b42ca7768d512d183fe77c0bee31950902102c9f605d40384e116815169ec560d2ebf4347b8aa80ccf76da155ef30b6f8c3f4a91a8ec1308344f670d4123c5b5d6dd5c416a0ce177956f0cd00f6fb77137456667bd138d209735eba744cb3c0bcdce40db3f9c3a06bc3fef4d8093848caba68129d54b05ab940c193ea947bd40bb8f0a700e1a538e1f2e076d8327ddbdb204b59e0117e7cafd480150930988c6cc1c0534eff18d06a138e991aa52b70899455e55389cbfc8f0a4c20059c0cb65418ec69beef100c8dd2676c30f03ceeefed4d13e7899a947d8dd35b69e0c71cc725150bfec703c7bd900da2b40dec96094b968b3cf7db31def5013e3791fe161a242df57a5bc67c69eefda4a573a3e6d33b9cc2120dc4602f328b54437ec4b4488e59efef8d3f0e467901a2f6a1c70b9166181e4f1b0f9af498eaa36fa6251c871a4c48c7335e3badaf3d9742f01d70eb03f2519221441408c88a17c5ba205f16333352e003953b89d741192ebf06c1b703341df546c30cb1938240b7242332b7ae4f", @typed={0x8, 0x51, @u32=0x5}, @nested={0x94, 0x5e, [@generic="4c46c16bbcd65cb597ca15d3ba042531bd11e762244e2bbe3d36173a1bd9fd1242188bbb0e401b19090f8be0b57a7ef11d6151455af8419e30cda0d00de30a3a624b9e9c7d703605b91cdb6f08aefcb8a64612f9ad0941865dabfd42d54a6279314186b20d4bf31890b0d8836def0cae86681ea62588a762f82d16209256aac4b024be95f6e2027b9b3055ce00e2"]}, @nested={0x1298, 0x7, [@typed={0x8, 0xc, @u32=0x7f}, @generic="d5b7eddcb88efb7e05020ec4d59faf14fa1c0a910d988d7ee95358b2b57a5b26a5f2c813808948fbdf0bb18018fc2a58b506191ca05993821b1514ef77467cd6a0c78f031f34d830e7db1cf6ab586ad5a5eb326c4bba9a40240bc38fe3225eb2224babef905b4d3cbde3d04ab21c129b4ea6c37784eb315e9a22e02b0fcbf030dbdb869cfc061a21c403d8fa832ba6633b3a6fba408508f5cc1966b0314530ae4609eed6eab13a7d1b775990815f992e59ecb7837cceb076aa8519cb02daab", @typed={0x8, 0x78, @fd=r0}, @generic="49fee439a37ffdfa58ce8c052a5d7aa194cbb71d272d1f291130e115fb84e5d0508f83b9ef627e70cc92e239c114869aec53565b1158932ccb5d7e129209355300425d5c9b0796e2ddf6c58c7d1b1c32f2cb190bdb7685f88eb23e0021d027944e788d68eb0522fb9ed4ccc7c0945340da08ecb897c34c931e424f344a26a77a07959698e53bbc28edc2a37e5604623642f31f9d33e098e2a9e2fd8b5d94f6c78234b580f737547379a821075d1cf9047e05fc1531892f9ab99e1af0645bdae4602dc137f3e78d191f3cbe3f45f7bb874ac90f6012638fb97f6e6db85cee27c4", @generic="65e0dfa87d233072a63af1d30e284c756de85e12e8408eb5129af9b1d80938f2e6c6ee1051a0099e07f5f23db0e95889c4ef1efeef18ba20d160229e18d1626c882a0b37598b5dcf7d926bbaeb896c6bf2c29e5e361712a4dbe7cb560cf7985098305bba0d5e0ce33020defc4ee4b11ae0ca8b13446946146cb105c37f2a20e13a9d31214aa9b371d4f604d3a32f7fcd5b69cdff5974f8cec486", @generic="986e167d8e3480075c23e8c26052905d9b6c556c4fd21875b6e841a98164c938d5f20819b93d72a57a3760e6deb647ab42de5b5a72bf4bd5fcc2a300130e9d1201a95db21c4ba5cff34c213506784b512bdd0362ff83ebac4ef76ca51a62ed66dfb49fb44c45cfda7419ae91c31f7e0be757f5bcb08bce39d9716d2f8a0a3c862a3ae8c313abd597d472ec4f347b25c1a4f968cdc14c8b0c58bb2b630aceedc1dc90bbc5ff5ed83e7520afecebc6d3d05e0211b29119e1210ac5daebf5ebfc3c4a239ac5df7921db04c7894f60019758e7a34366ab70b8ab20a9f39552b7be454cc9ebbe5fc8856c13f54c3fc92ba6584ae13d0867bd5a327b8ac86c58dcd42332b239bcbde73ecbeb563190d80cce58eeeeca27d522614c65db367bcb96a6919ff8c8f073e6b4f56b7c75bec49e96bc03effde3903f360058b93782b7064a9623cf46466094bae9a9c9896395664e781aed61f57568dfc41142816b5badf252e7c176e89dbcabd86ff176c2aa7d982f5aff51d295e42779bd72a40c26b9e7003f9cd7ecf405ff47e1fa79ca4c830eba8c2750194c43468f35ee6350ab0e6085ee65315cb54f66ab4916fa705ac555378bebf1ce298e1858ade2d80bdb138bcc13f867f1913a9605527d6c14ddc9fa2488bf908323f1626269bad9244912d9a091d98a0a55bcc159b4bfb0e8889068a89dd68ddadc5eb89e2633c7ac61674378bab76a68149e17e68f4b085bd713c75e909ea5fb5a1c1e55de9032195b2f19c6f03f86fa829030bf58490b5759c8e48b42bad8937c872a1e3c80e826c3881dc1dce5299a15b18adfb4c98d2e878aa97a15f12ab0145fed2fe1788e0f980001e6e6306af029f6703ce8fa05e1beeb0b8dbf3c2dc5bbb53162c1b09af72673b66e2162180b10078aa2b11e5883c26e6529df9bf649ac3fdafc0a84fb8cd9ea960f63e9da6c65f21339db562369c9f6608b63f2c831dfa0fbb4a2b5bc15d2472c35eb2aa03d14f8698d725b749b2b591e722309b5187c60736f76c0adf61f1950245e7082a42ef98836d4550a0ea06ed37d9af9a74c57e0c81a14df22bbb775514438599b8d38b59c2dbed61fb3733537a17acb69fb81f5c022ab6a36fd46d34f12812a6384747cf7231c68df931af287006a34a5326b3b3c50684bde5e0e180d30542e79385b02f33d1388bfb1526ae167a31aee915870e4066a7d35e50a5caddc2c4fade897522ad9851308671b6658f0d4b05840138a42d5171e75d178657dab86882da1ac70ab9cde366e5f95bd2fb95e1f46a94b4608e25be8a0108a0d0488f925e156de672984c593e890f22762b1fdc4de4fd444b6247c5cc27e16bc49474cd9da65ed8b796aa5197866926b7787343dfc35223c7226ff17679a55135a5e0efaf6a91d7ba7556aef8bf97a2dd3dc4cae8acfe77488bd2437a6b51d00f4c1e3cb565c9bbd8b11300f507c810daddc302928c41b510d490f97e2fbc6fe014b9ae1bdfb3618fa139f187f14c740f7d8d112ae8675d6de61ddf68c29a5f49318daf43efaee2d94f00f193467ee76c1ab06e208569613a01a70da35211996e29b1f0d82022f6f56745172d80df8d2ba3e7ad24a0804b6a70969b72c6396352d492f5babdad043499b1e2275cf995cf1c0665e1ba928d68ee81dc75c32e7b37e0c9f88ba5c5bd625bdabe817289a33871a7923d6f6b6cc960bfc54a28091f40e48e167b5084644809e1e813e816a224908837a9f961b1eee3a1a40109fd949da99e94d490d3dacde2344589a2a09ba3c39f90544a2e9f877b1da657c64e3103d37c5261aefc1faae641447a06fac7d8b57b3abfc36fd96722ec7ec2423c4ad429806d0663dbd85de7fa583330e54e57025544ff93a5ba98871d44c0e9f2d1765564954b6dc7ffe0db3b6e8042d9778712d12814095dbb747a9d031d5ebdd3fbbf905a26f410c33415ff0908da85650375d67890904f7f09102df88701fe148e43b69dd57bf85fcd9c471494a47561e35977dd48e16160c93b2e6fd8184e7a78d45eee09677ac1c13a171dc78af9cc91b22268d1912cd3fdc903ae1ce2184480fb469270c6d48e1a51c1f04bbbee7eae5e3f93aa7c893891a97bd9453b6e7e8cdd090b11b4b06c7bbcc70899fa65d090338b830f79453468f3a0ce56825380d43355fdb5b2209127c3d45c2f66f8c45c13afba476ef34771f2ac1d7c6b72bf5c4d8308e11eac1760118473f53b78e3b3477d50306887930abde960d1e8821ae437e1f4af816b503fff2615f4688cc01f3b205d3239d5108bc31ea5d9d212d8c3a55f969dedb5367c877b820ae56f98a1cec232e678b92197d50f7d38b54a6589cd13e24843f1df204311a5e9d3760d820b54d1764cd96635db7bafe72f03bea370f8bbccf7d43aafda2cc1b646ffba8539428f6362d8b4d36847ca6fd91457f643a2fa98f498223b32e0212eec6f33e868987b3301123f0ea0fd34b6852f41533143ea514780bdd2438ba3263ec13d8a8332eac5b442195b0d893cdbb8759db15a2c1728d526b79033b23240e0358c027bd5935d112efa01e7892e84387649a8ea3a2b1adbd34b4153eac005831d975fe4852cf252d08afb11c5858df2d0069d51ec51e1043355854f036313827425ee83c8364ede10e2db5d957ddc32a990a38b9d91fc3e498ff6cd0798bcd4a9eb8e3ee00f59fdb71c5959064dc4373043c2222bc896c2410719922d42ae1e039167df020375fe0e9a564d87e28fdca4fc62f690a04f4e4cba317149fbf2b0a68ad174a91cc52aa348a54cdd4a20642afb6a2593698374260ccac27140a4e54e27ddcccc338ae8739132692b77331cf0ed87aef67de73b50dfdb55c581e92bf7029adb1e9cdbb2a859f8f0b363bb64b94a01e9613c5240760353721b50c7c585074fe3b2fda855a9147093d1df146924b677490e565a31af394bc3d7d4da72a71497d88dd497940464e4cd3d2ffb63f19a7458ff96e1a2cf4c47c21a5f8ff3c3603a28d4fbcb36489c59361d69f56703586934717df87f7f48b6bfa9b4d4c506f5b45345e500ff75cb82a2da83f43f83f6391147d11e0605273ddddcfb894d2af39b3f826c212e555bc4f3030f2b2038f7c959d3b194e14e3e897c537c4b1cacc4378343c2ea245ec87d401713de15896a30210b36fa7a511fd020cee83f800cccba2c5889d23ca5cdd1da3faa05ef4ac7e4f1bf14778cb7a3d4540f154aa91a82f8dc806ccab09196bb4705acb0fcea9a739386db94affd582425c269babb2f3e834468d4af2af5496b9b3c7b39ec1d8b5af2ee5bf23077d45760c4f0bb83ad0d2f1fb441577c70bdda49089e59f9b40a55ebc2df2c1851d6b87070535ecca18c1db743b54b33cc1a49d10ee608059184ba56300dc0f1ede8c01b685e4a2af305c43ed7de9f276971303fde3ded5b0eafeffe7e50c0d43ac72f6d62e00701c6e3eabe3e4a23fe910038f3636afe5943c845879173706483ea9ad8562681af56177b9190128fb5d4299c1efa2fbee4bd504fd525400123a4559584e8d3e877f117a910206524b196ba78d67e931f7fd3cefee5f4ff4c2343bf600f1cddc80980b2a6f705250286170de16c369ef1ffa57d79898ccfbb076ac307f543085d6787bc0f1cb05c0637e8a295017fe2ddd5a6996416bdec58d537c01becebe1507813eb482726693465d1ba3d82d7f81dbc7124bc259dab7cb84c4c039fdaf1ca410c5ed564889e91d4724ad76be42bc81816a3658ef39605b1371f8c5521d6ab8d1ce1687d53e8536a166e7c91ea8cb76ee17a5ed28532003e50b5450804b8a0946f96787dd315f4c5492f845c9d6e4408ac4b4cda452fece33ad8d25342e36eb1b98de12a736ca9b900dd10a8324b9d84f7bf5bfd1f98820f0e8ae945c3cef4b5ea61a395ba263f76ef27087008ed037c7e3a28f0f14e6b39e8c49855d1f7d04a636efe7152261da17f18a2730e380e00f14a1c7ab89a1650c4908a44e871bbaeb3dd00cd5c66e409cfe8132f19211de6c1b7dd1a53aac65757b8d363e9af72da9260b5bca090290ea3099a4b96e1d0ab4ff8dcf74b9df5fc09a60e4ca822a1284f6a013c92585c0e5ef793194c8beea4db8fe26c401d3e8f3c9660a9c59ee6e74699f7ce63a2c10b0aa2aac8d05bb2c90877d446c94618db4e7ddf4192a600547c009a1313ecae70ec3afe4d966eb254aeb5824b4cff3e469bf1aff4affc2ae584ba02809f8053b90d84b9e1394af9004663e41128445e97a1d0f888f68c66808abbfe33cbaebfeb803ebac773b129f365ca6021e67afa7a3e1e946b501ffeda6058e8673b153cfc4a21b7fbc0c0512402b8e69fe4c29aa19c19e0f8a99fe764287cebac9d485fea8a50af7464976668ff03a2260d5d9a986f557cfbf2f1991efe7ad80d8f786c6d11d09f41f7092f46998146babbecc37cbe0318a7295efb516de6ffe22c4e240cf9fb1244dbaa1246a5b8e38e0c4d5fc6d166fce61199e36650eaac92b846552731d1a7d08ca3648d70bab0b5bacc77f8cb168f86ba30d3c6b4509efab00dbbea958bf0b739a0527179382627be9094faccffdac93f60bfbea3742a0ad9dec3a091736d842078043198ea48f62695418ac899e9dbb7e4d805f1aee137f98bbe65062e72d305bdfb580ad99e7365cbdd10a0c536cf7024558999ee483337eb404399c26b21c994189b15ad332d87280877d51c750aef2f820aa1e3d369fc9e8b9b8eacc213443714df237469fb451f475e6573967343595d40daa2996c4c4cd489bf67c575d8f67e1749276bc95bfaa24521aa266149c75382b5980298d0c99e4285608626ef376fec9b7a61a87c32aee89d843ffac69748c613a6864fe4e0472faee48606072f80b52e3e04f04d8eadace0053591800f7e06ee36775145d3cb1b02656216788adc13cf8157ea98a609c590a3d8a8d9dad891eb7a74c8800aaee3f2500917552e059b4e95d06a28186e0046f21d3313076f5adb90b8aca8e7904c3d6362ca377aade07dc5f5aa8e12670ce2d56005791602775894ecb250144cc94b9f02dd3e3278f44f1c2985226631dc4549c71b1df489ad55283dc2adead1060c8efdbe45d83fc87e86050bbe4b362d6c7735b8afbac7af9b11a825aa050ac78d203b1a346d5cc31b3ad47fd746b7129843d31595c7d0de70218ea6de88e6ec76e995f7319afb663bac27e76b7b7b2a5c66692fb6c6ab88698726fee0cc1d39394cf8a4922cf047c9c5cc93ad8f88b6851be088f7a03e7f3ff63b8478b9ebbf8d7f573c9aaf46078834f1234e0940792e1b1c9b7563dc49facf637438bcb2f3b0a2e8a442fc217e5adef87105efd1704aef361ab148846675fb3898b07d4f9fd1eed2a9d68794d0058c46637910d06b52bcfa1cfb1b4152311cc0b5b83a0cfc98d39ca9b5db977baf8ebcab42f50f09b92668423dedf12c7879270363f616c35fb2cdf783222622879e1e5467ef7599aff66ab5932dde21775fce0e976cb03c4bdf4a4b669b02c28929951df18715ab8cc3efbb3e99f6e6a1536e0c6b178a50d4f375acb9ae62e68ba34f15cee700cc08ebe48526b3a59d4a1f161485e706f9d71e89ad56cba5cf0cc3727c1e282a82acdfc03c0def6dcafa532218d07209382e5a91c98f75b787a69bcf877f2b0f1d69a3d090f3fe320baf9acdd1fcec4bc5d9a4320bc2d55077b46c67efb6d7a55087f09daf4b9bc24524e11eed615d0f8064d0e54d3a320da2947aeb86175e2a2f95077052a9448e73167ced8c37343bd2c0b4d372a7c72f10e398f7695", @typed={0x4, 0x2a}, @generic="74cb5e1e8f169b24dcd6043793fc258e34f1bc1f65dc56ce5e0fee27d01b3304ac73c083ba30d02b0a220410e5bf76d0a5c20fe799311bbd4c35179026b5765dbf5224e4"]}]}, 0x2344}, {&(0x7f0000004280)={0x1670, 0x38, 0x200, 0x70bd2c, 0x25dfdbfd, "", [@nested={0x1ac, 0x24, [@typed={0x8, 0x56, @ipv4=@multicast2=0xe0000002}, @generic="c1463610cd729682e7b30e0b4f92c7128ffb7a2e7e9f4a96ab28905ced3095f9784918bf1702791505427a92542ae10661775f6ffab123bff547da7c772394d6806a83c32d3e8d26e6dba0eeb5b58bbd400de9d70a53fcc3be38c0ae174bc6cea0394ac4559eced78b13da8c00f643ff31da7aeec341b01ff5c16a807903b9587ad69fded4048e6740129d0571d20261eb5b0407915df62a60cc841ee954d2c876223d09fdcff05f4a9ff2afae193cc5b51d83ca806bc6893c2728df9a3b3d81c638e6ff71fabbd61a34f68c822c2962dfb0276ae559a9ee8e4a1fa14112eea31480987a2d1ef0bded406bf29de4c8689605382788391b5c775d35", @typed={0x14, 0x14, @str='/dev/dmmidi#\x00'}, @typed={0x10, 0x4f, @str='/dev/dsp#\x00'}, @typed={0xc, 0x7d, @u64=0x80000000}, @generic="c8b82a3289e905153dc63db4e20e9f86995019e39d5f446dfdaf84b018511221051eb74c1c5e18cae8cbddbf8104451ddc6b5e02ab4783d6a8d71577980e656bdae5dbca32f3a0", @typed={0x2c, 0x11, @str='cpusetkeyring,}.-*eth0vboxnet1vmnet0\x00'}]}, @generic="846c407cb6f3da0ee28516b24eb21a960dc069a3c07c704b5dd073103973e7a1670f8f1e68af6efbd0ab000f706d8ff7b85daf813ff34433379c772dc7286d860217e8495cb8b63f324da18fc6bdac64150c710d322a1bbc5604222751e965f9278ea0e8", @generic="06859828422c9291390f449d61829369fb467dc7e66877f608e5d8ea0aaa30a1c277ea9b6c6d6486a467af538f3e81f0c2ca080d02cd6542eb4f44ddb24c9a30593952f7d21ac558940f54ba1723e8d16fc15d2184205b00da7823", @nested={0x124, 0x9, [@typed={0x2c, 0x6e, @binary="60dd1b30cacc22659fcc307be135f65a039a6cca98d1c0667d496a507770681b9276db1a2c"}, @generic="6e52e9989c9e218bb818bf0fab0e190f29818a9fcbe462de48d5eb0e6031e2d38e0adc0a41c5e92ca8ff241300e797aa0fc1f9e29e313d80caf5d0dbee09fa72b62957ded11938c504b740652ede580579d4a461c0489d2878015c4adc96b9e8d4e72f6f34188c47636cc64499131363545605513cdc724c21646a55722b754dc5649a6893dbf60254e11a5e0378350e3bc9bbd29b871b20d92ab78d05c7b65652680fd6fb1ee1bac6fb433958dfcf18ad74b784c1b99354af6e2f4f282972ee1b1db0f3242d3297e0d903589a16b59b35b9c94fa7e32eba3b33a141393e271414f66fd198c48b0e0e66f359f707800474"]}, @nested={0x144, 0x2d, [@typed={0x14, 0x53, @str='/dev/dmmidi#\x00'}, @generic="bc857aab40c4e509f2bcf6b470c504faa1cdd33bee68e7c085b21e8fec6485a6af94d2e942ca0130d735baf12cfbfe", @generic="56f805a2a9855e7f9effc86f9a9605be140aa58bf34ca1ccf1cb02c9c1d0ab6aa8737498c9b24a98822fc77f70a3cdb3dbc6b376e1e956238b9563a0bb92e900589de0aee50023a382bc06734d0d87725c92d2f94c2b8924ce0557df9cca776d301c0a87e406901d5797827111cdd4bcb09fe864f11bd3276384932a935223", @typed={0xc, 0x93, @u64=0xffffffffffffffff}, @generic="c1", @typed={0x70, 0x7e, @binary="aaf97d4851fa617fefa0a6dfea6a111ecdca27a89727e5a0ed7aa35377609463cc9811dccb3645464c5eb6c0d88223044e1065d30c61ff89703cefdb783ce0308cde099a06409f5d2dadff41309e6fe2ef265fceccd05f519d0ed9276e86be0bcc1071ee1a0d97239676"}]}, @typed={0x8, 0x1, @ipv4=@remote={0xac, 0x14, 0x14, 0xbb}}, @nested={0x10f8, 0x8b, [@typed={0x44, 0x47, @binary="101eda639e67e35b638368831fa7e3c2741a0ccf9364d2821689c6d514a8c3bde52d68a0a465a5bf92007db1e0957dab32647c9ea4a58b8d52682c6ec1"}, @generic="3f4e26e329f8d58f7b25708138653d0b09f1fbf943baaff54cbe0ceac4faaa04a80f93f4c8431f9a8670a95c7ebc47e3c2c705cd23effe937320003074edff843474ea0644f4e56cffdb97a75472968e2a6a61b185f12c3ea7f5de359dee9cf640e3b22a737e761d939354152415155efad26e459a3cb658fd7f9523348a71778c59a0ce9d6912c76cb70df3a15654f96266c890d7819e9d2a590110060e8666b20548f9074a4919da766447111518280bb454b3370a498835fe222d3dbaf542a36c347abe6f9b882c4474b509dbafea33c58ea0679908b02e9e72d06be02c95e00306715439136654ffcc91d6457ff877d65a639ec71924158a051f5b66f4fc4a322ceb383aab49a25c0eb8620da4138f0a51efa5f9a34038ef99094bebb0d68e38b97a6ae68763d0137283cbad50cd903d7233b05b2d20f2235157427ee0ea657fcd791b307770ef06f3fa7ca077245339ccc9a30e6c529d1be51f8c5a02b4e5c2edd3c352c6e9ee46dd4227b9c2c459c477ddbdc6a17900ac78fd49a384865f75b981d1e18e72efd98157ad6cf882c72a0ab9bd07140c45b50807542145f59f425033a2f54f69c5d3f129f6a6fc0109057ca88e6a17e22bb7429a8d586276dfcc8dd6d73c585aee090a832cc62b31327fe5705aeefb7a92c74bb55467085cea75f52d0f4a882f10fd6b4230bc7d3b6e08728d2f600524d84219d928fadcf5fa624369949343d03dd84da392c551d0c653826ccb3bed447d9380df76904bb5316a6eef57885507c3a073b8b02ead25f09a084cdf3c689eec97e8862b8e6a35fbf8dd1799551abf206fd432ecbf2a124ee21d711ea6becad91c75b4fdc33eb772791cf6c2789ee7770d9d1e85c9660ba6e1bb308d734813a7fb31a13dd1bd6ad3edb93f20dd6028eaa908f6ba9087474d6542dd70cf740192f009f544acf02cf6b1304eaea27413e7dc5c5d7aebb0705f00f4d624cf34f65ea4098e18929d3ce5bc2fef270488ab757fcd66b0a2b75c494d1227128d9456d9842d3f0d9e3db78ad24d82da6cb66831a0baed0ca9616bc3b205cdafaee8b288110d7151b7232f40b70179d8797ae09b3c8a2bee4023e7aa4e167b73de1c79ce5f068a5d8807f53dfacd40db67c41988f2488abb257b7e7bc00ad589603884a63571de99ddc38e29f70c5c86f2a3bd9eb828bfcbab87e20c555c7cdeb2792f4a258f2f98e1bc74447bcd56accaef6126e7d4d7c2a2d7cec1c369c1f066b8d6d71016e80935a0f4445f5c251715d61926197efd4e8d9f4da74520699b4efd534c3b004b759b7aedc61ade5d0ee840630886eb8696bbd04366c37bd35d1bf5112fcdfce8b87ca095324cd3b828ebb8223d3be63048da56f7015c99edb5c97e8857ee7d160a352916d102cee309a0ff842f5adbdaab062005e1958c0b8aee79fb1d3aa80f0f529e00ae14e5a7c3fe17ad867a3b03184eb92c34bd5f90e4ef5ba598ddd7178351b602b43825edb7cb380a82d9e3325188b93a74236a272fd7e156e1d4a79df2c48265f471ed1a20118f49811178a29b161932969b843cbc8c177bffb79151b9a8a0814450bff00f2282b70898c821f5e9b182c7c6e89892990e6df4a7c74a670d57083830b3c04a456d7b774ac9c716b65b908f4cac3b6280b3c2b10fa0a98cb9c39a46855db9bfb50d1dc3216ded0aa0adc9cfe48cfd03cdb21a807d3be84ad57343bd82ba3e4cfb026c1fcceb81b21e884677ee7d612b70fe601d6fdd2402054529e4bb9cbaca16f1683160e538a7917c767b14e03fb37da29274395020869c3317b612e33aaeff0261d8799822fbbfc2fe01a3ea0a77f7f576518f095396b68a9ee864ad87946c9bd125654488ba3aad0050c660387a4c22118faf18f1d08f40440cc2a64594e53f12f79bc1b346532f4618f93e9cc808c4185a8f83ca59be455ae998155db5366db2b88ae38091dd904bd05bcb32ce2b9b51170e2326aafcdfef7c9507c4ff56b3965f3d318270e38cd3c842063c2182c913b1e92862a5da4484879ca9332e063d517ad9ce6c54139bd0f0a2013c6b38e55743525105cec714f2459d3a38c7f32ed9015554fd8a21a335072644aaa404d1da7d36b4f4b65213cda6d3149476018a247a9c6c2cb1a153ed6f04253708c76a3ea432ab5ad3217f42915a72ee28f3e1ab185fbfe7dc57df99db32e64055a311322ed462509e9b55f44ad55b13f52f1a33b238bf512eedad8cfb8251635013f4f3c0a37c4ebde3507f021faa69d97ad0516c6b8ac4f7f19421da98ce31340de05d4d9faad005e553de5bfea1029be0b64a9296939c1812ea7a174928f94d11dc059090a266d148e04483f54883fe07361e2afa4074ae64375412e7bc369be0ad946a07da2346f3488044b65c264eb0cb4a25298bc379be0cdb200cd866c045823c090b2a8814f595e021b093105feef0edf00c7446ef804adcb82d36ccd2d5602380c99fbc0ae22adc65bbe78eef117f482447fdcbab12e3a319530e761429c33b331a46f8e5753c9972cdbde4ec15e52d601120b6fa81eb4e271d5776bbdb0d612954480abc4f9b9d1c9570323b581030fe1955146f27e2cce3c7368784f49038a28f5cc25673179247983c1b79427b2653a5db23e0395acc93e35e5de67c0d458abd8b10602b084a34bdd37d30376fb9d6e6c1a68fc8e35581460818f9915607d99be92952a2b1d3dec5d1bd66e8e2016bd4185ca17e48300be32dc3cf2019c5cd43eb1103eea94316b92d511cdbf3a4302cbb2176763a617a8252252e12c826daa9f3e482be19f67336698e9d2df83ac7ec8cbc65a440663cece2623cfa4007fb13321e43cf70c671c0f13623866cbf60b14b10a097b5f31f6bf80811b82531324daaa2a5f0966b40c3873c7d517a3d1502879b0c81462d3b740a291dd16d2980b117ef7e0f7330ec62561f69eab40fb67d51d22b6084a2c3613f14360d338d67b30e0c6782f4889ff75cad880e190ad40fbb0e64aa6087966ccf44e3e3811f59ffffaf455f7ceb2606d18651c82726a54aa4686840c5e37d1bfe282142699d8d39366041e5bc2e2adc5afe4813c4084099ec1817002fad55302821d05adba2a4e823d640f2fe4b4fb64c073ea07185315707e303971083dbe5ea615ffd384143dbfcc007ca54965f1c85ee05e55c5bbd6d450cf76c3831409b30b69f793389cb69535d0445e9c45b8470e06973186a023c87e0837a2383ae2ef68d17d01ad7c73bd59204e817f9a97b9146b9dd034a5bbd112361b2cbb77818294782ff8e8349408a9c90a26267ddcf8569180dbf5d35f4f80770c8ec2c5d222e28f5c90d34d8563a5cb5553cea5eabf02e26b65657d5647eb91e4b260ddcae6d71d64c4a4d251a07a183a143d3545451bc5ac911e1317ab6fa3031aea3087e7c8d615f29507aee5460b803dde278ed4d3981317368b7e24ea58723b1a0f66164def2d84c67989c5b438b2e927645924ca2644c812f48800c030f9abe912eae1433834be6fc43bd68680f0be24540af621b98ceb60f2804818c89eb1fd5dc67347e7f5cec35f6a69698afa94017f61159969f827b9f5de4c5f4dc4c76f5a789483f018239e6aeed4e8bcf2cbe3a3cdb8012680b744a03825d4c093f49917cfca1c0588204ddf44fa293e17aa83eede1a6c6747a395670d5fcf040d1089e53c031c1635814ba7167133bd6e08f5dec4f5852ae61896de62467daf36a485b5556b301e74ce788a57f0724a9b5b666d163ebeac3518a5f4facb51422c9ce7f475f7d6e8ec8f292924969340aa3619b055e9de677166ee0cecbc080c13da6a043b8028447b4bfda1bc6eeb6287bac5197520eeced0be3207653aabfedecb629e314d72f86e56cda2e482f52638c85e598003565fbaa718c46e725d1a8d4ef5f603fd7835d016c43485e64c271461a49b237667d9243652ccfe3bfae99de5696481e3329f07a251f8781ba06e6da98c6abf49086e073086a3eb5d15122dfaf991f263cdf10a14cb825004364165dd5a9ae01eaa6a5b4ddc14b395b99001aabe8da1d984640a80305bfc33300362a956323c4a19a357cc316f6f84897b6f9643d8ce3dc6f23c93951a9bcb76cc30b64f2d7e69c6ddfeb974245b6a268d6756c2e7ffaaa6dea52d5d39fda4846b68431ac4eccc8967b4d2628878a50d9fcf6cfbfbd348793b0844b4737092775d5fd27044c33e6293b9d0c943e9a7f0d014f8989ff05c3e5393758083a7ef42e6031bf0a7d34d131f997c69d54e5425f83122f8e63148d97c425fbeb7a9a48ded485b6684dae7959b5d06a23269704ece623e610aa16165955deabfdc92b264add2b559c2894c0977572aa6da09484c9a1a46cc674bf2813d1c76f4b27a61de05d0524f0498241d5adc6b175bda68dcc503533b211e280690392ead468e1d20a434132a1fa33b437c8bb4761e985b7104dac203ded6b04a21d6e627104448417c37434a0190cf5457a98133dd30608c0ab0d9de0ee78a7f4efe3c98b91e74a83e27fb35a1026c11fe824a845a99bca8917be23856c7f8e2cee900897909ac626ba8c54bb0e168735f53af2326c9fe31be01e597c5bff35ce762325b11345be29c2b7b55aeceaf08636c397a8b5f09217f82fb0076afba35ffaeb2959e6be194d02e5ad35ec01fb05ad3306c9b73a1b091b7b26fa205033c00d74ab85e9144d2d6893747d62b903036539ff215173ea1437935538b1ffc4467ce24dd8b5cfe6e855268a04c7a92524be4353b5334d77c6b54d65843020059fd71a0afad32169ff126a7fe6e9776012ad68bebab727906be899d77ac02d5da4b2eddbcfe2a38b9eebe672cb327df1e41525d8a027d596a6f7730e54c756eb06e7c750393d166b1e1e81b64be2d81f4da9cda414c5ed814b9e8e688d78a86c02c8ec296709dd9c01b4ad2146490d1ac3a8b2a7fe90d8327c201ecae09feb86aaff2e8b9bee230ba72644113063f76d15b90d656b68b5ae959e2fe535559758dad80c973682fe36489c29dcffd432921ead2014b0e337981643d2a46a6a7494ab89f87a3ed2dfb0f1074280722e077a6e5d1909ea2069224e7cf11c7482269e3c3bbe423aa046a24b45f79ed26d8231bdde437fa2bef82e6afa85b5ed195440ea49b92fcd507b2b4c4b6cb5b233a979ba70413e3091d80e5022f87a2afdffd0b6f1586687e5de716d973d35ff0f81c4d3175c5a7b64676d2c4258ade78b5a91c3ab8470004745b6f3ac1b6457d6092c99cc983c0de0cbe3bc545233c72e624223df94a10cf697f7c48cd02f62c12ce034bd104e12ecc1eeeaadd4ea0fb14db037310b23ab4314f0f5f055bfe3ed94310142126b5ea2f6e4b7b4c325ffa90aec5cf88398f752b23990145289f55b17b740fe805241d24d884e06bfae487f625e80afb5b8a44baa5e53a2988eb381f1a989e67b2ae7ddb6fa911060bedb7264d5f09183cb1c30df93e405324c085e72add400d266f72a325d9a7bf6fe08ce10e22ca8089c6660d745314fa8bba1ef1559ed1d5082e6086b8546c77266d6036669872f1bc72745de0576e39776dde3010336eff07ab8fbd0f2a900ec76e6ffd3c841b56435104b4a50c353cc5d7490b17e4f07fe3aa34dbf0b6b4011a09478dca903b4d692102f4acaf526d4381d3f8e75ef8c9e4e58348603df5e634bf08f1ed1932199df31b6785fd9d020a01c8ca331c65c0aab4b81dabbe769ffa9873ad99b18c8924ca9750d1502386b0f07d8c85895299d985ee4d3fed71e7cdf029ec7197f2d27e85b1e6e4e3dfb2805f7", @generic="073356b4487d7e277e716c782d9f079ba8b87117180be95e20d5219121d2df798ffef7ee33", @generic="3114eb67a2a0b74d86e09709e9f6617bf9c457f6d23a602f8f4cbdb9809ef8ee8904f413251584c1e3e6988e55c5b95d8c8847e594dd7ed4c6a03805e791672d8168ff0bf804813e3ff4312a1bfe9e1b38a09ebfe3693190a6853506f30879b44a4808ba76c9d19bc80836cc8b1f790b57d7f6c4", @typed={0x14, 0x1c, @ipv6=@dev={0xfe, 0x80, [], 0x13}}]}, @typed={0x3c, 0xf, @binary="a6f49a1d93635a7154f1e8f07c15439823a4a1317d082c761e67dd4acd0af39038ce6703ce567f91667367b1059f2d7458ca69556b33"}, @generic="ec3729cbaa8ef5db988aa84edea02e7ffcd78f7b3ad41c0c59fc", @generic="b74507d157125702f85c6d7417d4315066c2d108ddbb24d0b90fefa013e4fa213a2cbe3c711397ee40e60b6e89839ee1c2b957f74b0733"]}, 0x1670}, {&(0x7f00000008c0)={0x10, 0x39, 0x306, 0x70bd2b, 0x25dfdbff}, 0x10}, {&(0x7f0000005900)={0x18, 0x30, 0x4, 0x70bd28, 0x25dfdbfd, "", [@typed={0x8, 0x90, @ipv4=@dev={0xac, 0x14, 0x14, 0x13}}]}, 0x18}], 0x7, &(0x7f0000005ac0)=[@rights={0x28, 0x1, 0x1, [r0, r0, r0, r0, r0]}, @cred={0x20, 0x1, 0x2, r3, r4, r5}], 0x48, 0x8000}, 0x4000000)
r6 = getpgrp(0x0)
sched_setaffinity(r6, 0x8, &(0x7f0000a2f000)=0x9)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
r7 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
getsockopt$IP_VS_SO_GET_SERVICES(r0, 0x0, 0x482, &(0x7f0000005cc0)=""/185, &(0x7f0000005d80)=0xb9)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(r7, 0x8040451b, &(0x7f0000000040)=""/21)
process_vm_readv(r6, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}], 0x6, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r7, 0x84, 0x1a, &(0x7f0000005b80)={<r8=>0x0, 0xa4, "62ce5c3a69273e4316cf773f4ef03d8e8872cbdf0a78d57724de15f9bbf6eef43f6ebf00131d706facf04c7be6291db202c45a76cd2d61bea283d21755dd177db98a3f5de9d17008ce45c725f2d87ef301f9038554660fabf5d314e4e38d0563a08089d2d72572ef8ef74985bcaaaabe6af60f5aa01434f94dde83517bbdfd9ac0479bb268c618762a8a546ae01f8e7e69f53871426d5d389f27133b56601e1a57a920b8"}, &(0x7f0000005c40)=0xac)
setsockopt$inet_sctp_SCTP_CONTEXT(r7, 0x84, 0x11, &(0x7f0000005c80)={r8, 0x8001}, 0x8)

[  180.567949] binder: 21009:21012 got transaction with invalid offset (0, min 24 max 40) or object.
[  180.577527] binder: 21009:21012 transaction failed 29201/-22, size 40-16 line 3026
2018/03/30 10:05:06 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r9, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

2018/03/30 10:05:06 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x0, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:06 executing program 5:
r0 = memfd_create(&(0x7f0000000800)='\x00', 0x2)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000840)={&(0x7f00000007c0)='./file1\x00', r0}, 0x10)
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r1 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000)={<r2=>0x0}, &(0x7f0000000040)=0xc)
socket$inet_dccp(0x2, 0x6, 0x0)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r3 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r2, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r3, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r3, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
sendmsg(r0, &(0x7f0000002e40)={&(0x7f00000008c0)=@generic={0x1d, "4020937ad3dca2a208c4bfc45985926c7d57d5e92ec32ab52eb045270d660711186f256364747b0a587a8fd6c7853662274eb470f90cf7e9f98966f96da0c83540d24369424343e5cdbd3af815dc5e105fa42f202cbd4875e33749f3793d16f8db01815e21e008181eb44cf72af8f556c6ab1c9ef85b5181fa39a379dd8d"}, 0x80, &(0x7f0000002cc0)=[{&(0x7f0000000940)="4d0fd56936e976fdc59bcc33d2d6591c9de7d8831df06b5fe69d72d7847a7668a8dd143e925736a8a18c9ce5e42235d7c7ea1a4f1263a03c223c70a6917cce42b66c254140c2102cb2dcd6dbd04ed6cd90b821c7a8930e2e1978d90c20de747808b0a0617fb172fbf28f57dac557434b9913feecf816e2c9e3b638efd57186a3da217096763c8f0c8084460b2479e7a3", 0x90}, {&(0x7f0000000a00)="2d48caf0221e196e74bc0021f4de6b8e", 0x10}, {&(0x7f0000000a40)="f3c777730b4dd9cb8c81a262fbbcb535b114a30db4f2ad6d88a7d877356a491d6e708d8a5b89a09240f7bade0862c3d87ec3b16289446d4d17ccf99965b1914c2124ead740226667c8b088ad07bf07ab32802f6132dea31eb4f272f378867a20", 0x60}, {&(0x7f0000000ac0)="9f5a4d2dd398032f7c0f07a38d4232e64e6e779424a95c93314c6d6926958d89d51cbfd73e311bb87d20b24c755a0a7a379d05591873e68b4de63ca5104d663786fbe1a81b1aba784543ee5da0c525725bae4aa19455abc05c90051fba0194ae02b59752f4f89db0b89fd4c021c106fc80588e3a2e18f1dd0a9cd5a7cc9a94d74ea73270e46c68f572199aba74b1dad9cae041c3a08b60704e3ab374c73598be88425450459911b31b4da8f577f648eead584cf3351e3d7a45aaed97a8d37fb96b8ab8a1e191cc2c9ff810ff6200cd48309c0c62f510aa7c37da718236a07a21cb75224d9ef2df8449516f4fe05476d7529a1c6830cd6fd9c8f7d36b247b273cd8a9f008a62954171ac1a8e9808718444628c0469b7360386f4e5370e6d18618b30ca86fa900086df3d67b8e96e3de026c0c65b3517b4813937fa1106e56632298eceafd8410683c52f902da9e6c9fe832bf9f5b85a9c7a6099352c3c6d7ae9c70214a16d5662c05dcfa77dda3d8f2ff0de9530a2979721419617de8feb4193da522e52b20133b26b4d287f0f7dffd341370e3a21776e936382986c0fbb574eb057dbd179e70d9373edef3d43b6fc9a7eda1ba2e5d6578862c23fd4957f6a8bbeaa0e8a3cefa7581c5dfbdeb83a1ea61834e40f191b60253cf79198095d83d5c54b020526e1a899120aeea9fca00909d40e5e4970a9f13d462b5dfaeafd31ced4a5de8f633bc4e123cc4b489a1d590ca498d9c9d762fd02d8e4f2bf206eef8a5cfa1b261d8db6b1b1678b117496595387b3d5116bdc1cc010758880ddbb707c9daad2fcb1a192bd0c19b3ea9bca0d69283cacb8e1b3803db30ca7f7dfbf8b93e437fed73f488d943b61036e006f9bdfd0ae8b56ec031fa5e514a639d723061c71bcdc0913c4432f034cbadf242082e51daab7bfd9e069e880df177983e5d178330f519ffbdd1ee2e79268627852028d09a4f1f516d4a3036c743fdaed6d01ecc5d85f4af27fb16302500e41f0b5ef2291479da16bcbfd8801e9b868a8517783809b5bf255ef9ab756c6a348e3270b1073d9574c0dece8ad7ccd323b2d463bf19df95362a301c532f210baa56a5f8c2ca4696511e14713794bc295c5d5c208ffb54012e7d2f425b70259e4e8ef2d3362842db04a8718257a2f588fbe7b7c48760ae9d8af0089d45165276a76862528e5964f7155f998af2f4c894076224e3dcaf3b74d371b7704f1d9dd8b3ff05133dff6703c688e755c1499209811db28d127109b2585f6ec99eed35cdd9f9815132cdd48180120d8558c66fd6dc1b48a52bc63ec5a8ff0e0743f18110cc1505dd464943cf519ea88478f8c1ccea4dfe33bc98f2e466f4b89a4f0c303f21a086c8cf2cb5b0901e29990f3091a2e8e2d3259b984bf9a4fb2af7e68c52a68c7d69834c8ca9ec58d69b472fe49ef32a2f43a75cb684faad1331b706c9b6bfa85f229d0bacbb9ac39390a9a27f521e55024d4db3ac6a2e3a1f198af3fd737a15dffe4682124a95f3c03431952be93e1fe4662f308ad9632e72c2fb147751e028c6e84861c7469334958f1c71a8cb3225573c7e3fd9b74ced481ce79d2fb97d1da838b5ae253cd81249a0889ede6dc9cbb9eefeb90ca119649f635270d8c14320ca8247c68dae5bc815203acaa646bedab4b1881a0d7b044d9b2b38551962ad7f98bb1e38af910a53c43812e373bb018dc70ebe1c89c93042452781c82e08f8acf147bc31c681a8522625b2f8a15794dd94d1e790ebf97642cc625c8943fb3f952beb01777643c6f74302c97ff37dca3ecadb80077c81c2ec15a88a76a90a251bb0506b78f606a34b1a5d61edce0db46e7e2f40696832af4aeb8ea7d9c880363d60614076c7264545f6def10a1198fa049bf7777f8bc809ba51b9dfa702961ecd525417376d204d240c414dd3e04b7592fd29a861405d7cbd65b1e24b92b37689ca4ffe498670086b02ba547c5a5815da79c9c7b103276b55418cfcf8c47dbb57bd8d2526fce8a6c2d622bbf46661bc2bd78e09a8742b394bd1b266511d1ced263c063fe17f049064e6251e2d1ead6910a47c98cd7324657b0b358730804c6f0093db4cbe838c8fb9299ae8ca5b378a165e7f592d3a79d907c0efc4a02e6e308e5ee504b5656c79884f51bb22f91ad75addd117c8b53cebc5064a45ba00044ae043a722c94a4cd261949a20823776f5721ae40d046ada6c9703b5ad6e1e0d2e55f446ff6c1f19c2cd73859ed76b6b69191185fdd8c1c1cb4070edc57d5cb725786e1e4303287820df5698e9c445f6c14d10fab0cebc67cd6055c4471689a0f3d4b49b34551cdb21104d0e53629eb10879d61702abb3b5aa27848cad51f0d56ef5d9c04cd9fb991b2b89732228e2039ca0bdedbdaf005f171984d1363346468982141ff0d1ee0760cedaee230e1c50414563bb461998ccf2d981cec34de79bcb1248592abe0a4c37af1c93d3669d491728ef919559609df12f1d7c0bc18c9f585598a645e7dc9642ee28fbba6ae6ec48e43fe600113069ba14b388a7d485a7997016fc09c65abf90b0fd182eb976029112ee02c3ab937b8f188816634e8b3023e6b9d615d485122d93bdb6ae4fc6b2ebc226dbd7eb65955c8f30d00fe1d3aa00940412fc731b87b80e42396db9fb26f6ef53ee25c084eb643687e00e93ce6a11719e7c72a6d460b2e8beb7b116233d0e7104f5049d87cb250c9ef4e81ce2d5ef69da178dcad1f9faa0067597beeaeada09ec503fd7a104536ce4691a24be00d0eff4d5252ad04d83235ad1a4177fbbd987acbc81312e6bc4c57fbd39b6c292d90c946205cc89a137f593d54a1da6fd7645dc0f0a2ee675a2783b198b97e359a0d5b614b891420660c851d970712249cb30e4a24eb91315e114a18e4cd887d41385eb7fc87f16c0cea03ad1b5c682efb73decaeca7deabf3b9be58549ae05e50225ed3bc047382335b9b271e1be86154681661303504e5e1aee838256dcbdf64049a72a913c58df1dabe1ebf208fbaa04de651cdbb2b0074dbf5988f46ebd46063a9775b8700d574cf9d0a8624609c4dd2b55ab81dd8140f7b69d6c25d024529203b8046124b7499998913ccc53884bee00efd7ef4f8b9c3a6b8eccf3f3760f62482830546850c2e4a905ce2e601a7f4ee1e9a4a3e1919daed9e8a2e82eb772908e22e1119d0c507b12d3d320d867ca0bb024970db88133c8bb8240273af214f24f0528e906c701a12bec5d426e9a80f95ec373c4b8f0591fe499870cb7b8acccdf50d4743dc173e3bc02c59c6929c91976413198614c09994f6efd1f9d614d01ff97176dd4c9216f582eb9ebe6f81d0ef2b6839421e52a525235bd326e5ede6bdf28abfbe0e6904d43e93ded3dc906db8030a83cc1a612f3d13488c078af951b1bda6fe2357140b74bd887416a704f58f53c5b214beb9c6fd50f34f6ed772cab96016a8007f0aed3b56c4bbbeb820f14b9df8fefc7b914d8c968a11e9ffd89e0f313ec4b0bd644aa7da4fb85ef1a6cfeb6364ef1d954b4f86c8a1361fcca2cf1ec5e5c4b784144856c909ab80c6cc5e49483277f9869315c1a07bbef03ad5734e6c7b261deb27cd4cf3119fe1125cc1edfa045008b0b1a6d86950782006e6b70ee33e89d9406747d7ab63e9e8b729233789bd106a3a88638627a3c7b5efb02d5aed846fe220283fe2d24b91ac59ad792dd0fa245534a6b9aaa72ba51cf4099f3c4066e14d72745f2a32ba52f54b7290e4f8276640ef5c7a4efd236167411dc8bc700f928528274b22da3e94e426766d308caa5eccdf5addb9dd12135474f72744631fda2596f21552246f1f37c03beae11aa05bace650a9d5637c32878e2c358bce370cc47a6d6c0bab55ba91a4a0267460fee9efb12240303059869423521a6952cefbefe30a1aec915ec5a6bc1a7584698df39cdb939fa22d8b66adc5effc99d99e54b36e202caee57d30f784f9c5723beb601ed7bece7639b250d752088144710f4ae504df0c47254c3679d80bc4c5992d7ca2f31b44e651c9e6d55fe0320555aac6f12f323980c369a14e32907b3f946e6ff7f55cb3f816d4cf30dda8c279806f8a80c54eb978708b428eb4f39f7b637cb270530472a8b2b385de70083085f24f6b32682d884a7b46e9f403d2b53cdf8995a745b1cc4212bc287b09068666b1f3779b6ef64060a56bc082e655e652bc9c61e8883c1738ae0785f515b6e9dd6bca5e5a15eb34e86942400f17ebe4488641f31725a99a8f44375d459b0651e42b5f224103cca6fdb8b4703d9928e17e3f04d3aaa9ba076befd0bdad1976c3e5ab118e62a7c8def676e94a2edec72b8a82c88ac044bbbcc338f76720c012f8f6b1009c2d831266a8c5e211428e11f3e4b9501cd0205455c4e86b6c032c971a9aab6de500c73b621dfffd5abd91be298a47dd945d8444f3da0c8269dc23a5eed7aaba8c4b2fc2a9b719b6c5d19daf86cc7de0683b327c2712d8e8bb59757bf282b9fd55f2d7aadc1e1cac9c3cf7934fca4302a995cacba3bfee330cd9b4213d92b14f6bb5df85a49e9da468821882246750d658ac4228a0f78c4a78c48c758226b99dd9d46ce76659e300fcc177a6abd204d21b4db6803a220bdab9911cd0a8544828c72b4e70dc74bde92b83bc0836de8e8a2c019be176740fdc08f534c06d448e093a6aacbf0c2bcaff088de8f467de95f6ce74c3419e3262a960c84b1442e9c18f9d052db0b75828f3990bc0f69769f59ae05d5fc352a7025c8634a4a88b56a3a5400fea4b30f713be02182da21b8428af0ac09456ed9f9956ab209d8e47f318ac81027db0e3e9573d79eed5e9282ab31ac95409fe48d3696a8e17ea1ef3f7cbb8c56d1a3ec34c6f1f6283553a319bb03690591e2c813dd7f371fc1d39a8a56509f3c8c8045c67199f814f7a3f60c20111376112938dcb735ce5362aeafbb4c6eb672dfafb911182ced93db82be0e5a36c1e3cd8df90290d78df7cd9b83c9e216014736b3edaa578f5debd73d20d87ddddc01ced0ab2ef20d654248a426ee8d1f6159af7dc422befd05eef4b1b1319d0fff1c2a6b3f7ba3350f42e44d2d1d3a8e450d450083a0784b2a888b43f5cd93bc4a6b2bec83ffb8f7639241222dac2c927ebf419f6c11b5b828a1f6d8616ba6b775ff9b9e1a720d7d16b2b9ee197b6a5b711a289634d5488e37579e7c918dacb936cc5be2a842cd0be6e49f1ceefd92b5f384c7660971ec57abd1c39de03ad57e898f5c17003bbb7cb229f2a7fd4ed0995375794803a813b22b113ba46b3f0730967880dcbde58f9737ba4f569170b8c8d6c5733cc4a9772392e72e5b1a769953f26a9aa120e7a0a3e184ea9baaeaad3096ef5d7b4edacc5a9a5d71029827fa0cb05df3f1efeb8e885df82eea164cec74993afa291a9408389586ca6beb9cfcf3aa267b398c3ce6668a4db64cd41dcb7bac45eba0d0deabb20226bd4e0b4d6a5b43217649a3a35d24e53c5695c83a4f202efe5338b3cfdd4aaf9f52c58f1594ce52977d5907ad0e75477beefcacaa4c395e1fcb8c61d721fe06f442006c02dbd642bd4f417a5b00df9abc08e2aa2da5a58a89a866582ad1069ca2f309938e5740bbc881fc907996b4bbf51b4b534a75297f87330f2672779c9e340314603fd8c0455cbbe821fd3d7d6534ea20249cc9cf40bd548f1a525866352419e1d83da1645d176558c9fb40200510891d9b973225a9c30e86d6e7d897cc17d88eb565ed173627d1268f2b5a047a5c300c8cee789a493cdd38b86084869c549c24f6375e00ebaa6332", 0x1000}, {&(0x7f0000001ac0)="c9d68cf8347926370bb26589d5344ba568d4fa66d0755b2f548d5e7ad2e4a361b539aad0c24118ed646ba37ad563f4fa32ba0fbc79766d46172c21fdcffe66a6dd438df74379b31d35f6280115417bc6aa13643b2d9f2e4ab94b56898b0a07040d3140ea42701da79121e488bed2e1f3a72a6725fffdb03eeaef11b5762c6610223599ddc421b5bf20d500fd68ed0d4531bf56b2cd7db7f902eb291b264e8133f08d4e58221c90ca9a49db6ef3efbd698b75d403b07badd156009c9ba0fcd1e85e3e4ad54108de6af295e9257d6ec9b653", 0xd1}, {&(0x7f0000001bc0)="c9ae69587016bbb505da0ec291638ac0bebfd5dc85ff408caf6fd4cea2de8515b5019b4c941f0f13c9199b1d47f8bb41ebaa2d95aeff34c55ee628dc7df55cbeba534ff0bf8afd1dff2bf61cec484a58e4017a5f0960ea7cbcf620be6fbb50961cd25a6813f914c9976bc44f82838fb33ea690c35abab0661c26e9936fdf72c957622e16b010e01ca33ba27e622c35611a8801bdf9c66690412a5ce9b2b70f58fd394dbe8703d4425bd161763e178c67bdbbc737005e19ee64ed29fb445bd2d4eca254374a8e726d7e566f9a1cbb793a44ae7a280333610af4a78726a332f68291588f1f6ca1dc072aaf6e4bbd492531dce55ba95376e08a4502f827a3effae13ddfd49636abae5e6b220ee8606b0fe00d1501b4cd9a9643e8150181392e01bec3d31f15b546459d479891d10b1f43b9ffd6253816635fcc675933ee76ad2ddf5bcd836a37135d4b2ab7b0231c9dfa6d47d8eee622e534c02b8601ddf48315613173b6e04c2096114de2854c197436acc7285f49e1ad4251a7cf2325d3091fe44f639dc7215aa65bca4e2cba5d466c6bfed189662163766af1d88747e737269b318fe430118625e06226cdbd9eec61df1a3e513a22f3a64f18bfc55ca9f92748e034290e4f2c8016bd6354d0d887e8c9186556726c40b67482c0d235452f20b568e4dcc5e24e89ea95ffae8b33d572e0c4017536b08e8664c6fd9061f2e8b04b31da969a934388960071680949d888d7a65f9493b70bababc65930541a1fc1c1ae8bccfab6b8c3b16a37973571c67d59e1e063eab0ff21b3913755fb5c81f4466a7b84f68e1600fb6d642b1c4cb5f7032063aced5dccfd82c999806677078fc31bb1305efdde9a3a9b3a4893417f43d42007503cdf8dac468122b0272b9e8aecae6274f368f0c00c6a42ed6b1d8f4a0b8f7cf84cc656200541f22ba9afb90427be4dc149f11e807695e8f4739031900b9cabefed90fb03e1d683e43c79ef827db274a7643337bd3dbadc0e47df38ac65ef70f883c900939c3da7f7c3b04b51402c477c06824c5c59af243e35627a903b3d69a2d68c48deca14f2e96142432d701911c0fd3985d1e1362774cf787f4f6e07f91296f8ac31ed832a6dad651cad7579fb96de212978290136f34c10935a067029b3cf2e17c3b858f15d3b6767490eb27100d08c8d064c62ff82134482b3d12cc624d76d6ea145fd668bcf0b469735e2f5f9e2980b2a69a4d781e1d186e89dd81d65fef9932283509dbb82c2433e07a7401c0582242af4de12f3bc476e588ac2d49b8a57c7bd27669e3164184b6fa6d812e72f5f23a24bbcf2164747aa264cffad34e42e26dfabfc97c6e9f7a593c17e538c3b0d270d50c35bcffdb1b09c49a611be89127588640dde01e251ff1dfcc88c3719dd6f5b5deb6961540a1cb74f12b6ad9d69f8b64e32376c266c8816c1cb229ab35db12841f0e1b0884da42248af6b4ce2f1e0d4e9a0fb841dc99fc830a2310762c278c3ef51d8fa46344ee6c5dbd06d021fd89dfbe9d46c397b3048c2eb4def951eb70259b8077d9110da480e1027a7b05e12f2cc4af36075fcf4cee4abc360b81af604a1b76670d5a8941e3d957788b0ee44b6f1c2d42c9b0093489628a5181cb7bd448cbae7d22d483f9c1fe80b2bcd04a4d8bc2b340d503e3bb5c30547ca29a157c32b8c91ba7e19104e9009850044fb5da66ce43d588d4fd66e42fe300c31c2c9607be5452b07683b79b4c8ce906bc9ba6d8e727483fa9c3b9c4aac1b04267ad382f3a7fa491f719c0aad79c1d8fe70fe749d4f1613110e0f43769dd4ff9fbcea6f4c3626aafc58fc93b26dba0f2baf6092ffc4d51e2977d022d4bd57cf7f1aae1d8fc5af4363567605b7a09ab5d06355150096489caa92858f120d57d6f04f7b324d202809ceb40c6c862b8d237bddfd82164ba169c0d43e4a6120d025e1362ff428f4bec3d9f44c63d6ddbe5959644ce388cb2513d5f1550a97392b56aada676eb828b6203c2f5b99b8c0dc7546347b759d7e18233a95924d4f91e9dbb75a0bf13abbae4851d3f10ce2892a1e3897439dc1911860c6c4b04631850367994f26c74b44661e2a143774475f632f05c5e44db018a1c7ed4aa64320f5e5d41390f4ae4ca16631cb69f4c55f1e47a65bee38fbe891d95f626ae142e3c060f038221349318f665e5abc345c4323d1b82ec69c956be3fc10a2a1ebbd1206faf61c52bcb1555b93d3cfd9131ac8e57be0e2f5a2122a6dc79195637472ce44d8b49240bfb3006af89ca6c749d4a1c9baf440e906ca64848c4e7657cace38a8c641812c063e73f8fc29b764f686facc6cb316c10b18952478dc8c78bd7c0507e4211cd2283b3460c66c4823d71be567a62d75827862588c94ef9c6d781d8505af7193fd36d42da5fba93414dda15d7739993aca4cd83b2e1c234446a2d5b8a5eae2392e9ce4552801ed085be2eedba80eb456de0518891f70021fbd5dce9dec7880e6c20a700898ebce102ce7c62c2b20b2d9b768b0d980aeb76f061fb7cba6e97148b3b16387794c577872b9714b68c0a4ec96c87f2d6ee8f4ad312b775a7430037af726177bb10e0478dd1aa086e19665bfd6bf4b24cade8e6f0b765dc7e3eaa25bb57896ba25b7e603316d21eb8f1cd62590b45d03177d09abb60bbf7276c85ab12a5852018b2f88a673eb7d3cf3b8f1f0e2be0503491625a08886cb44519ceccdc4df9ade4468dc32027e751da0bcb58472e728d17dfd71fecdb3ea283c3e977df1b5c682819663a4a8dafe4912292a4f91804d20cf0fbc7e725f3ec12e9c1ad069be74cdfaf2f51891a978b377ff4347851225b07b3cd7df5e657a2706ffb88ebd4cbd403f40ad317a57158e7962beb46138a7ee20bb2663a37a36571507d70ce5a8a36c87c8008a60130241f5c422098b5172f59fda131c29b9eaf74fd05af3135d14c4938c1309e5a572d6bda335c95f44d7301c78fc4e1f203a966bb6aaf6b4840cec8afba9f864d0d57c0f8a469093b0602793841950e57351e14c8055f938dae5ec6975d7c6df124fe3442ef6204dc0c436fe9bd1299230fd8436e9d443ad931460961ce6ffb4a24fb1bf327fe270d70908a5d6fd3fa6754db9f5554ff54325e892c91aa33948a255b3e3317f8083bb194a0ecf0cba6f7712a70f54aa5656d0f3451cf9c72074f9590b2ee1b2dcdb82549846d67e6ed50daf7f97991b166fc0478677e784fab7794be2ce34743b071fa549d52fdd1aaa98dd1b3debf6bceb36664deacaf03a4144d7ad90af41a158bde4d188ab0d472c35cba72bd8fe51a570a79af68de36fff18949305032638f92ce6333496acd166b3425f4f3e89f8d3d04d701ceb882835e54d66b61d8f615f645e8c9b416ab0171b9b7b6580d2f942f737da74eafd8c0a57bebaa2f06cebc1b80754d55e2308f1566cc31347a9ee47653b75450214af4333b7df1b9ca9ab03f8b7de3f258cf175116a339b618d345a06912fbf8bda2eadc861dcd5cc7be0aaa0290010d3c55a440714cb7c3ee2a9d8d6bca57a96767fa5ecb3055f01448d155cd33d5c42994fa7403eaaa81bae76bb76609900220981ec4a2a503c4d1d8efe9892c583e8e652aea2a2872165b165f0cda226e039d486f4a8e1ef44683a873c3857355ca648639a7f060549ab7fab60cd8bdfc47dc39ef0a5e843a76f1f8363cb2022d6cd6d41d579409b93be92e485b66d2674e1c726297c42bbc20df2eb317bbf6e2c424f2ba26b3d626e8e2a740a02d0e6559bcccac3195c914087895d4bb4ecd7b587062645f54e0e8bfce48048d67c9be1e96709ae642d2a66481109331f9558ed415033d07ec92295c5925d300fe542dae91df1c14b8e7abde2f221e5bb2d25b3d8dcbfa1ffa9ad5d2bc5b4ba908d9375e79aa56c93ea58fa725e306a9d0cba414cc008b0a371e9ef3444f22029bd6a5942424ef2f7f1fddc27fd1e4ec57e056ffe62aff73a0420a68b4361b4e62b5cdf27212ef4035686b9a0e635200a18b0f5ecf343fd0650f144efbf9157307e742f23c7bd5cf38b34e6fb885b2db566d1b642ec99aba02480dcc3858f44ab51970a5bc824bb205c0ed007fa99042a00425552fc71be069780a7b8c9de2297c8a9381c7d90707a19cd11af308332efd4599162e2f8008fc188693ed82fcdf24fe36498f6053eda895411b235ddac2f0ab1318dbacdbdf0c47c68f041e4d98090b144766986191de480402526f1c28e9c80834499350c5dc6f4fa90db34181c95a20fb065e61660b94c9dca16876dc1e463f199f08bfcd856fda0a460a695a51251bd55fb033b67838c8599df48ebd808fc8fe633b8605c2a8d5f6a5c5824e0f43e91492c10775816daec216ced02dde63b2fa581663509cfd2c49c4abf0bddb092476c6b9930b00cb0f2897cd4ed2b6ddbb6c8736ffd9a9e334f957243d18d4e67f3bfc4d9e4d6f061cefa518428d770d580f0ad76c75da87d74826ceb67a650e07b29d8f01aa0f5dce8e240061779cd2550817f171076806279915a9150bdce98d75501d39de9d268f889c23cfbee1526b0d1d9cb7f7f761c13a496ba9419557e92f9b4e349ffac868a5bdb725f98eebcf493a20cf1567f530e6b9a31f49375f11c4f0f5d4e69ef067b84ee27e905f44a2916d7aadb646e4549824a5e5de95dc64d58a39ff02902bc46b1ad93c62afeff920d89cb81058a185118f70f58d01ae2e6add7f503eed7e86f528b41135205a8176e09ce0f21067405b2d5267e90705c22c94aedf92061c94523ccb45c1798f1de07741c3da19afbe4377b9dfeab95c71df9166566ef987b5b4db3c1095093be65566ebb13e8f696ed115b056a533350fca21ea17a1de4611e5bb78df67f5746cd6f6cd5f76b913acba773973795edfc49173fdc0b9baa675e01ec8846b78e85dbc3efad73c26aaf2c7e1907e84c861f8179f695ebdc8d46230d3e9ae4945caad08e6b73e9e17f533f5439fd0a284227d9712312860b2491033feecd21c8ec0754ff4810ec10f2584554b4bc1939e858e3201c168564b980f77e5ff68e679b8f5307266090b4a66bad8896871456dc4276fc93a3e96685cb3e780ab99ef4519e277fe2e453c9e2d2784b86a45ea9f415587c551f2ec96da43e1b3942e863f461f6135546c6501e026ea6c961596e685547da0bb083c02d2094c47f667507a825ae51b177c2907cf8e6b7a6d8a1fd8e24089266e6142ac3e3b759ff5ee2518e63f57e0954ab49f0a8fd681ac36aa6119fb239099d86031b84c3487c61c2a470a4c5bc863d77aacffafcd145bd15941e82449f9cd383642338a97d0241de5821070f2ff0bdf3935902c890f8a5413575d8d4a97f8613dfbd68357f5a5077d74d92a859893488066d9e225ed03f8af061c35d55d2e6f9bf79eae20791afaa2f5f992abdeb9c95fb80cc248e39f310e3e62d8808eb705f3d3b30c688fbf51f0212d1d5180885f968b99436d8aafe4c14e66dee37dc314e42d05e56667270aa52f41e2c302630849d0eb726887a972c452941ba99b24570c90d65b41b3a8f8c576efb63d1a68db50ed97f388bd4d73790ea8ed28647b5659979ec4a72f8ba2ba7a6a592116075081b9ec8958d7f7eef53adb12d3f6b02740d1236cbc91c77da0398f0a72755473e20ff00bb3ee57b0c586b8e9ddc21ed2c10262b48b0934e0da85284d8b35bb0bc79fa114905826c9412a81eaa2dd06adbd7f5785d801def24997c4348417f76f2a5198910a91691e664d496aae73595d0336ecc9f0ee617f619753c874c0246a9636ea5", 0x1000}, {&(0x7f0000002bc0)="0f79fc314ee1122052d7782341a4d962291e886c8eb7bcf47bd451df907a840086051d6229ec43f92b8f901ef9bdd425a5cbc7391b3a6c3647c941409b15b30b238ca992abd73e4846ab953d1d0635857f08ffc7d47d49e0f943fa1634baee4aa34ee56899e4f7f7748ff43bda17f7434573cc882e110eb56a9a7f476bf137d11756631fbcfe21e7308e3e76bfdce4cfd068e1e4b4a4c583853253930f80dd952a76e54358e0cbb2d7d9076c4093c43aa55b82b47d1adf4f53e47ea9080ce2ee88344c9ccd5a163e9a70da805db26a496365be22769d9cb3827bb3cc7ff2e07843889536382f7c51de057a0d29dcd18d0ad93657099a523025ad40", 0xfb}], 0x7, &(0x7f0000002d40)=[{0x98, 0x84, 0xc3f7, "aacd9b17226a3ceed21e385d1003de456bd2250a34d2076a53fe4462603c7a8eb40f48c6f9df51fddd6bf4d245cc2db495febc1c1ba46430bb28fd78903f1d4088bb2a7d1d45bbcebb092bd5942ae5dba7160942946f788fece5f55d85345159803547fb43e940c351f83a6ffcff7d6ef8aecf10efa1419287b2f61c48ebe6b8dd4fa6c258a9"}, {0x40, 0x117, 0x8001, "e5645e66fcae0b256f3d78c9f6fb60f9c49c1725b6cd543fbcb1713f8de8e1eb791f9912dceb6c4250a02705b8"}], 0xd8, 0x4040000}, 0x11)
r4 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f00000002c0)={<r5=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r4, 0x84, 0x9, &(0x7f0000000340)={r5, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r4, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r4, 0x8000)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000002e80)={{0x2, 0x1, 0x3, 0x3, 0x401}})
bind$inet6(r3, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
setsockopt(0xffffffffffffffff, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x2)
setsockopt$nfc_llcp_NFC_LLCP_MIUX(r0, 0x118, 0x1, &(0x7f0000000880)=0xffff, 0x4)
pkey_free(r6)
r7 = accept(r4, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(0xffffffffffffffff, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r3, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:06 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r9, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

2018/03/30 10:05:06 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x0, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

[  180.687711] binder: BINDER_SET_CONTEXT_MGR already set
[  180.698375] binder: 21009:21031 ioctl 40046207 0 returned -16
[  180.719541] binder_alloc: 21009: binder_alloc_buf, no vma
[  180.725204] binder: 21009:21012 transaction failed 29189/-3, size 40-16 line 2963
[  180.819638] binder: undelivered TRANSACTION_ERROR: 29189
[  180.827407] binder: undelivered TRANSACTION_ERROR: 29201
2018/03/30 10:05:07 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r9, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

2018/03/30 10:05:07 executing program 6:
r0 = syz_open_dev$binder(&(0x7f0000236ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
tee(r0, 0xffffffffffffffff, 0x1, 0x4)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
pipe(&(0x7f00000001c0)={<r1=>0xffffffffffffffff})
ioctl$TUNATTACHFILTER(r1, 0x401054d5, &(0x7f0000000580)={0x4, &(0x7f00000004c0)=[{0x5, 0x2, 0x74, 0x4}, {0x0, 0x8000, 0xffffffffffff0001, 0x8}, {0x3, 0x2, 0x8000, 0xffffffffffffff78}, {0x9, 0x7c8a, 0x6, 0x5}]})
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008000)={0x44, 0x0, &(0x7f0000004fbc)=ANY=[@ANYBLOB="00634040000000000000000000000000000000000000000000000000000000000000000028000000000000001000000000000000", @ANYPTR=&(0x7f000026c000)=ANY=[@ANYBLOB="852a627300000000", @ANYPTR=&(0x7f00000000c0)=ANY=[@ANYBLOB="002909ca01d2ab4b4e44c0e1d78f9371f59ee0bd0303c3ae1262a52e"], @ANYBLOB="010000000000000000000000000000000000000000000000"], @ANYPTR=&(0x7f000000afd0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00']], 0x0, 0x0, &(0x7f0000009000)})
setns(r0, 0x8000000)
r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x0, 0x0)
r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DEST(r2, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="000129bd7000fbdbdf250500000058000300140900000080000000000000000000000000aa080001000000000014000600fe800000000000000000bb16a6d07d95771e57a6c020c400000000aa080008001f00000008009fcb82e307004e24000014000600ff020000000000000000000000000001"], 0x6c}, 0x1, 0x0, 0x0, 0x4}, 0x20040004)
syz_open_pts(r2, 0x2000)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000400)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DEST(r0, &(0x7f0000000540)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x2000400}, 0xc, &(0x7f0000000500)={&(0x7f00000005c0)=ANY=[@ANYBLOB="782300c41632e3cd59c15e979600", @ANYRES16=r4, @ANYBLOB="00002cbd7000fbdbdf2505000000040001004c0003000800030004000000080007004e210000140002006970646470300000000000000000000008000800ff00000014000600ff01000000000000000000000000000108000100010000001400020008000900ff0f00000800070009000000"], 0x78}, 0x1, 0x0, 0x0, 0x10}, 0x4)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000240)='IPVS\x00')
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000680)=ANY=[@ANYBLOB="655f0ad08101d7959c1c62855ea3bee6edf43475ca43e4bb5c3a922d5b6e2008771d88c6ff52fc7dda84048af79176c2dd4cb8dd34c90548bc1cbcf9aa1a1bab39f2fdbf326d1874bcef02d336b452775c4cebd8e3c1f299eb279ad9a8e401af795870ba4adbb22f36911bcb420490032e5d4c18d0b94b5c7be1ca6a4995f30aa7"], 0x1}, 0x1, 0x0, 0x0, 0x4}, 0x0)

2018/03/30 10:05:07 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x0, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:07 executing program 2:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
recvmsg$netrom(r0, &(0x7f00000008c0)={&(0x7f0000000480)=@full={{0x3, {"67985f175526c2"}}, [{"80da683e4db33e"}, {"6081910d0898ce"}, {"2eb31a3c0156d1"}, {"9e408ad14f4fd9"}, {"1fbf7216838ce0"}, {"41ed0fab1c6445"}, {"cb4b04ec3cb9fa"}, {"8700ea5a24c328"}]}, 0x48, &(0x7f0000000000)=[{&(0x7f0000000a40)="c505618eadc41fde0360f8f96732c688a0342e93dd8417437c6ed5613e8457b4a6a56fc94ba4b32afc6d6bc1cdf2936939cd217d8effbbed7ae3e11eb5e11f5fec585a87be9ef624f8ad95359b5ec26011a0bc5ded7800f4ee84354914a4baa6bc484a6f7461bbd211652f2ab8dd81c7f82065d45f4a162411e00299117ca3a3a0d60a8b3ced60806122788ce5bf303fc1639058f33f74abe322f12a32b8", 0x9e}], 0x1, &(0x7f0000000b00)=[{0x78, 0x1ff, 0x81, "19741ca9c20aa8a2275cd0ed5f202d3faa87aba79336c4c9ff1ffbdf2e97bc19ed7fb1aeb153c7e036634b567fd5007f4aadef55c10d21985deb592b88275747432db6be0e49e2bc629a5f4f70e6d71e54787857704f0b8b8e78e412b5200e99e4"}, {0x100, 0x10d, 0x1, "3791214a6ca644b9aa71d3d6cfa682bb9ef57d22ea6f0a6084183eb56eeeda64a8cb00c6a242ab69f4e53950cb1c71771b78368bd4d7e27ea116d998e6b5b1e22c23d407ed45ec6388e07297ba646bc5188c4ab4242465990b717af8ed7fa09599bf4e814b70853431b08e3345f5f4bdbd11a7c72c1e462dcb0650e0ce1d47b8c1be546ad74ede7fe5a50d972519656d932b1186e0ba9c783327240850642c5aa20012c28eb00e4a22dc8411234faf6eeac27247da10bdd6acb8edf229d01c2a288329abc179d94883b71b4b1a8af7ca81114d80bf8868ff19dbd5735a56f822dcde982aaedb8cce14340bac"}], 0x178, 0x4040000}, 0x40012000)
getsockopt$nfc_llcp(r0, 0x118, 0x5, &(0x7f0000001400)=""/11, 0xb)
r2 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x73, &(0x7f0000000ec0)={<r3=>0x0, 0x5, 0x30, 0xfffffffffffffff8, 0xffffffff00000001}, &(0x7f0000000f00)=0x18)
getsockopt$inet_sctp_SCTP_DELAYED_SACK(r2, 0x84, 0x10, &(0x7f0000000f40)=@sack_info={<r4=>0x0, 0x5, 0x40}, &(0x7f0000000f80)=0xc)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000fc0)={<r5=>0x0, 0x3ff, 0x80000000, 0x10001, 0x7, 0x2}, &(0x7f0000001000)=0x14)
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000001040)={<r6=>0x0, 0x742}, &(0x7f0000001080)=0x8)
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r2, 0x84, 0x7b, &(0x7f00000010c0)={<r7=>0x0, 0x9}, &(0x7f0000001100)=0x8)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r2, 0x84, 0x1, &(0x7f0000001480)={<r8=>0x0, 0x0, 0x7245, 0x7f, 0xfffffffffffffff9, 0x7f}, &(0x7f00000014c0)=0x14)
getsockopt$inet_sctp6_SCTP_RESET_STREAMS(r2, 0x84, 0x77, &(0x7f0000001800)={<r9=>0x0, 0x2, 0x8, [0x3, 0x0, 0xfff, 0x0, 0x40, 0x8000, 0x1ff, 0x2]}, &(0x7f0000001840)=0x18)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000001a80)={<r10=>0x0, 0x100, 0x401, 0x6, 0x8, 0xfffffffffffffff8}, &(0x7f0000001ac0)=0x14)
getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000001b00)={<r11=>0x0, @in6={{0xa, 0x4e24, 0x6, @remote={0xfe, 0x80, [], 0xbb}, 0x100000001}}, 0x4, 0x2313}, &(0x7f0000001bc0)=0x90)
getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r2, 0x84, 0x1f, &(0x7f0000001c00)={<r12=>0x0, @in={{0x2, 0x4e20, @multicast1=0xe0000001}}, 0x4, 0x7}, &(0x7f0000001cc0)=0x90)
getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r2, 0x84, 0x72, &(0x7f0000002540)={<r13=>0x0, 0x2, 0x20}, &(0x7f0000002580)=0xc)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r2, 0x84, 0x6c, &(0x7f00000025c0)={<r14=>0x0, 0x4f, "1a5c31a7f93b528a9d07dff610b19eb96cf256062c12e6ab4881fd8e8f6c66fe5c00935a50d621951e30322ddad45965526bff34d4edb74e178f81c4d5ee901eb4eb76ea118e2848da7d2cea31c8ba"}, &(0x7f0000002640)=0x57)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000002680)={<r15=>0x0}, &(0x7f00000026c0)=0xfffffffffffffd90)
sendmmsg$inet_sctp(r0, &(0x7f0000003bc0)=[{&(0x7f0000000c80)=@in={0x2, 0x4e21, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10, &(0x7f0000000e80)=[{&(0x7f0000000cc0)="198878e9ac301509f94b155832c6422db4790a0324c311a17228ead1d23490e0f5974cca8f7e656399fd6ad8cb06cb9bdfa0578d729de8df2fc39db8c4b911db258b06cd75e621911cbdf6aefee1da9b79cbce0cd8cb0a09d5bd1eab177c0d005b8c4014b5aa5256ae3e8eee326fd89fdcc689e68c0a9e8853c5eed7f215f54df75ab32d37607e3c439285971907e9a2dd3fb6408676e4c2a29c86c42275918accb9f04355a82eb0f73ccf274860907084d3eeeb7eb194e038f5db53aa", 0xbd}, {&(0x7f0000000d80)="a2b468e8db003a3cd8dcaa5abfc56e19bbab430688bf7442c15976e9e045a64e83bd40b19ecb854fd8bcd732091e41c95ecab5e52433968b8985789cdec4", 0x3e}, {&(0x7f0000000dc0)="bf2f509f9b532bd901b68ae8bccc22247abe99d325d802f1232a92a800b25d4e6985fcbc37b9e2d15a842e8a843022a576b714ecc443e7efb46e248ce3bcdebcebaa7984b00235d26c8595524107b0f0a2fd70f7ad112e909365f28d9d31b97fcf189cb53d16384f22478a2b0d867c24d901212f82c01e9f3790ff0aab5faa8b50d5689a60c8", 0x86}], 0x3, &(0x7f0000001140)=[@sndinfo={0x20, 0x84, 0x2, {0xb0, 0x1, 0xff800000000, 0x9, r3}}, @init={0x18, 0x84, 0x0, {0x9, 0x8, 0x6, 0xa1}}, @init={0x18, 0x84, 0x0, {0x8, 0x2, 0x1, 0x100000001}}, @init={0x18, 0x84, 0x0, {0xffffffffffffffc0, 0x1, 0x1, 0xd039}}, @sndrcv={0x30, 0x84, 0x1, {0xffffffffffffffcb, 0x2cc, 0x1, 0x3, 0x3, 0x7, 0xfffffff000000000, 0x2, r4}}, @sndinfo={0x20, 0x84, 0x2, {0x5, 0x8, 0xfffffffffffffffc, 0x1f3, r5}}, @sndinfo={0x20, 0x84, 0x2, {0x7ff, 0x8000, 0x20, 0x100000001, r6}}, @sndrcv={0x30, 0x84, 0x1, {0x0, 0x6, 0x2, 0x9, 0xfffffffffffffc00, 0x9, 0x1, 0x8, r7}}], 0x180, 0x80}, {&(0x7f00000012c0)=@in={0x2, 0x4e21, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10, &(0x7f00000013c0)=[{&(0x7f0000001300)="e97b0fd5df858373aa3808", 0xb}, {&(0x7f0000001340)="076c26e9c29e29150886c4230adac69e682cf543e149fdb05ebffc0fa776ea7b3952cb4b9e38910573d1b61252b2748a3b78c16ae1ce514f78cec618cfd1997543e27e31a54858f86db3", 0x4a}], 0x2, &(0x7f0000001500)=[@sndrcv={0x30, 0x84, 0x1, {0x9, 0x6, 0xa, 0x1c, 0x3, 0x5, 0x48a, 0x9, r8}}], 0x30, 0x40000}, {&(0x7f0000001540)=@in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x12}}, 0x10, &(0x7f00000017c0)=[{&(0x7f0000001580)="d6deeb6fcf91f6aa42ba044aad9236f6f9b375f5d370e23e69cc1ea64bbb8c0d9b22d9aa5370872778785ebf457b620202fa97c38595bd0cc4778b50a8d2e99da3661280996a3dc1550ec89c85c270e95e19caba5e36e591728aa2d2f002630de78daee3b905c9eaf1124affea15fb5ecc2ebb25111b93fd4b66ad91358925b309719272945afe0bece69de3131e819c90eb50773c7ed70a2f8bd1", 0x9b}, {&(0x7f0000001640)="ee793c15fa8dc53fbe82d91af3284d429d9a628c5bd8b58c97a4b75b05a14fcc8c5b5654d80adb42d1dbab7a4f79e43ff06bfc5a2909c29d4301098675d257dfde1bdb9d1fe0b4d9e8906db5a5fbdf033d68cb38cfc64d8e2b1e4a98197a0662b3b7ff76b6a9674c3c4e88e926598f5867243240b40524f9ae0c416aa52deb7ef5b6d5d0fada50b71ea23d3cabe37ac1bb0978cc9c485b", 0x97}, {&(0x7f0000001700)="6b60fd2aa3a42935a8581000ab829efe94617c22113db84dfbb55a82a23f85b60fc60d21eb4236c77e0d2504caf31271922b32f4fc5c3dce1bc6c8f2a88e6cd7d3e19e2406f0fa52b72deae4fff0f6723b83b359f65d7c8b34712ba1aa4fd508c609f568f572c298a1f446c8f44ac143ebfdf4f22afb049f753d601fd55464a8ea781dfc3d26fda05d", 0x89}], 0x3, &(0x7f0000001880)=[@sndinfo={0x20, 0x84, 0x2, {0x100000000, 0x0, 0x1, 0xffffffff, r9}}, @init={0x18, 0x84, 0x0, {0x6, 0xffff, 0x64, 0xb4e3}}], 0x60, 0x4000005}, {&(0x7f0000001900)=@in={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10, &(0x7f0000001a40)=[{&(0x7f0000001940)="1ba7728c224c3f4b49f5b299b9940daa865153d0c9f20fc9", 0x18}, {&(0x7f0000001980)="9d704eec91e9d19445f172d17b61", 0xe}, {&(0x7f00000019c0)="116b98d56cbe78c19bfa9d64f4affbf8519b4717c9dbb6e8a19cfbfff4ff4c5afde34c6c5d55ba2781a78585b37efffa3eaa9e306529d7d83d2144b912ca1c18bd047b353381000d11825281a6d45d8797c41bfd68ad5cca0e038e5a2d92db8a67fc273bf9fe29c52d59e4dec4c235d5b18b73bd7af36784fc191fda64893583", 0x80}], 0x3, &(0x7f0000001d00)=[@init={0x18, 0x84, 0x0, {0x8001, 0x6, 0xfff, 0x98}}, @sndrcv={0x30, 0x84, 0x1, {0x40, 0x8, 0x200, 0x8001, 0x5d, 0x7, 0x100000001, 0x9, r10}}, @sndinfo={0x20, 0x84, 0x2, {0x2, 0x0, 0x80000000, 0x0, r11}}, @sndinfo={0x20, 0x84, 0x2, {0x4, 0x1, 0x5, 0x4, r12}}, @init={0x18, 0x84, 0x0, {0x6, 0x6, 0x40, 0x1ff}}], 0xf0, 0x24008085}, {&(0x7f0000001e00)=@in6={0xa, 0x4e20, 0x7, @mcast1={0xff, 0x1, [], 0x1}, 0x65810561}, 0x1c, &(0x7f0000002200)=[{&(0x7f0000001e40)="1711af627a0d0ce04737071ff48f06eac63834e51aea63af97fc572140c39aa8940f359169688d5f6e6fd33ce908f567eb7cf8e42777b9131a57b1422731590ceae411e102b9095ae8bc3d2f857bdbdd546450a95fc60b1d805c8ca56a82d856fc025439be6796887c3f8e3fa25c657bc4a458fc6f4a2a04dd2be8e9c41ccf271009eaf1025666fd524fb85499899c711b40f99b59b160fc49394b", 0x9b}, {&(0x7f0000001f00)="1c3be91adf534abfd1b44aaf10b7361b2d9b07b98b9cf5564def2399925a68f4d5fcb0c94bed4e225b1b58e9a99cd4a7012c02420075698a740fca58eccb0acbc5cf1716eb6e9b63657a692ee4", 0x4d}, {&(0x7f0000001f80)="54cead4d6ab54aa202d51942b5396b3f6d28c8c45c29730400f2be863ba2f45a354b8cb7ac9a6431084f6a94780b520487a1ebd1f8c9c78e13adc5ed179423931a3fec60d6eef313552c9e6310f9e290b6dc707a63049bd348b1ac3cc55a879af77c8077728b1b33f1ee0e1566031157f90f223ebed6d74f94f161cb4fa3fcf2a9a1e315c95ca5d2571adcc72763e93823a0a057f4424e86186d0963e9ec9a5a11bcdcb896b92a7e7a2112650f3287a1c72422ce805ce83edb6e5b5fc185cffa50096d26", 0xc4}, {&(0x7f0000002080)="faa1b54ab617ba670c2382294ed80274a7a236ee01ea8ac65b1078b8fe814a32360e2cdf261206e6932b60ea8f9f9e2eb23170bd60b5a52449ce2a0d6d2248136af406b762f267d0f25fd90b3468206efccebd18d03b4e319c576a89ac223fd9d06dced9cafc893bdd360f76f2918fb1302944da56bc186b0d3b1db516394495382dbc23dec67e6f8b9d864029fa26f33d4a2d9ca22d301f01e181a2fa78a8aff3c374b62f4ab5ea5c5126a117988821ee9540fdcf554c6d2205e600fae877f2bbf13af8a0f9c7a7c53cb6444a7825ffed0e3be5794a36fba0d2", 0xda}, {&(0x7f0000002180)="078bd4ed2676fed18024ba9a2ec28c6bc9c79da79b2d37847c", 0x19}, {&(0x7f00000021c0)="4c620c1ca2027732d1064804e78cdbbb4e2b3a7c285f6928ac13b9094cd2325748a7", 0x22}], 0x6, 0x0, 0x0, 0x1}, {&(0x7f0000002280)=@in={0x2, 0x4e22, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10, &(0x7f0000002500)=[{&(0x7f00000022c0)="1f2c48df0e8b3424386493dd7962be3b2db5fd5babe097ca0be3d1b9a9eff17e97ea66f788019c5d2ac5ba0211021e070e8c7412edf3bc64521cac3b69cda999912c6639766d2d28f2c9e931b3a5261084373b783591051abb9d54a4afa9e376d900eccc2d24b3319c92378c0dab5c33e06c338e93af7096401f46de57679b5f6e0a4a6757a21bb4f4b6323c6beca944929cb259c433ed52f7e4ab9247619e72aaa7d2d1f3b13e81cf9f00e5b78deb3b", 0xb0}, {&(0x7f0000002380)="a2a420661913433bd9498a43188b56aeb1936b9070c06e27ab0d457e4235263e0ce23b52b8da8c1b4699e3fd33a35b1c3ee1c04d09209b3966b2dc7fb740d4dc603e28c6ce7f6bd3e513fa964181ca4e20409954cae18884f6c4dccbb0cec2dc090175c8b5b29e5a77f9ecabe9600251d8cbdb08c9d6a67a3e317a2f", 0x7c}, {&(0x7f0000002400)="cea0588d4f62fc3d13747bd2bc790e428a37db4c15619b5f9a411d97c53028ba11492ae883a9a43c55d2f0fc389a3952706fc7db176443378b78fe094ad3f3b2a0e76e0e15408fa73754f529f4de9dbb0ceba09caf01ac3f5358f0822d8803f2c9f8b76ca731728982cd802fc6a7cadf53088f44e975631697d13b68aab26fda905fbd0c1588ea6c3ef27dc664261988c120a59dca13a36340dfdd0779aa44fa0df9a92a3c1a8434352556f5c230db945cc756a56b5d404d1b8aea9be65120398a5b162658b209fb5b93da607a8344f4f71926d86328b4ddba504d2f4af53613c3e355ac15877a41df5a05", 0xeb}], 0x3, &(0x7f0000002700)=[@sndrcv={0x30, 0x84, 0x1, {0x6e, 0xffffffffffffff80, 0x8000, 0x81, 0x8000, 0x1, 0x9, 0x1, r13}}, @sndinfo={0x20, 0x84, 0x2, {0x0, 0x1, 0x0, 0x9, r14}}, @sndrcv={0x30, 0x84, 0x1, {0x100000001, 0x8, 0x201, 0x3, 0x7, 0x5caa9e7, 0x6, 0x2, r15}}], 0x90, 0x40}, {&(0x7f00000027c0)=@in={0x2, 0x4e24, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10, &(0x7f0000003b40)=[{&(0x7f0000002800)="7c3bf718949ad87363818dc17576c03d8547e9688a684b99c2ad20b1670fe12356f7f0fe30bcb96f4edc6912bb85149d07cdaa4b4141e298a40930d5c836", 0x3e}, {&(0x7f0000002840)="847be1892b7441446b87eb0be3b4754293515a3742c011c95c07a324f05b9f012a6a6b3617e29c154757d7b8df38a67b8685d4c9588eacd7b827212af5942e580ceeb22ee7c513803a5470e223cd12f02acb00407a97598a789033de4819b6d67e10ae37426737ce0e3f28bedf6b982819261c97b2f5c1be0540c92f488c422bc06ff2dbf49e736a", 0x88}, {&(0x7f0000002900)="66e496915e3bf97bfd3d7409ebbc7206d3acbbc408313ee150466b962869ac4bc976c0530a903c6f470a6d2ec7e46c5f542a9d684393c30272cc1821deb807ee80441737885be1e07bd7f59b1382b75d8e866b9fb3dbc1ba7c0ebf802a7b745709e8070d7a3f64a4127be9cca20a8f8766c528e2dec6a702293d25a1", 0x7c}, {&(0x7f0000002980)="dd990049fba09a513d613632d65bbe377a7e4acf6190c9fcbcd431b53c5c4088c3ce62d0cac1fabc650d548e0d89fdd4233cd47c0c3036538a986063cf727a7432b190192ab74a2acec135137595ef18a0f817e4be119682c2dd17fb747743936bc1778e07", 0x65}, {&(0x7f0000002a00)="6ea35bb197e7acc52ea37546958852284757684079c85aeefd108fded10e3f9df3ca7adce531facb8650bbc5e7e22420caa1f8d7fed0ce59c2de072404dee89fdd8ba434bc45a06b1520fb6358f88429f8215b2433805740550db53ad15688990b4d4a01e74ba4949f1300e375f35084c405c66403952a09288c6b61e5e76c6b0ba93aa5e470816396f0e28818", 0x8d}, {&(0x7f0000002ac0)="e6d3ef9cd6d9971bc928ce5a68c3f233bb74fb809d84b6b88f2124010a9a0742de17", 0x22}, {&(0x7f0000002b00)="79caccafce21b80740bf4622cd4f44a63dbb1d87f60335e47fc9dface550b4550b854ac7f94cb08d4e8f0220cd3d2134e3a2a4b1", 0x34}, {&(0x7f0000002b40)="7e6386584f533fcea6b04b6187b6da5b9f8c03fa9834532ad31d145abc8540a09b0ee668e9a782b8d80f91c97a83c20d857a2d26ce2fcdaecd2c3299077432a62431bad3653d97a9e27da8c4aa447a06dac19ee8b5f5154b96a13851952a58d25212e56d1e94bf1ded3adb77247d6e795448b942c491ad421e3df2d62942164596d7e4835e98b45a7b4025f586bf0ea31b79e47907528b7e400303d80c80e67c2e60181daaef9eaaecfa81107b99ea10e2b959486c13b3234337a643075f0036882384062b35c67e776d4db6a69470960fa44522d18f9dc0f7070b6e66e031867f468eac5ff9fd8f09c1b5fc3c48036b5a3fcc87d65aeb49f5c7d0f552edd289d417537772e0e775404a7109435f17e8b97eac81f9e9a47c2fdce221bc46ee54daea5b648a62310fff04d351b7fc0e036efddfb129e463e7c52d9d9f537758e64959f63a56058258462d8f010b81e96558b54ae48ab068666b17901d599a5d1bfef1a55df94c77d828ad9dadc9d9bec494caa0edefac0362789fd2c324eaab11ef9bde4295ecd805ab5fb6bb31183f26d474a8f3c2fb8c7ed5582556f051455e5fe061c69e281c2d761801d4a66642c5835365f70649cd294e21b6c6b0e7af0b0c461252cd950bd57e676b279b47b40eebc2f4db8ec54113c87955985a3a338496f31a39725654a3875b0aa1986f08bef1e12c7618ca04a6caafa5267da0dff34ee258d6aabd2ddae6cba068111c15a1e33cda46ab2d55e2f6ddce28c1d3803ce9c419b3c4d70130b1a8a6afd18a68a65c1baaa28758b275b63cc0f0d9adff43e8eec7bf5d0e35183dd1b3e8674cc4087498e9f95b2442a48c2acf33b316a167c8de0d9a38ca7f0e16b67918d433f5fda701ec3e914c764bf63d085a32097959d37a328a957164dc720a694c46e6f7318c1dc2ad71639ba531ddf8bd3063bf64588e480e315aa46efc7d1ccf9b6b571f1ffdc917bcb473b2cfae6997ffff3895d869c1838cc567bb632a98db431f600353c689d6e37ad82a12713e9469b28c4be5d0465374431fbd54ed6edb5868dd4ffd7b6d218bfed495a68a3417217feb361f0afed766b675f1a14bbf21bf67b1c2ada72bc4e95de071128c0fa7c711529dc46842067c71abcc50439374bd326990e12ee6eb436298f838bd170c8f0310e8edebc7099b84e8bc366b38fd38dc185a82b4769e1949582adf0ec605d539d69820c7105bd9439983eefe331393cbfe5ae6745f0684dc47aeebf9d8355fc288d0e7036676a0c25c7650c98ebf56400de857b22b5c6ef859290a0fa9bcc49ecd418b835718b2f4bbe1d3c0df043f19c81719a373d3be99c010868c9b766af8865511c55ac363338c9c606d5b3270bdc3cc607856b0308f28df5a35edbcc5ef31509f32081ec3bc7f8389c92d70aca9d960c08dc4094e00c2f41679445f2d9dc73d305f420b4aa82b4aada75eda7d64456f8a8401042033e0c412581270086e72bd08bff9f85af5325fd87db4abef7c203e60b943d1cbbd857445a5dcedaff1b60083fc68584198051f54435eb07c98c102c91961dfd49f2bb36bdc92b69e17d0663cdb8a205b47243ef68076d821ebdab9d5fa0dbb882e259060bd26f5e61308e71fff2724de850df95792a8a9bfc869e5eb92a5edcf523813b311b9676d5684f5d71e71896ba31196fbbdf7110988a741da747cb23df598470ba3f4921ae18091f5273dab9d3da8d6c7ffa570aa60f62e57fd03ec10da7f83da68c78e3cea1697479303eb21946b9ae9c48234a3bc20be6d61df7a815e62b16182875dd36c0e32ef089bf563f36fbe723248dfca85bde73afa76fec0be5afaf9173f5dd9b6fa1dd84b088dc987ee43efaa3356906972c6839196dd73322045d017111e5e7bc7050ea70cb815eb7bd962b48134568d41b47cf01ef357162daba9885a803068cee10cc7f0c8964990ccfe2bfd511d4fd97d0e689f747e3bb836cb06283dea74899e221800892d34fb76d3f432e42850a3e91605ea6b86767e46b66f9f38add0b056d1b29b4172b80e6f7feb0ef24485b107aa4dbd8bd3c3cef1a4c1c3cd4adf21c808ead056f5d77887453fb6875e193c6605552ec288e5ec94cfa03504333330de32be74a3af6d50cf4c69281ece49d36d4973f072e47bbe75a9938146d370feab42c47a916e3d4035724086c7769c8327d562db5a8f2303f54b0ea8b3d850dbcfac95bdd9324d5abb675449b01a9d835b962ffb381cf2674979dd66f945c1b912f98bb05a99f3b6a90ffd87bec737dc8893d3b05ab8d7e09152a613afd21dca7213befc689b8361da530863d8e575d859650dcc11fb760ea225119b06c0900ce23d0860f969b09a90b37fb117ba0ab2ea5765eacc47b2a8401cb0e2e1d6de5127e57e5e2c038b96d289151f1cd06fd2797033926fe09d6b794c11a2ac0a14ecede2356e18d2f702c4711b9ae4b92499f6c216a659841b67d9456c359d9b66005b662d790c4795de4426784af4cc9c181c70d7ac44f6e88003e006d09574533eaa8cbbfc5b15f612b933a1a58ace7ab2d820be77b78607844cd866d3a0a8f72d794f130e799838facbf5f07e5213ce7f32ccaf81cdb3b1d035242fe2869a3134cbef991b1dcd888c510dfb1109b6657f2673d80532b8fba4172c965b5a2bd569cc902fc8134d289552c49b86dd348f05046c89bdbc26f67e5af192663d8fe093b0a46d9b9599eabafd4d58672c6f32578f74d4e5d32c8af66ba8c59e1093820fc191641dffb7c38b0af59de5386e1793cd170372b5433037405be4954f849f50de4061fb28b9716a6aa54a62bffce492fb5681a9ec548a2ececa9959845942c3bb0fc39fd38e7f923bcd77515dee3f50176051980083c5db94b3c5b0f7c47df3e9ce0b191efc0557ffefeef8151b255ae8f84946cf1fe4e7b77bf66fef6aef43bac2f0156d8efe8eca8b8eee32b9e55e33cf7dd5965e84ccca6b2af5b28543acb1f14153313a04801d9e4c4db1cf6e9e7e3edf0bff988cfe35e58e41e57ab411c1eaed6a746ff9301658b25ed1f7aefd3e2e6c895837511ee1616c4e5f2e0f5fb19a2a63ef0a81b1e6af3b4281da133c29dfa0a6b887003333dbb451aced2844501b252e7ec7e33306692f846647700aa39441bed6d69754ddb1094db7563989a68c146c0e38a40a8a49bfbc7bc55df8b5ec0c72f79ec7148f7b4150235008c6d003b67b139def1be24e7cb0138e0b2c1b21f990e78536c0aeebaf59273c3f663695be7d9b8b1a9865aad3e1816697f6631d617af9bc687fa310919b032a07133d1d666118c722a858d215db281404e605d1694a9989f6d7d337c12c8999ba40c46048891c2c3cc8f242b51fc24f9e5f1d899d854919bb0860236fe1c2050e192b393b3a21f6ab4531d78a1910602c8c318062a5f07bf445097d2c5307c825284c523de62191311c13d1e0bf612ead422b601bf717a0dab6d61592c1ddb20fde2bc3fabd73401451412fedbe08126d4eb8282157e7796bfa609cc48aaf3bb13c9bd25d550bff6cea187838e681475b3df53049d09205b6fffc1daffc4c5c580d9d2388a20be158c561e8e26dbf56a8983ba5e88aa89d935bc3a7ec8c44959ecdbd7f3ff847aa1141b64cd0e8c83fcf0d7e3a0874c1cbc35af34940236620b67536c4188a336b26d224ed735197e7bc026abfc752b6a3f5f073f12b99346ad8c0f5c9713dd8191b31a54b881e1ac9e9d1a115f8480de208d17cb8f3ace43f42882e28a2bc824e70baf74f1c84fde85ff61174800a5a05dd62c12746798400a3e74f2296cf33ef0abfd1986b5e0dec2758f7c927d344a65dfb873ec79245a5db5f336db34d321b21f854226244904b518d1d0acffa56ff3f4936cf71d238bc232f39a69295c7e0aa825312fb96815e39f06b075bb68c5d1d4d4b85c7971591a60dd81f9439da14b79cae386030d7609882ec3ec9402a0b158ca0163a8e5be79af8b460d467518bd199c4f32b52d4b49f4161ff3e16cfdffeeef3bf99883f01c8769992a616ac65d64da3b306bbe9c3196b6243371028fb7fb54d653d96a2a0ad8d06203adaf0a5bfd73eefa23e284097f3e1ee5958c20fdac91d55a4b05a592f2067609394d4277a6d7b509974137b35a6a590a39c78eacd14cb89eb20ae05fc9d1478d698d27cae3634d7026e8e88e6a9b8b86c2f582ac7ddf792c4f5f7c72debb9405344ff816e503d3d5d8ae1e304f8e8d1f3fd66ee24811cc40424499e647cc75845f0f002457021c0e98132644854b09b4b8311bb26b3ff7f65025fa7868642a8ed7c47bd79311f2b4528c5c3d3d26df417abdab5ca8db141f93de3e73ec345e7fb3d813e5d56bc8ed442a0c8365321d5b7bce1bd863136897ddb8e85f13a13bf544a153bc917672ba61bcf9b3fbea7e363391c6265d36a52af521741d0b68feae543f281c1e19e30d2fdec4a39e833efabe3788300827f2a7ce7d3c70d557321e7a102d3519016ee3d6cef2a67ad5a6fd4545f97816eb6bb730094c9f16c6abe1ad6079ebcf2023edb83076b07665cdbcb8c3cc86c2128607137d86648dc7229f54549735b6d2980b1debee199ce01b28960260752eb0931ea42c9246c33208b8d754bd7a81cd13848010ca99576f147639ff6ce640797673a6d82d54c9777466b7f731b7bf74c6add73ee86007e50697c3223a4b8016fe6be8acda022073f21414ac7fbad1faf14858a8935745ccd14e1523dc08893262d600cfec4f770f9b46a7e9d8c40d943311fff39c7755d426f75e0a73288159d2fc3bbac75a817de3b1d3d4ed3ff140bcb8387b2afc3bdf4582b104f070e61f7d8bf2de58743ed490756fd6e491dc575ab7c509c73086e54b137b68001c2444fb0767d6db8a00140018680ba36e52421bd775dc3ae3553afa2ce43d287540a573fd57e24b5f90e8697b6bb32fba0ab11cb9f9977705a2acbcc81b854233d79c2cd300c38ed01002f94465e87a175ce3ba2a5fdbdffca11c3c327055f19eb73a5bd59f7060846aaeec7e0351ca40499de9ad5c8f6687e0450e375c3a93bf97289105fd53a1c71babea3ae7bb391f5f63ecd70a06ed2980bd8321ea738eb7dc9e3b339ce29eeb23cb41205d2548331a95410af93714719a80b45377b3ac33f3f59a9347ea6c04eb70630ecbc9d2163a841e257887e8048160bf6e7f7f31860b1550408676ef17209a5f096ad4eac5ecaf0cc1a5ff61bda64c200c337bbf57a544ef3860ad58dae1c2da8fb4cf14a192a70f5cb4618ac7647e5a33ba2e31f095077d10f8e9e9464c43e95e5c0c59369f23a2a3dc1c85d9e2cfd327a2e3f337e1fd58db2736084c5cd4bb26e848ca5b45467ff3a1f36a09b5c7003e9a6f6090f2c8aafa23ac6ae6c35d0dd9a2fa41c0cedb2814060620e6fa285ba531cfd88c62cfa4fd1ae2e3f45f12e4629bf3705a822f23aef1db6d4ea736c4704d483067dfe27280f3ac4da05b99665a86a7ee1074e022cb54677bf64a38317b2fba0b98ac9108f7e3168bede90ee77c5ab97b5ba8caa361c2204a73e9e2182620f605622d38f006d2529a08788374c41aef3a1380fc5da8f929de34d401d8743d36dd74085f850d91824ee8cd4182d7f60c3fbcfbe856ef2bfd24bebf08ba389a37f7a60b65933b178bcc1c3558302e18976e334141bfb58c23e6252591d6aa634c8d3f561cbf95822490b4ae733532fe9775cf8f3ca52de4ee669f3197f8369ee854eea0304de7da7d8d6a1db5ef784a3dcdb2e30e9010c66e8fc021cd79e206cb7f927632d87ff64155c1cf539", 0x1000}], 0x8}], 0x7, 0x20000000)
ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000040)=""/21)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000400))
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0x289}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:07 executing program 5:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = socket(0x1a, 0x2, 0x22)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffff9c, 0x84, 0x6d, &(0x7f0000000880)={<r3=>0x0, 0xbe, "8d01fc7a9db2510009a23911afccfbc9ee5e257ae47d68288e0e8cf26ba336956d09cca3ed63538fb428f9796559ce7c36eb5354307c3175f4aef24954636be36766c382886f4f37bbc30c2f1be70f3f660b1f673836b3250133c8c2f8e3bc650cdf641a7e51050ac18400e8e9cc2495320cd398f162489d05f3184b552cc11052a8376d109927633a098a9847dfe1e672d561e40ef2912eaba188660dd31fc0138acbb0bcc6f7ca589cfac673ae65a3657f767159b1b306a9ae5d5d5848"}, &(0x7f0000000980)=0xc6)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r2, 0x84, 0x73, &(0x7f00000009c0)={r3, 0x101, 0x30, 0x193bcfa5, 0x8000}, &(0x7f0000000a00)=0x18)
r4 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r4, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r4, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r5 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f00000002c0)={<r6=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r5, 0x84, 0x9, &(0x7f0000000340)={r6, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r5, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r5, 0x8000)
bind$inet6(r4, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r7 = socket$inet_dccp(0x2, 0x6, 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r4, 0xc08c5332, &(0x7f00000007c0)={0xfffffffffffffffb, 0x8, 0x0, 'queue0\x00', 0x3})
setsockopt(r7, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r8 = pkey_alloc(0x0, 0x2)
pkey_free(r8)
r9 = accept(r5, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r7, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r9, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x2b}], 0x1, 0x0, 0x2f3, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r4, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:07 executing program 3:
syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x0, 0x4001)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000a2f000)=0x9)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
r1 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(r1, 0x8040451b, &(0x7f0000000000)=""/21)
process_vm_readv(r0, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}], 0x6, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:07 executing program 0:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
mkdirat$cgroup(r0, &(0x7f0000000000)='syz1\x00', 0x1ff)
pipe(&(0x7f0000000480))
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
r2 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0x0)
shutdown(r2, 0x1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000040)=""/21)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000400))
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0x289}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:07 executing program 4:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
getsockopt$inet_sctp6_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f0000000880)={<r1=>0x0, 0x49c0}, &(0x7f00000008c0)=0x8)
setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000a40)=@assoc_value={r1, 0x9}, 0x8)
r2 = getpgrp(0x0)
r3 = syz_open_dev$dspn(&(0x7f00000004c0)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffff8)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
process_vm_readv(r2, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}], 0x1, 0x0)
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r3, 0x84, 0x76, &(0x7f0000000000)={<r4=>0x0, 0x2}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000800)=ANY=[@ANYRES32=r4, @ANYBLOB="8102d7b10e484d0d04d3565aa604000100ff0f5d7e29ff2356d3a80f188330e11dd63083cf4c5904c23b4370a41fd8549126a660572075dcc76e0fbd1414647afabd31a6361ca872a3361090464db8c96742269edbac217fa48beccc415cfcd97226b114b7"], &(0x7f0000000480)=0xa)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))
accept$packet(r0, &(0x7f0000000400)={0x0, 0x0, <r5=>0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f0000000440)=0x14)
setsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f00000007c0)={r5, @rand_addr=0x9}, 0xc)

[  181.243559] binder: 21070:21074 got transaction with invalid offset (0, min 24 max 40) or object.
[  181.257217] binder: 21070:21074 transaction failed 29201/-22, size 40-16 line 3026
2018/03/30 10:05:07 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r9, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

2018/03/30 10:05:07 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0x0, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:07 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0x0, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

[  181.334691] binder: BINDER_SET_CONTEXT_MGR already set
[  181.343533] binder_alloc: 21070: binder_alloc_buf, no vma
[  181.349170] binder: 21070:21095 transaction failed 29189/-3, size 40-16 line 2963
[  181.366358] binder: 21070:21074 ioctl 40046207 0 returned -16
2018/03/30 10:05:07 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r9, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(0xffffffffffffffff, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

2018/03/30 10:05:07 executing program 6:
r0 = syz_open_dev$binder(&(0x7f0000236ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
tee(r0, 0xffffffffffffffff, 0x1, 0x4)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
pipe(&(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r2, &(0x7f00000002c0)={0x80000004})
ioctl$TUNATTACHFILTER(r1, 0x401054d5, &(0x7f0000000580)={0x4, &(0x7f00000004c0)=[{0x5, 0x2, 0x74, 0x4}, {0x0, 0x8000, 0xffffffffffff0001, 0x8}, {0x3, 0x2, 0x8000, 0xffffffffffffff78}, {0x9, 0x7c8a, 0x6, 0x5}]})
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008000)={0x44, 0x0, &(0x7f0000004fbc)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x28, 0x10, &(0x7f000026c000)=[@ptr={0x73622a85, 0x0, &(0x7f00004edf8a), 0x1}], &(0x7f000000afd0)=[0x0, 0x0]}}], 0x0, 0x0, &(0x7f0000009000)})
setns(r0, 0x8000000)
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x0, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00')
syz_open_pts(r3, 0x2000)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000005c0)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DEST(r0, &(0x7f0000000540)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x2000400}, 0xc, &(0x7f0000000500)={&(0x7f0000000440)={0x78, r4, 0x0, 0x70bd2c, 0x25dfdbfb, {0x5}, [@IPVS_CMD_ATTR_SERVICE={0x4, 0x1}, @IPVS_CMD_ATTR_DAEMON={0x4c, 0x3, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x4}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e21}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'ipddp0\x00'}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0xffff}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast1={0xff, 0x1, [], 0x1}}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}]}, @IPVS_CMD_ATTR_DEST={0x14, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0xfff}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x9}]}]}, 0x78}, 0x1, 0x0, 0x0, 0x10}, 0x4)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000240)='IPVS\x00')
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000280)=ANY=[@ANYBLOB="80000000"], 0x1}, 0x1, 0x0, 0x0, 0x4}, 0x0)

[  181.431665] binder: undelivered TRANSACTION_ERROR: 29189
[  181.439868] binder: undelivered TRANSACTION_ERROR: 29201
2018/03/30 10:05:07 executing program 5:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
ioctl$sock_netdev_private(r3, 0x89f9, &(0x7f00000007c0)="6871e6ea41a8e51830933f0d83fdb61b91d63867fb42d42c6e3024f3efb6ac29e0ff41ddfeeecc8fbdb281d7a9ac4dc6ccca194c294a96dc240c490e86489ac52832c91c7da270d03ce323f7839e8a4af2f47f29c5a717509bc5fc8ce8d2e473534bb9e00da3a0913bf9542b5ed05002b7045ad735363093fae198d2e884fef794925b37c73cecc39fd4a7ab42766657db6511811fab615132414630ba8b280c00b45ddc4e11f059356a835de3f7069d4029a1a0bf64d1bb938274df2c6c319cfff70e005cedfc83d6939019f2890e574171b7d2c52768a93427a64f9832f6d3c401c81bf6e14c04e6e889e80f27ebec67858a1b558f779e0aa78941c6")
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x2)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:07 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0x0, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

[  181.472290] binder: 21108:21109 got transaction with invalid offset (0, min 24 max 40) or object.
[  181.511575] binder: 21108:21109 transaction failed 29201/-22, size 40-16 line 3026
2018/03/30 10:05:07 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r9, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(0xffffffffffffffff, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

2018/03/30 10:05:07 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r9, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(0xffffffffffffffff, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

[  181.634344] binder: BINDER_SET_CONTEXT_MGR already set
[  181.650683] binder: 21108:21135 ioctl 40046207 0 returned -16
[  181.657039] binder_alloc: 21108: binder_alloc_buf, no vma
[  181.662807] binder: 21108:21109 transaction failed 29189/-3, size 40-16 line 2963
[  181.766826] binder: undelivered TRANSACTION_ERROR: 29189
[  181.772631] binder: undelivered TRANSACTION_ERROR: 29201
2018/03/30 10:05:07 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x0, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:07 executing program 5 (fault-call:7 fault-nth:0):
syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000a2f000)=0x9)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(0xffffffffffffffff, 0x8040451b, &(0x7f0000000040)=""/21)
process_vm_readv(r0, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}], 0x4, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}], 0x1, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:07 executing program 4:
syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc\x00', 0x200000, 0x0)
ioctl$TIOCSBRK(r0, 0x5427)
r1 = getpgrp(0x0)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}], 0x1, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:07 executing program 0:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
r2 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000400))
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0x289}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))
getsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f00000032c0)={@broadcast, @rand_addr, <r3=>0x0}, &(0x7f0000003300)=0xc)
setsockopt$inet6_mreq(r2, 0x29, 0x1b, &(0x7f0000003340)={@loopback={0x0, 0x1}, r3}, 0x14)
setsockopt$inet_sctp_SCTP_NODELAY(r2, 0x84, 0x3, &(0x7f0000000000)=0x1, 0x4)

2018/03/30 10:05:07 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r9, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, 0xffffffffffffffff)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

2018/03/30 10:05:07 executing program 2:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
ioctl$TIOCGPTPEER(r0, 0x5441, 0x5)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
r2 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0xfe1, 0x4000)
ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000040)=""/21)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000400))
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0x289}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:07 executing program 6:
r0 = syz_open_dev$binder(&(0x7f0000236ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
tee(r0, 0xffffffffffffffff, 0x1, 0x4)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
pipe(&(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$TUNATTACHFILTER(r1, 0x401054d5, &(0x7f0000000580)={0x4, &(0x7f00000004c0)=[{0x5, 0x2, 0x74, 0x4}, {0x0, 0x8000, 0xffffffffffff0001, 0x8}, {0x3, 0x2, 0x8000, 0xffffffffffffff78}, {0x9, 0x7c8a, 0x6, 0x5}]})
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008000)={0x44, 0x0, &(0x7f0000004fbc)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x28, 0x10, &(0x7f000026c000)=[@ptr={0x73622a85, 0x0, &(0x7f00004edf8a), 0x1}], &(0x7f000000afd0)=[0x0, 0x0]}}], 0x0, 0x0, &(0x7f0000009000)})
setns(r0, 0x8000000)
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x0, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DEST(r3, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x6c, r4, 0x100, 0x70bd29, 0x25dfdbfb, {0x5}, [@IPVS_CMD_ATTR_DAEMON={0x58, 0x3, [@IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @local={0xfe, 0x80, [], 0xaa}}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @local={0xfe, 0x80, [], 0xaa}}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x1f}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e24}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast2={0xff, 0x2, [], 0x1}}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0x4}, 0x20040004)
syz_open_pts(r3, 0x2000)
r5 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000400)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DEST(r0, &(0x7f0000000540)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x2000400}, 0xc, &(0x7f0000000500)={&(0x7f0000000440)={0x78, r5, 0x0, 0x70bd2c, 0x25dfdbfb, {0x5}, [@IPVS_CMD_ATTR_SERVICE={0x4, 0x1}, @IPVS_CMD_ATTR_DAEMON={0x4c, 0x3, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x4}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e21}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'ipddp0\x00'}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0xffff}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast1={0xff, 0x1, [], 0x1}}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}]}, @IPVS_CMD_ATTR_DEST={0x14, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0xfff}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x9}]}]}, 0x78}, 0x1, 0x0, 0x0, 0x10}, 0x4)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000240)='IPVS\x00')
ioctl$sock_ifreq(r2, 0x8927, &(0x7f0000000300)={'\x00', @ifru_data=&(0x7f00000002c0)="534c342e5dc49bae390d7f1c66eaab0703cc5e23445d9bf4be68e97918d252d5"})
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000280)=ANY=[@ANYBLOB="80000000"], 0x1}, 0x1, 0x0, 0x0, 0x4}, 0x0)

2018/03/30 10:05:07 executing program 3:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x0, 0x4001)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
r2 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000040)=""/21)
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}], 0x6, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000000)={{&(0x7f00002a5000/0x3000)=nil, 0x3000}, 0x3})
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

[  181.961617] binder: 21153:21154 got transaction with invalid offset (0, min 24 max 40) or object.
[  181.971518] binder: 21153:21154 transaction failed 29201/-22, size 40-16 line 3026
2018/03/30 10:05:07 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x0, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:07 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r9, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, 0xffffffffffffffff)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

2018/03/30 10:05:07 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r9, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, 0xffffffffffffffff)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

2018/03/30 10:05:07 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x0, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

[  182.076431] binder: BINDER_SET_CONTEXT_MGR already set
[  182.087431] binder_alloc: 21153: binder_alloc_buf, no vma
[  182.093103] binder: 21153:21177 transaction failed 29189/-3, size 40-16 line 2963
2018/03/30 10:05:08 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r9, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

[  182.144116] binder: 21153:21168 ioctl 40046207 0 returned -16
2018/03/30 10:05:08 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x0, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:08 executing program 6:
r0 = syz_open_dev$binder(&(0x7f0000236ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
tee(r0, 0xffffffffffffffff, 0x1, 0x4)
r1 = syz_open_dev$dspn(&(0x7f00000002c0)='/dev/dsp#\x00', 0x100, 0x2)
ioctl$EVIOCGKEYCODE(r1, 0x80084504, &(0x7f00000005c0)=""/213)
setsockopt$sock_void(r1, 0x1, 0x24, 0x0, 0x0)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
pipe(&(0x7f00000001c0)={<r2=>0xffffffffffffffff})
ioctl$TUNATTACHFILTER(r2, 0x401054d5, &(0x7f0000000580)={0x4, &(0x7f00000004c0)=[{0x5, 0x2, 0x74, 0x4}, {0x0, 0x8000, 0xffffffffffff0001, 0x8}, {0x3, 0x2, 0x8000, 0xffffffffffffff78}, {0x9, 0x7c8a, 0x6, 0x5}]})
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008000)={0x44, 0x0, &(0x7f0000004fbc)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x28, 0x10, &(0x7f000026c000)=[@ptr={0x73622a85, 0x0, &(0x7f00004edf8a), 0x1}], &(0x7f000000afd0)=[0x0, 0x0]}}], 0x0, 0x0, &(0x7f0000009000)})
setns(r0, 0x8000000)
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x0, 0x0)
setsockopt$netrom_NETROM_T2(r1, 0x103, 0x2, &(0x7f0000000300)=0x40, 0x4)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DEST(r3, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000140)={&(0x7f00000006c0)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="000129bd7000fbdbdf250500000058000300140000000000000000000000aa080001000000000014000600fe8000000000000000000000000000aa08b9004b26403deef3b7613dc4000000080007004e24000014000600ff020000000000000000000000000001e55bc3e6d9dc8ef7f84044a22c44c253464d150935a042a41fab7a0d064f43d6e0a67049eff4d313eea7fac0e944f3be4e1febd5f08c11f7d30f067cbdc7b5e18bf738b00399ef5fe011e439152f7d70a5c54c7a9181"], 0x6c}, 0x1, 0x0, 0x0, 0x4}, 0x20040004)
syz_open_pts(r3, 0x2000)
r5 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000400)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DEST(r0, &(0x7f0000000540)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x2000400}, 0xc, &(0x7f0000000500)={&(0x7f0000000440)={0x78, r5, 0x0, 0x70bd2c, 0x25dfdbfb, {0x5}, [@IPVS_CMD_ATTR_SERVICE={0x4, 0x1}, @IPVS_CMD_ATTR_DAEMON={0x4c, 0x3, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x4}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e21}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'ipddp0\x00'}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0xffff}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast1={0xff, 0x1, [], 0x1}}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}]}, @IPVS_CMD_ATTR_DEST={0x14, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0xfff}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x9}]}]}, 0x78}, 0x1, 0x0, 0x0, 0x10}, 0x4)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000240)='IPVS\x00')
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000280)=ANY=[@ANYBLOB="80000000"], 0x1}, 0x1, 0x0, 0x0, 0x4}, 0x0)

[  182.247826] binder: undelivered TRANSACTION_ERROR: 29189
[  182.253701] binder: undelivered TRANSACTION_ERROR: 29201
2018/03/30 10:05:08 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r9, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

[  182.315626] binder: 21197:21198 got transaction with invalid offset (0, min 24 max 40) or object.
[  182.352662] binder: 21197:21198 transaction failed 29201/-22, size 40-16 line 3026
[  182.453491] binder: BINDER_SET_CONTEXT_MGR already set
[  182.462271] binder: 21197:21209 ioctl 40046207 0 returned -16
[  182.470908] binder_alloc: 21197: binder_alloc_buf, no vma
[  182.476535] binder: 21197:21198 transaction failed 29189/-3, size 40-16 line 2963
[  182.511663] binder: undelivered TRANSACTION_ERROR: 29189
[  182.517502] binder: undelivered TRANSACTION_ERROR: 29201
2018/03/30 10:05:08 executing program 2:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
ioctl$BINDER_GET_NODE_DEBUG_INFO(r0, 0xc018620b, &(0x7f0000000000)={<r2=>0x0})
r3 = mmap$binder(&(0x7f000026c000/0x8000)=nil, 0x8000, 0x1000001, 0x12, r0, 0x0)
r4 = mmap$binder(&(0x7f0000894000/0x3000)=nil, 0x3000, 0x2, 0x10, r0, 0x0)
ioctl$BINDER_GET_NODE_DEBUG_INFO(r0, 0xc018620b, &(0x7f0000000a40)={<r5=>0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000cc0)={0xb8, 0x0, &(0x7f0000000b40)=ANY=[@ANYBLOB="00634040000000000000000000000000000000000000000010000000000000000000000048000000000000000800000000000000", @ANYPTR=&(0x7f0000000480)=ANY=[@ANYBLOB="852a627300010000", @ANYRES64=r2, @ANYBLOB="0404000000000000852a646600000000", @ANYRES32=r0, @ANYBLOB="000000000300000000000000852a687300010000", @ANYRES64=r3, @ANYBLOB="0100000000000000"], @ANYPTR=&(0x7f00000008c0)=ANY=[@ANYBLOB="1800000000000000"], @ANYBLOB="0b63000006630440020000000f630c400300000003000000000000000b63000001634040030000000000000004000000000000000000000010000000000000000000000050000000000000001800000000000000", @ANYPTR=&(0x7f0000000a80)=ANY=[@ANYBLOB="8561646600000000040000000000000003000000000000002000000000000000852a6a7301010000", @ANYRES64=r4, @ANYBLOB="0300000000000000852a627300010000", @ANYRES64=r5, @ANYBLOB="0400000000000000"], @ANYPTR=&(0x7f0000000b00)=ANY=[@ANYBLOB='8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x008\x00\x00\x00\x00\x00\x00\x00'], @ANYBLOB="0e630c40010000000000000000000000"], 0xa4, 0x0, &(0x7f0000000c00)="821d1e54758ab13a65b6fd7b43c663c0735ba1bf6d4978452078e5f3a319051dfa51e167912413d84c093ecd840fdffc4070de8fe55f85ddf140bebf24748487c07ee7b6b1a106d6e5d0808c0f1b8c18ed75dbe65a64a9b600aa01f1887e8e8885cb21ab963606fe7e3ccaf8883a67584fe6adb136b5d91130ffc78512c44b1e4ed59955d28eab48e15718a3a1896023104cf7fb47a15abbcf0e4da6dfab58f126b9f581"})
r6 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(r6, 0x8040451b, &(0x7f0000000040)=""/21)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000400))
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0x289}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:08 executing program 5:
syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000a2f000)=0x9)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(0xffffffffffffffff, 0x8040451b, &(0x7f0000000040)=""/21)
process_vm_readv(r0, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}], 0x4, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}], 0x1, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:08 executing program 4:
syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r0 = getpgrp(0x0)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
r1 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
accept$packet(r1, &(0x7f0000000000)={0x0, 0x0, <r2=>0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000040)=0x14)
ioctl$sock_inet6_SIOCDELRT(r1, 0x890c, &(0x7f0000000480)={@empty, @mcast2={0xff, 0x2, [], 0x1}, @ipv4={[], [0xff, 0xff], @dev={0xac, 0x14, 0x14, 0x18}}, 0x100, 0x8000, 0x1, 0x500, 0x100000001, 0x20000, r2})
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
process_vm_readv(r0, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}], 0x1, 0x0)
wait4(r0, &(0x7f0000000400), 0x0, &(0x7f0000000bc0))

2018/03/30 10:05:08 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r9, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

2018/03/30 10:05:08 executing program 6:
r0 = syz_open_dev$binder(&(0x7f0000236ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
tee(r0, 0xffffffffffffffff, 0x1, 0x4)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
pipe(&(0x7f00000001c0)={<r1=>0xffffffffffffffff})
ioctl$TUNATTACHFILTER(r1, 0x401054d5, &(0x7f0000000580)={0x4, &(0x7f00000004c0)=[{0x5, 0x2, 0x74, 0x4}, {0x0, 0x8000, 0xffffffffffff0001, 0x8}, {0x3, 0x2, 0x8000, 0xffffffffffffff78}, {0x9, 0x7c8a, 0x6, 0x5}]})
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008000)={0x44, 0x0, &(0x7f0000004fbc)=ANY=[@ANYBLOB="00634040000000000000000000000000000000000000000000000000000000000000000028000000000000001000000000000000", @ANYPTR=&(0x7f0000000300)=ANY=[@ANYBLOB="85eb2e18893687401fd9f2165c627300009278", @ANYPTR=&(0x7f00004edf8a)=ANY=[@ANYBLOB='\x00'], @ANYBLOB="010000000000000000000000000000000000000000000000"], @ANYPTR=&(0x7f000000afd0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00']], 0x0, 0x0, &(0x7f0000009000)})
socket$can_bcm(0x1d, 0x2, 0x2)
setns(r0, 0x8000000)
r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x0, 0x0)
r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DEST(r2, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="000129bd7000fbdbdf25050002000000030014000600fe8000000000000000000000000000aa080001000000000014000600fe8000000000000000000000000000aa080008001f000000080007004e24000014000600ff020000000000000000000000000001"], 0x6c}, 0x1, 0x0, 0x0, 0x4}, 0x20040004)
syz_open_pts(r2, 0x2000)
ioctl$sock_ipx_SIOCAIPXPRISLT(r1, 0x89e1, &(0x7f00000002c0)=0x75)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000400)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DEST(r0, &(0x7f0000000540)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x2000400}, 0xc, &(0x7f0000000500)={&(0x7f0000000440)={0x78, r4, 0x0, 0x70bd2c, 0x25dfdbfb, {0x5}, [@IPVS_CMD_ATTR_SERVICE={0x4, 0x1}, @IPVS_CMD_ATTR_DAEMON={0x4c, 0x3, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x4}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e21}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'ipddp0\x00'}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0xffff}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast1={0xff, 0x1, [], 0x1}}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}]}, @IPVS_CMD_ATTR_DEST={0x14, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0xfff}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x9}]}]}, 0x78}, 0x1, 0x0, 0x0, 0x10}, 0x4)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000240)='IPVS\x00')
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000280)=ANY=[@ANYBLOB="80000000"], 0x1}, 0x1, 0x0, 0x0, 0x4}, 0x0)

2018/03/30 10:05:08 executing program 0:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
kcmp$KCMP_EPOLL_TFD(r1, r1, 0x7, r0, &(0x7f0000000000)={r0, r0, 0x3})
r2 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000040)=""/21)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000400))
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0x289}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:08 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x0, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:08 executing program 3:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x0, 0x4001)
ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000000)=<r1=>0x0)
r2 = getpgrp(r1)
sched_setaffinity(r2, 0x8, &(0x7f0000a2f000)=0x9)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, r0, 0x0)
sendmsg$rds(r0, &(0x7f00000010c0)={&(0x7f0000000400)={0x2, 0x4e21, @multicast1=0xe0000001}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000440)=""/12, 0xc}, {&(0x7f0000000480)=""/44, 0x2c}, {&(0x7f0000000a40)=""/146, 0x92}, {&(0x7f0000000b00)=""/196, 0xc4}], 0x4, &(0x7f0000000fc0)=[@mask_fadd={0x58, 0x114, 0x8, {{0x4, 0x2}, &(0x7f0000000600)=0x8, &(0x7f00000008c0)=0x75, 0x1, 0x6, 0x7e, 0x6, 0x48, 0x6}}, @fadd={0x58, 0x114, 0x6, {{0x0, 0x6}, &(0x7f0000000c00)=0xffffffff, &(0x7f0000000c40)=0xfffffffffffffff7, 0x5, 0x0, 0x0, 0x1, 0x0, 0x7}}, @rdma_args={0x48, 0x114, 0x1, {{0x10001, 0x6}, {&(0x7f0000000c80)=""/242, 0xf2}, &(0x7f0000000f80)=[{&(0x7f0000000d80)=""/247, 0xf7}, {&(0x7f0000000e80)=""/79, 0x4f}, {&(0x7f0000000f00)=""/78, 0x4e}], 0x3, 0x10, 0x2}}], 0xf8, 0x40844}, 0x20000800)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(0xffffffffffffffff, 0x8040451b, &(0x7f0000000040)=""/21)
process_vm_readv(r2, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}], 0x6, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

[  182.705360] binder: 21227:21234 got transaction with invalid data ptr
[  182.715803] binder: 21227:21234 transaction failed 29201/-14, size 40-16 line 2982
2018/03/30 10:05:08 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x0, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:08 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r9, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

[  182.814554] binder: BINDER_SET_CONTEXT_MGR already set
[  182.820520] binder_alloc: 21227: binder_alloc_buf, no vma
[  182.826263] binder: 21227:21247 transaction failed 29189/-3, size 40-16 line 2963
2018/03/30 10:05:08 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x0, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:08 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r9, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

[  182.896239] binder: 21227:21234 ioctl 40046207 0 returned -16
2018/03/30 10:05:08 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x0, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:08 executing program 6:
r0 = syz_open_dev$binder(&(0x7f0000236ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
tee(r0, 0xffffffffffffffff, 0x1, 0x4)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
pipe(&(0x7f00000001c0)={<r1=>0xffffffffffffffff})
ioctl$TUNATTACHFILTER(r1, 0x401054d5, &(0x7f0000000580)={0x4, &(0x7f00000004c0)=[{0x5, 0x2, 0x74, 0x4}, {0x0, 0x8000, 0xffffffffffff0001, 0x8}, {0x3, 0x2, 0x8000, 0xffffffffffffff78}, {0x9, 0x7c8a, 0x6, 0x5}]})
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008000)={0x44, 0x0, &(0x7f0000004fbc)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x28, 0x10, &(0x7f000026c000)=[@ptr={0x73622a85, 0x0, &(0x7f00004edf8a), 0x1}], &(0x7f000000afd0)=[0x0, 0x0]}}], 0x0, 0x0, &(0x7f0000009000)})
setns(r0, 0x8000000)
r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x0, 0x0)
bind$inet6(r2, &(0x7f0000000280)={0xa, 0x4e20, 0xe, @local={0xfe, 0x80, [], 0xaa}, 0x4}, 0x1c)
r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DEST(r2, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x6c, r3, 0x100, 0x70bd29, 0x25dfdbfb, {0x5}, [@IPVS_CMD_ATTR_DAEMON={0x58, 0x3, [@IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @local={0xfe, 0x80, [], 0xaa}}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @local={0xfe, 0x80, [], 0xaa}}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x1f}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e24}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast2={0xff, 0x2, [], 0x1}}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0x4}, 0x20040004)
syz_open_pts(r2, 0x2000)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000400)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DEST(r0, &(0x7f0000000540)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x2000400}, 0xc, &(0x7f0000000500)={&(0x7f0000000440)={0x78, r4, 0x0, 0x70bd2c, 0x25dfdbfb, {0x5}, [@IPVS_CMD_ATTR_SERVICE={0x4, 0x1}, @IPVS_CMD_ATTR_DAEMON={0x4c, 0x3, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x4}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e21}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'ipddp0\x00'}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0xffff}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast1={0xff, 0x1, [], 0x1}}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}]}, @IPVS_CMD_ATTR_DEST={0x14, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0xfff}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x9}]}]}, 0x78}, 0x1, 0x0, 0x0, 0x10}, 0x4)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000240)='IPVS\x00')
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000280)=ANY=[@ANYBLOB], 0x1}, 0x1, 0x0, 0x0, 0x4}, 0x0)

2018/03/30 10:05:08 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r9, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

[  182.992867] binder: undelivered TRANSACTION_ERROR: 29189
[  182.999412] binder: undelivered TRANSACTION_ERROR: 29201
[  183.030958] binder: 21275:21276 got transaction with invalid offset (0, min 24 max 40) or object.
2018/03/30 10:05:08 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x0, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

[  183.054975] binder: 21275:21276 transaction failed 29201/-22, size 40-16 line 3026
[  183.176211] binder: BINDER_SET_CONTEXT_MGR already set
[  183.187164] binder_alloc: 21275: binder_alloc_buf, no vma
[  183.192835] binder: 21275:21286 transaction failed 29189/-3, size 40-16 line 2963
[  183.213152] binder: 21275:21276 ioctl 40046207 0 returned -16
[  183.280241] binder: undelivered TRANSACTION_ERROR: 29189
[  183.286449] binder: undelivered TRANSACTION_ERROR: 29201
2018/03/30 10:05:09 executing program 6:
r0 = syz_open_dev$binder(&(0x7f0000236ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
tee(r0, 0xffffffffffffffff, 0x1, 0x4)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
pipe(&(0x7f00000001c0)={<r1=>0xffffffffffffffff})
ioctl$TUNATTACHFILTER(r1, 0x401054d5, &(0x7f0000000580)={0x4, &(0x7f00000004c0)=[{0x5, 0x2, 0x74, 0x4}, {0x0, 0x8000, 0xffffffffffff0001, 0x8}, {0x3, 0x2, 0x8000, 0xffffffffffffff78}, {0x9, 0x7c8a, 0x6, 0x5}]})
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008000)={0x44, 0x0, &(0x7f0000004fbc)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x28, 0x10, &(0x7f000026c000)=[@ptr={0x73622a85, 0x0, &(0x7f00004edf8a), 0x1}], &(0x7f000000afd0)=[0x0, 0x0]}}], 0x0, 0x0, &(0x7f0000009000)})
setns(r0, 0x8000000)
r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x0, 0x0)
r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DEST(r2, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x6c, r3, 0x100, 0x70bd29, 0x25dfdbfb, {0x5}, [@IPVS_CMD_ATTR_DAEMON={0x58, 0x3, [@IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @local={0xfe, 0x80, [], 0xaa}}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @local={0xfe, 0x80, [], 0xaa}}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x1f}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e24}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast2={0xff, 0x2, [], 0x1}}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0x4}, 0x20040004)
syz_open_pts(r2, 0x2000)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000400)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DEST(r0, &(0x7f0000000540)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x2000400}, 0xc, &(0x7f0000000500)={&(0x7f0000000440)={0x78, r4, 0x0, 0x70bd2c, 0x25dfdbfb, {0x5}, [@IPVS_CMD_ATTR_SERVICE={0x4, 0x1}, @IPVS_CMD_ATTR_DAEMON={0x4c, 0x3, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x4}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e21}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'ipddp0\x00'}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0xffff}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast1={0xff, 0x1, [], 0x1}}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}]}, @IPVS_CMD_ATTR_DEST={0x14, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0xfff}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x9}]}]}, 0x78}, 0x1, 0x0, 0x0, 0x10}, 0x4)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000240)='IPVS\x00')
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000280)=ANY=[@ANYBLOB="80000000"], 0x1}, 0x1, 0x0, 0x0, 0x4}, 0x0)

2018/03/30 10:05:09 executing program 5:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
clock_nanosleep(0x0, 0x1000, &(0x7f0000000000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(0xffffffffffffffff, 0x8040451b, &(0x7f0000000040)=""/21)
ioctl$KVM_GET_LAPIC(r0, 0x8400ae8e, &(0x7f0000000a40)={"a1660c5b567a7cc318d571242a29d4871c0c131bf2dcb08e49cf7ba77e4278d82db040ce80dda239c28c4ada47b91d85287ecbb806a4ac94c328d8a6398704f60f59974de2102737733244b670b05d4249fbdfbe1facaa754f8481e030a75fe56fcee86b320ead43cb4ca8202727bfaf2832e8d7405dc43e20ed4d3c087df207c3377fbe8a57f014bc18390079bead52aa30958eb3959f0f447b95a99c9ef38ed0833ccc2c86ccb36565856a6c235d12bda861d754e5660584557b579b9178110119765f0667af8083bf7c5c3e87bc1a2bd9631a1a622d5bc17f7dd211a8849f0b32126142591b558f7f2f68caf69ac04d4b947cad833a182771b45c608736795ccc073c0a8c21892bac7c17f22d00f34713c0bd0f5d232b20752db953aa35697b9425ecb1003ad114e622a6a34b1dcf3b69affdad02c2d0b41f37b5c0c1a3c61494ca2087e5cd4e32da9741e730846d68f543d9f5c72958cab340c8b326ccee198163db00f3d818a673787096ddd040e4b1abe65aff9d6bf54d2451cc74ee8b79427e1221d639e94b6afbd384a3421a3a8c54fd60fb272cf8e00fbd9f03089f462a595a36cae53bd540087d7c801146da89634a70cd1807acba90e33bbc261516177f970d847861e71c2863dc9a890ca35c513d9bf22b4e542a6abfd3a5de977f3d5a82c57bb45f9c07b0375e39b58453680f607232b251bf13dc1360d194daeaeeec53e17f3ecd9b9b50e1c8922335716acc6429060ff71cbbc66ea100844265fee586e577065753c6c5c5ec4a7ef96b43af1bcefd0520ba9dcf32ce8f378455c585058d24a0cd773d60fdd7af53bf108aa78ce97416b3579c6721dc5b0126d374509a53728b422d3bd76af187ade9fb2d9d56b8b08222e7211bf6b30fb5fdf1257f2cc4fc385ff740276b0beaf9170945fa85b7ce6bfd122310355a899a5174d1da360e88329b5f3d967f6dfd46519a26e87906e03f35bf56213925db668115c3f596581d11e35455dab80bfa6c4f47ffefc0f5d2c3994e345830e1cea24d44231bdb948b06e8668e2be37d80f789c815cb0d17658bf9db32b14cd551c885078f343be73ee618b6457e4937bee351834cc640384885c22216f2ec7341a3254fe7c9d3ccd88793b6991804f55d1baf1bc819ffe912d3c8d7d099d66e70e98a2b7da4f274ea5394a0e9069928684f85d0e9423388c73dc73e2b9ac1840e28af8c18c6b1190afe415fd3b45a4edd4f483994325ff8779dacb85af52b1526f1297d20194e56f28296090ac8bf41d1dff167a1232c2e87cced7f2ef6e82daeb00eabd365826a841c9ed8aa65f765dff60247b7abcffe37e0fd4ea00549a63aec5fd3fe02e96ddff8e6a837c7b816f51c4a32c1aa4f95f588073078a7a72cf986e591c61110962fbc0f034a08ddd424e8dcda99207bd7bbb8ffc8764bcbe7851f3e"})
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}], 0x4, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}], 0x1, 0x0)
wait4(0x0, &(0x7f00000000c0), 0xc100000a, &(0x7f0000000100))

2018/03/30 10:05:09 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r9, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

2018/03/30 10:05:09 executing program 3:
syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x0, 0x4001)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000a2f000)=0x9)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
r1 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(r1, 0x8040451b, &(0x7f0000000040)=""/21)
process_vm_readv(r0, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}], 0x6, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
wait4(r0, &(0x7f00000000c0), 0x40000000, &(0x7f0000000b00))

2018/03/30 10:05:09 executing program 0:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
r2 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
getsockopt$netrom_NETROM_T1(r0, 0x103, 0x1, &(0x7f0000000000), &(0x7f0000000480)=0x4)
ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000040)=""/21)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000400))
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0x289}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:09 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x0, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:09 executing program 4:
syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r0 = getpgrp(0x0)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
process_vm_readv(r0, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}], 0x1, 0x0)

2018/03/30 10:05:09 executing program 2:
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000000)={0x0, <r0=>0x0})
process_vm_readv(r0, &(0x7f0000000d40)=[{&(0x7f0000000a40)=""/195, 0xc3}, {&(0x7f0000000040)=""/15, 0xf}, {&(0x7f0000000b40)=""/118, 0x76}, {&(0x7f0000000bc0)=""/239, 0xef}, {&(0x7f0000000cc0)=""/126, 0x7e}], 0x5, &(0x7f00000021c0)=[{&(0x7f0000000dc0)=""/91, 0x5b}, {&(0x7f0000000e40)=""/132, 0x84}, {&(0x7f0000000480)=""/10, 0xa}, {&(0x7f0000000f00)=""/244, 0xf4}, {&(0x7f0000001000)=""/143, 0x8f}, {&(0x7f00000010c0)=""/4096, 0x1000}, {&(0x7f00000020c0)=""/226, 0xe2}], 0x7, 0x0)
r1 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r2 = getpgrp(0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000a2f000)=0x9)
r3 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(r3, 0x8040451b, &(0x7f00000004c0)=""/21)
ioctl$sock_SIOCOUTQNSD(r1, 0x894b, &(0x7f0000000400))
process_vm_readv(r2, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0x289}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
ioctl$sock_inet_SIOCSIFPFLAGS(r3, 0x8934, &(0x7f0000002780)={'nr0\x00', 0x101})
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))
openat$rtc(0xffffffffffffff9c, &(0x7f00000008c0)='/dev/rtc\x00', 0x4000, 0x0)
sendmsg$rds(r1, &(0x7f0000002740)={&(0x7f0000002240)={0x2, 0x4e23, @loopback=0x7f000001}, 0x10, &(0x7f00000026c0)=[{&(0x7f0000002280)=""/241, 0xf1}, {&(0x7f0000002380)=""/235, 0xeb}, {&(0x7f0000002480)=""/26, 0x1a}, {&(0x7f00000024c0)=""/242, 0xf2}, {&(0x7f00000025c0)=""/246, 0xf6}], 0x5, 0x0, 0x0, 0x4000}, 0x44000)

[  183.386766] binder: 21302:21305 got transaction with invalid offset (0, min 24 max 40) or object.
[  183.401111] binder: 21302:21305 transaction failed 29201/-22, size 40-16 line 3026
2018/03/30 10:05:09 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x0, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:09 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r9, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

[  183.506593] binder_alloc: 21302: binder_alloc_buf, no vma
[  183.512309] binder: 21302:21321 transaction failed 29189/-3, size 40-16 line 2963
2018/03/30 10:05:09 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x0, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

[  183.551567] binder: BINDER_SET_CONTEXT_MGR already set
2018/03/30 10:05:09 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r9, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

[  183.573758] binder: 21302:21305 ioctl 40046207 0 returned -16
2018/03/30 10:05:09 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x0, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:09 executing program 6:
r0 = syz_open_dev$binder(&(0x7f0000236ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
tee(r0, r0, 0x800000002000001, 0x4)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
pipe(&(0x7f00000001c0)={<r1=>0xffffffffffffffff})
ioctl$TUNATTACHFILTER(r1, 0x401054d5, &(0x7f0000000580)={0x4, &(0x7f00000004c0)=[{0x5, 0x2, 0x74, 0x4}, {0x0, 0x8000, 0xffffffffffff0001, 0x8}, {0x3, 0x2, 0x8000, 0xffffffffffffff78}, {0x9, 0x7c8a, 0x6, 0x5}]})
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008000)={0x44, 0x0, &(0x7f0000004fbc)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x28, 0x10, &(0x7f000026c000)=[@ptr={0x73622a85, 0x0, &(0x7f00004edf8a), 0x1}], &(0x7f000000afd0)=[0x0, 0x0]}}], 0x0, 0x0, &(0x7f0000009000)})
setns(r0, 0x8000000)
r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x0, 0x0)
r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DEST(r2, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x6c, r3, 0x100, 0x70bd29, 0x25dfdbfb, {0x5}, [@IPVS_CMD_ATTR_DAEMON={0x58, 0x3, [@IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @local={0xfe, 0x80, [], 0xaa}}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @local={0xfe, 0x80, [], 0xaa}}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x1f}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e24}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast2={0xff, 0x2, [], 0x1}}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0x4}, 0x20040004)
ioctl$KVM_XEN_HVM_CONFIG(r1, 0x4038ae7a, &(0x7f0000001740)={0x133, 0x202, &(0x7f0000000680)="dd955dc3ed5859b618c80c0cd2fab60df8640d77b1a684b19ea45358cbd9823e4c0d316f929573ce860def02b45c80cd3e577531474206a188e3395c807fb5a8c0207e243266899d4d912009b03c5b6ec30763594682284a1f3bfa267f99b86200ee35cb04da8c7f9071646f13ded3e2f3f63b85afd6c1f466800de33a2e2fdf82393a822882b5db20c912e6edda7a14451d9564fcd25430c23e16640f37cb0347ecf95dbeb2dd7f457a45355347c50cdcd28d3c7b18b5f5a9ae9077877049501c38fd9a378273e59eac911d927e085fde00a3930f321f6cfdf50e093500d469a72f332d614175e6f6f5f249b905f66e56e8dd1306764a6650640b0dc863dfc0732fd0f7ab3aef3c443df5f6ba9611c8b33fd22111491bd6058a09e2ec796b00fcec38206658a0459ae29812a6eac4572fd91f2843a19bef8b4dc3d18eab9531d1d747d51258273fb6b860a90146cc30394109467bb921059189aacf634253f511f12316d450eb1893ed230276783cd88b5b636271a088d7e6862425f97699b74d8672fba95252506c6986bacc9636884078cbdc3e43bba0093952486d2efa54075c6eaf57aab663edd57eb3c68f72606e822321c4999fccb59fa8f3e5b4ef90f4154e35a0abe386ca7f68a3417c477a86d2025c0ab40749391cb1f27ed37250a6d3ec9f51be66c60664a7ce434402105335d80f4e8ffa1a3fdb8029c09146337c5653862130143fb6a941f369a2ac24ee305ac3331d199b71c43d921978ae85bff598a15c23832a0b313112be15dcf806e58c254fff398c034359fae968c69f2ef49ce4738d0ded5621f83ba6b38ef57dae191b36a3e364e98632b9ccd742aac69605f79fd5703acd9d967cca19504b5a1f69d5bc590289bde645eedbf8b789e6bdcbf5f7e46f0fe5d588d9827a43d70fc2b8ba3eaff3db34a6c6073a823ef7a8be9dfd42c7e009312a430385c89dbd5b6ab6b53180f4d59fe8fcfe4c7ef2724fa44e28fc5019303e190fbcd1b897e2872f9bfe0b619f4906d862a2d2715cc9b3c1552bdebf9027134c029ecdf9e8b76d3c38e872a6ee29051dc9b6060e4749fc4c9296c12c0f40948411d471869d22060992cf9fd626bded4721c863b3f2c95cebcb9145a702b74802e2cf1122d88d856288a7d37c8f811f1a3a6613927e84283a13ed67c4e62f81f68d13ffe0d71c880c08a35abdf45d52622fc09f857401254da6c55626e028a2df7ded50dd9ff5e999b81741bbab75c5d77f82f635194d38923fcf2e5c9f9c6b56f8ecd8a050e76205e50e9792d4fb5da9a7178417ac15ae5798cb1365efaa94954fc84d06b27739b20518b763cd7193dcfaa645d9beafae7f808a051c9988c3c2ea727689577eceb306bfc88428ffb6623f08326a6fe469f92b44505eb20cb38c922f3809f99c427f9d936e9a60996166956fcdc74def14dcec8f922809dcfe83d09046796fb6cb206d563061f9c4df3d78f68960169237543e327a835cf03c55ea6244ab2d799c5f47d5464cf03cd3f9f561a383727e617201da653a4395e6c7e97daa15a2d1b90049627d61df250b021f4da445135373dc9229d36ffcab07935599634ca962318010dae26fc251ecdf719765ff625eeb813a143ac5e5b7a6f7e93e97d32d2032c4b88fcf68e8a3e0c550e2559e407edbffe9589ca5802b1d55e44dcb130d29c4c872cf6ff6cad930c64e1b9f8fb0780e3faaa5ed279e9b0f2959c4c0952518ce18543ce407a6576e09b0c66b2e123d3b9aa9fda438940ed43f3cc28376417fa722b36af44439e6b27993ccb17701a25be07cdf5b4fa392c4a4691a386a84a859ca911d1087fda8c4fb811d0f38ecbe5a194869a7499137deeef949ae20439dc2d252499419cc62c89ff8bdd3a175e13af18a2595d7740388d598c25a8b3be0bb995b7380546448b3af7ef08cf25e9f1d4c970b8f8ca273aa1cd691d44268195d05ab32fffa2de9f2285cb94c5616064dfd125681e5270b54cfaf83b93d8ce8c073290e90c94704d1e15dfdd01657555b46b21f54b5976a996dd850c22cbbc88be3a244169003d38e4c1683d23f1433776a8dc9f64f1e6db8aeb49ff93e859a11c757ec60999c63728eac4ff9d9e25daa0ee8839984a412ad67f58967bb15744221a840907833f1b77b56c1da2f8bf0d63fedc7cfe3eecd7b0242e0d364ee3b5461f8344329c1366ebe4aaef3f6193327da55963aa90fc16baf6df8a666b6ba7260d811eecf48489a1ef72cb41e04ac97ed17a3a8472680ef5ace31c6cd3db760d785f8bff670d5691d45658aa77a4fbca729ee9b893163cc843fc469fba82abf8ba2c76d885081b122135ff1ebd59f6d9b3825b55bea693fdd8ba1657acfb26695d258a27121fa054a3052062cbcee5bc24e8f49d35f2dccbb5f081373e71156a5a8308133dba36cb9bb7d95d57f2ea41e0c76b4133c0a66e3e579d07ca246b388456f39b8a10b4c2a45199e5c9d701c4cdc92b24650435a5ccc442227fa1522629db7eb822785d7fe494a27a73af1742c7a45e610a450479bc821d4e75950b8490e5cbd9abc1f94ca1ee17084ddfd7aff06e65be1c4d05fc8820b44180ee84c7c173a9ee0007eca1b75d827b9a3f2551b5d7d4982dd1d88d7e07aa2f69eabce4b580be8e12ed8fa832780a8c76f9897ddb7e14763883579d2387dd00e50d41a4ec539759932f55e4ea24efd55ba024308f54911ffc02f6faa6cc27f34889772c0e5cd3f82beb309389a5f42da5b0aa4f0ba682f1775aad09d0d8ade420d7887b636cee4ad1c13dc4aabebfa7213045dedb037bc23a785c0434a90c0feeedc3350500c70e1fd2e33c39d31cfe683ef43c5dec75560c4f6dbfcadff572b455ee4455b6d5cf94b2225b8599d5a7a7c555cd582f16c82ecc0f3af4e0b76e370c5d4167190d6e9e3329c5d1f9b61e81bd1bb461205acdc0775cd48691720f51eefc4d2eb677ff845365e0c177ce42776b9f634ffb0be43f2ade5bfa4dc933c2ee613fe5ceef57c749599de98baaa2ee774ebbc1228efd7afa9da3c63fae59702c3fa9011fb0a099af7f3c4812c74ea4278ae6fe5ffe2855b9da4cb4749b5b4102c631c19e31959475b4d66d621e184e120858a648d146503ae0ed86a612c8092bce229e97a5ea0ecdec8150397325891c920b1a4d2571510e9981c0e15e6a39cd390ffb51ec00da458a7d3a23b7b959d5c786c7506675a4b3c0cbf6403ab9f98e984161e8138765bc9400b4eb42b1419a02032d4a441bc2617dd84c16c11418cd3fa040503254726597aae2de4e0f61115e3e18c25a412f44a1681d6ef17032fcf5900b64cbd4ee8549f13620774bd653b3ba0649eaed03ca0922b503aa3de3d991c93ebea32e5c8caac2f09cc84ce2da2128d4342fe9acdbb3162006ca2037ea0bdfa19d0c2acf64374f81ed47ec2957dc300776ddcced9fabf76d0c54482d28ff4c6a983e0e30325b91aa46e0258a66548c1996366f777cf322de178177f2fb06bdd954d6f423efd31355912289b182a9a9a0a31dee7d566b00093d4a6822dac17e5ea1a6c8a0b6e373a6b0c6ba1a5dfdb8549c61d813c140214962270042c101d5e39b489260d5475a61ea7de07aa3cd93f7f4d98ae212b674d962df7388ca1575700b8515dcf03618970bcde2446e9c0ab3cc226cccce69dc43fede2cfd2456534edfd06a141280eb4b3a6d59af3739438c70bac8244c3504d12b933ba1b4a80970dc197f9f26158ecc9aab52034996e9e85586d1fa6bb79fa3a80aff49302b9831e1a2ce2cc691850fd6255bdd439e6d0ffc6acca21c48cdd103ec99db15a4faf68f76522053706d7f2b4ecbb3cc8c3f47768c6d391e9e45df738aa303fb963a4af8fdfdb8c10aecae88ba7fff41a6c7d0585241fec193a95303eaa2b5f13bbac95153a78dec92b322c07bee9fadc1bfce4cd9fc727b0397e8320c07bcd09fcf569622065dc897ad93577a65124b19b81ec4e1a8cd41c2cdf084a2770c48c66c3badeee858ce9406be5c8858902ac52fb2958ce61476720709e565f7bf7d6e975c9fdcfcb2474ba3f00ba82802b4bb1da3b555751de4de772b75f466e837789b2b90082084b85cf9f023dcd4c5a3c7c553b4f7dbe11cfe51959dbeb41f32e9e74a1ab9f9379206aa6de1b76c00977e445a9c32c202de2ebef401565858c2e3a9c1dbd14951ec1d8eee585fb2fd8edfbb44d16c7a1c29763561295932954585cafdfaa4d8f9d3d19ee2a7b06d8d35247a7e7ae29ad96bd73af378a8e259fb214864ec7311a6360125869af003fa82213321971e313729e40fbf771899178efa2c580c5b0a3ece0cadeec867966e116ca9558cf5a97340fb75b524df7d601908f30ce5b90588a055185f231e6409b5e2671f498c5c4ec3dead33f8b4ab3351a913d1695e2d9d07ea28b7d09f8055bd35c323ce77f0bdf2789506270bfaf9049aaeb8fc47b65a653f405199566f0ab5db7080052aea333b3d265ccf9765aedb2937d0e8dac4dc1735956d538ff322bb3d9db36c8776c7a16e4a994c0eb49066eabd142af646d483b969f9616af58f8216601a8c93f59596e0feaa8193f167959840976e410b9031a842d00c7b5c7c2c3f6e2074dc9f34a1737546ed96f9adb8cd566c11390f516af0e70118d48635e8682134cfb9253dfef3e2396324cb19af8d17c297f93e94b787532b0e42cc65a3be3192d4799418dd13ec11697b7b82044ba792538abe6a8e3d99fe7f94cebf16e0e94b6f37a7d71c49b81c49d5c4553560abb862e10a48e176f17dbfe75458f5017760ab65c098a0afd25ab3d85c50e57c8c5955c4c5c945a00bec808c2e3612bcb9639a9515081d333fc5040062a7c112071e6efd83b8d741eb82e5282790640adbcd5dceff3b5e1e4f7ad35b3f7091429a3d805949ce13456e56316401794b849e6269a0043ba30ae4efedc8433d081d420022ad28bde280d112876659a53f6aec058f3a32189e834dd08ec09a8f66137988da6e14313b4be166fe59a7911bfd27e29ed34bed8029f4f867712d59198229fd16190b015b7de24a89162259f95ad1e93f1205681aece87c8430e811eb7eac3c37ad6367ea6c0683d1d708a0a68eba2274ee541a41b921129751feb9d05f55c5ce80eddde841d0430c4dc05686688242d6a418242ce1367896590ed343115973cbb5a49ea54e8eaac25a466dcd8ed2095eff4816b4cb6530cbfdfc474f05c9af2ca02dc56d359252d3681a189a3831509acb4c47878485e447805b793987dc452b7b6bf72576d6101a53a0eca6547658a581174c36a85b85523c6d1603ea3d8aba200a696af35c8e364cc3091878ad573b0ce053eb18eda0a9ed0534ce673bd4d04416594e23f0a16081e345cd03c6e6105135b59f85d52d65b2ea0e8bc90152e8e5b7cf96fa1356535d00af6f89acb6910bae91f24a2863de8a8db7e249e2303a3ab237005dcce4f7e0bd1441499f1108d6e204eb6fa2e42adb74b16e0cfacb5b744fcf1b28ca49e71d97e7120194157ee3bedcd1ca7b3377d7676fe39e3b2a3c1538dfab701c44bb62bea29174b43ded5fce71b2816ff8263dec5ab9651125840d69d6445eb9d4d58aad0338284138d6c4874a1f1551dc28a7bd4f7945e09431a5042dce890235db9be9408aa0f887aafc140c9707d199e866b4965932addc2d7b4a6cec4294dc1180727fd2bd5dd82fdf3827acaab8509e98f4841b2f971c54beb5c795d69bc2c8c17d793faa348993cf8f64678daec3fc9ff274885731474f5a1f490b0ddc1691772c35831", &(0x7f0000001680)="b02fd115aca8be9f11ea69a08ccb199cf63b9b99122d35cafda382fbd22de4f617a7c4340ca5e3e4ba582701327cad2798f1d082d50ccc6a14dc26c80ae95ff99ae9761dfe9002121bb1476a1694c0eba3e89f50a5ab414f4599a2150cab5876a3c417d43cc93fc908593749a113da0ebdb50b7b8edb91531cf2ede92d963978613e827ab9f75614136c4448d628dfe1fb9b4a26f8bef586e19f8fe33b7fb88c73859c9211f04f1988eda6f2c61d424b43d5f8ab95b25a", 0x1000, 0xb7})
syz_open_pts(r2, 0x2000)
sendmsg$IPVS_CMD_DEL_DAEMON(r1, &(0x7f0000000640)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000300)={&(0x7f00000005c0)={0x48, r3, 0x0, 0x70bd25, 0x25dfdbfb, {0xa}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x1}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0xfffffffffffff801}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x5}, @IPVS_CMD_ATTR_SERVICE={0xc, 0x1, [@IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x3}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x90e}]}, 0x48}, 0x1, 0x0, 0x0, 0x44845}, 0x80)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000400)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DEST(r0, &(0x7f0000000540)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x2000400}, 0xc, &(0x7f0000000500)={&(0x7f0000000440)={0x78, r4, 0x0, 0x70bd2c, 0x25dfdbfb, {0x5}, [@IPVS_CMD_ATTR_SERVICE={0x4, 0x1}, @IPVS_CMD_ATTR_DAEMON={0x4c, 0x3, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x4}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e21}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'ipddp0\x00'}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0xffff}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast1={0xff, 0x1, [], 0x1}}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}]}, @IPVS_CMD_ATTR_DEST={0x14, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0xfff}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x9}]}]}, 0x78}, 0x1, 0x0, 0x0, 0x10}, 0x4)
ioctl$sock_netrom_SIOCGSTAMP(r2, 0x8906, &(0x7f0000001780))
syz_genetlink_get_family_id$ipvs(&(0x7f0000000240)='IPVS\x00')
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000280)=ANY=[@ANYBLOB="80000000"], 0x1}, 0x1, 0x0, 0x0, 0x4}, 0x0)

2018/03/30 10:05:09 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r9, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x0, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

[  183.666208] binder: undelivered TRANSACTION_ERROR: 29189
[  183.672493] binder: undelivered TRANSACTION_ERROR: 29201
2018/03/30 10:05:09 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x0, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

[  183.711928] binder: 21347:21348 got transaction with invalid offset (0, min 24 max 40) or object.
[  183.748956] binder: 21347:21348 transaction failed 29201/-22, size 40-16 line 3026
2018/03/30 10:05:09 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r9, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x0, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

[  183.887228] binder: BINDER_SET_CONTEXT_MGR already set
[  183.895074] binder_alloc: 21347: binder_alloc_buf, no vma
[  183.900753] binder: 21347:21352 transaction failed 29189/-3, size 40-16 line 2963
[  183.928483] binder: 21347:21348 ioctl 40046207 0 returned -16
[  183.994481] binder: undelivered TRANSACTION_ERROR: 29189
[  184.005904] binder: undelivered TRANSACTION_ERROR: 29201
2018/03/30 10:05:10 executing program 6:
r0 = syz_open_dev$binder(&(0x7f0000236ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
tee(r0, 0xffffffffffffffff, 0x1, 0x4)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
pipe(&(0x7f00000001c0)={<r1=>0xffffffffffffffff})
ioctl$TUNATTACHFILTER(r1, 0x401054d5, &(0x7f0000000580)={0x4, &(0x7f00000004c0)=[{0x5, 0x2, 0x74, 0x4}, {0x0, 0x8000, 0xffffffffffff0001, 0x8}, {0x3, 0x2, 0x8000, 0xffffffffffffff78}, {0x9, 0x7c8a, 0x6, 0x5}]})
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008000)={0x44, 0x0, &(0x7f0000004fbc)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x28, 0x10, &(0x7f000026c000)=[@ptr={0x73622a85, 0x0, &(0x7f00004edf8a), 0x1}], &(0x7f000000afd0)=[0x0, 0x0]}}], 0x0, 0x0, &(0x7f0000009000)})
setns(r0, 0x8000000)
r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x0, 0x0)
r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DEST(r2, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x6c, r3, 0x100, 0x70bd29, 0x25dfdbfb, {0x5}, [@IPVS_CMD_ATTR_DAEMON={0x58, 0x3, [@IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @local={0xfe, 0x80, [], 0xaa}}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @local={0xfe, 0x80, [], 0xaa}}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x1f}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e24}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast2={0xff, 0x2, [], 0x1}}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0x4}, 0x20040004)
r4 = syz_open_pts(r2, 0x2000)
r5 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000400)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DEST(r0, &(0x7f0000000540)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x2000400}, 0xc, &(0x7f0000000500)={&(0x7f0000000440)={0x78, r5, 0x0, 0x70bd2c, 0x25dfdbfb, {0x5}, [@IPVS_CMD_ATTR_SERVICE={0x4, 0x1}, @IPVS_CMD_ATTR_DAEMON={0x4c, 0x3, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x4}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e21}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'ipddp0\x00'}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0xffff}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast1={0xff, 0x1, [], 0x1}}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}]}, @IPVS_CMD_ATTR_DEST={0x14, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0xfff}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x9}]}]}, 0x78}, 0x1, 0x0, 0x0, 0x10}, 0x4)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000240)='IPVS\x00')
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000280)=ANY=[@ANYBLOB="80000000"], 0x1}, 0x1, 0x0, 0x0, 0x4}, 0x0)
pwritev(r4, &(0x7f00000008c0)=[{&(0x7f00000005c0)="ad353144ab7011bef50050fb6b4db4d9dc917ad8ca8d90ebfe6d856a655f156833e52fe9d301fc0a4e5ab0d668c5e270a104dd1afb2817a08c4dc441d94aa0073f69cdf6cfe245ea31fa580c59174bb0f9edd98d83d26eea0e2dac4c2a7a335fa3c6427d0f849afe8d87f566708da0c56748ebbc3d63b1602afb5ed2be7447327e38ee752139aacf5c1a4ee888d918978f47132a7c5d3b05ea9c2cd65a32890ad401d33d04c9fc43ee30a53a732d469bf586eceab668f06a37cf37", 0xbb}, {&(0x7f00000002c0)="439f722c0358168d1d1e325c4dc712974a12b49bd0b3d8cf", 0x18}, {&(0x7f0000000300)="61212040bc14d4acb1dc8c1d0898de7365", 0x11}, {&(0x7f0000000680)}, {&(0x7f00000006c0)="bc64dd23658db87010fe9c6e5334f0f97b3babf0b263375e82ad4bce0a1d6dbcec4c65e51866f3c64c557f9939a4c191c5dccbcd7863fcc33d5db76daed5212b392a88632a4cec56e7ffd7d98d4c4d3350327068", 0x54}, {&(0x7f0000000740)="94265cad228965d83920ba36b45c34cc81a58aca858e846ef34e52d1f238efc3ec01d50945835e04cea0dcda58f5c8bb3905d6412852aebc580b13184b40d751b28c49087c4e566697f7e4ebaa112f22bbea474e1ea0e603df83f42ebdfc52e86e155cf80a639edc6caeab66fef41eb0279b47ed29f5ddd8a7c338042f59b7a7cd57014a29db0d1f6e882e", 0x8b}, {&(0x7f0000000800)="efb7c6a66d22397595d520659b4e618adcbcf408fc79e3e4201ed62cbb4bef6600cdce7a06352f17ebc64a821e0eb4bbf236d1d2004638dd7d69ee7f16f1393131d152f21a990266d74290ba00cddc9c7f6d060de58c6a97cbdc0e9d6d277737f50cbb5043e59011773a662d401ebe43bd70cb29676d42c59e8212259789232249230316", 0x84}], 0x7, 0x0)

2018/03/30 10:05:10 executing program 5:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
bind$netlink(r0, &(0x7f0000000000)={0x10, 0x0, 0x25dfdbff, 0x3000020}, 0xc)
ioctl$EVIOCGSW(0xffffffffffffffff, 0x8040451b, &(0x7f0000000380)=""/21)
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}], 0x4, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}], 0x1, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:10 executing program 4:
r0 = syz_open_dev$audion(&(0x7f00000004c0)='/dev/audio#\x00', 0x1, 0x8000)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r0, 0x10e, 0x2, &(0x7f0000000880)=0x18, 0x4)
r1 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0x2, 0x4001)
getsockopt$inet_tcp_buf(r1, 0x6, 0xe, &(0x7f0000000080)=""/62, &(0x7f0000000400)=0x3e)
r2 = socket$bt_cmtp(0x1f, 0x3, 0x5)
r3 = getpgrp(0x0)
ioctl$SNDRV_TIMER_IOCTL_STOP(r1, 0x54a1)
io_setup(0x1ff, &(0x7f00000008c0)=<r4=>0x0)
io_submit(r4, 0x5, &(0x7f0000000f00)=[&(0x7f0000000b00)={0x0, 0x0, 0x0, 0x8, 0x5, r0, &(0x7f0000000a40)="aab55ca34d448a5bbc266cb99d4c8f5495f350e029f8a93d03fd79cbe92c5ce634e42e5e36ea6be4c420ca986b5caf482690346a948801c4fbd18b024414e84db891757107ea5ec816f3d5e193e4e8a0aa809390ad19b928ddb4750419f1c6a0d9856bf1a40a4946bec070de71b04bfedfb76d18ec66cc0c19b31264da3173b8475060a145b8e009617272fa1984e92bf1e16ba0d7683ade348c5f09cd69291b8941dac9a41d22b47b06fc4fae9e", 0xae, 0x8001, 0x0, 0x0, r1}, &(0x7f0000000c40)={0x0, 0x0, 0x0, 0x0, 0x401, r0, &(0x7f0000000b40)="9bb48ca73cdb8b91284ddea163fa034fcbde7ae370d58514521692dc9e3ada715f772c07ccccef6920a1324ed18c56f898a5808b450ea7f7ca60537d2823751c53cdc227fed3ae4e9efeea6cd135d95393b1555dae8cdf4aac04277927d012e3c73d7a3d79b8bea13d591b5e13c7490eb0629cbb0be600fb4500960c6b08588b7c770b8032987bbf1a98688e35249675532adcd39ca6c73ebfefdbc402a956f40b938f45ffb0266ca78d097a694b8be325cceafd3ff1465907f8f778182a32714cbccb72bf20378f6c3b7c64754dbce455a8ac9772", 0xd5, 0x23, 0x0, 0x0, r0}, &(0x7f0000000d00)={0x0, 0x0, 0x0, 0x7, 0x1, r1, &(0x7f0000000c80)="addd7d9ac62b34c446e9381bd19107c7e9c035d852314644b8fcb5fb4c0bf10b9feb57b298fd5c8355e548f0d9df6d55f7a88bab6f057a16256b9ddfe7eea4ce14ec6213313ea27eb3da0866cbbcce06fc65bf0d9274c94f7fb360cde9311548f934ef7b540e9d0e99950ee7b7c0f286b839fb5afe4937f4711b1aa3742d", 0x7e, 0x1ff, 0x0, 0x1, r1}, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x8, 0x79c4, r1, &(0x7f0000000d40)="26c9e81e2db3c69e717cc3ed5490ecd6b2db3f78bda4369b91516cadd412d4a73a2b4b5d1f67d37a481d02c9827a5c3e1abe044d40e3c70a9658832f52450932a584ff293f271f7d75b34a7a6ef9d55258cb57b34dff8f2e1e357728319ae88110e6a9f73c7fa6dadfe638d69012b7af", 0x70, 0x6b, 0x0, 0x0, r1}, &(0x7f0000000ec0)={0x0, 0x0, 0x0, 0x0, 0x0, r2, &(0x7f0000000e00)="c0dbb3879e5d1e8965128d5a735147572a37f7d9d1c34648371d4f06d0f7c22d08addceb9ae98ae64447e43b7795d6cd95a94601718b5a3ff1f6370fb7abf4383f463288817f6f1b223ace53ce24f2136dba76763fc03d0b83c3166054f6a6bd0d1ab347f5d6fab6ae0b685ab7371cdb709046fb4e2a3ad1ce7a0305438f09212604d71f46cdb993104a75a33c1425a3cf9df0557cf17662d8d9ea6dcac09b5be3589dc807680567cfbf48b40f358ad3e8bb92c9847fd95f", 0xb8, 0x2, 0x0, 0x0, r1}])
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
r5 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
process_vm_readv(r3, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}], 0x1, 0x0)
sendto$ax25(r5, &(0x7f00000007c0)="7ab19567bcfed211997c5646678fbdc7a1230ab730399f78414fb5e26e413c281c123791a635b3e74d3452db19ccee6c7a4434c89d43c3bba8daac717581ec1d87842e6da02bea5f6417cd961a48122b6fbf954ab45b730203dbc1cad1bf80a590f71ab3048b1ac12f01875c1404c684aa480c4b9b450c4070d575382bb3489363c6f1fc85e31695b154eb85859a1998f1ce43c456", 0x95, 0x8000, &(0x7f0000000040)={0x3, {"5baa902b547920"}, 0x10001}, 0x10)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))
ioctl$TIOCGWINSZ(r5, 0x5413, &(0x7f0000000480))

2018/03/30 10:05:10 executing program 2:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
r2 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0)
ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000040)=""/21)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000400))
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0x289}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:10 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x0, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:10 executing program 0:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
r2 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0x0)
write$sndseq(r2, &(0x7f0000000a40)=[{0xffff, 0x6, 0x1000, 0x2, @time, {0x3, 0x7ff}, {0x5, 0x1000}, @note={0xfffffffffffffffd, 0x7, 0x6, 0x1, 0x8}}, {0x7ff, 0xffffffffffffddd8, 0x7, 0xff, @time, {0x101, 0xffffffff}, {0x5}, @time=@time={0x77359400}}, {0x200, 0x8000, 0x6, 0x4, @time={0x0, 0x989680}, {0x0, 0x5}, {0x1, 0x20}, @connect={{0x40}, {0x1, 0x80}}}], 0x90)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000040)=""/21)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000000)={<r3=>0x0, 0x21, "a6c97287c6ef9575887f94d6a710805d2a8cbd644ba022bd0a18fe73511202de0a"}, &(0x7f0000000480)=0x29)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, &(0x7f0000000b00)={r3, @in6={{0xa, 0x4e24, 0x1, @mcast2={0xff, 0x2, [], 0x1}, 0x2}}, 0x5, 0x68d, 0x31, 0x7, 0xb4}, &(0x7f00000004c0)=0x98)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000400))
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0x289}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
ioctl$TIOCCONS(r2, 0x541d)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:10 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r9, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x0, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

2018/03/30 10:05:10 executing program 3:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x0, 0x4001)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
fgetxattr(r0, &(0x7f0000000000)=@random={'btrfs.', '/dev/dsp#\x00'}, &(0x7f0000000a40)=""/216, 0xd8)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
r2 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000040)=""/21)
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}], 0x6, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

[  184.223119] binder: 21378:21388 got transaction with invalid offset (0, min 24 max 40) or object.
[  184.233814] binder: 21378:21388 transaction failed 29201/-22, size 40-16 line 3026
2018/03/30 10:05:10 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x0, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:10 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r9, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0x0, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

[  184.321144] binder_alloc: 21378: binder_alloc_buf, no vma
[  184.326880] binder: 21378:21398 transaction failed 29189/-3, size 40-16 line 2963
[  184.355988] binder: BINDER_SET_CONTEXT_MGR already set
2018/03/30 10:05:10 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x0, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:10 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r9, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0x0, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

[  184.373439] binder: 21378:21388 ioctl 40046207 0 returned -16
2018/03/30 10:05:10 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x0, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:10 executing program 6:
r0 = syz_open_dev$binder(&(0x7f0000236ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
tee(r0, 0xffffffffffffffff, 0x1, 0x4)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
pipe(&(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$TUNATTACHFILTER(r1, 0x401054d5, &(0x7f0000000580)={0x4, &(0x7f00000004c0)=[{0x5, 0x2, 0x74, 0x4}, {0x0, 0x8000, 0xffffffffffff0001, 0x8}, {0x3, 0x2, 0x8000, 0xffffffffffffff78}, {0x9, 0x7c8a, 0x6, 0x5}]})
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008000)={0x44, 0x0, &(0x7f0000004fbc)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x28, 0x10, &(0x7f000026c000)=[@ptr={0x73622a85, 0x0, &(0x7f00004edf8a), 0x1}], &(0x7f000000afd0)=[0x0, 0x0]}}], 0x0, 0x0, &(0x7f0000009000)})
setns(r0, 0x8000000)
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x0, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DEST(r3, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x6c, r4, 0x100, 0x70bd29, 0x25dfdbfb, {0x5}, [@IPVS_CMD_ATTR_DAEMON={0x58, 0x3, [@IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @local={0xfe, 0x80, [], 0xaa}}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @local={0xfe, 0x80, [], 0xaa}}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x1f}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e24}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast2={0xff, 0x2, [], 0x1}}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0x4}, 0x20040004)
syz_open_pts(r3, 0x2000)
r5 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000400)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DEST(r0, &(0x7f0000000540)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x2000400}, 0xc, &(0x7f0000000500)={&(0x7f0000000440)={0x78, r5, 0x0, 0x70bd2c, 0x25dfdbfb, {0x5}, [@IPVS_CMD_ATTR_SERVICE={0x4, 0x1}, @IPVS_CMD_ATTR_DAEMON={0x4c, 0x3, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x4}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e21}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'ipddp0\x00'}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0xffff}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast1={0xff, 0x1, [], 0x1}}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}]}, @IPVS_CMD_ATTR_DEST={0x14, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0xfff}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x9}]}]}, 0x78}, 0x1, 0x0, 0x0, 0x10}, 0x4)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000240)='IPVS\x00')
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000280)=ANY=[@ANYBLOB="80000000"], 0x1}, 0x1, 0x0, 0x0, 0x4}, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000600)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x80000080}, 0xc, &(0x7f00000005c0)={&(0x7f0000000300)=@getroute={0x14, 0x1a, 0xe04, 0x70bd25, 0x25dfdbff, {}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4c000}, 0x10)

[  184.479843] binder: undelivered TRANSACTION_ERROR: 29189
[  184.485633] binder: undelivered TRANSACTION_ERROR: 29201
[  184.519167] binder: 21421:21426 got transaction with invalid offset (0, min 24 max 40) or object.
2018/03/30 10:05:10 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r9, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0x0, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

[  184.546921] binder: 21421:21426 transaction failed 29201/-22, size 40-16 line 3026
[  184.640754] binder: BINDER_SET_CONTEXT_MGR already set
[  184.648868] binder_alloc: 21421: binder_alloc_buf, no vma
[  184.654566] binder: 21421:21431 transaction failed 29189/-3, size 40-16 line 2963
[  184.668163] binder: 21421:21426 ioctl 40046207 0 returned -16
[  184.714880] binder: undelivered TRANSACTION_ERROR: 29189
[  184.720823] binder: undelivered TRANSACTION_ERROR: 29201
2018/03/30 10:05:10 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:10 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000400)='/dev/dsp\x00', 0x40000, 0x0)
setsockopt$inet6_icmp_ICMP_FILTER(r0, 0x1, 0x1, &(0x7f0000000440)={0x2}, 0x4)
r1 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r2 = getpgrp(0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000a2f000)=0x9)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f0000000040)={0x0, 0x0, <r3=>0xffffffffffffffff})
ioctl$DRM_IOCTL_SET_VERSION(0xffffffffffffffff, 0xc0106407, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_RM_MAP(r3, 0x4028641b, &(0x7f00000002c0)={&(0x7f0000ffa000/0x3000)=nil, 0x7, 0x3, 0x20, &(0x7f0000ffb000/0x4000)=nil, 0x4})
r4 = socket$netlink(0x10, 0x3, 0x10)
pipe(&(0x7f0000000080)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
sendmsg$nl_netfilter(r5, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80018}, 0xc, &(0x7f0000000140)={&(0x7f0000000380)={0x44, 0x0, 0x0, 0x14, 0x70bd2c, 0x25dfdbfd, {0x2}, [@nested={0x30, 0x0, [@generic="61b9a935f5551295ba8c9913a9adbc36176615b7c6e581e3e3533810192adead22bb2ee8f8bf5dbea8"]}]}, 0x44}, 0x1}, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000300)='IPVS\x00')
ioctl$sock_bt_bnep_BNEPCONNADD(r6, 0x400442c8, &(0x7f0000001600)={r4, 0x81})
sendmsg$nl_generic(r4, &(0x7f0000005000)={&(0x7f0000000040)={0x10}, 0xc, &(0x7f0000015ff0)={&(0x7f0000000240)={0x20, 0x2c, 0xafb, 0x0, 0x0, {0x2}, [@typed={0xc, 0x3f, @str='IPVS\x00'}]}, 0x20}, 0x1}, 0x0)
setsockopt$IP_VS_SO_SET_STARTDAEMON(0xffffffffffffffff, 0x0, 0x48b, &(0x7f0000000000)={0x1, 'gre0\x00'}, 0x18)
setsockopt$IP_VS_SO_SET_STOPDAEMON(0xffffffffffffffff, 0x0, 0x48c, &(0x7f0000001d00)={0x1, 'vcan0\x00'}, 0x18)
socket$key(0xf, 0x3, 0x2)
setsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r6, 0x84, 0xa, &(0x7f0000000280)={0xffff, 0x8, 0x202, 0xff, 0x3ff, 0x4, 0x9}, 0x20)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(0xffffffffffffffff, 0x8040451b, &(0x7f0000000040)=""/21)
ioctl$VHOST_SET_FEATURES(r1, 0x4008af00, &(0x7f0000000000)=0x108000000)
process_vm_readv(r2, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000500)=""/221, 0xdd}, {}], 0x4, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}], 0x1, 0x0)
clock_gettime(0x0, &(0x7f0000000340)={<r7=>0x0, <r8=>0x0})
clock_nanosleep(0x0, 0x1, &(0x7f0000000380)={r7, r8+30000000}, &(0x7f00000003c0))
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:10 executing program 4:
syz_open_dev$dmmidi(&(0x7f0000000040)='/dev/dmmidi#\x00', 0xfffffffffffffffc, 0x80403)
r0 = getpgrp(0x0)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
r1 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
ioctl$TCXONC(r1, 0x540a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(r1, 0x29, 0x41, &(0x7f0000000a40)={'mangle\x00', 0xc7, "5ff402a7244a76b09e8372348c9baa5e1cf27168e4744158b9ee4cbd32fad0df60816bda6e571cf7296de55a957a018b08bb00904bff777f857634a2e6b9dbdba14bd03cfc5c761080a119d5e5c7980b19d605df0f8731d51d69aac22eb3161f466fd6f958ad7589c74c21e2be31a7ffb564a2fbec955937e802486eef8e878b8460da0052e39f68ee03a59d631841e999b74d4258130467245ff7f23af00d0aa80f1de3a1602c4bf960e7ff178bc90d4fb516e167aa9df9ba45420e936ae1b9918a11d476922f"}, &(0x7f0000000000)=0xeb)
mlock2(&(0x7f00006f8000/0x4000)=nil, 0x4000, 0x0)
process_vm_readv(r0, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}], 0x1, 0x0)
mincore(&(0x7f00004ba000/0x3000)=nil, 0x3000, &(0x7f00000007c0)=""/206)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:10 executing program 3:
syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x0, 0x4001)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000a2f000)=0x9)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
r1 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
getsockopt$inet_IP_IPSEC_POLICY(r1, 0x0, 0x10, &(0x7f0000000a40)={{{@in6, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in=@multicast2}, 0x0, @in=@rand_addr}}, &(0x7f0000000400)=0xe8)
getresgid(&(0x7f0000000480), &(0x7f00000004c0)=<r3=>0x0, &(0x7f0000000600))
chown(&(0x7f0000000000)='./file0\x00', r2, r3)
ioctl$EVIOCGSW(r1, 0x8040451b, &(0x7f0000000040)=""/21)
process_vm_readv(r0, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}], 0x6, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:10 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r9, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d}, &(0x7f0000000340)=0x14)

2018/03/30 10:05:10 executing program 2:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
ioctl$TIOCGSID(r0, 0x5429, &(0x7f0000000000))
getpid()
getpid()
ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000480)=<r1=>0x0)
r2 = getpgrp(r1)
sched_setaffinity(r2, 0x8, &(0x7f0000a2f000)=0x9)
r3 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(r3, 0x8040451b, &(0x7f0000000040)=""/21)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000400))
process_vm_readv(r2, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0x289}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:10 executing program 0:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
r2 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
accept4$packet(r2, &(0x7f0000000a40)={0x0, 0x0, <r3=>0x0, 0x0, 0x0, 0x0, @local}, &(0x7f0000000a80)=0x14, 0x80000)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000ac0)={'syz_tun\x00', r3})
ioctl$int_in(r0, 0x5473, &(0x7f0000000000)=0x80000000)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000040)=""/21)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000400))
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0x289}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:10 executing program 6:
r0 = syz_open_dev$binder(&(0x7f0000236ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
tee(r0, 0xffffffffffffffff, 0x1, 0x4)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
pipe(&(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$TUNATTACHFILTER(r1, 0x401054d5, &(0x7f0000000580)={0x4, &(0x7f00000004c0)=[{0x5, 0x2, 0x74, 0x4}, {0x0, 0x8000, 0xffffffffffff0001, 0x8}, {0x3, 0x2, 0x8000, 0xffffffffffffff78}, {0x9, 0x7c8a, 0x6, 0x5}]})
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008000)={0x44, 0x0, &(0x7f0000004fbc)=ANY=[@ANYBLOB="0063404000000000000000000000e527322c884c6e23000000000000000000000000000028000000000000001000000000000000", @ANYPTR=&(0x7f000026c000)=ANY=[@ANYBLOB="852a627300000000", @ANYPTR=&(0x7f00004edf8a)=ANY=[@ANYBLOB='\x00'], @ANYBLOB="010000000000000000000000000000000000000000000000"], @ANYPTR=&(0x7f000000afd0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00']], 0x0, 0x0, &(0x7f0000009000)})
setns(r0, 0x8000000)
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vga_arbiter\x00', 0x400002, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DEST(r3, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x6c, r4, 0x100, 0x70bd29, 0x25dfdbfb, {0x5}, [@IPVS_CMD_ATTR_DAEMON={0x58, 0x3, [@IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @local={0xfe, 0x80, [], 0xaa}}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @local={0xfe, 0x80, [], 0xaa}}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x1f}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e24}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast2={0xff, 0x2, [], 0x1}}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0x4}, 0x20040004)
syz_open_pts(r3, 0x2000)
r5 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000400)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DEST(r0, &(0x7f0000000540)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x2000400}, 0xc, &(0x7f0000000000)={&(0x7f0000000440)={0x409, r5, 0x0, 0x70bd2c, 0x25dfdbfc, {0x5}, [@IPVS_CMD_ATTR_SERVICE={0x4, 0x1}, @IPVS_CMD_ATTR_DAEMON={0x4c, 0x3, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x4}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e21}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'ipddp0\x00'}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0xffff}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast1={0xff, 0x1, [], 0x1}}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}]}, @IPVS_CMD_ATTR_DEST={0x14, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0xfff}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x9}]}]}, 0xffa7}, 0x1, 0x0, 0x0, 0x10}, 0x4)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000680)='IPVS\x00')
accept(r1, &(0x7f0000000ac0)=@pppol2tpv3in6={0x0, 0x0, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, @local}}}, &(0x7f0000000500)=0x80)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r1, 0x84, 0xf, &(0x7f00000005c0)={<r6=>0x0, @in6={{0xa, 0x4e21, 0x81, @remote={0xfe, 0x80, [], 0xbb}, 0x6}}, 0x101000, 0x9, 0x1, 0x3, 0x7}, &(0x7f00000002c0)=0x98)
ioctl$KVM_GET_XSAVE(r3, 0x9000aea4, &(0x7f00000006c0))
setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r2, 0x84, 0x78, &(0x7f0000000300)=r6, 0x4)
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000280)=ANY=[@ANYBLOB="80000000"], 0x1}, 0x1, 0x0, 0x0, 0x4}, 0x0)

[  185.057932] binder: 21459:21466 got transaction with invalid offset (0, min 24 max 40) or object.
[  185.073613] binder: 21459:21466 transaction failed 29201/-22, size 40-16 line 3026
2018/03/30 10:05:10 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:10 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r9, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d}, &(0x7f0000000340)=0x14)

2018/03/30 10:05:11 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r9, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d}, &(0x7f0000000340)=0x14)

2018/03/30 10:05:11 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

[  185.209471] netlink: 8 bytes leftover after parsing attributes in process `syz-executor5'.
[  185.224982] binder_alloc: 21459: binder_alloc_buf, no vma
[  185.230671] binder: 21459:21480 transaction failed 29189/-3, size 40-16 line 2963
[  185.271063] binder: BINDER_SET_CONTEXT_MGR already set
[  185.288222] binder: 21459:21466 ioctl 40046207 0 returned -16
2018/03/30 10:05:11 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:11 executing program 7 (fault-call:9 fault-nth:0):
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r9, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

2018/03/30 10:05:11 executing program 6:
r0 = syz_open_dev$binder(&(0x7f0000236ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
tee(r0, 0xffffffffffffffff, 0x1, 0x4)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
pipe(&(0x7f00000001c0)={<r1=>0xffffffffffffffff})
ioctl$TUNATTACHFILTER(r1, 0x401054d5, &(0x7f0000000580)={0x4, &(0x7f00000004c0)=[{0x5, 0x2, 0x74, 0x4}, {0x0, 0x8000, 0xffffffffffff0001, 0x8}, {0x3, 0x2, 0x8000, 0xffffffffffffff78}, {0x9, 0x7c8a, 0x6, 0x5}]})
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008000)={0x44, 0x0, &(0x7f0000004fbc)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x28, 0x10, &(0x7f000026c000)=[@ptr={0x73622a85, 0x0, &(0x7f00004edf8a), 0x1}], &(0x7f000000afd0)=[0x0, 0x0]}}], 0x0, 0x0, &(0x7f0000009000)})
setns(r0, 0x8000000)
r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x0, 0x0)
setsockopt$inet_int(r1, 0x0, 0xc, &(0x7f00000002c0)=0xb3c, 0x4)
r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DEST(r2, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x6c, r3, 0x100, 0x70bd29, 0x25dfdbfb, {0x5}, [@IPVS_CMD_ATTR_DAEMON={0x58, 0x3, [@IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @local={0xfe, 0x80, [], 0xaa}}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @local={0xfe, 0x80, [], 0xaa}}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x1f}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e24}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast2={0xff, 0x2, [], 0x1}}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0x4}, 0x20040004)
syz_open_pts(r1, 0x1ffd)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000400)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DEST(r0, &(0x7f0000000540)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x2000400}, 0xc, &(0x7f0000000500)={&(0x7f0000000440)={0x78, r4, 0x0, 0x70bd2c, 0x25dfdbfb, {0x5}, [@IPVS_CMD_ATTR_SERVICE={0x4, 0x1}, @IPVS_CMD_ATTR_DAEMON={0x4c, 0x3, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x4}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e21}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'ipddp0\x00'}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0xffff}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast1={0xff, 0x1, [], 0x1}}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}]}, @IPVS_CMD_ATTR_DEST={0x14, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0xfff}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x9}]}]}, 0x78}, 0x1, 0x0, 0x0, 0x10}, 0x4)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000240)='IPVS\x00')
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000280)=ANY=[@ANYBLOB="80000000"], 0x1}, 0x1, 0x0, 0x0, 0x4}, 0x0)

[  185.381393] binder: undelivered TRANSACTION_ERROR: 29189
[  185.387353] binder: undelivered TRANSACTION_ERROR: 29201
[  185.418717] FAULT_INJECTION: forcing a failure.
[  185.418717] name failslab, interval 1, probability 0, space 0, times 0
[  185.430069] CPU: 1 PID: 21506 Comm: syz-executor7 Not tainted 4.16.0-rc7+ #371
[  185.437428] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  185.446777] Call Trace:
[  185.447907] binder: 21508:21512 got transaction with invalid offset (0, min 24 max 40) or object.
[  185.449364]  dump_stack+0x194/0x24d
[  185.449384]  ? arch_local_irq_restore+0x53/0x53
[  185.449413]  should_fail+0x8c0/0xa40
[  185.470375]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  185.475475]  ? mutex_lock_io_nested+0x1900/0x1900
[  185.479334] binder: 21508:21512 transaction failed 29201/-22, size 40-16 line 3026
[  185.480306]  ? __lock_acquire+0x664/0x3e00
[  185.480316]  ? check_same_owner+0x320/0x320
[  185.480344]  ? find_held_lock+0x35/0x1d0
[  185.480358]  ? find_held_lock+0x35/0x1d0
[  185.504664]  ? __lock_is_held+0xb6/0x140
[  185.508743]  ? check_same_owner+0x320/0x320
[  185.513055]  ? loop_register_transfer+0xa0/0xa0
[  185.517725]  ? rcu_note_context_switch+0x710/0x710
[  185.522651]  ? idr_get_next_ul+0x2c0/0x2c0
[  185.526890]  should_failslab+0xec/0x120
[  185.530864]  kmem_cache_alloc_trace+0x4b/0x740
[  185.535439]  ? lock_downgrade+0x980/0x980
[  185.539579]  ? find_held_lock+0x35/0x1d0
[  185.543634]  ? lock_release+0xa40/0xa40
[  185.547613]  loop_add+0x96/0xaf0
[  185.550974]  ? loop_lookup+0xf8/0x1f0
[  185.554772]  ? loop_queue_rq+0x5f0/0x5f0
[  185.558847]  loop_control_ioctl+0x2e9/0x490
[  185.563162]  ? loop_add+0xaf0/0xaf0
[  185.566784]  ? iterate_fd+0x3f0/0x3f0
[  185.570580]  ? __mutex_unlock_slowpath+0xe9/0xac0
[  185.575422]  ? vfs_write+0x374/0x510
[  185.579133]  ? wait_for_completion+0x770/0x770
[  185.583717]  ? loop_add+0xaf0/0xaf0
[  185.587340]  do_vfs_ioctl+0x1b1/0x1520
[  185.591235]  ? ioctl_preallocate+0x2b0/0x2b0
[  185.596247]  ? fget_raw+0x20/0x20
[  185.599706]  ? __sb_end_write+0xa0/0xd0
[  185.603680]  ? fput+0xd2/0x140
[  185.606870]  ? SyS_write+0x184/0x220
[  185.610587]  ? security_file_ioctl+0x89/0xb0
[  185.614998]  SyS_ioctl+0x8f/0xc0
[  185.618365]  ? do_vfs_ioctl+0x1520/0x1520
[  185.622520]  do_syscall_64+0x281/0x940
[  185.626401]  ? __do_page_fault+0xc90/0xc90
[  185.630628]  ? _raw_spin_unlock_irq+0x27/0x70
[  185.635123]  ? finish_task_switch+0x1c1/0x7e0
[  185.639615]  ? syscall_return_slowpath+0x550/0x550
[  185.644544]  ? syscall_return_slowpath+0x2ac/0x550
[  185.649472]  ? prepare_exit_to_usermode+0x350/0x350
[  185.653759] binder: BINDER_SET_CONTEXT_MGR already set
[  185.654483]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  185.654503]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  185.654523]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  185.670519] netlink: 8 bytes leftover after parsing attributes in process `syz-executor5'.
[  185.675105] RIP: 0033:0x4548b9
[  185.675111] RSP: 002b:00007f885806fc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  185.675121] RAX: ffffffffffffffda RBX: 00007f88580706d4 RCX: 00000000004548b9
[  185.675126] RDX: 0000000000000000 RSI: 0000000000004c82 RDI: 0000000000000015
[  185.675132] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  185.675137] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016
[  185.675142] R13: 000000000000027e R14: 00000000006f5c70 R15: 0000000000000000
2018/03/30 10:05:11 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:11 executing program 4:
syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r0 = getpgrp(0x0)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
r1 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
setsockopt$llc_int(r1, 0x10c, 0x7, &(0x7f0000000000)=0x2, 0x4)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
process_vm_readv(r0, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}], 0x1, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

[  185.689183] binder_alloc: 21508: binder_alloc_buf, no vma
[  185.736819] binder: 21508:21522 transaction failed 29189/-3, size 40-16 line 2963
[  185.777306] binder: 21508:21516 ioctl 40046207 0 returned -16
[  185.831457] binder: undelivered TRANSACTION_ERROR: 29189
[  185.841131] binder: undelivered TRANSACTION_ERROR: 29201
2018/03/30 10:05:11 executing program 7 (fault-call:9 fault-nth:1):
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r9, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

2018/03/30 10:05:11 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:11 executing program 6:
r0 = syz_open_dev$binder(&(0x7f0000236ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
tee(r0, 0xffffffffffffffff, 0x1, 0x4)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
pipe(&(0x7f00000001c0)={<r1=>0xffffffffffffffff})
ioctl$TUNATTACHFILTER(r1, 0x401054d5, &(0x7f0000000580)={0x4, &(0x7f00000004c0)=[{0x5, 0x2, 0x74, 0x4}, {0x0, 0x8000, 0xffffffffffff0001, 0x8}, {0x3, 0x2, 0x8000, 0xffffffffffffff78}, {0x9, 0x7c8a, 0x6, 0x5}]})
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008000)={0x44, 0x0, &(0x7f0000004fbc)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x28, 0x10, &(0x7f000026c000)=[@ptr={0x73622a85, 0x0, &(0x7f00004edf8a), 0x1}], &(0x7f000000afd0)=[0x0, 0x0]}}], 0x0, 0x0, &(0x7f0000009000)})
setns(r0, 0x8000000)
r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x0, 0x0)
r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DEST(r2, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x6c, r3, 0x100, 0x70bd29, 0x25dfdbfb, {0x5}, [@IPVS_CMD_ATTR_DAEMON={0x58, 0x3, [@IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @local={0xfe, 0x80, [], 0xaa}}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @local={0xfe, 0x80, [], 0xaa}}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x1f}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e24}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast2={0xff, 0x2, [], 0x1}}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0x4}, 0x20040004)
syz_open_pts(r2, 0x2000)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000400)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DEST(r0, &(0x7f0000000540)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x2000400}, 0xc, &(0x7f0000000500)={&(0x7f0000000440)={0x78, r4, 0x0, 0x70bd2c, 0x25dfdbfb, {0x5}, [@IPVS_CMD_ATTR_SERVICE={0x4, 0x1}, @IPVS_CMD_ATTR_DAEMON={0x4c, 0x3, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x4}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e21}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'ipddp0\x00'}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0xffff}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast1={0xff, 0x1, [], 0x1}}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}]}, @IPVS_CMD_ATTR_DEST={0x14, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0xfff}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x9}]}]}, 0x78}, 0x1, 0x0, 0x0, 0x10}, 0x4)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000240)='IPVS\x00')
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000280)=ANY=[@ANYBLOB="80000000"], 0x1}, 0x1, 0x0, 0x0, 0x4}, 0x0)
rt_sigsuspend(&(0x7f00000002c0)={0x3}, 0x8)

2018/03/30 10:05:11 executing program 0:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x7, 0x4001)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
r2 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000040)=""/21)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000400))
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0x289}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:11 executing program 5:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000000)={r0, 0x50, &(0x7f0000000340)={0x0, <r2=>0x0}}, 0x10)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000003c0)=r2, 0x4)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(r0, 0x8040451b, &(0x7f0000000400)=""/21)
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}], 0x4, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}], 0x1, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:11 executing program 3:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x0, 0x4001)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000000a40)={{{@in6=@remote, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0}}, {{@in6}, 0x0, @in6=@local}}, &(0x7f0000000000)=0xe8)
stat(&(0x7f0000000400)='./file0\x00', &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0})
fchown(r0, r1, r2)
r3 = getpgrp(0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000a2f000)=0x9)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
r4 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
ioctl$VHOST_SET_FEATURES(r4, 0x4008af00, &(0x7f0000000600)=0x20100001c)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
r5 = pkey_alloc(0x0, 0x3)
pkey_mprotect(&(0x7f0000fef000/0x10000)=nil, 0x10000, 0x1000003, r5)
ioctl$EVIOCGSW(r4, 0x8040451b, &(0x7f0000000040)=""/21)
process_vm_readv(r3, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}], 0x6, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:11 executing program 4:
syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r0 = getpgrp(0x0)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
r1 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$int_out(r1, 0x2, &(0x7f0000000000))
process_vm_readv(r0, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}], 0x1, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:11 executing program 2:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r1 = gettid()
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r2=>0x0}, &(0x7f0000000480)=0xc)
r3 = getpgrp(r1)
sched_setaffinity(r3, 0x8, &(0x7f0000a2f000)=0x9)
r4 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
r5 = add_key$user(&(0x7f00000004c0)='user\x00', &(0x7f00000008c0)={0x73, 0x79, 0x7a, 0x1}, &(0x7f0000000a40), 0x0, 0x0)
r6 = add_key(&(0x7f0000000a80)='pkcs7_test\x00', &(0x7f0000000ac0)={0x73, 0x79, 0x7a, 0x0}, &(0x7f0000000b00)="216f8079", 0x4, 0xfffffffffffffff8)
keyctl$reject(0x13, r5, 0x8, 0x8, r6)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(r4, 0x8040451b, &(0x7f0000000040)=""/21)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000c40))
process_vm_readv(r3, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0x289}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
getpriority(0x0, r2)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

[  186.139373] binder: 21541:21552 got transaction with invalid offset (0, min 24 max 40) or object.
[  186.157500] binder: 21541:21552 transaction failed 29201/-22, size 40-16 line 3026
[  186.177423] FAULT_INJECTION: forcing a failure.
[  186.177423] name failslab, interval 1, probability 0, space 0, times 0
[  186.188859] CPU: 0 PID: 21562 Comm: syz-executor7 Not tainted 4.16.0-rc7+ #371
[  186.196224] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  186.205574] Call Trace:
[  186.208162]  dump_stack+0x194/0x24d
[  186.211806]  ? arch_local_irq_restore+0x53/0x53
[  186.214558] binder: BINDER_SET_CONTEXT_MGR already set
[  186.216466]  ? finish_task_switch+0x1c1/0x7e0
[  186.216475]  ? finish_task_switch+0x182/0x7e0
[  186.216503]  should_fail+0x8c0/0xa40
[  186.224138] binder_alloc: 21541: binder_alloc_buf, no vma
[  186.226237]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  186.226275]  ? __sched_text_start+0x8/0x8
[  186.226289]  ? find_held_lock+0x35/0x1d0
[  186.230809] binder: 21541:21566 transaction failed 29189/-3, size 40-16 line 2963
[  186.234468]  ? __lock_is_held+0xb6/0x140
[  186.234497]  ? check_same_owner+0x320/0x320
[  186.234513]  ? __lock_acquire+0x664/0x3e00
[  186.234533]  should_failslab+0xec/0x120
[  186.234546]  kmem_cache_alloc+0x47/0x760
[  186.234563]  ? __is_insn_slot_addr+0x1fc/0x330
[  186.234584]  radix_tree_node_alloc.constprop.19+0x5e/0x2d0
[  186.288383] binder: 21541:21552 ioctl 40046207 0 returned -16
[  186.291627]  radix_tree_extend+0x2bb/0x550
[  186.291647]  ? radix_tree_node_alloc.constprop.19+0x2d0/0x2d0
[  186.291657]  ? is_bpf_text_address+0x7b/0x120
[  186.291670]  ? lock_downgrade+0x980/0x980
[  186.291684]  ? lock_release+0xa40/0xa40
[  186.291695]  ? __free_insn_slot+0x5c0/0x5c0
[  186.324504]  idr_get_free+0xad1/0xfd0
[  186.328326]  ? radix_tree_clear_tags+0xb0/0xb0
[  186.332906]  ? __kernel_text_address+0xd/0x40
[  186.337398]  ? unwind_get_return_address+0x61/0xa0
[  186.342328]  ? __save_stack_trace+0x7e/0xd0
[  186.346671]  ? save_stack+0xa3/0xd0
[  186.350299]  ? save_stack+0x43/0xd0
[  186.353919]  ? kasan_kmalloc+0xad/0xe0
[  186.357806]  ? kmem_cache_alloc_trace+0x136/0x740
[  186.362643]  ? loop_add+0x96/0xaf0
[  186.366173]  ? loop_control_ioctl+0x2e9/0x490
[  186.370662]  ? do_vfs_ioctl+0x1b1/0x1520
[  186.374716]  ? SyS_ioctl+0x8f/0xc0
[  186.378247]  ? do_syscall_64+0x281/0x940
[  186.382303]  ? entry_SYSCALL_64_after_hwframe+0x42/0xb7
2018/03/30 10:05:12 executing program 6:
r0 = syz_open_dev$binder(&(0x7f0000236ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
tee(r0, 0xffffffffffffffff, 0x1, 0x4)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
fcntl$getown(r0, 0x9)
pipe(&(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$TUNATTACHFILTER(r1, 0x401054d5, &(0x7f0000000580)={0x4, &(0x7f00000004c0)=[{0x5, 0x2, 0x74, 0x4}, {0x0, 0x8000, 0xffffffffffff0001, 0x8}, {0x3, 0x2, 0x8000, 0xffffffffffffff78}, {0x9, 0x7c8a, 0x6, 0x5}]})
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008000)={0x44, 0x0, &(0x7f0000004fbc)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x28, 0x10, &(0x7f000026c000)=[@ptr={0x73622a85, 0x0, &(0x7f00004edf8a), 0x1}], &(0x7f000000afd0)=[0x0, 0x0]}}], 0x0, 0x0, &(0x7f0000009000)})
setns(r0, 0x8000000)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f00000005c0)={<r3=>0x0}, &(0x7f0000000600)=0xc)
perf_event_open(&(0x7f00000002c0)={0x1, 0x70, 0x2, 0x7, 0x4, 0x93eb, 0x0, 0x7fff, 0x88005, 0x1, 0x2, 0xfffffffffffffffd, 0x8e31, 0x0, 0x5, 0x6, 0x400000000, 0xfffffffffffffffd, 0x8, 0x1000, 0x100000001, 0x3688, 0x56, 0x6, 0x1, 0x0, 0xffffffffffffff00, 0x46, 0x489, 0x5, 0x800, 0x29, 0x400, 0x5, 0x6, 0x3, 0xade, 0x4, 0x0, 0x5, 0x1, @perf_config_ext={0x424c3725, 0x2}, 0x1, 0x0, 0x8001, 0x7, 0xfffffffffffffff7, 0x2, 0x200}, r3, 0xd, r1, 0xb)
r4 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x0, 0x0)
r5 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000700)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DEST(r4, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x6c, r5, 0x100, 0x70bd29, 0x25dfdbfb, {0x5}, [@IPVS_CMD_ATTR_DAEMON={0x58, 0x3, [@IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @local={0xfe, 0x80, [], 0xaa}}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @local={0xfe, 0x80, [], 0xaa}}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x1f}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e24}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast2={0xff, 0x2, [], 0x1}}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0x4}, 0x20040004)
syz_open_pts(r4, 0x2000)
r6 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000400)='IPVS\x00')
ioctl$EVIOCGNAME(r1, 0x80404506, &(0x7f0000000640)=""/100)
sendmsg$IPVS_CMD_NEW_DEST(r0, &(0x7f0000000540)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x2000400}, 0xc, &(0x7f0000000500)={&(0x7f0000000440)={0x78, r6, 0x0, 0x70bd2c, 0x25dfdbfb, {0x5}, [@IPVS_CMD_ATTR_SERVICE={0x4, 0x1}, @IPVS_CMD_ATTR_DAEMON={0x4c, 0x3, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x4}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e21}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'ipddp0\x00'}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0xffff}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast1={0xff, 0x1, [], 0x1}}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}]}, @IPVS_CMD_ATTR_DEST={0x14, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0xfff}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x9}]}]}, 0x78}, 0x1, 0x0, 0x0, 0x10}, 0x4)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000240)='IPVS\x00')
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000280)=ANY=[@ANYBLOB="80000000"], 0x1}, 0x1, 0x0, 0x0, 0x4}, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r2, 0x84, 0x65, &(0x7f0000000740)=[@in={0x2, 0x4e23, @multicast1=0xe0000001}, @in6={0xa, 0x4e20, 0x8, @empty, 0x9297}, @in6={0xa, 0x4e21, 0x7fffffff, @mcast1={0xff, 0x1, [], 0x1}, 0x2}, @in6={0xa, 0x4e23, 0x200, @mcast1={0xff, 0x1, [], 0x1}, 0x7fffffff}, @in={0x2, 0x4e23, @rand_addr=0x100}, @in6={0xa, 0x4e24, 0x7, @mcast1={0xff, 0x1, [], 0x1}, 0x4}, @in6={0xa, 0x4e24, 0x5644, @loopback={0x0, 0x1}, 0x2}, @in={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x11}}, @in6={0xa, 0x4e24, 0xfff, @local={0xfe, 0x80, [], 0xaa}, 0x2}, @in={0x2, 0x1, @multicast2=0xe0000002}], 0xe8)

[  186.387676]  ? quarantine_reduce+0x128/0x170
[  186.392084]  ? lock_downgrade+0x980/0x980
[  186.393501] binder: undelivered TRANSACTION_ERROR: 29189
[  186.396229]  ? trace_hardirqs_off+0x10/0x10
[  186.396238]  ? mark_held_locks+0xaf/0x100
[  186.396246]  ? ___cache_free+0x244/0x2f0
[  186.396266]  idr_alloc_u32+0x1b2/0x390
[  186.396285]  ? __fprop_inc_percpu_max+0x2a0/0x2a0
[  186.396300]  ? __lock_is_held+0xb6/0x140
[  186.396321]  idr_alloc+0xf5/0x180
[  186.417224] binder: undelivered TRANSACTION_ERROR: 29201
[  186.418078]  ? idr_alloc_u32+0x390/0x390
[  186.418088]  ? find_held_lock+0x35/0x1d0
[  186.418101]  ? lock_release+0xa40/0xa40
[  186.447833]  loop_add+0x7d5/0xaf0
[  186.451262]  ? loop_lookup+0xf8/0x1f0
[  186.455036]  ? loop_queue_rq+0x5f0/0x5f0
[  186.459084]  loop_control_ioctl+0x2e9/0x490
[  186.463384]  ? loop_add+0xaf0/0xaf0
[  186.466985]  ? iterate_fd+0x3f0/0x3f0
[  186.470770]  ? __mutex_unlock_slowpath+0xe9/0xac0
[  186.475591]  ? vfs_write+0x374/0x510
[  186.479282]  ? wait_for_completion+0x770/0x770
[  186.483844]  ? loop_add+0xaf0/0xaf0
[  186.487444]  do_vfs_ioctl+0x1b1/0x1520
[  186.491314]  ? ioctl_preallocate+0x2b0/0x2b0
[  186.495698]  ? fget_raw+0x20/0x20
[  186.499128]  ? __sb_end_write+0xa0/0xd0
[  186.503083]  ? fput+0xd2/0x140
[  186.506251]  ? SyS_write+0x184/0x220
[  186.509945]  ? security_file_ioctl+0x89/0xb0
[  186.514331]  SyS_ioctl+0x8f/0xc0
[  186.517670]  ? do_vfs_ioctl+0x1520/0x1520
[  186.521798]  do_syscall_64+0x281/0x940
[  186.525658]  ? __do_page_fault+0xc90/0xc90
[  186.529867]  ? _raw_spin_unlock_irq+0x27/0x70
[  186.534342]  ? finish_task_switch+0x1c1/0x7e0
[  186.538813]  ? syscall_return_slowpath+0x550/0x550
[  186.543718]  ? syscall_return_slowpath+0x2ac/0x550
[  186.548622]  ? prepare_exit_to_usermode+0x350/0x350
[  186.553615]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  186.558958]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  186.563786]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  186.568951] RIP: 0033:0x4548b9
[  186.572117] RSP: 002b:00007f885804ec68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  186.579804] RAX: ffffffffffffffda RBX: 00007f885804f6d4 RCX: 00000000004548b9
2018/03/30 10:05:12 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x30, &(0x7f0000000240)=[@in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

[  186.587054] RDX: 0000000000000000 RSI: 0000000000004c82 RDI: 0000000000000015
[  186.594298] RBP: 000000000072bf58 R08: 0000000000000000 R09: 0000000000000000
[  186.601539] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016
[  186.608783] R13: 000000000000027e R14: 00000000006f5c70 R15: 0000000000000001
[  186.629706] binder: 21573:21574 got transaction with invalid offset (0, min 24 max 40) or object.
2018/03/30 10:05:12 executing program 7 (fault-call:9 fault-nth:2):
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r9, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

[  186.656655] binder: 21573:21574 transaction failed 29201/-22, size 40-16 line 3026
2018/03/30 10:05:12 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x30, &(0x7f0000000240)=[@in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:12 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x30, &(0x7f0000000240)=[@in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

[  186.787609] binder: BINDER_SET_CONTEXT_MGR already set
[  186.795284] binder: 21573:21574 ioctl 40046207 0 returned -16
[  186.810456] binder_alloc: 21573: binder_alloc_buf, no vma
[  186.816116] binder: 21573:21574 transaction failed 29189/-3, size 40-16 line 2963
[  186.933946] binder: undelivered TRANSACTION_ERROR: 29189
[  186.939960] binder: undelivered TRANSACTION_ERROR: 29201
[  186.987395] FAULT_INJECTION: forcing a failure.
[  186.987395] name failslab, interval 1, probability 0, space 0, times 0
[  186.998721] CPU: 1 PID: 21605 Comm: syz-executor7 Not tainted 4.16.0-rc7+ #371
[  187.006076] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  187.015421] Call Trace:
[  187.018010]  dump_stack+0x194/0x24d
[  187.021635]  ? arch_local_irq_restore+0x53/0x53
[  187.026301]  ? __free_insn_slot+0x5c0/0x5c0
[  187.030637]  should_fail+0x8c0/0xa40
[  187.034351]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  187.039447]  ? idr_destroy+0x1b0/0x1b0
[  187.043329]  ? radix_tree_clear_tags+0xb0/0xb0
[  187.047902]  ? __kernel_text_address+0xd/0x40
[  187.052393]  ? __save_stack_trace+0x7e/0xd0
[  187.056717]  ? find_held_lock+0x35/0x1d0
[  187.060782]  ? __lock_is_held+0xb6/0x140
[  187.064856]  ? check_same_owner+0x320/0x320
[  187.069166]  ? radix_tree_delete+0x30/0x30
[  187.073391]  ? rcu_note_context_switch+0x710/0x710
[  187.078305]  ? node_tag_clear+0xf2/0x180
[  187.082367]  should_failslab+0xec/0x120
[  187.086341]  kmem_cache_alloc_node_trace+0x5a/0x760
[  187.091352]  ? idr_alloc_u32+0x250/0x390
[  187.095424]  __kmalloc_node+0x33/0x70
[  187.099221]  blk_mq_alloc_tag_set+0x334/0xa30
[  187.103718]  ? blk_mq_update_nr_hw_queues+0x450/0x450
[  187.108900]  ? find_held_lock+0x35/0x1d0
[  187.112954]  ? lock_release+0xa40/0xa40
[  187.116931]  loop_add+0x2d5/0xaf0
[  187.120381]  ? loop_queue_rq+0x5f0/0x5f0
[  187.124452]  loop_control_ioctl+0x2e9/0x490
[  187.128765]  ? loop_add+0xaf0/0xaf0
[  187.132381]  ? iterate_fd+0x3f0/0x3f0
[  187.136175]  ? __mutex_unlock_slowpath+0xe9/0xac0
[  187.141011]  ? vfs_write+0x374/0x510
[  187.144720]  ? wait_for_completion+0x770/0x770
[  187.149303]  ? loop_add+0xaf0/0xaf0
[  187.152916]  do_vfs_ioctl+0x1b1/0x1520
[  187.156807]  ? ioctl_preallocate+0x2b0/0x2b0
[  187.161207]  ? fget_raw+0x20/0x20
[  187.164655]  ? __sb_end_write+0xa0/0xd0
[  187.168629]  ? fput+0xd2/0x140
[  187.171816]  ? SyS_write+0x184/0x220
[  187.175534]  ? security_file_ioctl+0x89/0xb0
[  187.179944]  SyS_ioctl+0x8f/0xc0
[  187.183302]  ? do_vfs_ioctl+0x1520/0x1520
[  187.187446]  do_syscall_64+0x281/0x940
[  187.191322]  ? __do_page_fault+0xc90/0xc90
[  187.195545]  ? _raw_spin_unlock_irq+0x27/0x70
[  187.200038]  ? finish_task_switch+0x1c1/0x7e0
[  187.204529]  ? syscall_return_slowpath+0x550/0x550
[  187.209454]  ? syscall_return_slowpath+0x2ac/0x550
[  187.214377]  ? prepare_exit_to_usermode+0x350/0x350
[  187.219925]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  187.219945]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  187.219967]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  187.219973] RIP: 0033:0x4548b9
[  187.219978] RSP: 002b:00007f885800cc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  187.219987] RAX: ffffffffffffffda RBX: 00007f885800d6d4 RCX: 00000000004548b9
[  187.219992] RDX: 0000000000000000 RSI: 0000000000004c82 RDI: 0000000000000015
[  187.219997] RBP: 000000000072c0c8 R08: 0000000000000000 R09: 0000000000000000
[  187.220001] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016
[  187.220006] R13: 000000000000027e R14: 00000000006f5c70 R15: 0000000000000002
2018/03/30 10:05:13 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x0, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:13 executing program 6:
r0 = syz_open_dev$binder(&(0x7f0000236ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
tee(r0, 0xffffffffffffffff, 0x1, 0x4)
r1 = socket$key(0xf, 0x3, 0x2)
ioctl$sock_SIOCGIFCONF(r1, 0x8910, &(0x7f00000002c0)=@buf={0xf7, &(0x7f00000005c0)="582a913eda8d0866efa402849589503632f3744c23e575d38f0c4c849e82db8cea8aeea7bb0038311e5dbcf7cd227058c3869c3b3448fec7e3c2af2a0bd397bc48d1cfb6c76424a6c281fb96a39c08beda31a40d41eb78de1ed8a569f2247cff710a1aaf67fca3d968676d707fa0567efb02cea278078c9be1ba05c5b3568ad5e9944dbbf8f17204c85ade263250a32f958db2b6b2cdfed442e6f954d91d2456abedc5caf669aeb7f37825ccc48c90e52444c210ea8679a71bda5bffd969e4e0a303340390ea820e48742e147e636508b40ea834c869da3b9d8365b01caf31e88ecf581760c5af17f7acd74c9bf0a02bf66469b8ff10d7"})
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
pipe(&(0x7f00000001c0)={<r2=>0xffffffffffffffff})
ioctl$TUNATTACHFILTER(r2, 0x401054d5, &(0x7f0000000580)={0x4, &(0x7f00000004c0)=[{0x5, 0x2, 0x74, 0x4}, {0x0, 0x8000, 0xffffffffffff0001, 0x8}, {0x3, 0x2, 0x8000, 0xffffffffffffff78}, {0x9, 0x7c8a, 0x6, 0x5}]})
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008000)={0x44, 0x0, &(0x7f0000004fbc)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x28, 0x10, &(0x7f000026c000)=[@ptr={0x73622a85, 0x0, &(0x7f00004edf8a), 0x1}], &(0x7f000000afd0)=[0x0, 0x0]}}], 0x0, 0x0, &(0x7f0000009000)})
setns(r0, 0x8000000)
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x0, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DEST(r3, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="000129bd7000fbdbdf25050000003900030014000600000000000000aa080001000000000014000600fe8000000000000000000000000000aa080008001f000000080007004e24000014000600ff020000000000000000000000000001000000000000000000"], 0x6c}, 0x1, 0x0, 0x0, 0x4}, 0x20040004)
syz_open_pts(r3, 0x2000)
r5 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000400)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DEST(r0, &(0x7f0000000540)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x2000400}, 0xc, &(0x7f0000000500)={&(0x7f0000000440)={0x78, r5, 0x0, 0x70bd2c, 0x25dfdbfb, {0x5}, [@IPVS_CMD_ATTR_SERVICE={0x4, 0x1}, @IPVS_CMD_ATTR_DAEMON={0x4c, 0x3, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x4}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e21}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'ipddp0\x00'}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0xffff}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast1={0xff, 0x1, [], 0x1}}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}]}, @IPVS_CMD_ATTR_DEST={0x14, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0xfff}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x9}]}]}, 0x78}, 0x1, 0x0, 0x0, 0x10}, 0x4)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000240)='IPVS\x00')
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000280)=ANY=[@ANYBLOB="80000000"], 0x1}, 0x1, 0x0, 0x0, 0x4}, 0x0)

2018/03/30 10:05:13 executing program 0:
r0 = syz_open_dev$dmmidi(&(0x7f0000000100)='/dev/dmmidi#\x00', 0xffffffff, 0x3ffe)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, &(0x7f0000000a40)={<r1=>0x0, @in6={{0xa, 0x4e24, 0x9, @remote={0xfe, 0x80, [], 0xbb}, 0x6}}, 0x80000000, 0x26, 0x9, 0x67}, &(0x7f00000004c0)=0x98)
setsockopt$inet_sctp_SCTP_AUTH_KEY(r0, 0x84, 0x17, &(0x7f0000000b00)=ANY=[@ANYRES32=r1, @ANYBLOB="02008600fa51f0ad7a850d4648e7e57525c15384d554929c2f1e4c6753716f9eaf09f8ab9a71eced91756e6d2e376dd2915c9f75d8660ea563cec5950ed5a7963661c570e4636608b084c8344e829257a8cbeaef3685b83c2ff12584b24d43ee8a92399145b587aac16d8dfe92efbe0000000000000000000000000000"], 0x8e)
fcntl$getownex(r0, 0x10, &(0x7f0000000480)={0x0, <r2=>0x0})
r3 = getpgrp(0xffffffffffffffff)
r4 = getpgrp(r3)
sched_setaffinity(r2, 0x8, &(0x7f00000000c0)=0x4000000000000005)
r5 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0x4)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(r5, 0x8040451b, &(0x7f0000000040)=""/21)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000400))
process_vm_readv(r4, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0x289}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
wait4(0x0, &(0x7f0000000d40), 0x0, &(0x7f0000000c80))
ioctl$sock_inet_SIOCSIFNETMASK(r5, 0x891c, &(0x7f0000000000)={'ip6gre0\x00', {0x2, 0x4e22, @multicast1=0xe0000001}})
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_REM(r0, 0x84, 0x65, &(0x7f00000008c0)=[@in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xe}}], 0x10)
mmap$binder(&(0x7f00008c0000/0x2000)=nil, 0x2000, 0x8, 0x12, r0, 0x0)

2018/03/30 10:05:13 executing program 2:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
r2 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
setsockopt$nfc_llcp_NFC_LLCP_RW(r0, 0x118, 0x0, &(0x7f0000000400)=0x4, 0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000040)=""/21)
ioctl$sock_SIOCOUTQNSD(r2, 0x894b, &(0x7f0000000000))
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0x70}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0x289}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:13 executing program 3:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x0, 0x4001)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x13b, &(0x7f00000004c0)=0x2000000000000009)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
r2 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000b04000/0x4000)=nil, 0x4000, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r2, &(0x7f0000000000)={0x80000008})
exit(0x5)
ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000040)=""/21)
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}], 0x6, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:13 executing program 5:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r0, 0x40505330, &(0x7f0000000340)={{0x3, 0x100000001}, {0x2d3e, 0x7fff}, 0x8, 0x0, 0x9})
r1 = getpgrp(0x0)
openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(0xffffffffffffffff, 0x8040451b, &(0x7f0000000040)=""/21)
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}], 0x4, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}], 0x1, 0x0)
wait4(r1, &(0x7f00000000c0), 0xfffffffffffffffc, &(0x7f0000000100))

2018/03/30 10:05:13 executing program 4:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r1 = getpgrp(0x0)
nanosleep(&(0x7f0000000000)={0x0, 0x989680}, &(0x7f0000000040))
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r0, 0xc0a85352, &(0x7f00000007c0)={{0x5, 0x2}, 'port1\x00', 0x10, 0x1, 0x0, 0x100, 0x5, 0x16b, 0xa1, 0x0, 0x7, 0x20})
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
r2 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
accept4$ax25(r2, &(0x7f0000000400), &(0x7f0000000480)=0x10, 0x80800)
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}], 0x1, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:13 executing program 7 (fault-call:9 fault-nth:3):
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r9, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

[  187.378161] binder: 21612:21617 got transaction with invalid offset (0, min 24 max 40) or object.
[  187.388424] binder: 21612:21617 transaction failed 29201/-22, size 40-16 line 3026
[  187.416378] FAULT_INJECTION: forcing a failure.
[  187.416378] name failslab, interval 1, probability 0, space 0, times 0
[  187.427772] CPU: 1 PID: 21629 Comm: syz-executor7 Not tainted 4.16.0-rc7+ #371
[  187.435131] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  187.444476] Call Trace:
[  187.447067]  dump_stack+0x194/0x24d
[  187.450696]  ? arch_local_irq_restore+0x53/0x53
[  187.455367]  ? is_bpf_text_address+0xa4/0x120
[  187.459871]  should_fail+0x8c0/0xa40
[  187.463586]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  187.468702]  ? save_stack+0xa3/0xd0
[  187.472332]  ? find_held_lock+0x35/0x1d0
[  187.476404]  ? __lock_is_held+0xb6/0x140
[  187.480487]  ? check_same_owner+0x320/0x320
[  187.484805]  ? rcu_note_context_switch+0x710/0x710
[  187.489746]  should_failslab+0xec/0x120
[  187.493721]  kmem_cache_alloc_node_trace+0x5a/0x760
[  187.498734]  ? idr_alloc_u32+0x250/0x390
[  187.502789]  ? kasan_unpoison_shadow+0x35/0x50
[  187.507374]  __kmalloc_node+0x33/0x70
[  187.511169]  blk_mq_alloc_tag_set+0x3ce/0xa30
[  187.515666]  ? blk_mq_update_nr_hw_queues+0x450/0x450
[  187.520848]  ? find_held_lock+0x35/0x1d0
[  187.524989]  ? lock_release+0xa40/0xa40
[  187.528964]  loop_add+0x2d5/0xaf0
[  187.532411]  ? loop_queue_rq+0x5f0/0x5f0
[  187.536482]  loop_control_ioctl+0x2e9/0x490
[  187.540795]  ? loop_add+0xaf0/0xaf0
[  187.544416]  ? iterate_fd+0x3f0/0x3f0
[  187.548209]  ? __mutex_unlock_slowpath+0xe9/0xac0
[  187.553047]  ? vfs_write+0x374/0x510
[  187.556757]  ? wait_for_completion+0x770/0x770
[  187.561334]  ? loop_add+0xaf0/0xaf0
[  187.564956]  do_vfs_ioctl+0x1b1/0x1520
[  187.568846]  ? ioctl_preallocate+0x2b0/0x2b0
[  187.573248]  ? fget_raw+0x20/0x20
[  187.576706]  ? __sb_end_write+0xa0/0xd0
[  187.580684]  ? fput+0xd2/0x140
[  187.583873]  ? SyS_write+0x184/0x220
[  187.587591]  ? security_file_ioctl+0x89/0xb0
[  187.592761]  SyS_ioctl+0x8f/0xc0
[  187.596125]  ? do_vfs_ioctl+0x1520/0x1520
[  187.600281]  do_syscall_64+0x281/0x940
[  187.604165]  ? __do_page_fault+0xc90/0xc90
[  187.608394]  ? _raw_spin_unlock_irq+0x27/0x70
[  187.612884]  ? finish_task_switch+0x1c1/0x7e0
[  187.617380]  ? syscall_return_slowpath+0x550/0x550
[  187.622314]  ? syscall_return_slowpath+0x2ac/0x550
[  187.627241]  ? prepare_exit_to_usermode+0x350/0x350
[  187.632264]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  187.637632]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  187.642481]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  187.647661] RIP: 0033:0x4548b9
[  187.650838] RSP: 002b:00007f885804ec68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  187.658534] RAX: ffffffffffffffda RBX: 00007f885804f6d4 RCX: 00000000004548b9
[  187.665794] RDX: 0000000000000000 RSI: 0000000000004c82 RDI: 0000000000000015
2018/03/30 10:05:13 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x0, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

[  187.673063] RBP: 000000000072bf58 R08: 0000000000000000 R09: 0000000000000000
[  187.680323] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016
[  187.687583] R13: 000000000000027e R14: 00000000006f5c70 R15: 0000000000000003
[  187.701402] binder_alloc: 21612: binder_alloc_buf, no vma
[  187.707062] binder: 21612:21640 transaction failed 29189/-3, size 40-16 line 2963
[  187.722814] binder: BINDER_SET_CONTEXT_MGR already set
2018/03/30 10:05:13 executing program 7 (fault-call:9 fault-nth:4):
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r9, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

[  187.734300] binder: 21612:21639 ioctl 40046207 0 returned -16
2018/03/30 10:05:13 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x0, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:13 executing program 6:
r0 = syz_open_dev$binder(&(0x7f0000236ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
tee(r0, 0xffffffffffffffff, 0x1, 0x4)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
pipe(&(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$TUNATTACHFILTER(r1, 0x401054d5, &(0x7f0000000580)={0x4, &(0x7f00000004c0)=[{0x5, 0x2, 0x74, 0x4}, {0x0, 0x8000, 0xffffffffffff0001, 0x8}, {0x3, 0x2, 0x8000, 0xffffffffffffff78}, {0x9, 0x7c8a, 0x6, 0x5}]})
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008000)={0x44, 0x0, &(0x7f0000004fbc)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x28, 0x10, &(0x7f000026c000)=[@ptr={0x73622a85, 0x0, &(0x7f00004edf8a), 0x1}], &(0x7f000000afd0)=[0x0, 0x0]}}], 0x0, 0x0, &(0x7f0000009000)})
setns(r0, 0x8000000)
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x0, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DEST(r3, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x6c, r4, 0x100, 0x70bd29, 0x25dfdbfb, {0x5}, [@IPVS_CMD_ATTR_DAEMON={0x58, 0x3, [@IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @local={0xfe, 0x80, [], 0xaa}}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @local={0xfe, 0x80, [], 0xaa}}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x1f}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e24}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast2={0xff, 0x2, [], 0x1}}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0x4}, 0x20040004)
ioctl$KVM_S390_INTERRUPT_CPU(r3, 0x4010ae94, &(0x7f00000002c0)={0x0, 0x8})
syz_open_pts(r3, 0x2000)
r5 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000400)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DEST(r0, &(0x7f0000000540)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x2000400}, 0xc, &(0x7f0000000500)={&(0x7f0000000440)={0x78, r5, 0x0, 0x70bd2c, 0x25dfdbfb, {0x5}, [@IPVS_CMD_ATTR_SERVICE={0x4, 0x1}, @IPVS_CMD_ATTR_DAEMON={0x4c, 0x3, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x4}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e21}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'ipddp0\x00'}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0xffff}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast1={0xff, 0x1, [], 0x1}}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}]}, @IPVS_CMD_ATTR_DEST={0x14, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0xfff}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x9}]}]}, 0x78}, 0x1, 0x0, 0x0, 0x10}, 0x4)
setsockopt$IP_VS_SO_SET_FLUSH(r2, 0x0, 0x485, 0x0, 0x0)
r6 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000a40)='IPVS\x00')
r7 = syz_open_dev$admmidi(&(0x7f0000000300)='/dev/admmidi#\x00', 0x5b, 0x16f02)
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000280)=ANY=[@ANYBLOB="c2000000"], 0x1}, 0x1, 0x0, 0x0, 0x4}, 0x0)
sendmsg$IPVS_CMD_NEW_DEST(r3, &(0x7f0000000880)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x10000009}, 0xc, &(0x7f0000000840)={&(0x7f0000000600)={0x20c, r6, 0x6, 0x70bd26, 0x25dfdbfd, {0x5}, [@IPVS_CMD_ATTR_SERVICE={0x5c, 0x1, [@IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@rand_addr=0x4}, @IPVS_SVC_ATTR_PROTOCOL={0x8, 0x2, 0x89}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x4}}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x18}}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x2}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@loopback=0x7f000001}, @IPVS_SVC_ATTR_PORT={0x8, 0x4, 0x4e23}]}, @IPVS_CMD_ATTR_SERVICE={0x4c, 0x1, [@IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@rand_addr=0x2}, @IPVS_SVC_ATTR_AF={0x8, 0x1, 0xa}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x52}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x9, 0x8}}, @IPVS_SVC_ATTR_PORT={0x8, 0x4, 0x4e24}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x5}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0xfffffffffffffffd}, @IPVS_CMD_ATTR_SERVICE={0x14, 0x1, [@IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x77}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x1}]}, @IPVS_CMD_ATTR_SERVICE={0x48, 0x1, [@IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0xfff}, @IPVS_SVC_ATTR_PROTOCOL={0x8, 0x2, 0x87}, @IPVS_SVC_ATTR_AF={0x8, 0x1, 0xa}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'sed\x00'}, @IPVS_SVC_ATTR_AF={0x8, 0x1, 0x2}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@mcast2={0xff, 0x2, [], 0x1}}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x3}]}, @IPVS_CMD_ATTR_SERVICE={0x44, 0x1, [@IPVS_SVC_ATTR_PORT={0x8, 0x4, 0x4e23}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'wrr\x00'}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x1, 0x10}}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@ipv4={[], [0xff, 0xff], @remote={0xac, 0x14, 0x14, 0xbb}}}, @IPVS_SVC_ATTR_PROTOCOL={0x8, 0x2, 0x2c}, @IPVS_SVC_ATTR_AF={0x8, 0x1, 0x2}]}, @IPVS_CMD_ATTR_SERVICE={0x18, 0x1, [@IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x6d}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x31, 0x11}}]}, @IPVS_CMD_ATTR_SERVICE={0x64, 0x1, [@IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x3000000000000}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x2}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@dev={0xac, 0x14, 0x14, 0xf}}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x1f}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_AF={0x8, 0x1, 0xa}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@loopback={0x0, 0x1}}]}, @IPVS_CMD_ATTR_SERVICE={0x24, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x1, 0x35}}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@broadcast=0xffffffff}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x2}]}, 0x20c}, 0x1, 0x0, 0x0, 0x8000}, 0x20000004)
sendmsg$IPVS_CMD_GET_SERVICE(r7, &(0x7f0000000a00)={&(0x7f00000008c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000009c0)={&(0x7f0000000900)={0x8c, r4, 0x6, 0x70bd2c, 0x25dfdbfe, {0x4}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x348}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0xff}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x8001}, @IPVS_CMD_ATTR_DAEMON={0x58, 0x3, [@IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast1={0xff, 0x1, [], 0x1}}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0xeb67}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0xfa1}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0xfffffffffffffc01}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e20}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @rand_addr=0x4}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x2}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x5}]}, 0x8c}, 0x1, 0x0, 0x0, 0x20000804}, 0x4041)

[  187.804315] binder: undelivered TRANSACTION_ERROR: 29189
[  187.813347] binder: undelivered TRANSACTION_ERROR: 29201
[  187.832184] binder: 21653:21655 got transaction with invalid offset (0, min 24 max 40) or object.
[  187.853173] binder: 21653:21655 transaction failed 29201/-22, size 40-16 line 3026
[  187.875429] FAULT_INJECTION: forcing a failure.
[  187.875429] name failslab, interval 1, probability 0, space 0, times 0
[  187.886818] CPU: 1 PID: 21658 Comm: syz-executor7 Not tainted 4.16.0-rc7+ #371
[  187.894175] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  187.903523] Call Trace:
[  187.906119]  dump_stack+0x194/0x24d
[  187.909755]  ? arch_local_irq_restore+0x53/0x53
[  187.914427]  ? __free_insn_slot+0x5c0/0x5c0
[  187.918752]  ? is_bpf_text_address+0xa4/0x120
[  187.923279]  should_fail+0x8c0/0xa40
[  187.926997]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  187.932095]  ? kernel_text_address+0x102/0x140
[  187.936683]  ? unwind_get_return_address+0x61/0xa0
[  187.941609]  ? __save_stack_trace+0x7e/0xd0
[  187.945935]  ? find_held_lock+0x35/0x1d0
[  187.950000]  ? __lock_is_held+0xb6/0x140
[  187.954074]  ? check_same_owner+0x320/0x320
[  187.958393]  ? rcu_note_context_switch+0x710/0x710
[  187.963331]  should_failslab+0xec/0x120
[  187.967302]  kmem_cache_alloc_node_trace+0x5a/0x760
[  187.972316]  ? find_next_bit+0xcc/0x100
[  187.976297]  blk_mq_init_tags+0x6c/0x2a0
[  187.980361]  blk_mq_alloc_rq_map+0x92/0x210
[  187.984683]  __blk_mq_alloc_rq_map+0xb1/0x2d0
[  187.989184]  blk_mq_alloc_tag_set+0x59d/0xa30
[  187.993689]  ? blk_mq_update_nr_hw_queues+0x450/0x450
[  187.998878]  ? find_held_lock+0x35/0x1d0
[  188.002945]  ? lock_release+0xa40/0xa40
[  188.006927]  loop_add+0x2d5/0xaf0
[  188.010388]  ? loop_queue_rq+0x5f0/0x5f0
[  188.014464]  loop_control_ioctl+0x2e9/0x490
[  188.018792]  ? loop_add+0xaf0/0xaf0
[  188.022414]  ? iterate_fd+0x3f0/0x3f0
[  188.026220]  ? __mutex_unlock_slowpath+0xe9/0xac0
[  188.031069]  ? vfs_write+0x374/0x510
[  188.034781]  ? wait_for_completion+0x770/0x770
[  188.039367]  ? loop_add+0xaf0/0xaf0
[  188.042988]  do_vfs_ioctl+0x1b1/0x1520
[  188.046884]  ? ioctl_preallocate+0x2b0/0x2b0
[  188.051298]  ? fget_raw+0x20/0x20
2018/03/30 10:05:13 executing program 3:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x0, 0x4001)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
r2 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000040)=""/21)
fcntl$F_GET_FILE_RW_HINT(r0, 0x40d, &(0x7f0000000000))
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}], 0x6, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

[  188.054754]  ? __sb_end_write+0xa0/0xd0
[  188.058731]  ? fput+0xd2/0x140
[  188.061923]  ? SyS_write+0x184/0x220
[  188.065635]  ? security_file_ioctl+0x89/0xb0
[  188.070043]  SyS_ioctl+0x8f/0xc0
[  188.073403]  ? do_vfs_ioctl+0x1520/0x1520
[  188.077549]  do_syscall_64+0x281/0x940
[  188.081427]  ? __do_page_fault+0xc90/0xc90
[  188.085655]  ? _raw_spin_unlock_irq+0x27/0x70
[  188.090145]  ? finish_task_switch+0x1c1/0x7e0
[  188.094639]  ? syscall_return_slowpath+0x550/0x550
[  188.099567]  ? syscall_return_slowpath+0x2ac/0x550
[  188.104496]  ? prepare_exit_to_usermode+0x350/0x350
[  188.109512]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  188.114878]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  188.119731]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  188.124911] RIP: 0033:0x4548b9
[  188.128087] RSP: 002b:00007f885806fc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  188.135790] RAX: ffffffffffffffda RBX: 00007f88580706d4 RCX: 00000000004548b9
[  188.143054] RDX: 0000000000000000 RSI: 0000000000004c82 RDI: 0000000000000015
2018/03/30 10:05:14 executing program 5:
syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000a2f000)=0x9)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
creat(&(0x7f0000000000)='./file0\x00', 0x90)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(0xffffffffffffffff, 0x8040451b, &(0x7f0000000040)=""/21)
process_vm_readv(r0, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}], 0x4, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}], 0x1, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:14 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:14 executing program 0:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
r2 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, r0, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000040)=""/21)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000400))
ioctl$sock_bt_bnep_BNEPCONNDEL(r2, 0x400442c9, &(0x7f0000000000)={0x4, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]})
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0x289}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:14 executing program 7 (fault-call:9 fault-nth:5):
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r9, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

[  188.150316] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  188.157572] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016
[  188.158941] binder_alloc: 21653: binder_alloc_buf, no vma
[  188.164830] R13: 000000000000027e R14: 00000000006f5c70 R15: 0000000000000004
[  188.177825] binder: 21653:21671 transaction failed 29189/-3, size 40-16 line 2963
[  188.193310] blk-mq: reduced tag depth (128 -> 64)
[  188.241448] binder: BINDER_SET_CONTEXT_MGR already set
[  188.251747] binder: 21653:21665 ioctl 40046207 0 returned -16
[  188.281399] FAULT_INJECTION: forcing a failure.
[  188.281399] name failslab, interval 1, probability 0, space 0, times 0
[  188.292802] CPU: 0 PID: 21686 Comm: syz-executor7 Not tainted 4.16.0-rc7+ #371
[  188.300163] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  188.309509] Call Trace:
[  188.312099]  dump_stack+0x194/0x24d
[  188.315733]  ? arch_local_irq_restore+0x53/0x53
[  188.320407]  ? is_bpf_text_address+0x7b/0x120
[  188.324917]  should_fail+0x8c0/0xa40
[  188.328634]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  188.333742]  ? rcutorture_record_progress+0x10/0x10
[  188.338768]  ? is_bpf_text_address+0xa4/0x120
[  188.343266]  ? find_held_lock+0x35/0x1d0
[  188.347327]  ? __lock_is_held+0xb6/0x140
[  188.351405]  ? check_same_owner+0x320/0x320
[  188.355718]  ? save_stack+0x43/0xd0
[  188.359336]  ? kasan_kmalloc+0xad/0xe0
[  188.363225]  ? rcu_note_context_switch+0x710/0x710
[  188.368146]  ? __blk_mq_alloc_rq_map+0xb1/0x2d0
[  188.372800]  ? blk_mq_alloc_tag_set+0x59d/0xa30
[  188.377455]  ? loop_add+0x2d5/0xaf0
[  188.381083]  should_failslab+0xec/0x120
[  188.385051]  kmem_cache_alloc_node_trace+0x5a/0x760
2018/03/30 10:05:14 executing program 2:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
ioctl$KVM_XEN_HVM_CONFIG(r0, 0x4038ae7a, &(0x7f0000000240)={0x5e77, 0x326, &(0x7f0000000000)="520dbde2de0cbcc37182b2a2b8182d0946516e004699f4b8476b41d308eca798cc22c0a7aa278362531d4d40229f2edb1c436d1c49c9d378c18cdddb55", &(0x7f00000001c0)="5a9c885771f2d524915be206349fce93b24f10272d2a12e3f0cae8a9dcf45b30acc2723e037b2470aaa0cd3be5be2205cc717202c37f1c4718f4f9ee10b69b347296aecc52ea0c48292786f9ad4aeae9f89b0c4ca60b70575ceead26f740e6cbd43e0d147961", 0x3d, 0x66})
r2 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000040)=""/21)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000400))
process_vm_readv(r1, &(0x7f0000000640), 0x4, &(0x7f00000004c0)=[{&(0x7f00000006c0)=""/237, 0xed}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:14 executing program 4:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r1 = getpgrp(0x0)
setsockopt$sock_timeval(r0, 0x1, 0x0, &(0x7f0000000040)={0x0, 0x7530}, 0x10)
r2 = add_key$keyring(&(0x7f00000007c0)='keyring\x00', &(0x7f0000000800)={0x73, 0x79, 0x7a, 0x2}, 0x0, 0x0, 0x0)
request_key(&(0x7f0000000400)='syzkaller\x00', &(0x7f0000000480)={0x73, 0x79, 0x7a, 0x0}, &(0x7f00000004c0)='/dev/dmmidi#\x00', r2)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x2000c0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}], 0x1, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:14 executing program 6:
r0 = syz_open_dev$binder(&(0x7f0000236ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
tee(r0, 0xffffffffffffffff, 0x1, 0x4)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
pipe(&(0x7f00000001c0)={<r1=>0xffffffffffffffff})
ioctl$TUNATTACHFILTER(r1, 0x401054d5, &(0x7f0000000580)={0x4, &(0x7f00000004c0)=[{0x5, 0x2, 0x74, 0x4}, {0x0, 0x8000, 0xffffffffffff0001, 0x8}, {0x3, 0x2, 0x8000, 0xffffffffffffff78}, {0x9, 0x7c8a, 0x6, 0x5}]})
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008000)={0x44, 0x0, &(0x7f0000004fbc)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x28, 0x10, &(0x7f000026c000)=[@ptr={0x73622a85, 0x0, &(0x7f00004edf8a), 0x1}], &(0x7f000000afd0)=[0x0, 0x0]}}], 0x0, 0x0, &(0x7f0000009000)})
setns(r0, 0x8000000)
r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x0, 0x0)
r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00')
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPVS_CMD_NEW_DEST(r2, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x6c, r3, 0x100, 0x70bd29, 0x25dfdbfb, {0x5}, [@IPVS_CMD_ATTR_DAEMON={0x58, 0x3, [@IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @local={0xfe, 0x80, [], 0xaa}}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @local={0xfe, 0x80, [], 0xaa}}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x1f}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e24}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast2={0xff, 0x2, [], 0x1}}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0x4}, 0x20040004)
syz_open_pts(r2, 0x2000)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000400)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DEST(r0, &(0x7f0000000540)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x2000400}, 0xc, &(0x7f0000000500)={&(0x7f0000000440)={0x78, r4, 0x0, 0x70bd2c, 0x25dfdbfb, {0x5}, [@IPVS_CMD_ATTR_SERVICE={0x4, 0x1}, @IPVS_CMD_ATTR_DAEMON={0x4c, 0x3, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x4}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e21}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'ipddp0\x00'}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0xffff}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast1={0xff, 0x1, [], 0x1}}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}]}, @IPVS_CMD_ATTR_DEST={0x14, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0xfff}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x9}]}]}, 0x78}, 0x1, 0x0, 0x0, 0x10}, 0x4)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000240)='IPVS\x00')
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000280)=ANY=[@ANYBLOB="80000000"], 0x1}, 0x1, 0x0, 0x0, 0x4}, 0x0)

[  188.390056]  ? find_held_lock+0x35/0x1d0
[  188.394110]  ? print_irqtrace_events+0x270/0x270
[  188.398866]  __kmalloc_node+0x33/0x70
[  188.402661]  sbitmap_init_node+0x195/0x330
[  188.406893]  sbitmap_queue_init_node+0xac/0x740
[  188.406984] binder: undelivered TRANSACTION_ERROR: 29189
[  188.411562]  ? sbitmap_bitmap_show+0x530/0x530
[  188.411575]  ? rcu_read_lock_sched_held+0x108/0x120
[  188.411588]  ? kmem_cache_alloc_node_trace+0x36f/0x760
[  188.411603]  ? find_next_bit+0xcc/0x100
[  188.411628]  blk_mq_init_tags+0x100/0x2a0
[  188.411643]  blk_mq_alloc_rq_map+0x92/0x210
[  188.430879] binder: BINDER_SET_CONTEXT_MGR already set
[  188.431893]  __blk_mq_alloc_rq_map+0xb1/0x2d0
[  188.431913]  blk_mq_alloc_tag_set+0x59d/0xa30
[  188.431937]  ? blk_mq_update_nr_hw_queues+0x450/0x450
[  188.431948]  ? find_held_lock+0x35/0x1d0
[  188.431960]  ? lock_release+0xa40/0xa40
[  188.436424] binder: undelivered TRANSACTION_ERROR: 29201
[  188.440053]  loop_add+0x2d5/0xaf0
[  188.440069]  ? loop_queue_rq+0x5f0/0x5f0
[  188.440099]  loop_control_ioctl+0x2e9/0x490
[  188.440111]  ? loop_add+0xaf0/0xaf0
[  188.440120]  ? iterate_fd+0x3f0/0x3f0
[  188.440133]  ? __mutex_unlock_slowpath+0xe9/0xac0
[  188.444623] binder: 21696:21697 ioctl 40046207 0 returned -16
[  188.449687]  ? vfs_write+0x374/0x510
[  188.449700]  ? wait_for_completion+0x770/0x770
[  188.449718]  ? loop_add+0xaf0/0xaf0
[  188.449728]  do_vfs_ioctl+0x1b1/0x1520
[  188.449752]  ? ioctl_preallocate+0x2b0/0x2b0
[  188.449765]  ? fget_raw+0x20/0x20
[  188.449781]  ? __sb_end_write+0xa0/0xd0
[  188.534439]  ? fput+0xd2/0x140
[  188.537610]  ? SyS_write+0x184/0x220
[  188.541302]  ? security_file_ioctl+0x89/0xb0
[  188.545690]  SyS_ioctl+0x8f/0xc0
[  188.549034]  ? do_vfs_ioctl+0x1520/0x1520
[  188.553159]  do_syscall_64+0x281/0x940
[  188.557021]  ? __do_page_fault+0xc90/0xc90
[  188.561231]  ? _raw_spin_unlock_irq+0x27/0x70
[  188.565704]  ? finish_task_switch+0x1c1/0x7e0
[  188.570175]  ? syscall_return_slowpath+0x550/0x550
[  188.575078]  ? syscall_return_slowpath+0x2ac/0x550
[  188.579982]  ? prepare_exit_to_usermode+0x350/0x350
[  188.584976]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  188.590318]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  188.595146]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  188.600310] RIP: 0033:0x4548b9
[  188.603472] RSP: 002b:00007f885806fc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  188.611154] RAX: ffffffffffffffda RBX: 00007f88580706d4 RCX: 00000000004548b9
[  188.618395] RDX: 0000000000000000 RSI: 0000000000004c82 RDI: 0000000000000015
[  188.625639] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  188.632883] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016
2018/03/30 10:05:14 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

[  188.640125] R13: 000000000000027e R14: 00000000006f5c70 R15: 0000000000000005
[  188.666616] binder: 21696:21697 transaction failed 29189/-22, size 40-16 line 2848
[  188.673213] blk-mq: reduced tag depth (128 -> 64)
2018/03/30 10:05:14 executing program 3:
syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x0, 0x4001)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000a2f000)=0x9)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
r1 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(r1, 0x8040451b, &(0x7f0000000040)=""/21)
process_vm_readv(r0, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}], 0x6, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))
mlock2(&(0x7f00008dd000/0x2000)=nil, 0x2000, 0x0)

2018/03/30 10:05:14 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

[  188.731154] binder: 21696:21707 got transaction with invalid offset (0, min 24 max 40) or object.
[  188.754248] binder: 21696:21707 transaction failed 29201/-22, size 40-16 line 3026
2018/03/30 10:05:14 executing program 6:
r0 = syz_open_dev$binder(&(0x7f0000236ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
tee(r0, 0xffffffffffffffff, 0x1, 0x4)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
pipe(&(0x7f00000001c0)={<r1=>0xffffffffffffffff})
ioctl$TUNATTACHFILTER(r1, 0x401054d5, &(0x7f0000000580)={0x4, &(0x7f00000004c0)=[{0x5, 0x2, 0x74, 0x4}, {0x0, 0x8000, 0xffffffffffff0001, 0x8}, {0x3, 0x2, 0x8000, 0xffffffffffffff78}, {0x9, 0x7c8a, 0x6, 0x5}]})
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008000)={0x44, 0x0, &(0x7f0000004fbc)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x28, 0x10, &(0x7f000026c000)=[@ptr={0x73622a85, 0x0, &(0x7f00004edf8a), 0x1}], &(0x7f000000afd0)=[0x0, 0x0]}}], 0x0, 0x0, &(0x7f0000009000)})
setns(r0, 0x8000000)
r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x0, 0x0)
r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DEST(r2, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x6c, r3, 0x100, 0x70bd29, 0x25dfdbfb, {0x5}, [@IPVS_CMD_ATTR_DAEMON={0x58, 0x3, [@IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @local={0xfe, 0x80, [], 0xaa}}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @local={0xfe, 0x80, [], 0xaa}}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x1f}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e24}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast2={0xff, 0x2, [], 0x1}}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0x4}, 0x20040004)
syz_open_pts(r2, 0x2000)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DEST(r0, &(0x7f0000000540)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x2000400}, 0xc, &(0x7f0000000500)={&(0x7f0000000440)={0x78, r4, 0x0, 0x70bd2c, 0x25dfdbfb, {0x5}, [@IPVS_CMD_ATTR_SERVICE={0x4, 0x1}, @IPVS_CMD_ATTR_DAEMON={0x4c, 0x3, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x4}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e21}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'ipddp0\x00'}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0xffff}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast1={0xff, 0x1, [], 0x1}}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}]}, @IPVS_CMD_ATTR_DEST={0x14, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0xfff}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x9}]}]}, 0x78}, 0x1, 0x0, 0x0, 0x10}, 0x4)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000240)='IPVS\x00')
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000280)=ANY=[@ANYBLOB="80000000"], 0x1}, 0x1, 0x0, 0x0, 0x4}, 0x0)

2018/03/30 10:05:14 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:14 executing program 7 (fault-call:9 fault-nth:6):
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r9, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

[  188.815982] binder: undelivered TRANSACTION_ERROR: 29201
[  188.821843] binder: undelivered TRANSACTION_ERROR: 29189
[  188.838289] binder: 21719:21720 got transaction with invalid offset (0, min 24 max 40) or object.
[  188.875208] binder: 21719:21720 transaction failed 29201/-22, size 40-16 line 3026
2018/03/30 10:05:14 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:14 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

[  188.991450] binder_alloc: 21719: binder_alloc_buf, no vma
[  188.997145] binder: 21719:21725 transaction failed 29189/-3, size 40-16 line 2963
[  189.018623] binder: BINDER_SET_CONTEXT_MGR already set
[  189.032666] binder: 21719:21720 ioctl 40046207 0 returned -16
2018/03/30 10:05:14 executing program 6:
r0 = syz_open_dev$binder(&(0x7f0000236ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
tee(r0, 0xffffffffffffffff, 0x1, 0x4)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
pipe(&(0x7f00000001c0)={<r1=>0xffffffffffffffff})
ioctl$TUNATTACHFILTER(r1, 0x401054d5, &(0x7f0000000580)={0x4, &(0x7f00000004c0)=[{0x5, 0x2, 0x74, 0x4}, {0x0, 0x8000, 0xffffffffffff0001, 0x8}, {0x3, 0x2, 0x8000, 0xffffffffffffff78}, {0x9, 0x7c8a, 0x6, 0x5}]})
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008000)={0x44, 0x0, &(0x7f0000004fbc)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x28, 0x10, &(0x7f000026c000)=[@ptr={0x73622a85, 0x0, &(0x7f00004edf8a), 0x1}], &(0x7f000000afd0)=[0x0, 0x0]}}], 0x0, 0x0, &(0x7f0000009000)})
setns(r0, 0x8000000)
r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x0, 0x0)
r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00')
syz_open_dev$vcsa(&(0x7f00000002c0)='/dev/vcsa#\x00', 0x3f, 0x2002)
sendmsg$IPVS_CMD_NEW_DEST(r2, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x6c, r3, 0x100, 0x70bd29, 0x25dfdbfb, {0x5}, [@IPVS_CMD_ATTR_DAEMON={0x58, 0x3, [@IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @local={0xfe, 0x80, [], 0xaa}}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @local={0xfe, 0x80, [], 0xaa}}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x1f}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e24}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast2={0xff, 0x2, [], 0x1}}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0x4}, 0x20040004)
syz_open_pts(r1, 0x20142)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000400)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DEST(r0, &(0x7f0000000540)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x2000400}, 0xc, &(0x7f0000000500)={&(0x7f0000000440)={0x78, r4, 0x0, 0x70bd2c, 0x25dfdbfb, {0x5}, [@IPVS_CMD_ATTR_SERVICE={0x4, 0x1}, @IPVS_CMD_ATTR_DAEMON={0x4c, 0x3, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x4}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e21}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'ipddp0\x00'}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0xffff}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast1={0xff, 0x1, [], 0x1}}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}]}, @IPVS_CMD_ATTR_DEST={0x14, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0xfff}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x9}]}]}, 0x78}, 0x1, 0x0, 0x0, 0x10}, 0x4)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000240)='IPVS\x00')
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000280)=ANY=[@ANYBLOB="80000000"], 0x1}, 0x1, 0x0, 0x0, 0x4}, 0x0)

[  189.120974] binder: undelivered TRANSACTION_ERROR: 29189
[  189.131918] binder: undelivered TRANSACTION_ERROR: 29201
[  189.164648] binder: 21747:21748 got transaction with invalid offset (0, min 24 max 40) or object.
[  189.179496] binder: 21747:21748 transaction failed 29201/-22, size 40-16 line 3026
[  189.220272] binder: BINDER_SET_CONTEXT_MGR already set
[  189.237821] FAULT_INJECTION: forcing a failure.
[  189.237821] name failslab, interval 1, probability 0, space 0, times 0
[  189.249170] CPU: 1 PID: 21756 Comm: syz-executor7 Not tainted 4.16.0-rc7+ #371
[  189.256530] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  189.265883] Call Trace:
[  189.268473]  dump_stack+0x194/0x24d
[  189.272109]  ? arch_local_irq_restore+0x53/0x53
[  189.276792]  should_fail+0x8c0/0xa40
[  189.280510]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  189.285614]  ? rcu_read_lock_sched_held+0x108/0x120
[  189.288694] binder_alloc: 21747: binder_alloc_buf, no vma
[  189.290621]  ? pcpu_alloc+0x146/0x1120
[  189.290654]  ? find_held_lock+0x35/0x1d0
[  189.290672]  ? __lock_is_held+0xb6/0x140
[  189.296232] binder: 21747:21755 transaction failed 29189/-3, size 40-16 line 2963
[  189.300078]  ? check_same_owner+0x320/0x320
[  189.300087]  ? __kmalloc_node+0x33/0x70
[  189.300100]  ? rcu_note_context_switch+0x710/0x710
[  189.325284] binder: 21747:21748 ioctl 40046207 0 returned -16
[  189.328933]  ? kmem_cache_alloc_node_trace+0x36f/0x760
[  189.328944]  ? find_held_lock+0x35/0x1d0
[  189.328968]  should_failslab+0xec/0x120
[  189.328980]  kmem_cache_alloc_node_trace+0x5a/0x760
[  189.353111]  ? __kmalloc_node+0x47/0x70
[  189.357094]  ? find_next_bit+0xcc/0x100
[  189.361078]  sbitmap_queue_init_node+0x35d/0x740
[  189.365848]  ? sbitmap_bitmap_show+0x530/0x530
[  189.370432]  ? rcu_read_lock_sched_held+0x108/0x120
[  189.375444]  ? kmem_cache_alloc_node_trace+0x36f/0x760
[  189.380716]  ? find_next_bit+0xcc/0x100
[  189.384704]  blk_mq_init_tags+0x100/0x2a0
[  189.388854]  blk_mq_alloc_rq_map+0x92/0x210
[  189.393181]  __blk_mq_alloc_rq_map+0xb1/0x2d0
[  189.397689]  blk_mq_alloc_tag_set+0x59d/0xa30
[  189.402189]  ? blk_mq_update_nr_hw_queues+0x450/0x450
[  189.407370]  ? find_held_lock+0x35/0x1d0
[  189.411430]  ? lock_release+0xa40/0xa40
[  189.415403]  loop_add+0x2d5/0xaf0
[  189.418854]  ? loop_queue_rq+0x5f0/0x5f0
[  189.419090] binder: undelivered TRANSACTION_ERROR: 29189
[  189.422917]  loop_control_ioctl+0x2e9/0x490
[  189.422929]  ? loop_add+0xaf0/0xaf0
[  189.422939]  ? iterate_fd+0x3f0/0x3f0
[  189.422953]  ? __mutex_unlock_slowpath+0xe9/0xac0
[  189.422965]  ? vfs_write+0x374/0x510
[  189.428685] binder: undelivered TRANSACTION_ERROR: 29201
[  189.432702]  ? wait_for_completion+0x770/0x770
[  189.432718]  ? loop_add+0xaf0/0xaf0
[  189.432728]  do_vfs_ioctl+0x1b1/0x1520
[  189.432748]  ? ioctl_preallocate+0x2b0/0x2b0
[  189.432760]  ? fget_raw+0x20/0x20
[  189.432775]  ? __sb_end_write+0xa0/0xd0
[  189.478034]  ? fput+0xd2/0x140
[  189.481210]  ? SyS_write+0x184/0x220
[  189.484907]  ? security_file_ioctl+0x89/0xb0
[  189.500323]  SyS_ioctl+0x8f/0xc0
[  189.503666]  ? do_vfs_ioctl+0x1520/0x1520
[  189.507795]  do_syscall_64+0x281/0x940
[  189.511660]  ? __do_page_fault+0xc90/0xc90
[  189.515872]  ? _raw_spin_unlock_irq+0x27/0x70
[  189.520345]  ? finish_task_switch+0x1c1/0x7e0
[  189.524819]  ? syscall_return_slowpath+0x550/0x550
[  189.529725]  ? syscall_return_slowpath+0x2ac/0x550
[  189.534632]  ? prepare_exit_to_usermode+0x350/0x350
[  189.539626]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  189.544972]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  189.549800]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  189.554975] RIP: 0033:0x4548b9
[  189.558138] RSP: 002b:00007f885802dc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  189.565823] RAX: ffffffffffffffda RBX: 00007f885802e6d4 RCX: 00000000004548b9
[  189.573068] RDX: 0000000000000000 RSI: 0000000000004c82 RDI: 0000000000000014
[  189.580315] RBP: 000000000072c010 R08: 0000000000000000 R09: 0000000000000000
[  189.587559] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015
[  189.595429] R13: 000000000000027e R14: 00000000006f5c70 R15: 0000000000000006
[  189.605295] blk-mq: reduced tag depth (128 -> 64)
2018/03/30 10:05:15 executing program 3:
r0 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0x0, 0x4000)
r1 = getpgrp(0x0)
ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, &(0x7f0000000080)={&(0x7f0000561000/0x3000)=nil, 0x3000})
munmap(&(0x7f0000914000/0x4000)=nil, 0x4000)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
fcntl$setsig(r0, 0xa, 0x41)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000400), &(0x7f0000000480)=0xc)
r2 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000040)=""/21)
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}], 0x6, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:15 executing program 5:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
ioctl$KDGKBLED(r0, 0x4b64, &(0x7f0000000400))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(0xffffffffffffffff, 0x8040451b, &(0x7f0000000040)=""/21)
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}], 0x4, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}], 0x1, 0x0)
rename(&(0x7f00000004c0)='./file0\x00', &(0x7f0000000680)='./file0\x00')
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))
getsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r2=>0x0, 0x10000}, &(0x7f0000000340)=0x8)
getsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000380)={r2, 0xb9}, &(0x7f00000003c0)=0x8)

2018/03/30 10:05:15 executing program 4:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r1 = getpgrp(0x0)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
r2 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
stat(&(0x7f0000000480)='./file0\x00', &(0x7f00000013c0)={0x0, 0x0, 0x0, 0x0, <r3=>0x0})
r4 = getgid()
fchown(r2, r3, r4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
wait4(r1, &(0x7f0000000000), 0xc, 0x0)
setsockopt$inet_MCAST_MSFILTER(r2, 0x0, 0x30, &(0x7f0000001100)={0x2, {{0x2, 0x4e23, @multicast1=0xe0000001}}, 0x1, 0x3, [{{0x2, 0x4e20, @rand_addr=0x10000}}, {{0x2, 0x4e21, @broadcast=0xffffffff}}, {{0x2, 0x4e24, @loopback=0x7f000001}}]}, 0x210)
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}], 0x1, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))
lstat(&(0x7f0000001000)='./file0\x00', &(0x7f0000001040))
lstat(&(0x7f0000000400)='./file0\x00', &(0x7f0000000880)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
getresgid(&(0x7f0000000b40)=<r6=>0x0, &(0x7f0000000b80), &(0x7f0000000bc0))
getsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000c00)={{{@in6=@ipv4={[], [], @rand_addr}, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r7=>0x0}}, {{@in=@dev}, 0x0, @in=@broadcast}}, &(0x7f0000000d00)=0xe8)
stat(&(0x7f0000000d40)='./file0\x00', &(0x7f0000000d80)={0x0, 0x0, 0x0, 0x0, 0x0, <r8=>0x0})
socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000fc0))
r9 = getuid()
fstat(r2, &(0x7f0000000e00)={0x0, 0x0, 0x0, 0x0, 0x0, <r10=>0x0})
ioctl$VT_GETSTATE(r0, 0x5603, &(0x7f00000010c0)={0x800, 0x3, 0x800000000000000})
sendmsg$unix(r2, &(0x7f0000000f80)={&(0x7f0000001340)=@abs={0x0, 0x0, 0x4e20}, 0x6e, &(0x7f0000000040)=[{&(0x7f00000007c0)="9764289474e4d6f3cb2179773f15a3e25950d017ceefa0e3f3a980da7c7f09336fe0bb1685beef8735fcd59f4cf9f644a6318630f211e64104190c8d1e35bd8dad0b397171d9e920ba6ea8d093dbcaa3b15127a0ea88da74a17a943e028c185acc95f16a4becd17305989d0cce4d418c90873c15ed7a102ce650946296496c6add3e2b6e", 0x84}, {&(0x7f0000000a40)="13ca89cfdd0a53c2409f3a622bcc7be735bfeafa9a7ffb6f5f9b8a2e88eb00823e6e82d1ed0ef06ea42bbf0421950145d1da755ee7dd2ff550ec88e40e4e392c4788cc87f4bddfb3279732747434cdc1b3a7b6fc24f2928fc1209098e9676d0bd2d9b3788ae45262d9c2b261a87ac651b1423eeecccaf53f2b7310c33de5b060b080685fb34c5497b1e22c961a8d3770d16b4d03097cc0ae043169e5d531f1cf4284835c9883801ae3227558797264c717028c9d2035973f34e652b1d9954ed6b2476d50136c751e4d4956ba5aef87534094bdb328ed12a26f34846be3b1b1bfff6ca4b19928ed9949faefe6450419e18f5023d93dba316b", 0xf8}], 0x2, &(0x7f0000000e80)=[@rights={0x38, 0x1, 0x1, [r2, r2, r0, r2, r0, r2, r0, r2, r0]}, @rights={0x30, 0x1, 0x1, [r0, r2, r0, r2, r2, r2, r2]}, @cred={0x20, 0x1, 0x2, r1, r5, r6}, @cred={0x20, 0x1, 0x2, r1, r7, r8}, @cred={0x20, 0x1, 0x2, r1, r9, r10}], 0xc8, 0x40}, 0x24008010)

2018/03/30 10:05:15 executing program 2:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4005)
ioctl$TIOCGSID(r0, 0x5429, &(0x7f0000000440)=<r1=>0x0)
r2 = getpgrp(r1)
sched_setaffinity(r2, 0x8, &(0x7f0000a2f000)=0x9)
r3 = syz_open_dev$dspn(&(0x7f0000000ac0)='/dev/dsp#\x00', 0xffffffffffbfffff, 0x400)
mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0xa, 0x8031, r3, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(r3, 0x8040451b, &(0x7f0000000040)=""/21)
ioctl$KVM_ASSIGN_PCI_DEVICE(r3, 0x8040ae69, &(0x7f0000000a80)={0x1, 0x7fffffff, 0xd7bd, 0x5, 0x4})
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000400))
process_vm_readv(r2, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0x289}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
getsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f00000004c0)=@assoc_value={<r4=>0x0, 0x6}, &(0x7f00000008c0)=0x8)
setsockopt$inet_sctp6_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000a40)={r4, 0x347fb838, 0x4, 0x7}, 0x10)
chmod(&(0x7f0000000480)='./file0\x00', 0x4)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:15 executing program 6:
r0 = syz_open_dev$binder(&(0x7f0000236ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
tee(r0, 0xffffffffffffffff, 0x1, 0x4)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
pipe(&(0x7f00000001c0)={<r1=>0xffffffffffffffff})
ioctl$TUNATTACHFILTER(r1, 0x401054d5, &(0x7f0000000580)={0x4, &(0x7f00000004c0)=[{0x5, 0x2, 0x74, 0x4}, {0x0, 0x8000, 0xffffffffffff0001, 0x8}, {0x3, 0x2, 0x8000, 0xffffffffffffff78}, {0x9, 0x7c8a, 0x6, 0x5}]})
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008000)={0x52, 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="00549422063d148c4132060d79323563404000db57000000000000000000000000000000000000000000004000000000000028000000000000001000000000000000", @ANYPTR=&(0x7f000026c000)=ANY=[@ANYBLOB="852a627300000000", @ANYPTR=&(0x7f00004edf8a)=ANY=[@ANYBLOB='\x00'], @ANYBLOB="010000000000000000000000000000000000000000000000"], @ANYPTR=&(0x7f000000afd0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00']], 0x0, 0x0, &(0x7f00000005c0)})
setns(r0, 0x8000000)
r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x0, 0x0)
r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000600)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DEST(r2, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x6c, r3, 0x100, 0x70bd29, 0x25dfdbfb, {0x5}, [@IPVS_CMD_ATTR_DAEMON={0x58, 0x3, [@IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @local={0xfe, 0x80, [], 0xaa}}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @local={0xfe, 0x80, [], 0xaa}}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x1f}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e24}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast2={0xff, 0x2, [], 0x1}}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0x4}, 0x20040004)
syz_open_pts(r2, 0x2000)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000400)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DEST(r0, &(0x7f0000000540)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x2000400}, 0xc, &(0x7f0000000500)={&(0x7f0000000440)={0x78, r4, 0x0, 0x70bd2c, 0x25dfdbfb, {0x5}, [@IPVS_CMD_ATTR_SERVICE={0x4, 0x1}, @IPVS_CMD_ATTR_DAEMON={0x4c, 0x3, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x4}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e21}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'ipddp0\x00'}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0xffff}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast1={0xff, 0x1, [], 0x1}}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}]}, @IPVS_CMD_ATTR_DEST={0x14, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0xfff}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x9}]}]}, 0x78}, 0x1, 0x0, 0x0, 0x10}, 0x4)
getsockopt$EBT_SO_GET_INIT_INFO(r1, 0x0, 0x82, &(0x7f0000000640)={'broute\x00'}, &(0x7f0000000080)=0x78)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000240)='IPVS\x00')
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000280)=ANY=[@ANYBLOB="80000000"], 0x1}, 0x1, 0x0, 0x0, 0x4}, 0x0)

2018/03/30 10:05:15 executing program 7 (fault-call:9 fault-nth:7):
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r9, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

2018/03/30 10:05:15 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x3c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:15 executing program 0:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
r2 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xc, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000040)=""/21)
ioctl$EVIOCGPROP(r2, 0x80404509, &(0x7f0000000a40)=""/242)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000400))
timer_create(0x5, &(0x7f00000008c0)={0x0, 0x40, 0x6, @thr={&(0x7f0000000480)="8952bbd96de2d62d34a2186bd349d042842e300bc9c15f249e91768d21cc9647a6a00ef67bb9343e71c88b99deeb3bb08b9b601ef594dee7627f2d5f31d5870a9ac627214ccaa3b1e3ee11e43ef008ddd080d7079ea0827c9d9e66718d70527b882c6935ee0d8b90759323ba3217", &(0x7f0000000b40)="1b2d6a21b7c9e47f6b54d50f47064e6ede9da8a409f9a21805b383bf67ff047a8de6730fc2579e10f4800f88dd514f560ed8bdd370f6c14702ee009be744884b833e486b180f961cf3cde8bd94ba6a9e7717c8a1e9377aa8b29ce10a1cc1c1d00e68a0e9c74abbe0e03426cfb7470ad92c3cce5fd594bc2527c9ac3c06e0dcf8f8b8da1d05262d3de2fe9246d9a855f2019a2b2b84d13cf5820379ecc03925555ebfd773169dd4fbb2e7f05c5a5edc0ad3cae4b8b58a2fec2095cc7b"}}, &(0x7f0000000c00)=<r3=>0x0)
clock_gettime(0x0, &(0x7f0000000c40)={<r4=>0x0, <r5=>0x0})
timer_settime(r3, 0x0, &(0x7f0000000c80)={{0x77359400}, {r4, r5+10000000}}, &(0x7f0000000cc0))
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0x289}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))
ioctl$TUNSETFILTEREBPF(r2, 0x800454e1, &(0x7f0000000000)=r0)

[  189.698516] binder: 21765:21766 ioctl c0306201 20008000 returned -14
[  189.726903] FAULT_INJECTION: forcing a failure.
[  189.726903] name failslab, interval 1, probability 0, space 0, times 0
[  189.738447] CPU: 1 PID: 21772 Comm: syz-executor7 Not tainted 4.16.0-rc7+ #371
[  189.745806] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  189.755163] Call Trace:
[  189.757755]  dump_stack+0x194/0x24d
[  189.761391]  ? arch_local_irq_restore+0x53/0x53
[  189.766082]  should_fail+0x8c0/0xa40
[  189.769803]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  189.774905]  ? rcu_read_lock_sched_held+0x108/0x120
[  189.779920]  ? pcpu_alloc+0x146/0x1120
[  189.783821]  ? find_held_lock+0x35/0x1d0
[  189.787897]  ? __lock_is_held+0xb6/0x140
[  189.791421] binder: BINDER_SET_CONTEXT_MGR already set
[  189.791974]  ? check_same_owner+0x320/0x320
[  189.801550]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  189.806192] binder: 21765:21792 ioctl c0306201 20008000 returned -14
[  189.806575]  ? rcu_note_context_switch+0x710/0x710
[  189.817963]  ? __lockdep_init_map+0xe4/0x650
[  189.822378]  should_failslab+0xec/0x120
[  189.825121] binder: 21765:21791 ioctl 40046207 0 returned -16
[  189.826346]  kmem_cache_alloc_node_trace+0x5a/0x760
[  189.826356]  ? init_wait_entry+0x1b0/0x1b0
[  189.826387]  sbitmap_queue_init_node+0x35d/0x740
[  189.826409]  ? sbitmap_bitmap_show+0x530/0x530
[  189.850806]  ? rcu_read_lock_sched_held+0x108/0x120
[  189.855821]  ? kmem_cache_alloc_node_trace+0x36f/0x760
[  189.861096]  ? find_next_bit+0xcc/0x100
[  189.865091]  blk_mq_init_tags+0x154/0x2a0
[  189.869242]  blk_mq_alloc_rq_map+0x92/0x210
[  189.873567]  __blk_mq_alloc_rq_map+0xb1/0x2d0
[  189.878065]  blk_mq_alloc_tag_set+0x59d/0xa30
[  189.882567]  ? blk_mq_update_nr_hw_queues+0x450/0x450
[  189.887752]  ? find_held_lock+0x35/0x1d0
[  189.891808]  ? lock_release+0xa40/0xa40
[  189.895785]  loop_add+0x2d5/0xaf0
2018/03/30 10:05:15 executing program 6:
r0 = syz_open_dev$binder(&(0x7f0000236ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
tee(r0, 0xffffffffffffffff, 0x1, 0x4)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
pipe(&(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$TUNATTACHFILTER(r1, 0x401054d5, &(0x7f0000000580)={0x4, &(0x7f00000004c0)=[{0x5, 0x2, 0x74, 0x4}, {0x0, 0x8000, 0xffffffffffff0001, 0x8}, {0x3, 0x2, 0x8000, 0xffffffffffffff78}, {0x9, 0x7c8a, 0x6, 0x5}]})
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008000)={0x44, 0x0, &(0x7f0000004fbc)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x28, 0x10, &(0x7f000026c000)=[@ptr={0x73622a85, 0x0, &(0x7f00004edf8a), 0x1}], &(0x7f000000afd0)=[0x0, 0x0]}}], 0x0, 0x0, &(0x7f0000009000)})
setns(r0, 0x8000000)
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x0, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00')
setsockopt$inet6_int(r2, 0x29, 0x21, &(0x7f00000002c0)=0x9, 0x4)
sendmsg$IPVS_CMD_NEW_DEST(r3, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x6c, r4, 0x100, 0x70bd29, 0x25dfdbfb, {0x5}, [@IPVS_CMD_ATTR_DAEMON={0x58, 0x3, [@IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @local={0xfe, 0x80, [], 0xaa}}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @local={0xfe, 0x80, [], 0xaa}}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x1f}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e24}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast2={0xff, 0x2, [], 0x1}}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0x4}, 0x20040004)
syz_open_pts(r3, 0x2000)
r5 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000300)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DEST(r0, &(0x7f0000000540)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x2000400}, 0xc, &(0x7f0000000500)={&(0x7f0000000440)={0x78, r5, 0x0, 0x70bd2c, 0x25dfdbfb, {0x5}, [@IPVS_CMD_ATTR_SERVICE={0x4, 0x1}, @IPVS_CMD_ATTR_DAEMON={0x4c, 0x3, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x4}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e21}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'ipddp0\x00'}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0xffff}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast1={0xff, 0x1, [], 0x1}}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}]}, @IPVS_CMD_ATTR_DEST={0x14, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0xfff}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x9}]}]}, 0x78}, 0x1, 0x0, 0x0, 0x10}, 0x4)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000240)='IPVS\x00')
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000400)='tunl0\x00', 0x10)
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000280)=ANY=[@ANYBLOB="80000000"], 0x1}, 0x1, 0x0, 0x0, 0x4}, 0x0)

[  189.899588]  ? loop_queue_rq+0x5f0/0x5f0
[  189.903670]  loop_control_ioctl+0x2e9/0x490
[  189.907989]  ? loop_add+0xaf0/0xaf0
[  189.911614]  ? iterate_fd+0x3f0/0x3f0
[  189.915416]  ? __mutex_unlock_slowpath+0xe9/0xac0
[  189.920257]  ? vfs_write+0x374/0x510
[  189.923967]  ? wait_for_completion+0x770/0x770
[  189.928554]  ? loop_add+0xaf0/0xaf0
[  189.932178]  do_vfs_ioctl+0x1b1/0x1520
[  189.935969] binder: 21801:21804 transaction failed 29189/-22, size 40-16 line 2848
[  189.936078]  ? ioctl_preallocate+0x2b0/0x2b0
[  189.936092]  ? fget_raw+0x20/0x20
[  189.951623]  ? __sb_end_write+0xa0/0xd0
[  189.955603]  ? fput+0xd2/0x140
[  189.958789]  ? SyS_write+0x184/0x220
[  189.962504]  ? security_file_ioctl+0x89/0xb0
[  189.966915]  SyS_ioctl+0x8f/0xc0
[  189.970274]  ? do_vfs_ioctl+0x1520/0x1520
[  189.974422]  do_syscall_64+0x281/0x940
[  189.978303]  ? __do_page_fault+0xc90/0xc90
[  189.982532]  ? _raw_spin_unlock_irq+0x27/0x70
[  189.987020]  ? finish_task_switch+0x1c1/0x7e0
[  189.991510]  ? syscall_return_slowpath+0x550/0x550
[  189.996437]  ? syscall_return_slowpath+0x2ac/0x550
[  190.001364]  ? prepare_exit_to_usermode+0x350/0x350
[  190.006378]  ? entry_SYSCALL_64_after_hwframe+0x52/0xb7
[  190.011742]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  190.016590]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  190.021768] RIP: 0033:0x4548b9
[  190.024947] RSP: 002b:00007f885806fc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  190.032648] RAX: ffffffffffffffda RBX: 00007f88580706d4 RCX: 00000000004548b9
[  190.039907] RDX: 0000000000000000 RSI: 0000000000004c82 RDI: 0000000000000015
2018/03/30 10:05:15 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x3c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

[  190.047165] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  190.054427] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000016
[  190.061699] R13: 000000000000027e R14: 00000000006f5c70 R15: 0000000000000007
[  190.088147] binder: 21801:21816 transaction failed 29189/-22, size 40-16 line 2848
2018/03/30 10:05:15 executing program 6:
r0 = syz_open_dev$binder(&(0x7f0000236ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
tee(r0, 0xffffffffffffffff, 0x1, 0x4)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
pipe(&(0x7f00000001c0)={<r1=>0xffffffffffffffff})
ioctl$TUNATTACHFILTER(r1, 0x401054d5, &(0x7f0000000580)={0x4, &(0x7f00000004c0)=[{0x5, 0x2, 0x74, 0x4}, {0x0, 0x8000, 0xffffffffffff0001, 0x8}, {0x3, 0x2, 0x8000, 0xffffffffffffff78}, {0x9, 0x7c8a, 0x6, 0x5}]})
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008000)={0x44, 0x0, &(0x7f0000004fbc)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x28, 0x10, &(0x7f000026c000)=[@ptr={0x73622a85, 0x0, &(0x7f00004edf8a), 0x1}], &(0x7f000000afd0)=[0x0, 0x0]}}], 0x0, 0x0, &(0x7f0000009000)})
setns(r0, 0x8000000)
r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x0, 0x0)
r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DEST(r2, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="000129bd7000fbdbdf25050000005800030014000600fe8000000000000000000000000000aa080001000000000014000600fe8000000000000000000000000000aa080008001f000000080007004e24000014000600ff020000000000000000000000000001"], 0x6c}, 0x1, 0x0, 0x0, 0x4}, 0x20040004)
syz_open_pts(r2, 0x2000)
alarm(0xfffffffffffffffc)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000400)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DEST(r0, &(0x7f0000000540)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x2000400}, 0xc, &(0x7f0000000500)={&(0x7f0000000440)={0x78, r4, 0x0, 0x70bd2c, 0x25dfdbfb, {0x5}, [@IPVS_CMD_ATTR_SERVICE={0x4, 0x1}, @IPVS_CMD_ATTR_DAEMON={0x4c, 0x3, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x4}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e21}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'ipddp0\x00'}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0xffff}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast1={0xff, 0x1, [], 0x1}}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}]}, @IPVS_CMD_ATTR_DEST={0x14, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0xfff}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x9}]}]}, 0x78}, 0x1, 0x0, 0x0, 0x10}, 0x4)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000240)='IPVS\x00')
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000280)=ANY=[@ANYBLOB="80000000"], 0x1}, 0x1, 0x0, 0x0, 0x4}, 0x0)
dup(r0)

2018/03/30 10:05:15 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x3c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

[  190.143440] binder: undelivered TRANSACTION_ERROR: 29189
[  190.149553] binder: undelivered TRANSACTION_ERROR: 29189
[  190.178828] binder: 21824:21825 got transaction with invalid offset (0, min 24 max 40) or object.
[  190.203210] binder: 21824:21825 transaction failed 29201/-22, size 40-16 line 3026
2018/03/30 10:05:16 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:16 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r9, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

[  190.248507] blk-mq: reduced tag depth (128 -> 64)
[  190.297155] binder: BINDER_SET_CONTEXT_MGR already set
[  190.336815] binder_alloc: 21824: binder_alloc_buf, no vma
2018/03/30 10:05:16 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r9, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

[  190.342552] binder: 21824:21829 transaction failed 29189/-3, size 40-16 line 2963
2018/03/30 10:05:16 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:16 executing program 3:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x0, 0x4001)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
ioctl$DRM_IOCTL_GEM_FLINK(r0, 0xc008640a, &(0x7f0000000480)={<r2=>0x0})
setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r0, 0x84, 0x8, &(0x7f0000000b00)=0x9, 0x4)
ioctl$DRM_IOCTL_GEM_OPEN(r0, 0xc010640b, &(0x7f0000000600)={0x0, r2, 0x9})
r3 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x4000008031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(r3, 0x8040451b, &(0x7f00000004c0)=""/21)
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}], 0x6, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
syz_open_dev$midi(&(0x7f0000000040)='/dev/midi#\x00', 0x5, 0x80)
ioctl$KVM_GET_DEBUGREGS(r3, 0x8080aea1, &(0x7f0000000a40))
ioctl$VHOST_SET_LOG_BASE(r3, 0x4008af04, &(0x7f0000000ac0)=&(0x7f0000000400))
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))
r4 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x40, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f00000008c0)=0x24, 0x4)
readahead(r4, 0x9, 0x5)
socket$netlink(0x10, 0x3, 0xa)

[  190.375104] binder: 21824:21825 ioctl 40046207 0 returned -16
[  190.449833] binder: undelivered TRANSACTION_ERROR: 29189
[  190.455807] binder: undelivered TRANSACTION_ERROR: 29201
2018/03/30 10:05:16 executing program 3:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x0, 0x4001)
r1 = getpgrp(0x0)
fstatfs(r0, &(0x7f0000000400)=""/6)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
r2 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(r2, 0xc1105518, &(0x7f0000000b40)={{0x2, 0x5, 0x9, 0x0, "54ce354f1939315bb0ab4429a045cc875f958a3d34526701cb9757b73027b27e94873727f6370560c527daae", 0xfffffffffffffff7}, 0x0, 0x0, 0x6, r1, 0x200, 0x0, "ee406587c9bfaeebd1a90f831d7adcc3ac817546860fd51638f78f2b247724cea97b3bf00f7eba0cba89ded3e7d2da12697b634489ca39dd37230702053d9291", &(0x7f0000000000)='/dev/dmmidi#\x00', 0xd, [], [0x97, 0x8, 0x4, 0xfff]})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000040)=""/21)
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}], 0x6, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))
flistxattr(r0, &(0x7f0000000a40)=""/233, 0xe9)

2018/03/30 10:05:16 executing program 0:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
r2 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000a40)={<r3=>0x0, @in={{0x2, 0x4e23, @multicast1=0xe0000001}}}, &(0x7f0000000000)=0x84)
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000480)={r3}, &(0x7f00000004c0)=0x8)
ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000040)=""/21)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000400))
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0x289}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:16 executing program 5:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(0xffffffffffffffff, 0x8040451b, &(0x7f0000000040)=""/21)
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}], 0x4, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}], 0x1, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))
fchmod(r0, 0x8)

2018/03/30 10:05:16 executing program 2:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f0000000000))
r2 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000040)=""/21)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000400))
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0x289}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:16 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:16 executing program 4:
r0 = accept(0xffffffffffffffff, &(0x7f0000000400)=@generic, &(0x7f0000000080)=0x80)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffff9c, 0x84, 0xf, &(0x7f00000007c0)={<r1=>0x0, @in6={{0xa, 0x4e21, 0x1, @local={0xfe, 0x80, [], 0xaa}, 0x2}}, 0x3f, 0x0, 0xff, 0x9}, &(0x7f0000000480)=0x98)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000a40)={r1, @in={{0x2, 0x4e24, @multicast1=0xe0000001}}, 0x6, 0x80000000, 0x413, 0x58e2, 0x4}, &(0x7f00000004c0)=0x98)
r2 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0x8001, 0x0)
r3 = getpgrp(0x0)
clock_nanosleep(0x2, 0x2008000000001, &(0x7f0000000b40)={0x77359400}, &(0x7f0000000b00))
syz_open_dev$dspn(&(0x7f0000000040)='/dev/dsp#\x00', 0xffffffffffffffff, 0x4080)
ioctl$int_in(r2, 0x5473, &(0x7f0000000880)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x4, 0x41010, r2, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
process_vm_readv(r3, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}], 0x1, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:16 executing program 6:
r0 = syz_open_dev$binder(&(0x7f0000236ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
tee(r0, 0xffffffffffffffff, 0x1, 0x4)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
r1 = syz_open_dev$usbmon(&(0x7f00000002c0)='/dev/usbmon#\x00', 0x28, 0x210000)
r2 = syz_genetlink_get_family_id$ipvs(&(0x7f00000005c0)='IPVS\x00')
sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000680)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000640)={&(0x7f0000000600)={0x30, r2, 0x200, 0x70bd2a, 0x25dfdbff, {0xe}, [@IPVS_CMD_ATTR_DAEMON={0x1c, 0x3, [@IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e20}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x9}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x1}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x20000000}, 0x4)
pipe(&(0x7f00000001c0)={<r3=>0xffffffffffffffff})
ioctl$TUNATTACHFILTER(r3, 0x401054d5, &(0x7f0000000580)={0x4, &(0x7f00000004c0)=[{0x5, 0x2, 0x74, 0x4}, {0x0, 0x8000, 0xffffffffffff0001, 0x8}, {0x3, 0x2, 0x8000, 0xffffffffffffff78}, {0x9, 0x7c8a, 0x6, 0x5}]})
getpeername$packet(r3, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @local}, &(0x7f0000000700)=0x14)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008000)={0x44, 0x0, &(0x7f0000004fbc)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x28, 0x10, &(0x7f000026c000)=[@ptr={0x73622a85, 0x0, &(0x7f00004edf8a), 0x1}], &(0x7f000000afd0)=[0x0, 0x0]}}], 0x0, 0x0, &(0x7f0000009000)})
setns(r0, 0x8000000)
r4 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x0, 0x0)
r5 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DEST(r4, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x6c, r5, 0x100, 0x70bd29, 0x25dfdbfb, {0x5}, [@IPVS_CMD_ATTR_DAEMON={0x58, 0x3, [@IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @local={0xfe, 0x80, [], 0xaa}}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @local={0xfe, 0x80, [], 0xaa}}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x1f}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e24}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast2={0xff, 0x2, [], 0x1}}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0x4}, 0x20040004)
syz_open_pts(r4, 0x2000)
r6 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000400)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DEST(r0, &(0x7f0000000540)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x2000400}, 0xc, &(0x7f0000000500)={&(0x7f0000000440)={0x78, r6, 0x0, 0x70bd2c, 0x25dfdbfb, {0x5}, [@IPVS_CMD_ATTR_SERVICE={0x4, 0x1}, @IPVS_CMD_ATTR_DAEMON={0x4c, 0x3, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x4}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e21}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'ipddp0\x00'}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0xffff}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast1={0xff, 0x1, [], 0x1}}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}]}, @IPVS_CMD_ATTR_DEST={0x14, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0xfff}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x9}]}]}, 0x78}, 0x1, 0x0, 0x0, 0x10}, 0x4)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000240)='IPVS\x00')
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000280)=ANY=[@ANYBLOB="80000000"], 0x1}, 0x1, 0x0, 0x0, 0x4}, 0x0)

2018/03/30 10:05:16 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3)
r4 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r5 = dup3(r4, r2, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r6=>r2, 0xfffffffffffffffe})
r7 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r8)
r9 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r5, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r9, &(0x7f0000000180)="15", 0x1)
r10 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r10, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r7, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r2, r4)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r6, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

2018/03/30 10:05:16 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

[  190.712000] binder: 21870:21873 got transaction with invalid offset (0, min 24 max 40) or object.
[  190.721502] binder: 21870:21873 transaction failed 29201/-22, size 40-16 line 3026
2018/03/30 10:05:16 executing program 4:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r1 = getpgrp(0x0)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}], 0x1, 0x0)
ioctl$PIO_FONTRESET(r0, 0x4b6d, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:16 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
r4 = dup3(0xffffffffffffffff, r1, 0xfffffffffffffffd)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>0xffffffffffffffff, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000540)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r9, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000880)=""/67, 0x1b}, {&(0x7f0000000580)=""/141, 0xffffffffffffff34}, {&(0x7f0000000640)=""/240, 0xf0}], 0x2bd, &(0x7f0000000900)=""/174, 0xae, 0x8}, 0x2000)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(0xffffffffffffffff, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000500))
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

2018/03/30 10:05:16 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

[  190.835301] binder: BINDER_SET_CONTEXT_MGR already set
[  190.862119] binder_alloc: 21870: binder_alloc_buf, no vma
[  190.867822] binder: 21870:21894 transaction failed 29189/-3, size 40-16 line 2963
2018/03/30 10:05:16 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f00000008c0)='./file0\x00', 0x4)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r9, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000900)=""/240, 0xf0}], 0x3, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

2018/03/30 10:05:16 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

[  190.895254] binder: 21870:21873 ioctl 40046207 0 returned -16
2018/03/30 10:05:16 executing program 6:
r0 = syz_open_dev$binder(&(0x7f0000236ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
tee(r0, 0xffffffffffffffff, 0x1, 0x4)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
pipe(&(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$TUNATTACHFILTER(r1, 0x401054d5, &(0x7f0000000580)={0x4, &(0x7f00000004c0)=[{0x5, 0x2, 0x74, 0x4}, {0x0, 0x8000, 0xffffffffffff0001, 0x8}, {0x3, 0x2, 0x8000, 0xffffffffffffff78}, {0x9, 0x7c8a, 0x6, 0x5}]})
r3 = dup(r0)
ioctl$BINDER_SET_CONTEXT_MGR(r2, 0x40046207, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r3, 0xc4c85513, &(0x7f0000000700)={{0x1, 0x7, 0x200000000000, 0x0, "d3139be96a2e95c085dbdcfcd2d49ef1f56a5959c6a6e157582aa7ef1a2a2dcfac49b58c32ffde948718a8d6", 0x3}, 0xffffffffffffffde, [0x9, 0x5, 0x3, 0x8, 0x2, 0x7, 0x7fffffff, 0x80, 0x9, 0x7, 0x9e4, 0x10000, 0x6, 0x20, 0x7, 0x8, 0x0, 0x3, 0x0, 0x10000, 0xba, 0xfffffffeffffffff, 0x600000000, 0xf, 0x200, 0x9, 0x10001, 0x6ebc, 0x69f, 0x200000000000, 0xffffffffffffff81, 0x6, 0x7, 0xfa0, 0x81, 0x8000, 0x9, 0x9, 0x7ff, 0x252e, 0x4, 0x7, 0x1, 0x1727, 0x100000001, 0x9, 0x3e94, 0x1c6, 0x800, 0x80000001, 0x4, 0x6, 0x22, 0x3, 0x3, 0x7ff, 0x20, 0x1ff, 0x2, 0x0, 0x9, 0x8, 0x400, 0x6, 0x78e, 0x7, 0x8, 0xcc71, 0x4, 0xfffffffffffffff9, 0x0, 0x2, 0x8001, 0xffff, 0x1, 0x3, 0xfc52, 0x8, 0x5e, 0x7, 0x2, 0xfff, 0x9, 0x3, 0x3, 0x2, 0x20, 0x6, 0x9, 0x1000, 0xfffffffffffffffb, 0x0, 0x73, 0x2, 0x10000, 0x401, 0x9, 0x80000000, 0x5, 0xfffffffffffffffe, 0x4, 0x80000001, 0x2c, 0x200, 0x3, 0x9, 0x9, 0x9, 0x2, 0xffffffffffffff9d, 0x1ff, 0x18b6, 0x5, 0x39b, 0x7, 0x1, 0xffffffffffffff6f, 0x4, 0x200, 0xce2, 0x1, 0x5, 0x3, 0xf8af, 0x57b9b96, 0x2, 0x1f, 0x1]})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008000)={0x44, 0x0, &(0x7f0000004fbc)=ANY=[@ANYBLOB="00634040000000000000000000000000000000000000000000000000000000000000000028000000000000001000000000000000", @ANYPTR=&(0x7f000026c000)=ANY=[@ANYBLOB="852a627300000000", @ANYPTR=&(0x7f00004edf8a)=ANY=[@ANYBLOB='\x00'], @ANYBLOB="010000000000000000000000000000000000000000000000"], @ANYPTR=&(0x7f000000afd0)=ANY=[@ANYBLOB="00000000000200000000000000000000"]], 0x0, 0x0, &(0x7f0000009000)})
setns(r0, 0x8000000)
sendfile(r0, r1, &(0x7f0000000200)=0x54, 0xc24a)
r4 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x0, 0x0)
r5 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DEST(r4, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000140)={&(0x7f00000005c0)=ANY=[@ANYBLOB="b0234832e46c541cfcdc44d419ee31a9c852b6d5bd2118472b2cdea9ae90dfac3e617cdda64fcf86989a263c8940c61ba825b47421975affc38768c46b99512b0c6968e9877783c32cfcc18ee09e97d1f810bb2b472b2f8038d6e5f609ddb3a65b9018442f52318f2193f917fc710fbb105f981959d8cdf652b5b97b10825da75650ae9452230416dead94a82cda9b834da619bffcdca37845f45f4ff7446f0299569716ac244a016f1c1c35e13102c2a3a2d219624debf966f7604b8f660d2926c4144022e2eb6e1733300a509f4c", @ANYRES16=r5, @ANYBLOB="000129bd7000fbdbdf25050000005800030014000600fe8000000000000000000000000000aa080001000000000014000600fe8000000000000000000000000000aa080008001f000000080007004e24000014000600ff020000000000000000000000000001"], 0x6c}, 0x1, 0x0, 0x0, 0x4}, 0x20040004)
syz_open_pts(r4, 0x2000)
r6 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000400)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DEST(r0, &(0x7f0000000540)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x2000400}, 0xc, &(0x7f0000000500)={&(0x7f0000000280)=ANY=[@ANYBLOB='x\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="00002cbd7000fbdbdf2505000000040001004c0003000800030004000000080007004e210000140002006970646470300000000000000000000008000800ff00000014000600fb01000000000000000000000000000108000100030000001400020008000900ff0f00000800070094102744cb09000000"], 0x78}, 0x1, 0x0, 0x0, 0x10}, 0x4)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f00000000c0)={0x7, 0x1, 0x49, 0xccf, <r7=>0x0}, &(0x7f0000000100)=0x10)
getsockopt$inet_sctp_SCTP_MAXSEG(r4, 0x84, 0xd, &(0x7f0000000300)=@assoc_id=r7, &(0x7f0000000340)=0x4)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000240)='IPVS\x00')

[  190.972168] binder: undelivered TRANSACTION_ERROR: 29189
[  190.977990] binder: undelivered TRANSACTION_ERROR: 29201
2018/03/30 10:05:16 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x3c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

[  191.034556] binder: 21921:21923 ioctl c4c85513 20000700 returned -22
[  191.073219] binder: 21921:21923 transaction failed 29189/-22, size 40-16 line 2848
2018/03/30 10:05:17 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000880))
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
connect(r1, &(0x7f00000008c0)=@llc={0x1a, 0x0, 0x5, 0x20, 0x5, 0x5, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3)
r4 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82)
r5 = dup3(r4, r2, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r6=>r2, 0xfffffffffffffffe})
r7 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000940)='/dev/cuse\x00', 0x4001, 0x0)
r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r8)
r9 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r5, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(r9, &(0x7f00000000c0)=ANY=[@ANYPTR=&(0x7f0000000b40)=ANY=[@ANYBLOB="3f0b22d6a0d643926d3e1bf414e8ff81a0aa641e7eb73d4433bd809517ace09a107b389b59795b322b61483e458854fb086c16909bef45e549984b75b59b71ad80a76de7b396480477992da2fd5187b1418d6e4d8a81eeaf21460ae8f1e6cee036b7160619d84c4b1565b2693c706216660f7c9085e390668c74eccc995dcefeb61633ddaafba889cd508b3d9f9cf6c99ff422113f0f01bdd899c6f3ffd7756c1d06c4ad203d2a4e7fa8baec322e32ad815c7313e3fb2f7e530b2c9895dc324d60d2ca50a050e49601286cb4e7878e7faac614014d330fa4b84bd0b5c192e691c3264d59b7509de8ef4e9dbfd1d8b6b2ef29dd09b8abee8f98a11c6c5e7db93139da84fea1e4d775d79acefb645599d94fd74214eae2a9d6f1c68155db2985925c8ff455f167f78e36ca6f04e2b1efe0642e223005011e43aa3680eb11a37453d7d6fd8802e05c4cd4f943ce92fddb46e583a84a1c6bb5f058e24c5cd1e88db69d0002acada4665c41d153d376ddad46db90f7d4b9a8cb62adfaa27649fa693e81f0b5eb9940f23ae7b8", @ANYRES16=r9, @ANYRES64]], 0xfffffda0)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r9, &(0x7f0000000180)="15", 0x1)
r10 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r10, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r7, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r2, r4)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r6, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

[  191.143095] binder: 21921:21923 ioctl c4c85513 20000700 returned -22
[  191.149916] binder: 21921:21934 transaction failed 29189/-22, size 40-16 line 2848
[  191.181642] binder: undelivered TRANSACTION_ERROR: 29189
[  191.187565] binder: undelivered TRANSACTION_ERROR: 29189
2018/03/30 10:05:17 executing program 0:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
r2 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
accept$inet(r0, &(0x7f0000000480)={0x0, 0x0, @loopback}, &(0x7f00000004c0)=0x10)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000040)=""/21)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000400))
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0x289}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))
ioctl$TIOCSSOFTCAR(r0, 0x541a, &(0x7f0000000000)=0x8)

2018/03/30 10:05:17 executing program 6:
r0 = syz_open_dev$binder(&(0x7f0000236ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
tee(r0, 0xffffffffffffffff, 0x1, 0x4)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
pipe(&(0x7f00000001c0)={<r1=>0xffffffffffffffff})
ioctl$TUNATTACHFILTER(r1, 0x401054d5, &(0x7f0000000580)={0x4, &(0x7f00000004c0)=[{0x5, 0x2, 0x74, 0x4}, {0x0, 0x8000, 0xffffffffffff0001, 0x8}, {0x3, 0x2, 0x8000, 0xffffffffffffff78}, {0x9, 0x7c8a, 0x6, 0x5}]})
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008000)={0x44, 0x0, &(0x7f0000004fbc)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x28, 0x10, &(0x7f000026c000)=[@ptr={0x73622a85, 0x0, &(0x7f00004edf8a), 0x1}], &(0x7f000000afd0)=[0x0, 0x0]}}], 0x0, 0x0, &(0x7f0000009000)})
setns(r0, 0x8000000)
r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000300)='/dev/vga_arbiter\x00', 0x4, 0x0)
r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DEST(r2, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x6c, r3, 0x100, 0x70bd29, 0x25dfdbfb, {0x5}, [@IPVS_CMD_ATTR_DAEMON={0x58, 0x3, [@IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @local={0xfe, 0x80, [], 0xaa}}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @local={0xfe, 0x80, [], 0xaa}}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x1f}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e24}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast2={0xff, 0x2, [], 0x1}}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0x4}, 0x20040004)
syz_open_pts(r2, 0x2000)
r4 = getpgid(0x0)
ioprio_set$pid(0x2, r4, 0x0)
r5 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000400)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DEST(r0, &(0x7f0000000540)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x2000400}, 0xc, &(0x7f0000000500)={&(0x7f0000000440)={0x78, r5, 0x0, 0x70bd2c, 0x25dfdbfb, {0x5}, [@IPVS_CMD_ATTR_SERVICE={0x4, 0x1}, @IPVS_CMD_ATTR_DAEMON={0x4c, 0x3, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x4}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e21}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'ipddp0\x00'}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0xffff}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast1={0xff, 0x1, [], 0x1}}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}]}, @IPVS_CMD_ATTR_DEST={0x14, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0xfff}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x9}]}]}, 0x78}, 0x1, 0x0, 0x0, 0x10}, 0x4)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000240)='IPVS\x00')
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000280)=ANY=[@ANYBLOB="80000000"], 0x1}, 0x1, 0x0, 0x0, 0x4}, 0x0)

2018/03/30 10:05:17 executing program 4:
syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r0 = getpgrp(0x0)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
r1 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
process_vm_readv(r0, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}], 0x1, 0x0)
setsockopt$inet_sctp6_SCTP_AUTOCLOSE(r1, 0x84, 0x4, &(0x7f0000000000)=0x3ff, 0x4)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:17 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x3c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:17 executing program 3:
syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x0, 0x4001)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000a2f000)=0x9)
clock_nanosleep(0x800000, 0x0, &(0x7f0000000000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
r1 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
migrate_pages(r0, 0x7, &(0x7f0000000400)=0x9, &(0x7f0000000480)=0x10)
ioctl$EVIOCGSW(r1, 0x8040451b, &(0x7f0000000040)=""/21)
process_vm_readv(r0, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}], 0x6, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:17 executing program 5:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
ioctl$TIOCSPGRP(r0, 0x5410, &(0x7f00000003c0)=r1)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(0xffffffffffffffff, 0x8040451b, &(0x7f0000000040)=""/21)
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}], 0x4, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}], 0x1, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))
getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000340)={'filter\x00'}, &(0x7f0000000000)=0x78)

2018/03/30 10:05:17 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000880)='/dev/autofs\x00', 0x40400, 0x0)
r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop-control\x00', 0x10000, 0x0)
r3 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r3)
r4 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82)
r5 = dup3(r4, r2, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000080)={0x3, <r6=>r5, 0x1})
r7 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000980)='/dev/cuse\x00', 0x2000047fe, 0x0)
r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r8)
r9 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r5, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r9, &(0x7f0000000180)="15", 0x1)
r10 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r10, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r7, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r2, r6)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r6, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

2018/03/30 10:05:17 executing program 2:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
r2 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000040)=""/21)
openat$ipvs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/sys/net/ipv4/vs/sync_persist_mode\x00', 0x2, 0x0)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000400))
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0x289}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))
ioctl$KVM_GET_DEVICE_ATTR(r2, 0x4018aee2, &(0x7f0000000480)={0x0, 0x8000, 0x8})

2018/03/30 10:05:17 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r9, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r9, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

2018/03/30 10:05:17 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x3c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

[  191.563653] binder: 21955:21957 got transaction with invalid offset (0, min 24 max 40) or object.
[  191.576880] binder: 21955:21957 transaction failed 29201/-22, size 40-16 line 3026
[  191.659063] binder_alloc: 21955: binder_alloc_buf, no vma
[  191.664776] binder: 21955:21976 transaction failed 29189/-3, size 40-16 line 2963
[  191.691905] binder: BINDER_SET_CONTEXT_MGR already set
2018/03/30 10:05:17 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x0, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

[  191.708174] binder: 21955:21957 ioctl 40046207 0 returned -16
2018/03/30 10:05:17 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f00000008c0)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x400200, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
dup3(r0, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r4=>r1, 0xfffffffffffffffe})
r5 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r6)
r7 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r7, &(0x7f0000000180)="15", 0x1)
r8 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r8, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r5, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r4, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

2018/03/30 10:05:17 executing program 6:
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000300)='/dev/autofs\x00', 0x40000, 0x0)
setsockopt$inet_sctp_SCTP_AUTOCLOSE(r0, 0x84, 0x4, &(0x7f0000000600)=0x8, 0x4)
r1 = syz_open_dev$binder(&(0x7f0000236ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
tee(r1, 0xffffffffffffffff, 0x1, 0x4)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x20011, r1, 0x0)
pipe(&(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$TUNATTACHFILTER(r2, 0x401054d5, &(0x7f0000000580)={0x4, &(0x7f00000004c0)=[{0x5, 0x2, 0x74, 0x4}, {0x0, 0x8000, 0xffffffffffff0001, 0x8}, {0x3, 0x2, 0x8000, 0xffffffffffffff78}, {0x9, 0x7c8a, 0x6, 0x5}]})
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000008000)={0x44, 0x0, &(0x7f0000004fbc)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x28, 0x10, &(0x7f000026c000)=[@ptr={0x73622a85, 0x0, &(0x7f00004edf8a), 0x1}], &(0x7f000000afd0)=[0x0, 0x0]}}], 0x0, 0x0, &(0x7f0000009000)})
getsockopt$bt_rfcomm_RFCOMM_LM(r3, 0x12, 0x3, &(0x7f0000000640), &(0x7f0000000700)=0x4)
setns(r1, 0x8000000)
r4 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x0, 0x0)
r5 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00')
ioctl$KVM_GET_PIT2(r4, 0x8070ae9f, &(0x7f0000000680))
ioctl$KVM_KVMCLOCK_CTRL(r2, 0xaead)
sendmsg$IPVS_CMD_NEW_DEST(r4, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB='\x00\x00', @ANYRES16=r5, @ANYBLOB="000129bd7000fbdbdf25050000005800030014000600fe8000000000000000000000000000aa080001000000000014000600fe8000000000000000000000000000aa080008001f000000080007004e24000014000600ff020000000000000000000000000001"], 0x6c}, 0x1, 0x0, 0x0, 0x4}, 0x20040004)
r6 = openat$vcs(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/vcs\x00', 0x414100, 0x0)
syz_open_pts(r6, 0x2000)
ioctl$KDGETKEYCODE(r6, 0x4b4c, &(0x7f00000002c0)={0x9, 0x3})
r7 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000400)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DEST(r1, &(0x7f0000000540)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x2000400}, 0xc, &(0x7f0000000500)={&(0x7f0000000440)={0x78, r7, 0x0, 0x70bd2c, 0x25dfdbfb, {0x5}, [@IPVS_CMD_ATTR_SERVICE={0x4, 0x1}, @IPVS_CMD_ATTR_DAEMON={0x4c, 0x3, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x4}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e21}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'ipddp0\x00'}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0xffff}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast1={0xff, 0x1, [], 0x1}}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}]}, @IPVS_CMD_ATTR_DEST={0x14, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0xfff}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x9}]}]}, 0x78}, 0x1, 0x0, 0x0, 0x10}, 0x4)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000240)='IPVS\x00')
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000280)=ANY=[@ANYBLOB="80000000"], 0x1}, 0x1, 0x0, 0x0, 0x4}, 0x0)

[  191.799335] binder: undelivered TRANSACTION_ERROR: 29201
[  191.810151] binder: undelivered TRANSACTION_ERROR: 29189
[  191.822849] binder: 22000:22001 got transaction with invalid offset (0, min 24 max 40) or object.
2018/03/30 10:05:17 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x0, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:17 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(r5, &(0x7f0000000100)=ANY=[], 0x0)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r7, 0x1100000000, 0x401, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000880)=0x14)

[  191.856205] binder: 22000:22001 transaction failed 29201/-22, size 40-16 line 3026
2018/03/30 10:05:17 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x0, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

[  191.974833] binder: BINDER_SET_CONTEXT_MGR already set
[  191.984905] binder_alloc: 22000: binder_alloc_buf, no vma
[  191.990570] binder: 22000:22005 transaction failed 29189/-3, size 40-16 line 2963
[  192.035319] binder: 22000:22001 ioctl 40046207 0 returned -16
[  192.089990] binder: undelivered TRANSACTION_ERROR: 29189
[  192.095887] binder: undelivered TRANSACTION_ERROR: 29201
2018/03/30 10:05:18 executing program 2:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
r2 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
getsockopt$inet_tcp_int(r2, 0x6, 0x1f, &(0x7f0000000480), &(0x7f00000004c0)=0x4)
ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000040)=""/21)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000400))
openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x8000, 0x0)
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0x289}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:18 executing program 3:
syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x0, 0x4001)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000a2f000)=0x9)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
r1 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
waitid(0x2, r0, 0x0, 0x2, &(0x7f0000000a40))
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(r1, 0x8040451b, &(0x7f0000000040)=""/21)
process_vm_readv(r0, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}], 0x6, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:18 executing program 4:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
gettid()
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000400)={<r1=>0x0}, &(0x7f00000007c0)=0xc)
r2 = getpgrp(r1)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
r3 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$KVM_GET_DIRTY_LOG(r0, 0x4010ae42, &(0x7f0000000040)={0x101fd, 0x0, &(0x7f0000a72000/0x13000)=nil})
r4 = accept4(r3, 0x0, &(0x7f0000000000), 0x80000)
process_vm_readv(r2, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}], 0x1, 0x0)
ioctl$sock_inet_SIOCSARP(r4, 0x8955, &(0x7f0000000480)={{0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, {0x306, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xf}}, 0xa, {0x2, 0x4e23, @local={0xac, 0x14, 0x14, 0xaa}}, 'teql0\x00'})
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1)

2018/03/30 10:05:18 executing program 6:
r0 = syz_open_dev$binder(&(0x7f0000236ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
tee(r0, 0xffffffffffffffff, 0x1, 0x4)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
pipe(&(0x7f00000001c0)={<r1=>0xffffffffffffffff})
ioctl$TUNATTACHFILTER(r1, 0x401054d5, &(0x7f0000000580)={0x4, &(0x7f00000004c0)=[{0x5, 0x2, 0x74, 0x4}, {0x0, 0x8000, 0xffffffffffff0001, 0x8}, {0x3, 0x2, 0x8000, 0xffffffffffffff78}, {0x9, 0x7c8a, 0x6, 0x5}]})
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008000)={0x44, 0x0, &(0x7f0000004fbc)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x28, 0x10, &(0x7f000026c000)=[@ptr={0x73622a85, 0x0, &(0x7f00004edf8a), 0x1}], &(0x7f000000afd0)=[0x0, 0x0]}}], 0x0, 0x0, &(0x7f0000009000)})
setns(r0, 0x8000000)
r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x0, 0x0)
r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DEST(r2, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x6c, r3, 0x100, 0x70bd29, 0x25dfdbfb, {0x5}, [@IPVS_CMD_ATTR_DAEMON={0x58, 0x3, [@IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @local={0xfe, 0x80, [], 0xaa}}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @local={0xfe, 0x80, [], 0xaa}}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x1f}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e24}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast2={0xff, 0x2, [], 0x1}}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0x4}, 0x20040004)
syz_open_pts(r2, 0x2000)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000400)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DEST(r0, &(0x7f0000000540)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x2000400}, 0xc, &(0x7f0000000500)={&(0x7f00000002c0)=ANY=[@ANYBLOB='x\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="00002cbd7000fbdbdf250500000004003e3301004c00030008000300040000000a0007004e0e0000140002006970646470300000000000000000000008000800ff00000014000600ff01000000000000000000000000000108000100010000001400020008000900ff0f00000800070009000000"], 0x78}, 0x1, 0x0, 0x0, 0x10}, 0x4)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000240)='IPVS\x00')
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000280)=ANY=[@ANYBLOB="80000000"], 0x1}, 0x1, 0x0, 0x0, 0x4}, 0x0)

2018/03/30 10:05:18 executing program 5:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
stat(&(0x7f0000000000)='./file0\x00', &(0x7f0000000340))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
setsockopt$IP_VS_SO_SET_EDITDEST(r0, 0x0, 0x489, &(0x7f00000003c0)={{0x3a, @rand_addr=0x3, 0x4e23, 0x4, 'lblc\x00', 0x1, 0x7, 0x21}, {@rand_addr=0x8, 0x4e21, 0x3, 0x400, 0x1ff, 0x8001}}, 0x44)
ioctl$EVIOCGSW(0xffffffffffffffff, 0x8040451b, &(0x7f0000000040)=""/21)
r2 = geteuid()
setfsuid(r2)
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}], 0x4, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}], 0x1, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:18 executing program 7:
r0 = eventfd2(0x20, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, r1, 0xfffffffffffffffe})
r5 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r6)
r7 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r7, &(0x7f0000000180)="15", 0x1)
r8 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r8, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r5, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
personality(0xc40000d)
ppoll(&(0x7f00000000c0), 0x0, &(0x7f0000000100), &(0x7f0000000140), 0x8)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)

2018/03/30 10:05:18 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x3c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:18 executing program 0:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
r2 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000480)=""/21)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000400))
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000b40)=""/202, 0xca}, {&(0x7f0000000a40)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
io_setup(0x0, &(0x7f0000000000))
wait4(0x0, &(0x7f00000000c0), 0x400000000, &(0x7f0000000100))

[  192.379475] binder: 22039:22047 got transaction with invalid offset (0, min 24 max 40) or object.
[  192.388872] binder: 22039:22047 transaction failed 29201/-22, size 40-16 line 3026
2018/03/30 10:05:18 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x3c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:18 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r9, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740), 0x0, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

2018/03/30 10:05:18 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x3c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

[  192.498417] binder: BINDER_SET_CONTEXT_MGR already set
[  192.511751] binder_alloc: 22039: binder_alloc_buf, no vma
[  192.517437] binder: 22039:22058 transaction failed 29189/-3, size 40-16 line 2963
[  192.521324] binder: 22039:22047 ioctl 40046207 0 returned -16
2018/03/30 10:05:18 executing program 6:
r0 = syz_open_dev$binder(&(0x7f0000236ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
tee(r0, 0xffffffffffffffff, 0x1, 0x4)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0)
pipe(&(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$TUNATTACHFILTER(r1, 0x401054d5, &(0x7f0000000580)={0x4, &(0x7f00000004c0)=[{0x5, 0x2, 0x74, 0x4}, {0x0, 0x8000, 0xffffffffffff0001, 0x8}, {0x3, 0x2, 0x8000, 0xffffffffffffff78}, {0x9, 0x7c8a, 0x6, 0x5}]})
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000008000)={0x44, 0x0, &(0x7f0000004fbc)=[@transaction={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x28, 0x10, &(0x7f000026c000)=[@ptr={0x73622a85, 0x0, &(0x7f00004edf8a), 0x1}], &(0x7f000000afd0)=[0x0, 0x0]}}], 0x0, 0x0, &(0x7f0000009000)})
setns(r0, 0x8000000)
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x0, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DEST(r3, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x6c, r4, 0x100, 0x70bd29, 0x25dfdbfb, {0x5}, [@IPVS_CMD_ATTR_DAEMON={0x58, 0x3, [@IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @local={0xfe, 0x80, [], 0xaa}}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @local={0xfe, 0x80, [], 0xaa}}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x1f}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e24}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast2={0xff, 0x2, [], 0x1}}]}]}, 0x6c}, 0x1, 0x0, 0x0, 0x4}, 0x20040004)
r5 = syz_open_pts(r3, 0x2000)
ioctl$BINDER_GET_NODE_DEBUG_INFO(r2, 0xc018620b, &(0x7f00000005c0)={<r6=>0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000006c0)={0x80, 0x0, &(0x7f0000000600)=[@exit_looper={0x630d}, @clear_death={0x400c630f, 0x1, 0x4}, @exit_looper={0x630d}, @transaction={0x40406300, {0x2, 0x0, 0x3, 0x0, 0x1, 0x0, 0x0, 0x18, 0x30, &(0x7f00000002c0)=[@fd={0x66642a85, 0x0, r5, 0x0, 0x1}], &(0x7f0000000300)=[0x28, 0x20, 0x20, 0x40, 0x30, 0x28]}}, @acquire={0x40046305}, @increfs_done={0x40106308, r6, 0x4}, @enter_looper={0x630c}, @register_looper={0x630b}], 0x24, 0x0, &(0x7f0000000680)="ea86c31aa84b4ab2af8322c9a0cf31526bcabd15681054bca595efb4533e968b3763aff9"})
r7 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000400)='IPVS\x00')
fchdir(r3)
sendmsg$IPVS_CMD_NEW_DEST(r0, &(0x7f0000000540)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x2000400}, 0xc, &(0x7f0000000500)={&(0x7f0000000440)={0x78, r7, 0x0, 0x70bd2c, 0x25dfdbfb, {0x5}, [@IPVS_CMD_ATTR_SERVICE={0x4, 0x1}, @IPVS_CMD_ATTR_DAEMON={0x4c, 0x3, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x4}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e21}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'ipddp0\x00'}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0xffff}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast1={0xff, 0x1, [], 0x1}}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}]}, @IPVS_CMD_ATTR_DEST={0x14, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0xfff}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x9}]}]}, 0x78}, 0x1, 0x0, 0x0, 0x10}, 0x4)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000240)='IPVS\x00')
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000280)=ANY=[@ANYBLOB="80000000"], 0x1}, 0x1, 0x0, 0x0, 0x4}, 0x0)

2018/03/30 10:05:18 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r9, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

2018/03/30 10:05:18 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

[  192.621466] binder: undelivered TRANSACTION_ERROR: 29189
[  192.627835] binder: undelivered TRANSACTION_ERROR: 29201
[  192.646502] binder: 22087:22088 got transaction with invalid offset (0, min 24 max 40) or object.
[  192.687180] binder: 22087:22088 transaction failed 29201/-22, size 40-16 line 3026
2018/03/30 10:05:18 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:18 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffa})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r9, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

[  192.750700] binder: 22087:22088 ioctl c0306201 200006c0 returned -14
[  192.825777] binder: BINDER_SET_CONTEXT_MGR already set
[  192.831452] binder_alloc: 22087: binder_alloc_buf, no vma
[  192.837079] binder: 22087:22111 transaction failed 29189/-3, size 40-16 line 2963
[  192.849603] binder: 22087:22088 ioctl 40046207 0 returned -16
[  192.886675] binder: 22087:22088 ioctl c0306201 200006c0 returned -14
[  192.961736] binder: undelivered TRANSACTION_ERROR: 29189
[  192.967577] binder: undelivered TRANSACTION_ERROR: 29201
2018/03/30 10:05:18 executing program 2:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
r2 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000040)=""/21)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000400))
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0x289}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/sequencer\x00', 0x20000, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))
accept$ipx(r0, &(0x7f0000000000), &(0x7f0000000480)=0x10)
ioctl$GIO_FONTX(r0, 0x4b6b, &(0x7f0000000a40)=""/215)

2018/03/30 10:05:19 executing program 0:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
r2 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0x0)
r3 = inotify_add_watch(r2, &(0x7f0000000000)='./file0\x00', 0x0)
inotify_rm_watch(r2, r3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000040)=""/21)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000400))
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0x289}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:19 executing program 4:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r1 = getpgrp(0x0)
open$dir(&(0x7f0000000040)='./file0\x00', 0x10000, 0x45)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
r2 = syz_open_dev$dspn(&(0x7f0000000a80)='/dev/dsp#\x00', 0x4, 0xfffffffffffffffc)
sched_setparam(r1, &(0x7f00000008c0)=0x7720000000000000)
ioctl$KVM_ARM_SET_DEVICE_ADDR(r2, 0x4010aeab, &(0x7f0000000000)={0x4, 0x7000})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
mkdirat(r0, &(0x7f0000000880)='./file0\x00', 0x40)
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}], 0x1, 0x0)
getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f00000007c0)={<r3=>0x0, @in={{0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x10}}}, 0x3, 0x7972}, &(0x7f00000000c0)=0x90)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000480)={0x6, 0x4, 0x0, 0x0, r3}, &(0x7f00000004c0)=0x10)
wait4(0x0, &(0x7f0000000400), 0x0, &(0x7f0000000100))
bind$vsock_dgram(r0, &(0x7f0000000440)={0x28, 0x0, 0xffffffff, @hyper}, 0x10)

2018/03/30 10:05:19 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:19 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r9, 0x0, 0xffff, 0x9)
socket(0xb, 0x806, 0x87b)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

2018/03/30 10:05:19 executing program 6:
r0 = socket(0x1e, 0x1, 0x4000000000000000)
getsockopt(r0, 0x10f, 0x82, &(0x7f0000000040)=""/4, &(0x7f0000000ffc)=0x4)
getsockopt$netrom_NETROM_N2(r0, 0x103, 0x3, &(0x7f0000000000)=0x10000, &(0x7f0000000080)=0x4)

2018/03/30 10:05:19 executing program 3:
syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x0, 0x4001)
r0 = getpgrp(0x0)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
r1 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(r1, 0x8040451b, &(0x7f0000000040)=""/21)
process_vm_readv(r0, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}], 0x6, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:19 executing program 5:
mremap(&(0x7f00005ed000/0x1000)=nil, 0x1000, 0x1000, 0x2, &(0x7f00006fc000/0x1000)=nil)
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r1 = getpgrp(0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r0, 0x402c5342, &(0x7f0000000340)={0x9, 0x5, 0x4452, {}, 0x2, 0x6ef})
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
clock_nanosleep(0x6, 0xfffffffffffffffc, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
chdir(&(0x7f00000003c0)='./file0\x00')
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(0xffffffffffffffff, 0x8040451b, &(0x7f0000000040)=""/21)
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}], 0x4, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}], 0x1, 0x0)
mmap(&(0x7f000095f000/0x4000)=nil, 0x4000, 0x4, 0x20010, r0, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))
write$eventfd(r0, &(0x7f0000000000)=0x6, 0x8)

2018/03/30 10:05:19 executing program 6:
r0 = dup3(0xffffffffffffff9c, 0xffffffffffffff9c, 0x80000)
openat(r0, &(0x7f0000000040)='./file0\x00', 0x1d3401, 0x8)
ioctl$TIOCGPGRP(0xffffffffffffff9c, 0x540f, &(0x7f0000000000)=<r1=>0x0)
timer_create(0x1, &(0x7f0000b2ffa0)={0x0, 0x0, 0x1, @tid=r1}, &(0x7f000029effc))
timer_settime(0x0, 0x0, &(0x7f0000031fe0)={{}, {0x0, 0x1c9c380}}, &(0x7f0000cbde6c))
r2 = open(&(0x7f00000014c0)='./file0\x00', 0x101000, 0x80)
accept4$packet(0xffffffffffffff9c, &(0x7f0000001500)={0x0, 0x0, <r3=>0x0, 0x0, 0x0, 0x0, @local}, &(0x7f0000001540)=0x14, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000001580)={'bridge0\x00', r3})

2018/03/30 10:05:19 executing program 6:
r0 = syz_open_dev$sndseq(&(0x7f0000ff0ff3)='/dev/snd/seq\x00', 0x0, 0x0)
read(r0, &(0x7f0000fb6000)=""/28, 0x1c)
r1 = dup2(r0, r0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000418f50)={{0x80}, "0a4ceaa05d9a00000000000000039b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42f376589701a4", 0xa9824f69d1376637, 0x10800a})
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f000019ffe9)={0xc1})
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r1, r1, 0x7, 0x3}, 0x10)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(0xffffffffffffffff, 0xc0a85320, &(0x7f00000001c0)={{}, 'port1\x00'})
ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(0xffffffffffffffff, 0x40a85321, &(0x7f0000000000)={{}, 'port1\x00'})
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_INFO(r0, 0xc0bc5310, &(0x7f0000000280))
r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000fdbff0)='/dev/sequencer2\x00', 0x0, 0x0)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000340)='dummy0\x00', 0x10)
symlinkat(&(0x7f0000000400)='./file0\x00', r1, &(0x7f0000000440)='./file0\x00')

2018/03/30 10:05:19 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:19 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r4=>r1, 0xfffffffffffffffe})
r5 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r6)
r7 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r7, &(0x7f0000000180)="15", 0x1)
r8 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r8, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r5, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r4, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

2018/03/30 10:05:19 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:19 executing program 6:
r0 = syz_open_procfs(0x0, &(0x7f0000d69ff7)='net/unix\x00')
madvise(&(0x7f0000c0f000/0x3000)=nil, 0x3000, 0x2000000000003)
ioctl$LOOP_CHANGE_FD(r0, 0x4c06, r0)
ioctl$LOOP_SET_BLOCK_SIZE(r0, 0x4c09, 0xffff)
syz_open_dev$urandom(&(0x7f00000001c0)='/dev/urandom\x00', 0x0, 0x400000)
clone(0x0, &(0x7f0000001f37), &(0x7f0000000040), &(0x7f0000001000), &(0x7f0000007000))
ioctl$DRM_IOCTL_MODE_SETCRTC(r0, 0xc06864a2, &(0x7f0000000280)={&(0x7f0000000000)=[0x3, 0x4], 0x2, 0x1, 0x10001, 0x40000, 0x6, 0xffffffff00000001, {0x81, 0x1, 0x0, 0x9, 0x8001, 0x4961cce9, 0xffffffffffff7106, 0x564, 0x5, 0x2bda, 0x5df5, 0x80000000000000, 0x1f, 0x8, "286dedf9ab4eec0234d1b8972e30564d1c62924ba7df4e99dc0f83449ee0e054"}})
ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000800)=0x8007f)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000440)={<r1=>0x0, @in6={{0xa, 0x4e23, 0x7}}, 0x6, 0x1ec}, &(0x7f00000000c0)=0x90)
r2 = socket$inet(0x2, 0x5, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r2, 0x0, 0x80, &(0x7f0000001440)=@broute={'broute\x00', 0x20, 0x2, 0x2a8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20001180], 0x0, &(0x7f00000000c0), &(0x7f0000001180)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, [{{{0x9, 0x0, 0x0, 'ipddp0\x00', 'vcan0\x00', 'ip_vti0\x00', 'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2}, [], @link_local={0x1, 0x80, 0xc2}, [], 0x70, 0xf0, 0x140}, [@common=@dnat={'dnat\x00', 0x10, {{@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, 0xfffffffffffffffc}}}, @common=@RATEEST={'RATEEST\x00', 0x20, {{'syz1\x00'}}}]}, @common=@LED={'LED\x00', 0x28, {{'syz0\x00'}}}}, {{{0x5, 0x0, 0x0, 'gretap0\x00', 'eql\x00', 'ifb0\x00', 'dummy0\x00', @link_local={0x1, 0x80, 0xc2}, [], @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, [], 0x70, 0xa0, 0xd8}, [@common=@CONNSECMARK={'CONNSECMARK\x00', 0x8}]}, @common=@mark={'mark\x00', 0x10}}]}]}, 0x320)
syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x0, 0x2)
setsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000200)={0x80000001, 0x8, 0x1, 0x8000, 0x9, 0x0, 0xfffffffffffffff9, 0x9, r1}, 0x20)
setsockopt$IP_VS_SO_SET_EDITDEST(r2, 0x0, 0x489, &(0x7f0000000940)={{0x3f, @loopback=0x7f000001, 0x4e20, 0x0, 'wlc\x00', 0x4, 0xfffffffffffffffb, 0x51}, {@loopback=0x7f000001, 0x4e20, 0x3, 0x20, 0x8, 0xfffffffffffffff8}}, 0x44)
getsockopt$inet6_dccp_buf(0xffffffffffffffff, 0x21, 0xcd, &(0x7f0000000100)=""/186, &(0x7f0000000080)=0xba)
getsockopt$inet_opts(r0, 0x0, 0x9, &(0x7f0000000840)=""/255, &(0x7f0000000300)=0xff)
madvise(&(0x7f000092d000/0x400000)=nil, 0x400000, 0x10200000008)
ioctl$KVM_ARM_SET_DEVICE_ADDR(r0, 0x4010aeab, &(0x7f0000000240)={0x6, 0x107000})
write$cgroup_int(r0, &(0x7f0000000540)=ANY=[@ANYRES64=r0, @ANYRES64, @ANYRES64, @ANYBLOB="21a51b1494a306fda8cca89cd8b30a01e704ee74da8ff93e78eb2d7a13bba1a1f78826ee7677ddf5b7a01da4bb8787ee2d012f768f25425144a32feeabde829b44c282349dee0400000000000000420cd5d561c93b72c15a2efd6baf01177e5685a82a8565163dabfa7f71404afd9e687635fde43eb98f97ab90c9ed7c669e027237a415903cc2a09d352e1116d162aec34147df9a10c60000000000000000e67f959d59cb88e526f1000154fda642bf3337f848e2fe88f8327084357396bbb40809c7dd26a967ecaf97bb86a29e6919031d9b65aa309e288f603f46bd312ae74301644ec2d8a39cd21688551539d25681e752a001b7fc757aabf460a1a382e28d51501c92a0fdf9eb16521d007a9fda280c7a3100bfa3383dbd9e17fafb512a8d00de5280989d05c3b74b77b21dc33d70716bd89f47aedfdd2d5059eb61759fd7e0f0636c14b6174205476fc9205a0c708e7da2d1abcfad3a5f513fb3b00415ab974af27d41cb1e68c2a7b2300034f55733cd4ca184136e11b5d87b86b44514b871b1eb75ec6f5f0ebde44dfb41a0d521815b5b650327553af06aae32cf36c4eabdb9b297bba3683018554f0f0d21392764a4000000000000000000d60000000000008f6afdcb3305c88b867293e73330abf24ba2b4671bd2cb4fd6ab7ac0ff604bb3645f8f67ab582368f6ca5b869b93938e7c4ee212ff2cb208cdd75e12fb3477acb398b3b042275de559b0600046970e92ca094500e2f740b33b6420d1c4b431eda7822589d847e9eea5a835656cd0f4e82ed24177578c24dc15050b1587001df8f5aaf3601dd71bed72f1993f55e6e38bf61f88a01992ac46"], 0x273)
getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000340)={0x0, @in6={{0xa, 0x4e22, 0x400, @ipv4={[], [0xff, 0xff]}}}, 0x2, 0xff}, &(0x7f0000000500)=0x90)
ioctl$TCGETS(r0, 0x5401, &(0x7f0000000400))

2018/03/30 10:05:19 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r9, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
setsockopt$inet_msfilter(r8, 0x0, 0x29, &(0x7f0000000880)={@broadcast=0xffffffff, @dev={0xac, 0x14, 0x14, 0x12}, 0x0, 0x1, [@multicast1=0xe0000001]}, 0x14)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

2018/03/30 10:05:19 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

[  193.467653] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'broute'
[  193.512148] IPVS: set_ctl: invalid protocol: 63 127.0.0.1:20000 wlc
[  193.561930] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'broute'
[  193.614653] IPVS: set_ctl: invalid protocol: 63 127.0.0.1:20000 wlc
2018/03/30 10:05:19 executing program 2:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000000))
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000480), &(0x7f00000004c0)=0xc)
getpid()
fcntl$getownex(r0, 0x10, &(0x7f00000008c0))
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000a40)=<r1=>0x0)
r2 = getpgrp(r1)
sched_setaffinity(r2, 0x8, &(0x7f0000a2f000)=0x9)
r3 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(r3, 0x8040451b, &(0x7f0000000040)=""/21)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000400))
process_vm_readv(r2, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0x289}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:19 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:19 executing program 7:
r0 = eventfd2(0x200000008, 0x40000000003)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
r4 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r5 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r6=>r1, 0xfffffffffffffffe})
r7 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0x200002, 0x0)
fchdir(r8)
r9 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r5, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000980)=ANY=[@ANYPTR64, @ANYRES64=r4, @ANYPTR, @ANYPTR=&(0x7f00000008c0)=ANY=[@ANYBLOB="64beb720e09774fcd2fb16420239964e3b523412e8bdc0e42e674a3ce379d109b4b5ad05573b1b0ab7aa8f678206f280b1de61196e8d9a648ebc368aecbabed6620a4897b71232b65bd8c95e761ae1986cf59e776046b3e8ce939b82ab5a466f7d6828fda8327a0d52be6ac5592ef99d25d6cc3f0cec0b81521db7d7cd93d6eb77f3cf0020bc162d1a7bfc642019c917783015ceca99062d89aa29ba"], @ANYRES32=r6], 0x24)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r9, &(0x7f0000000180)="15", 0x1)
r10 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r10, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r7, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r6, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x8001, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000880)=0x14)

2018/03/30 10:05:19 executing program 6:
r0 = socket$inet6(0xa, 0x1, 0x8010000000000084)
socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000000))
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000280)={0x0, @in6={{0xa}}}, 0x47)

2018/03/30 10:05:19 executing program 3:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x0, 0x4001)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
socketpair$inet6_tcp(0xa, 0x1, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff})
r3 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0x940)
setsockopt$IP_VS_SO_SET_TIMEOUT(r3, 0x0, 0x48a, &(0x7f00000008c0)={0x9, 0x3ff, 0x29}, 0xc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(r3, 0x8040451b, &(0x7f0000000040)=""/21)
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}], 0x6, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000a40)={<r4=>0x0, @in={{0x2, 0x4e23, @multicast1=0xe0000001}}}, &(0x7f0000000400)=0x84)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000b00)={"e2fe778422474e21dad5885565ac52a6a498853071dca8d0b0cb6b6d3e29704f2ec2f2c128ddcd2de420c423517bf4634ae4f71d1460e2427d0ae7f3d3187af5a8cf4a9cbd7405109a25e40e3e0ca62b32a64a64a09d38a91d40f999f33ac909a09c949da3f39067f83b80edb565bb81759cc030060d32f2670337806b7f6faa454e1fcef98eaad4d5a01174ca3c8d6185cb3354ecfd45559c88caddfcc9d513e330d7368388540013ed6f74f10369b76d4727c9ad32bd20d701fcd810ef85cde488ebaec733735681315c8400848c6e511e65bd3c4625b310f0ee795beecbef66a9410e818246351a6b485f79db801f1b66c656e0b66242b53aead79285e52dfb10314299675da29609b829e433e6b8de93aabbadc28d1ba83a6b12929affbaa86f30dde8a2045b4e4552a395356075b0f3e9cc70028b1b8cb046ebb98bee4592d0cba26d4a5139d52e3b4b3e8a8645e3e834d1667d23f1e24334682bb8e869d7b41b90ebaf724ee115d025bd6b5f98b21cd785ac22ad9c22811a53d48840cdebf1ff04bad1460f298b0b3986a8110053597ae1d1c5255bf483d393887b8b292ac72a5a275420055f6a893bb361cc25971ed7fd3cfdcc7fd2161b18859bf3f8cb636866c1c5f6d4a716fefc5a2ef6f5c8c0dccd751add748fb4711584ac3a06359864e01808e054e65968b775ecc40dd09012f306ac4d21a43acd65130f53a1287a684b0d448c06be7211aa29dabd12de248317c4ae8229ccc75fa321c258bbd73323071a761d07285cf76d9faeb422a6271e6c3ffd3806b9396754257ee2ec32d468f0ebb73916742b7b0195c1ec643fdf49712a8b680623c9c356f8c40d68445b6c5619b59efdc66a9899147e5f8c025de48d6c948023194c830e4e2ebb8e5aa4dd00627a5092bde6a56bcfc8ec8bb1e30e14659c14c419117edf51009ebad09df63756d6d5bf81d991119f2ea7becf752bcbf75ffd3e4658037d757d6b6dc22bbb7bf0cd65c4bb5203d07e401d68958b936f73f3b75ed7df966a7ccad83b44e88ed65b1fefb215a0293c51110ebfd169ed50dd5e5d7dddb03665814b00a73da8c6957b5bad600f14afbf697dc6c0e95044167dca646407ba4a2299afa8a19ac9d24b4a3805035a284c5f28ae31aad93df1604d3f2a2ef817d6535b6b9e1bcce735a0ef853352710298e030a69efd53f82b49a64dfaee505f030d867aefe7747021e3d8882efe10dcf3a78ade7debfbee171a19a7d04737327d2b33143907fb333acc2f71efce696cf01844aea46c8144714d02ee95dd4204d25ff6bd0e7e5c7d867b5fb7d6eaf3555cbd6ad84681a2056f5cb47ac7b803b642bdca87987f72ea05177b6aaede53167ec0e9d5151e8a9ab1679d9d698846d5a6d859bf0d0959958f4d41ba03e1eae3181d138dca2c95bec95f9b807be435e933b1b8dd3a39"})
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r3, 0x84, 0x7b, &(0x7f0000000480)={r4, 0x93}, &(0x7f00000004c0)=0x8)
ioctl$sock_netrom_TIOCOUTQ(r0, 0x5411, &(0x7f0000000600))
fcntl$getown(r0, 0x9)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:19 executing program 0:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
r2 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0x0)
accept4$llc(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000480)=0x10, 0x80000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000040)=""/21)
syz_open_dev$dspn(&(0x7f00000004c0)='/dev/dsp#\x00', 0x0, 0x20000)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000400))
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0x289}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:19 executing program 5:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000000)={0x0, 0x2, 0x81, 0x7, <r1=>0x0}, &(0x7f00000000c0)=0x10)
getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f0000000100)={r1, 0x8001}, &(0x7f0000000140)=0x8)
r2 = getpgrp(0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000a2f000)=0x9)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x80000005, 0x8010, r0, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(0xffffffffffffffff, 0x8040451b, &(0x7f0000000040)=""/21)
process_vm_readv(r2, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}], 0x4, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}], 0x1, 0x0)

2018/03/30 10:05:19 executing program 4:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r1 = getpgrp(0x0)
clock_nanosleep(0x2, 0x0, &(0x7f0000000000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
bpf$BPF_MAP_GET_NEXT_ID(0xc, &(0x7f0000000040)=0x7, 0x4)
ioctl$RNDADDTOENTCNT(r0, 0x40045201, &(0x7f0000000400)=0x6)
syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}], 0x1, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:19 executing program 6:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$IP_VS_SO_GET_DESTS(r1, 0x0, 0x484, &(0x7f0000000500)=""/234, &(0x7f0000000180)=0xea)
bind$inet6(r1, &(0x7f00001fefe4)={0xa, 0x4e22}, 0x1c)
listen(r0, 0xfffffffffffff866)
chdir(&(0x7f0000000840)='./file0\x00')
sendto$inet6(0xffffffffffffffff, &(0x7f0000f6f000), 0x0, 0x0, &(0x7f0000b63fe4)={0xa}, 0x1c)
setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r1, 0x6, 0x1d, &(0x7f0000000080)={0xb9, 0x5, 0x0, 0x7}, 0x14)
r2 = dup3(r0, r1, 0x80000)
ioctl$SNDRV_TIMER_IOCTL_GINFO(0xffffffffffffffff, 0xc0f85403, &(0x7f0000000200)={{0x3, 0x0, 0x0, 0x0, 0xffffffffffff8001}, 0x6, 0x0, 'id1\x00', 'timer1\x00', 0x0, 0x40, 0x0, 0x9})
r3 = socket$inet(0x10, 0x3, 0x0)
sendmsg(r3, &(0x7f0000014000)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000008000)="4c0000001200ff09fffefd956fa2830007a6008000000000000000683540150024001d0004c41180b598bc593ab6821148a730de33a49868c62b2ca654a6613b6aabf35d4c1cbc882b079881", 0x4c}], 0x1}, 0x0)
setsockopt$inet6_MRT6_ADD_MFC_PROXY(r0, 0x29, 0xd2, &(0x7f0000000a80)={{0xa, 0x4e22, 0x7884, @local={0xfe, 0x80, [], 0xaa}, 0x2}, {0xa, 0x4e22, 0x9, @remote={0xfe, 0x80, [], 0xbb}, 0x80000000000000}, 0x0, [0x8000, 0x2, 0x0, 0x96b4, 0x6, 0xfffffffffffffff9, 0x0, 0x3]}, 0x5c)
r4 = add_key(&(0x7f00000001c0)='asymmetric\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a}, &(0x7f0000000480)="5957756a122543e1a13be9d0f608a5f56988853e2f17bcc6ab8f8fc655dbbd0e0cbce70b1c1a95b497b02687386ecb4deaffdbc8c92c158a05af6b91e9fa0d90bf95cc062c7f903a7762c3fe2f78f210c0dffd8813f42e09232aec6a1f5162e67ce9de0e681bd1eb48c00f583880c9b3137815b33efa34258515", 0x7a, 0xfffffffffffffffe)
r5 = add_key(&(0x7f0000000680)='asymmetric\x00', &(0x7f00000006c0)={0x73, 0x79, 0x7a, 0x0}, &(0x7f0000000700)="68f8bf294101262bbadf86098cf05994f6b74328853396fe9ec13a643abc3747c9280385e65d0e3b58deca34610e83a593068f8b39f3e63234571a25feb40a1f3eeab62387cb5e239ce43506e20512f79d128213d1f2e70f3c30c64694e0998012ec02d2d541215f6c27000d839ad653f663def9640c4504be425069c3554fdc5a992d731bc3d1575911c1739b30c5151facb65244aed995d960234fa18b4215fcf3c91586abff6265cf245ffc4ad673255abd30cef0ac1b715137", 0xbb, 0xffffffffffffffff)
keyctl$search(0xa, r4, &(0x7f0000000600)='dns_resolver\x00', &(0x7f0000000640)={0x73, 0x79, 0x7a, 0x1}, r5)
request_key(&(0x7f0000000040)='logon\x00', &(0x7f0000000400)={0x73, 0x79, 0x7a, 0x0}, &(0x7f0000000300)="9414d46e5bb4eb97bebe5c8c4aab4f9e123ec5eaee666eebe12d87f7971a4684a42ff508c133b719c793283cf059eab43f4577be4ce54a7d7a910219d518fcfc93c0f9b8ead1a3ac089311cc9766dc52859a270fe122d7e68677357a5026e31bbab3219c54ae92bafb1856bb4d94dc53b78b1bdb083b7455b51c4778adad2097d2a0a6b31c48e4ee441818", 0xfffffffffffffffb)
r6 = add_key(&(0x7f0000000100)='keyring\x00', &(0x7f0000000140)={0x73, 0x79, 0x7a}, &(0x7f0000000440)="7d387db8ce196e4ea768f10612ddf2ac3061587671ccc48ca71733fe6b7c5d4d25b8", 0x22, 0x0)
keyctl$negate(0xd, 0x0, 0x1f, r6)
ioctl$DRM_IOCTL_RM_MAP(r2, 0x4028641b, &(0x7f0000000980)={&(0x7f0000ffa000/0x3000)=nil, 0x40, 0x1, 0xa, &(0x7f0000ff8000/0x4000)=nil, 0xffffffffffff0000})
getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r2, 0x84, 0x10, &(0x7f00000007c0)=@sack_info={<r7=>0x0, 0x6, 0x400}, &(0x7f0000000800)=0xc)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r2, 0x84, 0x17, &(0x7f0000000880)={r7, 0xffffffffffff7efd, 0xec, "cd9dd65a617e40c11e668d259f1f94e50fb3419b59932bbecf9892e40e0629050abd4187aba94734b81ca616c13480a37078ae7c6706ab0a460260fe04b9c39ba3d6283900b0f8c74732f6fb5cc6ee5841a0e3d9155e32316b094585215d1197985dcb455aa4417758011696f773c93fe8e877489c8ce157f629adf5c103939e1d8af059df22c512fc265a9e08a12618e7f54327c0ae01e3c68dfa1ffd09bd4594a00f2b549bbb78ae7059d6ee86b737d914a3fd19c7a48ea85de0c6c4dd00af99062c13aabc931f7d57c2896d2830b7f5369c21913b1f52ed7855f848080db2bcfcea38a936310413645c51"}, 0xf4)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r2, 0x84, 0x17, &(0x7f0000000a00)=ANY=[@ANYRES32=r7, @ANYBLOB="090057007eb2ff2e9af02e752df525fe4a7b57f7de213873a557f2bbe82fd3be05b5247d985a666a622f8622c89bb0413ef00d3e7e09bcfef99a08f034d2647b1eb18be287cc5d8aeae1d4d02c0a5454b430c0a439922509a9c446"], 0x5f)
setsockopt$IP_VS_SO_SET_TIMEOUT(r2, 0x0, 0x48a, &(0x7f00000000c0)={0x0, 0x4}, 0xc)

2018/03/30 10:05:19 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

[  194.050886] IPVS: length: 234 != 24
2018/03/30 10:05:19 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r3 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3)
r4 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82)
r5 = dup3(r4, r2, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r6=>r2, 0xfffffffffffffffe})
r7 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r8)
r9 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r5, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r9, &(0x7f0000000180)="15", 0x1)
r10 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r10, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r7, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r2, r4)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r6, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

[  194.077746] netlink: 'syz-executor6': attribute type 29 has an invalid length.
[  194.085257] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'.
2018/03/30 10:05:20 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:20 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000980)='/dev/autofs\x00', 0x2, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff5)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r0, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r9, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

2018/03/30 10:05:20 executing program 6:
r0 = socket$alg(0x26, 0x5, 0x0)
r1 = memfd_create(&(0x7f0000000040)='sha256-generic\x00', 0x3)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000080)={<r2=>0x0, 0x3}, &(0x7f00000000c0)=0x8)
getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000100)={r2, 0x3}, &(0x7f0000000140)=0x8)
bind$alg(r0, &(0x7f000026f000)={0x26, 'hash\x00', 0x0, 0x0, 'sha256-generic\x00'}, 0x58)
r3 = accept$alg(r0, 0x0, 0x0)
r4 = open(&(0x7f00004b8ff8)='./file0\x00', 0x28042, 0x0)
ioctl$BINDER_THREAD_EXIT(r4, 0x40046208, 0x0)
fallocate(r4, 0x0, 0x0, 0x40007)
sendfile(r3, r4, &(0x7f0000ccb000), 0x400)
ioctl$VHOST_SET_VRING_CALL(r4, 0x4008af21, &(0x7f0000000000)={0x3, r4})

[  194.140318] IPVS: length: 234 != 24
[  194.157929] netlink: 'syz-executor6': attribute type 29 has an invalid length.
[  194.165411] netlink: 8 bytes leftover after parsing attributes in process `syz-executor6'.
2018/03/30 10:05:20 executing program 6:
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x0, 0x31, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000c4f000/0x1000)=nil, 0x1000, 0x0)

2018/03/30 10:05:20 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={0x0, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:20 executing program 6:
sendto$ax25(0xffffffffffffffff, &(0x7f0000000340)="e561b40eda65a44b6b26ef32d24d0a09c9ed4d9f69ff38ed461bf759581b93b7e74beb95394a4315011466fc92bd5bba62233fed6bc2047ed413e77796dbfb8ad7b07b18fbfe945ed58ffff4ea38e3a6b41773c3e57b49dd0997e2772a9e3fff08bc9364be7389eb05f0b4049b6ea79e23aed9fc94b6b2cc4a7ca0612bee5db6163c79ac620ee8bd9fd492d645de0167491b0f4ad6f6dc24c877fae4a647f3b4c28903eefd8efe9a9d04abcce6430a599d7ea1fdbbadcbfacd393ff80e89e135ca1e2a2216ec7d71b4074e63308aaf2c4a57273f464a3bf4e0f18d7a8dd1f88c9018d3217c9777e22de2017e84eb97635150e9b3fb9924dbe48fa944d4a0ee8648e0b2261b4ef02564af87add8500d84f903e7d55754b1af5ba921375f83dc8fcf8fb18bad8c4fae1cde7d77bdc23cc663f1c3b22f82b2a59994a69f22255190a2273ea61e97e52481898842104ab1258966c56a19ffeb40304ff9aed8baf543f5d994832e06b0c4b8c3bed6766f67109e70b9baf4ca656071bde7b297cfb6dc11399127a6343079c3fa8b29e19a9a22f4a82c50842a448d7d671aa6acf3c68cd3b4986b6170c3fe40cb8f272d47b0b51b942bec75831e40098fd5a0af3d0aae6ad5cedf4a6646eff21ed31c4e434fb5ec4214217bc3be32e32c29086cc75384c3f1a4580cbbf9dd7f296f6caddfd5efb256f78ac46acfc552bd0531fbb0025e115015aaff449ee61589abf0c81e63f14c4096685022d254ac35b3f8cafccd73ce77dafe3d62ff615348ed03bb103a36d9e6b5b7dc8d6588b47abfaff145c1a78fdd7170306976d1c93eb8d1e9798e71f769b3ae4bef9fdac28c86a570404497863d749fd0bd4a56661f81ccfbe3c4bf304378fe8266f3f6dfb01c17f109264f5b8a06f20437e06675d8b97970f38919ff5126fde9abb3048cab712204dc2572d270c1274f18891a1d7d5b05de8f9a7aa347777ee6aa4ecd962342bac56c46b871aff8ea5ffe6e2431bd932e5d43d26396fd32916b9380fe0aabf966f265ef763064815e0776026ee66d2f9da0d33b7b4fe8dfc2557a0d16b4a0949779b645f419c3056cc9fd89ec7505099fdcb24dd157cb3e6b205581b979aa532e0f7762ac55ce93865cfb99e383792818caf5b720487956df52e1c37bd5b49ccb4eac07324e546f926bb5f8449a88a9f9000000000000005b6172838c72d7ffd752a990cefd3b1404894a3a5ef57dc53e9b6d13ccf4816da5008856e04fd872934fe2ce258bd21510d45d27dad92dd089401f3c3575b7dd79fa1b77dc9fc1832c403df84494cfcf358e15ed826db601aed898dbdb273a58ba69162c34c0d4d38f5338caa584976f079054f9b8292c7de4282a6aedb4c45fe0e118702b40c533ed67ee6b7898c676f68bf7bc6198a5cded0f1eb673a174f1ffc6211caf62acf90251393e9cec12e7208de4a13b5d6456b02ca5a2ba7738030ffc9f9d392a7fb47374ab9198379dba318af371d0fcc95f3f702498de70140177b3850305abd7feec0a6e4ec3dc4156d609c24e705baaa34f224637cb9c1d1ac15071e6f3f59ce7ba630d2290b2a83c5ae40c634cabd5c84c18e812e1f1cf90c1393c42055bc3f193b5756c512ef4e2c0eeee8c12f18a0f4c790499abb2f05bc98a940c19209bd45f66b2906c9fec89a6b8b3ed60552e337b96f4ec433334a992c214bb5ec2b14d88eb4d37ab987291bfd9ebe22817849303d2cc364d0c788d4fb7ad6beac1507cd96e2f1d6f24942bd5b89b92e01ecade323f8dec55244bcb03a1fd1ac13ebe18a05ed146058c2b8f0e7d2226fb3ffd279d49c9b725463ae07d43cf9f66a7a41cc760258f01b9e65c34cd900fad9006ae11b7460e2795692f26c50af17c7cf53052a55f9ac942f27308edb5f4ea73da749fc045ea9dacbc03ac5017d80210ef421c05673a508fa28ae3bfda5d5cf9fe3cc36cb1de795cf0135cb066c5ddf6ff04d8c37a9468af8455edbcd220c67f83dcbb886d96b4ca85d334a1b16a61c68e555df88137e7002283c67e82d9a7a1c9aeccd8f71f9ac2e447ea183b405f385505852526c3e97f483833dcfd73b0dc87efe8f5ff192c2c0518924830cc32018a18e3e5a1f2c120218862acdf87451892dabcf8ab659226010e26f1307731a2a2f61f6f37d28025f48059188f7f8777406cf13839ac6e3fe5e5f925aa56e7d0128d7ad5146f3bbcb54270d23d87c893258945f2ca1244c619c63e4d3dbb4f72c3f3150022bfa6ee0c5fba1e826c8a2249e33f715bd33c3e34f13a2a0a6557976ddcc6d8ffe1d6b094dc9091f152366767a06fc1a821b28992b186825d1387dcae72b06efe49151717229e4f2237c2a6563e74fd5c59057cb1fc0972c0d7cb9d7e70e62ad63072f6215bddf6ef22c60c69dd77a3304cd4051ae4d3376575ce44888411d9fb88d243fe3f2cf77b88eb3501a21d6d3707b4b81009716f1e02ce74cd1aa55d615048200fc60681d442bdbc10d692e77f4da4b17bea13f6b9f8a7e0edf2416e8818057fb0a8c6dade90cd5fd51d8c135b7b06b5ce86436dd3ed4238c5c8583e70e445e0d1a4bee408d26e6b641660470c617bb44a04fa1d3d2849180ffef875103936d9f2ee7fd9df1ed91a51f632a3ed77e3f2b90f01b83843ab493ae94110b8606067cd436f5c5106a454be0a268f902428109011205f3058fada832e009450a9db98e5c77e16920aa38d8ac029f77d25df7f473de7a9419eb3b7d7a8e4d497259cf7f0b9eabf67ab4ba5111d302b1574dc2ef9cdabf4cff233b54f86e3dede81dc768ffea3ad95c26ecd814cf0c2b775e4c2575aef92bd587eeb39da6598029fb7390efdc64390e581515089a312f4161acdf44468b8eb35094c116ecf131f674dc735426995d0619a718ebacb398e23dae9c69bc0021a3ec923655b43b3d745fa4eed026240e084c9c928adbe57589c114bf863edefb13ad4f98447fb0139ce829c3cacb1d9a58241dbf3ccf7a3daa26038e719dfaf5011c07c1071656a756e9cd77312289037bfbbebb52b227abc26a0454cc66819b338d6b7e239e03afecce1de5300e45ee7f9ec1f64c921caa69570f45f2315bcd1e27d67819fc14cb72414ecde015c6a15ccc1fc9a16193fa8d463d0e92ae4f524bf42b882d7f62f0deb24700b8a5f9d4605599a56be478b00900a6e27168101c11c9e1d3f31bbee0ccd8dfbe5f5aa11ca7fffd42aaed7c1f2081c68351870871b5b8200c236b37a43660c3b28d13a58dab242722989120060f36d68ab0879cf0b9ea623f59f93c6c16066d829f2923c8a0673cac583c97aba8bfe0b585e718142aef897e4ce0b20a7a0bc2011fee5c1326ff6e4cf162f7b4fde80fd874fa36ad14c622ece343b80bbdf2211e0aef3be401e71969a9d85c1e57c236b5eb680fb7e7af880b30e6a925f010672ea0bab70ec22a33acd4280ed9c79802ce34d1e21863012fb1e5c3f3104dd6e62e3defdf5daabfccf5db343aec39b16cdfce0ba94adc015fce6dc26d1a0083c3013588735fbc91400c3a867865436fcb5822cea90f640e0ddc956529835db29f036a62c130b65aa28dd69293914eb4cd439cd9eebb07d37d67d0e826fe68eff0c2220d7d7326601941df262c8ee20950609d4c60a4a0d6891f90d67f0813c69fc664fb60f917a6c276fe5624b3ba623be331985509509f1aca42a1ccb1a71c50d081ea20266c400492088e1ff36c26db16579b6d1f73bbb08529f294ee29ca5b53ff0e574cc6cbef1e9996dc9a396c9e8aca1b00efc0941d6f1dd505c07e0ca106dc0f660804843212e7265c22e714cffd6d7fb5cabc01b2781c944b9bb1e16bdd89426c3a4c70b05c7150019d46415557bc28e4e069b280d40c31db91d60728ae02470f25469abcb280857e3f8414d88f77c723a6dd181f639a3e3655236144fb6678ad189e26044a6ea20f82da6d088144c62fef689cc2bc89eb5e15d29d82ad59537b4b7717ad2ec964d2b43495ee9360615fb96741e836b132270b41390a19069720d0fa3a7be4f419968818cab9112e750772b2f97ab592bd46e18c8a209b3dd2a4fcf94dd1b5a7bec0ed336dafb2578a6be5de8c4c27fd402246643fd9683a0d1918339aee591659f8a414f0551bdb9bff013728fb3907c5f2f2a0a6ff3da3edd3b146fd4065abb580be705eb226fdf42380e78df28ef39920d63eb925efdbb982dcca2a5eb3eb14593973b1c9d0d7cfff81007f6d93a0395bcf9f675f6046f81ce6c7731c2aac585033540ccd0406020ef6c4de95fd9929bb6e4feb33794a3ed5f5d110c4e38b9907fdfd262f79cd48810019cde7ea1e51c24d59c08b36711413ca9f2582adf0b4c797c74f6d40b902ae575cd6d60ae1368ee337f7a7242bd3b10c5aa74e12cd39977a6b0c813cd7bf9684eef817014a1dacf43aa7ce2373ffb5cdcd65874158264e95a649cdcd652c8dbcc076b5b29ddebd39dd342fd1bfc50d8245e7ce2b5e29df144fb49076b49aa1c9eebcaa7f2f95520c6ab4c6ba074c8516a7f99ff99f3c79ad54ec8a20c608f7244061c79317686727dac12f34112e1a8fd0fc1ffb0d139c8cfd19cf7d7b48c8f6887abf88a68ff272f3df15b8ef2f0cb64cef8df72a7cc3952c3df2197b47d7dd8ae4e23a0fb218ce3ff513a9136c0a038af6e18d13e55c92731fd890f8f00981f78398e187c734c9ef68f3b8cc3982dd80da1a693a1fff189ebf28476f55f47d7d20098eefdc569d9effed7f87c827f4e2198956905f6602f810871eeb4f8a9e246a1ae850f39ecadbbff7e7a584c834bae34285b359a08751332902e993df1e5a9022012ca63c212328f72720d07804d46d958f177092e1cfcbc790330f8e64d43e2e8f5d8525104d59dda70dd56bac045a91ae88c62d7ad723c5f53f1ebf480022bf22a6d61e06377577c7f37af5e07222177f51e855aa857a8386be8d03f91c1d141d4b3f5a00bcc671f97a9450fc9166c3d5d29f24177", 0xffffff4e, 0x20000000, 0x0, 0xfffffffffffffe9d)
setsockopt$inet6_buf(0xffffffffffffffff, 0x29, 0x0, &(0x7f0000002000)="24b38b20d0ef3254115223ef6cf758327575c041e002a8089496079b1b45009349041eca724fdec73fab9b04e4a4a5af1d03000000000000007faa62b9c0d263274f4a010c4f93ef85516b042511f32764171ba9bd278cbe360c22f184073fe215dee02fe37161246323ee9c82c790add905b90a64adab9fef855d72abb637d460fc6fb5a9eec5535b119c9dfbde3f76323a5af634e4235a33d57e226460104ca0dedf1f0e8365cd43d106c41d009976034d6557bf8917cad630598f6e58fd1770012d78aabb64ffffffed00", 0xcc)
setsockopt$inet6_MRT6_DEL_MFC_PROXY(0xffffffffffffffff, 0x29, 0xd3, &(0x7f0000002000)={{0xa, 0x0, 0x0, @mcast1={0xff, 0x1, [], 0x1}}, {0xa, 0x0, 0x0, @empty, 0x1}}, 0x5c)
setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000002000)={0x0, 0x0, 0x9}, 0x14)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet_sctp(0xffffffffffffffff, &(0x7f0000001680)=[{&(0x7f0000000300)=@in={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10, &(0x7f0000001600)=[{&(0x7f0000002100)="13bee905174d177348f564acc3112f7b8d8e78367f4e99c127d4afd398031999a51072d753c21bb642df9e7a06aa", 0x2e}], 0x1}], 0x1, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x40, &(0x7f0000001fde), 0x4)

2018/03/30 10:05:20 executing program 5:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00005a2000/0x2000)=nil, 0x2000, 0x2)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r0, 0x4040aea4, &(0x7f0000000000)={0x3, 0x100, 0x7, 0x1, 0x2})
ioctl$EVIOCGSW(0xffffffffffffffff, 0x8040451b, &(0x7f0000000040)=""/21)
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}], 0x4, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}], 0x1, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:20 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r3, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x7)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r9, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

2018/03/30 10:05:20 executing program 3:
syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x0, 0x4001)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000a2f000)=0x9)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
r1 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
accept$ipx(r1, &(0x7f0000000000), &(0x7f0000000400)=0x10)
ioctl$EVIOCGSW(r1, 0x8040451b, &(0x7f0000000040)=""/21)
process_vm_readv(r0, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}], 0x6, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:20 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={0x0, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:20 executing program 4:
syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r0 = getpgrp(0x0)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
syz_open_dev$dspn(&(0x7f00000004c0)='/dev/dsp#\x00', 0x7fc, 0x30005)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
process_vm_readv(r0, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}], 0x1, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:20 executing program 0:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
r2 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
openat$dsp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp\x00', 0x505200, 0x0)
ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000000)=""/21)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000400))
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0x289}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:20 executing program 2:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
getpid()
getpgid(0x0)
ioctl$TIOCGSID(r0, 0x5429, &(0x7f0000000000))
getpid()
fcntl$getown(r0, 0x9)
r1 = getpgid(0x0)
r2 = getpgrp(r1)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f00000003c0)={0x1, 0x0, [{0x4, 0xd6, &(0x7f00000002c0)=""/214}]})
sched_setaffinity(r2, 0x8, &(0x7f0000a2f000)=0x9)
r3 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f0000000240)={0x20, {0x2, 0x4e20, @broadcast=0xffffffff}, {0x2, 0x4e21}, {0x2, 0x4e24, @loopback=0x7f000001}, 0x242, 0x3, 0xf2a1, 0x8, 0x62da, &(0x7f0000000200)='bcsh0\x00', 0x10001, 0x4, 0x7})
r4 = ioctl$LOOP_CTL_GET_FREE(r3, 0x4c82)
ioctl$LOOP_CTL_ADD(r3, 0x4c80, r4)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(r3, 0x8040451b, &(0x7f0000000040)=""/21)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000400))
ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f00000001c0))
process_vm_readv(r2, &(0x7f0000000000), 0x0, &(0x7f0000000a00), 0x100000000000015f, 0x0)
preadv(r3, &(0x7f00000006c0)=[{&(0x7f0000000480)=""/88, 0x58}, {&(0x7f0000000500)=""/88, 0x58}, {&(0x7f0000000580)=""/192, 0xc0}, {&(0x7f0000000640)=""/104, 0x68}], 0x4, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))
fallocate(r0, 0x1, 0x8001, 0x5)

2018/03/30 10:05:21 executing program 5:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x0)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x8, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(0xffffffffffffffff, 0x8040451b, &(0x7f0000000040)=""/21)
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}], 0x4, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}], 0x1, 0x0)
r2 = msgget(0x3, 0x50)
getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000340)={{{@in6, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}}, {{@in6=@ipv4={[], [], @broadcast}}}}, &(0x7f0000000000)=0xe8)
r4 = getegid()
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f00000007c0)={{{@in6=@mcast1, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0}}, {{@in=@broadcast}, 0x0, @in6=@loopback}}, &(0x7f0000000440)=0xe8)
r6 = getegid()
msgctl$IPC_SET(r2, 0x1, &(0x7f00000008c0)={{0x5, r3, r4, r5, r6, 0x100, 0x400}, 0x1, 0x0, 0x400, 0x100000000, 0x7, 0x401, r1, r1})
wait4(0x0, &(0x7f00000000c0), 0x20000001, &(0x7f0000000100))

2018/03/30 10:05:21 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={0x0, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:21 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r9, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000880)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

2018/03/30 10:05:21 executing program 0:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
ioctl$TTUNGETFILTER(r0, 0x801054db, &(0x7f0000000a40)=""/241)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
r2 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000040)=""/21)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000400))
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0x289}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:21 executing program 3:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x0, 0x4001)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
r2 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
getsockopt$inet6_IPV6_IPSEC_POLICY(r2, 0x29, 0x22, &(0x7f0000000a40)={{{@in=@broadcast, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}}, {{@in=@remote}, 0x0, @in6=@local}}, &(0x7f0000000000)=0xe8)
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000b40)={{{@in=@dev, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0}}, {{@in=@multicast1}, 0x0, @in6=@mcast2}}, &(0x7f0000000400)=0xe8)
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000c40)={{{@in6, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0}}, {{@in=@multicast2}, 0x0, @in=@remote}}, &(0x7f0000000480)=0xe8)
setresuid(r3, r4, r5)
ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000040)=""/21)
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}], 0x6, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:21 executing program 6:
pipe(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000040)=0x7ff)
ioctl$EVIOCGMASK(r1, 0x80104592, &(0x7f0000000100)={0x3, 0x5c, &(0x7f0000000080)="7594b9729a35bc9a4ddbe68efcbf23251e25b675546ae452db153c35fc44baf0150db9c8c20609f4a1e07b346fdf31a5df0a6d5c0c15c684387738a7ba6515b33b42d697671e511e84ff97b30ed0d9db67a2f30bf1ff6d0779c8c12c"})
ioctl$KVM_SET_XSAVE(r0, 0x5000aea5, &(0x7f0000000140)={"5f32cfd4550fbd034166cbb62a45d265822fdf807be4785a41e0131a8ee73634ff7d44b49622257b383b6599b32aa1d66fc0f0728bb2b91e34b0eb21d91527882572f08ba0eb1a6f36c7030440f7bfdb8f21b85594dd81acd0c83a51beb7a8dee2ef73120adce728c81f97285e8bc5a2d01611f77710753bf87448f0ede9173b30614ccaf3caba8e1764d01f34da0f4499fe99ed49ccd9adafc4b564ba14b945614eac21881c58ef169bf1450a3c103590c2bb4e9a52d1933192c317b132301cf3cbc15c6fcd4247f077f9ebb930d615e8c16b132dc39af00cddc4fb2780a95086ab4a3b187369043c68d0ae66112c5e5f4e94f8cf710330e66aa08425721fe8e5e8852403204ba99af59c37d1fd70b5305d42f676c187cd737b7f7bb3ee12f668dee5c8e2cc4e4a823200eddeb313432576180089a20e0535ea6a9ab9ce004afbfa5d1c7d3eb6e66d881b7ddd91df598414011e28e846a6217c64e0609df6d7c1f6f4133b5a6d38974e477783de32a80a68c317367ddd3058748d993ed168adbb3ccef7dd164c3eb16f4de8a8c0ed7d694cea515a25477a48f12d6afb20831a24df6ba3f1a9c28678773e4716a3d0a96ef811912b8fab04e1e707c0227e396941d28be42b7ae3db79f2fa8a6651b2502aceb24e98a228a82475c5e3c62a665990247f56800e15d4bc8ec30788628ea3487773c25b7464fb4cbd2d2d24faca9ff9950a2e45ab58922da58ec6a24b28943d50ccd7ff195d81a5dfaf8d4cdeb6387837663798563dbb3d53ac245abe5c6e027ea569015a04f605e848b4292089aaaa43c736858939c21406c445015cc20b3cfa6865964600e2e397721918b87b3e8c54e9562de6ec880ded338f2632037806a1766ff8b4b5ae18ab68d65fb91232264f1c593a5bf9156cbd0d40c4e0a8d86eabaf5aaa963581ef9d9027fecf4812ef5ad88a3d74957e414bf56e62bafc133cdc35ff817256924fb3c8fcfebf82b298e20a1c6d13b874237810664ce8210a8053ca03f4a1b5db50c2e3e8737e8ce2b27699a61952313f0cf595f9bdd56f00582a11c82259bbc49971f27d1b42a8f0f1f599fcdfb3647a963d03386a35305b61b4e3a481173e8a25f0bd3ff9d3671b60fead3ca442604ef89fca69be23f49efae34b93fa33474999024fd4a5040fe2194db9bddc6b5f415fd697aec6557fe9f93f3b97a888b9202db58beab72144a7f4c11e6b86e1ef9bd780ce4316896eac9bce4a5f18b4b460038d68e67d38296b57ec6a593b47fe38e11999468972fc38a83e50a5fc49612f00d658c60fc52aa3d2ccc82d98607da20a0b1a6eb8dd29cd27f1780073841bb6fba52b550c5992be0930f0705aefaaeee1972b4cdb30688c1a5cf941994b4310e8b1124e37b496dc464e4aa71a41e0674b9eab8ca860fbf52f9cc7f3cc61cd79303a60901a40ef93"})
ioctl$TCSBRKP(r0, 0x5425, 0x9b3a)
getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f0000000540)={<r2=>0x0, 0x7fffffff}, &(0x7f0000000580)=0x8)
setsockopt$inet_sctp_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f00000005c0)=@assoc_id=r2, 0x4)
ioctl$EVIOCGKEY(r0, 0x80404518, &(0x7f0000000600)=""/184)
r3 = syz_open_dev$sndmidi(&(0x7f00000006c0)='/dev/snd/midiC#D#\x00', 0x6, 0x8000)
setsockopt$l2tp_PPPOL2TP_SO_REORDERTO(r1, 0x111, 0x5, 0x3, 0x4)
epoll_ctl$EPOLL_CTL_DEL(r0, 0x2, r1)
r4 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000700)='/dev/sequencer2\x00', 0x20040, 0x0)
ioctl$PIO_SCRNMAP(r4, 0x4b41, &(0x7f0000000740)="1014324166abfe8c03bba891f4787e046d8142001ae7c6bc7b2e36dfb581f8c0991e84e362957a870d1b22cdc2e6e30206e3b65570f2b3b0b2c3a5daa62ce9fc566bb3403d032129cec267131da77c7075d52e360c7636c51b5a23d1d1679d3a315f73994360397c243227341cb5211048a5e7600c28a32f3552880fd1995f809fe824109dc39a496d8a05ee")
ioctl$sock_SIOCGPGRP(r3, 0x8904, &(0x7f0000000800)=<r5=>0x0)
timer_create(0x2, &(0x7f0000000840)={0x0, 0x1e, 0x0, @tid=r5}, &(0x7f0000000880))
r6 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000008c0)='/proc/sys/net/ipv4/vs/sync_threshold\x00', 0x2, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r3, 0xc04c5349, &(0x7f0000000900)={0x40, 0x2, 0xfffffffffffffffd})
setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000980)={0x50, 0x696, 0x5, 0xfffffffffffffff9, 0x5}, 0x14)
setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r4, 0x84, 0x13, &(0x7f00000009c0)=0xf000000000000000, 0x4)
ioctl$KVM_X86_SET_MCE(r0, 0x4040ae9e, &(0x7f0000000a00)={0x400000000000000, 0x3000, 0x8, 0x7, 0x5})
lookup_dcookie(0x1, &(0x7f0000000a40)=""/236, 0xec)
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000b40)={<r7=>r2, 0x2}, &(0x7f0000000b80)=0x8)
syz_open_dev$sndtimer(&(0x7f0000000bc0)='/dev/snd/timer\x00', 0x0, 0x800)
getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r6, 0x84, 0x13, &(0x7f0000000c00)={r7}, &(0x7f0000000c40)=0x8)
getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r6, 0x84, 0x72, &(0x7f0000000c80)={r7, 0xfffffffffffff801}, &(0x7f0000000cc0)=0xc)
socketpair$inet6(0xa, 0x806, 0x8, &(0x7f0000000d00)={<r8=>0xffffffffffffffff})
setsockopt$bt_BT_FLUSHABLE(r4, 0x112, 0x8, &(0x7f0000000d40)=0x9, 0x4)
ioctl$VT_GETMODE(r3, 0x5601, &(0x7f0000000d80))
accept4$inet6(r8, &(0x7f0000000dc0)={0x0, 0x0, 0x0, @loopback}, &(0x7f0000000e00)=0x1c, 0x0)
exit_group(0x9)

2018/03/30 10:05:21 executing program 2:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
r2 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x10, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000040)=""/21)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000400))
ioctl$FIONREAD(r0, 0x541b, &(0x7f0000000000))
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0x289}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)

2018/03/30 10:05:21 executing program 4:
syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r0 = getpgrp(0x0)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
r1 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, r1, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
process_vm_readv(r0, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}], 0x1, 0x0)
wait4(0x0, &(0x7f0000000400), 0x2, &(0x7f00000007c0))

2018/03/30 10:05:21 executing program 6:
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000384ff7)='/dev/ppp\x00', 0x101002, 0x0)
ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000bc0)=""/246)
ioctl$EVIOCGPROP(r0, 0x80404509, &(0x7f0000000080)=""/131)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0)
pwritev(r0, &(0x7f0000ed8f70), 0x0, 0x0)
msgget(0xffffffffffffffff, 0x80)
accept4$inet6(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, @dev}, &(0x7f0000000040)=0x1c, 0x800)
msgrcv(0x0, &(0x7f0000000840)={0x0, ""/92}, 0x64, 0x1, 0x0)
r1 = syz_open_dev$sg(&(0x7f00000001c0)='/dev/sg#\x00', 0x0, 0x2)
write$sndseq(r1, &(0x7f00005cbf70), 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(0xffffffffffffffff, 0xc4c85513, &(0x7f0000000340)={{0x0, 0x7, 0x1, 0x0, "02e9ebbb216a45b57ded9462aa77ca8133f988213e0b529833a4215c24f9def694acbbf5122e58431cb90f5f", 0x80}, 0x0, [0x5, 0x5, 0x0, 0x0, 0x21, 0x0, 0x0, 0x0, 0x0, 0x100000001, 0x0, 0x7, 0x5, 0x0, 0x1, 0x80, 0x0, 0x2, 0x6, 0x0, 0x9, 0x9, 0x0, 0x4, 0x0, 0x8, 0x0, 0x80, 0x0, 0x0, 0x0, 0x100000000, 0x401, 0x6, 0x0, 0x3f, 0x401, 0x7, 0x0, 0x3, 0xcf5, 0x0, 0x0, 0x9, 0x8, 0x0, 0x7, 0x7, 0x0, 0x0, 0x2, 0x0, 0x2, 0x0, 0x9, 0x5, 0x9, 0x0, 0x0, 0x101, 0x9, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x21c, 0x8, 0x0, 0x0, 0x6, 0x5, 0x0, 0x0, 0x0, 0x3f, 0x0, 0x3c, 0x0, 0x100, 0x626, 0x0, 0x0, 0x0, 0xffff, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x35, 0xffffffff, 0x6, 0x9, 0x3, 0x3, 0x8000, 0x8001, 0xfa5, 0x857b, 0x0, 0x3f6b, 0x10000, 0x80000000, 0xfffffffffffffffb, 0x3, 0x2, 0x1, 0x8, 0x0, 0x0, 0x4, 0x3, 0x81, 0x80000000, 0x1f, 0x2388, 0x7, 0x3, 0x699, 0x80000001, 0x9], {0x0, 0x989680}})

2018/03/30 10:05:21 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x0, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:21 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r9, 0x1, 0x10001, 0x2)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

2018/03/30 10:05:21 executing program 5:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x40000)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
alarm(0x81)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, r0, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(0xffffffffffffffff, 0x8040451b, &(0x7f0000000040)=""/21)
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}], 0x4, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}], 0x1, 0x0)

2018/03/30 10:05:21 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x0, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:21 executing program 0:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r1 = getpgrp(0x0)
bind$packet(r0, &(0x7f0000001d40)={0x11, 0x15, 0x0, 0x1, 0x0, 0x6, @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}}, 0x14)
sched_setaffinity(r1, 0x8, &(0x7f0000000000)=0x9)
r2 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000040)=""/21)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000400))
ioctl$KVM_ASSIGN_SET_MSIX_NR(r0, 0x4008ae73, &(0x7f0000000480)={0xfffffffffffffffb, 0xa5aa})
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0x289}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:21 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x0, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:21 executing program 7:
r0 = eventfd2(0xb5, 0x800)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r3)
r4 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82)
r5 = dup3(r4, r2, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r6=>r2, 0xfffffffffffffffe})
r7 = openat$cuse(0xffffffffffffff9c, &(0x7f00000008c0)='/dev/cuse\x00', 0x101000, 0x0)
r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r8)
r9 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r5, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r9, &(0x7f0000000880)="15", 0x1)
r10 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r10, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r7, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r2, r4)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r6, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

2018/03/30 10:05:21 executing program 5:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
bind$nfc_llcp(r0, &(0x7f0000000340)={0x27, 0x0, 0x2, 0x5, 0x5, 0x8, "18e2c34deeb5cf464930eab1330704d2e089c8823d1aca41fc537d46e0e3938f68070c1d10cba46b2eb616ad11057d4118ed28398e9cc2ecbf73abd1c7bfa4", 0x26}, 0x60)
setsockopt$inet_sctp_SCTP_AUTH_CHUNK(r0, 0x84, 0x15, &(0x7f0000000000)={0x101}, 0x1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(0xffffffffffffffff, 0x8040451b, &(0x7f0000000040)=""/21)
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}], 0x4, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}], 0x1, 0x0)
sysfs$3(0x3)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:21 executing program 6:
r0 = socket$inet(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000100)=@broute={'broute\x00', 0x20, 0x4, 0x610, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000cc0], 0x0, &(0x7f0000000240), &(0x7f0000000cc0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000008000000000feffffff02000000050000000000000000006c6f00000000000000000000000000006263736630000000000000000000000069726c616e300000000000000000000069705f76746930000000000000000000000000000000000000000000aaaaaaaaaa0000000000000000002001000020010000580100007374617469737469630000000000000000000000000000000000000000000000180000000000000000000000000000000000000000000000000000000000000073747000000000000000000000000000000000000000000000000000000000004800000000000000000000000000000000000180c20000000000000000000000000000000000000000000000aaaaaaaaaaaa0000000000000000000000000000000000000000000000000000800600006d61726b0000000000000000000000000000000000000000000000000000000010000000000000000000000000000000ffffffff00000000050000000000000000006966623000000000000000000000000065727370616e3000000000000000000069666230000000000000000000000000726f7365300000000000000000000000aaaaaaaaaa00000000000000ffffffffffff000000000000000070000000d0000000200100004e4651554555450000000000000000000000000000000000000000000000000008000000000000000000000000000000434f4e4e5345434d41524b0000000000000000000000000000000000000000000800000000000000000000000000000049444c4554494d4552000000000000000000000000000000000000000000000028000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000e628ccebdb0b4b6b0000000000000000000000000000000000000000000000000000000002000000ffffffff01000000110000000000000000006970366772657461703000000000000073797a5f74756e000000000000000000626f6e6430000000000000000000000073797a5f74756e0000000000000000000180c2000000000000000000aaaaaaaaaabb0000000000000000a00000003801000088010000706b74747970650000000000000000000000080000000000000000000000000000005241544545535400000000000000000000000000000000000000000000000000200000000000000073797a30000000000000000000000000000000000000000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a3000000000000000000000000000000000000000000000000000000000000000000000000049444c4554494d4552000000000000000000000000000000000000000000000028000000000000000000000073797a30000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003000000ffffffff010000000500000000000000000073797a6b616c6c65723000000000000074756e6c3000000000000000000000007369743000000000000000000000000069666230000000000000000000000000000000000000000000000000ffffff7666ffdabc8a6f0c174d8ab8ec743dffffff0000000000000000300100003001000080010000697036000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000ffffac1414aa00000000000000000000000000000000000000000000ff000000000000000000000000000000000000000000000000006c696d6974000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000004c45440000000000000000000000000000000000000000000000000000000000280000000000000073797a30000000000000000000000000000000000000000000000000000000"]}, 0x688)
clone(0x200, &(0x7f0000fbf000), &(0x7f0000000000), &(0x7f0000000100), &(0x7f00000000c0))
setsockopt$inet_group_source_req(r0, 0x0, 0x2b, &(0x7f0000000280)={0x1, {{0x2, 0x4e20, @multicast2=0xe0000002}}, {{0x2, 0x4e21, @multicast2=0xe0000002}}}, 0x108)
mknod(&(0x7f0000f80000)='./file0\x00', 0x1040, 0x0)
execve(&(0x7f0000f8aff8)='./file0\x00', &(0x7f0000a7bfc8), &(0x7f00006fcff0))
r1 = gettid()
socketpair$unix(0x1, 0x1, 0x0, &(0x7f000000d000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$int_in(r2, 0x5452, &(0x7f0000008ff8)=0x3f)
syz_open_dev$dspn(&(0x7f0000000040)='/dev/dsp#\x00', 0x3, 0x482800)
getpid()
fcntl$setown(r2, 0x8, r1)
fcntl$setsig(r2, 0xa, 0x12)
dup2(r2, r3)
tkill(r1, 0x16)
open(&(0x7f0000363ff8)='./file0\x00', 0x401, 0x0)
ioctl$sock_inet_SIOCDELRT(r0, 0x890c, &(0x7f0000000180)={0x2, {0x2, 0x4e22, @remote={0xac, 0x14, 0x14, 0xbb}}, {0x2, 0x4e24, @multicast1=0xe0000001}, {0x2, 0x4e22, @broadcast=0xffffffff}, 0x90, 0x6, 0xffff, 0xffffffffffff5470, 0x9, &(0x7f0000000080)='teql0\x00', 0x8, 0x2, 0x9})

2018/03/30 10:05:21 executing program 3:
syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x0, 0x4001)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000a2f000)=0x9)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
r1 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
fcntl$notify(r1, 0x402, 0x14)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(r1, 0x8040451b, &(0x7f0000000040)=""/21)
process_vm_readv(r0, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}], 0x6, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
syz_open_procfs(r0, &(0x7f0000000000)='net/udp6\x00')
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:21 executing program 2:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
r2 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000040)=""/21)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000400))
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0x289}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
getsockopt$inet_sctp_SCTP_RTOINFO(r2, 0x84, 0x0, &(0x7f0000000480)={<r3=>0x0, 0x6, 0x280000000000000, 0x77}, &(0x7f00000004c0)=0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)={0xd, 0x0, 0x9, 0x4af7, 0x9, 0xffffffffffffffff, 0x6}, 0x2c)
getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r2, 0x84, 0x72, &(0x7f0000000a80)={r3, 0x4}, &(0x7f0000000ac0)=0xc)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))
ioctl$sock_bt_hidp_HIDPCONNDEL(r2, 0x400448c9, &(0x7f0000000000)={{0x0, 0x4, 0x9, 0x81, 0x401, 0x9}, 0x80})

2018/03/30 10:05:21 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='pids.events\x00', 0x0, 0x0)
ioctl$TTUNGETFILTER(r0, 0x801054db, &(0x7f0000000040)=""/57)
syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r1 = getpgrp(0x0)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
r2 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
ioctl$PERF_EVENT_IOC_DISABLE(r2, 0x2401, 0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x34, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}], 0x1, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:21 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x20000, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r9, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

[  195.849640] kernel msg: ebtables bug: please report to author: EBT_ENTRY_OR_ENTRIES shouldn't be set in distinguisher
2018/03/30 10:05:21 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0x0, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:21 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x6, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000880)='./cgroup/syz1\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

2018/03/30 10:05:21 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0x0, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:21 executing program 4:
r0 = syz_open_dev$dmmidi(&(0x7f00000007c0)='/dev/dmmidi#\x00', 0x95e3, 0xfd)
r1 = getpgrp(0x0)
clock_nanosleep(0x0, 0x0, &(0x7f0000000040)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
r2 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}], 0x1, 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000bbfff6)='/dev/ptmx\x00', 0x1, 0x0)
write(r3, &(0x7f0000000480)="4f7ad0c9e9ffe94802a848144523c0c253772400d4bba29028eac32e8d1e221207d3fa6c00644fe58f5930fd4c8ebb78dcf50bbc54c90c0ea17b4763dde5f9eedfc810b38375640258335444c9fe3d13", 0x50)
perf_event_open(&(0x7f0000b5a000)={0x4000000002, 0x78, 0x1e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$sock_inet_SIOCGIFNETMASK(0xffffffffffffffff, 0x891b, &(0x7f00000003c0)={'bcsf0\x00', {0x2, 0x0, @dev={0xac, 0x14, 0x14}}})
ioctl$TCSETA(r3, 0x5406, &(0x7f0000000300))
ioctl$KVM_GET_MP_STATE(r0, 0x8004ae98, &(0x7f0000000000))
getsockopt$ARPT_SO_GET_ENTRIES(r2, 0x0, 0x61, &(0x7f0000000480)={'filter\x00', 0x3d, "7f724187cfd2719d59206462bdc4a6ce4dc4ea8405431334d2cbe6557c6ce1b6b15fe76aa75b2c44b98a4fe6d14a09c817212f83443037f14e237fafcb"}, &(0x7f0000000400)=0x61)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:21 executing program 7:
r0 = eventfd2(0x7fff, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r9, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

2018/03/30 10:05:22 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0x0, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:22 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3)
r4 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82)
r5 = dup3(r1, r2, 0x2000000000)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r6=>r2, 0xfffffffffffffffe})
r7 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r8)
r9 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r5, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r9, &(0x7f0000000180)="15", 0x1)
r10 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r10, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r7, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r2, r4)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/net/pfkey\x00', 0x400, 0x0)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r6, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

2018/03/30 10:05:22 executing program 3:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x0, 0x4001)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
r2 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
ioctl$sock_ipx_SIOCAIPXITFCRT(r0, 0x89e0, &(0x7f0000000000)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000040)=""/21)
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}], 0x6, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:22 executing program 0:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
r2 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
open_by_handle_at(r2, &(0x7f0000000a40)={0x8b, 0x9, "41025c233d264362b31a0c36599f918b3f3a5c8825fa13e3f0e442a9603e42088e43bedfce3ace8692addf6992e1966be53b643d9f5e6e7e22cec03c7f8e653c489b767863be727ae6ffbec6f41dce22c7acf1754a4039c0b9e3b274622ceed75a7d78e380c6efa0785e2952b8b8d7aa48f65c8daec63693d287a92df90dc90665927f"}, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000040)=""/21)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000400))
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0x289}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:22 executing program 2:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
fcntl$getown(r0, 0x9)
getpgid(0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000002c0), &(0x7f0000000300)=0xc)
ioctl$TIOCGSID(r0, 0x5429, &(0x7f0000000340))
ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000380)=<r1=>0x0)
r2 = getpgrp(r1)
sched_setaffinity(r2, 0x8, &(0x7f0000a2f000)=0x9)
r3 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(r3, 0x8040451b, &(0x7f0000000040)=""/21)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000400))
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))
getsockopt$inet_mreqn(r0, 0x0, 0x24, &(0x7f0000000000)={@dev, @broadcast, <r4=>0x0}, &(0x7f00000001c0)=0xc)
bind$packet(r3, &(0x7f0000000200)={0x11, 0xff, r4, 0x1, 0x7, 0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x14)
setsockopt$packet_buf(r0, 0x107, 0x17, &(0x7f0000000240)="45226b78700d481cc6b049a780e4a816b97a97d80f7350608c3c351f82ade1a7b77b69eebd14250563518f5124b4488d42603f207a90c8edd68b2743ee794b69f5784966acc44bd8a8fd378aadd46d8de9299ffb5bc6a38554579f43d22e85dfb3f5b521a60e291bfaa1ecd62547dcd7", 0x70)

2018/03/30 10:05:22 executing program 5:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
getsockopt$IP_VS_SO_GET_TIMEOUT(r0, 0x0, 0x486, &(0x7f0000000000), &(0x7f0000000340)=0xc)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f0000000380)={&(0x7f00002fa000/0x1000)=nil, 0x1000})
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(0xffffffffffffffff, 0x8040451b, &(0x7f0000000040)=""/21)
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}], 0x4, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}], 0x1, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))
r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000400)='IPVS\x00')
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000a40)={0xea5, {{0xa, 0x4e24, 0x200, @loopback={0x0, 0x1}, 0x6}}, 0x0, 0x6, [{{0xa, 0x4e24, 0x0, @ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0x14, 0xaa}}, 0x7}}, {{0xa, 0x4e20, 0x80, @mcast2={0xff, 0x2, [], 0x1}, 0x4}}, {{0xa, 0x4e22, 0xffffffff, @mcast2={0xff, 0x2, [], 0x1}, 0x4c46}}, {{0xa, 0x4e22, 0x1000, @mcast1={0xff, 0x1, [], 0x1}, 0x1}}, {{0xa, 0x4e23, 0x71, @mcast2={0xff, 0x2, [], 0x1}, 0x1}}, {{0xa, 0x4e20, 0x200, @ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0x14, 0xaa}}, 0x10000}}]}, 0x390)
sendmsg$IPVS_CMD_SET_INFO(r0, &(0x7f0000000680)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x80800000}, 0xc, &(0x7f0000000600)={&(0x7f0000000440)={0xa0, r2, 0x110, 0x70bd2d, 0x25dfdbfc, {0xe}, [@IPVS_CMD_ATTR_SERVICE={0x7c, 0x1, [@IPVS_SVC_ATTR_PROTOCOL={0x8, 0x2, 0xff}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@loopback={0x0, 0x1}}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@loopback=0x7f000001}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x4b}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x20}}, @IPVS_SVC_ATTR_PROTOCOL={0x8, 0x2, 0x5d}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x2}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x3}, @IPVS_SVC_ATTR_PROTOCOL={0x8, 0x2, 0x7f}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@multicast1=0xe0000001}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x5}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x9}]}, 0xa0}, 0x1, 0x0, 0x0, 0x80}, 0x20004000)

2018/03/30 10:05:22 executing program 6:
r0 = socket(0x18, 0x0, 0x1)
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000000)={<r1=>0x0, 0x6}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000080)={0xffffffff, 0xd3, 0x8205, 0x3, 0xe41, 0x100, 0xffffffff, 0x2, r1}, &(0x7f00000000c0)=0x20)
mmap(&(0x7f0000000000/0xfd5000)=nil, 0xfd5000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp6_SCTP_CONTEXT(r0, 0x111, 0x11, &(0x7f000087bff8), &(0x7f00000001c0)=0x5)
mmap(&(0x7f0000eb2000/0x1000)=nil, 0x1000, 0x2000000, 0x20010, r0, 0x0)

2018/03/30 10:05:22 executing program 4:
syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r0 = getpgrp(0x0)
futex(&(0x7f0000000000), 0x3, 0x0, &(0x7f0000000040)={0x0, 0x1c9c380}, &(0x7f0000000400)=0x1, 0x2)
socket$nl_route(0x10, 0x3, 0x0)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
process_vm_readv(r0, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}], 0x1, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:22 executing program 6:
r0 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f000000cfe4)={0xa, 0x0, 0x0, @mcast1={0xff, 0x1, [], 0x1}, 0x4}, 0x1c)
sendmmsg(r0, &(0x7f0000007e00)=[{{0x0, 0x0, &(0x7f0000000380), 0x0, &(0x7f00000003c0)}}, {{&(0x7f00000004c0)=@in={0x2, 0x4e24, @rand_addr=0x7}, 0x10, &(0x7f0000000680), 0x0, &(0x7f0000000280)}}], 0x2, 0x0)
syz_open_dev$evdev(&(0x7f0000000240)='/dev/input/event#\x00', 0x0, 0x0)
r1 = syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x3, 0x0)
getsockopt$inet_sctp_SCTP_DELAYED_SACK(r1, 0x84, 0x10, &(0x7f0000000140)=@sack_info={<r2=>0x0, 0x6, 0x6}, &(0x7f0000000180)=0xc)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f00000001c0)={r2, 0x4}, &(0x7f0000000200)=0x8)
sendto$ax25(r1, &(0x7f0000000040)="0cf19727d24ca0cc23dd7fa7ef1c8ca83deb1705de5b92614069a7cf49a1c18862c59ad5dfe6a6744e62d99f36ead582051a5ccd4c7fb83379164ee49c9fb18af000bcc791597a5d9a909f313553c0af10123453229d94cfb468664149aaaffe3869e13283eb1741e650d1f83c8714904d027a601f95e6c076404124f59cae09590bd67a81833039a782ee4b655912638cdcc443d1cba9b8a7a0f21bf384af45691683003b10cdfe2ef493bb63fa743b46f34f8b662454d4847646bf976f49f1", 0xc0, 0x0, &(0x7f0000000100)={0x3, {"0a012180410edf"}, 0xf7}, 0x10)

2018/03/30 10:05:22 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:22 executing program 7:
r0 = eventfd2(0xb3, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f00000008c0)='./file0\x00', 0x1)
write(r6, &(0x7f0000000980)="15225df85c050000000000000064202c08b7e497767e2600c415b4cbaa41cf6218cb83badebe5bf1bad238212532952ba86d4b9715f561f2aab8a2e78fc9694a2ba65affd2a63995368259dea45818064bd20f2fbca6b24523e7e97bcee91952efbb9783903a20f65b873675d7f2581262ddaaebadf8ce077153488de9e703a53827dbcd2b29d42f2da9eeebc6bf76ba1767083b278ee7b2c6fefd5292aa10b1c5a51df0e809dbd34d5e7961544295b59aef2fa842ddd29ab77084e34b973e5eb4f69114b802", 0xc6)
r8 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r8, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

2018/03/30 10:05:22 executing program 6:
execve(&(0x7f0000000240)='./file0\x00', &(0x7f0000000380)=[&(0x7f0000000280)='%vboxnet1mime_typenodev\x00', &(0x7f00000002c0)='/dev/ptmx\x00', &(0x7f0000000300)='TPROXY\x00'], &(0x7f0000000080)=[&(0x7f00000000c0)='\x00', &(0x7f0000000400)='+}md5sum\x00', &(0x7f0000000440)='{\x00', &(0x7f0000000480)='}-\x00', &(0x7f00000004c0)='net/mcfilter6\x00'])
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='net/mcfilter6\x00')
getsockopt$IPT_SO_GET_REVISION_MATCH(r0, 0x0, 0x42, &(0x7f0000000180)={'TPROXY\x00'}, &(0x7f00000001c0)=0x1e)
mmap(&(0x7f000053b000/0x2000)=nil, 0x2000, 0x1000004, 0x40000002871, 0xffffffffffffffff, 0x0)
msgget(0x1, 0x1)
mremap(&(0x7f00000cd000/0x3000)=nil, 0x3000, 0x2000, 0x3, &(0x7f000053b000/0x2000)=nil)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000d00)='/dev/ptmx\x00', 0x3ffe, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5419, &(0x7f0000000040))
r2 = dup(0xffffffffffffffff)
ioctl$TUNSETLINK(r2, 0x400454cd, 0x10e)
ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000008ff8))
r3 = socket$inet(0xa, 0x2, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r3, 0x0, 0x80, &(0x7f0000000c80)=@broute={'broute\x00', 0x20, 0x2, 0xa18, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000200], 0x0, &(0x7f0000000040), &(0x7f0000000200)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, '\x00', '\x00', '\x00', '\x00', @remote={[0xaa, 0xaa, 0xaa, 0xaa], 0xffffffffffffffff}, [], @local={[0xaa, 0xaa, 0xaa, 0xaa], 0xffffffffffffffff}, [], 0x898, 0x898, 0x8c8, [@quota={'quota\x00', 0x18}, @u32={'u32\x00', 0x7c0}]}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x0, 0x0, 0x0, '\x00', '\x00', '\x00', '\x00', @random="46ca750fc811", [], @empty, [], 0x70, 0x70, 0xc0}}, @common=@log={'log\x00', 0x28, {{0x0, "19358fd7efa35ca2d7eb1767a4c43b69655391056303b97ef841b924cf71"}}}}]}]}, 0xa90)
socket$inet(0xa, 0x2, 0x0)
ioctl$TIOCGPGRP(r2, 0x540f, &(0x7f0000000200))

2018/03/30 10:05:22 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

[  196.767248] kernel msg: ebtables bug: please report to author: EBT_ENTRY_OR_ENTRIES shouldn't be set in distinguisher
2018/03/30 10:05:22 executing program 7:
r0 = eventfd2(0x0, 0x7fffd)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r3 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3)
r4 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
dup3(r4, r2, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r2, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r4)
r7 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r2, 0x4b45, &(0x7f0000000880)=0x8e)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r7, &(0x7f0000000180)="15", 0x1)
r8 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r8, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r2, r4)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

2018/03/30 10:05:22 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

[  196.859799] kernel msg: ebtables bug: please report to author: EBT_ENTRY_OR_ENTRIES shouldn't be set in distinguisher
2018/03/30 10:05:22 executing program 6:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f00001fefe4)={0xa, 0x4e22, 0x4}, 0x1c)
listen(r1, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = syz_open_dev$sndmidi(&(0x7f00000000c0)='/dev/snd/midiC#D#\x00', 0x99a2, 0x1)
ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)=""/15, &(0x7f0000000140)=""/44, &(0x7f00000002c0)=""/126, 0x100000})
write(r2, &(0x7f0000000080)="1f0000000104ff00fd438f7b00000000", 0x10)
write(r2, &(0x7f0000000000)="1f0000000104fffff13b54c007110000f30501000b000200720e0000000000", 0x1f)
r4 = syz_open_dev$dspn(&(0x7f0000000340)='/dev/dsp#\x00', 0x0, 0x2)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffff9c, 0xc00caee0, &(0x7f0000000280)={0x2, <r5=>r0, 0x1})
ioctl$SNDRV_TIMER_IOCTL_STOP(r4, 0x54a1)
sendto$inet6(r0, &(0x7f0000eb9fff), 0xfffffd65, 0x20000004, &(0x7f000031e000)={0xa, 0x4e22}, 0x1c)
syz_open_dev$audion(&(0x7f0000000580)='/dev/audio#\x00', 0x0, 0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000d81ff8)=0x101)
ioctl$sock_inet_SIOCSIFBRDADDR(r5, 0x891a, &(0x7f0000000040)={'sit0\x00', {0x2, 0x4e20}})
socket$pppoe(0x18, 0x1, 0x0)
getsockopt$EBT_SO_GET_INIT_ENTRIES(0xffffffffffffffff, 0x0, 0x83, &(0x7f0000000200)={'broute\x00', 0x0, 0x0, 0x17, [], 0x1, &(0x7f00000000c0)=[{}], &(0x7f00000003c0)=""/23}, &(0x7f0000000280)=0x78)
madvise(&(0x7f0000a90000/0x1000)=nil, 0x1000, 0x0)
getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000480)={0x0, @in={{0x2, 0x0, @multicast2=0xe0000002}}}, &(0x7f0000000540)=0x84)
r6 = socket(0xa, 0x1, 0x0)
perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$fiemap(0xffffffffffffffff, 0xc020660b, &(0x7f0000000000)=ANY=[@ANYBLOB="0000800000000000ffffffce220000004100000005"])
ioctl(r6, 0x8916, &(0x7f0000000000))
ioctl(r6, 0x8936, &(0x7f0000000000))
setsockopt$inet_sctp6_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000380)=@assoc_value={0x0, 0x9}, 0x8)
mkdir(&(0x7f000082f000)='./control\x00', 0x0)
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x10, 0xffffffffffffffff, 0x0)
r7 = syz_open_dev$sndctrl(&(0x7f0000006000)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r7, 0x40045532, &(0x7f000000affc))

[  196.951242] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
2018/03/30 10:05:23 executing program 6:
r0 = syz_open_dev$sg(&(0x7f0000001000)='/dev/sg#\x00', 0x0, 0x0)
r1 = memfd_create(&(0x7f0000000000)="37e6278e0f077e786b0993e761f63e2eb39451edf3adf26acdc7f8ba1c3976d4a10a20a0869b17fec8b3941f0d24b444bd05", 0x1)
mmap(&(0x7f0000000000/0xaa2000)=nil, 0xaa2000, 0x0, 0x11, r1, 0x0)
mmap(&(0x7f00002e4000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0)
name_to_handle_at(r0, &(0x7f00002e4000)='./file0\x00', &(0x7f0000002000)={0x8}, &(0x7f0000001ffc), 0x1400)

2018/03/30 10:05:23 executing program 5:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
clock_nanosleep(0xfffffffffffffffc, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1)
ioctl$ASHMEM_GET_PROT_MASK(r0, 0x7706, &(0x7f00000003c0))
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(r0, 0x8040451b, &(0x7f0000000340)=""/21)
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}], 0x4, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}], 0x1, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:23 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:23 executing program 0:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
r2 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000040)=""/21)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000400))
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0xffffffffffffffaa}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000000)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f0000000a40)=""/237, 0x289}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:23 executing program 4:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r1 = getpgrp(0x0)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
syz_open_dev$dspn(&(0x7f0000000040)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000600)={0x50, 0x0, &(0x7f0000000480)=[@increfs={0x40046304, 0x4}, @request_death={0x400c630e, 0x1, 0x2}, @increfs={0x40046304, 0x4}, @release={0x40046306, 0x4}, @request_death={0x400c630e, 0x3, 0x4}, @release={0x40046306, 0x2}, @request_death={0x400c630e, 0x3}], 0x3e, 0x0, &(0x7f0000000400)="e44cf4b836c8855abaa4e7c4190e565120188713bbbdfedac30041fb51fa31103b25c6f1bc5c68694ab80d9d7c9ff9b06c35e75cd0da204b2a7d19492852"})
syz_open_dev$admmidi(&(0x7f0000000440)='/dev/admmidi#\x00', 0xe000000000000000, 0x7ffc)
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x2fc}, {&(0x7f0000000340)=""/188, 0xfffffffffffffe8a}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0x5c}, {&(0x7f0000000080), 0xfffffffffffffdab}, {&(0x7f0000000000)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xffffffffffffff20}], 0x1, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:23 executing program 2:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
r2 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000040)=""/21)
syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x4, 0xa8040)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000400))
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000480)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))
ioctl$sock_inet6_tcp_SIOCINQ(r0, 0x541b, &(0x7f00000004c0))

2018/03/30 10:05:23 executing program 3:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x0, 0x4001)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r2=>0x0}, &(0x7f0000000400)=0xc)
r3 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(r3, 0x8040451b, &(0x7f0000000480)=""/21)
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}], 0x6, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
process_vm_readv(r2, &(0x7f00000004c0)=[{&(0x7f0000000040)=""/39, 0x27}, {&(0x7f0000000a40)=""/236, 0xec}, {&(0x7f0000000b40)=""/118, 0x76}, {&(0x7f0000000bc0)=""/69, 0x45}], 0x4, &(0x7f0000001200)=[{&(0x7f0000000c40)=""/236, 0xec}, {&(0x7f0000000d40)=""/169, 0xa9}, {&(0x7f0000000e00)=""/234, 0xea}, {&(0x7f0000000f00)=""/126, 0x7e}, {&(0x7f0000000f80)=""/242, 0xf2}, {&(0x7f0000001080)=""/194, 0xc2}, {&(0x7f0000000600)=""/30, 0x1e}, {&(0x7f0000001180)=""/72, 0x48}], 0x8, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:23 executing program 6:
r0 = socket$vsock_dgram(0x28, 0x2, 0x0)
r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x1, 0x0)
ioctl$TIOCGSID(r1, 0x5429, &(0x7f0000001340)=<r2=>0x0)
getsockopt$inet_IP_IPSEC_POLICY(r1, 0x0, 0x10, &(0x7f0000001380)={{{@in=@multicast2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}}, {{@in6}}}, &(0x7f0000001480)=0xe8)
stat(&(0x7f00000014c0)='./file0\x00', &(0x7f0000001500)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
sendmsg$unix(r1, &(0x7f00000015c0)={&(0x7f0000000040)=@abs={0x1, 0x0, 0x4e24}, 0x6e, &(0x7f00000012c0)=[{&(0x7f00000000c0)="8c975c05b117fa48803b1ab4956e36015f0c877cc418e5ca17ac1e97a2724aee879d8526ca3a8351034a077b613ee2c0cd83495e1d34df9501671b3e824ce594ce7fd8c35cb947abbd292d30bcba", 0x4e}, {&(0x7f0000000140)="6b5594f3c056ed58ed448c8558154b9d413a931b2f67ca96dc29ff93a33dd93444f2e5f6df046e7c2b36b40467d3d13bd8322f460728f6cc7953b109c0857c3ea534f4b579aa3cb028d9fa0a41068a98bd30f510b98d1182e252a98bf60fdaad4ca8e8528ab32d28bf9c168ddc5c030b08c1a67ad13f6a1241f8bd8245a13427909bb6161a8b59aa9fb9517020320ddfbf4ea05ec4b74b62718f4e152333869826ae5a58a00f8989b0dce88683bb62f35744705ffae074bfdfbe1ea4b53edca5712a2c2bb91a7e3c922beb18edfe5069854b24c86214eade079fc0afe4a5ecaa0e1d84459d0b7ca8479ff810d46d145d4250b48205a0232afb5a797eca5f1129659a29916bfdac629e41d9739ad33dadf47c239221b5e9a8bbe7b9c7cb4c64d704668f679fa6ad8a2e4c73f1ecab1de840e48ff0f80185af8b0a3ee695c257319ccc72f2e6c2006cc8c19ee4f39dc6362f9f45a7b3adb578be316d55ca8f220f614aeb9b7380aeae509790c089f5c5b1241b1f431410e659c219616d1b16294db0d9cfa8ce1bd9ea568a98a9fcd4af8d8229e8165279407f006e1aadd54a00423e224d23860495da1d855080f387d401a494e66a522c7787557eac53f267f0d7fa05f2d24a663150f0b9c7d3c1d6f11cc925044edd947095cc7ae8588af6deb7636fc0783b254f8f579abdd9d9af7e1c4c33457c804120b9df4233b3b60132005244b10357934a8d88f0ffa6261cad9ec1c29fdaa866452d9eb8f66ee1d0d59db97bf8e7ab07800154da7e5c3a153bec74898c5aa223f8b0d435c8d52fce6cea6c8943ad24d7978617a648c0327b5626b17490ceac2d6dbd96f6f25b9e9f56318cc39206fda006a2bd4ab6c66a152d634af4661a023e178bd8502b34fe622a09a30a12ff48838d118f771ec840ec520280df1fd7d0c4e8533d0793592f791255c276df62c18f2a6859fb785cb45fe3be72333206b09886782cc711468fcd3420aa8ce6701d805537246c0c89b0f672f898a080c311b4797249ad3c0d75f6fe81b87f3b1ed9363e104e1eea088a98d59d0603cd85308687c01fa6afe00d5f48a5cba68be58b09cad195c7c8b66e18f58944c2a4ace3cb532a4ca695b4e502c11ec8edee59f526a2d85889d1e36d31395ae8dd445bfc95e587a11589630126c0490af8cf29661ecb3f50cc459c42442bae3b210c494d470192e19125122044a4bbc1da05fbcc59900bff6f698c2fdc4c4aadb055b3bce749c18976128112cfec32cad95c06c0afc845d74c4117df1b4b6aee32fa0a00cd33181bcd5db38a981eeecff2d20699d030b114dcec86f6f5b041f5071e930f7607e999c75043ecd66f45085ecea6875f47d70fbd889a3b557f593cc9d0fb8003d9185186da289fda4323d268484edfeb9fcffde15738e1258381aba1968e9819b53f7e69cbc0538bda13c053275489c661a5456f27a368e161ec39b111de120391204f421bbb1d5eefef8f3795ef12151c44e4147a578bd61e8b44cc3bcbee65bc6f5240e15cd94ce99ccaa9567f804b253d225eef631380430d7c4f744f6b86d8aa81837ffc9e74447ef3ed2564dd98d58a83e0374b2ecee2657e60b5ae6211862fc4f5de4a5c047905c5a69801ba3ce89e9c08d34c974dbc61bc5633ff29b8609c7b9f2170e64c06b8f432e01ee198544abf648e902ee1bfd06360c17f34078ec7a706388b254d273c04870e1c331619c534508dba59193ab9396f78d0e49feb1f273bf186fc655f22644ec9187e0e15688f6f4e1a15f2dcc403f13f1912c73eddd7903a86b1f37a45f88a03581ec3820f3af7c57f2037494d47f35ad7ec103e8d6d56b5b6709d020b7820222f5e673ab58c5bcbcbb19057878f10faa6a48b8865f22021ef4d8a58d70a80ea15012c750b8d3d496cf4aeeaefa0972e8606080c44e3d13efcc35b260eb30835005836576d724a3aed1493fe89419899083031c2213018951d4ef0edaa526cbaaad505eadeb896d84c7c955f62e309019497a0c48ab4266cd4735797c6598c809a1ef4f7b169c13c63b512fa42d9017b2d66e32b35dbe576aed4d29c80ab695c8dd8c4138d37109267687297d5ed5a3bca037dd8a33c46d1a089464c049296753980ace5c26b6953d1a248d04d555e58cae6b2273036ed22d9b333e0acb7d5f8d9ea437852bac417317b62356f4d161d13ce26ac1cd68b3bb1568f7c52ab1599e13733e74e4af5f1f00ceff73ed5481ba33337808c3b66836aa5f5b329efd85eda92435b854749590214d10b0378a10f832fb76cf47459fe9df7cfc2aa43c7ebb74d67ae52b30a74a6de24475fc0c5e64704ea56a7af8d06584c03828ec0d688ab1e4c75a735ab6f21f46d7c31768e37a80f91743d1f9af2b2986632290b398982e0bcdde6e8a4897f55b6651415cedbeb20f69f7934e8bddad8fa90ee2ffe6559c53b6daf161331a57db7381be16017be9f5ff4d783155bef6ce2785c7b855cf607ec1c74ab0f9369ee45a7085ac6969ef2e14960628cda391da900c580357d3a623afde695c57e51ba7204430c79542ce0780b2059f34f3d7ea29e3af75c335129e8ebe06c634594cb9049b6c124e67d8022520f893c7cee566b125b8d9e619ab148a00ffb8a81985d82bab61b2ff171a2d021321681cf0bf68f16038e7bf92d46b1c6a7eb3ad91ed4411c099d9d9fd8c78bf41ba968c1e543e12fbf80e2f444af3f9fe2027b59b7e8a48b129ebb7d2c36a7b167c7579abdab4c4487b261a439d5859d027a6907e6618256d2c139c08f8aec01c1b726a04cda7bc5181c4bcf3421786411c46fd6d16ed684d186c807958a885d9dc7ac317f966a618b879b0aecc38a3eac6e5c62d885cb445b667c19f396cb76d09a17e306c0850c0194da60b593ea92b2219ff08f4b18ecd9c6fb63e41d8e6fd9cb0c73522357f3afac68062df1f3064230ec5ab8af16788c95332737cf018b27273d03cfdb1794db4d365d672a66e5be79dc0d1f3627b967bae668474dd879d7fd1e6435cc3d2f718c1308dbb41a23dbf72eb34b6d2bfe641aac8fc853f3cd9c3226eb2fae5193c81f377fd60bafda3f119a59cdd53a1f04089c85287c2fcbdb4986e6ffad9ccd7beafc950f70922cf8b1205aaf8eb750bc28c2e5d3f04279125b7806ffb6232d999aadf10df7393eb4cb2ccc7f7121db86de0292d31e771f149fcac723d5f06545a70e7425e2002f934937cd25ec129bd81abf441a7e37c75d47600efa3eb7f54f95effefab074b25f74249739bd269922cf70c581ac3263c79bde7ac88adb061cd82c55291f8a3d86ecfcb1f10a5c72d40fc427a68ce5cb8a588cdbc79a2872f311f1292e24eb763736bba6f1158220eea2e3d5504973c6484b53162bc836ec399d3820ca814abe0e9c7b6f1fa7d1813beae140e854c03b7cce476b32ed0c66f6c14dfdb8b03fd439ff78bbb7bff70755ec06b4fff95ebf637b8e88b038e795ada36a3737701d3fc666cb1f43826753e9aadc6e37df91c5437a802c503fa5bade3821ef2c84b6ea644c3497db40d22dca363985b999ec55e71d8d110f60a0e15b69d3474112be5a228ff982afc760030300243babcc9367f7eae4f5797230994e3abef81a9f1c3942c74e476f7d948ab689557f89e6b1356a85157171b4833eb66d9ea5e7f91044283772b0e89f0ead8de5dfc2dfb27c2805321e7c485b6be7fa701ab1ea30cb9239e6ba656192de83d9702be4c0fa9bbc104f1ac267772283b5c90399693adc26e8e83be26243b510b334001c3e58f1238a1a10ce93779b802ea4f10e31dc5b026b6929ff1b486698fb29e885ccba3c66fc77034796ce53d3558c4a6dde65df1d384089adbed7f14f50930bb1840feaf43ce4ca00ec80b1d8dffcb2b82352036dbc712ecb997c3d0ad58ac7ea431f52521c8b3863452cd49b4d01b6109169732b6781775ae74a80a5eaf8effbc470dd9aa4a875f82f4c95dbee009633ab3df98c181844938330c2edc2101f91e85c182e95bbcd4efd93aa2d24637b6376c3256601965195e2928f0a1db90071c35e1925e4f2fe9585d90453549c5904a4dfe10f713d0044685bf74401b9b4342f22f828da9af4b4a318872e18c96e259434acfa3135e6537f8d114453258f85459b9ea4c1c662046d3d4ad1e8df8a293bc896781087cc01d8efe96f90f2cb989b17a8e55af845f09943bb59a9ec5316a9b830739db71ef45d18ef427538619ab7522c27698b57b476f5c32bec88b4d633cfcef990b754eaa8bd02edc3c03d9b0de38d7f3c03dc61b9a5e234cb2388809a82f38b529446ef233d34298753b6b60af029d7a7f50a2793cee02d48542f266ce1afa4006fc8b97a969f7e86ca6ece133d023c07994495d229eba126e4004b169e467d7bc952a98ed0c075645de935fc62180c848ea861f58374eb73f001428482b93bb5dd74ae5de6dd085479d804d13747d9fa553279b799f4457fbfb1ced34c5c3af029e2633237a33eb76e48f80c466a167f47a6570703ccc7b1f1ca767e56e0c6db34764ba37bebd7b7c7a169dbb8f19bab2e03155c44d6e4dfaaa3b6c966a9e2cb155da68378c794c9d5d11310457440c3b879866c7f9ca40b79d2cad493781410a46eb9f72b067760eca4f22f25f25914a086e761433e3091b5cf6e7868e5f9e96602f8a91f3dde5db3a8553ad7e9ef0355dcddbe771089b5d2c1951ce90e611830a3c8ff851e30c15306b43656d6ec89cb6fb43a2c6f7e7b3883922116abbead3565dd121033c12bedce436b68f16309b32d98d5626b0d771a6e7b9e6f8e808efbe98fac76285ee363ebc5b2621c5de32bd6a4faf3c2cb08eaad8342cac460f13ee9b6aa7986b6569f509a2bec7af1f6bd77dff6dc65c7a133d1bfbb31ac6bacd1dc89ea970eea81b2638ed5977bc4b9d9cafc24a8cf407410cc4649bdc762d8ab736b705389d79d94ded3d8c18f847cbfca01bf0ba6e05d38fa6548bc3fa676a90bf9147dc4efc99afe176672373adb72a9dcf741fdee56ea16e0bbc59d02e0e1a15fd64bb2ce235d4d6a86204d40f22e579c3b6579e7cab0c9520d6a4b86a7224a3af6adb986c2176d78e7481177ed6fe419bec2b00ab876293983055066a4ddb617713c19323fb9d49075af96e8c28a961e83f544fee4b36d69c65ff443f850a251d6098cf3612dd0786bc747357599237d5e8ca471b3128957a762061dccabe4513a9972489677b8c0c14507cbf936d4bcdf961bac9a56eb6638726af5bb496705b0b751ca258b68cd22d43e30fa5533d20c5f8282da82f4e7108fd330a12e8727e201b023b94c159e7e9096c1b80a252a05649808964f63b21f35fc7fad5e23fc3962495e4ea63106acb2d3bfed1c0113fde14576e194117d6d4639126e52be4c58e219b4b6f853f198ac604831e4f6fea3ac2f9178c61316d13003195550d4db1403fa43bc9bc4da9782ab0e3f20a8b6ba9251c4ff94e2410c605d211b5c29dc45c43a10f75d68595f755e64072ac4175baf6dabe80e274df95aa97f4ec482403ec1d3a2b18d08a840af4ff798d52d61c8e69341c522c2ed6179295f66196222027cbc65c4b9c6c0ae7d4f90e93c5f1e7da918ee811909d9d66d03b5015e14e6cc1257469a699a56cf29d673a9e9e23c681bc5c8e59406063db054cd2ce4e4e04834bd65e5c647a7492decb65c78d2821ba4cdb90e66d0586942f08800a1c1cfa48c1befa7e7e98e9e9926f23d243e1ad89f2aeb911f65ed37581e7f90c9a6ecab0bcbc6284422e715e90bf2ec384ee2f427228dc5", 0x1000}, {&(0x7f0000001140)="9caf600f39f4a55066512c84cc255799ecd860b480d91f5193e6bae3587bb7010c97d62821b84b1abd347e821a5ffeab48b4439a3894c438201e43b390fa", 0x3e}, {&(0x7f0000001180)="231efd783f45a9899b620d7d90083579ae6d479b9baea660bea6b7a89e537be016128b36f61ae30f230e816c5559329baa3573f016cf4b3320e5b38675", 0x3d}, {&(0x7f00000011c0)="f349c5fee4f36d9f54d15b97db58a756aa7f896d55c63f977d97db11103cfa08d260b5c36dcec44b3ab846f50e26f5b60c71ce84e6ca664f61426ceca671786f1def0a504ab96240c90c1c8ded6330c727919d700deabfd45da066bf38b645924e2201088fe23ca42aeed229695076f9ed87c2768919d5c49bb24b2e8da5481c2c3376e81aad20746030e4a54bdcd9db21bd2d4522c74419cf55caea351b1c8909b921d5e061defc1b8af62f1831feadbeadbf6a96153eba5f179e79f463af717b188fee56098a5211900337f869894effd6d07e45aa233ba72d48919ff6571c4c4ade7160f0ec828175c1a0fa65", 0xee}], 0x5, &(0x7f0000001580)=[@cred={0x20, 0x1, 0x2, r2, r3, r4}], 0x20, 0x4004000}, 0x20000000)
sendmmsg(r0, &(0x7f0000fb0000)=[{{&(0x7f0000a08000)=@generic={0x0, "369f2c9053f95320a174b9ce730500cd261ea4fdfbc96d5b7360cea43580701ff6a81df561866ae3d9aea582d28a08010ad88bf56f41e557e87594b5c9b787004d26bc081b93a94a5e32efc7fcd95a96f1eeb98502c629cfb48aa486b4d15b47d2b930b4318910922e4470cf8efae2c1b57e78c818dc8d273bd970429a96"}, 0x4e, &(0x7f0000f2c000), 0x0, &(0x7f0000000000)}}], 0x1, 0x4008881)

2018/03/30 10:05:23 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:23 executing program 7:
r0 = eventfd2(0x8, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
r1 = syz_open_procfs(0x0, &(0x7f0000005000)='projid_map\x00')
lseek(r1, 0x2, 0x0)
write$tun(r1, &(0x7f00000008c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000872272714b7f5cc49e5834b73afd16ad1be53befb6fc0f1b0f7c2952b552baf3f75b8aa5cc5192a3d0079746dfa2afba96a498c075f323cbd51e7f5fb2227c95ee029733ea1b1dc7adf915059890723796940ab68ef0f4f5a55796822fa9d0c373ba799aa7b8b04489c5440f35aeffd9bffd829fb0cffb12f78f76cc8492e53a6aa90cbfe69c2f9585f218892ed316570fbf8192c86de2e55b403a386cfde48ee9856c5aea4d4347"], 0x20)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/autofs\x00', 0x1, 0x0)
r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3)
r4 = socket$inet(0x2, 0x3, 0x3fc)
ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82)
dup3(r2, r4, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000880)={0x100000000006, r2, 0xfffffffffffffffe})
r5 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x200002, 0x0)
fchdir(r6)
r7 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r7, 0x4b45, &(0x7f0000000380))
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x8)
write(r7, &(0x7f0000000bc0)="0008d3aea6b3270b9b6eb9b786e1811020ad8718915c27cbebb46e6dfd56c24e97b2fda84c49ab2e894272fa0e7b5e4f7a7fcf5aa9503d209d72f0f12ddb8ca1febbf85737d267118fcb641bf5bbfa797539eea54db53480d902caad95c5ab11abdad59e1c6e7235bea50ec9047972238acf4e4694562e32796fa1e9b5cdc50013f5b85ec6314195e84992fb2bf45f624ff760b74d5b962814d6a985211827cdb8d036c2973c9290889a78504278eb8860a44c2235e21b797a1b3902943924ba187b38d584809ba2e2a5028de5bc03aff6ba5ae4d899628a1d430d134111b614f5140960faf4d0acbecb9dce1e983e9850182c025e3c111c457a8b67b968bd9866abeddbf14ebf1aa26e2ae4374caeaa2f6e7bdd23b3e1c16c57b64b0932921fd397ee21c624206ca96b1304dd34d3a2b3a55c65bbaab294274cc86e55ab05249cab3bf30d2734b9cf93dd962246967b6d4a5a9d3d300e2a173d7151e97b0c6cd9c06a7ce17aef07633d8cfd41a6b590638e1064178d55283e73d43ce6dd036af6ff459ab8f8be7fd798", 0xfffffffffffffe2d)
r8 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r8, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r5, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r2, r4)

2018/03/30 10:05:23 executing program 6:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00003e0000)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$FIONREAD(r0, 0x541b, &(0x7f0000000140))
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x200000000})
r1 = syz_open_pts(r0, 0x800)
read(r1, &(0x7f0000a8bfff)=""/1, 0x805031ae)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000fd0ffc))
ioctl$GIO_FONTX(r1, 0x4b6b, &(0x7f00000003c0)=""/169)
r2 = creat(&(0x7f0000000000)='./file0\x00', 0x40)
r3 = dup3(r1, r0, 0x0)
ioctl$KDDISABIO(r2, 0x4b37)
setsockopt$bt_BT_SECURITY(r2, 0x112, 0x4, &(0x7f0000000240)={0x6, 0x4}, 0x2)
ioctl$TCFLSH(r0, 0x540b, 0x0)
ioctl$DRM_IOCTL_AGP_ENABLE(r2, 0x40086432, &(0x7f0000000100)=0xff)
getsockopt$IP_VS_SO_GET_VERSION(r2, 0x0, 0x480, &(0x7f0000000300), &(0x7f0000000340)=0x40)
fstat(r3, &(0x7f0000000180))
ioctl$sock_bt(r3, 0x8907, &(0x7f0000000040)="a339757f63cd383c62b92ec3e71e0c272525906eddeef3f0b827b7e08ba1c4a794323b05edbf2dd8d851b0fc61accdc9580eb04623bdabfbd65f3e1971e5b6c7445a6bd281a5ebe47fc46c7617c6508ea4c6945b75be048ff8dc90eafc890957959679667e60593f223e14cc2e955a6902b2a8cd7aee741ad1cf4f681f2131816bb5193d")
ioctl$KDGKBLED(0xffffffffffffffff, 0x4b64, &(0x7f00000002c0))
setsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(r2, 0x84, 0x8, &(0x7f0000000200)=0x100, 0x4)
r4 = syz_open_dev$sndpcmc(&(0x7f0000000380)='/dev/snd/pcmC#D#c\x00', 0x7, 0x40)
ioctl$sock_bt(r4, 0xdd17, &(0x7f0000000480)="a1250e49d3bb2ab2bd06d31fdfe81d4cd77c38cb1ee1920a97f24fe47c002a381643b5fdb9a4e4e70993726b90c37660639f7625f3f67cd5b25e5943aa338aff1ece226905e973e1e6d9dc030517a75348c81d861d17f329201aa950649af606deea26dfe4a60a22693f1ca8d15891029be04342d83506b825c5bdecc8ebae36dfb83a4f74a1f85acc5ec54df10925ab93f13a0f3d16672fa4f9761d3b24ec4ec1df52c03180ce48387aa66a948329eba5cb29d1ab1846bc98b0be8b1168664f3863a894a8cd18bdfe594bf9e07d11eb75cd9b4aeb807e73014d083da91ac39e46fbd5e9b315bb840b2e9007e463d9e2dc0eb39816e95617459f2e591d88")

2018/03/30 10:05:23 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:23 executing program 6:
perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
gettid()
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCGLCKTRMIOS(r0, 0x5456, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10001, 0x80})
socketpair$inet6_dccp(0xa, 0x6, 0x0, &(0x7f0000000200))
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.stat\x00', 0x0, 0x0)
setsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f0000000180)={0x3}, 0x4)
r2 = getpgid(0x0)
r3 = gettid()
r4 = syz_open_dev$adsp(&(0x7f0000000080)='/dev/adsp#\x00', 0x1431, 0x400)
setsockopt$inet_sctp6_SCTP_EVENTS(r4, 0x84, 0xb, &(0x7f00000001c0)={0xffffffffffffffff, 0x0, 0x7, 0x7ff, 0x3, 0x66da1568, 0x2000000000000000, 0x80000000, 0x400, 0x1, 0x6}, 0xb)
kcmp$KCMP_EPOLL_TFD(r2, r3, 0x7, r0, &(0x7f00000000c0)={r4, r0, 0x8})

2018/03/30 10:05:23 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000880)='/dev/loop-control\x00', 0x4, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r9, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

2018/03/30 10:05:23 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x0, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:23 executing program 6:
perf_event_open(&(0x7f0000348f88)={0x2, 0x78, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='personality\x00')
r1 = socket$kcm(0x29, 0x2, 0x0)
ioctl$FUSE_DEV_IOC_CLONE(r0, 0x8004e500, &(0x7f0000000040)=r0)
sendfile(r1, r0, &(0x7f0000076ff8), 0xffffffff)

2018/03/30 10:05:23 executing program 6:
recvfrom(0xffffffffffffffff, &(0x7f0000000280)=""/191, 0xbf, 0x40000040, &(0x7f0000000340)=@can={0x1d}, 0x80)
r0 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x82)
r1 = perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0xe2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f000074ffc8)={&(0x7f000001a000)={0x10}, 0xc, &(0x7f000000e000)={&(0x7f00000000c0)={0x14, 0x4000000000020, 0x2ff, 0x0, 0x0, {0x1}}, 0xffffffffffffff80}, 0x1}, 0x0)
r3 = memfd_create(&(0x7f00000000c0)="74086e750000000000000000008c00", 0x0)
ioctl$LOOP_CHANGE_FD(r3, 0x4c06, 0xffffffffffffffff)
pwritev(r3, &(0x7f0000f50f90)=[{&(0x7f0000000040)="aa", 0x1}], 0x1, 0x81006)
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000200)='/dev/loop-control\x00', 0x800, 0x0)
getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000640)={<r5=>0x0, @in={{0x2, 0x4e23, @local={0xac, 0x14, 0x14, 0xaa}}}}, &(0x7f0000000700)=0x84)
getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r4, 0x84, 0x22, &(0x7f0000000100)={0x8, 0x0, 0x2, 0x2, r5}, &(0x7f0000000140)=0x51)
ioctl$DRM_IOCTL_WAIT_VBLANK(r3, 0xc018643a, &(0x7f0000000500)={0x0, 0x3ff, 0x2c})
getrusage(0x1, &(0x7f00000003c0))
fcntl$F_SET_RW_HINT(r3, 0x40c, &(0x7f0000000600))
ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r3)
ioctl$LOOP_CLR_FD(r3, 0x4c01)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000240)='/dev/loop-control\x00', 0x100, 0x0)
socket(0xa, 0x80806, 0x0)
ioctl(0xffffffffffffffff, 0x8936, &(0x7f0000000000))
r6 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_inet_SIOCSIFFLAGS(r6, 0x8914, &(0x7f00000000c0)={'bridge0\x00', 0x21fff})
ioctl$sock_inet_SIOCSIFFLAGS(r6, 0x8914, &(0x7f0000000140)={'bridge0\x00\x00 \x00'})
ioctl$LOOP_CLR_FD(r0, 0x4c01)
sync()
ftruncate(r1, 0x1)
rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file0\x00')
openat$cuse(0xffffffffffffff9c, &(0x7f0000000580)='/dev/cuse\x00', 0x82400, 0x0)
setsockopt$SO_VM_SOCKETS_BUFFER_SIZE(0xffffffffffffffff, 0x28, 0x0, &(0x7f0000000000)=0x9, 0x8)
setsockopt$SO_VM_SOCKETS_BUFFER_SIZE(r3, 0x28, 0x0, &(0x7f00000005c0)=0x3, 0x8)
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x14, &(0x7f0000000480), &(0x7f00000004c0)=0x14)

[  197.909311] device bridge0 entered promiscuous mode
[  197.929114] device bridge0 left promiscuous mode
[  198.029091] device bridge0 entered promiscuous mode
[  198.041830] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
[  198.078461] device bridge0 left promiscuous mode
2018/03/30 10:05:24 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000880)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f00000008c0)='./file0\x00', 0xfffffffffffffffe)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r9, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

2018/03/30 10:05:24 executing program 6:
clone(0x200, &(0x7f0000151000), &(0x7f0000000080), &(0x7f0000f8b000), &(0x7f0000000100))
mknod(&(0x7f0000b75ff8)='./file0\x00', 0x2001001, 0x0)
execve(&(0x7f0000f8aff8)='./file0\x00', &(0x7f0000000240), &(0x7f0000002000)=[&(0x7f0000002040)='/dev/audio#\x00', &(0x7f00000013c0)='/dev/audio#\x00', &(0x7f0000001b80)='-\x00', &(0x7f0000001f00)='*vmnet1nodevmd5sum#.\x00', &(0x7f0000001f40)='cpuacct.usage_percpu_sys\x00', &(0x7f0000001f80)='*vmnet1nodevmd5sum#.\x00', &(0x7f0000001fc0)='*vmnet1nodevmd5sum#.\x00'])
r0 = syz_open_dev$evdev(&(0x7f0000000180)='/dev/input/event#\x00', 0xe6e, 0x400000)
ioctl$EVIOCRMFF(r0, 0x40044581, &(0x7f00000001c0)=0x8)
r1 = syz_open_procfs(0x0, &(0x7f0000000280)='syscall\x00')
signalfd4(r1, &(0x7f0000001380)={0xffffffffffffffff}, 0x8, 0x807ff)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000001340)=<r2=>0x0)
getpriority(0x0, r2)
preadv(r1, &(0x7f0000000040)=[{&(0x7f00006f0000)=""/154, 0x9a}], 0x1, 0x0)
lseek(0xffffffffffffffff, 0x0, 0x0)
ioctl$DRM_IOCTL_DROP_MASTER(r1, 0x641f)
getsockopt$inet_dccp_buf(r1, 0x21, 0x10, &(0x7f0000002100)=""/4096, &(0x7f0000000140)=0x13dd)
ioctl$EVIOCSABS3F(0xffffffffffffffff, 0x401845ff, &(0x7f0000000300)={0x0, 0x0, 0x10000000000, 0x0, 0x2, 0xef71})
finit_module(r1, &(0x7f0000000000)='*vmnet1nodevmd5sum#.\x00', 0x3)
pread64(0xffffffffffffffff, &(0x7f0000001b00)=""/53, 0x35, 0x8000000000)
open$dir(&(0x7f00000000c0)='./file0\x00', 0x1, 0x10)
r3 = getpgrp(0x0)
inotify_add_watch(r1, &(0x7f0000000100)='./file0\x00', 0x800)
process_vm_readv(r3, &(0x7f0000001800)=[{&(0x7f0000000340)=""/4096, 0x1000}, {&(0x7f0000001400)=""/142, 0x8e}, {&(0x7f00000014c0)=""/220, 0xdc}, {&(0x7f00000015c0)=""/176, 0xb0}, {&(0x7f0000000200)=""/66, 0x42}, {&(0x7f0000001680)=""/123, 0x7b}, {&(0x7f0000001700)=""/84, 0x54}, {&(0x7f00000002c0)=""/11, 0xb}], 0x8, &(0x7f0000001c40)=[{&(0x7f00000018c0)=""/249, 0xf9}, {&(0x7f00000019c0)=""/53, 0x35}, {&(0x7f0000001a00)=""/244, 0xf4}, {&(0x7f0000001bc0)=""/94, 0x5e}], 0x4, 0x0)
setsockopt$inet6_MRT6_ADD_MIF(r1, 0x29, 0xca, &(0x7f0000002080)={0x82, 0x1, 0x1, 0x0, 0xacfe}, 0xc)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000001e00)={0x0, 0x6ecd, 0x10}, 0xc)
creat(&(0x7f0000b7a000)='./file0\x00', 0x0)

2018/03/30 10:05:24 executing program 0:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
r2 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000040)=""/21)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000400))
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0x289}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
setsockopt$SO_RDS_MSG_RXPATH_LATENCY(r2, 0x114, 0xa, &(0x7f0000000000)={0x2, "9428"}, 0x3)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:24 executing program 4:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
ioctl$TUNGETVNETHDRSZ(r0, 0x800454d7, &(0x7f0000000000))
r1 = getpid()
tkill(r1, 0x22)
r2 = getpgrp(0x0)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
r3 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
ioctl$KDSETMODE(r3, 0x4b3a, 0x10001)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
process_vm_readv(r2, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}], 0x1, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:24 executing program 3:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x0, 0x4001)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
r2 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000217000/0x3000)=nil, 0x3000, 0x1)
setsockopt$inet_MCAST_JOIN_GROUP(r2, 0x0, 0x2a, &(0x7f0000000a40)={0x1f, {{0x2, 0x4e23, @local={0xac, 0x14, 0x14, 0xaa}}}}, 0x88)
mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1, 0x47013, r0, 0x0)
ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000040)=""/21)
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}], 0x6, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))
sched_setaffinity(r1, 0x8, &(0x7f0000000000)=0x2)

2018/03/30 10:05:24 executing program 2:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$IP_VS_SO_SET_STOPDAEMON(r0, 0x0, 0x48c, &(0x7f0000000000)={0x0, 'ip6gre0\x00', 0x4}, 0x18)
r1 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r2 = getpgrp(0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000a2f000)=0x9)
r3 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(r3, 0x8040451b, &(0x7f0000000040)=""/21)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r1, 0x84, 0x1, &(0x7f00000001c0)={<r4=>0x0, 0x9, 0x3f, 0x200, 0x1f, 0x6}, &(0x7f0000000200)=0x14)
getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(r3, 0x84, 0x1b, &(0x7f0000000480)=ANY=[@ANYRES32=r4, @ANYBLOB="ed0000000341c45cf94a83771a487af007e8b8985456db9667d6d41fe5593a4b7c5ba0c602aaa7a386e2e1b8a07d9e7b7c9bd9d111971764bee0318e8223a302cd23b1d08b88bcb8ee62700e89b315d38dbf37d6235eb94a49d6ac87c9494d81b05e89fbbcecced913fe96909ea6f7c7173b15c08acfe858bc26742161f04da0179ed16a3c2bcafdbb54878d734a68620e733ad2ad0db478a61c6f772b2fb1e4a407c79081a1fa64ffca1d4b6e312eed71c5b8467d4e24ffe10e92defc0631bd2a12d15bc4a0b11c85a851aa54e4dbfc649979511068d8d8438c5dc13abe8598bd18ed7ba3d7f1271a177c30af4afcc3920877c086882daa5fb13e"], &(0x7f0000000340)=0xf5)
ioctl$sock_SIOCOUTQNSD(r1, 0x894b, &(0x7f0000000400))
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:24 executing program 5:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(0xffffffffffffffff, 0x8040451b, &(0x7f0000000040)=""/21)
process_vm_readv(r1, &(0x7f0000000000)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}], 0x4, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}], 0x1000000d, 0x0)
ioctl$KVM_SET_REGS(r0, 0x4090ae82, &(0x7f0000000340)={[0x0, 0x1000, 0xffffffff, 0x40, 0xffffffffffff8000, 0x200, 0x748, 0x200, 0x0, 0x200, 0x6, 0x9, 0x80000000, 0x3, 0xaac2, 0x2], 0x2})
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:24 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x0, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:24 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x0, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:24 executing program 4:
syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r0 = getpgrp(0x0)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
process_vm_readv(r0, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}], 0x1, 0x0)
wait4(r0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:24 executing program 7:
r0 = eventfd2(0x3, 0x80002)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000880), 0x10ed5b)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
ioctl$ION_IOC_ALLOC(r1, 0xc0184900, &(0x7f00000008c0)={0x1, 0x2a, 0x1, r1})
r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3)
r4 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82)
r5 = dup3(r4, r2, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, r2, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r5, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r9, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r2, r4)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)

2018/03/30 10:05:24 executing program 6:
execve(&(0x7f0000000240)='./file0\x00', &(0x7f0000000380)=[&(0x7f0000000280)='%vboxnet1mime_typenodev\x00', &(0x7f0000000300)='TPROXY\x00', &(0x7f0000000340)='/dev/ptmx\x00'], &(0x7f0000000540)=[&(0x7f00000003c0)='\x00', &(0x7f0000000400)='+}md5sum\x00', &(0x7f0000000440)='{\x00', &(0x7f0000000480)='}-\x00', &(0x7f00000004c0)='net/mcfilter6\x00'])
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='net/mcfilter6\x00')
getsockopt$IPT_SO_GET_REVISION_MATCH(r0, 0x0, 0x42, &(0x7f0000000180)={'TPROXY\x00'}, &(0x7f00000001c0)=0x1e)
mmap(&(0x7f000053b000/0x2000)=nil, 0x2000, 0x1000004, 0x40000002871, 0xffffffffffffffff, 0x0)
msgget(0x1, 0x1)
mremap(&(0x7f00000cd000/0x3000)=nil, 0x3000, 0x2000, 0x3, &(0x7f000053b000/0x2000)=nil)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x4000, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5419, &(0x7f0000000040))
r2 = dup(0xffffffffffffffff)
ioctl$TUNSETLINK(r2, 0x400454cd, 0x10e)
ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000008ff8))
r3 = socket$inet(0xa, 0x2, 0x0)
ioctl$sock_netrom_SIOCGSTAMP(r2, 0x8906, &(0x7f0000000080))
syz_open_dev$mice(&(0x7f00000000c0)='/dev/input/mice\x00', 0x0, 0x200800)
setsockopt$EBT_SO_SET_ENTRIES(r3, 0x0, 0x80, &(0x7f0000000c80)=@broute={'broute\x00', 0x20, 0x2, 0xa18, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000200], 0x0, &(0x7f0000000040), &(0x7f0000000200)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x3, 0x0, 0x0, '\x00', '\x00', '\x00', '\x00', @remote={[0xaa, 0xaa, 0xaa, 0xaa], 0xffffffffffffffff}, [], @local={[0xaa, 0xaa, 0xaa, 0xaa], 0xffffffffffffffff}, [], 0x898, 0x898, 0x8c8, [@quota={'quota\x00', 0x18}, @u32={'u32\x00', 0x7c0}]}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x0, 0x0, 0x0, '\x00', '\x00', '\x00', '\x00', @random="46ca750fc811", [], @empty, [], 0x70, 0x70, 0xc0}}, @common=@log={'log\x00', 0x28, {{0x0, "19358fd7efa35ca2d7eb1767a4c43b69655391056303b97ef841b924cf71"}}}}]}]}, 0xa90)
r4 = socket$inet(0xa, 0x2, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r4, 0x0, 0x80, &(0x7f000000a000)=@broute={'broute\x00', 0x20, 0x1, 0xd0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20009000], 0x2, &(0x7f0000008000), &(0x7f0000009000)=[{0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x19, 0x0, 0x0, '\x00', '\x00', '\x00', '\x00', @remote={[0xaa, 0xaa, 0xaa, 0xaa], 0xffffffffffffffff}, [], @local={[0xaa, 0xaa, 0xaa, 0xaa], 0xffffffffffffffff}, [], 0x70, 0x70, 0xa0}}, @common=@NFQUEUE0={'NFQUEUE\x00', 0x8}}]}]}, 0x148)
ioctl$TIOCGPGRP(r2, 0x540f, &(0x7f0000000200))

2018/03/30 10:05:24 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x0, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:24 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x80000)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r9, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

[  198.691775] kernel msg: ebtables bug: please report to author: EBT_ENTRY_OR_ENTRIES shouldn't be set in distinguisher
[  198.752271] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested
[  198.815698] kernel msg: ebtables bug: please report to author: EBT_ENTRY_OR_ENTRIES shouldn't be set in distinguisher
[  198.875646] kernel msg: ebtables bug: please report to author: Wrong nr. of counters requested
2018/03/30 10:05:25 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x0, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:25 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000940)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x1, 0x9)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r9, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x80002, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

2018/03/30 10:05:25 executing program 6:
mprotect(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1)
r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap$binder(&(0x7f0000fc0000/0x2000)=nil, 0x2000, 0x0, 0x2013, r0, 0x0)
get_mempolicy(&(0x7f00000000c0), &(0x7f0000000100), 0x8001, &(0x7f0000fc1000/0x3000)=nil, 0x2)

2018/03/30 10:05:25 executing program 3:
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x0, 0x0)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000400)='net/ip6_tables_names\x00')
syz_kvm_setup_cpu$x86(r0, r1, &(0x7f00005cd000/0x18000)=nil, &(0x7f0000000600)=[@text32={0x20, &(0x7f0000000480)="0fc7a8fbffff7fb91b030000b865000000ba000000000f3026f3f021a3bcd8798266ba2000b000ee66b8e4008ee0b9680200000f320f001bb8c66d00000f23d80f21f835800000f00f23f88fc91092d4b9de0800000f32", 0x57}], 0x1, 0x8, &(0x7f00000008c0), 0x0)
syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x0, 0x4001)
r2 = getpgrp(0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000a2f000)=0x9)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
r3 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
setsockopt$bt_l2cap_L2CAP_LM(r3, 0x6, 0x3, &(0x7f00000008c0)=0x50, 0x4)
ioctl$EVIOCGSW(r3, 0x8040451b, &(0x7f0000000040)=""/21)
process_vm_readv(r2, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}], 0x6, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:25 executing program 4:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r1 = getpgrp(0x0)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$TIOCGSID(r0, 0x5429, &(0x7f0000000000))
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}], 0x1, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:25 executing program 0:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r1 = fcntl$getown(r0, 0x9)
r2 = getpgrp(r1)
sched_setaffinity(r2, 0x8, &(0x7f0000a2f000)=0x9)
r3 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(r3, 0x8040451b, &(0x7f0000000040)=""/21)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000400))
process_vm_readv(r2, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0x289}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:25 executing program 5:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
getpgid(0x0)
getpgid(0xffffffffffffffff)
getpgrp(0x0)
fcntl$getownex(r0, 0x10, &(0x7f0000000600))
ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000640))
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000680)=<r1=>0x0)
r2 = getpgrp(r1)
sched_setaffinity(r2, 0x8, &(0x7f0000a2f000)=0x9)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(0xffffffffffffffff, 0x8040451b, &(0x7f0000000040)=""/21)
getsockname(r0, &(0x7f0000000b40)=@can={0x0, <r3=>0x0}, &(0x7f00000009c0)=0x80)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000c00)={<r4=>0x0, @loopback, @loopback}, &(0x7f0000000c40)=0xc)
sendmsg$nl_route(r0, &(0x7f0000000d00)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000cc0)={&(0x7f0000000c80)=@mpls_getroute={0x38, 0x1a, 0x8, 0x70bd29, 0x25dfdbfe, {0x1c, 0x0, 0x14, 0x1c2c, 0xff, 0x3, 0xff, 0x7, 0x1000}, [@RTA_DST={0xc, 0x1, [{0x5, 0x6, 0xc3, 0xffffffffffffff88}, {0x81, 0x9, 0x1, 0x80}]}, @RTA_OIF={0x8, 0x4, r3}, @RTA_OIF={0x8, 0x4, r4}]}, 0x38}, 0x1, 0x0, 0x0, 0x4044845}, 0x24008801)
ioctl$DRM_IOCTL_AGP_ALLOC(r0, 0xc0206434, &(0x7f0000000000)={0x8001, <r5=>0x0, 0x10001})
ioctl$DRM_IOCTL_AGP_FREE(r0, 0x40206435, &(0x7f0000000340)={0x3b, r5, 0x10001, 0x3})
process_vm_readv(r2, &(0x7f00000004c0)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}], 0x4, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}], 0x1, 0x0)
wait4(r2, &(0x7f00000000c0), 0x0, &(0x7f0000000380))
r6 = request_key(&(0x7f0000000100)='logon\x00', &(0x7f0000000140)={0x73, 0x79, 0x7a, 0x1}, &(0x7f0000000180)='/dev/dmmidi#\x00', 0xfffffffffffffffa)
keyctl$restrict_keyring(0x1d, r6, &(0x7f0000000440)='rxrpc_s\x00', &(0x7f0000000480)='/dev/dmmidi#\x00')

2018/03/30 10:05:25 executing program 2:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x35b, &(0x7f0000a2f000)=0x4000000000009)
r2 = syz_open_dev$dspn(&(0x7f0000000a40)='/dev/dsp#\x00', 0xefffffffffffffff, 0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000040)=""/21)
getsockopt$SO_COOKIE(r2, 0x1, 0x39, &(0x7f0000000480), &(0x7f00000004c0)=0x8)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000400))
r3 = inotify_add_watch(r2, &(0x7f0000000000)='./file0\x00', 0x800)
inotify_rm_watch(r2, r3)
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0x289}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
setsockopt$inet6_opts(r2, 0x29, 0x3b, &(0x7f0000000a80)=@dstopts={0x0, 0x1a, [], [@ra={0x5, 0x2, 0x917}, @hao={0xc9, 0x10, @loopback={0x0, 0x1}}, @generic={0x380000000, 0xa8, "df2db61d96e7ee272f88ceb4c2a2c21610640155f9c07c497b6560e7240a09795b157a7c31891d31884c9842fbda2401b3ff137d8eb16e58cad7faf8795b405ef93278115b870ecb23cad20b282e3f3fa43be43e44f8ceb634089493481c1b20e44c8401ba0fed8691ec647f5529a22b014acbebf9a34b93958e48bfbf7538545bdc9e5d11caab5d21022b2239c47c793955cec07a379490c0670249aa91acf749e1117aacb556ec"}, @hao={0xc9, 0x10, @dev={0xfe, 0x80, [], 0xd}}, @pad1={0x0, 0x1}]}, 0xe0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))
connect$inet6(r2, &(0x7f0000000440)={0xa, 0x4e23, 0xfd, @mcast2={0xff, 0x2, [], 0x1}, 0x100000001}, 0x1c)

2018/03/30 10:05:25 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000100)='/dev/input/event#\x00', 0x3, 0x0)
getsockopt$SO_COOKIE(0xffffffffffffffff, 0x1, 0x39, &(0x7f0000000040), &(0x7f0000000080)=0x8)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000e94ffc))
r1 = dup(r0)
syz_open_dev$vcsa(&(0x7f0000000300)='/dev/vcsa#\x00', 0x1, 0x40)
ioctl$TIOCSBRK(r1, 0x40044591)
getsockopt$bt_BT_RCVMTU(r1, 0x112, 0xd, &(0x7f0000000200)=0x100, &(0x7f0000000240)=0x2)
sendto$llc(r1, &(0x7f0000000280)="1436a0ba2dc4064b6626994f84db08bf817cd7d2134ea3b713dc6c4fd46f78b6082af442dda8fef6c493f8c46d1e4fa4959e71a8fd47ec8c802f4ff4eb048141b5d54603db5accd901da5352c2d407213e73f5b35e58d01347d4a8f5ba83ebd48ed986c318cb492d1c0639c9ae3ef6502d966d9ffcf9", 0x76, 0x8094, 0x0, 0x0)
mount(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='pstore\x00', 0x0, &(0x7f0000000180)="af44f578905f7efbcc227b18fc4a653219926df4ae1fdfcc095d4549cb988537c27b10013c93ab53bc6ceb7f66fefd74c2a97aed4e1ff22eb2f2275cbed1efc2410bb503b32a6a89875943fb7077b0aef885f12eb0e9f4414371ef02f8381e189dcf32fa863430e2082242a1726bd7ee738575")

2018/03/30 10:05:25 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x0, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:25 executing program 6:
perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000767fff)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer2\x00', 0x2001, 0x0)
r1 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x2)
ioctl$int_in(r1, 0x800000c004500a, &(0x7f0000000000))
writev(r1, &(0x7f0000000180)=[{&(0x7f0000000080)}, {&(0x7f0000000300)="3e5ac8dcaf31bc27bdd3d9fa03e9d2de6b7773c2eff4ff5121851f31f33bef9659d3672803d2294a61900c3395aef27a48d41bc46f0b0f332e823580b8a5d90d8845e6333e7836bb20852b8bbb9420bfd3e7725475ed919b7a82464fc5816cbc9309f9bd418d", 0x66}], 0x2)
ioctl$KVM_SET_NR_MMU_PAGES(r1, 0xae44, 0x80000000)
writev(r1, &(0x7f0000001140)=[{&(0x7f0000001040)='2', 0x1}], 0x1)
socket$inet_smc(0x2b, 0x1, 0x0)
ioctl$sock_bt_bnep_BNEPGETCONNLIST(r0, 0x800442d2, &(0x7f00000001c0)={0x7fffffffffffdfc, &(0x7f0000000200)=[{0x0, 0x0, 0x0, @local}, {0x0, 0x0, 0x0, @link_local}, {0x0, 0x0, 0x0, @dev}, {0x0, 0x0, 0x0, @random}, {}, {0x0, 0x0, 0x0, @remote}, {0x0, 0x0, 0x0, @local}]})
dup(r0)

2018/03/30 10:05:25 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r3 = dup3(0xffffffffffffffff, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r4=>r1, 0xfffffffffffffffe})
r5 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r6)
r7 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r3, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r7, &(0x7f0000000180)="15", 0x1)
r8 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r8, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r5, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, 0xffffffffffffffff)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r4, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

2018/03/30 10:05:25 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x0, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:25 executing program 6:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x0, 0x71, 0xffffffffffffffff, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000268000/0x18000)=nil, &(0x7f0000000080)=[@textreal={0x8, &(0x7f0000000000)="baf80c66b8d4d9f78d66efbafc0ced66b9800000c00f326635002000000f300f35dbe23e0fe3e40f20c06635040000000f22c0f3ab660f3a600474baf80c66b860489e8666efbafc0ced440f20c066350a000000440f22c0", 0x58}], 0x1, 0x0, &(0x7f00000000c0), 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2000, &(0x7f00004d9000/0x2000)=nil})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = syz_open_dev$amidi(&(0x7f00000000c0)='/dev/amidi#\x00', 0x5db2447c, 0xe000)
accept4$unix(r4, &(0x7f0000000180), &(0x7f0000000200)=0x6e, 0x80000)
r5 = dup(r2)
getsockopt$inet6_dccp_buf(r5, 0x21, 0xd, &(0x7f0000000240)=""/108, &(0x7f00000002c0)=0x6c)

2018/03/30 10:05:25 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x0, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:25 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40401, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r9, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

2018/03/30 10:05:25 executing program 5:
r0 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0x2, 0x4001)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(0xffffffffffffffff, 0x8040451b, &(0x7f0000000040)=""/21)
setsockopt$inet6_mtu(r0, 0x29, 0x17, &(0x7f0000000080)=0x4, 0x4)
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}], 0x4, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}], 0x1, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:25 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x0, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:25 executing program 4:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r1 = getpgrp(0x0)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000400)={0x3, [0x0, <r2=>0x0, 0x0]}, &(0x7f0000000480)=0x10)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f00000004c0)={r2, 0x3c, 0x59}, 0x8)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
r3 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
getpeername$llc(r3, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @local}, &(0x7f0000000040)=0x10)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}], 0x1, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:25 executing program 6:
clone(0x4804a7fd, &(0x7f0000000000), &(0x7f000073fffc), &(0x7f0000f85ffc), &(0x7f0000c22000))
r0 = creat(&(0x7f0000000080)='./file0\x00', 0x605e9094fe23d90a)
ioctl$KVM_ENABLE_CAP(r0, 0x4068aea3, &(0x7f00000000c0)={0x0, 0x0, [0x4, 0x8, 0x0, 0x5]})
r1 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x400002)
ioctl$sock_inet6_tcp_SIOCATMARK(r1, 0x8905, &(0x7f0000000040))

2018/03/30 10:05:25 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000e40)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000e00)=0xfffffffffffffe5e)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r9, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

2018/03/30 10:05:25 executing program 2:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
r2 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0x81, 0xfffffffffffffffc)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r2, 0x84, 0x6d, &(0x7f0000000b40)=ANY=[@ANYRES32=<r3=>0x0, @ANYBLOB="c60000000af5be983cac6dcdcb091aa983a4436e1f565166ea5d6a04a394e381ed4183b9759f565d120cec52432521563a8dd52352b5fcee6d46c0741383c6ef74f4124f3192428aab561fc44a8e4218fe984e49e05ab183055749777fac2531fc18ad9417020d42936d9fdebb5835f0fe214f4563a34eb3942c83d894f5e1f8b3cde2ced2449bdb20cec2e178317e4bb24406b76ad3ecc8e34bbf5f37d502f9921239678f167a72737fc83303ec11646064bc8028077b89160b75a758353f654567c6e22d33202abad241c2b8b02ffe02523cbc9d7ecc5453a2604f767ce12c8cf7b90a3f2d92"], &(0x7f0000000000)=0xce)
setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r2, 0x84, 0x71, &(0x7f0000000480)={r3, 0x9}, 0x8)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x800000000fffffc)
getsockopt$inet6_IPV6_IPSEC_POLICY(r2, 0x29, 0x22, &(0x7f0000000fc0)={{{@in6, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0}}, {{@in=@rand_addr}, 0x0, @in6}}, &(0x7f00000010c0)=0xe8)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000f80)={'tunl0\x00', <r5=>r4})
sendmsg(r0, &(0x7f0000000b00)={&(0x7f0000000a80)=@hci={0x1f, r5, 0x2}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000c40)="896232c30ff6f26a47e541ed745bad1b6c29e5885f943bc598bc27049b8b957c0992abfb91b051809c230c3f85656f803b840a3a84643f7f522db8c086c6c015a5447bb2c99d2834b6c5e7714ff40c8f4e9fb4de0b611be621174227dd8bfd81a8f5fbd2a636c1eb4dd192e540a9cd9e1f8e59f3c21076bad4b7787f7881ed72750fceb2a42920d32784980dd3bdf422eb37c9c0c6b8a0c26bd5119b28983e4d928bda1f3dfc016c32c77e278abd2b86dd82ff28fb74211484d9aee83103b7f954284da42b2102590a38ae718389eeb5537204b2acae98dc1e052db5cbbbf2a2b261b312b7489cc79664bcd460b56e62a857aa8a4166e1520a030e", 0xfb}, {&(0x7f0000000d40)="b743569b3dacb582adc801a9bcf027ac44a7533e130d88e2d44081ac60e4da3cbe3c07cdef2f3dd2d79aa3f9d3b84aa535a3978a4b26189b706ca9b68d222e8ecbc813cdef1836bd5df934204be185a3549905b081654a75ab165ab301772c0f065ee07c1782009e6a", 0x69}], 0x2, &(0x7f0000000dc0)=ANY=[@ANYBLOB="800000000000000000010000200000007a9ada3aa10eb332f6a1c1d2d51aa8a565686a68acfa3afddf465aaf2192a0caa1b70d0dda926b934c7526285592d17474a6a54424bc76967cb45dbd328f54438a4e3be553a9ee65fcf4df11cde72df97c09270118cd8f19db7bc7da6ab63c21f862a4bebc63d6cbf300000000000000"], 0x80, 0x1}, 0x4000)
openat$dir(0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', 0x200, 0x4)
ioctl$VHOST_GET_VRING_BASE(r0, 0xc008af12, &(0x7f0000000040))
ioctl$EVIOCGSW(r0, 0x8040451b, &(0x7f00000008c0)=""/21)
r6 = msgget(0x2, 0x21)
msgctl$IPC_STAT(r6, 0x2, &(0x7f0000000e40)=""/204)
ioctl$sock_SIOCOUTQNSD(r2, 0x894b, &(0x7f0000000a40))
ioctl$TCGETS(r2, 0x5401, &(0x7f0000000f40))
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0x289}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x2, &(0x7f0000001100))

2018/03/30 10:05:25 executing program 0:
r0 = gettid()
getpgrp(r0)
r1 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r2 = getpgrp(0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000a2f000)=0x9)
r3 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(r3, 0x8040451b, &(0x7f0000000040)=""/21)
ioctl$sock_SIOCOUTQNSD(r1, 0x894b, &(0x7f0000000400))
process_vm_readv(r2, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0x289}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
wait4(r2, &(0x7f0000000ac0), 0x40000006, &(0x7f0000000b00))

2018/03/30 10:05:25 executing program 3:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x0, 0x4001)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000000))
fcntl$getownex(r0, 0x10, &(0x7f0000000400))
r1 = getpid()
r2 = getpgrp(r1)
sched_setaffinity(r2, 0x8, &(0x7f0000a2f000)=0x9)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
r3 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(r3, 0x8040451b, &(0x7f0000000040)=""/21)
ptrace$getregs(0xe, r2, 0x17e8afae, &(0x7f0000000a40)=""/4096)
process_vm_readv(r2, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}], 0x6, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:25 executing program 6:
perf_event_open(&(0x7f0000220000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000ff4)='/dev/rfkill\x00', 0x1, 0x0)
setns(0xffffffffffffffff, 0x0)
write$eventfd(r0, &(0x7f0000000000)=0x20000000000, 0x8)

2018/03/30 10:05:25 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:25 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000900)='/dev/autofs\x00', 0xfffffffffffffffe, 0x0)
r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3)
r4 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82)
dup3(r4, r2, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r2, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000880)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r1, 0x4b45, &(0x7f00000008c0)=0x4)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r9, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r2, r4)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

2018/03/30 10:05:25 executing program 6:
recvmmsg(0xffffffffffffffff, &(0x7f0000004840)=[{{&(0x7f00000040c0)=@nfc_llcp, 0x0, &(0x7f0000004540)=[{&(0x7f0000004980)=""/205}, {&(0x7f0000004240)=""/141}, {&(0x7f0000004300)=""/195}, {&(0x7f0000004900)=""/121}, {&(0x7f0000004480)=""/143}], 0x0, &(0x7f00000048c0)=""/47, 0x0, 0x4}, 0x5}, {{&(0x7f0000004600)=@rc, 0x0, &(0x7f0000004740), 0x0, &(0x7f0000004780)=""/157, 0x0, 0x4000ff65}, 0x7}], 0x24c, 0xffffffffffffffff, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x200, 0x4)
renameat2(r0, &(0x7f0000000040)='./file1\x00', r0, &(0x7f0000000080)='./file0\x00', 0x4)
setsockopt$IP_VS_SO_SET_FLUSH(r0, 0x0, 0x485, 0x0, 0x0)

2018/03/30 10:05:25 executing program 6:
socketpair$inet6(0xa, 0x1, 0x8, &(0x7f00000001c0)={<r0=>0xffffffffffffffff})
socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000280)={<r1=>0xffffffffffffffff})
getsockname$inet6(r0, &(0x7f0000000200)={0x0, 0x0, 0x0, @mcast2}, &(0x7f0000000240)=0x1c)
r2 = socket$packet(0x11, 0x100000000000003, 0x300)
r3 = memfd_create(&(0x7f0000000100)='/dev/admmidi#\x00', 0x3)
getsockname$inet6(r3, &(0x7f0000000140), &(0x7f0000000180)=0x1c)
perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0xe2, 0x0, 0x0, 0x0, 0x0, 0x1a0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0xfffffffffffffffe, 0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x8)
r4 = syz_open_dev$admmidi(&(0x7f0000000040)='/dev/admmidi#\x00', 0xfffffffeffffffff, 0x8e81)
sendto(r1, &(0x7f00000002c0)="c02315074218c05a7476c225a8c0e3acdeb87936d439b1722a9f884065a741ecab3535af09f2a956", 0x28, 0x4000000, &(0x7f0000000300)=@llc={0x1a, 0x0, 0x1a0, 0x7ff, 0x5, 0x200}, 0x80)
ioctl$KVM_GET_DEVICE_ATTR(r4, 0x4018aee2, &(0x7f00000000c0)={0x0, 0x100, 0x7f, &(0x7f0000000080)})
ioctl$sock_SIOCOUTQ(r2, 0x5411, &(0x7f0000000000))
setsockopt$l2tp_PPPOL2TP_SO_DEBUG(r4, 0x111, 0x1, 0xc1e, 0x4)

2018/03/30 10:05:25 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:25 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r6)
r7 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f00000008c0)=ANY=[], 0x0)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r7, &(0x7f0000000180)="15", 0x1)
r8 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r8, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

2018/03/30 10:05:26 executing program 6:
r0 = syz_open_dev$mice(&(0x7f000057d000)='/dev/input/mice\x00', 0x0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000057fee)='/dev/input/event#\x00', 0xafd, 0x8000040000001)
write$evdev(r1, &(0x7f00008c1fd0)=[{{}, 0x2, 0x0, 0x1}, {}], 0x30)
ioctl$KVM_S390_UCAS_MAP(r0, 0x4018ae50, &(0x7f0000000000)={0x7, 0x1b, 0x81})
r2 = syz_open_dev$evdev(&(0x7f0000057fee)='/dev/input/event#\x00', 0xafd, 0x8000040000001)
write$evdev(r2, &(0x7f00008c1fd0)=[{{}, 0x0, 0x1}, {}], 0x30)

[  200.242326] random: crng init done
2018/03/30 10:05:26 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, r0, &(0x7f00000008c0), 0x401)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r9, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

2018/03/30 10:05:26 executing program 4:
syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r0 = getpgrp(0x0)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
r1 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
rt_sigsuspend(&(0x7f0000000000)={0xa115}, 0x8)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
pread64(r1, &(0x7f0000000040)=""/20, 0x14, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
process_vm_readv(r0, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}], 0x1, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:26 executing program 0:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000000)={0x7db, 0x3f, 0xadd, 0x1, 0x2, 0x6, 0x8, 0x5, 0x100, 0x3, 0x8}, 0xb)
r2 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000075000/0x2000)=nil, 0x2000, 0x1)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000040)=""/21)
prctl$setmm(0x23, 0x7, &(0x7f0000ffe000/0x2000)=nil)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000400))
getsockname$ipx(r2, &(0x7f0000000480), &(0x7f00000004c0)=0x10)
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0x289}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:26 executing program 3:
syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x0, 0x4001)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000a2f000)=0x9)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
r1 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(r1, 0x8040451b, &(0x7f0000000040)=""/21)
process_vm_readv(r0, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}], 0x6, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000a40))

2018/03/30 10:05:26 executing program 2:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
r2 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000040)=""/21)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000400))
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0x289}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)

2018/03/30 10:05:26 executing program 5:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
r2 = shmget(0x2, 0x4000, 0x8, &(0x7f000069d000/0x4000)=nil)
fstat(r0, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, <r3=>0x0})
lstat(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
r5 = getuid()
getresgid(&(0x7f0000000400)=<r6=>0x0, &(0x7f0000000600), &(0x7f0000000640))
shmctl$IPC_SET(r2, 0x1, &(0x7f00000008c0)={{0x101, r3, r4, r5, r6, 0x100, 0x3ff}, 0x7, 0x20, 0x7, 0x5, r1, r1, 0x2})
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(0xffffffffffffffff, 0x8040451b, &(0x7f0000000040)=""/21)
process_vm_readv(r1, &(0x7f0000000000)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000340), 0x3}], 0x1237, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}], 0x1, 0x0)
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f00000007c0)={{{@in6=@local, @in=@multicast1}}, {{}, 0x0, @in=@local}}, &(0x7f0000000440)=0xe8)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:26 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:26 executing program 6:
mmap(&(0x7f0000002000/0x1000)=nil, 0x1000, 0x100000d, 0x32, 0xffffffffffffffff, 0x0)
sendto$inet6(0xffffffffffffffff, &(0x7f0000001faf)="54f914a0d2c0692f424ebda9d0d59e51d8cfebca9650098bd2998b536de5ae4385432d1895ebc413d9889751d60264d2901cb0d1569dfac9249b61cd52e5f12a1c928c4bb573d18be7f79dfbfdff18", 0x4f, 0x0, &(0x7f0000000fe4)={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}, 0x1c)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = getpid()
r2 = syz_open_dev$usbmon(&(0x7f00000000c0)='/dev/usbmon#\x00', 0x80000000000, 0x200)
perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x8, 0x396, 0x2, 0x5, 0x0, 0x9, 0x20000, 0x7, 0x3f, 0x100000000, 0x1ff, 0x1f, 0x7, 0x4, 0x3, 0x2bf1, 0x9, 0xfffffffffffffffe, 0x800, 0x6, 0x1f, 0x1, 0x1, 0xbac, 0x100000001, 0x3, 0x49c4, 0x7f, 0x2, 0x0, 0x9, 0x4, 0x100000001, 0x40, 0xce, 0x7fffffff, 0x0, 0x3ff, 0x1, @perf_bp={&(0x7f0000000000), 0x3}, 0x3001, 0x3, 0x8, 0x0, 0x5, 0x7fffffff, 0x5}, r1, 0x8, r2, 0xa)
getsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000001000), &(0x7f0000001ffd)=0x10)

2018/03/30 10:05:26 executing program 6:
r0 = memfd_create(&(0x7f00000000c0)="2f7b06003170707031253a656d30f9", 0x0)
write$tun(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="8d93dba4bdbd06f08321338e139d5e6e2581c84adc3dda0a2032c2"], 0x1)
mmap(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x4, 0x11, r0, 0x0)
ioctl$sock_inet_SIOCGIFPFLAGS(r0, 0x8935, &(0x7f0000000280)={'gre0\x00', 0x4f29})
r1 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0)
ioctl$ION_IOC_ALLOC(r1, 0xc0184900, &(0x7f0000009fe8)={0xfffb, 0x9, 0x0, <r2=>0xffffffffffffffff})
mmap(&(0x7f0000004000/0x4000)=nil, 0x4000, 0x0, 0x6012, r2, 0x0)
mremap(&(0x7f0000006000/0x4000)=nil, 0x4000, 0x1000, 0x3, &(0x7f0000000000/0x1000)=nil)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00006a4ff7)='/dev/kvm\x00', 0x0, 0x0)
getsockopt$netlink(r0, 0x10e, 0x7, &(0x7f0000000180)=""/235, &(0x7f0000000040)=0xeb)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
pipe2(&(0x7f0000e3eff8)={<r5=>0x0, <r6=>0x0}, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
r8 = dup3(r7, r6, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000decfe0)={0x10005, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SMI(r7, 0xaeb7)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000fe5000/0x18000)=nil, &(0x7f00000005c0)=[@text32={0x20, &(0x7f0000000100)="b9870300000f329a1a00c0fee400c4c31120660d4ab981030000b806000000ba000000000f30c4e2392db636fb66ed0f3266b817018ed0c4e161f1c70f01cf66b8dc008ec8", 0x45}], 0x1, 0x0, &(0x7f0000000040), 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)

2018/03/30 10:05:26 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:26 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f0000b91ff9)='./file0\x00', 0x6803f, 0x0)
fallocate(r9, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

[  200.810627] x86/PAT: syz-executor6:22828 map pfn RAM range req write-combining for [mem 0x1b9d90000-0x1b9d93fff], got write-back
2018/03/30 10:05:26 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:26 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r9, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x2000, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

[  200.907080] x86/PAT: syz-executor6:22838 map pfn RAM range req write-combining for [mem 0x1b9d90000-0x1b9d93fff], got write-back
2018/03/30 10:05:26 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:26 executing program 6:
rt_sigprocmask(0x0, &(0x7f0000039ff8)={0xfffffffffffffffa}, 0x0, 0x8)
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x17, 0x4, @tid=r0}, &(0x7f00008ec000))
r1 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x1f4f, 0xa2d00)
ioctl$sock_bt_hidp_HIDPGETCONNLIST(r1, 0x800448d2, &(0x7f0000000500)={0x8, &(0x7f0000000040)=[{}, {}, {}, {}, {}, {}, {}, {}]})
timer_settime(0x0, 0x0, &(0x7f000004a000)={{0x0, 0x1}, {0x0, 0xe4c}}, &(0x7f0000040000))
perf_event_open(&(0x7f000025c000)={0x42, 0x70, 0x3e2, 0x9, 0x2, 0x0, 0x0, 0x40, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0xffff, 0x0, 0x0, 0x2, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xffffffffffff8001, 0x1000}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
timer_delete(0x0)

2018/03/30 10:05:26 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000880)="15", 0x1)
r9 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r9, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

2018/03/30 10:05:27 executing program 6:
recvfrom(0xffffffffffffffff, &(0x7f0000000280)=""/191, 0xbf, 0x40000040, &(0x7f0000000340)=@can={0x1d}, 0x80)
r0 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0xe2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f000074ffc8)={&(0x7f000001a000)={0x10}, 0xc, &(0x7f000000e000)={&(0x7f00000000c0)={0x14, 0x4000000000020}, 0x14}, 0x1}, 0x0)
r2 = syz_open_dev$mice(&(0x7f0000000040)='/dev/input/mice\x00', 0x0, 0x42000)
ioctl$SNDRV_TIMER_IOCTL_PVERSION(r2, 0x80045400, &(0x7f00000003c0))
r3 = memfd_create(&(0x7f00000000c0)="74086e750000000000000000008c00", 0x0)
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000200)='/dev/loop-control\x00', 0x800, 0x0)
getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r4, 0x84, 0x22, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x2, <r5=>0x0}, &(0x7f0000000140)=0x51)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(0xffffffffffffffff, 0x84, 0x73, &(0x7f0000000180)={r5}, &(0x7f00000001c0)=0x18)
ioctl$DRM_IOCTL_WAIT_VBLANK(0xffffffffffffffff, 0xc018643a, &(0x7f0000000500)={0x0, 0x3ff})
fcntl$F_SET_RW_HINT(0xffffffffffffffff, 0x40c, &(0x7f0000000600))
ioctl$LOOP_CHANGE_FD(r0, 0x4c00, 0xffffffffffffffff)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000240)='/dev/loop-control\x00', 0x100, 0x0)
sendfile(r0, r0, &(0x7f0000000080)=0x5f, 0x0)
ioctl$LOOP_CLR_FD(r0, 0x4c01)
sync()
openat$cuse(0xffffffffffffff9c, &(0x7f0000000580)='/dev/cuse\x00', 0x0, 0x0)
r6 = dup2(0xffffffffffffffff, r0)
setsockopt$SO_VM_SOCKETS_BUFFER_SIZE(0xffffffffffffffff, 0x28, 0x0, &(0x7f0000000000)=0x9, 0x8)
setsockopt$SO_VM_SOCKETS_BUFFER_SIZE(r3, 0x28, 0x0, &(0x7f00000005c0)=0x3, 0x8)
getsockopt$inet6_mreq(r6, 0x29, 0x14, &(0x7f0000000480), &(0x7f00000004c0)=0x14)

2018/03/30 10:05:27 executing program 5:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000000)=<r1=>0x0)
r2 = getpgrp(r1)
sched_setaffinity(r2, 0x8, &(0x7f0000a2f000)=0x9)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(0xffffffffffffffff, 0x8040451b, &(0x7f0000000040)=""/21)
process_vm_readv(r2, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}], 0x4, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}], 0x1, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:27 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:27 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r6, 0x0, 0xfffc, 0xa)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

2018/03/30 10:05:27 executing program 4:
pipe2(&(0x7f0000000840)={<r0=>0xffffffffffffffff}, 0x4000)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, &(0x7f0000000a40)={<r1=>0x0, @in={{0x2, 0x4e20, @local={0xac, 0x14, 0x14, 0xaa}}}, 0xb231, 0x0, 0x0, 0x7, 0x3}, &(0x7f0000000880)=0x98)
setsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000b00)={r1, @in6={{0xa, 0x4e23, 0x7f, @ipv4={[], [0xff, 0xff], @multicast2=0xe0000002}, 0x81}}}, 0x84)
r2 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000480)={<r3=>0x0}, &(0x7f00000007c0)=0xc)
ptrace$getsig(0x4202, r3, 0x6, &(0x7f0000000800))
r4 = getpgrp(0x0)
clock_nanosleep(0xfffffffffffffffe, 0x3, &(0x7f0000000400), &(0x7f00000004c0))
syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
r5 = semget(0x2, 0x0, 0x4)
semctl$GETPID(r5, 0x1, 0xb, &(0x7f0000000000)=""/108)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
process_vm_readv(r4, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}], 0x1, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:27 executing program 0:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
getpid()
ioctl$TIOCGSID(r0, 0x5429, &(0x7f0000000a80))
fcntl$getownex(r0, 0x10, &(0x7f0000000ac0))
fcntl$getown(r0, 0x9)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000b00), &(0x7f0000000b40)=0xc)
ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000b80))
fcntl$getownex(r0, 0x10, &(0x7f0000000bc0))
r1 = getpgid(0x0)
r2 = getpgrp(r1)
sched_setaffinity(r2, 0x8, &(0x7f0000a2f000)=0x9)
r3 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(r3, 0x8040451b, &(0x7f0000000040)=""/21)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000400))
process_vm_readv(r2, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0x289}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))
process_vm_readv(r2, &(0x7f0000000000)=[{&(0x7f0000000480)=""/83, 0x53}], 0x1, &(0x7f00000008c0), 0x0, 0x0)
accept$ax25(r3, &(0x7f00000008c0), &(0x7f0000000a40)=0x10)

2018/03/30 10:05:27 executing program 2:
r0 = syz_open_dev$dmmidi(&(0x7f00000008c0)='/dev/dmmidi#\x00', 0x7f, 0x24640)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
r2 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000040)=""/21)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000400))
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0x289}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
ioctl$sock_inet_SIOCSIFNETMASK(r2, 0x891c, &(0x7f0000000000)={'irlan0\x00', {0x2, 0x4e23, @broadcast=0xffffffff}})
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))
getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f0000000480)={0x0, @local, @broadcast}, &(0x7f00000004c0)=0xc)

2018/03/30 10:05:27 executing program 3:
syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x0, 0x4001)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000a2f000)=0x9)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
r1 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(r1, 0x8040451b, &(0x7f0000000040)=""/21)
process_vm_readv(r0, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}], 0x6, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
wait4(r0, &(0x7f0000000000), 0x0, &(0x7f0000000100))

2018/03/30 10:05:27 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:27 executing program 7:
r0 = eventfd2(0x0, 0x80000)
r1 = creat(&(0x7f0000000880)='./file0\x00', 0x90)
getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x205)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3)
r4 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82)
dup3(r4, r2, 0x0)
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000140)={0x0, 0x1}, &(0x7f0000000180)=0x8)
r5 = openat$audio(0xffffffffffffff9c, &(0x7f0000000100)='/dev/audio\x00', 0x480, 0x0)
unshare(0x0)
getsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x7, &(0x7f0000000080), &(0x7f00000000c0)=0x4)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000000000)={&(0x7f0000564000)=@abs, 0x6e, &(0x7f0000451ff0)=[{&(0x7f0000007000)="002a932f01000000cf960802e02348f800000000001c0003f2a576", 0x1b}], 0x1, &(0x7f00001f9fe0)}, 0x0)
r6 = syz_open_dev$sg(&(0x7f0000000380)='/dev/sg#\x00', 0x40000000000000, 0x0)
setsockopt$sock_void(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
sendmmsg(0xffffffffffffffff, &(0x7f0000000fc0)=[{{&(0x7f00000006c0)=@vsock={0x28, 0x0, 0xffffffff, @my=0x0}, 0x80, &(0x7f0000000a80)=[{&(0x7f0000000980)="7abb796be9a79133e99ef2b42de8f24f8c30375b7a52988620937b18d92e986d0075dd2099e3f2f706611cdaf59db76cad16f5e7c533a221d36aa72a33e20f4370770ab12c98d46b536d6ac1e7cbe1781c60c046b38d7c99604b678962451969515144c4dddec1925baee42d4519a5ab8ad46d63638a6bf07a67e16a88914a14e2d725df2eb1ed61e11637a6aeed047b755fdb6fb2792ef44b0e08ab6a973a948a7598a33526f2ed14", 0xa9}], 0x1, &(0x7f0000003640)=ANY=[], 0x0, 0x10}, 0x5}], 0x1, 0x814)
r7 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffd)
r8 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000100)={0x73, 0x79, 0x7a}, 0x0, 0x0, r7)
add_key$user(&(0x7f00000003c0)='user\x00', &(0x7f00003ebffb)={0x73, 0x79, 0x7a, 0x0}, &(0x7f0000000200)="ffffff7f00000000", 0xfc, r8)
r9 = add_key$user(&(0x7f0000ef5000)='user\x00', &(0x7f00008fa000)={0x73, 0x79, 0x7a}, &(0x7f0000537ffd)="000386", 0x3, r8)
r10 = add_key$user(&(0x7f0000688000)='user\x00', &(0x7f00008d9ffb)={0x73, 0x79, 0x7a, 0x1}, &(0x7f0000f19edc)="b33ab76079ebe0d14f729cd653e520d29ad7ef0000000000000044c249b544230b9387fb8bd6ed266ccf59ef70995bf2e8e0ecd3fff32853747eda22d2818d08ca27e0ec821620e365a0e6b9485f2d925493f62113e33e5f8c7eba67fc19a9497f5b07e5849d2e875b066cd6401d36616fe0f3c3002801b4627ee7597689525e8e81f750a86eb580fb4690ea52246bd3d32b1a91f944edb74b1f50ae08c5387ed8fd0598b600579f3af3f864e1c324f6928f6672", 0xb4, r8)
r11 = request_key(&(0x7f0000a98ffb)='user\x00', &(0x7f0000626000)={0x73, 0x79, 0x7a, 0x2}, &(0x7f0000dde000)="2f6465612f7675746f66730719", 0x0)
keyctl$dh_compute(0x17, &(0x7f00004c8ff4)={r9, r10, r11}, &(0x7f00005cd000), 0x0, &(0x7f000010c000)={&(0x7f0000bf4ff3)={'ghash-generic\x00'}, &(0x7f0000000000)})
ioctl(r6, 0x2285, &(0x7f0000007000)='S')
ppoll(&(0x7f0000000500)=[{r6, 0x1}, {r5, 0x60}, {r5, 0x531}, {r5, 0x2000}, {0xffffffffffffffff, 0x100}, {r6, 0x408}, {r5, 0x200}, {0xffffffffffffffff, 0x8000}], 0x8, &(0x7f0000000580), &(0x7f00000005c0)={0x7ff}, 0x8)

2018/03/30 10:05:27 executing program 6:
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.cpu\x00', 0x200002, 0x0)
r0 = getgid()
r1 = syz_open_dev$vcsa(&(0x7f0000008a80)='/dev/vcsa#\x00', 0x1, 0x200)
getsockopt$netrom_NETROM_T4(r1, 0x103, 0x6, &(0x7f0000008ac0)=0x6, &(0x7f0000008b00)=0x4)
lstat(&(0x7f0000000000)='./file0\x00', &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setregid(r0, r2)
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000140)={[0x30]}, 0x2)

2018/03/30 10:05:27 executing program 6:
r0 = perf_event_open(&(0x7f0000348f88)={0x2, 0x78, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
connect(r1, &(0x7f0000002000)=@ethernet, 0x10)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000013fd8)={'vcan0\x00', <r2=>0x0})
r3 = fcntl$dupfd(r1, 0x0, r0)
bind$vsock_dgram(r3, &(0x7f0000000040)={0x28, 0x0, 0x2710, @host=0x2}, 0x10)
sendmsg$can_bcm(r1, &(0x7f0000011000)={&(0x7f0000004000)={0x1d, r2}, 0x10, &(0x7f0000012ff0)={&(0x7f000000afb8)={0x1, 0x7, 0x4, {0x77359400}, {}, {}, 0x1, @can={{}, 0x0, 0x0, 0x0, 0x0, "a3f9fee90201ab9d"}}, 0x48}, 0x1}, 0x0)

2018/03/30 10:05:27 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:27 executing program 6:
r0 = socket$unix(0x1, 0x1, 0x0)
io_setup(0x200000000005, &(0x7f0000000100)=<r1=>0x0)
r2 = syz_open_dev$mice(&(0x7f0000000200)='/dev/input/mice\x00', 0x0, 0x1)
ioctl$KDENABIO(r2, 0x4b36)
r3 = syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0x313, 0x40)
getsockopt$inet_sctp6_SCTP_RESET_STREAMS(0xffffffffffffff9c, 0x84, 0x77, &(0x7f0000000040)=ANY=[@ANYRES32=<r4=>0x0, @ANYBLOB="01f8ae0011f004348846c992"], &(0x7f00000000c0)=0x14)
getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r3, 0x84, 0x75, &(0x7f0000000140)={<r5=>0x0, 0xcda}, &(0x7f0000000340)=0x8)
getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r3, 0x84, 0x13, &(0x7f0000000380)={r5, 0x7}, &(0x7f00000003c0)=0x8)
getsockopt$inet_sctp_SCTP_DELAYED_SACK(r3, 0x84, 0x10, &(0x7f0000000180)=@sack_info={r4, 0x0, 0x2}, &(0x7f00000001c0)=0xc)
io_submit(r1, 0x2000000000000244, &(0x7f0000000300)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000240)="dc399a3ebf94d00ab9f4596b52d0c40cb1b1c47f181d4cb7aed065beb90bc6fdf305dc7a19656ae6dfca88a1b8457e56d92426b33bd1361fbaa7a0c0e415ee55e9caf98206ecfeba54fb133cf2bbb1e5eb7ea50afa9ed1f7ae3e0a9ff6db56da2f425a750605fda5d86511ec2380299e8a86cd05669acf3dc344a07c3a5dcf765381da", 0x13c, 0x800000000000}])
r6 = pkey_alloc(0x0, 0x2)
pkey_free(r6)

2018/03/30 10:05:27 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f0000000880)='./file0\x00', 0x6a043, 0x0)
fallocate(r9, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

2018/03/30 10:05:27 executing program 6:
pipe(&(0x7f0000055000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x407, 0x0)
vmsplice(r1, &(0x7f00007d3000)=[{&(0x7f0000fe3000)="d6", 0x1}], 0x1, 0x0)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000040)="878aff0000001f6e4ad2f26a35d65b9e0b6fc13ba0009b5b51a74e644901ca8635202dfc66a18f734cc366b117009c855c45f9c19402ef4a146e3d5604f1e3242a4607302f7809cf195508a6851a522a0c70c7da5f02fa2e59d10ef4990bba783ef747710394", 0x66}], 0x1, 0x1)
ioctl$EVIOCSABS20(r0, 0x401845e0, &(0x7f00000000c0)={0x100000001, 0x1, 0x80000001, 0x7, 0x4, 0xffffffffffff685c})
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000))
tkill(r2, 0x15)
vmsplice(r0, &(0x7f0000001440)=[{&(0x7f0000001380)="11", 0x1}], 0x1, 0x0)

2018/03/30 10:05:27 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(0xffffffffffffffff, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:28 executing program 2:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
r2 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000040)=""/21)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000400))
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0x289}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:28 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f00000008c0)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x140)
fallocate(r9, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

2018/03/30 10:05:28 executing program 3:
syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x0, 0x4001)
r0 = getpgrp(0x0)
ptrace$setopts(0x4200, r0, 0x5, 0x50)
sched_setaffinity(r0, 0x8, &(0x7f0000a2f000)=0x9)
r1 = pkey_alloc(0x0, 0x2)
pkey_mprotect(&(0x7f00002f5000/0x4000)=nil, 0x4000, 0x1000000, r1)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
r2 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
munmap(&(0x7f0000303000/0x4000)=nil, 0x4000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000040)=""/21)
process_vm_readv(r0, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}], 0x6, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:28 executing program 6:
r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x103001)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000380)=ANY=[@ANYBLOB="900df22db4dc346930010b45374f4eb959644cc0c66d46ebefaab4852560c346dd14", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES16=r0, @ANYRES32=0x0], &(0x7f00000000c0)=0x5)
getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f00000002c0)={0x0, 0x9, 0x8000, 0x3c8, 0x5, 0x6, 0x2, 0x20}, &(0x7f0000000300)=0x19)
readahead(r0, 0x2a, 0x2000000010004)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup3(r1, r0, 0x80000)
ioctl$KVM_SET_XCRS(0xffffffffffffffff, 0x4188aea7, &(0x7f0000000400)={0x1, 0x0, [{0x0, 0x0, 0xd39d}]})
socketpair$ax25(0x3, 0x0, 0xc3, &(0x7f0000000100))
setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(r2, 0x84, 0x5, &(0x7f0000000500)={0x0, @in6={{0xa, 0x4e20, 0x2, @dev={0xfe, 0x80, [], 0x16}}}}, 0x84)
setsockopt$ax25_int(r0, 0x101, 0xf, &(0x7f0000000180)=0x1002, 0x4)
syz_open_dev$sndseq(&(0x7f0000000280)='/dev/snd/seq\x00', 0x0, 0x600002)
socketpair$inet_icmp(0x2, 0x2, 0x1, &(0x7f0000000200))
ioctl$TUNDETACHFILTER(r0, 0x401054d6, 0x0)
setsockopt$bt_BT_DEFER_SETUP(r0, 0x112, 0x7, &(0x7f00000001c0)=0x3, 0x4)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000340)={&(0x7f0000000240)='./file0\x00', 0x0, 0x10}, 0x10)

2018/03/30 10:05:28 executing program 4:
syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r0 = getpgrp(0x0)
clock_nanosleep(0x0, 0x1, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
timer_create(0x0, &(0x7f0000000400)={0x0, 0x38, 0x4, @tid=r0}, &(0x7f0000000480))
syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
process_vm_readv(r0, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}], 0x1, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:28 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(0xffffffffffffffff, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:28 executing program 0:
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc\x00', 0x200, 0x0)
sendmsg$unix(r0, &(0x7f00000008c0)={&(0x7f0000000a40)=@file={0xdc31f6bb3814e8ef, './file0\x00'}, 0x6e, &(0x7f00000004c0)=[{&(0x7f0000000ac0)="0dfd0c7111e307ae14fed2bf7629a094b2e77934803f8e502d8396c733d9801fb102d2218a75062de23458bdd5c0f8924a92837a3aefbf6cf45f85203af0e26e2a65e0d56c52d031a0acb62490943ce1a661477f14eea15d43844228d844a5ea0079e526d65033ce002571308c6e2ce0ad76e90dc8a99f10add4", 0x7a}, {&(0x7f0000000b40)="0ae7c592f52c03f59c95ec9679b73effda969966fd8264623b7a19786b6d13ee96c0b2bfe68149ce12a60a1f376b1bef0748366336ef651d29d9de178d77312f8e6c0c60d8d698ef438a0fddc4fa08521c89529578abe23d3af854fec05996b73720d35b3d821d51ea783bb944e4df1f47648e8c6dadd73b60689cd92a154bbe13fd78b822344f4a48dcf382f734b1a22d41b38083e90ae1069f78eb716d379b141502a96972d44663cfb3afb1c4c81987cd2a41f774f8cafd3313b5c47919da419b749df9fadf23ddae3b3d6e28bdce10", 0xd1}, {&(0x7f0000000c40)="ca21caeab8cfd3433df7df662522a2f6f1a3adeea2688e0031e1de0f4cae8495247b20a837efddf00573a4effbcf7f273325ed5350a83a8a1ba5e9cc63533ace22e487da75f7936612baf06769a9daa590c8413214643a501e98c5851c14f25af05c71e0229e2334b5aa6839c427cb27898597c59872fa4df27a7acfa393f473610950fa4a5a141325a365ab4b33cb", 0x8f}], 0x3, 0x0, 0x0, 0x4000}, 0x8000)
r1 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r2 = getpgrp(0x0)
sched_setaffinity(r2, 0x6, &(0x7f0000000480)=0xd)
r3 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f00006e3000/0x1000)=nil, 0x1000, 0x3, 0x8033, r3, 0x0)
getpgrp(r2)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
syz_open_dev$amidi(&(0x7f0000000d00)='/dev/amidi#\x00', 0xfffffffffffffffb, 0x2a8cff6771f37faf)
ioctl$EVIOCGSW(r3, 0x8040451b, &(0x7f0000000040)=""/21)
ioctl$sock_SIOCOUTQNSD(r1, 0x894b, &(0x7f0000000400))
process_vm_readv(r2, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0x289}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:28 executing program 5:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(0xffffffffffffffff, 0x8040451b, &(0x7f0000000040)=""/21)
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}], 0x4, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}], 0x1, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000000))

2018/03/30 10:05:28 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(0xffffffffffffffff, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:28 executing program 6:
r0 = syz_open_dev$sndctrl(&(0x7f0000000600)='/dev/snd/controlC#\x00', 0x0, 0x0)
r1 = syz_open_dev$midi(&(0x7f00000011c0)='/dev/midi#\x00', 0x0, 0xa4100)
r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000001200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$VHOST_NET_SET_BACKEND(r1, 0x4008af30, &(0x7f0000001240)={0x2, r2})
eventfd(0x1)
pread64(r0, &(0x7f0000000900)=""/195, 0xc3, 0x0)
ioctl$KVM_SET_GSI_ROUTING(0xffffffffffffffff, 0x4008ae6a, &(0x7f0000000200)=ANY=[@ANYBLOB="58af4fb4d6ca489f1a000000fbe01401cc3c6bd0afac090015d5fb2e41f800e478f74b5d5c3677ebd80b35d36dabdf3b7c1493c3b8edbe1ead72bebd4d20962a480fef4a1d4b08e7c19c71f6e59ee903a8b0a145c18271fa1ad0b86bb343d2fdf962c116470b1cee25c9f46355fe5c51f404980cfd860ed00000000000"])
r3 = accept(r2, &(0x7f0000003440)=@l2, &(0x7f0000001180)=0x80)
setsockopt$inet6_udp_encap(r3, 0x11, 0x64, &(0x7f00000034c0)=0x3, 0x4)
ioctl$DRM_IOCTL_IRQ_BUSID(r2, 0xc0106403, &(0x7f0000000100)={0xc7, 0x7fff, 0xffff, 0xffff})
ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000080))
r4 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000fc0)='/selinux/enforce\x00', 0x16907a, 0x0)
getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f00000010c0)={0x0, 0x80}, &(0x7f0000001100)=0x8)
ioctl$KVM_GET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000180)={0x6, 0x0, [{}, {}, {}, {}, {}, {}]})
dup(0xffffffffffffffff)
read(r2, &(0x7f0000000040)=""/172, 0xaa)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/pmtu_disc\x00', 0x2, 0x0)
setns(r0, 0x44000000)
setsockopt$inet_sctp_SCTP_RTOINFO(r4, 0x84, 0x0, &(0x7f0000001140)={0x0, 0x6, 0x0, 0x2}, 0x10)
unlink(&(0x7f0000000140)='./file0\x00')
pwritev(r4, &(0x7f0000001400)=[{&(0x7f0000001440)="39c90c1158e1ab5b77c4f0229ed23cc22ff000db1614e319ff204ece57c167f012e2d15721c01471db853677fb7d712a423e12e784514bebcad00afb8bd093577a09e2767c39c91d04fa1e851984d465e5dd70c4c597210bb8a3b207613cc81106057f3dd7adb88cc2d4b5e6ff1051e548bcc006f1bd078caacb4f6d8848e605aef192a496e3d6782f6dfe7def701de53a41f332d9a77e5bbe161009760e013620148169afcd6bfc62dcac806afc80773e099d8ef0c2623ea3c3316b1fa09abcdcef4a030a755fb2cdb1ddd0a0b724408fe30180f931148b1eaaf28415fab39aaad2f332aa5143bc89279323a2b2a6697b8e1d202c99aabe8c2b7be24c1362c7992179132dbfd398510f513d4e7a497a0195c9f3271091dc8067d96874edb829e64261a83863dacfb746ffc7c02c518def2fa2a160d2fe8a07dffc91bbeaf3463ad48159437ff83134d74b6ea257ad6783ec69351f5987a8f2f973d8fc2ea16d4b18b2a17db18fde0033e7687fa102b1b02038605997c9c1f5307612ac0d4795f8a56b58c9d247f41a2d57c7e533bf86feb80a6b4f83d45c7d60ee8b528a740e0fba37c36d5ad282b16a8fedddf7f158d1c4a368d807bca431a80f9fef197f8120e8695e847b06b9558a924622822d2608ab62f878e4413265152ad900c3accd0e60a060ed2f7384d4232b88432a0cdd81e736564e8300968877c0398fb816ef8a0d5c20839329f8d6e05f290abc0ee3f199d8618b58d093cb5d5d0d4bf0d5e5843c817826bf33151111d2f282cd48721c752fc0c62268473fb060c760cada06192b470b3204e7f4c968f5749def7ab4ee95e552c800b3808159075fc9b8a9e63090fdc216cbb4fe6ce31c12aa39f1d15e4cf3c8b560ca8fff4e023e2ae6921493827759216e08a5472ba772901d388ad30b8cf0aa15bd12c52529e298798b3a90e02f86a519a0d9569be5080f26ef59eb7f7efc5b8e658b256372f129a508f75e50027a1691937e78e68f0eb041fec73de0ef5b1c8c08b085a4f71b8f0988dc179a4ff9dc4f5c709f6392194a1da8e60e02937a076b8b319be52da19645602df10250e624ba80637234f72a36102f55f9289b4ce2e5d2cdbb084b7ecaa478ead33b9ce3d7ea0a9d45a92dfdc56f3164c986bc7ba93a4b51c00496e8ec3668f34410a7da110adef16fd2d4027a06345595374c74a5dcc27320454b418700b614d667a913129b98058fd29755da1332ab7bfa8325d3a7a83566454b90ff6362d713bff42c2b903082d6ff16c36b7b7481443523d82c1ff8108443bc635c8364725e5464d06fa346f1e91093cb3945e00f26f9154fe02cc193d2ca74e137b1943a729e21fbadeb6d65be0cccf1922c56b81896b15b12df5288aeeef93b1cf8d7f76da939b82d638122dedc6cdc4f4e90869421069e7cb0abdad08eeee5a4be2bb8a146c500d4daed3c9c2ad20a98879e31f2956b29ede05eb10b82d4e743b591503d628720c8e99f27574e4e6e01f8cb8195353415c7191c6fb26f822ec1713d3fc469e6aaab1cbf2075eb8cd912f913e9da7b66f65d11a16769300b63bb91f6bf63f158cf07ced499537f6f55fe95e3a8adaec9346ce22f6363ece0e246aff8b6e7fc72a9e406bdb9463937ce5e48d57f4d4280bb4e94d76f3336c7778d45828dad8c4155dc1314c27979b75a53d738520844a72dd02323c84bf16f5d83e32b119f24bc2b1a952b2d77efdc1f1a2882f2866566d75c787a6db4c14bf6d82441ea3a8fefd2ca1b8499b456608a595582aa03f99ae3ceea75464707be0456da882066c4a8abb71d890276b697fe0c931817382042218f3a6513a00e1cfcb0a17ffc82f41081ba815ed7989b918429427dcf302dbda3acd19924cc4f69dd7789d4e31be52f1064238abcd34589cd4b6a584c4158e4ee16364e5a05a28d221f732605ec2a618ab0de74139b615a4174ebe6efe7fe3e3bb5d99c90a19ffe39fa777fb6e44a91a01f767f740d91eaa5527713c23da4781be430577ebedc212404c63b1a8ff51c91c62d8647410738417ec19b17c5f901e6329f873508c4bb3f5b0aec0ebab258b9c96829b29be2464970b68fa60b23498fd3c3ca9173c37fdb827dff96b27b9292678dfa506ccb84b6724ca685205e681cf2c22c08dc71babd0dbec8e1fe68ca098614db5f56dbd2f84a36eaaf1a7b1488d879b15cccea98ceafa0ce8ab6591cf00cfda024206c00ae28075a9792335022610c0a0dc592d7ad7c003aeb7869e5eb072df47801392cb82c070f69052183acc010fe5b4ac22b2d8b7722f9920658b8c90473eb85d8ad26aabda5199a57544f6b0f90809670499ef7053b24526f1f07245401f3dff00dff31c5f815ec185f58ba3be632e390bfab1790b6d82c234e2338a350cd6a4ab6341d18b01596f6eb7aa36794f0774d6bf3d27480fe081dc809b50738dbb47719bad43fb299bc83e6c49bf8cc8c9f7bc58cf9696c77a37dcd2e95907d11caaa92de2358fc4dd83336e1273ffc2e86344311fcf4da531261b444300785a58294cc0e954510d026a5969a2daadc2650c63856dc754889d3d6a72e1d04a6294ba809b2f6329355f01c307868876a55e56b63d8d369f1952782061a3ee5a6bf64261c3003ffab3ee4124cb3d57d733b80bf3d8293b427762eadcd3bc94a127411e1c137c1a48f5a19d528e8f22e1713f9a1d45dc82ab9270eaad80ed0cae6291c27f573e175d56b510f12cbd8be79cd4248cd848906a814fa1c28c47c44f7ba776c5d0a156fddf7301011645986fe5570f76dd5a8441d9c40f7809c59187b3052d28fdfdeb96368fd47587ee35197da7ab3b1133254f696e44e24053b1b6cda1d8a2117040c2ba91b1b99b15eed0f3beeeccf96a55f738b42f5c4fc0ead873e35bf76c1d3970c9f4d1448e6e3b73c8d693ed328188154cb827e5f5f03575c77099710a80c6b1c53ad1c657bf1e89519eccb848b30f6c946d082af980563d7d7206a22d62479ef11f38f9ef9dd6aee83301fe42aeecbe0aaa7af1cd3c8b1ddca1752b887b97d6442f24236a6b57ba6de5ea9b071d78f2e45b436c535e592533780fa50fd6522c14b5b5ecd391bdbd7acbcf3d571731c604ed437fa1af9cd367a066e01f98c996fad367ec8e9d47b9f427ca299e982386970fe89c9da68cc72832d1d1e18934d5db7f49446ecacea9812a09b7186e51addb5d71c4e7cd2e44576ca87b3e2d92b69e3ae44a6df41214d4f6add3538a8bbe457cd6a3fd255afba7986a521ecae557409812e706764a29efe8ba1b34935549614bc151dfeed1c93f10483f9a867ca1b104f6942fa57cfe4fcf3ce24091279e3c0d17a4bfa0b6efa60c47ea9a7e42c43a2790663d6d702915e0c637b1fcaffcc0273a7d4cf00620f7117fd2d7a70ff9b06503d494a7da5d82d904fa995fd01073718997054aa5ba4f187685ca6a36be41f62e5af2dbc4fe739a3e4d2236756b8e9cd61790b1fc19a3cd3d924d8711e5b456121ebd0976d08b63a44f095aeb40f9d5b04ba9233e6efb0243dd95a8d119283452771bb0980e06c25027be6424c746b61cca317b69313b439950e52fcba852fc5eae8273a4bb288bf970b3ce9823f63ffd708232339dbc4bcc8e84ba885b21568decf985953042a70f37bc931ccf2b50102cac97fe0d2f0d11b80920299bc935c1494005085f60da5b5972bfc5e61ff5e736f7d15c4a9018614e628153d23fedc6b2ba9e71baae94c94154e0757b785973e0372845f40c61d82254fb6d79e1916bb8eb7873def79afeb2545fbc4cb1e84af9d4ca1da1de1c5a0f8b5001a54b4547d14623d407590bc0bf48c9d6cb1b5a2117db491942708a3c6baf79c5668ac786c5a57760e44cb5bb80412a352c803f47df5b38274381f09f2ccaa1212f601df91aa6f0dd9c54e5ad4aeb1eabc5746b90b5c574e5db8606675ffe0090497d0ca2e06bef28e40cfa70e07826f5c095a66c004e2f471c5b9f6c09197d6582f75e1c8c1dd9ec37c586756b26a8311f5b19e31b93865cbd632478f0c0e168f83e64947ee77b318f2738c42a266ace04f94afaa9166e595fcc09458987056664110430553b19f621414debc4d8ee3fa95f0681b3d8158a294308e6d81c4a47b6038b308a56814225dcc67d0cb5ba34deb5b2f33ba7bd41a2ff4fca9948c1016d51a87c7a9f41c85d711b0e9a90a2fe3da262e9f7820d137a03a0f66b3d8b8e00e2bbc06e755b722f2336c1fe585f66958db544d3b5bb9867f5cc8893274123f5818413ec873595aa2c86fb387caab1a4a0e9b50e555cab2cb4cb6b67b521dcfdcb92b683918a636965b4538986637c1ed6531443a26808dca14a9cbe778a0cba16a7b51919b4ffd28fffee755404be5f58a7a9b5af4c48d73a19641b1407c16943ad810edc3b84537fb35c3754e5a8bfbe4b3ec5fa40ac7cd2b089a959e21310f147e97d2ccb2981ebb58a09581f296c941e74c2976ea7b27d0ddc608f513960ffdcf38b496d45dcc05240a37b2909630623b7ed12548e7132fe8e863cef460e04870c3340a00ca27d4aa93d491eb7115348ef745bfb8c6875d259612bf4752e2b6915a48603b7c21edce24b4ba2f7066a669c0786cb4f8e910b5916f9c5c95836e97e205c299a9ff2f48edce2d39dd5dddc7de8b6a4d773c6769676888e400cf9e8cafb2239540428857ab4318bfce847ecaa91dcaacce3e3a21ff3035bd9f6e66d28c9bb134c55826ccadde8bca69ce96e871051310871d32f2cb91685242e7d51c240a68ce89dcce7645f39bfcd35d4d4535673b2071a69d7135a47f52f25bc613baab52334a97753a101c04fb2a8c75d58379c63d7751157ce9386bda220cab0aa829c73967d38f268f318b060948ad2e89701961ab90149430184e41147d7aaa29f5853e3b5b9f718a4e0fae43f48ff2012a19a0fc8abb2c42032bf72d81593ae1a8e422ccda661a7224f6b9dd", 0xdbe}], 0x1, 0x0)

2018/03/30 10:05:28 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x0)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:28 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, r1, 0xfffffffffffffffe})
r5 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r6)
r7 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r7, &(0x7f0000000180)="15", 0x1)
r8 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r8, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r5, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r7, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffd, 0x1, 0xe529, 0x0, 0x20000000000}, &(0x7f0000000340))

2018/03/30 10:05:28 executing program 6:
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000140)={<r0=>0x0, 0x1}, &(0x7f0000000180)=0x8)
r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000100)='/dev/audio\x00', 0x480, 0x0)
unshare(0x0)
r2 = accept4$inet6(0xffffffffffffffff, 0x0, &(0x7f0000000000), 0x800)
getsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x7, &(0x7f0000000080), &(0x7f00000000c0)=0x4)
connect$inet6(r2, &(0x7f00000003c0)={0xa, 0x0, 0x2, @loopback={0x0, 0x1}, 0xfffffffffffffffb}, 0x1c)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000000000)={&(0x7f0000564000)=@abs, 0x6e, &(0x7f0000451ff0)=[{&(0x7f0000007000)="002a932f01000000cf960802e02348f800000000001c0003f2a576", 0x1b}], 0x1, &(0x7f00001f9fe0)}, 0x0)
r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0)
setsockopt$sock_void(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
ioctl$EVIOCSABS0(0xffffffffffffffff, 0x401845c0, &(0x7f0000007000)={0x0, 0x0, 0x8})
ioctl(r3, 0x2285, &(0x7f0000007000)='S')
clock_gettime(0x0, &(0x7f0000000540)={<r4=>0x0, <r5=>0x0})
ppoll(&(0x7f0000000500)=[{r3, 0x1}, {r1, 0x60}, {r1, 0x531}, {r1, 0x2000}, {0xffffffffffffffff, 0x100}, {r3, 0x408}, {r1, 0x200}, {r2, 0x8000}], 0x8, &(0x7f0000000580)={r4, r5+30000000}, &(0x7f00000005c0)={0x7ff}, 0x8)
r6 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_GET_DAEMON(0xffffffffffffffff, &(0x7f0000000600)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x40005a00}, 0xa, &(0x7f0000000480)={&(0x7f0000000440)=ANY=[@ANYPTR=&(0x7f0000000300)=ANY=[@ANYRES64=r0, @ANYRES64=r6, @ANYRES16=r2, @ANYPTR=&(0x7f00000002c0)=ANY=[@ANYRES16, @ANYRES64=r1, @ANYRES64, @ANYPTR]]], 0x1}, 0x1, 0x0, 0x0, 0x20008800}, 0x0)
accept4$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, @remote}, &(0x7f0000000200)=0x1c, 0x0)
getsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(0xffffffffffffffff, 0x84, 0x12, &(0x7f0000000240), &(0x7f0000000280)=0x4)
socket(0x10, 0x802, 0x0)
ioctl$VT_WAITACTIVE(0xffffffffffffffff, 0x5607)
write(0xffffffffffffffff, &(0x7f0000000640)="24070000000000000000d3b720f0ce83a80075060000ffa89d2c37d9ed3bea9d596bf3e2ffb4d17a02e9b2c464974ac924691e56b878", 0x36)
setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, &(0x7f0000000140)={0x6, 0x0, 0x8002, 0x8000, 0x0, 0x9, 0x8, 0xbb2d}, 0x20)
perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f0000eacfd0), 0x0, 0x0)
mount(&(0x7f0000001600)='./file0/file0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='9p\x00', 0x0, &(0x7f0000000100))

2018/03/30 10:05:28 executing program 0:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
r2 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
stat(&(0x7f0000000000)='./file0\x00', &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0})
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000008c0)={0x0, <r4=>0x0}, &(0x7f0000000a40)=0xc)
fchown(r0, r4, r3)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000040)=""/21)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000400))
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0x289}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:28 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x0)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

[  202.432888] 9pnet_virtio: no channels available for device ./file0/file0
2018/03/30 10:05:28 executing program 7:
r0 = eventfd2(0x0, 0x80801)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000880)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x100000000000077)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r9, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

[  202.491444] 9pnet_virtio: no channels available for device ./file0/file0
2018/03/30 10:05:28 executing program 0:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000400))
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0x289}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:28 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000440)='/dev/loop-control\x00', 0x26, 0x0)
r3 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3)
r4 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82)
r5 = dup3(r4, r2, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r6=>r2, 0xfffffffffffffffe})
r7 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r8)
r9 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r5, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r9, &(0x7f0000000180)="15", 0x1)
r10 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r10, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
ioctl$VHOST_NET_SET_BACKEND(r10, 0x4008af30, &(0x7f00000003c0)={0x3, r6})
readahead(r7, 0x1244, 0xffffffffffffff64)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r2, r4)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r6, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

2018/03/30 10:05:28 executing program 2:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
r2 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000040)=""/21)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000400))
getsockopt$IP_VS_SO_GET_INFO(r0, 0x0, 0x481, &(0x7f0000000000), &(0x7f0000000480)=0xc)
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0x289}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:28 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x0)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:28 executing program 3:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x0, 0x4001)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
r2 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r0, 0x40605346, &(0x7f0000000480)={0x8, 0x1, {0xffffffffffffffff, 0x0, 0x401, 0x3, 0x8000}})
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000400)=""/21)
ioctl$RNDGETENTCNT(r2, 0x80045200, &(0x7f0000000000))
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}], 0x6, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:28 executing program 6:
perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffc, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000080)='/dev/snd/midiC#D#\x00', 0x800, 0x200)
write$cgroup_type(r0, &(0x7f0000000100)='threaded\x00', 0x9)
perf_event_open(&(0x7f000025c000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f000031f000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$dmmidi(&(0x7f0000000040)='/dev/dmmidi#\x00', 0x0, 0x0)
syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x80000000, 0xa0000)
r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='/exe\x00\x00\x00\x00\x00\x00')
fadvise64(r2, 0x0, 0x0, 0x400000004)
tee(r2, r0, 0x6, 0x2)
ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0)

2018/03/30 10:05:28 executing program 4:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r1 = getpgrp(0x0)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
r2 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00003ae000/0x2000)=nil, 0x2000, 0x0)
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}], 0x1, 0x0)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000000)={<r3=>0x0})
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r2)
ioctl$DRM_IOCTL_DMA(r0, 0xc0406429, &(0x7f00000007c0)={r3, 0x1, &(0x7f0000000040)=[0x4], &(0x7f0000000400)=[0x800, 0x7], 0x30, 0x4, 0x401, &(0x7f0000000480)=[0x3, 0x8, 0x4, 0x800], &(0x7f00000004c0)=[0x1, 0x8001, 0xe48, 0x79, 0xef2]})
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000a40))

2018/03/30 10:05:28 executing program 5:
r0 = syz_open_dev$dmmidi(&(0x7f0000000480)='/dev/dmmidi#\x00', 0x200, 0x8002)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f000019b000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(0xffffffffffffffff, 0x8040451b, &(0x7f0000000040)=""/21)
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}], 0x4, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}], 0x1, 0x0)
ioctl$KDSKBSENT(r0, 0x4b49, &(0x7f0000000340)="2351b214d92eaba085c636265d53151d6bff1396976cb7ee0cb15b9ff312d8c76d984e82367dc0784ee47cb6a8a3b4aba806a89cab761963a42c5ba7aeef173b31eecb2d1d4012bdf9a074c57648a914a3ff32889fcc")
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:28 executing program 6:
r0 = userfaultfd(0x0)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000005480)={0xaa})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1})
r1 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0)
ioctl$EVIOCGMTSLOTS(r1, 0x8040450a, &(0x7f00000054c0))
syz_open_dev$evdev(&(0x7f0000004100)='/dev/input/event#\x00', 0x8, 0x400)
close(r1)
mkdir(&(0x7f000082f000)='./control\x00', 0x0)
creat(&(0x7f0000000080)='./control/file0\x00', 0x0)
mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000001fc0)={0xaa, 0x21})
r2 = userfaultfd(0x0)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000140)={0xaa})
creat(&(0x7f00000000c0)='./file1\x00', 0x0)
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1})
r3 = creat(&(0x7f000078dff8)='./file0\x00', 0x0)
write$sndseq(r3, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30)
rename(&(0x7f0000000040)='./control/file0\x00', &(0x7f0000000000)='./file0\x00')
rename(&(0x7f0000000200)='./file1\x00', &(0x7f00000001c0)='./file0\x00')
r4 = geteuid()
stat(&(0x7f0000000180)='./control\x00', &(0x7f0000001a80)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
syz_fuse_mount(&(0x7f0000000100)='./file1\x00', 0xa000, r4, r5, 0x10000, 0x2020)
r6 = syz_open_dev$evdev(&(0x7f0000000080)='/dev/input/event#\x00', 0x0, 0x0)
close(r0)
ioctl$TUNGETIFF(r6, 0x800454d2, &(0x7f0000005440))
recvmmsg(0xffffffffffffffff, &(0x7f0000005340)=[{{&(0x7f00000001c0)=@can, 0x80, &(0x7f0000000280)=[{&(0x7f0000000240)=""/6, 0x6}], 0x1, &(0x7f0000000380)=""/4096, 0x1000}, 0x4}, {{&(0x7f00000002c0)=@ethernet, 0x80, &(0x7f0000001700)=[{&(0x7f0000001380)=""/188, 0xbc}, {&(0x7f0000001440)=""/63, 0x3f}, {&(0x7f0000001480)=""/224, 0xe0}, {&(0x7f0000001580)=""/233, 0xe9}, {&(0x7f0000001680)=""/102, 0x66}, {&(0x7f0000002000)=""/4096, 0x1000}], 0x6, &(0x7f0000001740)=""/238, 0xee}, 0x1f}, {{&(0x7f0000001840)=@rc, 0x80, &(0x7f0000001940)=[{&(0x7f00000018c0)=""/6, 0x6}, {&(0x7f0000001900)=""/50, 0x32}], 0x2, &(0x7f0000001980)=""/113, 0x71, 0xe000000}, 0x1}, {{&(0x7f0000001a00)=@pppoe={0x0, 0x0, {0x0, @remote}}, 0x80, &(0x7f0000001ac0), 0x0, &(0x7f0000001b00)=""/95, 0x5f}, 0x7f}, {{&(0x7f0000001b80)=@ipx, 0x80, &(0x7f0000001cc0)=[{&(0x7f0000001c00)=""/151, 0x97}], 0x1, &(0x7f0000003000)=""/4096, 0x1000, 0x1}, 0x6}, {{0x0, 0x0, &(0x7f0000005240)=[{&(0x7f0000001d00)=""/250, 0xfa}, {&(0x7f0000001e00)=""/69, 0x45}, {&(0x7f0000001e80)=""/214, 0xd6}, {&(0x7f0000004000)=""/94, 0x5e}, {&(0x7f0000004080)=""/115, 0x73}, {&(0x7f0000001f80)=""/26, 0x1a}, {&(0x7f0000004140)=""/4096, 0x1000}, {&(0x7f00000051c0)=""/104, 0x68}], 0x8, &(0x7f00000052c0)=""/71, 0x47, 0x8}}], 0x6, 0x2, &(0x7f0000005400)={0x77359400})

2018/03/30 10:05:28 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r3 = ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3)
r4 = socket$inet(0x2, 0x3, 0x1)
ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82)
r5 = dup3(r4, r2, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000880)={0x100000000007, <r6=>r4, 0x1})
r7 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r8)
r9 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r5, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r9, &(0x7f0000000180)="15", 0x1)
r10 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r10, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r7, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r2, r4)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r6, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

2018/03/30 10:05:28 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(0xffffffffffffffff, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:28 executing program 6:
mmap(&(0x7f0000000000/0xfda000)=nil, 0xfda000, 0x4, 0x31, 0xffffffffffffffff, 0x0)
r0 = socket(0xa, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
setsockopt$inet_opts(r0, 0x0, 0xd, &(0x7f00002ce000)="d8", 0x1)

2018/03/30 10:05:28 executing program 6:
r0 = socket$netlink(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000023000)={&(0x7f0000024000)={0x10}, 0xc, &(0x7f0000023ff0)={&(0x7f0000010ec4)={0x1c, 0x2a, 0xaff, 0x0, 0x0, {0x4}, [@nested={0x8, 0x0, [@typed={0x4, 0x1, @binary}]}]}, 0x1c}, 0x1}, 0x0)
r1 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_HWDEP_INFO(r1, 0x80dc5521, &(0x7f0000000080)=""/4)

2018/03/30 10:05:28 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f0000000880)='./file0\x00', 0x6803e, 0x134)
fallocate(r9, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff61)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

2018/03/30 10:05:29 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(0xffffffffffffffff, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:29 executing program 6:
r0 = socket(0x2, 0x3, 0x40000000000000fc)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000000c0)='bridge0\x00', 0x85)
sendto$inet(r0, &(0x7f0000000000), 0xffc7, 0x0, &(0x7f0000000040)={0x2, 0x0, @multicast1=0xe0000001}, 0x10)
r1 = request_key(&(0x7f0000000080)='ceph\x00', &(0x7f0000000100)={0x73, 0x79, 0x7a, 0x2}, &(0x7f0000000140)='bridge0\x00', 0xfffffffffffffffa)
keyctl$describe(0x6, r1, &(0x7f0000000180)=""/1, 0x1)
r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x10000, 0x0)
ioctl$TIOCPKT(r2, 0x5420, &(0x7f00000001c0)=0xfffffffffffffe00)

2018/03/30 10:05:29 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
r5 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r6)
r7 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r7, &(0x7f0000000180)="15", 0x1)
r8 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r8, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r5, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

2018/03/30 10:05:29 executing program 2:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
r2 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000040)=""/21)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000400))
socket$packet(0x11, 0x3, 0x300)
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0x289}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:29 executing program 3:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x0, 0x4001)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
getpid()
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
r2 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
ioctl$DRM_IOCTL_AGP_INFO(r0, 0x80386433, &(0x7f0000000a40)=""/172)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000040)=""/21)
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}], 0x6, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:29 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(0xffffffffffffffff, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:29 executing program 0:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000a2f000)=0x9)
r2 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
setsockopt$l2tp_PPPOL2TP_SO_DEBUG(r2, 0x111, 0x1, 0x11dc8967, 0x4)
syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0x3, 0x400000)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(r2, 0x8040451b, &(0x7f0000000040)=""/21)
ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000400))
process_vm_readv(r1, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0x289}, {&(0x7f00000007c0)=""/206, 0xce}], 0x2, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:29 executing program 4:
syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
r0 = getpgrp(0x0)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0xffffffffffffffff, 0xfffffffffffffffc)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000181000/0x1000)=nil, 0x1000, 0x0)
process_vm_readv(r0, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000340)=""/188, 0xbc}, {&(0x7f0000000900)=""/202, 0xca}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}, {&(0x7f0000000600)=""/55, 0x37}], 0x7, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}], 0x1, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:29 executing program 6:
socketpair(0x8000000000001e, 0x1, 0x0, &(0x7f000000dff8)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write$sndseq(r1, &(0x7f000082cf40), 0x2082cf40)
bind$llc(r1, &(0x7f0000000000)={0x1a, 0x338, 0x1, 0x9, 0x1, 0x40, @link_local={0x1, 0x80, 0xc2}}, 0x10)
recvmsg$kcm(r0, &(0x7f0000000500)={&(0x7f00000000c0)=@nfc_llcp, 0x80, &(0x7f0000000480)=[{&(0x7f0000000380)=""/236, 0xec}], 0x1, &(0x7f00000004c0)=""/33, 0x21}, 0x100)

2018/03/30 10:05:29 executing program 5:
r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x2, 0x4001)
ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000680)=<r1=>0x0)
getpgid(r1)
getpid()
ioctl$TIOCGSID(r0, 0x5429, &(0x7f00000007c0)=<r2=>0x0)
r3 = getpgrp(r2)
sched_setaffinity(r3, 0x8, &(0x7f0000a2f000)=0x9)
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000340)={{{@in=@broadcast, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0}}, {{@in6=@loopback}, 0x0, @in=@local}}, &(0x7f0000000000)=0xe8)
getresgid(&(0x7f0000000440)=<r5=>0x0, &(0x7f0000000480), &(0x7f00000004c0))
setsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000600)={r3, r4, r5}, 0xc)
clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0)
ioctl$EVIOCGSW(0xffffffffffffffff, 0x8040451b, &(0x7f0000000040)=""/21)
process_vm_readv(r3, &(0x7f0000000640)=[{&(0x7f00000001c0)=""/237, 0xed}, {&(0x7f00000002c0)=""/121, 0x79}, {&(0x7f0000000500)=""/221, 0xdd}, {&(0x7f0000000080)}], 0x4, &(0x7f0000000a00)=[{&(0x7f00000006c0)=""/237, 0xed}], 0x1, 0x0)
wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100))

2018/03/30 10:05:29 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:29 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000008c0)='/dev/loop-control\x00', 0x0, 0x0)
r3 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r3)
r4 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r2, 0x4c82)
r5 = dup3(r4, r2, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r6=>r2, 0xfffffffffffffffe})
r7 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r8)
r9 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r5, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r9, &(0x7f0000000180)="15", 0x1)
r10 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r10, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r7, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r2, r4)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r6, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

2018/03/30 10:05:29 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:29 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f0000b91ff9)='./file0\x00', 0x68042, 0x0)
fallocate(r9, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0x0, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0xd)

2018/03/30 10:05:29 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}, 0x6}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:29 executing program 1:
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r1=>0x0}, &(0x7f0000000040)=0xc)
lstat(&(0x7f0000000680)='./file1\x00', &(0x7f0000000700))
r2 = syz_open_dev$usbmon(&(0x7f00000006c0)='/dev/usbmon#\x00', 0xff, 0x101000)
ptrace$setopts(0x4206, r1, 0x2, 0x40)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r2, 0x408c5333, &(0x7f0000000180)={0x9, 0xb3a0, 0x7ff, 'queue1\x00', 0x4})
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000480)={&(0x7f0000000440)=[0xffff, 0x7800000000000000, 0x200, 0x200, 0x1, 0x6, 0x1, 0x6], 0x8, 0x7, 0x40, 0x9, 0x2, 0x3, {0x1f, 0x2, 0x45dc, 0x4, 0x401, 0x401, 0x3f, 0xffffffff, 0x800, 0x8, 0x4fd, 0x101, 0x200, 0x2, "4b73292dcefa0d986817d5294f3cd47695f2970709af8974b83541f064724927"}})
r3 = socket$inet6(0xa, 0x6, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f00000002c0)={<r4=>0x0, 0x4c, &(0x7f0000000240)=[@in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x10000}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xb}}, @in={0x2, 0x4e20, @broadcast=0xffffffff}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}]}, &(0x7f0000000300)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000340)={r4, @in6={{0xa, 0x4e20, 0xffffffff, @dev={0xfe, 0x80, [], 0x15}, 0x80}}, 0x101, 0x8, 0x6, 0x18}, 0x98)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e23}, 0x1c)
listen(r3, 0x8000)
bind$inet6(r2, &(0x7f0000000780)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}}, 0x1c)
r5 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r5, 0x2000000010d, 0x800000000d, &(0x7f0000f85000)="03", 0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0)
r6 = pkey_alloc(0x0, 0x0)
pkey_free(r6)
r7 = accept(r3, &(0x7f0000296000)=@sco, &(0x7f0000504ffc)=0x8)
connect$inet(r5, &(0x7f0000772000)={0x2, 0x4e23}, 0x10)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='configfs\x00', 0x12100a, 0x0)
sendmsg$alg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000500)="588445520ef5546e0f3868157cb2e8964f5fd92883ba6e5cf36ec1f25853b4a42e616e18bc4d1419bc07b89d52a260c1c927817733baa2427cd548121f31176575ea0d5edf22aeaa92b4c2c16604", 0x4e}], 0x1, 0x0, 0x0, 0x10}, 0x4000)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r2, 0xc058534b, &(0x7f0000000600)={0x8, 0x100000000, 0x8, 0xa5, 0x7, 0x2})
clock_getres(0xffffffffffffffff, &(0x7f0000000400))

2018/03/30 10:05:29 executing program 7:
r0 = eventfd2(0x0, 0x80000)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000240)={{{@in6=@mcast2, @in=@multicast2}}, {{@in=@broadcast}, 0x0, @in6=@remote}}, &(0x7f0000000340)=0x396)
connect(0xffffffffffffffff, &(0x7f00000000c0)=@hci={0x1f, 0x0, 0x2}, 0x80)
sendfile(r0, 0xffffffffffffffff, &(0x7f0000000080), 0x10ed5b)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x40400, 0x0)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/loop-control\x00', 0x0, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
r3 = socket$inet(0x2, 0x3, 0xfffffffffffffff8)
ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
r4 = dup3(r3, r1, 0x0)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000080)={0x100000000006, <r5=>r1, 0xfffffffffffffffe})
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x101000, 0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup\x00', 0x200002, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000000380)=0x1f)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100)=ANY=[], 0x1023c)
truncate(&(0x7f0000000140)='./file0\x00', 0x0)
write(r8, &(0x7f0000000180)="15", 0x1)
r9 = open(&(0x7f00000008c0)='./file0\x00', 0x68042, 0x0)
fallocate(r9, 0x0, 0xffff, 0x9)
close(0xffffffffffffffff)
readahead(r6, 0x1244, 0xffffffffffffff64)
recvmsg(r0, &(0x7f0000000840)={&(0x7f00000003c0)=@vsock={0x0, 0x0, 0x0, @my}, 0x80, &(0x7f0000000740)=[{&(0x7f0000000440)=""/166, 0xa6}, {&(0x7f0000000500)=""/67, 0x43}, {&(0x7f0000000580)=""/141, 0x8d}, {&(0x7f0000000640)=""/240, 0xf0}], 0x4, &(0x7f0000000780)=""/174, 0xae, 0x8}, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x0, 0x0)
dup2(r1, r3)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r5, 0x84, 0x1, &(0x7f0000000300)={0x0, 0xfffffffffffffffb, 0x1, 0xe52d, 0x0, 0x20000000000}, &(0x7f0000000340)=0x14)

[  209.973778] bond0 (unregistering): Released all slaves
[  210.656284] ==================================================================
[  210.663802] BUG: KASAN: use-after-free in rds_queue_reconnect+0x89f/0x970
[  210.670697] Read of size 4 at addr ffff8801d8998204 by task kworker/u4:13/6486
[  210.678035] 
[  210.679635] CPU: 0 PID: 6486 Comm: kworker/u4:13 Not tainted 4.16.0-rc7+ #371
[  210.686879] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  210.696209] Workqueue: krdsd rds_connect_worker
[  210.700850] Call Trace:
[  210.703411]  dump_stack+0x194/0x24d
[  210.707011]  ? arch_local_irq_restore+0x53/0x53
[  210.711650]  ? show_regs_print_info+0x18/0x18
[  210.716129]  ? lock_release+0xa40/0xa40
[  210.720087]  ? rds_queue_reconnect+0x89f/0x970
[  210.724659]  print_address_description+0x73/0x250
[  210.729483]  ? rds_queue_reconnect+0x89f/0x970
[  210.734045]  kasan_report+0x23c/0x360
[  210.737827]  __asan_report_load4_noabort+0x14/0x20
[  210.742727]  rds_queue_reconnect+0x89f/0x970
[  210.747117]  ? trace_hardirqs_off+0x10/0x10
[  210.751414]  ? rds_connect_complete+0x40/0x40
[  210.755894]  ? __lock_is_held+0xb6/0x140
[  210.759936]  rds_connect_worker+0x1a2/0x1f0
[  210.764236]  process_one_work+0xc47/0x1bb0
[  210.768445]  ? debug_check_no_locks_freed+0x3c0/0x3c0
[  210.773608]  ? trace_hardirqs_on+0xd/0x10
[  210.777740]  ? pwq_dec_nr_in_flight+0x450/0x450
[  210.782396]  ? __schedule+0x903/0x1ec0
[  210.786275]  ? trace_hardirqs_off+0x10/0x10
[  210.790569]  ? lock_downgrade+0x980/0x980
[  210.794710]  ? lock_acquire+0x1d5/0x580
[  210.798653]  ? lock_acquire+0x1d5/0x580
[  210.802599]  ? worker_thread+0x4a3/0x1990
[  210.806718]  ? lock_downgrade+0x980/0x980
[  210.810841]  ? lock_release+0xa40/0xa40
[  210.814787]  ? pr_cont_work+0x130/0x130
[  210.818736]  ? do_raw_spin_trylock+0x190/0x190
[  210.823301]  worker_thread+0x223/0x1990
[  210.827270]  ? finish_task_switch+0x1c1/0x7e0
[  210.831758]  ? process_one_work+0x1bb0/0x1bb0
[  210.836228]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  210.841217]  ? trace_hardirqs_on+0xd/0x10
[  210.845339]  ? _raw_spin_unlock_irq+0x27/0x70
[  210.849807]  ? finish_task_switch+0x1c1/0x7e0
[  210.854273]  ? finish_task_switch+0x182/0x7e0
[  210.858744]  ? copy_overflow+0x20/0x20
[  210.862630]  ? __schedule+0x903/0x1ec0
[  210.866502]  ? trace_hardirqs_off+0x10/0x10
[  210.870808]  ? find_held_lock+0x35/0x1d0
[  210.874849]  ? find_held_lock+0x35/0x1d0
[  210.878889]  ? complete+0x62/0x80
[  210.882323]  ? __schedule+0x1ec0/0x1ec0
[  210.886286]  ? do_wait_intr_irq+0x3e0/0x3e0
[  210.890591]  ? __lockdep_init_map+0xe4/0x650
[  210.894974]  ? do_raw_spin_trylock+0x190/0x190
[  210.899538]  ? lockdep_init_map+0x9/0x10
[  210.903573]  ? _raw_spin_unlock_irqrestore+0x31/0xc0
[  210.908650]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  210.913641]  ? trace_hardirqs_on+0xd/0x10
[  210.917762]  ? __kthread_parkme+0x176/0x240
[  210.922064]  kthread+0x33c/0x400
[  210.925404]  ? process_one_work+0x1bb0/0x1bb0
[  210.929869]  ? kthread_stop+0x7a0/0x7a0
[  210.933818]  ret_from_fork+0x3a/0x50
[  210.937518] 
[  210.939119] Allocated by task 4456:
[  210.942720]  save_stack+0x43/0xd0
[  210.946144]  kasan_kmalloc+0xad/0xe0
[  210.949830]  kasan_slab_alloc+0x12/0x20
[  210.953778]  kmem_cache_alloc+0x12e/0x760
[  210.957898]  copy_net_ns+0x152/0x580
[  210.961585]  create_new_namespaces+0x425/0x880
[  210.966141]  unshare_nsproxy_namespaces+0xae/0x1e0
[  210.971044]  SyS_unshare+0x653/0xfa0
[  210.974733]  do_syscall_64+0x281/0x940
[  210.978594]  entry_SYSCALL_64_after_hwframe+0x42/0xb7
[  210.983751] 
[  210.985349] Freed by task 6486:
[  210.988600]  save_stack+0x43/0xd0
[  210.992027]  __kasan_slab_free+0x11a/0x170
[  210.996233]  kasan_slab_free+0xe/0x10
[  211.000002]  kmem_cache_free+0x83/0x2a0
[  211.003965]  net_free+0xca/0x110
[  211.007309]  net_drop_ns.part.11+0x26/0x30
[  211.011516]  cleanup_net+0x977/0xcb0
[  211.015202]  process_one_work+0xc47/0x1bb0
[  211.019406]  worker_thread+0x223/0x1990
[  211.023349]  kthread+0x33c/0x400
[  211.026687]  ret_from_fork+0x3a/0x50
[  211.030369] 
[  211.031970] The buggy address belongs to the object at ffff8801d8998200
[  211.031970]  which belongs to the cache net_namespace of size 6848
[  211.044860] The buggy address is located 4 bytes inside of
[  211.044860]  6848-byte region [ffff8801d8998200, ffff8801d8999cc0)
[  211.056626] The buggy address belongs to the page:
[  211.061532] page:ffffea0007626600 count:1 mapcount:0 mapping:ffff8801d8998200 index:0x0 compound_mapcount: 0
[  211.071471] flags: 0x2fffc0000008100(slab|head)
[  211.076114] raw: 02fffc0000008100 ffff8801d8998200 0000000000000000 0000000100000001
[  211.083976] raw: ffffea0007612d20 ffffea0006c34920 ffff8801d9beee00 0000000000000000
[  211.091825] page dumped because: kasan: bad access detected
[  211.097513] 
[  211.099114] Memory state around the buggy address:
[  211.104021]  ffff8801d8998100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  211.111358]  ffff8801d8998180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  211.118688] >ffff8801d8998200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  211.126033]                    ^
[  211.129375]  ffff8801d8998280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  211.136714]  ffff8801d8998300: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  211.144042] ==================================================================
[  211.151373] Disabling lock debugging due to kernel taint
[  211.156911] Kernel panic - not syncing: panic_on_warn set ...
[  211.156911] 
[  211.164263] CPU: 0 PID: 6486 Comm: kworker/u4:13 Tainted: G    B            4.16.0-rc7+ #371
[  211.172808] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  211.182145] Workqueue: krdsd rds_connect_worker
[  211.186793] Call Trace:
[  211.189353]  dump_stack+0x194/0x24d
[  211.192962]  ? arch_local_irq_restore+0x53/0x53
[  211.197601]  ? kasan_end_report+0x32/0x50
[  211.201726]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  211.206453]  ? vsnprintf+0x1ed/0x1900
[  211.210226]  ? rds_queue_reconnect+0x7b0/0x970
[  211.214789]  panic+0x1e4/0x41c
[  211.217955]  ? refcount_error_report+0x214/0x214
[  211.222689]  ? add_taint+0x1c/0x50
[  211.226199]  ? add_taint+0x1c/0x50
[  211.229709]  ? rds_queue_reconnect+0x89f/0x970
[  211.234260]  kasan_end_report+0x50/0x50
[  211.238205]  kasan_report+0x149/0x360
[  211.241980]  __asan_report_load4_noabort+0x14/0x20
[  211.246880]  rds_queue_reconnect+0x89f/0x970
[  211.251264]  ? trace_hardirqs_off+0x10/0x10
[  211.255556]  ? rds_connect_complete+0x40/0x40
[  211.260034]  ? __lock_is_held+0xb6/0x140
[  211.264082]  rds_connect_worker+0x1a2/0x1f0
[  211.268376]  process_one_work+0xc47/0x1bb0
[  211.272580]  ? debug_check_no_locks_freed+0x3c0/0x3c0
[  211.277738]  ? trace_hardirqs_on+0xd/0x10
[  211.281860]  ? pwq_dec_nr_in_flight+0x450/0x450
[  211.286516]  ? __schedule+0x903/0x1ec0
[  211.290385]  ? trace_hardirqs_off+0x10/0x10
[  211.294678]  ? lock_downgrade+0x980/0x980
[  211.298807]  ? lock_acquire+0x1d5/0x580
[  211.302752]  ? lock_acquire+0x1d5/0x580
[  211.306696]  ? worker_thread+0x4a3/0x1990
[  211.310816]  ? lock_downgrade+0x980/0x980
[  211.314940]  ? lock_release+0xa40/0xa40
[  211.318888]  ? pr_cont_work+0x130/0x130
[  211.322836]  ? do_raw_spin_trylock+0x190/0x190
[  211.327394]  worker_thread+0x223/0x1990
[  211.331340]  ? finish_task_switch+0x1c1/0x7e0
[  211.335815]  ? process_one_work+0x1bb0/0x1bb0
[  211.340283]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  211.345269]  ? trace_hardirqs_on+0xd/0x10
[  211.349390]  ? _raw_spin_unlock_irq+0x27/0x70
[  211.353855]  ? finish_task_switch+0x1c1/0x7e0
[  211.358319]  ? finish_task_switch+0x182/0x7e0
[  211.362786]  ? copy_overflow+0x20/0x20
[  211.366652]  ? __schedule+0x903/0x1ec0
[  211.370516]  ? trace_hardirqs_off+0x10/0x10
[  211.374812]  ? find_held_lock+0x35/0x1d0
[  211.378848]  ? find_held_lock+0x35/0x1d0
[  211.382884]  ? complete+0x62/0x80
[  211.386311]  ? __schedule+0x1ec0/0x1ec0
[  211.390253]  ? do_wait_intr_irq+0x3e0/0x3e0
[  211.394548]  ? __lockdep_init_map+0xe4/0x650
[  211.398930]  ? do_raw_spin_trylock+0x190/0x190
[  211.403482]  ? lockdep_init_map+0x9/0x10
[  211.407516]  ? _raw_spin_unlock_irqrestore+0x31/0xc0
[  211.413052]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  211.418042]  ? trace_hardirqs_on+0xd/0x10
[  211.422164]  ? __kthread_parkme+0x176/0x240
[  211.426456]  kthread+0x33c/0x400
[  211.429792]  ? process_one_work+0x1bb0/0x1bb0
[  211.434278]  ? kthread_stop+0x7a0/0x7a0
[  211.438224]  ret_from_fork+0x3a/0x50
[  211.442627] Dumping ftrace buffer:
[  211.446147]    (ftrace buffer empty)
[  211.449828] Kernel Offset: disabled
[  211.453434] Rebooting in 86400 seconds..