1/2011
[  294.376127] Call Trace:
[  294.378728]  dump_stack+0x1b9/0x294
[  294.382378]  ? dump_stack_print_info.cold.2+0x52/0x52
[  294.387579]  ? percpu_ref_put_many+0x132/0x230
[  294.392173]  ? memcg_kmem_charge_memcg+0x74/0x110
[  294.397029]  ? percpu_ref_tryget+0x2b0/0x2b0
[  294.401441]  should_fail.cold.4+0xa/0x1a
[  294.405505]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  294.410602]  ? graph_lock+0x170/0x170
[  294.414395]  ? find_held_lock+0x36/0x1c0
[  294.418446]  ? __lock_is_held+0xb5/0x140
[  294.422511]  ? check_same_owner+0x320/0x320
[  294.426823]  ? rcu_note_context_switch+0x710/0x710
[  294.431743]  __should_failslab+0x124/0x180
[  294.435982]  should_failslab+0x9/0x14
[  294.439772]  kmem_cache_alloc+0x2af/0x760
[  294.443910]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  294.449438]  ptlock_alloc+0x20/0x80
[  294.453056]  pte_alloc_one+0x6b/0x120
[  294.456847]  __pte_alloc+0x2a/0x340
[  294.460464]  copy_page_range+0x1655/0x24b0
[  294.464701]  ? __pmd_alloc+0x530/0x530
[  294.468583]  ? __save_stack_trace+0x7e/0xd0
[  294.472910]  ? save_stack+0xa9/0xd0
[  294.476533]  ? graph_lock+0x170/0x170
[  294.480317]  ? kasan_slab_alloc+0x12/0x20
[  294.484450]  ? kmem_cache_alloc+0x12e/0x760
[  294.488757]  ? copy_process.part.38+0x2d37/0x6e90
[  294.493592]  ? _do_fork+0x291/0x12a0
[  294.497287]  ? __x64_sys_clone+0xbf/0x150
[  294.501420]  ? graph_lock+0x170/0x170
[  294.505208]  ? find_held_lock+0x36/0x1c0
[  294.509259]  ? lock_downgrade+0x8e0/0x8e0
[  294.513396]  ? lock_release+0xa10/0xa10
[  294.517360]  ? check_same_owner+0x320/0x320
[  294.521671]  ? rcu_note_context_switch+0x710/0x710
[  294.526599]  ? __might_sleep+0x95/0x190
[  294.530561]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  294.535575]  ? __vma_link_rb+0x26d/0x370
[  294.539624]  copy_process.part.38+0x4be7/0x6e90
[  294.544293]  ? __cleanup_sighand+0x70/0x70
[  294.548512]  ? find_held_lock+0x13f/0x1c0
[  294.552649]  ? print_usage_bug+0xc0/0xc0
[  294.556695]  ? lock_downgrade+0x8e0/0x8e0
[  294.560842]  ? unlock_page+0x1d0/0x2b0
[  294.564719]  ? debug_check_no_locks_freed+0x310/0x310
[  294.569898]  ? print_usage_bug+0xc0/0xc0
[  294.573947]  ? filemap_map_pages+0xcd4/0x1870
[  294.578435]  ? debug_check_no_locks_freed+0x310/0x310
[  294.583610]  ? find_get_entries_tag+0x10a0/0x10a0
[  294.588438]  ? __lock_acquire+0x7f5/0x5140
[  294.592660]  ? debug_check_no_locks_freed+0x310/0x310
[  294.597847]  ? print_usage_bug+0xc0/0xc0
[  294.601894]  ? graph_lock+0x170/0x170
[  294.605682]  ? lock_acquire+0x1dc/0x520
[  294.609641]  ? __fdget_pos+0x1a9/0x1e0
[  294.613514]  ? graph_lock+0x170/0x170
[  294.617306]  ? __lock_acquire+0x7f5/0x5140
[  294.621529]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  294.627052]  ? _parse_integer+0x13b/0x190
[  294.631185]  ? graph_lock+0x170/0x170
[  294.634973]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  294.640492]  ? _kstrtoull+0x180/0x230
[  294.644276]  ? _parse_integer+0x190/0x190
[  294.648407]  ? graph_lock+0x170/0x170
[  294.652191]  ? lock_release+0xa10/0xa10
[  294.656153]  ? check_same_owner+0x320/0x320
[  294.660469]  ? find_held_lock+0x36/0x1c0
[  294.664515]  ? graph_lock+0x170/0x170
[  294.668315]  ? lock_downgrade+0x8e0/0x8e0
[  294.672452]  ? find_held_lock+0x36/0x1c0
[  294.676504]  ? lock_downgrade+0x8e0/0x8e0
[  294.680640]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  294.686173]  ? proc_fail_nth_write+0x96/0x1f0
[  294.690654]  ? proc_cwd_link+0x1d0/0x1d0
[  294.694714]  ? find_held_lock+0x36/0x1c0
[  294.699368]  _do_fork+0x291/0x12a0
[  294.702901]  ? fork_idle+0x1a0/0x1a0
[  294.706610]  ? __lock_is_held+0xb5/0x140
[  294.710666]  ? __sb_end_write+0xac/0xe0
[  294.714632]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  294.720161]  ? fput+0x130/0x1a0
[  294.723449]  ? ksys_write+0x1a6/0x250
[  294.727238]  ? __ia32_sys_read+0xb0/0xb0
[  294.731287]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  294.736819]  __x64_sys_clone+0xbf/0x150
[  294.740790]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  294.745804]  do_syscall_64+0x1b1/0x800
[  294.749676]  ? finish_task_switch+0x1ca/0x840
[  294.754160]  ? syscall_return_slowpath+0x5c0/0x5c0
[  294.759076]  ? syscall_return_slowpath+0x30f/0x5c0
[  294.763994]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  294.769351]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  294.774194]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  294.779367] RIP: 0033:0x455a09
[  294.782546] RSP: 002b:00007f899b091c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  294.790243] RAX: ffffffffffffffda RBX: 00007f899b0926d4 RCX: 0000000000455a09
2018/05/15 13:07:18 executing program 4:
bpf$MAP_CREATE(0x24000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:18 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c46000000000000000000001f0004000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:18 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f00000000c0)={0x3e1, 0x0, [{0x0, 0x1, 0x0, 0x0, @msi}, {0x0, 0x0, 0x0, 0x0, @sint}]})

[  294.797507] RDX: 0000000020000580 RSI: 0000000020000480 RDI: 0000000000004000
[  294.804760] RBP: 000000000072bea0 R08: 0000000020000600 R09: 0000000000000000
[  294.812028] R10: 00000000200005c0 R11: 0000000000000246 R12: 0000000000000013
[  294.819292] R13: 0000000000000052 R14: 00000000006f4850 R15: 000000000000005b
2018/05/15 13:07:18 executing program 0 (fault-call:0 fault-nth:92):
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))

2018/05/15 13:07:18 executing program 4:
bpf$MAP_CREATE(0xe803, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:18 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000001f00000004000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

[  294.950740] FAULT_INJECTION: forcing a failure.
[  294.950740] name failslab, interval 1, probability 0, space 0, times 0
[  294.962166] CPU: 1 PID: 18557 Comm: syz-executor0 Not tainted 4.17.0-rc5+ #51
[  294.969448] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  294.978810] Call Trace:
[  294.981418]  dump_stack+0x1b9/0x294
[  294.985063]  ? dump_stack_print_info.cold.2+0x52/0x52
[  294.990263]  ? __save_stack_trace+0x7e/0xd0
[  294.994595]  should_fail.cold.4+0xa/0x1a
[  294.998646]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  295.003735]  ? graph_lock+0x170/0x170
[  295.007522]  ? kasan_slab_alloc+0x12/0x20
[  295.011656]  ? kmem_cache_alloc+0x12e/0x760
[  295.015964]  ? copy_process.part.38+0x2d37/0x6e90
[  295.020789]  ? _do_fork+0x291/0x12a0
[  295.024490]  ? __x64_sys_clone+0xbf/0x150
[  295.028625]  ? graph_lock+0x170/0x170
[  295.032418]  ? find_held_lock+0x36/0x1c0
[  295.036481]  ? __lock_is_held+0xb5/0x140
[  295.040536]  ? check_same_owner+0x320/0x320
[  295.044856]  ? rcu_note_context_switch+0x710/0x710
[  295.049777]  __should_failslab+0x124/0x180
[  295.054003]  should_failslab+0x9/0x14
[  295.057798]  kmem_cache_alloc+0x2af/0x760
[  295.061935]  ? __vma_link_rb+0x26d/0x370
[  295.065987]  copy_process.part.38+0x2d37/0x6e90
[  295.070657]  ? __cleanup_sighand+0x70/0x70
[  295.074877]  ? find_held_lock+0x13f/0x1c0
[  295.079019]  ? print_usage_bug+0xc0/0xc0
[  295.083074]  ? lock_downgrade+0x8e0/0x8e0
[  295.087212]  ? unlock_page+0x1d0/0x2b0
[  295.091100]  ? debug_check_no_locks_freed+0x310/0x310
[  295.096278]  ? print_usage_bug+0xc0/0xc0
[  295.100328]  ? filemap_map_pages+0xcd4/0x1870
[  295.104820]  ? debug_check_no_locks_freed+0x310/0x310
[  295.109994]  ? find_get_entries_tag+0x10a0/0x10a0
[  295.114832]  ? __lock_acquire+0x7f5/0x5140
[  295.119054]  ? debug_check_no_locks_freed+0x310/0x310
[  295.124252]  ? print_usage_bug+0xc0/0xc0
[  295.128298]  ? graph_lock+0x170/0x170
[  295.132092]  ? lock_acquire+0x1dc/0x520
[  295.136054]  ? __fdget_pos+0x1a9/0x1e0
[  295.139937]  ? graph_lock+0x170/0x170
[  295.143725]  ? __lock_acquire+0x7f5/0x5140
[  295.147949]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  295.153469]  ? _parse_integer+0x13b/0x190
[  295.157600]  ? graph_lock+0x170/0x170
[  295.161389]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  295.166909]  ? _kstrtoull+0x180/0x230
[  295.170693]  ? _parse_integer+0x190/0x190
[  295.174827]  ? graph_lock+0x170/0x170
[  295.178612]  ? lock_release+0xa10/0xa10
[  295.182570]  ? check_same_owner+0x320/0x320
[  295.186876]  ? find_held_lock+0x36/0x1c0
[  295.190922]  ? graph_lock+0x170/0x170
[  295.194710]  ? lock_downgrade+0x8e0/0x8e0
[  295.198845]  ? find_held_lock+0x36/0x1c0
[  295.202896]  ? lock_downgrade+0x8e0/0x8e0
[  295.207035]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  295.212560]  ? proc_fail_nth_write+0x96/0x1f0
[  295.217043]  ? proc_cwd_link+0x1d0/0x1d0
[  295.221095]  ? find_held_lock+0x36/0x1c0
[  295.225153]  _do_fork+0x291/0x12a0
[  295.228679]  ? fork_idle+0x1a0/0x1a0
[  295.232381]  ? __lock_is_held+0xb5/0x140
[  295.236435]  ? __sb_end_write+0xac/0xe0
[  295.240399]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  295.245920]  ? fput+0x130/0x1a0
[  295.249187]  ? ksys_write+0x1a6/0x250
[  295.252973]  ? __ia32_sys_read+0xb0/0xb0
[  295.257035]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  295.262559]  __x64_sys_clone+0xbf/0x150
[  295.266532]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  295.271544]  do_syscall_64+0x1b1/0x800
[  295.275427]  ? finish_task_switch+0x1ca/0x840
[  295.279907]  ? syscall_return_slowpath+0x5c0/0x5c0
[  295.284828]  ? syscall_return_slowpath+0x30f/0x5c0
[  295.289747]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  295.295100]  ? trace_hardirqs_off_thunk+0x1a/0x1c
2018/05/15 13:07:18 executing program 4:
bpf$MAP_CREATE(0x4c020000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:18 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000140000000004000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:18 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
fcntl$setpipe(r0, 0x407, 0x0)
vmsplice(r1, &(0x7f0000000280)=[{&(0x7f00000000c0)="ecd5713e705de86dc3c6af94fc1cd1ce26e3667eedb522beac4f3698c11c986d2c806a0a4398ef6cdeaea14327921f53acdbe468ec544c4a3a2ee7", 0x3b}, {&(0x7f00000004c0)="71c4e5510f1befe1e7c857417d125b869ec44a5299eece82b68bdbe092c8ca0d8388c4b0ac8a8100aac8be31733f12146834a377eb3a8e3f1d5e95ce91fd15edd21748ab566bf55877d97d2936ca4b4875d88f53f037261e734b61759c4f7de8632d695f3cbf897c283579ac9b4b0d9360a2d038a8e7f4d6e5f7164b1e076a3589e741415aeeaceeaddd928b2c6230473935714dfe7e365b90c82e452c6419dd9a87da0e6e8840feb4cd66a4d1e9a80960ada60610fd48450f47924eb4d5908d5d60eae7c2e75e718ea0bfcda74fb3d74fff09c2268c270ca01851b8dcd455750b6d1e01c3c10dc978aee79234c7974676f6d6d1e5c2a718d1b69a1ce830ae5fed243bc431f80abab5fd1a580234261dd3dd504562bd88853e0abdd8b9b17ca267826eb723812ab312f1bb16b8214b22a12cb0472b303635d1d9c3c278cabaacf3ce2a54267f8406771118cb5c2057691ebb1b33b637d12a0fe9178bf3b0dbcae63cdd5e28c9db356bb7157becd0d32169a2b556a7a2fddd24ac65ce4daf5624154a129fe9f30da7c1c5a17d34adf3dfb5e539f667446d8f1c27cca2f21d658dcde5f9a29bb1e2365611724061ec83fedc985586a3fd783533227719294313e0160377fc6c8b4caca29bae3ff0862fc214881a8ad4fb8ee33dc7f7398210eccca93b524df3dd89be2042ee09f69d4e5d83094440003d22bf7d2799b8bbf74fd751b7ac7842f8e010a149d4c3be6b467e16a44da46795ddc22d334088b08c34063a0fc925b7a02de66eabce83884dae997435a9511da26fdfd6d19d0a4c50e368bb0f5931b23673cf253db77264bbf14ccc467a06388f6cd852c24c47b39768c82d030d2b4ea518b9f3672b949e4e377a8f318f774df74b91c14697a844b6de56a92d5361e128a2a8a5e2ded80e5fc4bf58b8c1feda78322b055694327b499ac6f7fe9190625d9de5699951026c3e66db665d38ead9c2cf5682b7860f90dfd4e62c46f791452c79a16bacce136436d67483e73b20e4606231a4b8e6cd465abcb9a956c9757880ea3bc1d052239bb35826021b8950cb29391a874f881b6d107be8e45d18b2c9413cd78de4cc6aa26400b084f7bdbd758b3def58349888994ff9a4df008c108cc5076c63ec00e7d76464840643d1efb2deadcefebf63aa58dec3b90693366c132b6be78ebe63d2d2e497595f91e03ff3594f4585bf5aa0a3121bdf70080bacff424a22d66c1a4f7bd9b43ca57d496fe8d72a56c4b040e5461af19efdfde9b3f877ab5e837c5d50c990d9808359757f92175e748169a556a2c80cb78d830ce87e5e7ea93c1e22f052d2b2b881123147c73487adcf802545b347094c1843bb61b3b5f83b0d983373df64003e89e19d9f34430a9e4dd07b1bc2bb5aecbe96862513f10723f745361b7a393a719ee24d31bae61006638d7244400140250bfbbd2501ae5f8f2bf990e907f10e58803ae3bbb042766ffa04fdf5adb54517b4fcf42949c237e08a0673880ec8110e2cf98a600b1ba944335a2682f8c3310ebf5890c4cd3c9dcd11edc95a47a63b46c34ad437a935ebe90f27761fc922bce9110b092337d46af18e5983190be9913183bead7242dc05775516f5cbdbafe0ef4b6ea3011016bd98029234c932f4b366d3a64f07556757822f2187aaa0acf8948fdc8b27b506e684b139dc09129414d9fe07894577ea36d06b8865d688bb9adfbc8e3d80ecdfed7b14fa15c393eac2987da7ba0958fe47b982a5407829bebbaa6bdd437ec8d6ebb0802ca9897b867ab3a48094609d451d0c7a8b77b26515ff31702f73af8e57cb79a0b590df83a7dda68244e597e7d104e147b20821c8dbd83a9e77cc29e82ae3e11cc817622b8429c9fef01cd88aabf4dc9871d3bae3cb81bb64f56f03e1f6576a14857ec13550ea332949a85ced0657251d9908366ac28e20a4dcfd9e78e50d78cddb911883cad340e0cec97fae75c3c22527e21c68048e70320fce39384948696455fdcc2f3f33e6321d5e55e0bde5bc58653c8ca7f5aebaf90a126232c14ee54093f3598f38065725701c7e81044b6c430cd97f1c2e7385e109b48887c20d0d3d85d8e0af3df7405d05fd26571736b12c55df5bde8588bf96675bb280045dca36dff50908023e3e04e15cd596274a6d1925824c52883d0736b16912bf1bef592b9d7cca8418cd8144a2763ae316049afac5fa43278cf3f5ea3ea5994ddf0c11797b25e885c919611c3b17006cf2c831b297e4da1d8670e85f851530ca91cfeb21cf8d4ef31d3c1f9db12629e9f2fcbaf887cabfc37575f52ee76eaa0a4d95821fad830f28791b0f5a8897ade0ef55077dcad13fcec9e1873cd5f81241e6554ec999aff0e47a12ba6abd70da55e18e7bc48ad8f590604ef33ec2e12b917d8af6a921c08433e33c7205ce41bc981eaa5d0cb7b3bd7b4b2117632f935352ebf6dac5c625e569ad60f7438f7cf6648d3962233350b3908f2c42af00070d3c15b03844601e125092ec5b65e56eb11ad8868debbd8a96b60097cd1b8f0812db7dabfca6f52f95e066613c0fc0f6e1fdf6ec5be2907305861ff88a0f8222631ad19119950f898e2de924719da447fe9794988fb7b9f34fa64073853f5fbadfd657a2485d5b21606197391569f3e6b276e79e49779981f263f34fac4f1160b481b46b9c6f88664d66a01cf839147f557c0e2fdc3528ce4cea00b4b98726b17fd7c3d171d0942cfdc4f792e07759ad83be35c2eec09d5393bb663576b0d9c051d1ac4ba301424c0d467a94773ce71fcf31e8a3a790b1582b46c203e14e026cb9a1a59678399ecf37884f8c02e62cae42c816ae1b01a7e38eeaf71e930612c9b43facf69eb821ff80f3c4765f600d56e7ca21d1099e80edc508ff4de5657748a07269bdc721df161acfbd58bd3e370e8a1626e9ee0980754bc454eb4345c3487ea30a032ae1ba7123437e5f558f0da8797a5183bd6e756b6713b5a8bbd8f857c803f55fce6fadc3fb52e57f77669b34500621c4bc6ee0a773e89f9e70c6d206a5ce6541c9e7f464060a3074934fc64b44cb864f656269cc8ed95a960636dfadcc348920a9575b1054150462d0f59e271e72a0f48309b56f4a8334e0f1658d8978148e21e4bd4deb47b0f886d328d603aa43cd66442acb021083bb6fc25faa92291dc76bc25513c080a462d15e6ae6b04ca8f7ad13430add9d006ad6c9d7df3ff0291d6577b5b098c808fcb1885076ed1e96ce28bb2890178fe141b8b5214139e86555187b2a5f0520a9457252b4a633e0be1dc6c97ed49d9266f0d5bbecd18b61760d00aeb52e65def9244b2fd2c2b9ad0bdd6c275d316e02b26fc10f56961be58f2b89c71e8c88bbfaff110ea146aa71a089824b8bf9437afce9b29b066fad10cdb11e6bb29d7587da49dbad31bdb3039cbac0245a5af9eb2503ba8416712966165c9fe575ebf7f977fecc34ab7ede4561cd18d7634baab795898aa12faf7efd7514e851de2a15d0e1bd4949e54c3fff5fb3d7987e3e3f4e3b00a5d5e4898b855eaf6ad6cd911968b09fb4a9d6de000f374ca4a1ea245fab81581b59851b66880f7a687ea86f07a295924a4e228462fe26eb0c25140943542e3e73616211c8becae27129fd759d5d0975b9f49d40116ad108fda92c838a4ce3ad26c1552060d586559600684d0c26e1f2f2bbe89a1454772428025699bc50d617b751419b77f95a027b25485cb261c629ce211cad7ee607603428480b5290bb47e57786e9e71dda5d50a32ba214123754a6f0d314f9c437b6a027eb27e839dbc68c2070793b570da0e4a1dfcb7d3c6985584a91bfeba4b7991a0d5ae0530baf20baa42d0247e13ac09b87842646fd9c1400f03c6300841f3ad15731869efe6f802e0f1cebf20e65a17cbf8ce2454a7eaf94f49c30cd560bae15cc40991ff3c347a6ea8984ab349858f5fcfcfb7875b0e32911f7ac3ad82804fd713317b98bd67684b0dbacfd768c47d0c972ff50f44db4119c3866bb0c8b30269bf5ff8521197937189f2f6a2e313ccb53bced042faeb50b90a7066d09cd3469d90a46eb0c90b8bbca9a288b3d72dc9cdeb3ef61c54d889f08c82fb90dc782bda4b560ec93a27edef0625595e33c20dc5f874d2cfbd62d9a9a1eb9caa63aa127cf78c8357a030d1092c25e766fd1386556565106e15e27f55fe32a2747347ac742d34dcd30ac2a94afe1ada47ad04061389ae29c4e0bc12e5bebd774e76bbd0c2781c8a143e64faf0760ea73cd363ea583f4a70e78484a2d5fccd0ef8ec826c5d61986cd6a4d3933aa66c696e4b3ab938ab8389297f28f7b516967c90c02b02f5847a7b30dfe3a8558c075aaafed1155dc9c49e89b4820bf69fd1bac5d2a64e04e08b24e8bf4f38af625c4eb1abcf607f32d0f6835c0cd230ef69f3fa27bd6deb5771c998588c90e91ac0e8e7d8335b2124912e8819fdb07de4ffd27b1297e01b1e7f6438f03c1ea021a91ed83ef38acbb1953bdf5085b737b3174c066eb39c908e2129910a8fdefefbb7e8f50fbd1a2901c84ee176cf6c8f92dd7b2ed94fa3abbef13a2dcf9157837fa5a23824ab0a0109e86af94597b4bb15c5f93acdb0469aa44ec735795f138b444d2f44f45bb6037ca95dbd9988d40821c5aaeaa84d66691aadde1ea3fd56b9ed90827fc2eadc8a4a297c236f0a684c569516b4d7dcdb8ee6b0c4342b7ac33a853b04803cd9d38b47f8ea45022ff2bc2bcc0facaeabe6887623a47571b772fdc55ef2911fea6236d314dfccd3b89e72726f21bf7c9d1c3478c4c022b7d66b8ac92a1d4d7fa71d2dab1ef914a69b1da053de6e7b78180a7e52a039dbef7248ce38a4c74b3f8f94774b138eb9044155d2268d59d79b415d4a2bb9e74d66f407413ab9ba3f2a3b68c86f6e74147c5b48e97f628875c8565aaacd608917fcf28c06322b81424ca30d8edaa50d8ef65981e4167b467ea05085455708b195113386cae07f142cfccb764f0f871e749852f8b566e0e792ff16d8ad9ffff0fdee6a81f03e192ca7fe2e92cbce3b1bf3f1135344ec8014f5c77f6ef9cf270c86f61855666720ecb3b8edf0653d0075a4f03e5081f7fc898b3c0d9c5b97c21d18b9fd1068cac308e30088f415d2e70b28fa149d6fcac447ef238c37d3df3ffb84a076e334dedbcd7cea25c5c7c7f1fe3f5baf8b721135caed6882aca198265fd9084ef099b7be896d4c9d65d432e129ee6deb78d89ff37a99e18d9485026ffc4e083cf0b82e654f0596fbb0901b124d435a3924f6ab3ea3e1fc8816c04a38f6dca11d3453aa585a50b923777f3bfbe89315ad6060f6049693da2cce2c0e4eee0dcb04f9b38d254385723b1c46ea92d8122ad87b49d22c8582e0995c0470292819046741f46d5fe5f740093fea75dee167bd4afa24dda93805f7a1da51cd0858db8558a6d2fa9ec839a0c17068e22a10422eaac37b2c605baa740f7894b3f445ff0403c9a4df27317de6f2110904f57fa6918e05423e75ada13066e21ec3b0f5bf2640ce7b005d341ad9f00681fd5b535a9f18b339d9f580a549c5b4ac788c3619ba2eea00bd25c5f7b74c1de4aa727b51f8fb0b1c55c75b28093315dbf7e7669ba5e0e93e3792948a7443c46799d23ccff696bf63175024bb92b3302964eb450529c5b3ee20c87c238909a5b1ef335d9d77becd983218c3c268b3a1ca1f65d7d8055e6ba915bd4fd6237ea4093f8cf7f24f10d71040d70ceec6df7537f0d1e04f063229a5f39c6bbfbe4961cb62e44da4744d40b166e5d5be4daaa40d4b0ee6de6a49512c4", 0x1000}, {&(0x7f00000014c0)="b84a8f520a506ca875f25173cbd4e310d788a2616d76193cf3185a565a3fa409d5865ea4e882bd278ee520cc92085c6ba3084cfafa10905e36e11238e335b5b1dabdfc332b059dfa4f6c27985bb0b15530b9a38e9c5a909d25962e47f2a6ac6b949834a3ae1bcfe3126580aa0d1fd36b0f20553a7a5a6b78b254f1963d5df5eba5bb10d48f8c3031050b03350b3f27f71b806bc2793978566ed36e9db9e3ee4cd0ee1687af82b531aa0a4a537d523eba5e4a625ab4de83f1c55ec68587546bb86105fde87d4bb495445c37e370b9c80472153c7f3a6792bcb003f3fd905858fec93ea876f905a4e253a882b28c4d4a77e5837c519abf459b0eeb1a8a0fb19b1468ed1c519eff933920c8bdaaa4730e6f2d5a177212ee3e4c852541ecab9e291b68fa3a66cf17a49a5fa19f0ef47d07fc37df1c1eeceb143fb7d5593f126806bbe0a39b4aa258ffa6da0b90b485bdc9361054dba24ffb8b2bb3a4f694c7049d34ef3dd0a91cbffc95bf0f4366fab8ab6612d490beeeee5f2ed453a11af70093ea4a7f4265cac9b266e2ca3445b924b7d0feac2932c1ca9b8b236918ebe5101368a5bb81d4e24eefaeff5f5fa13b583cf8a16d49604f384517cd4cf9ea5f50ae9e36d30b41a45b053810540f774ae4c91e39f4375aa8fbc21d4fa26bcac6e9e211acb75182f9d88a5fbb1a6fea2e055aa4b8f571ab0c47b9f434ef03c19499d50cb0751ed86f8ef41f728ad7f40d313dd73af32839f3955c11ba75af773c00470bd2644558050bbebe717733b3f0b90ef708d5f28ee6dd35a88ac2c3396e2d43c2f81c7538d41a30ee86fcaa655681c561a0ba4edc1f52476c8d7ea0a3788cad8180a0a7e5f2bca4001e0517c268ab1574bd919e3e2036fbefad1a659da59fc281ed70797940ab16ee13f41f3423536b37f3977a3d765a28e848f403187b6ed5928efbdf55375ec5ebf84a02739b9766432148491d2f72ec14452da75147e7c3d091d510f87c1f1c587d4df6070a32bcbebf8b0d869c10d4b78d01eb4cd440cf6fd949c9c7e6d92cc72952d7760aede1fe921879cbbb712ef93229b828ce1d522b92ce7c212dc27963ff7e438113d254335713d0d2b6f27fb97e380f5f4879ea9edd37dca584a72aa06df1591f310505ba210ee47fc098c76fc16574c30c49b7d835b04beb938abf89500d745087b8a52846746d0ff71ab63edaa186ba17f1962d4fbc0ceddbb28b67354b29451686fbdadc9812bad431092a2560f1c36091c67d6ef7f86e55c4d05b904d29591aad9bf960098f656454eacdc36d34329c290f4bdb8fe21c96750102f3d8a889d644a4e6e6699d2f50c289798feedeca7839cb5581f2f266dd2b07ac238893a10af34ed6a52293fee7db4ef0ab1e68ee079e1d063d01f1d8504e77b682c247a4708c11cd1b037b8a9282655031413dbc871e5686b913ec5b1aab202d5892cbf3810a16f398dc2ecc5972d946b0f869a3d1c1718a076254752ebc2a8f0e8db05a4312982393159285a146c57a42d9bc1f091316b2727291dd574bf88389304fa3c967ed6fcda75b58324d7ef37954ce09e95cc5569e644cdc9deb3a29c8b29593eb55c8d12177f5ff8238c445dde4c266455e92ce3f21f118c593ef7ba15913e27c6f89ce526185de4b8b6d5b1d538797875e6f9316d6416480944370ca6dd38ab4618bb006296b016edde28f81947c211583c525868e4f90ecf5c2a87ea7b046758dad89e71f30129cd81ab5c689263940cc753b471e9cd4a9fdca62e4cb538b4272d5119eb83f68337837bfaa85dac213461ea0c8fb58b2e8576d5d9a34b5d953ed6277cf03311bce06c0655bffe313db45dba8c9a8d5aaec75ca5693a7ff73d68e80301614e9f1850273b891f9d9849a1382716d5cdc795ece0eeecd1a50c70deb11a9caec3e4d4f85442bad41591dc01b92803d4ac8891aabb17d72bdd5e2dc3d901c696e3703cf1ca5b862d711de0dd6f4a609fe1d7aa6add832373604f36b4b18b3dd23a0b1b18d02b1e0151d202c3448bf7f9e4c18690a15bd6992a30e502c86b60884e5397f36d31d125027ea7b4b8fdb6d121747b4fa4517daaad992a8115da1be994824c2f61fe808706a11d83c0b1c80df8e86d76d33aa02efe341e6dcc6d644d684002994cb8dcf19feefb551beb0a180d4d5dd347b2a98530fb006b82c050a662ba97572d0fd4b78fe2d131f43e36ac1690e46d5b3e4eeefa1ee07291b80ca5da7bc863a667675fc950612f494be3207ed393ffdb8f67ad89d4a10ace09e74e8e66efcc41e402f0bd7d7e56371cabdb64858f86fb39cbd7935db28d60f2b5d6c1722fcf4f16176db60a7a44dc8977fbee465bffaacb345123255f0a5f987bb9b83bfc16b281b0bf4550e0782fd8a266e01f8fca9108be22fb8e6871aa31566dbf67e66e8fe8e11379b8d6b1582251a55618325b95f9ccfa7e4133f441cb05262119a7f784022fc9d101ef03adf9dc2afb10eb7b171c1421c52e780610b5e7d05bed91244c851fe89876b9f5670ddac863b04956c0595fba3a3b3514101c4da0c8143b3c0c4fdbe14742433cbddb39359f6189f371a4ea5fcbf74bbc0a82a029bd306e7608a796d1428e2bb7c64629f673151b9509c4b42c888d779e7053276716f20b276bc637c549ab1902e4ca999cd9bcfc56a21b974e5e52bc547db40cdeed1165fb8d50e9ca18c1020037ed8d433170398c74b8508764f3636247ddeac68af6a6733b23ead1f96cc68721766e39715e28ed05af5355bbb63f9192bc77664bb517e40d4bdcd3b4d79011a9be1602f64112a1766714be71a77cafb31ec94515830a0ca72c174e185f1e933ea25ae70ddb84858aa785901917c6909edbdc16360629bb96351d65f3c7f1bc8208afcc91e28e4270131e3a198d797260c796192c0ba3b698917e5228e1ffee01c6ed6f153363ef8d89ea797a71c35916d9c4ddc7db80ebe2023be100d98b0c7dc290a9022aa731b0b8c6951550ebe8253a93924675ae585de6c6440b83d293898a7b34b474d552ea154b68b04a169bd34560fc577104296676d317313f84a092a450237fd18eb129cc3fd3d8f94393c8449357bf09e3efe3dc0829e7c612bcae2afe699a2ee67202a2c174b69a67949108c4fca0611a7ac1089000d33a0c66ae3e87dbebcb4c031dc91370216754f1046f94e775261051c78dc4dac8fbec49393b1ab78b7172a4d7eb8d3a6367697e2bba6c1322f9f247073b66caf0f98fe6694132cc25b5d0cab4545818f45c499bfde8766f3488410e3b513697e2e03ec1a4b27cec215e5749a0559bfca36cd631a906fd1e88cd3af7e1bd43bb8b69757152e2f4bffea356a7f7f623f11f78efabb255a2fc96a34ef3c6c0916f0bcf5642f5fff307428fdc7eb1ad90f08f3097e2bfc73b3348efb0d192b60692ab0386c4770c7b006dd16485ce50d69f1e7ceb8f3332de1d63ee578768c0ad7251f4b119d9f24b067ccaaeeda4a7f890a76f64931fd592156b955652383a680b1fcfad5c5f3aa59eb99cc7bc865846fe538f8e8a2abb1d74fd51c6d95407932c3123779cee91a2c657aea2850a280529ce3c5e342723f1a5ae21e4bdc8b2bd76a729fe9ae499e3ed615bd6f7e66a911281208b12a2d0b77e713d99de0691281ce0847df34a13eb7cb04729b765401fb83f6f9ff1e07df7926f3b6b0e75c793a45bc1f014e403fdfafa1d42b59f774d5cc3520a144d2f093ac6285eecdd056c17b9013571a4622234df14f5cf06e50abaec8541b70a9c191f02f6467510200fc9d27f1ea9a9ad364076bccf4e6b7d3f81047e6cadae3bea42ebeebd5697fa31d77899896951d3ebe0381b2008403f65c2d34decd6447d84818c2b22fcd47aec04248a02ee2d8b0a469a30e8406783a32855365b7091c0270d1fcdb62e33597f882dd820113e8ade9d467c02e0a583eb6c2584b73fe181e951c03b9e96511241fcffe0e90c5f258d9bd494a3e7508a2774111ece9fa3a986844e7bc6a800867b644c9d9739513abca349cd40b7a71a01498445858252defb5092c0a8f1453a1ad8b42bb8d92cfb258303e1d042e9f301f71bb5302bcf401720f4fc5459f106424e56433873558feb2ee096e31331352e6074029d235a2ad156bd201321204d7cfdab1b56f67987784a7d6a4fe6caac2ca326b8a0c7b0a6cbcf1da1a4b0fbbf28caea89efbf90a2fbd8e63296a55ccbfb515058354bbef4c07293870ee6d8e19e71822980e2d63774d7116899d49a756b6b34cc6cb2b558be53264b128af66e265e3bebfad28d1cc084de7443848f09f89df5096763540c98327b9e037bb153064d50d69e91322c98562c6f29333e59b2f95c6483f8e1e14ae9312ae6ec21c8954743ce7b1dca4948301106384d005774cee3db17b1e47eafb9f500a694cf3a46427cfbe27413f595530f4545b3195a53e915125feffd2ea0d3b4e8afa8f5a779a9211a4014c5b32d887cdbe43ab49218c36ed165eb540d0e6c6c8a74e9a469421ee4e1f5e73745a781ade6d788713ff5bc5d4b0d37647119e775e868b5be6e50786526dd84cbaea1c5dc50574428490bfc1cf49e3cee99ddc1f1452f73bac8d3a45285d9e9bdd1299f97894605dbd39c7af6d3e09b7eef5687dd57ddba049a3f4dda5366166feba9350ff5897df825ff2acc9899a90e675fbc739bdaeb7eb0e161277e62b9374ffcc05d9ba653ab1715d98b3dbcd30eb6be24715f5c0dae2a5de7735f42b173fc37d52a296b5e7fd4e0fa7d9f3f1cedf15657fdd7346ba68fdf92a713fc464cc30bf62607f14c28aa966bc7243bc3f5fd57658e9ddba6d55b4753d9fe2ebf057aca756858dff0332d1b8ac7efa9e3ce5c476c044383f4c12ff65561060ac71600b05839ad421bf3b5b2d6647a6448b632a64a5246d82cb29c18b9e816143a3299f41dc9462b42a8b0657c2da552acd4e2df96b220aa484a7a87624f5567f3ccd9c8ce68d45860a8e92957b6ffb934148f37e6bfbaaa665358d147964dca5a12e729c3e21d4ea866214d66068b2b16cd2bbab6d6a4b6852d20f0d9a4bc482a4c0a3045ff1a3127a76a1231c96cba21ae07c280575c828f353988a8030c20830a739ddf9d1b23f673198592a3e011f80a325f5e204ca461cc96232cd67871cc29be8624dc415bb3659f1dc4ac0e875052d50577943973a29f2ee7f73255c56df09e5383d4b7d11a00885493b85df700a04063fb905f4501b8c8745f49330d743d068c68723c90944c35feea2078b7ff35c5baa558d04201563a082fc246ee784e5b85b58fa809f17716752dcc47f60168d36db90668ff20fa126986867dba186ff27b5c72a66b6eda533df633a540bbf0cb463548ddbe0cd9faf81e39ace6f079bc10e5dd97332ba649053e82a3853ecb2cceafbc4ac2fd06b6a9a29ce40ff6c56ee187173de8dede391d0dde42e936c419cc218b1e8dfbf08b1e64c793566802d7975a099d625e62c1b48f7be3a79f72610b7b277ac53890b2676ff60a0671e3b3775f53b9ba9c97bbb0ffb570117023896b09b0a73cda7446f045431ec7ce904fa553034a8d2ec9b5087334ff38c424aec2d4d320b58f346e6fc7f30b0f7b0cd8258e150bbdb4d6a9c2f1fe884feb75835e8a3fb69837141bd8a60e2ccef4b231cbe0ad5a2c7aabfca5cf53fe1ae47595c104536b5edf5cbe6a5f2beaf70b7c3348c611e669224e05ad317630518864a76e7f9ff69b3c9ed0b89efc3e6c56ccb1237fe28af9b1b28cc15c88ade5ad232006632cb5b3f5b7bef2fd4496ddb7c8cf4", 0x1000}, {&(0x7f0000000100)="5d79d7bbd6c22c747ff90d4e994f5a3b7c1863349659b5c633636a6009cd83505d38f36e519d2c56480d77af73ace5714b3f3b5a734194acd364dba76ac34ed8876133b59de187deb1120c3ad9e6a5e040a3ee7bd889565abfdaa6d8a63df5a13f1ded4448688c9b20d3075c662cffcaf95c9b258425d1b8f55724347c28e5", 0x7f}, {&(0x7f0000000180)="72738a8ca0103a8050319bd5c3645dac96d8a4b09c6a96a60447999fbb82adb8b6a0dd621e074b4957d21d9c7a9501a210cbba993e3e825196c0b72d92995cc24856f57a15222ad22fb974be03ee92556e811fac264e66473b49e9ef10fd0ac208ad7628dcae917b42d922c87567c50249c4ffbbaac93a3671633f8a8d5861b36a72b0c3ceccf354a98469b368840f0e4f8878e26f2b9350217f0d754e1784a13206086875bdf01a3f2377146c22102b3d05931dd281c724b71413708209bfe47df99febc629bee427518e7354be1385b7329e1f380b561fb07f6229f25818bfce90d20da9663a895346e8756955a7891fdcf6f62fb505d0875434d6dccd98", 0xff}], 0x5, 0x4)

[  295.299930]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  295.305116] RIP: 0033:0x455a09
[  295.308304] RSP: 002b:00007f899b091c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  295.315999] RAX: ffffffffffffffda RBX: 00007f899b0926d4 RCX: 0000000000455a09
[  295.323257] RDX: 0000000020000580 RSI: 0000000020000480 RDI: 0000000000004000
[  295.330508] RBP: 000000000072bea0 R08: 0000000020000600 R09: 0000000000000000
[  295.337775] R10: 00000000200005c0 R11: 0000000000000246 R12: 0000000000000013
[  295.345032] R13: 0000000000000052 R14: 00000000006f4850 R15: 000000000000005c
2018/05/15 13:07:18 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r1=>0x0})
timer_create(0x7, &(0x7f0000000000)={0x0, 0x26, 0x0, @thr={&(0x7f0000000100)="99932a0b5ef92bf2f2e23301057ddc31728bc96a0221119b85050da4abaa353f554a067aa1a9a831ce72f119a3d8c98a32f0c84e2146067989e39a2a969a8d86a589190733aff5d1c2cbf71dee5a2b821fbfd2387e4f760ee537705457e1cedcba374cd2b6fc8eb3389bb81be0dc429afb538a94271ab914d6106bcef3468a9922ca585f57e1a5b1c8a2fe2a46117616dfa651628365b9c7c8d2b91024b13949db836f042a76348a45a79d61cf9ceb4bbbcc562045f3a817514616edec0ad13be7584d2aea32ee99742abc4be009fbe07f80f3a0bbdc8dd950b4f3a105e312f2307a3b74c91eb3dc2abeef098c6a21d34dc38083fa61", &(0x7f0000000200)="9cce62a8c9d20f5d5ce3b9e6353cbb06ceff378d373b5b88bf7edb7505767c13ffbcd47c1170b1d1aa320eca14a1b9f51f3d011b6ae6e33139cd2bb5a20b82d36401bad426170d18266f2b3667b9b56631b8b1b6079e6bd5cb2d571512d56ec87ddbdf1406"}}, &(0x7f0000000280))
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r1+30000000}}, &(0x7f0000040000))
tkill(r0, 0x1000000000016)

2018/05/15 13:07:18 executing program 2:
r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x54000, 0x0)
setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000040)={@broadcast=0xffffffff, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x8)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$inet_udp_int(r1, 0x11, 0x64, &(0x7f0000000100), &(0x7f0000000140)=0x4)
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
syz_open_dev$vcsn(&(0x7f00000000c0)='/dev/vcs#\x00', 0x6, 0x10000)

2018/05/15 13:07:18 executing program 5:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
read(r0, &(0x7f00000000c0)=""/250, 0x142297bb)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
getsockopt$sock_buf(r0, 0x1, 0x1e, &(0x7f0000000000), &(0x7f0000000040))
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, r1)

2018/05/15 13:07:18 executing program 4:
bpf$MAP_CREATE(0x8c670100, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:18 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000040004000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:19 executing program 1:
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = socket(0xa, 0x1, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f")
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000ff0ffc)=0x8000000000004, 0x1)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x3}, 0x4)
sendto$inet(r0, &(0x7f0000865000), 0xffe4, 0x0, &(0x7f0000fd9ff0)={0x2, 0x4e20, @rand_addr}, 0x10)
recvfrom$packet(r2, &(0x7f0000000280)=""/4096, 0x1000, 0x0, 0x0, 0x0)

2018/05/15 13:07:19 executing program 4:
bpf$MAP_CREATE(0x42030000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:19 executing program 0 (fault-call:0 fault-nth:93):
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))

2018/05/15 13:07:19 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000030004000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:19 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r1=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r1+30000000}}, &(0x7f0000040000))
tkill(r0, 0x1000000000016)
r2 = socket$inet6(0xa, 0xa, 0x3)
ioctl(r2, 0x0, &(0x7f0000000100)="09f884bf971325859dadca265742c289ab926d54542517fedb3045d9ad0982cc9c81747eba51e804b408c4155a30d61a67c918ed7f01decae9ba289c6d9924db857f2332dcdecd6a1662575aa8d5b947583a4f43b837cd7ad8580e78f9b538619cd6e9796e6380d6a888f3a8773a3c6dd5eb645b16e63a23f3f2ca4133755bdbd33c1c7b50f8e74c00d226c04d16ec919aeca7792307060cf772435ee371462e63203f11cee0cc4f6ffd40aac409e799057115a22b14c03ee37321a87b")

2018/05/15 13:07:19 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
vmsplice(0xffffffffffffffff, &(0x7f0000000280)=[{&(0x7f00000000c0)="ecd5713e705de86dc3c6af94fc1cd1ce26e3667eedb522beac4f3698c11c986d2c806a0a4398ef6cdeaea14327921f53acdbe468ec544c4a3a2ee7", 0x3b}, {&(0x7f00000004c0)="71c4e5510f1befe1e7c857417d125b869ec44a5299eece82b68bdbe092c8ca0d8388c4b0ac8a8100aac8be31733f12146834a377eb3a8e3f1d5e95ce91fd15edd21748ab566bf55877d97d2936ca4b4875d88f53f037261e734b61759c4f7de8632d695f3cbf897c283579ac9b4b0d9360a2d038a8e7f4d6e5f7164b1e076a3589e741415aeeaceeaddd928b2c6230473935714dfe7e365b90c82e452c6419dd9a87da0e6e8840feb4cd66a4d1e9a80960ada60610fd48450f47924eb4d5908d5d60eae7c2e75e718ea0bfcda74fb3d74fff09c2268c270ca01851b8dcd455750b6d1e01c3c10dc978aee79234c7974676f6d6d1e5c2a718d1b69a1ce830ae5fed243bc431f80abab5fd1a580234261dd3dd504562bd88853e0abdd8b9b17ca267826eb723812ab312f1bb16b8214b22a12cb0472b303635d1d9c3c278cabaacf3ce2a54267f8406771118cb5c2057691ebb1b33b637d12a0fe9178bf3b0dbcae63cdd5e28c9db356bb7157becd0d32169a2b556a7a2fddd24ac65ce4daf5624154a129fe9f30da7c1c5a17d34adf3dfb5e539f667446d8f1c27cca2f21d658dcde5f9a29bb1e2365611724061ec83fedc985586a3fd783533227719294313e0160377fc6c8b4caca29bae3ff0862fc214881a8ad4fb8ee33dc7f7398210eccca93b524df3dd89be2042ee09f69d4e5d83094440003d22bf7d2799b8bbf74fd751b7ac7842f8e010a149d4c3be6b467e16a44da46795ddc22d334088b08c34063a0fc925b7a02de66eabce83884dae997435a9511da26fdfd6d19d0a4c50e368bb0f5931b23673cf253db77264bbf14ccc467a06388f6cd852c24c47b39768c82d030d2b4ea518b9f3672b949e4e377a8f318f774df74b91c14697a844b6de56a92d5361e128a2a8a5e2ded80e5fc4bf58b8c1feda78322b055694327b499ac6f7fe9190625d9de5699951026c3e66db665d38ead9c2cf5682b7860f90dfd4e62c46f791452c79a16bacce136436d67483e73b20e4606231a4b8e6cd465abcb9a956c9757880ea3bc1d052239bb35826021b8950cb29391a874f881b6d107be8e45d18b2c9413cd78de4cc6aa26400b084f7bdbd758b3def58349888994ff9a4df008c108cc5076c63ec00e7d76464840643d1efb2deadcefebf63aa58dec3b90693366c132b6be78ebe63d2d2e497595f91e03ff3594f4585bf5aa0a3121bdf70080bacff424a22d66c1a4f7bd9b43ca57d496fe8d72a56c4b040e5461af19efdfde9b3f877ab5e837c5d50c990d9808359757f92175e748169a556a2c80cb78d830ce87e5e7ea93c1e22f052d2b2b881123147c73487adcf802545b347094c1843bb61b3b5f83b0d983373df64003e89e19d9f34430a9e4dd07b1bc2bb5aecbe96862513f10723f745361b7a393a719ee24d31bae61006638d7244400140250bfbbd2501ae5f8f2bf990e907f10e58803ae3bbb042766ffa04fdf5adb54517b4fcf42949c237e08a0673880ec8110e2cf98a600b1ba944335a2682f8c3310ebf5890c4cd3c9dcd11edc95a47a63b46c34ad437a935ebe90f27761fc922bce9110b092337d46af18e5983190be9913183bead7242dc05775516f5cbdbafe0ef4b6ea3011016bd98029234c932f4b366d3a64f07556757822f2187aaa0acf8948fdc8b27b506e684b139dc09129414d9fe07894577ea36d06b8865d688bb9adfbc8e3d80ecdfed7b14fa15c393eac2987da7ba0958fe47b982a5407829bebbaa6bdd437ec8d6ebb0802ca9897b867ab3a48094609d451d0c7a8b77b26515ff31702f73af8e57cb79a0b590df83a7dda68244e597e7d104e147b20821c8dbd83a9e77cc29e82ae3e11cc817622b8429c9fef01cd88aabf4dc9871d3bae3cb81bb64f56f03e1f6576a14857ec13550ea332949a85ced0657251d9908366ac28e20a4dcfd9e78e50d78cddb911883cad340e0cec97fae75c3c22527e21c68048e70320fce39384948696455fdcc2f3f33e6321d5e55e0bde5bc58653c8ca7f5aebaf90a126232c14ee54093f3598f38065725701c7e81044b6c430cd97f1c2e7385e109b48887c20d0d3d85d8e0af3df7405d05fd26571736b12c55df5bde8588bf96675bb280045dca36dff50908023e3e04e15cd596274a6d1925824c52883d0736b16912bf1bef592b9d7cca8418cd8144a2763ae316049afac5fa43278cf3f5ea3ea5994ddf0c11797b25e885c919611c3b17006cf2c831b297e4da1d8670e85f851530ca91cfeb21cf8d4ef31d3c1f9db12629e9f2fcbaf887cabfc37575f52ee76eaa0a4d95821fad830f28791b0f5a8897ade0ef55077dcad13fcec9e1873cd5f81241e6554ec999aff0e47a12ba6abd70da55e18e7bc48ad8f590604ef33ec2e12b917d8af6a921c08433e33c7205ce41bc981eaa5d0cb7b3bd7b4b2117632f935352ebf6dac5c625e569ad60f7438f7cf6648d3962233350b3908f2c42af00070d3c15b03844601e125092ec5b65e56eb11ad8868debbd8a96b60097cd1b8f0812db7dabfca6f52f95e066613c0fc0f6e1fdf6ec5be2907305861ff88a0f8222631ad19119950f898e2de924719da447fe9794988fb7b9f34fa64073853f5fbadfd657a2485d5b21606197391569f3e6b276e79e49779981f263f34fac4f1160b481b46b9c6f88664d66a01cf839147f557c0e2fdc3528ce4cea00b4b98726b17fd7c3d171d0942cfdc4f792e07759ad83be35c2eec09d5393bb663576b0d9c051d1ac4ba301424c0d467a94773ce71fcf31e8a3a790b1582b46c203e14e026cb9a1a59678399ecf37884f8c02e62cae42c816ae1b01a7e38eeaf71e930612c9b43facf69eb821ff80f3c4765f600d56e7ca21d1099e80edc508ff4de5657748a07269bdc721df161acfbd58bd3e370e8a1626e9ee0980754bc454eb4345c3487ea30a032ae1ba7123437e5f558f0da8797a5183bd6e756b6713b5a8bbd8f857c803f55fce6fadc3fb52e57f77669b34500621c4bc6ee0a773e89f9e70c6d206a5ce6541c9e7f464060a3074934fc64b44cb864f656269cc8ed95a960636dfadcc348920a9575b1054150462d0f59e271e72a0f48309b56f4a8334e0f1658d8978148e21e4bd4deb47b0f886d328d603aa43cd66442acb021083bb6fc25faa92291dc76bc25513c080a462d15e6ae6b04ca8f7ad13430add9d006ad6c9d7df3ff0291d6577b5b098c808fcb1885076ed1e96ce28bb2890178fe141b8b5214139e86555187b2a5f0520a9457252b4a633e0be1dc6c97ed49d9266f0d5bbecd18b61760d00aeb52e65def9244b2fd2c2b9ad0bdd6c275d316e02b26fc10f56961be58f2b89c71e8c88bbfaff110ea146aa71a089824b8bf9437afce9b29b066fad10cdb11e6bb29d7587da49dbad31bdb3039cbac0245a5af9eb2503ba8416712966165c9fe575ebf7f977fecc34ab7ede4561cd18d7634baab795898aa12faf7efd7514e851de2a15d0e1bd4949e54c3fff5fb3d7987e3e3f4e3b00a5d5e4898b855eaf6ad6cd911968b09fb4a9d6de000f374ca4a1ea245fab81581b59851b66880f7a687ea86f07a295924a4e228462fe26eb0c25140943542e3e73616211c8becae27129fd759d5d0975b9f49d40116ad108fda92c838a4ce3ad26c1552060d586559600684d0c26e1f2f2bbe89a1454772428025699bc50d617b751419b77f95a027b25485cb261c629ce211cad7ee607603428480b5290bb47e57786e9e71dda5d50a32ba214123754a6f0d314f9c437b6a027eb27e839dbc68c2070793b570da0e4a1dfcb7d3c6985584a91bfeba4b7991a0d5ae0530baf20baa42d0247e13ac09b87842646fd9c1400f03c6300841f3ad15731869efe6f802e0f1cebf20e65a17cbf8ce2454a7eaf94f49c30cd560bae15cc40991ff3c347a6ea8984ab349858f5fcfcfb7875b0e32911f7ac3ad82804fd713317b98bd67684b0dbacfd768c47d0c972ff50f44db4119c3866bb0c8b30269bf5ff8521197937189f2f6a2e313ccb53bced042faeb50b90a7066d09cd3469d90a46eb0c90b8bbca9a288b3d72dc9cdeb3ef61c54d889f08c82fb90dc782bda4b560ec93a27edef0625595e33c20dc5f874d2cfbd62d9a9a1eb9caa63aa127cf78c8357a030d1092c25e766fd1386556565106e15e27f55fe32a2747347ac742d34dcd30ac2a94afe1ada47ad04061389ae29c4e0bc12e5bebd774e76bbd0c2781c8a143e64faf0760ea73cd363ea583f4a70e78484a2d5fccd0ef8ec826c5d61986cd6a4d3933aa66c696e4b3ab938ab8389297f28f7b516967c90c02b02f5847a7b30dfe3a8558c075aaafed1155dc9c49e89b4820bf69fd1bac5d2a64e04e08b24e8bf4f38af625c4eb1abcf607f32d0f6835c0cd230ef69f3fa27bd6deb5771c998588c90e91ac0e8e7d8335b2124912e8819fdb07de4ffd27b1297e01b1e7f6438f03c1ea021a91ed83ef38acbb1953bdf5085b737b3174c066eb39c908e2129910a8fdefefbb7e8f50fbd1a2901c84ee176cf6c8f92dd7b2ed94fa3abbef13a2dcf9157837fa5a23824ab0a0109e86af94597b4bb15c5f93acdb0469aa44ec735795f138b444d2f44f45bb6037ca95dbd9988d40821c5aaeaa84d66691aadde1ea3fd56b9ed90827fc2eadc8a4a297c236f0a684c569516b4d7dcdb8ee6b0c4342b7ac33a853b04803cd9d38b47f8ea45022ff2bc2bcc0facaeabe6887623a47571b772fdc55ef2911fea6236d314dfccd3b89e72726f21bf7c9d1c3478c4c022b7d66b8ac92a1d4d7fa71d2dab1ef914a69b1da053de6e7b78180a7e52a039dbef7248ce38a4c74b3f8f94774b138eb9044155d2268d59d79b415d4a2bb9e74d66f407413ab9ba3f2a3b68c86f6e74147c5b48e97f628875c8565aaacd608917fcf28c06322b81424ca30d8edaa50d8ef65981e4167b467ea05085455708b195113386cae07f142cfccb764f0f871e749852f8b566e0e792ff16d8ad9ffff0fdee6a81f03e192ca7fe2e92cbce3b1bf3f1135344ec8014f5c77f6ef9cf270c86f61855666720ecb3b8edf0653d0075a4f03e5081f7fc898b3c0d9c5b97c21d18b9fd1068cac308e30088f415d2e70b28fa149d6fcac447ef238c37d3df3ffb84a076e334dedbcd7cea25c5c7c7f1fe3f5baf8b721135caed6882aca198265fd9084ef099b7be896d4c9d65d432e129ee6deb78d89ff37a99e18d9485026ffc4e083cf0b82e654f0596fbb0901b124d435a3924f6ab3ea3e1fc8816c04a38f6dca11d3453aa585a50b923777f3bfbe89315ad6060f6049693da2cce2c0e4eee0dcb04f9b38d254385723b1c46ea92d8122ad87b49d22c8582e0995c0470292819046741f46d5fe5f740093fea75dee167bd4afa24dda93805f7a1da51cd0858db8558a6d2fa9ec839a0c17068e22a10422eaac37b2c605baa740f7894b3f445ff0403c9a4df27317de6f2110904f57fa6918e05423e75ada13066e21ec3b0f5bf2640ce7b005d341ad9f00681fd5b535a9f18b339d9f580a549c5b4ac788c3619ba2eea00bd25c5f7b74c1de4aa727b51f8fb0b1c55c75b28093315dbf7e7669ba5e0e93e3792948a7443c46799d23ccff696bf63175024bb92b3302964eb450529c5b3ee20c87c238909a5b1ef335d9d77becd983218c3c268b3a1ca1f65d7d8055e6ba915bd4fd6237ea4093f8cf7f24f10d71040d70ceec6df7537f0d1e04f063229a5f39c6bbfbe4961cb62e44da4744d40b166e5d5be4daaa40d4b0ee6de6a49512c4", 0x1000}, {&(0x7f00000014c0)="b84a8f520a506ca875f25173cbd4e310d788a2616d76193cf3185a565a3fa409d5865ea4e882bd278ee520cc92085c6ba3084cfafa10905e36e11238e335b5b1dabdfc332b059dfa4f6c27985bb0b15530b9a38e9c5a909d25962e47f2a6ac6b949834a3ae1bcfe3126580aa0d1fd36b0f20553a7a5a6b78b254f1963d5df5eba5bb10d48f8c3031050b03350b3f27f71b806bc2793978566ed36e9db9e3ee4cd0ee1687af82b531aa0a4a537d523eba5e4a625ab4de83f1c55ec68587546bb86105fde87d4bb495445c37e370b9c80472153c7f3a6792bcb003f3fd905858fec93ea876f905a4e253a882b28c4d4a77e5837c519abf459b0eeb1a8a0fb19b1468ed1c519eff933920c8bdaaa4730e6f2d5a177212ee3e4c852541ecab9e291b68fa3a66cf17a49a5fa19f0ef47d07fc37df1c1eeceb143fb7d5593f126806bbe0a39b4aa258ffa6da0b90b485bdc9361054dba24ffb8b2bb3a4f694c7049d34ef3dd0a91cbffc95bf0f4366fab8ab6612d490beeeee5f2ed453a11af70093ea4a7f4265cac9b266e2ca3445b924b7d0feac2932c1ca9b8b236918ebe5101368a5bb81d4e24eefaeff5f5fa13b583cf8a16d49604f384517cd4cf9ea5f50ae9e36d30b41a45b053810540f774ae4c91e39f4375aa8fbc21d4fa26bcac6e9e211acb75182f9d88a5fbb1a6fea2e055aa4b8f571ab0c47b9f434ef03c19499d50cb0751ed86f8ef41f728ad7f40d313dd73af32839f3955c11ba75af773c00470bd2644558050bbebe717733b3f0b90ef708d5f28ee6dd35a88ac2c3396e2d43c2f81c7538d41a30ee86fcaa655681c561a0ba4edc1f52476c8d7ea0a3788cad8180a0a7e5f2bca4001e0517c268ab1574bd919e3e2036fbefad1a659da59fc281ed70797940ab16ee13f41f3423536b37f3977a3d765a28e848f403187b6ed5928efbdf55375ec5ebf84a02739b9766432148491d2f72ec14452da75147e7c3d091d510f87c1f1c587d4df6070a32bcbebf8b0d869c10d4b78d01eb4cd440cf6fd949c9c7e6d92cc72952d7760aede1fe921879cbbb712ef93229b828ce1d522b92ce7c212dc27963ff7e438113d254335713d0d2b6f27fb97e380f5f4879ea9edd37dca584a72aa06df1591f310505ba210ee47fc098c76fc16574c30c49b7d835b04beb938abf89500d745087b8a52846746d0ff71ab63edaa186ba17f1962d4fbc0ceddbb28b67354b29451686fbdadc9812bad431092a2560f1c36091c67d6ef7f86e55c4d05b904d29591aad9bf960098f656454eacdc36d34329c290f4bdb8fe21c96750102f3d8a889d644a4e6e6699d2f50c289798feedeca7839cb5581f2f266dd2b07ac238893a10af34ed6a52293fee7db4ef0ab1e68ee079e1d063d01f1d8504e77b682c247a4708c11cd1b037b8a9282655031413dbc871e5686b913ec5b1aab202d5892cbf3810a16f398dc2ecc5972d946b0f869a3d1c1718a076254752ebc2a8f0e8db05a4312982393159285a146c57a42d9bc1f091316b2727291dd574bf88389304fa3c967ed6fcda75b58324d7ef37954ce09e95cc5569e644cdc9deb3a29c8b29593eb55c8d12177f5ff8238c445dde4c266455e92ce3f21f118c593ef7ba15913e27c6f89ce526185de4b8b6d5b1d538797875e6f9316d6416480944370ca6dd38ab4618bb006296b016edde28f81947c211583c525868e4f90ecf5c2a87ea7b046758dad89e71f30129cd81ab5c689263940cc753b471e9cd4a9fdca62e4cb538b4272d5119eb83f68337837bfaa85dac213461ea0c8fb58b2e8576d5d9a34b5d953ed6277cf03311bce06c0655bffe313db45dba8c9a8d5aaec75ca5693a7ff73d68e80301614e9f1850273b891f9d9849a1382716d5cdc795ece0eeecd1a50c70deb11a9caec3e4d4f85442bad41591dc01b92803d4ac8891aabb17d72bdd5e2dc3d901c696e3703cf1ca5b862d711de0dd6f4a609fe1d7aa6add832373604f36b4b18b3dd23a0b1b18d02b1e0151d202c3448bf7f9e4c18690a15bd6992a30e502c86b60884e5397f36d31d125027ea7b4b8fdb6d121747b4fa4517daaad992a8115da1be994824c2f61fe808706a11d83c0b1c80df8e86d76d33aa02efe341e6dcc6d644d684002994cb8dcf19feefb551beb0a180d4d5dd347b2a98530fb006b82c050a662ba97572d0fd4b78fe2d131f43e36ac1690e46d5b3e4eeefa1ee07291b80ca5da7bc863a667675fc950612f494be3207ed393ffdb8f67ad89d4a10ace09e74e8e66efcc41e402f0bd7d7e56371cabdb64858f86fb39cbd7935db28d60f2b5d6c1722fcf4f16176db60a7a44dc8977fbee465bffaacb345123255f0a5f987bb9b83bfc16b281b0bf4550e0782fd8a266e01f8fca9108be22fb8e6871aa31566dbf67e66e8fe8e11379b8d6b1582251a55618325b95f9ccfa7e4133f441cb05262119a7f784022fc9d101ef03adf9dc2afb10eb7b171c1421c52e780610b5e7d05bed91244c851fe89876b9f5670ddac863b04956c0595fba3a3b3514101c4da0c8143b3c0c4fdbe14742433cbddb39359f6189f371a4ea5fcbf74bbc0a82a029bd306e7608a796d1428e2bb7c64629f673151b9509c4b42c888d779e7053276716f20b276bc637c549ab1902e4ca999cd9bcfc56a21b974e5e52bc547db40cdeed1165fb8d50e9ca18c1020037ed8d433170398c74b8508764f3636247ddeac68af6a6733b23ead1f96cc68721766e39715e28ed05af5355bbb63f9192bc77664bb517e40d4bdcd3b4d79011a9be1602f64112a1766714be71a77cafb31ec94515830a0ca72c174e185f1e933ea25ae70ddb84858aa785901917c6909edbdc16360629bb96351d65f3c7f1bc8208afcc91e28e4270131e3a198d797260c796192c0ba3b698917e5228e1ffee01c6ed6f153363ef8d89ea797a71c35916d9c4ddc7db80ebe2023be100d98b0c7dc290a9022aa731b0b8c6951550ebe8253a93924675ae585de6c6440b83d293898a7b34b474d552ea154b68b04a169bd34560fc577104296676d317313f84a092a450237fd18eb129cc3fd3d8f94393c8449357bf09e3efe3dc0829e7c612bcae2afe699a2ee67202a2c174b69a67949108c4fca0611a7ac1089000d33a0c66ae3e87dbebcb4c031dc91370216754f1046f94e775261051c78dc4dac8fbec49393b1ab78b7172a4d7eb8d3a6367697e2bba6c1322f9f247073b66caf0f98fe6694132cc25b5d0cab4545818f45c499bfde8766f3488410e3b513697e2e03ec1a4b27cec215e5749a0559bfca36cd631a906fd1e88cd3af7e1bd43bb8b69757152e2f4bffea356a7f7f623f11f78efabb255a2fc96a34ef3c6c0916f0bcf5642f5fff307428fdc7eb1ad90f08f3097e2bfc73b3348efb0d192b60692ab0386c4770c7b006dd16485ce50d69f1e7ceb8f3332de1d63ee578768c0ad7251f4b119d9f24b067ccaaeeda4a7f890a76f64931fd592156b955652383a680b1fcfad5c5f3aa59eb99cc7bc865846fe538f8e8a2abb1d74fd51c6d95407932c3123779cee91a2c657aea2850a280529ce3c5e342723f1a5ae21e4bdc8b2bd76a729fe9ae499e3ed615bd6f7e66a911281208b12a2d0b77e713d99de0691281ce0847df34a13eb7cb04729b765401fb83f6f9ff1e07df7926f3b6b0e75c793a45bc1f014e403fdfafa1d42b59f774d5cc3520a144d2f093ac6285eecdd056c17b9013571a4622234df14f5cf06e50abaec8541b70a9c191f02f6467510200fc9d27f1ea9a9ad364076bccf4e6b7d3f81047e6cadae3bea42ebeebd5697fa31d77899896951d3ebe0381b2008403f65c2d34decd6447d84818c2b22fcd47aec04248a02ee2d8b0a469a30e8406783a32855365b7091c0270d1fcdb62e33597f882dd820113e8ade9d467c02e0a583eb6c2584b73fe181e951c03b9e96511241fcffe0e90c5f258d9bd494a3e7508a2774111ece9fa3a986844e7bc6a800867b644c9d9739513abca349cd40b7a71a01498445858252defb5092c0a8f1453a1ad8b42bb8d92cfb258303e1d042e9f301f71bb5302bcf401720f4fc5459f106424e56433873558feb2ee096e31331352e6074029d235a2ad156bd201321204d7cfdab1b56f67987784a7d6a4fe6caac2ca326b8a0c7b0a6cbcf1da1a4b0fbbf28caea89efbf90a2fbd8e63296a55ccbfb515058354bbef4c07293870ee6d8e19e71822980e2d63774d7116899d49a756b6b34cc6cb2b558be53264b128af66e265e3bebfad28d1cc084de7443848f09f89df5096763540c98327b9e037bb153064d50d69e91322c98562c6f29333e59b2f95c6483f8e1e14ae9312ae6ec21c8954743ce7b1dca4948301106384d005774cee3db17b1e47eafb9f500a694cf3a46427cfbe27413f595530f4545b3195a53e915125feffd2ea0d3b4e8afa8f5a779a9211a4014c5b32d887cdbe43ab49218c36ed165eb540d0e6c6c8a74e9a469421ee4e1f5e73745a781ade6d788713ff5bc5d4b0d37647119e775e868b5be6e50786526dd84cbaea1c5dc50574428490bfc1cf49e3cee99ddc1f1452f73bac8d3a45285d9e9bdd1299f97894605dbd39c7af6d3e09b7eef5687dd57ddba049a3f4dda5366166feba9350ff5897df825ff2acc9899a90e675fbc739bdaeb7eb0e161277e62b9374ffcc05d9ba653ab1715d98b3dbcd30eb6be24715f5c0dae2a5de7735f42b173fc37d52a296b5e7fd4e0fa7d9f3f1cedf15657fdd7346ba68fdf92a713fc464cc30bf62607f14c28aa966bc7243bc3f5fd57658e9ddba6d55b4753d9fe2ebf057aca756858dff0332d1b8ac7efa9e3ce5c476c044383f4c12ff65561060ac71600b05839ad421bf3b5b2d6647a6448b632a64a5246d82cb29c18b9e816143a3299f41dc9462b42a8b0657c2da552acd4e2df96b220aa484a7a87624f5567f3ccd9c8ce68d45860a8e92957b6ffb934148f37e6bfbaaa665358d147964dca5a12e729c3e21d4ea866214d66068b2b16cd2bbab6d6a4b6852d20f0d9a4bc482a4c0a3045ff1a3127a76a1231c96cba21ae07c280575c828f353988a8030c20830a739ddf9d1b23f673198592a3e011f80a325f5e204ca461cc96232cd67871cc29be8624dc415bb3659f1dc4ac0e875052d50577943973a29f2ee7f73255c56df09e5383d4b7d11a00885493b85df700a04063fb905f4501b8c8745f49330d743d068c68723c90944c35feea2078b7ff35c5baa558d04201563a082fc246ee784e5b85b58fa809f17716752dcc47f60168d36db90668ff20fa126986867dba186ff27b5c72a66b6eda533df633a540bbf0cb463548ddbe0cd9faf81e39ace6f079bc10e5dd97332ba649053e82a3853ecb2cceafbc4ac2fd06b6a9a29ce40ff6c56ee187173de8dede391d0dde42e936c419cc218b1e8dfbf08b1e64c793566802d7975a099d625e62c1b48f7be3a79f72610b7b277ac53890b2676ff60a0671e3b3775f53b9ba9c97bbb0ffb570117023896b09b0a73cda7446f045431ec7ce904fa553034a8d2ec9b5087334ff38c424aec2d4d320b58f346e6fc7f30b0f7b0cd8258e150bbdb4d6a9c2f1fe884feb75835e8a3fb69837141bd8a60e2ccef4b231cbe0ad5a2c7aabfca5cf53fe1ae47595c104536b5edf5cbe6a5f2beaf70b7c3348c611e669224e05ad317630518864a76e7f9ff69b3c9ed0b89efc3e6c56ccb1237fe28af9b1b28cc15c88ade5ad232006632cb5b3f5b7bef2fd4496ddb7c8cf4", 0x1000}, {&(0x7f0000000100)="5d79d7bbd6c22c747ff90d4e994f5a3b7c1863349659b5c633636a6009cd83505d38f36e519d2c56480d77af73ace5714b3f3b5a734194acd364dba76ac34ed8876133b59de187deb1120c3ad9e6a5e040a3ee7bd889565abfdaa6d8a63df5a13f1ded4448688c9b20d3075c662cffcaf95c9b258425d1b8f55724347c28e5", 0x7f}, {&(0x7f0000000180)="72738a8ca0103a8050319bd5c3645dac96d8a4b09c6a96a60447999fbb82adb8b6a0dd621e074b4957d21d9c7a9501a210cbba993e3e825196c0b72d92995cc24856f57a15222ad22fb974be03ee92556e811fac264e66473b49e9ef10fd0ac208ad7628dcae917b42d922c87567c50249c4ffbbaac93a3671633f8a8d5861b36a72b0c3ceccf354a98469b368840f0e4f8878e26f2b9350217f0d754e1784a13206086875bdf01a3f2377146c22102b3d05931dd281c724b71413708209bfe47df99febc629bee427518e7354be1385b7329e1f380b561fb07f6229f25818bfce90d20da9663a895346e8756955a7891fdcf6f62fb505d0875434d6dccd98", 0xff}], 0x5, 0x4)

2018/05/15 13:07:19 executing program 2:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff})
write(r0, &(0x7f00000001c0), 0xffffffffffffff17)
read(r0, &(0x7f00000000c0)=""/250, 0x142297bb)

2018/05/15 13:07:19 executing program 5:
r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x20000, 0x0)
setsockopt$bt_hci_HCI_DATA_DIR(r0, 0x0, 0x1, &(0x7f0000000040)=0x56f35140, 0x4)
pipe(&(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f00000001c0), 0xfaa8a4c0)
read(r1, &(0x7f00000000c0)=""/250, 0x142297bb)
fcntl$setpipe(r1, 0x407, 0x9476fe0)
getsockopt$inet_sctp6_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f00000001c0)={<r3=>0x0, 0x93be}, &(0x7f0000000200)=0x8)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000240)={r3, @in6={{0xa, 0x4e21, 0x7, @local={0xfe, 0x80, [], 0xaa}, 0x8}}, 0x8, 0x400}, &(0x7f0000000300)=0x90)

[  296.456966] FAULT_INJECTION: forcing a failure.
[  296.456966] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  296.468907] CPU: 1 PID: 18606 Comm: syz-executor0 Not tainted 4.17.0-rc5+ #51
[  296.473967] IPv4: Oversized IP packet from 127.0.0.1
[  296.476186] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  296.476196] Call Trace:
[  296.476220]  dump_stack+0x1b9/0x294
[  296.476243]  ? dump_stack_print_info.cold.2+0x52/0x52
[  296.502234]  should_fail.cold.4+0xa/0x1a
[  296.503632] IPv4: Oversized IP packet from 127.0.0.1
[  296.506310]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  296.506330]  ? graph_lock+0x170/0x170
[  296.506353]  ? find_held_lock+0x36/0x1c0
[  296.506371]  ? __lock_is_held+0xb5/0x140
[  296.506398]  ? check_same_owner+0x320/0x320
[  296.506418]  ? rcu_note_context_switch+0x710/0x710
[  296.537743]  ? __might_sleep+0x95/0x190
[  296.541735]  __alloc_pages_nodemask+0x34e/0xd70
[  296.546414]  ? print_usage_bug+0xc0/0xc0
[  296.550489]  ? __alloc_pages_slowpath+0x2db0/0x2db0
2018/05/15 13:07:19 executing program 4:
bpf$MAP_CREATE(0xb4c1, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

[  296.555518]  ? graph_lock+0x170/0x170
[  296.559323]  ? find_held_lock+0x36/0x1c0
[  296.563400]  ? __lock_is_held+0xb5/0x140
[  296.567478]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  296.573027]  alloc_pages_current+0x10c/0x210
[  296.577449]  pte_alloc_one+0x1b/0x120
[  296.581260]  __pte_alloc+0x2a/0x340
[  296.584900]  copy_page_range+0x1655/0x24b0
[  296.589166]  ? __pmd_alloc+0x530/0x530
[  296.593063]  ? __save_stack_trace+0x7e/0xd0
[  296.597405]  ? save_stack+0xa9/0xd0
[  296.601043]  ? graph_lock+0x170/0x170
2018/05/15 13:07:20 executing program 4:
bpf$MAP_CREATE(0xa03, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

[  296.604850]  ? kasan_slab_alloc+0x12/0x20
[  296.609002]  ? kmem_cache_alloc+0x12e/0x760
[  296.613330]  ? copy_process.part.38+0x2d37/0x6e90
[  296.618176]  ? _do_fork+0x291/0x12a0
[  296.621901]  ? __x64_sys_clone+0xbf/0x150
[  296.626057]  ? graph_lock+0x170/0x170
[  296.629868]  ? find_held_lock+0x36/0x1c0
[  296.633944]  ? lock_downgrade+0x8e0/0x8e0
[  296.638099]  ? lock_release+0xa10/0xa10
[  296.642080]  ? check_same_owner+0x320/0x320
[  296.646414]  ? rcu_note_context_switch+0x710/0x710
[  296.651354]  ? __might_sleep+0x95/0x190
2018/05/15 13:07:20 executing program 4:
bpf$MAP_CREATE(0xbc03, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:20 executing program 4:
bpf$MAP_CREATE(0x7, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

[  296.655344]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  296.660370]  ? __vma_link_rb+0x26d/0x370
[  296.664441]  copy_process.part.38+0x4be7/0x6e90
[  296.669140]  ? __cleanup_sighand+0x70/0x70
[  296.673381]  ? find_held_lock+0x13f/0x1c0
[  296.677541]  ? print_usage_bug+0xc0/0xc0
[  296.681610]  ? lock_downgrade+0x8e0/0x8e0
[  296.685769]  ? unlock_page+0x1d0/0x2b0
[  296.689678]  ? debug_check_no_locks_freed+0x310/0x310
[  296.694879]  ? print_usage_bug+0xc0/0xc0
[  296.699609]  ? filemap_map_pages+0xcd4/0x1870
2018/05/15 13:07:20 executing program 4:
bpf$MAP_CREATE(0x1c0, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:20 executing program 4:
bpf$MAP_CREATE(0x19ed4, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

[  296.704124]  ? debug_check_no_locks_freed+0x310/0x310
[  296.709322]  ? find_get_entries_tag+0x10a0/0x10a0
[  296.714183]  ? __lock_acquire+0x7f5/0x5140
[  296.718431]  ? debug_check_no_locks_freed+0x310/0x310
[  296.723644]  ? print_usage_bug+0xc0/0xc0
[  296.727709]  ? graph_lock+0x170/0x170
[  296.731521]  ? lock_acquire+0x1dc/0x520
[  296.735498]  ? __fdget_pos+0x1a9/0x1e0
[  296.739387]  ? graph_lock+0x170/0x170
[  296.743204]  ? __lock_acquire+0x7f5/0x5140
[  296.747452]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  296.753429]  ? _parse_integer+0x13b/0x190
[  296.757583]  ? graph_lock+0x170/0x170
[  296.761392]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  296.766934]  ? _kstrtoull+0x180/0x230
[  296.770742]  ? _parse_integer+0x190/0x190
[  296.774898]  ? graph_lock+0x170/0x170
[  296.778704]  ? lock_release+0xa10/0xa10
[  296.782680]  ? check_same_owner+0x320/0x320
[  296.787003]  ? find_held_lock+0x36/0x1c0
[  296.791070]  ? graph_lock+0x170/0x170
[  296.794886]  ? lock_downgrade+0x8e0/0x8e0
[  296.799046]  ? find_held_lock+0x36/0x1c0
[  296.803112]  ? lock_downgrade+0x8e0/0x8e0
[  296.807271]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  296.812812]  ? proc_fail_nth_write+0x96/0x1f0
[  296.817311]  ? proc_cwd_link+0x1d0/0x1d0
[  296.821382]  ? find_held_lock+0x36/0x1c0
[  296.825453]  _do_fork+0x291/0x12a0
[  296.829002]  ? fork_idle+0x1a0/0x1a0
[  296.832727]  ? __lock_is_held+0xb5/0x140
[  296.836805]  ? __sb_end_write+0xac/0xe0
[  296.840789]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  296.846334]  ? fput+0x130/0x1a0
[  296.849620]  ? ksys_write+0x1a6/0x250
[  296.853428]  ? __ia32_sys_read+0xb0/0xb0
[  296.857497]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  296.863050]  __x64_sys_clone+0xbf/0x150
[  296.867033]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  296.872057]  do_syscall_64+0x1b1/0x800
[  296.875938]  ? syscall_return_slowpath+0x5c0/0x5c0
[  296.880864]  ? syscall_return_slowpath+0x30f/0x5c0
[  296.885783]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  296.891142]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  296.895997]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  296.901178] RIP: 0033:0x455a09
2018/05/15 13:07:20 executing program 4:
bpf$MAP_CREATE(0x8ad60300, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:20 executing program 4:
bpf$MAP_CREATE(0x9e030000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:20 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:07:20 executing program 4:
bpf$MAP_CREATE(0x3e, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

[  296.904357] RSP: 002b:00007f899b091c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  296.912059] RAX: ffffffffffffffda RBX: 00007f899b0926d4 RCX: 0000000000455a09
[  296.919330] RDX: 0000000020000580 RSI: 0000000020000480 RDI: 0000000000004000
[  296.926595] RBP: 000000000072bea0 R08: 0000000020000600 R09: 0000000000000000
[  296.933866] R10: 00000000200005c0 R11: 0000000000000246 R12: 0000000000000013
[  296.941127] R13: 0000000000000052 R14: 00000000006f4850 R15: 000000000000005d
2018/05/15 13:07:20 executing program 0 (fault-call:0 fault-nth:94):
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))

2018/05/15 13:07:20 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000001200000004000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

[  297.040930] FAULT_INJECTION: forcing a failure.
[  297.040930] name failslab, interval 1, probability 0, space 0, times 0
[  297.052332] CPU: 1 PID: 18645 Comm: syz-executor0 Not tainted 4.17.0-rc5+ #51
[  297.059617] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  297.068976] Call Trace:
[  297.071579]  dump_stack+0x1b9/0x294
[  297.075224]  ? dump_stack_print_info.cold.2+0x52/0x52
[  297.080427]  ? percpu_ref_put_many+0x132/0x230
[  297.085019]  ? memcg_kmem_charge_memcg+0x74/0x110
[  297.089873]  ? percpu_ref_tryget+0x2b0/0x2b0
[  297.094295]  should_fail.cold.4+0xa/0x1a
[  297.098360]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  297.103470]  ? graph_lock+0x170/0x170
[  297.107267]  ? find_held_lock+0x36/0x1c0
[  297.111318]  ? __lock_is_held+0xb5/0x140
[  297.115394]  ? check_same_owner+0x320/0x320
[  297.119721]  ? rcu_note_context_switch+0x710/0x710
[  297.124662]  __should_failslab+0x124/0x180
[  297.128894]  should_failslab+0x9/0x14
[  297.132681]  kmem_cache_alloc+0x2af/0x760
[  297.136817]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  297.142341]  ptlock_alloc+0x20/0x80
[  297.145953]  pte_alloc_one+0x6b/0x120
[  297.149745]  __pte_alloc+0x2a/0x340
[  297.153368]  copy_page_range+0x1655/0x24b0
[  297.157602]  ? __pmd_alloc+0x530/0x530
[  297.161490]  ? __save_stack_trace+0x7e/0xd0
[  297.165803]  ? save_stack+0xa9/0xd0
[  297.169426]  ? graph_lock+0x170/0x170
[  297.173220]  ? kasan_slab_alloc+0x12/0x20
[  297.177373]  ? kmem_cache_alloc+0x12e/0x760
[  297.181703]  ? copy_process.part.38+0x2d37/0x6e90
[  297.186546]  ? _do_fork+0x291/0x12a0
[  297.190245]  ? __x64_sys_clone+0xbf/0x150
[  297.194386]  ? graph_lock+0x170/0x170
[  297.198175]  ? find_held_lock+0x36/0x1c0
[  297.202222]  ? lock_downgrade+0x8e0/0x8e0
[  297.206363]  ? lock_release+0xa10/0xa10
[  297.210331]  ? check_same_owner+0x320/0x320
[  297.214661]  ? rcu_note_context_switch+0x710/0x710
[  297.219592]  ? __might_sleep+0x95/0x190
[  297.223574]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  297.228589]  ? __vma_link_rb+0x26d/0x370
[  297.232644]  copy_process.part.38+0x4be7/0x6e90
[  297.237322]  ? __cleanup_sighand+0x70/0x70
[  297.241551]  ? find_held_lock+0x13f/0x1c0
[  297.245706]  ? print_usage_bug+0xc0/0xc0
[  297.249754]  ? lock_downgrade+0x8e0/0x8e0
[  297.253892]  ? unlock_page+0x1d0/0x2b0
[  297.257786]  ? debug_check_no_locks_freed+0x310/0x310
[  297.262976]  ? print_usage_bug+0xc0/0xc0
[  297.267037]  ? filemap_map_pages+0xcd4/0x1870
[  297.271547]  ? debug_check_no_locks_freed+0x310/0x310
[  297.276744]  ? find_get_entries_tag+0x10a0/0x10a0
[  297.281596]  ? __lock_acquire+0x7f5/0x5140
[  297.285839]  ? debug_check_no_locks_freed+0x310/0x310
[  297.291048]  ? print_usage_bug+0xc0/0xc0
[  297.295115]  ? graph_lock+0x170/0x170
[  297.298935]  ? lock_acquire+0x1dc/0x520
[  297.302915]  ? __fdget_pos+0x1a9/0x1e0
[  297.306811]  ? graph_lock+0x170/0x170
[  297.310631]  ? __lock_acquire+0x7f5/0x5140
[  297.314880]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  297.320425]  ? _parse_integer+0x13b/0x190
[  297.324581]  ? graph_lock+0x170/0x170
[  297.328395]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  297.333942]  ? _kstrtoull+0x180/0x230
[  297.337747]  ? _parse_integer+0x190/0x190
[  297.341904]  ? graph_lock+0x170/0x170
[  297.345717]  ? lock_release+0xa10/0xa10
[  297.349699]  ? check_same_owner+0x320/0x320
[  297.354026]  ? find_held_lock+0x36/0x1c0
[  297.358097]  ? graph_lock+0x170/0x170
[  297.361916]  ? lock_downgrade+0x8e0/0x8e0
[  297.366076]  ? find_held_lock+0x36/0x1c0
[  297.370154]  ? lock_downgrade+0x8e0/0x8e0
[  297.374318]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  297.379866]  ? proc_fail_nth_write+0x96/0x1f0
[  297.384370]  ? proc_cwd_link+0x1d0/0x1d0
[  297.388448]  ? find_held_lock+0x36/0x1c0
[  297.392615]  _do_fork+0x291/0x12a0
[  297.396173]  ? fork_idle+0x1a0/0x1a0
[  297.399899]  ? __lock_is_held+0xb5/0x140
[  297.403982]  ? __sb_end_write+0xac/0xe0
[  297.407971]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  297.413518]  ? fput+0x130/0x1a0
[  297.416810]  ? ksys_write+0x1a6/0x250
[  297.420619]  ? __ia32_sys_read+0xb0/0xb0
[  297.424687]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  297.430238]  __x64_sys_clone+0xbf/0x150
[  297.434218]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  297.439245]  do_syscall_64+0x1b1/0x800
[  297.443147]  ? finish_task_switch+0x1ca/0x840
[  297.447674]  ? syscall_return_slowpath+0x5c0/0x5c0
[  297.452609]  ? syscall_return_slowpath+0x30f/0x5c0
[  297.457545]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  297.462918]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  297.467802]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  297.472989] RIP: 0033:0x455a09
[  297.476181] RSP: 002b:00007f899b091c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  297.483898] RAX: ffffffffffffffda RBX: 00007f899b0926d4 RCX: 0000000000455a09
[  297.491171] RDX: 0000000020000580 RSI: 0000000020000480 RDI: 0000000000004000
[  297.498447] RBP: 000000000072bea0 R08: 0000000020000600 R09: 0000000000000000
[  297.505721] R10: 00000000200005c0 R11: 0000000000000246 R12: 0000000000000013
[  297.512994] R13: 0000000000000052 R14: 00000000006f4850 R15: 000000000000005e
2018/05/15 13:07:21 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x101800, 0x0)
r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x0, 0x0)
ioctl$LOOP_CHANGE_FD(r0, 0x4c06, r1)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
clock_gettime(0x0, &(0x7f00000000c0))
clock_gettime(0x0, &(0x7f0000000140)={<r3=>0x0, <r4=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {r3, r4+30000000}}, &(0x7f0000040000))
tkill(r2, 0x39)
ptrace$cont(0x18, r2, 0x100, 0x0)

2018/05/15 13:07:21 executing program 4:
bpf$MAP_CREATE(0xd402000000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:21 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:07:21 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
vmsplice(r1, &(0x7f0000000280)=[{&(0x7f00000004c0)="71c4e5510f1befe1e7c857417d125b869ec44a5299eece82b68bdbe092c8ca0d8388c4b0ac8a8100aac8be31733f12146834a377eb3a8e3f1d5e95ce91fd15edd21748ab566bf55877d97d2936ca4b4875d88f53f037261e734b61759c4f7de8632d695f3cbf897c283579ac9b4b0d9360a2d038a8e7f4d6e5f7164b1e076a3589e741415aeeaceeaddd928b2c6230473935714dfe7e365b90c82e452c6419dd9a87da0e6e8840feb4cd66a4d1e9a80960ada60610fd48450f47924eb4d5908d5d60eae7c2e75e718ea0bfcda74fb3d74fff09c2268c270ca01851b8dcd455750b6d1e01c3c10dc978aee79234c7974676f6d6d1e5c2a718d1b69a1ce830ae5fed243bc431f80abab5fd1a580234261dd3dd504562bd88853e0abdd8b9b17ca267826eb723812ab312f1bb16b8214b22a12cb0472b303635d1d9c3c278cabaacf3ce2a54267f8406771118cb5c2057691ebb1b33b637d12a0fe9178bf3b0dbcae63cdd5e28c9db356bb7157becd0d32169a2b556a7a2fddd24ac65ce4daf5624154a129fe9f30da7c1c5a17d34adf3dfb5e539f667446d8f1c27cca2f21d658dcde5f9a29bb1e2365611724061ec83fedc985586a3fd783533227719294313e0160377fc6c8b4caca29bae3ff0862fc214881a8ad4fb8ee33dc7f7398210eccca93b524df3dd89be2042ee09f69d4e5d83094440003d22bf7d2799b8bbf74fd751b7ac7842f8e010a149d4c3be6b467e16a44da46795ddc22d334088b08c34063a0fc925b7a02de66eabce83884dae997435a9511da26fdfd6d19d0a4c50e368bb0f5931b23673cf253db77264bbf14ccc467a06388f6cd852c24c47b39768c82d030d2b4ea518b9f3672b949e4e377a8f318f774df74b91c14697a844b6de56a92d5361e128a2a8a5e2ded80e5fc4bf58b8c1feda78322b055694327b499ac6f7fe9190625d9de5699951026c3e66db665d38ead9c2cf5682b7860f90dfd4e62c46f791452c79a16bacce136436d67483e73b20e4606231a4b8e6cd465abcb9a956c9757880ea3bc1d052239bb35826021b8950cb29391a874f881b6d107be8e45d18b2c9413cd78de4cc6aa26400b084f7bdbd758b3def58349888994ff9a4df008c108cc5076c63ec00e7d76464840643d1efb2deadcefebf63aa58dec3b90693366c132b6be78ebe63d2d2e497595f91e03ff3594f4585bf5aa0a3121bdf70080bacff424a22d66c1a4f7bd9b43ca57d496fe8d72a56c4b040e5461af19efdfde9b3f877ab5e837c5d50c990d9808359757f92175e748169a556a2c80cb78d830ce87e5e7ea93c1e22f052d2b2b881123147c73487adcf802545b347094c1843bb61b3b5f83b0d983373df64003e89e19d9f34430a9e4dd07b1bc2bb5aecbe96862513f10723f745361b7a393a719ee24d31bae61006638d7244400140250bfbbd2501ae5f8f2bf990e907f10e58803ae3bbb042766ffa04fdf5adb54517b4fcf42949c237e08a0673880ec8110e2cf98a600b1ba944335a2682f8c3310ebf5890c4cd3c9dcd11edc95a47a63b46c34ad437a935ebe90f27761fc922bce9110b092337d46af18e5983190be9913183bead7242dc05775516f5cbdbafe0ef4b6ea3011016bd98029234c932f4b366d3a64f07556757822f2187aaa0acf8948fdc8b27b506e684b139dc09129414d9fe07894577ea36d06b8865d688bb9adfbc8e3d80ecdfed7b14fa15c393eac2987da7ba0958fe47b982a5407829bebbaa6bdd437ec8d6ebb0802ca9897b867ab3a48094609d451d0c7a8b77b26515ff31702f73af8e57cb79a0b590df83a7dda68244e597e7d104e147b20821c8dbd83a9e77cc29e82ae3e11cc817622b8429c9fef01cd88aabf4dc9871d3bae3cb81bb64f56f03e1f6576a14857ec13550ea332949a85ced0657251d9908366ac28e20a4dcfd9e78e50d78cddb911883cad340e0cec97fae75c3c22527e21c68048e70320fce39384948696455fdcc2f3f33e6321d5e55e0bde5bc58653c8ca7f5aebaf90a126232c14ee54093f3598f38065725701c7e81044b6c430cd97f1c2e7385e109b48887c20d0d3d85d8e0af3df7405d05fd26571736b12c55df5bde8588bf96675bb280045dca36dff50908023e3e04e15cd596274a6d1925824c52883d0736b16912bf1bef592b9d7cca8418cd8144a2763ae316049afac5fa43278cf3f5ea3ea5994ddf0c11797b25e885c919611c3b17006cf2c831b297e4da1d8670e85f851530ca91cfeb21cf8d4ef31d3c1f9db12629e9f2fcbaf887cabfc37575f52ee76eaa0a4d95821fad830f28791b0f5a8897ade0ef55077dcad13fcec9e1873cd5f81241e6554ec999aff0e47a12ba6abd70da55e18e7bc48ad8f590604ef33ec2e12b917d8af6a921c08433e33c7205ce41bc981eaa5d0cb7b3bd7b4b2117632f935352ebf6dac5c625e569ad60f7438f7cf6648d3962233350b3908f2c42af00070d3c15b03844601e125092ec5b65e56eb11ad8868debbd8a96b60097cd1b8f0812db7dabfca6f52f95e066613c0fc0f6e1fdf6ec5be2907305861ff88a0f8222631ad19119950f898e2de924719da447fe9794988fb7b9f34fa64073853f5fbadfd657a2485d5b21606197391569f3e6b276e79e49779981f263f34fac4f1160b481b46b9c6f88664d66a01cf839147f557c0e2fdc3528ce4cea00b4b98726b17fd7c3d171d0942cfdc4f792e07759ad83be35c2eec09d5393bb663576b0d9c051d1ac4ba301424c0d467a94773ce71fcf31e8a3a790b1582b46c203e14e026cb9a1a59678399ecf37884f8c02e62cae42c816ae1b01a7e38eeaf71e930612c9b43facf69eb821ff80f3c4765f600d56e7ca21d1099e80edc508ff4de5657748a07269bdc721df161acfbd58bd3e370e8a1626e9ee0980754bc454eb4345c3487ea30a032ae1ba7123437e5f558f0da8797a5183bd6e756b6713b5a8bbd8f857c803f55fce6fadc3fb52e57f77669b34500621c4bc6ee0a773e89f9e70c6d206a5ce6541c9e7f464060a3074934fc64b44cb864f656269cc8ed95a960636dfadcc348920a9575b1054150462d0f59e271e72a0f48309b56f4a8334e0f1658d8978148e21e4bd4deb47b0f886d328d603aa43cd66442acb021083bb6fc25faa92291dc76bc25513c080a462d15e6ae6b04ca8f7ad13430add9d006ad6c9d7df3ff0291d6577b5b098c808fcb1885076ed1e96ce28bb2890178fe141b8b5214139e86555187b2a5f0520a9457252b4a633e0be1dc6c97ed49d9266f0d5bbecd18b61760d00aeb52e65def9244b2fd2c2b9ad0bdd6c275d316e02b26fc10f56961be58f2b89c71e8c88bbfaff110ea146aa71a089824b8bf9437afce9b29b066fad10cdb11e6bb29d7587da49dbad31bdb3039cbac0245a5af9eb2503ba8416712966165c9fe575ebf7f977fecc34ab7ede4561cd18d7634baab795898aa12faf7efd7514e851de2a15d0e1bd4949e54c3fff5fb3d7987e3e3f4e3b00a5d5e4898b855eaf6ad6cd911968b09fb4a9d6de000f374ca4a1ea245fab81581b59851b66880f7a687ea86f07a295924a4e228462fe26eb0c25140943542e3e73616211c8becae27129fd759d5d0975b9f49d40116ad108fda92c838a4ce3ad26c1552060d586559600684d0c26e1f2f2bbe89a1454772428025699bc50d617b751419b77f95a027b25485cb261c629ce211cad7ee607603428480b5290bb47e57786e9e71dda5d50a32ba214123754a6f0d314f9c437b6a027eb27e839dbc68c2070793b570da0e4a1dfcb7d3c6985584a91bfeba4b7991a0d5ae0530baf20baa42d0247e13ac09b87842646fd9c1400f03c6300841f3ad15731869efe6f802e0f1cebf20e65a17cbf8ce2454a7eaf94f49c30cd560bae15cc40991ff3c347a6ea8984ab349858f5fcfcfb7875b0e32911f7ac3ad82804fd713317b98bd67684b0dbacfd768c47d0c972ff50f44db4119c3866bb0c8b30269bf5ff8521197937189f2f6a2e313ccb53bced042faeb50b90a7066d09cd3469d90a46eb0c90b8bbca9a288b3d72dc9cdeb3ef61c54d889f08c82fb90dc782bda4b560ec93a27edef0625595e33c20dc5f874d2cfbd62d9a9a1eb9caa63aa127cf78c8357a030d1092c25e766fd1386556565106e15e27f55fe32a2747347ac742d34dcd30ac2a94afe1ada47ad04061389ae29c4e0bc12e5bebd774e76bbd0c2781c8a143e64faf0760ea73cd363ea583f4a70e78484a2d5fccd0ef8ec826c5d61986cd6a4d3933aa66c696e4b3ab938ab8389297f28f7b516967c90c02b02f5847a7b30dfe3a8558c075aaafed1155dc9c49e89b4820bf69fd1bac5d2a64e04e08b24e8bf4f38af625c4eb1abcf607f32d0f6835c0cd230ef69f3fa27bd6deb5771c998588c90e91ac0e8e7d8335b2124912e8819fdb07de4ffd27b1297e01b1e7f6438f03c1ea021a91ed83ef38acbb1953bdf5085b737b3174c066eb39c908e2129910a8fdefefbb7e8f50fbd1a2901c84ee176cf6c8f92dd7b2ed94fa3abbef13a2dcf9157837fa5a23824ab0a0109e86af94597b4bb15c5f93acdb0469aa44ec735795f138b444d2f44f45bb6037ca95dbd9988d40821c5aaeaa84d66691aadde1ea3fd56b9ed90827fc2eadc8a4a297c236f0a684c569516b4d7dcdb8ee6b0c4342b7ac33a853b04803cd9d38b47f8ea45022ff2bc2bcc0facaeabe6887623a47571b772fdc55ef2911fea6236d314dfccd3b89e72726f21bf7c9d1c3478c4c022b7d66b8ac92a1d4d7fa71d2dab1ef914a69b1da053de6e7b78180a7e52a039dbef7248ce38a4c74b3f8f94774b138eb9044155d2268d59d79b415d4a2bb9e74d66f407413ab9ba3f2a3b68c86f6e74147c5b48e97f628875c8565aaacd608917fcf28c06322b81424ca30d8edaa50d8ef65981e4167b467ea05085455708b195113386cae07f142cfccb764f0f871e749852f8b566e0e792ff16d8ad9ffff0fdee6a81f03e192ca7fe2e92cbce3b1bf3f1135344ec8014f5c77f6ef9cf270c86f61855666720ecb3b8edf0653d0075a4f03e5081f7fc898b3c0d9c5b97c21d18b9fd1068cac308e30088f415d2e70b28fa149d6fcac447ef238c37d3df3ffb84a076e334dedbcd7cea25c5c7c7f1fe3f5baf8b721135caed6882aca198265fd9084ef099b7be896d4c9d65d432e129ee6deb78d89ff37a99e18d9485026ffc4e083cf0b82e654f0596fbb0901b124d435a3924f6ab3ea3e1fc8816c04a38f6dca11d3453aa585a50b923777f3bfbe89315ad6060f6049693da2cce2c0e4eee0dcb04f9b38d254385723b1c46ea92d8122ad87b49d22c8582e0995c0470292819046741f46d5fe5f740093fea75dee167bd4afa24dda93805f7a1da51cd0858db8558a6d2fa9ec839a0c17068e22a10422eaac37b2c605baa740f7894b3f445ff0403c9a4df27317de6f2110904f57fa6918e05423e75ada13066e21ec3b0f5bf2640ce7b005d341ad9f00681fd5b535a9f18b339d9f580a549c5b4ac788c3619ba2eea00bd25c5f7b74c1de4aa727b51f8fb0b1c55c75b28093315dbf7e7669ba5e0e93e3792948a7443c46799d23ccff696bf63175024bb92b3302964eb450529c5b3ee20c87c238909a5b1ef335d9d77becd983218c3c268b3a1ca1f65d7d8055e6ba915bd4fd6237ea4093f8cf7f24f10d71040d70ceec6df7537f0d1e04f063229a5f39c6bbfbe4961cb62e44da4744d40b166e5d5be4daaa40d4b0ee6de6a49512c4", 0x1000}, {&(0x7f00000014c0)="b84a8f520a506ca875f25173cbd4e310d788a2616d76193cf3185a565a3fa409d5865ea4e882bd278ee520cc92085c6ba3084cfafa10905e36e11238e335b5b1dabdfc332b059dfa4f6c27985bb0b15530b9a38e9c5a909d25962e47f2a6ac6b949834a3ae1bcfe3126580aa0d1fd36b0f20553a7a5a6b78b254f1963d5df5eba5bb10d48f8c3031050b03350b3f27f71b806bc2793978566ed36e9db9e3ee4cd0ee1687af82b531aa0a4a537d523eba5e4a625ab4de83f1c55ec68587546bb86105fde87d4bb495445c37e370b9c80472153c7f3a6792bcb003f3fd905858fec93ea876f905a4e253a882b28c4d4a77e5837c519abf459b0eeb1a8a0fb19b1468ed1c519eff933920c8bdaaa4730e6f2d5a177212ee3e4c852541ecab9e291b68fa3a66cf17a49a5fa19f0ef47d07fc37df1c1eeceb143fb7d5593f126806bbe0a39b4aa258ffa6da0b90b485bdc9361054dba24ffb8b2bb3a4f694c7049d34ef3dd0a91cbffc95bf0f4366fab8ab6612d490beeeee5f2ed453a11af70093ea4a7f4265cac9b266e2ca3445b924b7d0feac2932c1ca9b8b236918ebe5101368a5bb81d4e24eefaeff5f5fa13b583cf8a16d49604f384517cd4cf9ea5f50ae9e36d30b41a45b053810540f774ae4c91e39f4375aa8fbc21d4fa26bcac6e9e211acb75182f9d88a5fbb1a6fea2e055aa4b8f571ab0c47b9f434ef03c19499d50cb0751ed86f8ef41f728ad7f40d313dd73af32839f3955c11ba75af773c00470bd2644558050bbebe717733b3f0b90ef708d5f28ee6dd35a88ac2c3396e2d43c2f81c7538d41a30ee86fcaa655681c561a0ba4edc1f52476c8d7ea0a3788cad8180a0a7e5f2bca4001e0517c268ab1574bd919e3e2036fbefad1a659da59fc281ed70797940ab16ee13f41f3423536b37f3977a3d765a28e848f403187b6ed5928efbdf55375ec5ebf84a02739b9766432148491d2f72ec14452da75147e7c3d091d510f87c1f1c587d4df6070a32bcbebf8b0d869c10d4b78d01eb4cd440cf6fd949c9c7e6d92cc72952d7760aede1fe921879cbbb712ef93229b828ce1d522b92ce7c212dc27963ff7e438113d254335713d0d2b6f27fb97e380f5f4879ea9edd37dca584a72aa06df1591f310505ba210ee47fc098c76fc16574c30c49b7d835b04beb938abf89500d745087b8a52846746d0ff71ab63edaa186ba17f1962d4fbc0ceddbb28b67354b29451686fbdadc9812bad431092a2560f1c36091c67d6ef7f86e55c4d05b904d29591aad9bf960098f656454eacdc36d34329c290f4bdb8fe21c96750102f3d8a889d644a4e6e6699d2f50c289798feedeca7839cb5581f2f266dd2b07ac238893a10af34ed6a52293fee7db4ef0ab1e68ee079e1d063d01f1d8504e77b682c247a4708c11cd1b037b8a9282655031413dbc871e5686b913ec5b1aab202d5892cbf3810a16f398dc2ecc5972d946b0f869a3d1c1718a076254752ebc2a8f0e8db05a4312982393159285a146c57a42d9bc1f091316b2727291dd574bf88389304fa3c967ed6fcda75b58324d7ef37954ce09e95cc5569e644cdc9deb3a29c8b29593eb55c8d12177f5ff8238c445dde4c266455e92ce3f21f118c593ef7ba15913e27c6f89ce526185de4b8b6d5b1d538797875e6f9316d6416480944370ca6dd38ab4618bb006296b016edde28f81947c211583c525868e4f90ecf5c2a87ea7b046758dad89e71f30129cd81ab5c689263940cc753b471e9cd4a9fdca62e4cb538b4272d5119eb83f68337837bfaa85dac213461ea0c8fb58b2e8576d5d9a34b5d953ed6277cf03311bce06c0655bffe313db45dba8c9a8d5aaec75ca5693a7ff73d68e80301614e9f1850273b891f9d9849a1382716d5cdc795ece0eeecd1a50c70deb11a9caec3e4d4f85442bad41591dc01b92803d4ac8891aabb17d72bdd5e2dc3d901c696e3703cf1ca5b862d711de0dd6f4a609fe1d7aa6add832373604f36b4b18b3dd23a0b1b18d02b1e0151d202c3448bf7f9e4c18690a15bd6992a30e502c86b60884e5397f36d31d125027ea7b4b8fdb6d121747b4fa4517daaad992a8115da1be994824c2f61fe808706a11d83c0b1c80df8e86d76d33aa02efe341e6dcc6d644d684002994cb8dcf19feefb551beb0a180d4d5dd347b2a98530fb006b82c050a662ba97572d0fd4b78fe2d131f43e36ac1690e46d5b3e4eeefa1ee07291b80ca5da7bc863a667675fc950612f494be3207ed393ffdb8f67ad89d4a10ace09e74e8e66efcc41e402f0bd7d7e56371cabdb64858f86fb39cbd7935db28d60f2b5d6c1722fcf4f16176db60a7a44dc8977fbee465bffaacb345123255f0a5f987bb9b83bfc16b281b0bf4550e0782fd8a266e01f8fca9108be22fb8e6871aa31566dbf67e66e8fe8e11379b8d6b1582251a55618325b95f9ccfa7e4133f441cb05262119a7f784022fc9d101ef03adf9dc2afb10eb7b171c1421c52e780610b5e7d05bed91244c851fe89876b9f5670ddac863b04956c0595fba3a3b3514101c4da0c8143b3c0c4fdbe14742433cbddb39359f6189f371a4ea5fcbf74bbc0a82a029bd306e7608a796d1428e2bb7c64629f673151b9509c4b42c888d779e7053276716f20b276bc637c549ab1902e4ca999cd9bcfc56a21b974e5e52bc547db40cdeed1165fb8d50e9ca18c1020037ed8d433170398c74b8508764f3636247ddeac68af6a6733b23ead1f96cc68721766e39715e28ed05af5355bbb63f9192bc77664bb517e40d4bdcd3b4d79011a9be1602f64112a1766714be71a77cafb31ec94515830a0ca72c174e185f1e933ea25ae70ddb84858aa785901917c6909edbdc16360629bb96351d65f3c7f1bc8208afcc91e28e4270131e3a198d797260c796192c0ba3b698917e5228e1ffee01c6ed6f153363ef8d89ea797a71c35916d9c4ddc7db80ebe2023be100d98b0c7dc290a9022aa731b0b8c6951550ebe8253a93924675ae585de6c6440b83d293898a7b34b474d552ea154b68b04a169bd34560fc577104296676d317313f84a092a450237fd18eb129cc3fd3d8f94393c8449357bf09e3efe3dc0829e7c612bcae2afe699a2ee67202a2c174b69a67949108c4fca0611a7ac1089000d33a0c66ae3e87dbebcb4c031dc91370216754f1046f94e775261051c78dc4dac8fbec49393b1ab78b7172a4d7eb8d3a6367697e2bba6c1322f9f247073b66caf0f98fe6694132cc25b5d0cab4545818f45c499bfde8766f3488410e3b513697e2e03ec1a4b27cec215e5749a0559bfca36cd631a906fd1e88cd3af7e1bd43bb8b69757152e2f4bffea356a7f7f623f11f78efabb255a2fc96a34ef3c6c0916f0bcf5642f5fff307428fdc7eb1ad90f08f3097e2bfc73b3348efb0d192b60692ab0386c4770c7b006dd16485ce50d69f1e7ceb8f3332de1d63ee578768c0ad7251f4b119d9f24b067ccaaeeda4a7f890a76f64931fd592156b955652383a680b1fcfad5c5f3aa59eb99cc7bc865846fe538f8e8a2abb1d74fd51c6d95407932c3123779cee91a2c657aea2850a280529ce3c5e342723f1a5ae21e4bdc8b2bd76a729fe9ae499e3ed615bd6f7e66a911281208b12a2d0b77e713d99de0691281ce0847df34a13eb7cb04729b765401fb83f6f9ff1e07df7926f3b6b0e75c793a45bc1f014e403fdfafa1d42b59f774d5cc3520a144d2f093ac6285eecdd056c17b9013571a4622234df14f5cf06e50abaec8541b70a9c191f02f6467510200fc9d27f1ea9a9ad364076bccf4e6b7d3f81047e6cadae3bea42ebeebd5697fa31d77899896951d3ebe0381b2008403f65c2d34decd6447d84818c2b22fcd47aec04248a02ee2d8b0a469a30e8406783a32855365b7091c0270d1fcdb62e33597f882dd820113e8ade9d467c02e0a583eb6c2584b73fe181e951c03b9e96511241fcffe0e90c5f258d9bd494a3e7508a2774111ece9fa3a986844e7bc6a800867b644c9d9739513abca349cd40b7a71a01498445858252defb5092c0a8f1453a1ad8b42bb8d92cfb258303e1d042e9f301f71bb5302bcf401720f4fc5459f106424e56433873558feb2ee096e31331352e6074029d235a2ad156bd201321204d7cfdab1b56f67987784a7d6a4fe6caac2ca326b8a0c7b0a6cbcf1da1a4b0fbbf28caea89efbf90a2fbd8e63296a55ccbfb515058354bbef4c07293870ee6d8e19e71822980e2d63774d7116899d49a756b6b34cc6cb2b558be53264b128af66e265e3bebfad28d1cc084de7443848f09f89df5096763540c98327b9e037bb153064d50d69e91322c98562c6f29333e59b2f95c6483f8e1e14ae9312ae6ec21c8954743ce7b1dca4948301106384d005774cee3db17b1e47eafb9f500a694cf3a46427cfbe27413f595530f4545b3195a53e915125feffd2ea0d3b4e8afa8f5a779a9211a4014c5b32d887cdbe43ab49218c36ed165eb540d0e6c6c8a74e9a469421ee4e1f5e73745a781ade6d788713ff5bc5d4b0d37647119e775e868b5be6e50786526dd84cbaea1c5dc50574428490bfc1cf49e3cee99ddc1f1452f73bac8d3a45285d9e9bdd1299f97894605dbd39c7af6d3e09b7eef5687dd57ddba049a3f4dda5366166feba9350ff5897df825ff2acc9899a90e675fbc739bdaeb7eb0e161277e62b9374ffcc05d9ba653ab1715d98b3dbcd30eb6be24715f5c0dae2a5de7735f42b173fc37d52a296b5e7fd4e0fa7d9f3f1cedf15657fdd7346ba68fdf92a713fc464cc30bf62607f14c28aa966bc7243bc3f5fd57658e9ddba6d55b4753d9fe2ebf057aca756858dff0332d1b8ac7efa9e3ce5c476c044383f4c12ff65561060ac71600b05839ad421bf3b5b2d6647a6448b632a64a5246d82cb29c18b9e816143a3299f41dc9462b42a8b0657c2da552acd4e2df96b220aa484a7a87624f5567f3ccd9c8ce68d45860a8e92957b6ffb934148f37e6bfbaaa665358d147964dca5a12e729c3e21d4ea866214d66068b2b16cd2bbab6d6a4b6852d20f0d9a4bc482a4c0a3045ff1a3127a76a1231c96cba21ae07c280575c828f353988a8030c20830a739ddf9d1b23f673198592a3e011f80a325f5e204ca461cc96232cd67871cc29be8624dc415bb3659f1dc4ac0e875052d50577943973a29f2ee7f73255c56df09e5383d4b7d11a00885493b85df700a04063fb905f4501b8c8745f49330d743d068c68723c90944c35feea2078b7ff35c5baa558d04201563a082fc246ee784e5b85b58fa809f17716752dcc47f60168d36db90668ff20fa126986867dba186ff27b5c72a66b6eda533df633a540bbf0cb463548ddbe0cd9faf81e39ace6f079bc10e5dd97332ba649053e82a3853ecb2cceafbc4ac2fd06b6a9a29ce40ff6c56ee187173de8dede391d0dde42e936c419cc218b1e8dfbf08b1e64c793566802d7975a099d625e62c1b48f7be3a79f72610b7b277ac53890b2676ff60a0671e3b3775f53b9ba9c97bbb0ffb570117023896b09b0a73cda7446f045431ec7ce904fa553034a8d2ec9b5087334ff38c424aec2d4d320b58f346e6fc7f30b0f7b0cd8258e150bbdb4d6a9c2f1fe884feb75835e8a3fb69837141bd8a60e2ccef4b231cbe0ad5a2c7aabfca5cf53fe1ae47595c104536b5edf5cbe6a5f2beaf70b7c3348c611e669224e05ad317630518864a76e7f9ff69b3c9ed0b89efc3e6c56ccb1237fe28af9b1b28cc15c88ade5ad232006632cb5b3f5b7bef2fd4496ddb7c8cf4", 0x1000}, {&(0x7f0000000100)="5d79d7bbd6c22c747ff90d4e994f5a3b7c1863349659b5c633636a6009cd83505d38f36e519d2c56480d77af73ace5714b3f3b5a734194acd364dba76ac34ed8876133b59de187deb1120c3ad9e6a5e040a3ee7bd889565abfdaa6d8a63df5a13f1ded4448688c9b20d3075c662cffcaf95c9b258425d1b8f55724347c28e5", 0x7f}, {&(0x7f0000000180)="72738a8ca0103a8050319bd5c3645dac96d8a4b09c6a96a60447999fbb82adb8b6a0dd621e074b4957d21d9c7a9501a210cbba993e3e825196c0b72d92995cc24856f57a15222ad22fb974be03ee92556e811fac264e66473b49e9ef10fd0ac208ad7628dcae917b42d922c87567c50249c4ffbbaac93a3671633f8a8d5861b36a72b0c3ceccf354a98469b368840f0e4f8878e26f2b9350217f0d754e1784a13206086875bdf01a3f2377146c22102b3d05931dd281c724b71413708209bfe47df99febc629bee427518e7354be1385b7329e1f380b561fb07f6229f25818bfce90d20da9663a895346e8756955a7891fdcf6f62fb505d0875434d6dccd98", 0xff}], 0x4, 0x4)

2018/05/15 13:07:21 executing program 2:
r0 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_int(r0, 0x0, 0xc, &(0x7f0000000000)=0x9, 0x4)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000469ffc)=0x7fe, 0x4)
sendto$inet(r0, &(0x7f0000edf000), 0x0, 0x0, &(0x7f0000cd2ff0)={0x2, 0x4e20}, 0x10)
recvmsg(r0, &(0x7f0000edffc8)={0x0, 0xfffffffffffffe58, &(0x7f0000000000), 0x0, &(0x7f0000000040)=""/81, 0x51}, 0x40002102)

2018/05/15 13:07:21 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000050000000004000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:21 executing program 5:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f0000000040)="f8c995b805e72f1a57fc1a52a17e", 0xfffffffffffffd94)
read(r0, &(0x7f00000000c0)=""/250, 0x142297bb)
fcntl$setpipe(r0, 0x407, 0x9476fe0)

2018/05/15 13:07:21 executing program 0 (fault-call:0 fault-nth:95):
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))

[  297.682484] FAULT_INJECTION: forcing a failure.
[  297.682484] name failslab, interval 1, probability 0, space 0, times 0
[  297.693827] CPU: 0 PID: 18671 Comm: syz-executor0 Not tainted 4.17.0-rc5+ #51
[  297.701111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  297.710579] Call Trace:
[  297.713192]  dump_stack+0x1b9/0x294
[  297.716842]  ? dump_stack_print_info.cold.2+0x52/0x52
[  297.722046]  ? __save_stack_trace+0x7e/0xd0
[  297.726387]  should_fail.cold.4+0xa/0x1a
[  297.730462]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  297.735584]  ? graph_lock+0x170/0x170
[  297.739401]  ? kasan_slab_alloc+0x12/0x20
[  297.743559]  ? kmem_cache_alloc+0x12e/0x760
[  297.747890]  ? copy_process.part.38+0x2d37/0x6e90
[  297.752740]  ? _do_fork+0x291/0x12a0
[  297.756462]  ? __x64_sys_clone+0xbf/0x150
[  297.760622]  ? graph_lock+0x170/0x170
[  297.764440]  ? find_held_lock+0x36/0x1c0
[  297.768514]  ? __lock_is_held+0xb5/0x140
[  297.772602]  ? check_same_owner+0x320/0x320
[  297.776938]  ? rcu_note_context_switch+0x710/0x710
2018/05/15 13:07:21 executing program 4:
bpf$MAP_CREATE(0x8037, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:21 executing program 2:
mkdir(&(0x7f0000000080)='./file1\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
mknodat(r0, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
mount(&(0x7f0000000140)='./file1\x00', &(0x7f0000000180)='./file1\x00', &(0x7f0000000200)='cifs\x00', 0x1000, &(0x7f0000000240))
renameat2(r0, &(0x7f0000000340)='./file0\x00', r0, &(0x7f0000000380)='./file1\x00', 0x2)

2018/05/15 13:07:21 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

[  297.781879]  __should_failslab+0x124/0x180
[  297.786121]  should_failslab+0x9/0x14
[  297.789925]  kmem_cache_alloc+0x2af/0x760
[  297.794081]  ? __vma_link_rb+0x26d/0x370
[  297.798152]  copy_process.part.38+0x2d37/0x6e90
[  297.802854]  ? __cleanup_sighand+0x70/0x70
[  297.807099]  ? find_held_lock+0x13f/0x1c0
[  297.811259]  ? print_usage_bug+0xc0/0xc0
[  297.815326]  ? lock_downgrade+0x8e0/0x8e0
[  297.819483]  ? unlock_page+0x1d0/0x2b0
[  297.823379]  ? debug_check_no_locks_freed+0x310/0x310
[  297.828589]  ? print_usage_bug+0xc0/0xc0
2018/05/15 13:07:21 executing program 2:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000040)={&(0x7f0000000540)=ANY=[@ANYBLOB="38010000100013070000000000000000e00000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000", @ANYRES32=0x0, @ANYBLOB="f0000000000000000000ffffffffffff000000003200000000000000000000000000ffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000048000200656362286369706865725f6e756c6c290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008c"], 0x3}, 0x1}, 0x0)

2018/05/15 13:07:21 executing program 4:
bpf$MAP_CREATE(0xa4030000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

[  297.832656]  ? filemap_map_pages+0xcd4/0x1870
[  297.837168]  ? debug_check_no_locks_freed+0x310/0x310
[  297.842374]  ? find_get_entries_tag+0x10a0/0x10a0
[  297.847227]  ? __lock_acquire+0x7f5/0x5140
[  297.851473]  ? debug_check_no_locks_freed+0x310/0x310
[  297.856684]  ? print_usage_bug+0xc0/0xc0
[  297.860750]  ? graph_lock+0x170/0x170
[  297.864561]  ? lock_acquire+0x1dc/0x520
[  297.869247]  ? __fdget_pos+0x1a9/0x1e0
[  297.873138]  ? graph_lock+0x170/0x170
[  297.876948]  ? __lock_acquire+0x7f5/0x5140
2018/05/15 13:07:21 executing program 4:
bpf$MAP_CREATE(0x35914, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

[  297.881194]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  297.886742]  ? _parse_integer+0x13b/0x190
[  297.890998]  ? graph_lock+0x170/0x170
[  297.894811]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  297.900351]  ? _kstrtoull+0x180/0x230
[  297.904156]  ? _parse_integer+0x190/0x190
[  297.908312]  ? graph_lock+0x170/0x170
[  297.912120]  ? lock_release+0xa10/0xa10
[  297.916102]  ? check_same_owner+0x320/0x320
[  297.920610]  ? find_held_lock+0x36/0x1c0
[  297.924676]  ? graph_lock+0x170/0x170
[  297.928489]  ? lock_downgrade+0x8e0/0x8e0
[  297.932656]  ? find_held_lock+0x36/0x1c0
[  297.936739]  ? lock_downgrade+0x8e0/0x8e0
[  297.940898]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  297.946441]  ? proc_fail_nth_write+0x96/0x1f0
[  297.950944]  ? proc_cwd_link+0x1d0/0x1d0
[  297.955018]  ? find_held_lock+0x36/0x1c0
[  297.959075]  _do_fork+0x291/0x12a0
[  297.962605]  ? fork_idle+0x1a0/0x1a0
[  297.966359]  ? __lock_is_held+0xb5/0x140
[  297.970441]  ? __sb_end_write+0xac/0xe0
[  297.974405]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  297.979924]  ? fput+0x130/0x1a0
[  297.983188]  ? ksys_write+0x1a6/0x250
[  297.986975]  ? __ia32_sys_read+0xb0/0xb0
[  297.991030]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  297.996558]  __x64_sys_clone+0xbf/0x150
[  298.000519]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  298.005534]  do_syscall_64+0x1b1/0x800
[  298.009406]  ? finish_task_switch+0x1ca/0x840
[  298.013891]  ? syscall_return_slowpath+0x5c0/0x5c0
[  298.018806]  ? syscall_return_slowpath+0x30f/0x5c0
[  298.023724]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  298.029075]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  298.033904]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  298.039076] RIP: 0033:0x455a09
[  298.042247] RSP: 002b:00007f899b091c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  298.049943] RAX: ffffffffffffffda RBX: 00007f899b0926d4 RCX: 0000000000455a09
[  298.057196] RDX: 0000000020000580 RSI: 0000000020000480 RDI: 0000000000004000
[  298.064448] RBP: 000000000072bea0 R08: 0000000020000600 R09: 0000000000000000
[  298.071704] R10: 00000000200005c0 R11: 0000000000000246 R12: 0000000000000013
2018/05/15 13:07:21 executing program 4:
bpf$MAP_CREATE(0x222, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:21 executing program 4:
bpf$MAP_CREATE(0x9602000000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

[  298.078956] R13: 0000000000000052 R14: 00000000006f4850 R15: 000000000000005f
2018/05/15 13:07:22 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x2000, 0x0)
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r1=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r1+30000000}}, &(0x7f0000040000))
tkill(r0, 0x1000000000016)

2018/05/15 13:07:22 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000140004000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:22 executing program 4:
bpf$MAP_CREATE(0x9803000000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:22 executing program 0 (fault-call:0 fault-nth:96):
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))

2018/05/15 13:07:22 executing program 2:

2018/05/15 13:07:22 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:07:22 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
vmsplice(r1, &(0x7f0000000280)=[{&(0x7f00000014c0)="b84a8f520a506ca875f25173cbd4e310d788a2616d76193cf3185a565a3fa409d5865ea4e882bd278ee520cc92085c6ba3084cfafa10905e36e11238e335b5b1dabdfc332b059dfa4f6c27985bb0b15530b9a38e9c5a909d25962e47f2a6ac6b949834a3ae1bcfe3126580aa0d1fd36b0f20553a7a5a6b78b254f1963d5df5eba5bb10d48f8c3031050b03350b3f27f71b806bc2793978566ed36e9db9e3ee4cd0ee1687af82b531aa0a4a537d523eba5e4a625ab4de83f1c55ec68587546bb86105fde87d4bb495445c37e370b9c80472153c7f3a6792bcb003f3fd905858fec93ea876f905a4e253a882b28c4d4a77e5837c519abf459b0eeb1a8a0fb19b1468ed1c519eff933920c8bdaaa4730e6f2d5a177212ee3e4c852541ecab9e291b68fa3a66cf17a49a5fa19f0ef47d07fc37df1c1eeceb143fb7d5593f126806bbe0a39b4aa258ffa6da0b90b485bdc9361054dba24ffb8b2bb3a4f694c7049d34ef3dd0a91cbffc95bf0f4366fab8ab6612d490beeeee5f2ed453a11af70093ea4a7f4265cac9b266e2ca3445b924b7d0feac2932c1ca9b8b236918ebe5101368a5bb81d4e24eefaeff5f5fa13b583cf8a16d49604f384517cd4cf9ea5f50ae9e36d30b41a45b053810540f774ae4c91e39f4375aa8fbc21d4fa26bcac6e9e211acb75182f9d88a5fbb1a6fea2e055aa4b8f571ab0c47b9f434ef03c19499d50cb0751ed86f8ef41f728ad7f40d313dd73af32839f3955c11ba75af773c00470bd2644558050bbebe717733b3f0b90ef708d5f28ee6dd35a88ac2c3396e2d43c2f81c7538d41a30ee86fcaa655681c561a0ba4edc1f52476c8d7ea0a3788cad8180a0a7e5f2bca4001e0517c268ab1574bd919e3e2036fbefad1a659da59fc281ed70797940ab16ee13f41f3423536b37f3977a3d765a28e848f403187b6ed5928efbdf55375ec5ebf84a02739b9766432148491d2f72ec14452da75147e7c3d091d510f87c1f1c587d4df6070a32bcbebf8b0d869c10d4b78d01eb4cd440cf6fd949c9c7e6d92cc72952d7760aede1fe921879cbbb712ef93229b828ce1d522b92ce7c212dc27963ff7e438113d254335713d0d2b6f27fb97e380f5f4879ea9edd37dca584a72aa06df1591f310505ba210ee47fc098c76fc16574c30c49b7d835b04beb938abf89500d745087b8a52846746d0ff71ab63edaa186ba17f1962d4fbc0ceddbb28b67354b29451686fbdadc9812bad431092a2560f1c36091c67d6ef7f86e55c4d05b904d29591aad9bf960098f656454eacdc36d34329c290f4bdb8fe21c96750102f3d8a889d644a4e6e6699d2f50c289798feedeca7839cb5581f2f266dd2b07ac238893a10af34ed6a52293fee7db4ef0ab1e68ee079e1d063d01f1d8504e77b682c247a4708c11cd1b037b8a9282655031413dbc871e5686b913ec5b1aab202d5892cbf3810a16f398dc2ecc5972d946b0f869a3d1c1718a076254752ebc2a8f0e8db05a4312982393159285a146c57a42d9bc1f091316b2727291dd574bf88389304fa3c967ed6fcda75b58324d7ef37954ce09e95cc5569e644cdc9deb3a29c8b29593eb55c8d12177f5ff8238c445dde4c266455e92ce3f21f118c593ef7ba15913e27c6f89ce526185de4b8b6d5b1d538797875e6f9316d6416480944370ca6dd38ab4618bb006296b016edde28f81947c211583c525868e4f90ecf5c2a87ea7b046758dad89e71f30129cd81ab5c689263940cc753b471e9cd4a9fdca62e4cb538b4272d5119eb83f68337837bfaa85dac213461ea0c8fb58b2e8576d5d9a34b5d953ed6277cf03311bce06c0655bffe313db45dba8c9a8d5aaec75ca5693a7ff73d68e80301614e9f1850273b891f9d9849a1382716d5cdc795ece0eeecd1a50c70deb11a9caec3e4d4f85442bad41591dc01b92803d4ac8891aabb17d72bdd5e2dc3d901c696e3703cf1ca5b862d711de0dd6f4a609fe1d7aa6add832373604f36b4b18b3dd23a0b1b18d02b1e0151d202c3448bf7f9e4c18690a15bd6992a30e502c86b60884e5397f36d31d125027ea7b4b8fdb6d121747b4fa4517daaad992a8115da1be994824c2f61fe808706a11d83c0b1c80df8e86d76d33aa02efe341e6dcc6d644d684002994cb8dcf19feefb551beb0a180d4d5dd347b2a98530fb006b82c050a662ba97572d0fd4b78fe2d131f43e36ac1690e46d5b3e4eeefa1ee07291b80ca5da7bc863a667675fc950612f494be3207ed393ffdb8f67ad89d4a10ace09e74e8e66efcc41e402f0bd7d7e56371cabdb64858f86fb39cbd7935db28d60f2b5d6c1722fcf4f16176db60a7a44dc8977fbee465bffaacb345123255f0a5f987bb9b83bfc16b281b0bf4550e0782fd8a266e01f8fca9108be22fb8e6871aa31566dbf67e66e8fe8e11379b8d6b1582251a55618325b95f9ccfa7e4133f441cb05262119a7f784022fc9d101ef03adf9dc2afb10eb7b171c1421c52e780610b5e7d05bed91244c851fe89876b9f5670ddac863b04956c0595fba3a3b3514101c4da0c8143b3c0c4fdbe14742433cbddb39359f6189f371a4ea5fcbf74bbc0a82a029bd306e7608a796d1428e2bb7c64629f673151b9509c4b42c888d779e7053276716f20b276bc637c549ab1902e4ca999cd9bcfc56a21b974e5e52bc547db40cdeed1165fb8d50e9ca18c1020037ed8d433170398c74b8508764f3636247ddeac68af6a6733b23ead1f96cc68721766e39715e28ed05af5355bbb63f9192bc77664bb517e40d4bdcd3b4d79011a9be1602f64112a1766714be71a77cafb31ec94515830a0ca72c174e185f1e933ea25ae70ddb84858aa785901917c6909edbdc16360629bb96351d65f3c7f1bc8208afcc91e28e4270131e3a198d797260c796192c0ba3b698917e5228e1ffee01c6ed6f153363ef8d89ea797a71c35916d9c4ddc7db80ebe2023be100d98b0c7dc290a9022aa731b0b8c6951550ebe8253a93924675ae585de6c6440b83d293898a7b34b474d552ea154b68b04a169bd34560fc577104296676d317313f84a092a450237fd18eb129cc3fd3d8f94393c8449357bf09e3efe3dc0829e7c612bcae2afe699a2ee67202a2c174b69a67949108c4fca0611a7ac1089000d33a0c66ae3e87dbebcb4c031dc91370216754f1046f94e775261051c78dc4dac8fbec49393b1ab78b7172a4d7eb8d3a6367697e2bba6c1322f9f247073b66caf0f98fe6694132cc25b5d0cab4545818f45c499bfde8766f3488410e3b513697e2e03ec1a4b27cec215e5749a0559bfca36cd631a906fd1e88cd3af7e1bd43bb8b69757152e2f4bffea356a7f7f623f11f78efabb255a2fc96a34ef3c6c0916f0bcf5642f5fff307428fdc7eb1ad90f08f3097e2bfc73b3348efb0d192b60692ab0386c4770c7b006dd16485ce50d69f1e7ceb8f3332de1d63ee578768c0ad7251f4b119d9f24b067ccaaeeda4a7f890a76f64931fd592156b955652383a680b1fcfad5c5f3aa59eb99cc7bc865846fe538f8e8a2abb1d74fd51c6d95407932c3123779cee91a2c657aea2850a280529ce3c5e342723f1a5ae21e4bdc8b2bd76a729fe9ae499e3ed615bd6f7e66a911281208b12a2d0b77e713d99de0691281ce0847df34a13eb7cb04729b765401fb83f6f9ff1e07df7926f3b6b0e75c793a45bc1f014e403fdfafa1d42b59f774d5cc3520a144d2f093ac6285eecdd056c17b9013571a4622234df14f5cf06e50abaec8541b70a9c191f02f6467510200fc9d27f1ea9a9ad364076bccf4e6b7d3f81047e6cadae3bea42ebeebd5697fa31d77899896951d3ebe0381b2008403f65c2d34decd6447d84818c2b22fcd47aec04248a02ee2d8b0a469a30e8406783a32855365b7091c0270d1fcdb62e33597f882dd820113e8ade9d467c02e0a583eb6c2584b73fe181e951c03b9e96511241fcffe0e90c5f258d9bd494a3e7508a2774111ece9fa3a986844e7bc6a800867b644c9d9739513abca349cd40b7a71a01498445858252defb5092c0a8f1453a1ad8b42bb8d92cfb258303e1d042e9f301f71bb5302bcf401720f4fc5459f106424e56433873558feb2ee096e31331352e6074029d235a2ad156bd201321204d7cfdab1b56f67987784a7d6a4fe6caac2ca326b8a0c7b0a6cbcf1da1a4b0fbbf28caea89efbf90a2fbd8e63296a55ccbfb515058354bbef4c07293870ee6d8e19e71822980e2d63774d7116899d49a756b6b34cc6cb2b558be53264b128af66e265e3bebfad28d1cc084de7443848f09f89df5096763540c98327b9e037bb153064d50d69e91322c98562c6f29333e59b2f95c6483f8e1e14ae9312ae6ec21c8954743ce7b1dca4948301106384d005774cee3db17b1e47eafb9f500a694cf3a46427cfbe27413f595530f4545b3195a53e915125feffd2ea0d3b4e8afa8f5a779a9211a4014c5b32d887cdbe43ab49218c36ed165eb540d0e6c6c8a74e9a469421ee4e1f5e73745a781ade6d788713ff5bc5d4b0d37647119e775e868b5be6e50786526dd84cbaea1c5dc50574428490bfc1cf49e3cee99ddc1f1452f73bac8d3a45285d9e9bdd1299f97894605dbd39c7af6d3e09b7eef5687dd57ddba049a3f4dda5366166feba9350ff5897df825ff2acc9899a90e675fbc739bdaeb7eb0e161277e62b9374ffcc05d9ba653ab1715d98b3dbcd30eb6be24715f5c0dae2a5de7735f42b173fc37d52a296b5e7fd4e0fa7d9f3f1cedf15657fdd7346ba68fdf92a713fc464cc30bf62607f14c28aa966bc7243bc3f5fd57658e9ddba6d55b4753d9fe2ebf057aca756858dff0332d1b8ac7efa9e3ce5c476c044383f4c12ff65561060ac71600b05839ad421bf3b5b2d6647a6448b632a64a5246d82cb29c18b9e816143a3299f41dc9462b42a8b0657c2da552acd4e2df96b220aa484a7a87624f5567f3ccd9c8ce68d45860a8e92957b6ffb934148f37e6bfbaaa665358d147964dca5a12e729c3e21d4ea866214d66068b2b16cd2bbab6d6a4b6852d20f0d9a4bc482a4c0a3045ff1a3127a76a1231c96cba21ae07c280575c828f353988a8030c20830a739ddf9d1b23f673198592a3e011f80a325f5e204ca461cc96232cd67871cc29be8624dc415bb3659f1dc4ac0e875052d50577943973a29f2ee7f73255c56df09e5383d4b7d11a00885493b85df700a04063fb905f4501b8c8745f49330d743d068c68723c90944c35feea2078b7ff35c5baa558d04201563a082fc246ee784e5b85b58fa809f17716752dcc47f60168d36db90668ff20fa126986867dba186ff27b5c72a66b6eda533df633a540bbf0cb463548ddbe0cd9faf81e39ace6f079bc10e5dd97332ba649053e82a3853ecb2cceafbc4ac2fd06b6a9a29ce40ff6c56ee187173de8dede391d0dde42e936c419cc218b1e8dfbf08b1e64c793566802d7975a099d625e62c1b48f7be3a79f72610b7b277ac53890b2676ff60a0671e3b3775f53b9ba9c97bbb0ffb570117023896b09b0a73cda7446f045431ec7ce904fa553034a8d2ec9b5087334ff38c424aec2d4d320b58f346e6fc7f30b0f7b0cd8258e150bbdb4d6a9c2f1fe884feb75835e8a3fb69837141bd8a60e2ccef4b231cbe0ad5a2c7aabfca5cf53fe1ae47595c104536b5edf5cbe6a5f2beaf70b7c3348c611e669224e05ad317630518864a76e7f9ff69b3c9ed0b89efc3e6c56ccb1237fe28af9b1b28cc15c88ade5ad232006632cb5b3f5b7bef2fd4496ddb7c8cf4", 0x1000}, {&(0x7f0000000100)="5d79d7bbd6c22c747ff90d4e994f5a3b7c1863349659b5c633636a6009cd83505d38f36e519d2c56480d77af73ace5714b3f3b5a734194acd364dba76ac34ed8876133b59de187deb1120c3ad9e6a5e040a3ee7bd889565abfdaa6d8a63df5a13f1ded4448688c9b20d3075c662cffcaf95c9b258425d1b8f55724347c28e5", 0x7f}, {&(0x7f0000000180)="72738a8ca0103a8050319bd5c3645dac96d8a4b09c6a96a60447999fbb82adb8b6a0dd621e074b4957d21d9c7a9501a210cbba993e3e825196c0b72d92995cc24856f57a15222ad22fb974be03ee92556e811fac264e66473b49e9ef10fd0ac208ad7628dcae917b42d922c87567c50249c4ffbbaac93a3671633f8a8d5861b36a72b0c3ceccf354a98469b368840f0e4f8878e26f2b9350217f0d754e1784a13206086875bdf01a3f2377146c22102b3d05931dd281c724b71413708209bfe47df99febc629bee427518e7354be1385b7329e1f380b561fb07f6229f25818bfce90d20da9663a895346e8756955a7891fdcf6f62fb505d0875434d6dccd98", 0xff}], 0x3, 0x4)

2018/05/15 13:07:22 executing program 5:
r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x0)
r1 = dup2(0xffffffffffffff9c, 0xffffffffffffff9c)
ioctl$VHOST_SET_VRING_CALL(r0, 0x4008af21, &(0x7f0000000040)={0x0, r1})
pipe(&(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
write(r3, &(0x7f00000001c0), 0xfaa8a4c0)
read(r2, &(0x7f00000000c0)=""/250, 0x142297bb)
fcntl$setpipe(r2, 0x407, 0x9476fe0)
iopl(0x260)

2018/05/15 13:07:22 executing program 2:

2018/05/15 13:07:22 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000016000004000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

[  298.704213] FAULT_INJECTION: forcing a failure.
[  298.704213] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  298.716193] CPU: 0 PID: 18733 Comm: syz-executor0 Not tainted 4.17.0-rc5+ #51
[  298.723476] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  298.732837] Call Trace:
[  298.735444]  dump_stack+0x1b9/0x294
[  298.739096]  ? dump_stack_print_info.cold.2+0x52/0x52
[  298.744308]  ? graph_lock+0x170/0x170
[  298.748131]  should_fail.cold.4+0xa/0x1a
2018/05/15 13:07:22 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

[  298.752204]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  298.757317]  ? graph_lock+0x170/0x170
[  298.761130]  ? find_held_lock+0x36/0x1c0
[  298.765201]  ? __lock_is_held+0xb5/0x140
[  298.769283]  ? check_same_owner+0x320/0x320
[  298.773611]  ? trace_hardirqs_on+0xd/0x10
[  298.777772]  ? rcu_note_context_switch+0x710/0x710
[  298.782763]  ? finish_task_switch+0x1ca/0x840
[  298.787314]  ? finish_task_switch+0x182/0x840
[  298.791823]  ? __might_sleep+0x95/0x190
[  298.795810]  __alloc_pages_nodemask+0x34e/0xd70
[  298.800484]  ? lock_repin_lock+0x410/0x410
2018/05/15 13:07:22 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

[  298.804734]  ? __alloc_pages_slowpath+0x2db0/0x2db0
[  298.809760]  ? __schedule+0x809/0x1e30
[  298.813660]  ? graph_lock+0x170/0x170
[  298.817468]  ? find_held_lock+0x36/0x1c0
[  298.821553]  ? __lock_is_held+0xb5/0x140
[  298.825622]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  298.831172]  alloc_pages_current+0x10c/0x210
[  298.835592]  pte_alloc_one+0x1b/0x120
[  298.839404]  __pte_alloc+0x2a/0x340
[  298.843040]  copy_page_range+0x1655/0x24b0
[  298.847302]  ? __pmd_alloc+0x530/0x530
2018/05/15 13:07:22 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

[  298.851198]  ? __save_stack_trace+0x7e/0xd0
[  298.855539]  ? save_stack+0xa9/0xd0
[  298.859168]  ? graph_lock+0x170/0x170
[  298.862974]  ? kasan_slab_alloc+0x12/0x20
[  298.867120]  ? kmem_cache_alloc+0x12e/0x760
[  298.871447]  ? copy_process.part.38+0x2d37/0x6e90
[  298.876294]  ? _do_fork+0x291/0x12a0
[  298.880011]  ? __x64_sys_clone+0xbf/0x150
[  298.884164]  ? graph_lock+0x170/0x170
[  298.887982]  ? find_held_lock+0x36/0x1c0
[  298.892057]  ? lock_downgrade+0x8e0/0x8e0
[  298.896221]  ? lock_release+0xa10/0xa10
[  298.900203]  ? check_same_owner+0x320/0x320
2018/05/15 13:07:22 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:07:22 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

[  298.904536]  ? rcu_note_context_switch+0x710/0x710
[  298.909475]  ? __might_sleep+0x95/0x190
[  298.913469]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  298.918510]  ? __vma_link_rb+0x26d/0x370
[  298.922582]  copy_process.part.38+0x4be7/0x6e90
[  298.927278]  ? __cleanup_sighand+0x70/0x70
[  298.931527]  ? find_held_lock+0x13f/0x1c0
[  298.935699]  ? print_usage_bug+0xc0/0xc0
[  298.939769]  ? lock_downgrade+0x8e0/0x8e0
[  298.943925]  ? unlock_page+0x1d0/0x2b0
[  298.947824]  ? debug_check_no_locks_freed+0x310/0x310
2018/05/15 13:07:22 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

[  298.953021]  ? print_usage_bug+0xc0/0xc0
[  298.957091]  ? filemap_map_pages+0xcd4/0x1870
[  298.961605]  ? debug_check_no_locks_freed+0x310/0x310
[  298.966801]  ? find_get_entries_tag+0x10a0/0x10a0
[  298.971651]  ? __lock_acquire+0x7f5/0x5140
[  298.975896]  ? debug_check_no_locks_freed+0x310/0x310
[  298.981109]  ? print_usage_bug+0xc0/0xc0
[  298.985169]  ? graph_lock+0x170/0x170
[  298.988978]  ? lock_acquire+0x1dc/0x520
[  298.992954]  ? __fdget_pos+0x1a9/0x1e0
[  298.996851]  ? graph_lock+0x170/0x170
[  299.000662]  ? __lock_acquire+0x7f5/0x5140
[  299.004911]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  299.010454]  ? _parse_integer+0x13b/0x190
[  299.014613]  ? graph_lock+0x170/0x170
[  299.018425]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  299.023968]  ? _kstrtoull+0x180/0x230
[  299.027775]  ? _parse_integer+0x190/0x190
[  299.031929]  ? graph_lock+0x170/0x170
[  299.035737]  ? lock_release+0xa10/0xa10
[  299.039716]  ? check_same_owner+0x320/0x320
[  299.044046]  ? find_held_lock+0x36/0x1c0
[  299.048115]  ? graph_lock+0x170/0x170
[  299.051927]  ? lock_downgrade+0x8e0/0x8e0
[  299.056086]  ? find_held_lock+0x36/0x1c0
[  299.060164]  ? lock_downgrade+0x8e0/0x8e0
[  299.064323]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  299.069867]  ? proc_fail_nth_write+0x96/0x1f0
[  299.074370]  ? proc_cwd_link+0x1d0/0x1d0
[  299.078445]  ? find_held_lock+0x36/0x1c0
[  299.082545]  _do_fork+0x291/0x12a0
[  299.086084]  ? fork_idle+0x1a0/0x1a0
[  299.089799]  ? __lock_is_held+0xb5/0x140
[  299.093880]  ? __sb_end_write+0xac/0xe0
[  299.097869]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  299.103411]  ? fput+0x130/0x1a0
[  299.106696]  ? ksys_write+0x1a6/0x250
[  299.110510]  ? __ia32_sys_read+0xb0/0xb0
[  299.114580]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  299.120127]  __x64_sys_clone+0xbf/0x150
[  299.124108]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  299.129137]  do_syscall_64+0x1b1/0x800
[  299.133032]  ? finish_task_switch+0x1ca/0x840
[  299.137520]  ? syscall_return_slowpath+0x5c0/0x5c0
[  299.142445]  ? syscall_return_slowpath+0x30f/0x5c0
[  299.147374]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  299.152726]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  299.157568]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  299.162748] RIP: 0033:0x455a09
[  299.165918] RSP: 002b:00007f899b091c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  299.173619] RAX: ffffffffffffffda RBX: 00007f899b0926d4 RCX: 0000000000455a09
[  299.180880] RDX: 0000000020000580 RSI: 0000000020000480 RDI: 0000000000004000
[  299.188132] RBP: 000000000072bea0 R08: 0000000020000600 R09: 0000000000000000
[  299.195395] R10: 00000000200005c0 R11: 0000000000000246 R12: 0000000000000013
[  299.202656] R13: 0000000000000052 R14: 00000000006f4850 R15: 0000000000000060
2018/05/15 13:07:23 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r1=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r1+30000000}}, &(0x7f0000040000))
getresgid(&(0x7f0000000000), &(0x7f0000000100), &(0x7f0000000140))
tkill(r0, 0x1000000000016)

2018/05/15 13:07:23 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:07:23 executing program 4:
bpf$MAP_CREATE(0x80030000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:23 executing program 2:

2018/05/15 13:07:23 executing program 0 (fault-call:0 fault-nth:97):
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))

2018/05/15 13:07:23 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000400000004000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:23 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
vmsplice(r1, &(0x7f0000000280)=[{&(0x7f0000000100)="5d79d7bbd6c22c747ff90d4e994f5a3b7c1863349659b5c633636a6009cd83505d38f36e519d2c56480d77af73ace5714b3f3b5a734194acd364dba76ac34ed8876133b59de187deb1120c3ad9e6a5e040a3ee7bd889565abfdaa6d8a63df5a13f1ded4448688c9b20d3075c662cffcaf95c9b258425d1b8f55724347c28e5", 0x7f}, {&(0x7f0000000180)="72738a8ca0103a8050319bd5c3645dac96d8a4b09c6a96a60447999fbb82adb8b6a0dd621e074b4957d21d9c7a9501a210cbba993e3e825196c0b72d92995cc24856f57a15222ad22fb974be03ee92556e811fac264e66473b49e9ef10fd0ac208ad7628dcae917b42d922c87567c50249c4ffbbaac93a3671633f8a8d5861b36a72b0c3ceccf354a98469b368840f0e4f8878e26f2b9350217f0d754e1784a13206086875bdf01a3f2377146c22102b3d05931dd281c724b71413708209bfe47df99febc629bee427518e7354be1385b7329e1f380b561fb07f6229f25818bfce90d20da9663a895346e8756955a7891fdcf6f62fb505d0875434d6dccd98", 0xff}], 0x2, 0x4)

2018/05/15 13:07:23 executing program 5:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
read(r0, &(0x7f00000000c0)=""/250, 0x142297bb)
accept$inet(r0, &(0x7f0000000000)={0x0, 0x0, @loopback}, &(0x7f0000000040)=0x10)
write$fuse(r0, &(0x7f00000001c0)={0x33, 0x0, 0x3, @random="f772764d16dbfc211b69891baaa5baae92bc33a6f2b41442daa5b9ecd09e4c6a61b56d"}, 0x33)
fcntl$setpipe(r0, 0x407, 0x9476fe0)

[  299.643911] FAULT_INJECTION: forcing a failure.
[  299.643911] name failslab, interval 1, probability 0, space 0, times 0
[  299.655265] CPU: 0 PID: 18770 Comm: syz-executor0 Not tainted 4.17.0-rc5+ #51
[  299.662545] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  299.671897] Call Trace:
[  299.674496]  dump_stack+0x1b9/0x294
[  299.678137]  ? dump_stack_print_info.cold.2+0x52/0x52
[  299.683339]  ? percpu_ref_put_many+0x132/0x230
[  299.687932]  ? memcg_kmem_charge_memcg+0x74/0x110
2018/05/15 13:07:23 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:07:23 executing program 2:

[  299.692788]  ? percpu_ref_tryget+0x2b0/0x2b0
[  299.697215]  should_fail.cold.4+0xa/0x1a
[  299.701289]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  299.706409]  ? graph_lock+0x170/0x170
[  299.710231]  ? find_held_lock+0x36/0x1c0
[  299.714308]  ? __lock_is_held+0xb5/0x140
[  299.718390]  ? check_same_owner+0x320/0x320
[  299.722727]  ? rcu_note_context_switch+0x710/0x710
[  299.727671]  __should_failslab+0x124/0x180
[  299.731917]  should_failslab+0x9/0x14
[  299.735730]  kmem_cache_alloc+0x2af/0x760
2018/05/15 13:07:23 executing program 4:
bpf$MAP_CREATE(0x424b0300, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

[  299.739890]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  299.745440]  ptlock_alloc+0x20/0x80
[  299.749075]  pte_alloc_one+0x6b/0x120
[  299.752885]  __pte_alloc+0x2a/0x340
[  299.757244]  copy_page_range+0x1655/0x24b0
[  299.761508]  ? __pmd_alloc+0x530/0x530
[  299.765400]  ? __save_stack_trace+0x7e/0xd0
[  299.769739]  ? save_stack+0xa9/0xd0
[  299.773372]  ? graph_lock+0x170/0x170
[  299.777184]  ? kasan_slab_alloc+0x12/0x20
[  299.781337]  ? kmem_cache_alloc+0x12e/0x760
[  299.785662]  ? copy_process.part.38+0x2d37/0x6e90
[  299.790511]  ? _do_fork+0x291/0x12a0
2018/05/15 13:07:23 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:07:23 executing program 2:

[  299.794225]  ? __x64_sys_clone+0xbf/0x150
[  299.798377]  ? graph_lock+0x170/0x170
[  299.802190]  ? find_held_lock+0x36/0x1c0
[  299.806265]  ? lock_downgrade+0x8e0/0x8e0
[  299.810427]  ? lock_release+0xa10/0xa10
[  299.814415]  ? check_same_owner+0x320/0x320
[  299.818747]  ? rcu_note_context_switch+0x710/0x710
[  299.823687]  ? __might_sleep+0x95/0x190
[  299.827675]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  299.832703]  ? __vma_link_rb+0x26d/0x370
[  299.836782]  copy_process.part.38+0x4be7/0x6e90
2018/05/15 13:07:23 executing program 2:

[  299.841480]  ? __cleanup_sighand+0x70/0x70
[  299.845723]  ? find_held_lock+0x13f/0x1c0
[  299.849880]  ? print_usage_bug+0xc0/0xc0
[  299.853947]  ? lock_downgrade+0x8e0/0x8e0
[  299.858105]  ? unlock_page+0x1d0/0x2b0
[  299.862004]  ? debug_check_no_locks_freed+0x310/0x310
[  299.867791]  ? print_usage_bug+0xc0/0xc0
[  299.871860]  ? filemap_map_pages+0xcd4/0x1870
[  299.876373]  ? debug_check_no_locks_freed+0x310/0x310
[  299.881575]  ? find_get_entries_tag+0x10a0/0x10a0
[  299.886429]  ? __lock_acquire+0x7f5/0x5140
2018/05/15 13:07:23 executing program 2:

[  299.890672]  ? debug_check_no_locks_freed+0x310/0x310
[  299.895889]  ? print_usage_bug+0xc0/0xc0
[  299.899960]  ? graph_lock+0x170/0x170
[  299.903772]  ? lock_acquire+0x1dc/0x520
[  299.907749]  ? __fdget_pos+0x1a9/0x1e0
[  299.911644]  ? graph_lock+0x170/0x170
[  299.915461]  ? __lock_acquire+0x7f5/0x5140
[  299.919710]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  299.925253]  ? _parse_integer+0x13b/0x190
[  299.929409]  ? graph_lock+0x170/0x170
[  299.933220]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  299.938761]  ? _kstrtoull+0x180/0x230
2018/05/15 13:07:23 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

[  299.942571]  ? _parse_integer+0x190/0x190
[  299.946725]  ? graph_lock+0x170/0x170
[  299.950530]  ? lock_release+0xa10/0xa10
[  299.954511]  ? check_same_owner+0x320/0x320
[  299.958837]  ? find_held_lock+0x36/0x1c0
[  299.962906]  ? graph_lock+0x170/0x170
[  299.966713]  ? lock_downgrade+0x8e0/0x8e0
[  299.970870]  ? find_held_lock+0x36/0x1c0
[  299.974948]  ? lock_downgrade+0x8e0/0x8e0
[  299.979105]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  299.984648]  ? proc_fail_nth_write+0x96/0x1f0
[  299.989150]  ? proc_cwd_link+0x1d0/0x1d0
[  299.993226]  ? find_held_lock+0x36/0x1c0
[  299.997298]  _do_fork+0x291/0x12a0
[  300.000847]  ? fork_idle+0x1a0/0x1a0
[  300.004570]  ? __lock_is_held+0xb5/0x140
[  300.008654]  ? __sb_end_write+0xac/0xe0
[  300.012641]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  300.018179]  ? fput+0x130/0x1a0
[  300.021465]  ? ksys_write+0x1a6/0x250
[  300.025271]  ? __ia32_sys_read+0xb0/0xb0
[  300.029338]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  300.034889]  __x64_sys_clone+0xbf/0x150
[  300.038864]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  300.043883]  do_syscall_64+0x1b1/0x800
[  300.047776]  ? finish_task_switch+0x1ca/0x840
[  300.052281]  ? syscall_return_slowpath+0x5c0/0x5c0
[  300.057224]  ? syscall_return_slowpath+0x30f/0x5c0
[  300.062166]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  300.067533]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  300.072475]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  300.077662] RIP: 0033:0x455a09
[  300.080856] RSP: 002b:00007f899b091c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  300.088565] RAX: ffffffffffffffda RBX: 00007f899b0926d4 RCX: 0000000000455a09
[  300.095820] RDX: 0000000020000580 RSI: 0000000020000480 RDI: 0000000000004000
[  300.103082] RBP: 000000000072bea0 R08: 0000000020000600 R09: 0000000000000000
[  300.110341] R10: 00000000200005c0 R11: 0000000000000246 R12: 0000000000000013
[  300.117591] R13: 0000000000000052 R14: 00000000006f4850 R15: 0000000000000061
2018/05/15 13:07:24 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = gettid()
prctl$setptracer(0x59616d61, r0)
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r1=>0x0})
r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/nat_icmp_send\x00', 0x2, 0x0)
accept4$vsock_stream(r2, &(0x7f0000000100)={0x28, 0x0, 0x2710, @reserved=0x1}, 0x10, 0x0)
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r1+30000000}}, &(0x7f0000040000))
tkill(r0, 0x1000000000016)
ioctl$sock_ipx_SIOCSIFADDR(r2, 0x8916, &(0x7f0000000140)={'gre0\x00', {0x4, 0x8, 0x4, "c1bd92f71c41", 0x1}})

2018/05/15 13:07:24 executing program 2:

2018/05/15 13:07:24 executing program 1:
shutdown(0xffffffffffffffff, 0x1)
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
bind$inet6(0xffffffffffffffff, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r0, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:07:24 executing program 4:
bpf$MAP_CREATE(0x2e0, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:24 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c460000000000000000001f000004000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:24 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
vmsplice(r1, &(0x7f0000000280)=[{&(0x7f0000000180)="72738a8ca0103a8050319bd5c3645dac96d8a4b09c6a96a60447999fbb82adb8b6a0dd621e074b4957d21d9c7a9501a210cbba993e3e825196c0b72d92995cc24856f57a15222ad22fb974be03ee92556e811fac264e66473b49e9ef10fd0ac208ad7628dcae917b42d922c87567c50249c4ffbbaac93a3671633f8a8d5861b36a72b0c3ceccf354a98469b368840f0e4f8878e26f2b9350217f0d754e1784a13206086875bdf01a3f2377146c22102b3d05931dd281c724b71413708209bfe47df99febc629bee427518e7354be1385b7329e1f380b561fb07f6229f25818bfce90d20da9663a895346e8756955a7891fdcf6f62fb505d0875434d6dccd98", 0xff}], 0x1, 0x4)

2018/05/15 13:07:24 executing program 0 (fault-call:0 fault-nth:98):
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))

2018/05/15 13:07:24 executing program 5:
pipe(&(0x7f0000000300)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = msgget(0x2, 0x21a)
msgrcv(r2, &(0x7f00000001c0)={0x0, ""/165}, 0xad, 0x3, 0x3800)
write(r1, &(0x7f0000000440)="37516adcb25966855f90f74daae2acd2fd62963237dbc124bc4a21ceb1f9cc0c579ceec07d2052316d98d082f8b205550a6628984c2c4d91c44bc025b81414b47da031c66426e98bdb168065f71075f2eb254b3b8d6330b2a09b7d42013012b40f81c1824429936af5485597dc0f5a13ff91112618202ef9ca82b27007a629e8a14f9066a0bf5eedf887735251d300e52580f2bf3ed09c1c577ebe8e736a107f7de6730f863f19d1b07f8e6f0509b33f17b16f16661534c9b691bd140a73dcfbbbdfab559defa3119232459f513b9e3da3b7bc57d40c3ecc4ec2d7387f3b18f9557592870f9645543ee8b6740a0972f702bd0cd5c0f005a3ec4caf63fefd7f279206f20b79cd6e454e961d3c804eada4a9e40c32d0f79d0f70700a1ae74d32e6c2f25c7a6b0aa1a757a2ac4cfa97ecc4f1854942c66bf0bd1c7dd3cc57de2a011017362f3b98b4d92665771d8fe50d18f8faa55c3e2f20259f8957056831d1c1b5bf7d69b04eaa819c801ecc1f4fb5a9772086e5c8ea7902354a67d64557", 0x17e)
read(r0, &(0x7f00000000c0)=""/250, 0x142297bb)
r3 = getpid()
perf_event_open(&(0x7f0000000280)={0x5, 0x70, 0x1, 0x5, 0x1b9, 0x7, 0x0, 0x7f, 0x100, 0x6, 0x81, 0x8, 0x1, 0x9, 0xffffffff, 0x9e08, 0x582, 0x7f, 0x6, 0x0, 0x8, 0x4, 0x7, 0x3, 0x2, 0x8, 0x9, 0x4, 0x8, 0x5, 0x0, 0x4, 0x3f, 0x81, 0x2, 0x6, 0x4, 0x401, 0x0, 0x7, 0x3, @perf_bp={&(0x7f0000000000), 0xe}, 0x0, 0xfffffffffffff801, 0xffffffffffffc546, 0x4, 0x6, 0x3, 0x6a1b}, r3, 0xe, r1, 0x2)
socketpair$packet(0x11, 0x0, 0x300, &(0x7f0000000080))
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000040)={0xf1d, 0x8, 0xffffffffffffff80, 0x8, 0x209cd90d, 0x7ff, 0x7fff, 0x3, 0x400, 0x1db, 0xffffffffffffff2f}, 0xfffffe89)
fcntl$setpipe(r0, 0x407, 0x3a3)
r4 = add_key$user(&(0x7f0000000640)='user\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00000003c0)="84d1ae2a27f12d5b5bcd0d4fd89e075a445a9e720323f829d346bc1870de6d0987f782cdd70386bd3ade622b2b16982921ff6e5a1c129cc6ae673f2bd9ca4780708434028683c3233d2edba0389e4da23265c560fb3eed68fda14e7bf3d86fa1b382da14268f0bda829f9b38e42b5adde9f8ca8847705cf080167282d482", 0xf9, 0xfffffffffffffff9)
r5 = add_key$keyring(&(0x7f00000005c0)='keyring\x00', &(0x7f0000000600)={0x73, 0x79, 0x7a, 0x1}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$unlink(0x9, r4, r5)

[  300.641391] FAULT_INJECTION: forcing a failure.
[  300.641391] name failslab, interval 1, probability 0, space 0, times 0
[  300.652771] CPU: 1 PID: 18822 Comm: syz-executor0 Not tainted 4.17.0-rc5+ #51
[  300.660055] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  300.669418] Call Trace:
[  300.672017]  dump_stack+0x1b9/0x294
[  300.675666]  ? dump_stack_print_info.cold.2+0x52/0x52
[  300.680880]  ? __save_stack_trace+0x7e/0xd0
[  300.685224]  should_fail.cold.4+0xa/0x1a
[  300.689307]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  300.694427]  ? graph_lock+0x170/0x170
[  300.699076]  ? kasan_slab_alloc+0x12/0x20
[  300.703237]  ? kmem_cache_alloc+0x12e/0x760
[  300.707572]  ? copy_process.part.38+0x2d37/0x6e90
[  300.712424]  ? _do_fork+0x291/0x12a0
[  300.716147]  ? __x64_sys_clone+0xbf/0x150
[  300.720305]  ? graph_lock+0x170/0x170
[  300.724118]  ? find_held_lock+0x36/0x1c0
[  300.728189]  ? __lock_is_held+0xb5/0x140
[  300.732275]  ? check_same_owner+0x320/0x320
[  300.736607]  ? rcu_note_context_switch+0x710/0x710
2018/05/15 13:07:24 executing program 2:

2018/05/15 13:07:24 executing program 4:
bpf$MAP_CREATE(0x2ef2030000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:24 executing program 1:
r0 = socket$inet6(0xa, 0x0, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:07:24 executing program 2:

[  300.741549]  __should_failslab+0x124/0x180
[  300.745856]  should_failslab+0x9/0x14
[  300.749689]  kmem_cache_alloc+0x2af/0x760
[  300.753855]  ? __vma_link_rb+0x26d/0x370
[  300.757925]  copy_process.part.38+0x2d37/0x6e90
[  300.762619]  ? __cleanup_sighand+0x70/0x70
[  300.766867]  ? find_held_lock+0x13f/0x1c0
[  300.771036]  ? print_usage_bug+0xc0/0xc0
[  300.775105]  ? lock_downgrade+0x8e0/0x8e0
[  300.779260]  ? unlock_page+0x1d0/0x2b0
[  300.783161]  ? debug_check_no_locks_freed+0x310/0x310
2018/05/15 13:07:24 executing program 4:
bpf$MAP_CREATE(0xdc03000000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:24 executing program 2:

[  300.788361]  ? print_usage_bug+0xc0/0xc0
[  300.792432]  ? filemap_map_pages+0xcd4/0x1870
[  300.796946]  ? debug_check_no_locks_freed+0x310/0x310
[  300.802142]  ? find_get_entries_tag+0x10a0/0x10a0
[  300.806993]  ? __lock_acquire+0x7f5/0x5140
[  300.811240]  ? debug_check_no_locks_freed+0x310/0x310
[  300.816452]  ? print_usage_bug+0xc0/0xc0
[  300.820526]  ? graph_lock+0x170/0x170
[  300.824336]  ? lock_acquire+0x1dc/0x520
[  300.828312]  ? __fdget_pos+0x1a9/0x1e0
[  300.832204]  ? graph_lock+0x170/0x170
[  300.836017]  ? __lock_acquire+0x7f5/0x5140
2018/05/15 13:07:24 executing program 2:

[  300.840267]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  300.845811]  ? _parse_integer+0x13b/0x190
[  300.849972]  ? graph_lock+0x170/0x170
[  300.853786]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  300.859332]  ? _kstrtoull+0x180/0x230
[  300.863141]  ? _parse_integer+0x190/0x190
[  300.867300]  ? graph_lock+0x170/0x170
[  300.871106]  ? lock_release+0xa10/0xa10
[  300.875088]  ? check_same_owner+0x320/0x320
[  300.879443]  ? find_held_lock+0x36/0x1c0
[  300.883512]  ? graph_lock+0x170/0x170
[  300.887323]  ? lock_downgrade+0x8e0/0x8e0
[  300.891482]  ? find_held_lock+0x36/0x1c0
[  300.895561]  ? lock_downgrade+0x8e0/0x8e0
[  300.899723]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  300.905268]  ? proc_fail_nth_write+0x96/0x1f0
[  300.909773]  ? proc_cwd_link+0x1d0/0x1d0
[  300.913857]  ? find_held_lock+0x36/0x1c0
[  300.917927]  _do_fork+0x291/0x12a0
[  300.921483]  ? fork_idle+0x1a0/0x1a0
[  300.925206]  ? __lock_is_held+0xb5/0x140
[  300.929290]  ? __sb_end_write+0xac/0xe0
[  300.933275]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  300.938829]  ? fput+0x130/0x1a0
2018/05/15 13:07:24 executing program 2:

[  300.942123]  ? ksys_write+0x1a6/0x250
[  300.945942]  ? __ia32_sys_read+0xb0/0xb0
[  300.950105]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  300.955664]  __x64_sys_clone+0xbf/0x150
[  300.959656]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  300.964704]  do_syscall_64+0x1b1/0x800
[  300.968603]  ? finish_task_switch+0x1ca/0x840
[  300.973112]  ? syscall_return_slowpath+0x5c0/0x5c0
[  300.978054]  ? syscall_return_slowpath+0x30f/0x5c0
[  300.983000]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  300.988381]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  300.993248]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  300.998442] RIP: 0033:0x455a09
[  301.001631] RSP: 002b:00007f899b091c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  301.009345] RAX: ffffffffffffffda RBX: 00007f899b0926d4 RCX: 0000000000455a09
[  301.016610] RDX: 0000000020000580 RSI: 0000000020000480 RDI: 0000000000004000
[  301.023873] RBP: 000000000072bea0 R08: 0000000020000600 R09: 0000000000000000
[  301.031150] R10: 00000000200005c0 R11: 0000000000000246 R12: 0000000000000013
[  301.038429] R13: 0000000000000052 R14: 00000000006f4850 R15: 0000000000000062
2018/05/15 13:07:24 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x3)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
socketpair$inet6(0xa, 0x5, 0xb3b, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
setsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r0, 0x84, 0x12, &(0x7f0000000100)=0x1ff, 0x4)
r1 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)=<r2=>0x0)
clock_gettime(0x0, &(0x7f00000000c0))
clock_gettime(0x0, &(0x7f0000000200)={<r3=>0x0, <r4=>0x0})
timer_settime(r2, 0x1, &(0x7f0000000080)={{r3, r4+30000000}, {0x77359400}}, &(0x7f00000001c0))
tkill(r1, 0x1000000000016)

2018/05/15 13:07:24 executing program 5:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
read(r0, &(0x7f00000000c0)=""/250, 0x142297bb)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r1, 0x84, 0x10, &(0x7f0000000000)=@assoc_value={<r2=>0x0, 0xfffffffffffffc00}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(r0, 0x84, 0x5, &(0x7f00000001c0)={r2, @in={{0x2, 0x4e20, @multicast2=0xe0000002}}}, 0x84)

2018/05/15 13:07:24 executing program 4:
bpf$MAP_CREATE(0x52020000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:24 executing program 2:

2018/05/15 13:07:24 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000012000004000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:24 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(0xffffffffffffffff, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:07:24 executing program 0 (fault-call:0 fault-nth:99):
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))

2018/05/15 13:07:24 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
vmsplice(r1, &(0x7f0000000280), 0x0, 0x4)

[  301.549071] FAULT_INJECTION: forcing a failure.
[  301.549071] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  301.561016] CPU: 1 PID: 18863 Comm: syz-executor0 Not tainted 4.17.0-rc5+ #51
[  301.568299] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  301.577662] Call Trace:
[  301.580270]  dump_stack+0x1b9/0x294
[  301.583920]  ? dump_stack_print_info.cold.2+0x52/0x52
[  301.589133]  should_fail.cold.4+0xa/0x1a
[  301.593221]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  301.598333]  ? graph_lock+0x170/0x170
[  301.602151]  ? find_held_lock+0x36/0x1c0
[  301.606223]  ? __lock_is_held+0xb5/0x140
[  301.610310]  ? check_same_owner+0x320/0x320
[  301.614644]  ? rcu_note_context_switch+0x710/0x710
[  301.619597]  ? __might_sleep+0x95/0x190
[  301.623582]  __alloc_pages_nodemask+0x34e/0xd70
[  301.628261]  ? print_usage_bug+0xc0/0xc0
[  301.632334]  ? __alloc_pages_slowpath+0x2db0/0x2db0
[  301.637362]  ? graph_lock+0x170/0x170
[  301.641166]  ? find_held_lock+0x36/0x1c0
[  301.645241]  ? __lock_is_held+0xb5/0x140
2018/05/15 13:07:25 executing program 2:

2018/05/15 13:07:25 executing program 4:
bpf$MAP_CREATE(0x27bf4, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:25 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(0xffffffffffffffff, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

[  301.649313]  ? __sanitizer_cov_trace_const_cmp2+0x18/0x20
[  301.654862]  alloc_pages_current+0x10c/0x210
[  301.659283]  pte_alloc_one+0x1b/0x120
[  301.663093]  __pte_alloc+0x2a/0x340
[  301.666736]  copy_page_range+0x1655/0x24b0
[  301.671009]  ? __pmd_alloc+0x530/0x530
[  301.674909]  ? __save_stack_trace+0x7e/0xd0
[  301.679245]  ? save_stack+0xa9/0xd0
[  301.682878]  ? graph_lock+0x170/0x170
[  301.686688]  ? kasan_slab_alloc+0x12/0x20
[  301.690841]  ? kmem_cache_alloc+0x12e/0x760
2018/05/15 13:07:25 executing program 4:
bpf$MAP_CREATE(0xc203000000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

[  301.695168]  ? copy_process.part.38+0x2d37/0x6e90
[  301.700014]  ? _do_fork+0x291/0x12a0
[  301.703729]  ? __x64_sys_clone+0xbf/0x150
[  301.707884]  ? graph_lock+0x170/0x170
[  301.711699]  ? find_held_lock+0x36/0x1c0
[  301.715779]  ? lock_downgrade+0x8e0/0x8e0
[  301.719936]  ? lock_release+0xa10/0xa10
[  301.723917]  ? check_same_owner+0x320/0x320
[  301.728244]  ? rcu_note_context_switch+0x710/0x710
[  301.733177]  ? anon_vma_fork+0x130/0x950
[  301.737254]  ? __might_sleep+0x95/0x190
[  301.741245]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
2018/05/15 13:07:25 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(0xffffffffffffffff, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

[  301.746272]  ? __vma_link_rb+0x26d/0x370
[  301.750347]  copy_process.part.38+0x4be7/0x6e90
[  301.755044]  ? __cleanup_sighand+0x70/0x70
[  301.759289]  ? find_held_lock+0x13f/0x1c0
[  301.763444]  ? print_usage_bug+0xc0/0xc0
[  301.767511]  ? lock_downgrade+0x8e0/0x8e0
[  301.771771]  ? unlock_page+0x1d0/0x2b0
[  301.775676]  ? debug_check_no_locks_freed+0x310/0x310
[  301.780874]  ? print_usage_bug+0xc0/0xc0
[  301.784942]  ? filemap_map_pages+0xcd4/0x1870
[  301.789458]  ? debug_check_no_locks_freed+0x310/0x310
[  301.794657]  ? find_get_entries_tag+0x10a0/0x10a0
2018/05/15 13:07:25 executing program 4:
bpf$MAP_CREATE(0x2000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

[  301.799505]  ? __lock_acquire+0x7f5/0x5140
[  301.803750]  ? debug_check_no_locks_freed+0x310/0x310
[  301.808960]  ? print_usage_bug+0xc0/0xc0
[  301.813024]  ? graph_lock+0x170/0x170
[  301.816835]  ? lock_acquire+0x1dc/0x520
[  301.820810]  ? __fdget_pos+0x1a9/0x1e0
[  301.824701]  ? graph_lock+0x170/0x170
[  301.828508]  ? __lock_acquire+0x7f5/0x5140
[  301.832764]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  301.838306]  ? _parse_integer+0x13b/0x190
[  301.842465]  ? graph_lock+0x170/0x170
2018/05/15 13:07:25 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x0)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:07:25 executing program 4:
bpf$MAP_CREATE(0x8a020000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

[  301.846274]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  301.851814]  ? _kstrtoull+0x180/0x230
[  301.855619]  ? _parse_integer+0x190/0x190
[  301.859777]  ? graph_lock+0x170/0x170
[  301.863585]  ? lock_release+0xa10/0xa10
[  301.867567]  ? check_same_owner+0x320/0x320
[  301.871898]  ? find_held_lock+0x36/0x1c0
[  301.875970]  ? graph_lock+0x170/0x170
[  301.879784]  ? lock_downgrade+0x8e0/0x8e0
[  301.883945]  ? find_held_lock+0x36/0x1c0
[  301.888022]  ? lock_downgrade+0x8e0/0x8e0
[  301.892183]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  301.897724]  ? proc_fail_nth_write+0x96/0x1f0
[  301.902223]  ? proc_cwd_link+0x1d0/0x1d0
[  301.906296]  ? find_held_lock+0x36/0x1c0
[  301.910364]  _do_fork+0x291/0x12a0
[  301.913914]  ? fork_idle+0x1a0/0x1a0
[  301.917635]  ? __lock_is_held+0xb5/0x140
[  301.921708]  ? __sb_end_write+0xac/0xe0
[  301.925698]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  301.931237]  ? fput+0x130/0x1a0
[  301.934523]  ? ksys_write+0x1a6/0x250
[  301.938329]  ? __ia32_sys_read+0xb0/0xb0
[  301.942397]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  301.947950]  __x64_sys_clone+0xbf/0x150
[  301.951930]  ? trace_hardirqs_on_caller+0x421/0x5c0
[  301.956952]  do_syscall_64+0x1b1/0x800
[  301.960846]  ? finish_task_switch+0x1ca/0x840
[  301.965353]  ? syscall_return_slowpath+0x5c0/0x5c0
[  301.970295]  ? syscall_return_slowpath+0x30f/0x5c0
[  301.975237]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  301.980614]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  301.985463]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  301.990651] RIP: 0033:0x455a09
[  301.993839] RSP: 002b:00007f899b091c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  302.001557] RAX: ffffffffffffffda RBX: 00007f899b0926d4 RCX: 0000000000455a09
[  302.008831] RDX: 0000000020000580 RSI: 0000000020000480 RDI: 0000000000004000
[  302.016102] RBP: 000000000072bea0 R08: 0000000020000600 R09: 0000000000000000
[  302.023376] R10: 00000000200005c0 R11: 0000000000000246 R12: 0000000000000013
[  302.030651] R13: 0000000000000052 R14: 00000000006f4850 R15: 0000000000000063
2018/05/15 13:07:26 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f0000000000), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = gettid()
socketpair$packet(0x11, 0x2, 0x300, &(0x7f00000000c0))
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
r1 = add_key$keyring(&(0x7f0000000200)='keyring\x00', &(0x7f0000000240)={0x73, 0x79, 0x7a, 0x0}, 0x0, 0x0, 0xfffffffffffffffe)
add_key$user(&(0x7f0000000100)='user\x00', &(0x7f0000000140)={0x73, 0x79, 0x7a, 0x3}, &(0x7f0000000180)="845289c793018457daddc773b7a6f8f72df5396397fba82dd8c0e4fe9e17839a1c2c3bde60613f0984fdbe162c1701c45859f3c995dedcb8185ff7139afc76cec0", 0x41, r1)
clock_gettime(0x0, &(0x7f0000000300)={0x0, <r2=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r2+30000000}}, &(0x7f0000040000))
get_mempolicy(&(0x7f0000000280), &(0x7f00000002c0), 0x80, &(0x7f0000ffe000/0x2000)=nil, 0x4)
tkill(r0, 0x1000000000013)

2018/05/15 13:07:26 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x0)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:07:26 executing program 4:
bpf$MAP_CREATE(0xd2110000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:26 executing program 2:

2018/05/15 13:07:26 executing program 0:
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))

2018/05/15 13:07:26 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000001600000004000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:26 executing program 5:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$SNDRV_CTL_IOCTL_PVERSION(r1, 0x80045500, &(0x7f0000000000)=""/15)
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
read(r0, &(0x7f00000000c0)=""/250, 0x142297bb)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000040)='tls\x00', 0x4)

2018/05/15 13:07:26 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
vmsplice(r1, &(0x7f0000000280), 0x0, 0x4)

2018/05/15 13:07:26 executing program 2:

2018/05/15 13:07:26 executing program 4:
bpf$MAP_CREATE(0xf601, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:26 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000104000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:26 executing program 4:
bpf$MAP_CREATE(0xc601000000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:26 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x0)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:07:26 executing program 2:

2018/05/15 13:07:26 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000001204000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:26 executing program 2:

2018/05/15 13:07:27 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r1=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r1+30000000}}, &(0x7f0000040000))
r2 = socket$pptp(0x18, 0x1, 0x2)
ioctl$sock_SIOCINQ(r2, 0x541b, &(0x7f0000000000))
tkill(r0, 0x1000000000016)

2018/05/15 13:07:27 executing program 4:
bpf$MAP_CREATE(0xb4c10000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:27 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000001100000004000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:27 executing program 0:
clone(0x508300, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))

2018/05/15 13:07:27 executing program 2:

2018/05/15 13:07:27 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(0xffffffffffffffff, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:07:27 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x94000, 0x0)
getgroups(0x8, &(0x7f0000000040)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, <r1=>0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff])
ioctl$TUNSETGROUP(r0, 0x400454ce, r1)
pipe(&(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
write(r3, &(0x7f00000001c0), 0xfaa8a4c0)
read(r2, &(0x7f00000000c0)=""/250, 0x142297bb)
fcntl$setpipe(r2, 0x407, 0x9476fdd)

2018/05/15 13:07:27 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
vmsplice(r1, &(0x7f0000000280), 0x0, 0x4)

2018/05/15 13:07:27 executing program 0:
clone(0x2000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))

2018/05/15 13:07:27 executing program 2:

2018/05/15 13:07:27 executing program 4:
bpf$MAP_CREATE(0x164, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:27 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, 0xffffffffffffffff)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:07:27 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000200000004000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:27 executing program 2:

2018/05/15 13:07:27 executing program 4:
bpf$MAP_CREATE(0x5ce40300, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:27 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(0xffffffffffffffff, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:07:28 executing program 3:
futex(&(0x7f0000000000)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r1=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r1+30000000}}, &(0x7f0000040000))
socketpair$inet6(0xa, 0xa, 0x2, &(0x7f0000000100)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
getsockopt$inet_sctp_SCTP_MAXSEG(0xffffffffffffff9c, 0x84, 0xd, &(0x7f0000000140)=@assoc_id=<r3=>0x0, &(0x7f0000000180)=0x4)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={0xffffffffffffffff, 0x2, 0x1, 0x3941, &(0x7f0000000200)=[0x0, 0x0, 0x0, 0x0], 0x4}, 0x20)
ioctl$KVM_GET_DEVICE_ATTR(r4, 0x4018aee2, &(0x7f00000002c0)={0x0, 0x5, 0x4, &(0x7f0000000280)=0x3})
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r2, 0x84, 0x77, &(0x7f00000001c0)=ANY=[@ANYRES32=r3, @ANYBLOB="8600040045010100ee0dd101"], 0x10)
tkill(r0, 0x1000000000016)

2018/05/15 13:07:28 executing program 2:

2018/05/15 13:07:28 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000500000004000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:28 executing program 4:
bpf$MAP_CREATE(0x3a020000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:28 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(0xffffffffffffffff, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:07:28 executing program 0:
clone(0x4008, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))

2018/05/15 13:07:28 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
vmsplice(r1, &(0x7f0000000280)=[{&(0x7f0000000180)}], 0x1, 0x4)

2018/05/15 13:07:28 executing program 5:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
read(r0, &(0x7f00000000c0)=""/250, 0x142297bb)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
setsockopt$inet6_mtu(r1, 0x29, 0x17, &(0x7f0000000000)=0x1, 0x4)

2018/05/15 13:07:28 executing program 2:

2018/05/15 13:07:28 executing program 4:
bpf$MAP_CREATE(0x3cb30200, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:28 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000204000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:28 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(0xffffffffffffffff, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:07:28 executing program 2:
r0 = syz_open_dev$tun(&(0x7f0000000080)='/dev/net/tun\x00', 0x0, 0x2)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000100)={"627f5ebd000007000000000000007600", 0x1000000040004013})
write$tun(r0, &(0x7f0000001500)={@pi, @hdr={0x0, 0x84, 0x0, 0x38}, @ipv6={0x0, 0x6, "8bb258", 0x30, 0x0, 0x0, @dev={0xfe, 0x80}, @local={0xfe, 0x80, [], 0xaa}, {[], @icmpv6=@param_prob={0x4, 0x0, 0x0, 0x0, {0x0, 0x6, "a179da", 0x0, 0x0, 0x0, @loopback={0x0, 0x1}, @ipv4={[], [0xff, 0xff], @loopback=0x7f000001}}}}}}, 0x66)

2018/05/15 13:07:28 executing program 4:
bpf$MAP_CREATE(0xda02, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:28 executing program 0:
pipe2(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
setsockopt$inet6_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f0000000240)={0x303, 0x33}, 0x1c9)
timerfd_settime(r0, 0x1, &(0x7f0000000080)={{0x77359400}, {0x77359400}}, &(0x7f00000000c0))
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))
ioctl$EVIOCGBITSW(r1, 0x80404525, &(0x7f0000000100)=""/104)
ftruncate(r1, 0x3eff)

2018/05/15 13:07:28 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000001f04000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:29 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
ioctl$sock_SIOCGPGRP(0xffffffffffffff9c, 0x8904, &(0x7f0000000280)=<r0=>0x0)
r1 = openat$audio(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio\x00', 0x380, 0x0)
perf_event_open(&(0x7f0000000200)={0x7, 0x70, 0x20b, 0xfffffffffffffffa, 0x2, 0x1, 0x0, 0x667, 0x10804, 0xb, 0x100000000, 0x480000000, 0x0, 0x8, 0x547, 0xdd43, 0x8, 0x7fff, 0x9, 0x100000001, 0xffff, 0x0, 0xffffffff00000001, 0x1, 0x8, 0x2, 0x52, 0x7, 0x1, 0x3, 0x1, 0xfff, 0xc7, 0x9, 0x1, 0x100, 0x4, 0x8, 0x0, 0x100000000, 0x6, @perf_config_ext={0x1, 0x4}, 0x2000, 0x8, 0xc00000000, 0x4, 0x200, 0xfcd8, 0x3}, r0, 0x3, r1, 0x2)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
r3 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x200000, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(r3, 0xc02c5341, &(0x7f0000000100))
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r4=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r4+30000000}}, &(0x7f0000040000))
tkill(r2, 0x1000000000016)
ioctl$SNDRV_TIMER_IOCTL_INFO(r3, 0x80e85411, &(0x7f0000000180)=""/115)

2018/05/15 13:07:29 executing program 2:
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
r1 = socket(0xa, 0x1, 0x0)
ioctl(r1, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f")
syz_emit_ethernet(0x2a, &(0x7f000070aef1)={@broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], @empty=[0x0, 0x0, 0x14], [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff, 0xbb}, @broadcast=0xffffffff}, @udp={0x0, 0x4e20, 0x8}}}}}, 0x0)
recvfrom(r0, &(0x7f00000000c0)=""/251, 0xfb, 0xfb, &(0x7f0000000000)=@nfc_llcp={0x27, 0x0, 0x0, 0x0, 0x0, 0x0, "8df0d47434cdbcd50af760189e41d163f0fc8a3fcd8091d7e462359ba12143866e68a9028c2ccc7c1fc5ae13c3f188e2e7d7b8b4d32be094067b9571df0821"}, 0x80)

2018/05/15 13:07:29 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:07:29 executing program 4:
bpf$MAP_CREATE(0x78ba0100, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:29 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000005000004000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:29 executing program 0:
r0 = add_key(&(0x7f0000000000)='syzkaller\x00', &(0x7f0000000040)={0x73, 0x79, 0x7a, 0x2}, 0x0, 0x0, 0xfffffffffffffff8)
keyctl$get_security(0x11, r0, &(0x7f0000000080)=""/233, 0xe9)
keyctl$negate(0xd, r0, 0x0, r0)
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))

2018/05/15 13:07:29 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
vmsplice(r1, &(0x7f0000000280)=[{&(0x7f0000000180)}], 0x1, 0x4)

2018/05/15 13:07:29 executing program 5:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f0000000200)="721ef6611d090000002d7800006fb066cd788604ed0ef34ec79286674a0157e2d8f5ca221f4dcf126464a293229c21e7640739e9181f00000405e632addbcc03800077", 0x43)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f0000000000)='tls\x00', 0x4)
read(r1, &(0x7f0000000380)=""/250, 0xfa)
fcntl$setpipe(r0, 0x407, 0x9476fe0)

2018/05/15 13:07:29 executing program 4:
bpf$MAP_CREATE(0x58dd, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:29 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:07:29 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000404000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:29 executing program 2:
r0 = socket$inet6(0xa, 0x2, 0x0)
sendmmsg(r0, &(0x7f0000002000)=[{{&(0x7f0000000080)=@in={0x2, 0xc67a}, 0x80, &(0x7f0000000240), 0x0, &(0x7f0000000280)}}, {{&(0x7f0000001c00)=@in={0x2, 0x0, @broadcast=0xffffffff}, 0x7, &(0x7f0000001e40), 0x0, &(0x7f0000000100)}}], 0x2, 0x0)

2018/05/15 13:07:29 executing program 5:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp\x00', 0x101000, 0x0)
write$binfmt_aout(r0, &(0x7f00000001c0)={{0x1cf, 0x2, 0x7b, 0x21f, 0x3dd, 0x400000000008, 0xcd, 0xf3}, "60bda8a9451333ebb69086b27dd583437c1e3facb905729c465a614adb5466f50b28cdad4220386298448cd0545c618fd01433b0d6cc58bf8e3a63f39fb7b2e71ebe071be889d20e700ccdcac0bcd2084138eacbd713255cc913ce1c99bc06f8bec5f085ca74067ad2c888a0774356293e89cee7"}, 0x94)
pipe(&(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f00000001c0), 0xfaa8a4c0)
setsockopt$inet_mreqsrc(r2, 0x0, 0x2d, &(0x7f00000002c0)={@dev={0xac, 0x14, 0x14, 0xe}, @local={0xac, 0x14, 0x14, 0xaa}, @rand_addr=0x8}, 0xc)
read(r1, &(0x7f00000000c0)=""/250, 0x100000000)
fcntl$setpipe(r0, 0x407, 0x9476fe3)
ioctl$sock_ipx_SIOCAIPXITFCRT(r2, 0x89e0, &(0x7f0000000300)=0x9)
ioctl$TIOCGWINSZ(r1, 0x5413, &(0x7f0000000280))
sendfile(r2, r1, &(0x7f0000000000), 0x8)

2018/05/15 13:07:29 executing program 4:
bpf$MAP_CREATE(0x3e45c, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:29 executing program 0:

2018/05/15 13:07:29 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000001104000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:30 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r1=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r1+30000000}}, &(0x7f0000040000))
r2 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0x1000, 0x400)
r3 = syz_open_dev$usbmon(&(0x7f0000000100)='/dev/usbmon#\x00', 0x1, 0x40300)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(r3, 0xc08c5335, &(0x7f0000000180)={0x20, 0x29e2, 0xe, 'queue0\x00', 0x3f})
ioctl$ION_IOC_ALLOC(r2, 0xc0184900, &(0x7f0000000140)={0x0, 0x4, 0x1, r3})
tkill(r0, 0x1000000000016)

2018/05/15 13:07:30 executing program 5:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
read(r0, &(0x7f00000000c0)=""/250, 0x142297bb)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x10000, 0x0)

2018/05/15 13:07:30 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
vmsplice(r1, &(0x7f0000000280)=[{&(0x7f0000000180)}], 0x1, 0x4)

2018/05/15 13:07:30 executing program 2:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00006cdfa8)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00004f7000)="649c47ad46390d006dc80000009d4d54", 0x10)
r1 = dup(r0)
r2 = accept4$alg(r1, 0x0, 0x0, 0x0)
sendmmsg(r2, &(0x7f0000002140)=[{{&(0x7f0000000100)=@sco={0x1f}, 0x80, &(0x7f00000002c0), 0x0, &(0x7f0000000540)}}, {{0x0, 0x0, &(0x7f00000009c0), 0x0, &(0x7f0000000a00)=[{0xc, 0x117}], 0xc}}], 0x2, 0x0)

2018/05/15 13:07:30 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:07:30 executing program 4:
bpf$MAP_CREATE(0x2aeb000000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:30 executing program 0:
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))
r0 = socket$netlink(0x10, 0x3, 0xf)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r0, 0x10e, 0x5, &(0x7f0000000000)=0x9, 0x4)

2018/05/15 13:07:30 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000001604000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:30 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:07:30 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000304000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:30 executing program 2:
bpf$PROG_LOAD(0x5, &(0x7f0000008000)={0x0, 0x1, &(0x7f0000001fe8)=ANY=[@ANYBLOB="00908d6d446d7018db"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0xc3, &(0x7f0000009f3d)=""/195}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x5, &(0x7f0000001fd8)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x25}, [@ldst={0x7}], {0x95}}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195}, 0x48)

2018/05/15 13:07:30 executing program 4:
bpf$MAP_CREATE(0xeee3010000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:30 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:07:30 executing program 2:
r0 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_int(r0, 0x0, 0x1f, &(0x7f00000000c0)=0x9, 0xfffffd1b)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000469ffc)=0x7fe, 0x4)
sendto$inet(r0, &(0x7f0000edf000), 0x0, 0x0, &(0x7f0000cd2ff0)={0x2, 0x4e20}, 0x10)

2018/05/15 13:07:30 executing program 4:
bpf$MAP_CREATE(0xe6ba0300, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:30 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000015000004000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:31 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r1=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r1+30000000}}, &(0x7f0000040000))
r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x40000, 0x0)
getsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffff9c, 0x84, 0x0, &(0x7f0000000100)={<r3=>0x0, 0x4, 0x1ff, 0x9}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r2, 0x84, 0x1b, &(0x7f0000000200)=ANY=[@ANYRES32=r3, @ANYBLOB="05220000b28b69fac3adbf946b6db223f7a72a989ec57175b17a66585d81b2bd99e706003a7df4"], &(0x7f00000001c0)=0x11)
tkill(r0, 0x1000000000016)

2018/05/15 13:07:31 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
vmsplice(r1, &(0x7f0000000280)=[{&(0x7f0000000180)="72738a8ca0103a8050319bd5c3645dac96d8a4b09c6a96a60447999fbb82adb8b6a0dd621e074b4957d21d9c7a9501a210cbba993e3e825196c0b72d92995cc24856f57a15222ad22fb974be03ee92556e811fac264e66473b49e9ef10fd0ac208ad7628dcae917b42d922c87567c50249c4ffbbaac93a3671633f8a8d5861b3", 0x80}], 0x1, 0x4)

2018/05/15 13:07:31 executing program 5:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = getpgrp(0xffffffffffffffff)
r3 = getpgrp(0x0)
kcmp(r2, r3, 0x0, r1, r0)
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
read(r0, &(0x7f00000000c0)=""/250, 0x142297bb)
fcntl$setpipe(r0, 0x407, 0x9476fe0)

2018/05/15 13:07:31 executing program 0:
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))
pipe2(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80800)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r1, 0xc0505405, &(0x7f0000000040)={{0x2, 0x2, 0xffffffff00000000, 0x0, 0x8}, 0x3, 0x7, 0x3})
getsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(r0, 0x84, 0x8, &(0x7f00000000c0), &(0x7f0000000100)=0x4)

2018/05/15 13:07:31 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:07:31 executing program 4:
bpf$MAP_CREATE(0x2e9e0300, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:31 executing program 2:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup.net\x00', 0x200002, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
fallocate(r1, 0x11, 0x0, 0x10000)

2018/05/15 13:07:31 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000001400000004000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:31 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:07:31 executing program 4:
bpf$MAP_CREATE(0x10020000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:31 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000001500000004000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:31 executing program 2:
bpf$MAP_CREATE(0xc203000000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:31 executing program 4:
bpf$MAP_CREATE(0x11a, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:31 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000001404000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:31 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:07:31 executing program 0:
r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000080)='/dev/null\x00', 0x88000, 0x0)
r1 = openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000280)='memory.low\x00', 0x2, 0x0)
r2 = socket$inet_icmp(0x2, 0x2, 0x1)
r3 = syz_open_dev$sg(&(0x7f00000002c0)='/dev/sg#\x00', 0x100000000, 0x0)
syz_open_dev$amidi(&(0x7f0000000440)='/dev/amidi#\x00', 0x5, 0x400000)
r4 = socket$can_bcm(0x1d, 0x2, 0x2)
r5 = syz_open_dev$sndpcmp(&(0x7f0000000300)='/dev/snd/pcmC#D#p\x00', 0xf53, 0x40)
ioctl$KVM_GET_LAPIC(r5, 0x8400ae8e, &(0x7f0000000600)={"41093ec3d809671491e1d18b13e9f884a2c088c03dfa3172ea5549bc9c149a746abe963f1bcd67fe9fec196f9140485097b5d9f4dfac0b691a7423ad3fcfad8a439a7f163668ffc553aab0ce5752761ac817f6238ec158b06fc925313a9d33590c749b357e1589692995f1a924f91ed2eb86b206320120f8120711e68ba3355c6ec1fa9ae2f0c2554a2eff9b797eb65afcbec993e7321c3eafa557cd55ebce530f114f006ad3ab3e18fc39e6ecc8dae3370a9fa79f19142d9f80664385bfea8b1630c6c488be3288a4d2ad45af713cf446ee8b2c9a7d533c0174d58d8a163ab38b120b87cdc82eabf71f8d950800b1727f94f0f049b2b21cc73ba6f7f8134a50a9e5a598fa1ba20f74a8f6533abdcf7667ff0126aad70f276e185be097b9a18cf6df9708dad23619f55068337ae9524540785532081da6aa4e70daeae9ca86b829135950880fd4234922b30e859dac500fd8888e582286df06dfc75e3b0c9696c88c6734ebe220f98b9b574453144dbd0283923d74461061422dfe3d98d88d9132abf20e7accffaa8b7a138e8ad6e3eec1fb1625b0148d08dd24975540cf47c4a5871d8aca6c84047e2196015b47cdc44df85d279251c471703b0654da937ae62f908d085990e53b40962abbf062aa39b9fa2295261edab0c747990854b63063e7effa3308845b4bc04304d716e4b1b02947b8b3cb0e12e93c7801bec7c3432d83d9deec3cccef5a4f2d580b2c6fb7bdef5f794e0a8b0c558797cb78c4a29936e9532c3b70813b6d2f7d3e6f5c536037cf90efa3fb11d9cedaa03cae39c4d14eead35c5795e6d10f26978358052f73869470e8f82b57ffb6ae53d78d82dceaed5a4d9b6198bf3617c1d76bda4734913957514da42e1c540b4ed558f459ee89b87c98c3ae0bdb44b04e5c9c8f7de02925460b9fd2ba85361a1faf28535d3861268941124c8eb0d9e0b28ef3eea8b6ea10dc9baaac4b231df3cea352d19f8ea1d939e92edc3d1cbaed0762e42b4ef966656de297bf0a7a89f743517db65f26bf19fab3940586e87425dfc7e212860a112d22b182e16625c20af117105ac3e437c0c178482287764d2ae6755eed87a2a67b3822817e0650fa8fdbb670ddca17faceeeb524010d3d13b12834dd7aea0197e0247580c6b9c3be3de2050ac8859606eb49da18bd6c2abdd1ee683645aeeb3650e3dbc3a50a4703994acd8e7b6b4f7f1d6b3909e214ce67735fa5a6114b525352ed5c734638a7e7a52f1cb70294e8c08718ef5927776536495cb709d2ddab33c930d1cbcbcbb18592202846865a04985238a05c28e18ea87f3dd2bdaef1098870fe12d06a6e148fdfc07aec2ffa3e4db29d43d0958e6c1ca88f25e7a6e5ed4ca35dcb26a2224d7dfd1b05a07d04db8b98115ff0118c0925147256df078c4215801410d8441a14f0524a761c22e2cecfb6"})
r6 = syz_open_dev$sndctrl(&(0x7f0000000340)='/dev/snd/controlC#\x00', 0xff8000000000, 0xc0000)
r7 = inotify_init1(0x80800)
r8 = syz_open_dev$urandom(&(0x7f0000000380)='/dev/urandom\x00', 0x0, 0x0)
sendmmsg$unix(r0, &(0x7f0000000400)=[{&(0x7f00000000c0)=@abs={0x1, 0x0, 0x4e20}, 0x6e, &(0x7f0000000240)=[{&(0x7f0000000140)="02bef7e47cc8edbdbc3c74f087ccea1cbbab2897974b5d64af4f3f12d22aade4952f0a00e6c952247bc74084c66b4985e35b1f1abef7e7e6ff05c05987790f0ba6b894713cd77f19943ce8826613e9bd4c3daacb0e969cc801d8424fd0edd17a394670", 0x63}, {&(0x7f00000001c0)="a377932f2718e0073fead85edca28494ed0e42eb1ddf408c1cad6db54320adc44f3dc8535fa1db2c8e1f22dab08aa8771da13ec7fad7d904684cefb494725fbf6c5b739afe8992680c7ca34a3fb9658c552b16319d4588d96856a556c90e4a8a5fc0378552e84072f0a98df2e1f5f9e94bd791e7f0c63222091bf4", 0x7b}], 0x2, &(0x7f00000003c0)=[@rights={0x30, 0x1, 0x1, [r1, r2, r3, r4, r5, r6, r7, r8]}], 0x30, 0x4000004}], 0x1, 0x20000000)
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))
r9 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x80, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_NAMED_QUEUE(r9, 0xc08c5336, &(0x7f0000000480)={0x100000000, 0x3, 0x2, 'queue1\x00', 0x4})
setsockopt$inet_sctp_SCTP_AUTH_CHUNK(r9, 0x84, 0x15, &(0x7f0000000040)={0x5}, 0x1)

2018/05/15 13:07:32 executing program 3:
futex(&(0x7f0000000200)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
r0 = memfd_create(&(0x7f0000000000)='@\x00', 0x2)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r0, 0x402c5342, &(0x7f0000000100)={0x2, 0x7e70, 0x80000001, {0x77359400}, 0x9, 0x4})
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r1 = gettid()
timer_create(0x7, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r2=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r2+30000000}}, &(0x7f0000040000))
socketpair$ipx(0x4, 0x2, 0x0, &(0x7f00000001c0))
tkill(r1, 0x1000000000016)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000180)='/dev/vhost-vsock\x00', 0x2, 0x0)

2018/05/15 13:07:32 executing program 5:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0)="20c4a95c7fa42223906b05ed47d5b63aeeed574de0b607ea8f594680bf8d06c167e1adab67b3eed13284e640b4e666d7efe90d8be56da6db7ded74350dc1075627409fa239a59992f412b8ebd3cc181fe58f57ab024595870416c4863d0860b8796887fbe8e7510b0201e0bf2e488c94d1e0ecc494ad7ce18d0d2ee2a563fdd985351cce208886beb59b38d5d307ae18891dce1240c39e076d3329cc6f5c03602351a7b69fb4569052f667199a9a21f12624b7b2b78e887cf3e3ef5fcac9d3b88577570bbd1957f479df755f6541401d778b", 0x3b5385d7)
read(r0, &(0x7f00000000c0)=""/250, 0x142297bb)
fcntl$setpipe(r0, 0x407, 0x9476fe0)

2018/05/15 13:07:32 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
vmsplice(r1, &(0x7f0000000280)=[{&(0x7f0000000180)='r', 0x1}], 0x1, 0x4)

2018/05/15 13:07:32 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x2b, 0x0, &(0x7f00000001c0)="dd40f82cd67eaffc51f8062ec117de0c201b986bf0568051f363ca7538b6fefff84a17a0586f10058f820f"})

2018/05/15 13:07:32 executing program 4:
bpf$MAP_CREATE(0x10a6000000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:32 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:07:32 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000011000004000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:32 executing program 0:
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))
r0 = creat(&(0x7f0000000000)='./file0\x00', 0x1c)
ioctl$PIO_CMAP(r0, 0x4b71, &(0x7f0000000040)={0x81, 0x3, 0xc1e, 0x10001, 0x101, 0x3})

2018/05/15 13:07:32 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x7, &(0x7f0000000040), 0x4)

[  309.167562] binder: 19244:19246 got reply transaction with no transaction stack
[  309.175129] binder: 19244:19246 transaction failed 29201/-71, size 0-0 line 2763
2018/05/15 13:07:32 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000001200000004000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:32 executing program 2 (fault-call:1 fault-nth:0):
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:07:32 executing program 4:
bpf$MAP_CREATE(0xfc000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

[  309.241866] binder: undelivered TRANSACTION_ERROR: 29201
[  309.297422] FAULT_INJECTION: forcing a failure.
[  309.297422] name failslab, interval 1, probability 0, space 0, times 0
[  309.308773] CPU: 0 PID: 19267 Comm: syz-executor2 Not tainted 4.17.0-rc5+ #51
[  309.316061] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  309.325422] Call Trace:
[  309.328025]  dump_stack+0x1b9/0x294
[  309.331675]  ? dump_stack_print_info.cold.2+0x52/0x52
[  309.336875]  ? debug_check_no_locks_freed+0x310/0x310
[  309.342255]  should_fail.cold.4+0xa/0x1a
2018/05/15 13:07:32 executing program 0:
clone(0x4000, &(0x7f00000000c0)="dd20ad37462f8ee3cc7e13fa49ef26fe08f219ba2ac1c80072f9a252c6a2d8baeb220d6e7de588136e2124ee0a2a1e6bb4e5883d1ef4a0a51997e4c7741516226e8c1455f420901808935439503410ea98654397affa1d9c8d2860b19dc1ab2aa4804cb6ce8a2dc220b8877fe04457d31460408adcf6e2bd9a73682aa52b50b62c5434638b77a503ebe8feb2e3776b7ee71a41946fa5c83c207a327d67fdcc59b8951e5e2d00d2a3b132ab96c39baa3d42ed699ec2265d67f5f3f5a3e03d65c4d9cddfab525eec87706bdef8e37f58b8fa436ae26ee7fbdcf72f38ef204a181833e867f6b9a285355598e3cf8ca3bbd187ff8e4b665c17d132940dcda2dad4c33c4347873052000fad0d1f00979141a105e5f708a77c25155aada0af6d51ddab40ce516c887e093680a3d201000000a1e7955181d24c23e7a5086c4bc5adb225e050a886b1f71c2d3711aa5ce0696b30c5ff7ff721227920de142ecd00ddf9603232a8b4360c79b81fec9b35ebf666cc03ad55e754a3fc7926ab92de2ee43f31e0ac10114a5b6d6e2fe81d24138f945d125f64e82cd32287baf7ecc838d6", &(0x7f0000000280), &(0x7f00000002c0), &(0x7f0000000080))

[  309.346333]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  309.351462]  ? print_usage_bug+0xc0/0xc0
[  309.355545]  ? graph_lock+0x170/0x170
[  309.359356]  ? find_get_entries_tag+0x10a0/0x10a0
[  309.364213]  ? find_held_lock+0x36/0x1c0
[  309.368306]  ? check_same_owner+0x320/0x320
[  309.372699]  ? rcu_note_context_switch+0x710/0x710
[  309.377647]  __should_failslab+0x124/0x180
[  309.381898]  should_failslab+0x9/0x14
[  309.385713]  kmem_cache_alloc_trace+0x2cb/0x780
[  309.390395]  ? do_raw_spin_lock+0xc1/0x200
2018/05/15 13:07:32 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x0, &(0x7f0000000040), 0x4)

[  309.394647]  ? _raw_spin_unlock+0x22/0x30
[  309.398811]  binder_get_thread+0x241/0x860
[  309.403058]  ? binder_open+0x920/0x920
[  309.406956]  ? graph_lock+0x170/0x170
[  309.410772]  ? check_same_owner+0x320/0x320
[  309.415103]  ? _parse_integer+0x190/0x190
[  309.419266]  ? rcu_note_context_switch+0x710/0x710
[  309.424216]  ? __might_sleep+0x95/0x190
[  309.428207]  binder_ioctl+0x255/0x13fd
[  309.432109]  ? binder_ioctl_write_read.isra.41+0xaf0/0xaf0
[  309.437749]  ? lock_downgrade+0x8e0/0x8e0
[  309.441917]  ? kasan_check_read+0x11/0x20
[  309.446078]  ? rcu_is_watching+0x85/0x140
[  309.450238]  ? rcu_bh_force_quiescent_state+0x20/0x20
[  309.455466]  ? __fget+0x40c/0x650
[  309.458929]  ? match_held_lock+0x841/0x8b0
[  309.463189]  ? expand_files.part.8+0x9a0/0x9a0
[  309.467783]  ? kasan_check_write+0x14/0x20
[  309.472030]  ? __mutex_unlock_slowpath+0x180/0x8a0
[  309.477059]  ? wait_for_completion+0x870/0x870
[  309.481654]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  309.486851]  ? binder_ioctl_write_read.isra.41+0xaf0/0xaf0
[  309.492489]  do_vfs_ioctl+0x1cf/0x16a0
2018/05/15 13:07:32 executing program 1 (fault-call:5 fault-nth:0):
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:07:32 executing program 4:
bpf$MAP_CREATE(0x2a2, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

[  309.496392]  ? ioctl_preallocate+0x2e0/0x2e0
[  309.500811]  ? fget_raw+0x20/0x20
[  309.504274]  ? __sb_end_write+0xac/0xe0
[  309.508261]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  309.513803]  ? fput+0x130/0x1a0
[  309.517087]  ? ksys_write+0x1a6/0x250
[  309.520899]  ? security_file_ioctl+0x94/0xc0
[  309.525321]  ksys_ioctl+0xa9/0xd0
[  309.528788]  __x64_sys_ioctl+0x73/0xb0
[  309.532732]  do_syscall_64+0x1b1/0x800
[  309.536632]  ? finish_task_switch+0x1ca/0x840
[  309.541142]  ? syscall_return_slowpath+0x5c0/0x5c0
[  309.546084]  ? syscall_return_slowpath+0x30f/0x5c0
[  309.551029]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  309.556409]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  309.561264]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  309.566459] RIP: 0033:0x455a09
[  309.569650] RSP: 002b:00007ffa5366ac68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  309.577367] RAX: ffffffffffffffda RBX: 00007ffa5366b6d4 RCX: 0000000000455a09
[  309.584642] RDX: 0000000020000200 RSI: 00000000c0306201 RDI: 0000000000000013
[  309.591917] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  309.599193] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014
[  309.606467] R13: 000000000000019c R14: 00000000006f6740 R15: 0000000000000000
[  309.623721] binder: 19266:19267 ioctl c0306201 20000200 returned -12
2018/05/15 13:07:33 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
sigaltstack(&(0x7f0000ffe000/0x2000)=nil, &(0x7f0000000000))
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r1=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r1+30000000}}, &(0x7f0000040000))
tkill(r0, 0x1000000000016)

2018/05/15 13:07:33 executing program 4:
bpf$MAP_CREATE(0xcc010000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:33 executing program 0:
clone(0x3ffd, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))

2018/05/15 13:07:33 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000300000004000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:33 executing program 2 (fault-call:1 fault-nth:1):
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:07:33 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:07:33 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
vmsplice(r1, &(0x7f0000000280)=[{&(0x7f0000000180)}], 0x1, 0x4)

2018/05/15 13:07:33 executing program 5:
pipe(&(0x7f0000001180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
read(r0, &(0x7f00000000c0)=""/250, 0x142297bb)
fcntl$setpipe(r0, 0x407, 0x9476fe0)

2018/05/15 13:07:33 executing program 0:
pipe(&(0x7f0000000100)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r0, 0xc04c5349, &(0x7f0000000140)={0x8, 0xd4a5, 0x2a83})
pipe2(&(0x7f0000000040)={<r1=>0xffffffffffffffff}, 0x80000)
fsetxattr(r1, &(0x7f0000000080)=@known='com.apple.system.Security\x00', &(0x7f00000000c0)='\x00', 0x1, 0x1)
clone(0x4000, &(0x7f0000000480), &(0x7f0000000000), &(0x7f00000005c0), &(0x7f0000000600))

2018/05/15 13:07:33 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:07:33 executing program 4:
bpf$MAP_CREATE(0xfc00000000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

[  310.284148] binder: 19306:19308 got reply transaction with no transaction stack
[  310.291735] binder: 19306:19308 transaction failed 29201/-71, size 0-0 line 2763
2018/05/15 13:07:33 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000001504000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

[  310.351980] binder: 19318:19319 got reply transaction with no transaction stack
[  310.359606] binder: 19318:19319 transaction failed 29201/-71, size 0-0 line 2763
2018/05/15 13:07:33 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0x5451, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:07:33 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1300, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:07:33 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000504000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:33 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0x5452, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:07:34 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
r0 = syz_open_dev$adsp(&(0x7f0000000000)='/dev/adsp#\x00', 0x7f, 0x800)
mkdirat$cgroup(r0, &(0x7f0000000100)='syz1\x00', 0x1ff)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r1 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r2=>0x0})
process_vm_readv(r1, &(0x7f0000001200)=[{&(0x7f0000000140)=""/153, 0x99}, {&(0x7f0000000200)=""/4096, 0x1000}], 0x2, &(0x7f00000023c0)=[{&(0x7f0000001240)=""/119, 0x77}, {&(0x7f00000012c0)=""/244, 0xf4}, {&(0x7f00000013c0)=""/4096, 0x1000}], 0x3, 0x0)
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r2+30000000}}, &(0x7f0000040000))
tkill(r1, 0x1000000000016)

2018/05/15 13:07:34 executing program 4:
bpf$MAP_CREATE(0xe002, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:34 executing program 0:
r0 = open(&(0x7f0000000000)='./file0\x00', 0x400, 0xf1c0b439b9b1ae3f)
getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000080)={{{@in6=@mcast1, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0}}, {{@in=@loopback}, 0x0, @in=@dev}}, &(0x7f0000000180)=0xe8)
ioctl$TUNSETOWNER(r0, 0x400454cc, r1)
setsockopt$inet_dccp_int(r0, 0x21, 0xf, &(0x7f0000000040)=0x1, 0x4)
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))

2018/05/15 13:07:34 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000014000004000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:34 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0046209, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:07:34 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x24, &(0x7f0000000040), 0x4)

2018/05/15 13:07:34 executing program 5:
socketpair$inet(0x2, 0x3, 0x2, &(0x7f0000000040)={<r0=>0xffffffffffffffff})
pipe(&(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f00000001c0), 0xfaa8a4c0)
read(r1, &(0x7f00000000c0)=""/250, 0x142297bb)
setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0x7, &(0x7f0000000000)={0xa994, 0x5, 0x7f, 0x5}, 0x10)
fcntl$setpipe(r1, 0x407, 0x9476fe0)
accept(r0, &(0x7f00000001c0)=@in6={0x0, 0x0, 0x0, @local}, &(0x7f0000000240)=0x80)

2018/05/15 13:07:34 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
vmsplice(r1, &(0x7f0000000280)=[{&(0x7f0000000180)}], 0x1, 0x4)

2018/05/15 13:07:34 executing program 4:
bpf$MAP_CREATE(0x68, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:34 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306202, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:07:34 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000003000004000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:34 executing program 4:
bpf$MAP_CREATE(0x7202000000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

[  311.353891] binder: 19382:19383 ioctl c0306202 20000200 returned -22
2018/05/15 13:07:34 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0xe, &(0x7f0000000040), 0x4)

2018/05/15 13:07:34 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000002000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:34 executing program 0:
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))
r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000080)='/dev/urandom\x00', 0xa00, 0x0)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f00000000c0)=<r1=>0x0)
syz_open_procfs$namespace(r1, &(0x7f0000000040)='ns/ipc\x00')
setsockopt$IP_VS_SO_SET_TIMEOUT(r0, 0x0, 0x48a, &(0x7f0000000140)={0x0, 0xa, 0x6}, 0xc)
getsockname$inet6(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, @local}, &(0x7f0000000100)=0x1c)

2018/05/15 13:07:34 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306253, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

[  311.488486] binder: 19397:19398 ioctl c0306253 20000200 returned -22
[  311.553735] sock: process `syz-executor1' is using obsolete setsockopt SO_BSDCOMPAT
2018/05/15 13:07:35 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r1=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r1+30000000}}, &(0x7f0000040000))
tkill(r0, 0x1000000000016)
syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0x0, 0x800)

2018/05/15 13:07:35 executing program 5:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
read(r0, &(0x7f00000000c0)=""/250, 0x142297bb)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
getsockopt$netrom_NETROM_T1(r0, 0x103, 0x1, &(0x7f0000000000), &(0x7f0000000040)=0x4)

2018/05/15 13:07:35 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
vmsplice(r1, &(0x7f0000000280)=[{&(0x7f0000000180)}], 0x1, 0x4)

2018/05/15 13:07:35 executing program 4:
bpf$MAP_CREATE(0x2601, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:35 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000001000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:35 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306212, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:07:35 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x1b, &(0x7f0000000040), 0x4)

2018/05/15 13:07:35 executing program 0:
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f0000000000)={0x7, {{0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x16}}}}, 0x88)

2018/05/15 13:07:35 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0x40049409, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

[  312.298227] binder: 19426:19427 ioctl c0306212 20000200 returned -22
2018/05/15 13:07:35 executing program 4:
bpf$MAP_CREATE(0x1401, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:35 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000005000004000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:35 executing program 0:
r0 = dup(0xffffffffffffff9c)
accept(r0, &(0x7f00000071c0)=@ipx, &(0x7f0000007240)=0x80)
sendmmsg$alg(r0, &(0x7f0000006fc0)=[{0x0, 0x0, &(0x7f00000017c0)=[{&(0x7f0000000000)="bb71a7d58ae27201d0eb7acc8367d621a75d6bf89256380cbaae4b0f23e828c707862741850c8ade264af490242a88544ad563be70f1d1a9eb367d3a42c9b9a69625dbc6c795a883d68471b74c5ab2f310b9d9d031cbe168f8279d91d89824244ec89932f859ff511547161f3e1b9c3edbe89dad33513f4c1ebfa66eff1524411e9c8a0c00a5e22256196a58fbe7cc6b5c3884b89dc3209b53c940fa338f900f6daa278c6014ef4dbf95739964d6df8fb211b5c910332ff545f0ffa4c80ac38431f3a1c6f9467322512557c8cefade27bd2fd21d459b010b2de1bda6205c5d273143d2bb72374a9cfa1fa7c4df3695f5115118b127dde261882a", 0xfa}, {&(0x7f0000000100)="8a0f5db8dd41492293909b2354b2a621ea4ce3cf0acdbb0243f8115b1ff4ff0a61e17a3686908a3e1b1a1130f982e721a82bd36eab09814635264b7b011dca2d0224039d8e8918c4d5f23a6cefb394e5ebd45a84221bf890e495020886fd04eda66f4f2de79ecd47effcf1200e3f0f653f6d22434ec3f4ed27b9211b45d3c78e75e8ceae7e5694f4d49ffc8860ba3f48ca3fb756274283e250bfa399b56213661e6787", 0xa3}, {&(0x7f00000001c0)="3486d0404dc104cd0234f1227be62a6fb08237729af74dfce81becb06d5c2f4990b9634d8bcaef0d6889b8b138f6cb0170516cd459604a4522f0ec942aa8098c753504fb3fe9e5531f6cd1121a6feea6c4343ecd125630a242a6d264a0973a215c58156079", 0x65}, {&(0x7f0000000240)="6f30cf137e79efcf875717a8f1ad7576b46fce7a1fc1628bf030f529cc3d7b96385ca92ba18994c6e61f89a1aaa3e662d7e069bc846a94705050b8a508aa124039ae410d870dab5d920d202f3a4cb40ee42d5fafe80ecf16f6c9f182735797d2f401c987557d90f68b5296609d2709acce594e324e683429c976047af9b29747653a64ecb9fe3d1984e11505e5a549e8bedef5811283e64d7b02094b78f943791e261a5fc0d15b97d43f05b79b22b6b92c6b940c8a479f35f208e27a9071ec0c9512085a074cac3817e73eecb58dd8e9aeb4d689ced57914688c7c5212b77cb763af7aebd360950542102dd2c7", 0xed}, {&(0x7f0000000340)="3daf941a9f60a229dd99ce509552bc5f15c616db0ba8442f494cd6266948906f96dd6fd5981d41fd20c2281d11ef64d0c69b0b379c74fee81fbac24d3ac4cd48a977f602c987ffb1c609b8dafcd9f53fe0827fa548f21a60a5c16902e083ea0b9a6ae351cb1de4c6889edb2fb3bfd66f08c08a4f49fccbdedae3b1cb357b84b3b6c7f30b2b69cfb316861591b27bae57022fb57af65e21d6df334abc39a0442d99642f676710bd9bcca29ca6eaf82012399c53c3e0566c0808697393ede17a02ca772214c1ce10ff4335a186f4b48d42c4f83bd1d47aad8aeef8", 0xda}, {&(0x7f0000000440)="0933b28d32e05ca17e43d6fb2a8facdb128cb21539a3eefda0c8852ba056ec6fcc11b5513119771599535a7bfb3ac8e06e1f8820a840e3863c1b47cd998d1c05c2304a0a5bfee1028c79057379d9053a73f4137f7dfe662886d0130dfe901495f26b4faf16e98cf7cbc61d087494efc6497aaeb29cc9e3c715e4f7ed578a3ef6a80f3026e222285109e88a5482021a7f635ad3d77bcb3af7d0440cb44ee0b6842160354c24778f046f0a5e56cf0ad9db9872f71aeb12711fadb4fd96993510b73c5661112fe39872fe61f2922630ecf0c5e4b3856747a53dee74bb1a2dd9c2cbe137ac2ff766fb03acef2582fed25bf60645784df6cb", 0xf6}, {&(0x7f0000000600)="693e5f068a95cc02241cbe39101d466e1f3cafd65364fc61efbccbfaf26c45485a7c80ef7f0ca4b2c1b8d59ad41798700f24afd3a7a25f37e7c6552e6f5734d6d66baef14f3a3f807c90d5424c14d4f01083ba7cbfa2709796341d579f6d063b0ad9253e8b6017f2ef00cdfc2e31d4f0f65c4a28758b0d66a7aae70712c66377cb2c5c234a85c2c28e6555eb6230e38328b80dd48725dad449656e46ecf9fd34fa4e18d3a1582883c7", 0xa9}, {&(0x7f00000006c0)="6ab5eba0d21412412c7676fdc8738531fbe82faf2b796ef37e11915714a065baa091e2153aa6ac65c3a052100c9131964193ae89e06519c198549032cc73aff04def4a98715bd33b44b90909768bb7a6b5ef81b644ff77cdff65b09e90728af82f15ead66c1339f2768da0277f7dd374c169c6983dcc41128f0a9e21360234e9655e22d4ac5917184d921cb28eaae2cb0e3627db79c67b2cb83d1a364d1961c820a5916cf5a5e76af127f1c1343509d29a3a88e5a86bbd0da875a79879cb48c14f38fc0f847fe0d44f", 0xc9}, {&(0x7f00000007c0)="3c2a7fa116079f1d2e75b97c88eb7f61fad9785cfb192089dcfdca25a8575d136530e11785fe2b45b6209e7085a662a32b9d049370ca44cdfc89adffc191ada7939c78db7346681c1327a2281f40bd8b0cef33c33548e574277bf2977667130158a08e4e18576a75a92b1e9d99bc4ede48b91bc1577863bc0092c9ef6e439a6e0f962647876c19294268b567878924708d2ad7c004cb2d7f86254f5dce9d0a3f8b360369a4e4428609832011d08cac9d5863d5dee5a3a40138979fbfd339bff68ee61ab5ba50ac0460c3211432462655e894c55711c275312a8768ecfe2b8a98113c9392afbeebe73bd63405edf487f4f3e650f343e3b781f604e51a94610d710888369742b4bc7d456901ffd0545c71eafde3543cea1e388d3d99684f2f8ede99e2a0cd8b6b715560b3687917f7929d93e2c0b759d2120036c7a459ec4448d23ac1d122ea10384a090663d23d4df1c599829d45d7a2773d0c0a83ed5194cccaf1b39a1bca470e48ecf2a74ebac0ecd5c3e706e3397a884df8d1e32c7220e228b3921e8a08437261f1fae1e1c20f9cc3f1d789f0b13c57b9fc577af794fe00223801b008bcedfbdcaa009342dcdf2e61532b9bbe0a35c658c1b02f85d570debcaae9956b1f79522de29db0615727c9f2c302960a03a99b4475bb965d59eb4f30cb744b6c0d01442b762afe36ec64db282983c68bc1c4a9c2534f0f267c7a94ae7371b9c4b4aca950bfc345f7a99fff2ea70bbd20fca1d790299e81194d62710f0094dfae637211fab153b9c6208c4ac42cb24468ee31fddd4b069ad26a3fe954d1c8eb9351945af7a9a185b10161ebe14c050a9371220c47cf89e737220b842def1824b34c77bfa6b3c5870cd8d0f5c7a469109534ebd1ea46b6184fa618d45205a5ff8be165c03e6d974168d3d4c40ec5b8268e554c116eeb9efaa27270b6306069b2fd361a586be19f7f993851890c126cc4e550a16223579d970aaaefe08702e17ab41574aa7083e04dc942234e2775c6abece4833553c0ab8c1ea5f296d988ea4a1d761cd3ddad2b231ee67e5cdd5aa23550383a80ca51c688ccd3f6a3675e2cec6a70044ab3467360dfb22818ec12484f9f6758aee2e75f82193069968e15c2c07771a8a637534bb3b35f73b85aa3c6ecf071d8a43c81193fb8f1ab255b00bf44f327d91839b37f0c87c6f233dd3a21bc2f76091651fc8ebb19130fd3f469829c4d482da051b0d088b78c7e7d6e2bd36d609d6baf4de34c2dd63b66af8fa944379c01a540329dae2f2f4739b56734c65c585ef366f60611f02ead1ca6fecf97da119e8d971b754e7138f0643550b3fdaf8a9fae586475658cd02e041c7bc0ac878e2d5eea4e16ffeb52cb96c4a46f08c5b32f9dc1a342660cbfea254b01ba9450b33056e4264da18d4f2d41b687b112dafc59ced6d0342822b71de7a194de0babf13d33172acae50964ac0258f693faeaf6a0375c0b6376f9355091e4c2d6a7b46f18ba86907f97c0da40f95c5990abcdc3210ced1bf3eaa80d9fafa383ceef33faf1b5041a6680502b1ccdd34edfc64b06b8d19c6b88c3a688025ba0a74ef4e570db2059d614418665b9133d7b0027a298ef1fbdcaf032e9d51afd8d7e030b82d0d3af6661a09d134e63862bdb41edac25cefe828b3937809a6f318d86302059aeedb9eb10988bc3f29099fdf204da2a4b34abd466a45c86944374922568d7b0fc015f540b2afd7165a024cbc0e5d142bc7afe4931052e4f926b9fe9ca496e94a619efdc2e3a83cfdf94ae3310b9e022a50042c5cfc5474400bfe47216f163101016b239b76fb4c25a09a7f4b301a2f0fc93a0566fc762efb3538c895ad80daf006b4ba7e0ebb13f3c589eb85a88829498f24d0d463c0cb665cdd7d3e543dac844e0f5ea9a4616088f8bfb8cfe26033f6b34727f55e1ef4d2322bf34327bcc31bc0a0284e2dfe8a359b01b47b2f09e934dc989034135975ab6cf4fa1533dc19e134195571115a3e54949d2583144f0fcf3a877ece87be05504fa88e22b9b85e0d4ffe737360b45bf478ca20ec8a8ec4fd0b8040ae79e54a5d601638e6774a1287379d4fd85362d131213c1e3bdf8d5384e67b1ac385858d3adcc4fb375051c6e4362ba31e6df355e97cb20071d90a6c7f39a7fe6e3402bb27cfc3aad03a893f1c133975e3a1d37803464f5342513a0eeafbf6f17af1cfb85f05f2523b46089311e5a7eee6c6eb3b5ba4a1731f8639dc1de9e2ceeea47f8712a61a4a072eed935c5efd6745be8c95ce4a7835e84f71dd72212b6c51fc369cd26762c906b09d1f57d9f4c9c4a3aea53f9257ab6c72d66c3d2f3670ee858d91ef3ea95dd1e5aa40dab084f1a83d8f5719bb02ba832fe0a85c0202eb04afbbdb085f9ed55262078eaeea8ad925369cb0c72d1ced7c1f2e68b99a59c53bff9b1cdc2a22d495dbc8e5d2bf112da1e2824b95eea3fde8e8e173a1792379eedb720032d10a13fe7c87aa60bfdce124dd56ba73733f72bf462b2423d41e5466a1e60d0cdc859a7373eea55b4ac858f7e6e031d4315f92cb2ded3df256c08fd0396a3cbc3a9f71a9dfdc49cef0f137a41ac8e6126142be60886a245ab1ca4aff49bbe46215933e17a66f843dacd7b5b296d16d805d995b55a53117f3608b4a63aa32cca1cc819994fe8072eedd44c6e34d485c3d7ce6ae0910efacd881df5bb64ad2a9da686afd58ed4dc662e1d9b47fa9a98157791a3f066a0ee3dfff91596568f8e5b3e728310ec0dc64f65b50bc9f761044c3c8085ec7c295fe41f6028027342b6ee2e310601528e24a3959b297f33a89c0b7eddeae03afb50db26b4f45310b583db88ad8b921c4f2d2b7bacea48b4919d6a4dff68d284d8c56e4f82e9b68d2e2b70a1c01523c67a43864224791b52afdda85d70d72250248dbb0db9b66d2ed213da1fa6a461a154064659fa6a8d3431aab6de858db41373351204a1bc4bd399803b2d76c8a0eb24f4e5a8664e8a8f29f9551241615172202decde5ab45e9b552093d43f87985dee44d3b3cd66efc37123612f11fd3eadf0d6b7ed5cebfb8b30597523fdf11f401a3f1828070c622a1863e4e7beb7a8392c95ba045b0c858ef30bc2761c3216df40d6b32cd66e717f20ec7202c2d1080809e4e9611c7a2a8c602f2ac36911f1f64d1edd836cfd733d5d95b014a9e8cd2eb851f696fcaa12d70cc78ff513bb093ade09fce376ce772c05271e8bb456bd9027d4ed4baa5d3544714122633b558ff2fcc3b316fc143c1f583b9d426f97d715ad05dc2cde783815047da04b8aba35dede81b8ac2093d596538c72c55e8532efb98e1dd9919857455535d8c77fc4747d8d194010d2b309213e40b76f24a1bc029e6731278dadb8a9eff9c61d6ce9998f5d76e29864ea33cc9f7263a9ce6c397630ce6a40bbcb6a86673ce70a262b9a3b728cc6c700d72ca819917f8a4ee3f9a5e360eb35ccb600fde85f843e1ba0320f326f708880b636f3a4cb119c0cd18c69f1c00cbce17ca814acea083b1b5c21f01038d1bdae8aaffe112406f92d49a2fff01ba7fb7927612167fb3b37c37e77a20b1f7f143244a5ac70213f21990322a9291b08f5f90d2507bb6166910fc543cb577639a25673549648be7da3e927d2b851e1e2133fff887ed54769cf4870e9653a509b78555dabe1b10ffb7d366bf4302fb9a86da174a48a192f152050f0a2811ce40acac3da4ce8e3bf82d82f51484d42fb69c3f98841384dafe177854868374624a956a0a9ff6886985636f58e39bd1d18849b4fd11906e07a920a4d2f0e8e7c762764aa49ff9b301e1b6c97da3f0d71849167834caac52855bef653eecf1e9ac908518357452af63d71c69f6c12533c1e4eca3dde528b1438a05123a42e7baec473d922d0401a370d1919385a0911c7c7252ea8a915df58874703ea4c8abc3e0943ae07db517a844ce3f9ef6bb8a338c524db21b8d298b833985b54afe2637fdd48de646a8c45f32e63286217cd4caf40d8551d81ffb5c57381e7b4da1d1fd72f644e10b23ce614865b13b8169fa2b730e798236835b7a941050f393fa6d23a2b9d1e3b19a1aab238bbc9770e81ca560a30b427f81ebe2a0622bd2ebe434510f51265d836a89973eaf1510f5c5d163c235187ced9be03e626e3e1f12a6d183fd5c5a42f24686c93533ff0907f1fc81c9a4fb9fd028e54d009e59b310c58cc27b294631a8d6ee906e0c4e39810f16d85ccf096fe3c003523bd5bddb039fc6fc91fb7b2b570abf2fe77e16ebe5d1b5f4918042ea48d56a8571f183f45d3967b9e8d8f2606d5522f71d81295e6e3f26d1c293e106508d939d9098bfe99217aea13a94ea49157ab7764c9cfa42ce119d4238b99295b0c7e382ffb6a7f848308dd8581fd86e0cc7f11d9cb6caf3057d90e3b7f2ade7672d4a4e14fbe1f922fb9aac1364519dcc814a5d8e8639e135be8d0ee4221962b61205c0b19caca8ebad9d84090ac86277c8e667da8aa0ce500779526f308516461b57ee0ddba3ac2f9c29766d89ba7e579bb7013e1a4194de55b9cd1e8426619d4af829ca87390e132013cac2664139349ea721453e114ec7a599bc890768eec5cc5bb98e8584a2b004738922f22913ffea587cd7af4506be9f719884dbb0684ce778b6d90822e9ecdeb98d5717daf77a42987c6728cb01a84e107002ff41272b09b7b8530ce6584b6028c36257bc268aa32d0764bcf2b6bac74b70961748b82e4e3bfaf041af3495b5cc8989665bcfa9b27b6464915a2da8e95cfa5aaafa630f6acd89920cf56fbba1417177e2e31bac7ec58f0c449ad8a4ad2f270e51266d1af61ccd97043b74ef6be68ad37218500b8a6138b6e412de25c07881919e6ca07273154d9ff8f5ee602204fc58b421904a047c9043cf07251619b79c84e71bf0f1a3164b118f1dd58f3b895c76f077e7fba7e61bb5772eb9f62fc5746dddb8c0cb1081578371110d330c06990daf64ec494f538a58a3967a68916845be3b6f16bfe028baeb15ce57bd80137ef4df1eb2bed3b0adfad8112aebd950832252a7ab106f9fa91ab0dbdbc725108ba95930fa0e199a15b4a1366767523875927bb7aff68e0568dd2287f64681c3dd7c01429fc2dd7e1379173d85064baa5e09dc50a4950437ed65e885b76700a335c34d1b67c82251eb0abb6b63aee283041568f933a9301c6617bc3e3cf0534e69bbe8aa3bd7d26c596a915709868cae2f347607c927ff0d60ff5eec6b0eb398c0a17a0c69787390a2046aec0b6bf115bceef69b88bd8442819c25b82a10b0b5db00d684d8823c0094c15b7043941c4a6d8e90533e0a016897a852201a5783b3de7f36302089b1785be2243f6104bc6e75d992c5aaf7a12d61560c5fb6069217d5cf78a9b6b276e156d52cba9cbd775d31f32b40abfda6fd7b2533d6245aff9422e9739bdc49c780d4d73c0fa38160d199930237f6b659c328ab3943f67bdaeb6b77cb9fa78a4f0aed1822394695b81a58b92c799f873b94472b9bf11a53bfd90165e4c3dae72d809f0620ea3e057780b625147446617feaa4e7e113b6c3d7a5f56bd19f73e6c63781130a72f9043bd3d47104a0c88a13dd6cab09c5ecbf430627959035a17b93636202598c85546badf37babed0bc4360d22bef9da97bcad728dafc212380783135ed6370e6cc74fd7b43c2743afde9f0997a90cc05faf8a971def96e06eb86b4a2f8bcb2055dac015457cdbd6b2a39eff1844d8129f9309a8b729fb331fbf743171206d2165dfbe2e9ccceb69ab69c8b202e5e30249d836d3c", 0x1000}, {&(0x7f0000000540)="b034c43d3c2a2e243edcc44207401f0a23456eccb2f1445f83942bf8809ef48f7ee814619e42", 0x26}], 0xa, &(0x7f0000001880)=[@op={0x18, 0x117, 0x3, 0x1}, @iv={0x78, 0x117, 0x2, 0x5f, "2d689e6c6b9270f37c7ef286337d98f1f3cc6dcf3b4330b540d8fe43a76c69b5fe20cb16325f33a0f661e725ffb959f461e487b190c5d487113718601ec2f14a3ab00b97ac8194fe5c39463a5f8274673d89ecc3859a11003e634dab5b370c"}, @iv={0x98, 0x117, 0x2, 0x81, "0e395f79171408703a53e261107ee2a5d797a3fa197f69905bb7813e93b1b1463feb015a993acd6632b724af86428f00656ec4da9db83e760086dc5dc497e78363f097380b6cf79454f363440f37330d37e90a8b697bdc573e0a401f5dda6e887421685993f7341b3ebe76a6d835e5626965612a4526485a90d4dbc7b7b05125e3"}], 0x128, 0x40000}, {0x0, 0x0, &(0x7f0000001a80)=[{&(0x7f00000019c0)="0d2ce086527013885693dff2dfdd3821e92e622638b3a282bf7ba4e9fb9e002409d84c678f9cf12bd73376e13eb1a2a7873dccf60b2fec2f56121dc87d72c7eefe9c9bbcb4badc75f958e1244bf863c375cd4cc132430d89a14b455f477c50400cafbd50cc93736dce196718510d27c5f532b9f3a3f52e274e2f28c015b06f4d7b12c0", 0x83}], 0x1, &(0x7f0000001ac0)=ANY=[@ANYBLOB="b8000000000000001701000002000000a30000004c6165b26adc695b4cd651518cb08e901d1215120251d69860cec81a7950c458e0d683a93fa2a984d9eed3f5fa7937dfeecc599e2753f6bc998ebabd137de92fafd8a9ab766fc62ac75098533670ffd4dc8901c03365669cffd8b63b760dc04a5455e91fe49c556c6f1928ae10206901eb5d620ed3083f944f4517887dc073625683905754d7bcf0ee3766cf77d7be95b14fc47a7e517cec52e525a63e4aba75991c770018000000000000001701000003000000000000000000000018000000000000001701000003000000010000000000000018000000000000001701000004000000030000000000000018000000000000001701000003000000010000000000000068000000000000001701000002000000540000002a0c1a5424099c7ceb346c684dadf91a600a255061c34088e2ac892feb04ee0728c469c98768e1e9bd660429ecef2cc1db0b3b84f9894489a5b77c65368c95e9fb951d6a6bf0cbf1474bbfb92dee1a268f6e6293"], 0x180, 0x4}, {0x0, 0x0, &(0x7f0000002240)=[{&(0x7f0000001c40)="71d60bab81117317cea3dae68a620db1c1ec8a0b438a74647783053d3dffe3ca134d566a62b6c0cbb151f3b027925a0a45e9f1c9a8266b3de93723c28a7836641b32", 0x42}, {&(0x7f0000001cc0)="b453a5ac742cfcd9b2cff6f8b659f5ce27be0789405744b81f69bb9e273dd73553b0696659223cab8c47b595d522744c15a7f7c6461ac963c0ce5045e29babdfae0acbcc9a5a50e4f92ed42a5d26450418b943e9bb85d01acbfc88f57d361bb0bca35e", 0x63}, {&(0x7f0000001d40)="d7e12944ca32e4b02843c0d08b7a0e611ad5133c1f8a1814f2bbbdc18170f3e917303efb6172100fb0679fa671c6a46853c5256906f396b26bb989e157990f821dc3ab2cec11e38472716578c43f0db2e6e7deb8baf0e4e67c6ee8ca9020e84f86dfbe49ce48988f33084eb80ab2bf5c2eea5637ca6ebc6e12b91e7fb0588dcb90d4126502f5158407f14b998a05eff47267a41f740e6ccaca4e19394c72cca39ca2ff2ce6c40cb66cbfaaf24571b7c1872f4daf", 0xb4}, {&(0x7f0000001e00)="c4c0d1534692809edd0ce996e662a443aa711c38506c329e35c0f84990a249e1444f9235f2364457cf70f1913929ea96", 0x30}, {&(0x7f0000001e40)="36d21cde83e754cd5b8db64a962eace1989c52c4620d98d3da696d70376ca21d2b463b19be8ebbeec3abe968d91978fc39a6033433e1fd9eb96facd02d0ec17ee46a937b5633bfb8649581bae7b45736b6efb2591b0ae31bef278d9220c5b30c8af3768503a70fc6653b45847fc85e5f8d93abbaa3d05a62d7ef845ba4ee5c4d342967022a9a4639b14920462b7bd2c77a37f756e1ce1c88e497cb40f53173e55b01e6e05bbc9412c419199c0bb9717bba948634941f23596063339667c0ce25f8b86940c9bbd4606882add2f72936e2c11740bc665c405b9b6eb9afbc", 0xdd}, {&(0x7f0000001f40)="b14bdd97d007e415601227d3e6456e57f8c7869a072dfe5087b4a87122fc53262e415cde18a182400693b41cb15f4fb1d3d79a876f832f5c81ca344085418ee506d767c411cbec4ef0179389d72cd693dff56199ec8325e8dd2a6f37311e6fee9b7086bbaa2bf92718671d307b2072f15d29c4199d4722ce1a08488fb08e12117e7cba076b9c05c568ec0af38a1b1642e9273baf1ae38f5be6a78e800fb7647986a34d643734b1327537ea2ca3e5bd034f08f1ebe9721e845d69ef4582b83c8a832f1add681d86376f4e0900d1338be3df9fe5e33e796a3eb1d6704506adef3de4ec200d4b74a2d20a413e1cee864ba74a", 0xf1}, {&(0x7f0000002040)="83f961b10b5b4026cb7b1a90b869eb10d04b6f25b96e45f2a5841e796b036a6a5c482995afa535248dd5db5af25fe9131f240d1df2c3ef59c8e531691ef07c5b952a8a6e25dda993e002756c051d93828ccce13bf1e4b117e48bb5064fb6591dfa44afa9f83886fef52d1ad647af1746cecc8bb9e5e027bb11801262bf81d063bdff01fa6919a9a0461b11c24f272f46a29c859cf029a7bf9325de3bf4aa1ace7f697935d89fd2597a2bf6bd346e3063556ea89e7e1f9191f75a283060b32ca68197183250ebe4e4bb59b2a73be8b99b6d411c32d7e8f3ebaa2d3610734072e1", 0xe0}, {&(0x7f0000002140)="7200a22797dc9c2197e7986ed2166ae6e58830a4ed1bf4c5cf0c4eca7898dab01bce04a9f9c59ac1dce398db74fce2ae93a7ebbca4606cf7f6ec5733a0e266b21a8bae9d0511329ab5915ec605514ab804bda774bf4fc0988f4cd5adf37047b4443077522622f02fa6ff8f16a8e69c5fe55fcf8d5f5665d72bab4fc635d33ef32921968c526ac7a188a7b79a93f0ed0128c50a0b6059e43a9c72ce0f36b24efbcadc409a8998de0ed4389100ddae7b5e824201fdcdc652a66ac39527c1b6b626cce11ebb5ee844d4b4c341cb12dedf4b56c725f0335b31a6018a9d29cfca4fd993917ca88ec8c215ca17cbd13ae751ac91404ab708155fdccb", 0xf9}], 0x8, &(0x7f00000022c0)=[@iv={0xe8, 0x117, 0x2, 0xd3, "39b564ea4cdf30829b393f488eeffb794c10ff38698e318a67b837d9d1bfa982304d76416fd7326e2aab2a4992f118dccf0f614d433c942669807ee033a0cd5fe555cc170554abe9e22533816f864d7e4b833851fbfca706e366269970fdace88fc422436e7ee405566e87cd31c2cd00bcbc56163ab8904310767a4d4a23f62bdffe11f0ba0fb32bd18067e4153ad6061fad18e290dc7ff8efe61af4ab2205f0381796d76a402fed2fbf948fd1b82255d75b19bc9f30f3517e0f78f2290d5c73d906cda71faa90aec8c7126fe128a94e839761"}], 0xe8, 0x4080}, {0x0, 0x0, &(0x7f00000025c0)=[{&(0x7f00000023c0)="03799ae90c228ff44f00abee28894b7c4839b4709d96db927971a364a049d47889989b34f7e752a6fb5af4584f30719e1bcb34ab4e6fbe515513f49fc3a8797434f3a8bd7ae3c545d8d73be8acb55e766b470222fff0d9ecf46000692ac853dc8afcbf989974e842b13928204f7f1c27b9c9ed3c3aa10287a400f83f56171935a6c2e268c178be84da7993d944277a4dbe07421416cf744d53e75b99d8ca257ad698a95aa8b1d78a5bc0347e2b04ed5a1329be1fd9da73a5fcad5f702022c86dbf18b61d3db83939c68096edb193a57779bbb0734fa83dd43e4b2a", 0xdb}, {&(0x7f00000024c0)="85be0c6a3cc5296a0a1b8c900ec652e380240f0708d2f4f8d3bf659c347f00f686f473623617fce841acb9f84a183a9ae3fca2939e0d8ad70e4b54fe5a6005d26325be4b587066be9961b7d314fa3c42ae1d0d098a764aaf566995a8f828baaaf69b3534428deb61753ca06f1072dce3985c3cb5ff05879dc5398d6bc80a971952b6e8139516cc72d8846a699deec92b40926aa75b37a7e94605298d69423d802b4bc02c1f75c076f005edd384307bdb8f5662c495bd5bb4d178f6ed69aa1d40fd5e531f7eb1c5446346b6bc2b1ac9c484f46e0dc7b0852ab81325cd98545ae8ab82ce8db4f61e052ea68bab50594953", 0xf0}], 0x2, &(0x7f0000002600)=[@op={0x18, 0x117, 0x3}, @assoc={0x18, 0x117, 0x4, 0x7ff}, @op={0x18, 0x117, 0x3}], 0x48, 0x8000}, {0x0, 0x0, &(0x7f0000003c40)=[{&(0x7f0000002680)="0314cb8043bc302fe65e0d8c3e2c0ac6e5266032c6499f09635afb72592bfffed4f6e4b020ace8aad276edd9889c0d1d1c955a8f49d4c9112980fef14db5a3fec3eea522bf3f894d3592f7b490047ac63e19b21d5603074bba52270f3717e6ea24b52411b55289d68372090b165decdc6ef9d6f9663fe3b450de735fb64fe812a92dba888d17b7332065cfff22c705b4634d6afedb0d018f13", 0x99}, {&(0x7f0000002740)="1c0343902e8e3cec018381c2926ef2c9668b60cbc42f34415b01c723f42354038b566d53383f7a1750ce295257d29e73ca9a21a0b1b51d503b16bd94449217607f6acc6049fa12fac55ff6b8a4da04d23c977af031bf08b64b8ba390af606d7bfc0cbfae27ad2745cc04c89c6dc34a6579462b8b7d6978611f689f5609fa0bd9e324e787b277bdb0bcf2fbc7ca0e51b50e9b184ad9d8479ce05d7f1c09cc9ae3adf23eba4ad556cf2010dfc17ba4cef877acfe29f3a700c3e4", 0xb9}, {&(0x7f0000002800)="cf7ad2f39e62f0552de4d059a6422c1c55ebccde612e18090cdfbde31bc0453552805c78e66b412d5ad41e1ab2ce447e797e984d8006fdc4dabf20f482b9e3ed1c899646241b57922ec44dc4043e12d649443d310dc3a6798e3f85f8d294faab3c6d880a27fda9184c2d396bd5b16b73a4078c7f91b88a5bf4f1fe79078219d8c16caa8986865fb1ed13893a87b9d90587c085258108dba273498f003c872fa23439d025c4ff5c0d3a6721c5f58acfbc1f6b3eb7d03f91ca1a63f9251d3335afe5dc6a229d85f7f7f0cfe1b02e1e4a83691a8def79e6abd46db16a8be37e544656af75901f42c2913650", 0xea}, {&(0x7f0000002900)="d34731b6c86f4f22e4c0f45873230cc7e104e4387c91935e0de1ee13982d08728106a19e19b5d8e07fdc8ffa1c120a318b6d8bcb26b946c750bb591807e0d6a1933c6c2edf24f74a526e074e4a766a78aafba30d8fa2ff973ecebca1c29eaec51741f86c3a511c8efab41fd2586cde00e15b411a220396654044da8d63b2f5", 0x7f}, {&(0x7f0000002980)="87e78482c0e092153e", 0x9}, {&(0x7f00000029c0)="f4ba2610653bf04f28f4e500df4808736d9e1fb8029599d00ce2d17a89a84e65655160f43862c6db949ac03e41844b6bd002867c01c009f134a22c998c505f27d16a9c6320f652f2b043c0414226ace5025add1076eb5c8706b87addec38a698a8a6ec31ec44dbdfc8fc32ee6ee4b20b1e67c4655042740deb31b448cdb7bdb3c3f558beca5febc16529ddcb1ef07fa280214a5193e6", 0x96}, {&(0x7f0000002a80)="a63fdcf9d7530c7a9102a56991eaa6f7a713c0b1c3a4c416ad94d0baed7d685396340afbd6ecd3a4f1df287382f1bc8938acbfdbf744adc29920cc3999badb64893471f70eebcce695699e71aa862bc8e60d45baf0eb0a4cb628c684430e789606eee2f893594ee76c2196116a4fbc3904de38c6fd566cb56a12d5d8dfa9ba69cdc1426606dd0ce2338e93a172e583b65aa228f695e13b7c29b21565324b39101fd2cbce01e8fed9aa56fb5811fc6c455fbdac54973668ac540bd671158c69f6f93cc351f9cc81a1d701d4e5928fc41ef3b14201644ce994ab32e073ebc54a629f4d21b4f749862655ad6700ec7fe4a846bb57794729c4f81be5ba4d49991c0b2ca3e0ad0bb0ba9a0579476785c895b25d1061797ecf4afd4972b2d387dc6d0f1235023a976e7831c7171fb33941c4bf030cc52a3e997e09f5fa5ffbbab3a784f988cfa39beb9c21e5a5e7ad3e7df357f61c937ed9fdfe64139ddc20784b25457dbfedc5977fe5265fc15952f1cfd99e504cb633b3ed7155c743c32a4dd67e9c5efb298a3505a5b72bd48b7fd382b74a0ccc588034c37ece80e253abe26a52bd07763122aab4b393e908b3f7c073655b14b6370c13dc75628ca0ff05dff880ee053f4fc292f2cc5d677a1c3bac05db91ebdf3da2990140ef3ff6b9d67a2b60d000c52bcba9b2b24ee50c2718d6b2a0dffd608b633942b45729db2a69c0f571194b7355e4c9a7519662b748db449b8bcc4eece522d3b896bdf5e289bd53e2509c6bd8ee4eb12567f3a336a49e1863bb350b4424711e4a7a96998b7c6ff5ad4eaff0b75493e2fc4d41ff4db8295ba6750daed653ee941b8e1d422ff77b930afe9996d2156ad1e5779067b8066d0a1e42cd583e71b1695b9592bb2f7b47d0592270d35b488d1f87916335efb6451b0960b7491dd621cfe3c73ed8f70e243aafe7407e7dc4666c01aa14381f53fd310e3239cb4d31210db5016abcb08cf605380a6b49f7aecb6661c3e28322b269549c3284cd3e064d18fea837703d53fbe5666fa9522d45447fa6e4747dd2972cbbfde1ba7328bbc0ade42edc01fb7159640fc2c0b1c82e8d4b371c5fad24343b652d3bd0d7f8c7ed1a3253a6a239285d67ad918509113edfef54596dbec9c81b4d1700444dadd9529a9bba122683aa8f6462c65a832df81bbba571d044018c69eeda56956b47309cbda7f46827b99b01c277b1a1b08e835f9f4fb693968a977d4329bd5caaf84c94391ce2c002198c8e4a772e55025b780920e28d5daadae2b5889419267c988587269d90865d94eb71f9c28e593f19c1720d6b04ade4bfa54ca22d06dd5d11fc9e646b66beb1143fcb495654b0f9b913c8a1f3db612b16027dc5dfd75bb8ff2a62b8d8b78a26474cff40d339917ff6c93c52beb6d30cfbbd267e9cb07b76aaae7a07fe746556d17d7a960ebbe931a44b6675617818e4b4f331cdc96ad777e9d54269c19aa800ac2a1334e51b411027ba59e0e78fba21be75d463433f7c6446b4d8e12f43996378a04347aee8010a797983044ce9a01f4d9c80410541c3bb0f90315e6ffc9aab6e6b4d5e5ff4a208c02bf9430e3d571f6f95e09d4e44008e96b05617350cac761f48ea5f94c628349846febaa11086f7a6b8a4f205ad399927cd97549a7927e92749d863d64409ddd12b678374df8fd416bd46186ecf3c2f9307558e9b8947dddc3a3957a0c69daf737cce83dbfbcd76b8824aea8b23adee6a6a7c2437869691a75dd2d7e74faab6018c4ae9493bed79dc8d6709a08a82ae5617981f1afc8ecb1a20f7d565dd2ff93a111a7bb212ac84a9ceaf89c947873662c6591b77cb35c870aaf96ad835b4ce25b43ba42da31dcab2167eb0676ae97f1774d358881e00f874ba5a3bd2ed92aaa98a347ec5a4c06bfba45b4029685b29c63a26683328eb9b90a7009004c6f38bea9cdc697acfaabfdfaad07a9930cb9bcfad462c97b4e09148cdfc8e2ed34e11cc759fab70a3ca753f3b950260d814d60eebe19974b43609a1361d07b86030679243883dc56abd29759038b2ba6cb0510e6de80e78dd0649701880bec91080cab3f2a7a4452f1fd274597e6314fc7195fb07b6eb669cfee70346ccc118e1260867748a5fb2953171735ce667f00dcb423b89b3e77ad09981654e862a98f9c99c6fc8250424c7e14e7166c224dc423b40f6d87585e270c4c1c4751805dd7940404a2b684df7d9f64bcaed70d84133eeb4f8886c135cb7c96416b25652e9f8e9e04953c7910e5b2afcb59b38f7ec4e633d58249232f32afa92e9753b6afc129a00752cb088e14b0da08fc274cafbdb3ddc602c069e0323cf57e9f3dfb696da40f256298d2dbb52d69e061d3140cdab3794c6a556cfef0a074316828343eb61e28d4f91f02e8314d384a6227822497b1b3ff8c4a2f83a60162c94c3ef98a75c74707d08b1f74cd0fc76de50b5cf03ca9f167b0909dcb0f1a63f1a5fb912293c3009dcfac157fced93a49fa739d16f527a4ed6ffc825d8da7e58bb4cbfbdabfaeb9d6da30c28c70aa5b03fab66f5fad5295ca3c556c08e6ca4be89aabe62eb79f1aebdc45c5180afe77c430e60a4298a68ababc650a0d38e6a9da99dc55828ebe9ef414371b64f4931a6f17ebbf7dc6ca740f8e272e18e9c27441cac719dd51b489e4f72a044459fafa46198fe04b18349fdc7cf48275316147d4b882c4cffb0a963919cd1334221ed816d68a446207f5a57672982164bbc4a4a586058042d6055e11ffa231b73b07602e772c3acac478aa8c776fa23576eb0632ba6b37ce83d0705dcd42e1dc7e41ff6d7653e89c872f7441ec43448ab2c614444dbdfe4a251db6c8c1ab57a807b67e57bb06219eb3e123ff5be93360b32f634dbbcaff1329fb90d925e3c8d8f9604f4e9f3ff79295b4cfa0a56b28505cd5315c8c06a30067aa0dc4f4a699befad3e1917070ed25f5c0fedb673b0c3ee7e97eac20fcf79855093d01f3526033504ffddfa8f04b665f42d2578f52beb86e8cb96f578a854f1a60816081de797a970ea98abded04ddf105c3e77c5f782b40960731a799edb7ef2c393282f1c40014961df6bbb616d80ee64a2ebfdaf2deb0c860434c4ba8e3f0a60a4ab2ebb907176b8ffe590584552919eae05b22d16466d425f7723dcbfbf474700d578fedb6f640e3f259f71ae57261a6832e2733140973b09e9b61cd46409654d6eacf1f09b82cb6762751cad8fdae6a111e2eaa48487bf7d68fef34d7acdcb62d1e5ec164adfb69d5753dff96d4ddfb1d2345677eda6c299b7d98ca6d69eccca02bb4dff55014332667d8f6dfaa5911be658271a8d96ec5978d11a370f9066ece778cbacb081233692fce03fcb009f69d0e75afedeb35dbb2aba4cb0b051919bc9851df2f52c980a425b6ea3291a03acdb5fdd75044d2e73426941bcc6d1be1903d41678329c86a3817a1dc866e79d6f5a79cfefce6be70b7c30138a586adea6e55cb4fe771db27883efbc97fbe64a58861d0f492d98bbd4ab562d2d609a2fed20a5f773b6f512a3f876288d4308440ecf1da052f283e159c851ec705f0189ab040415b5522e19a9718efd3d54bf61cc77f0c23dace5cc23c8ba79490de5bb059c34fe5d54fa89a7ef2baaa094057693d9cb094485fa43e2440acfc8367453bc8600511e5b0d9c99fff5635518cee2ea8e3704f92cb746870d456131bed6121e369cd3a796f47c6709dbea057622cf5baa7baed6dfa7b6fef341ed12df850d31c80d75ea94e2a846af2934750cfd4b9cf17c0b22bf494160caad8c741ec9f752f745fbcd234266467b513ca018d6bf748cb39704f6c98648b351f3a219f9b8bca4807d04f4ce49e29a81e6797f868f579b10483ae642b4a7f02c43ad3e03fd53756eb5b8b9183166b37ca30d3dbdd8a6b21827ac7c17682c1c9751a680079c6d3eeb5da19b54634d1529bf6d5fc4a374a8b33101c1d9334d6d2c1c3d48b4630cfa328034b365e5b1b420ffcbdaab93c0b8c94b45cb975a00cacbea6ae7dc054b0cd7a778a894396881b5b827ee50dd869ef93192b6961686501bcac75f7d1c519780279f7bf71ea8fd2af2f10ba47823002040572f5571e466fd2865d34185a0419792f8b696440d52d33b5b60bf37df651f846291577b5f1f3bcf0a14d8c74e573f7b6124037ba8de591a861aafe4deab1f6089640f9bdf1796884b317ec2a7ec575f4886190018459390bfa2b86288a3ff7e5bb8518a739ce63197ca102159dcb8023d667f4cf6035fcf6dc842b0d8b353e4b906e78c74d0f5386adefcd6db7ac9905a4802bbeaa63960b78e1d76f7e60ddb2c0c835fdf7d28b417d73d6a89d15cb2a91e7351b63d2ac41723930cea2a0a7caecd6f399108e24e60660a99b466af3c013add3a5377f2592e732cebd568ac2999fc8aee01ba6e26182877fbe18ab4ae84c0cf4088144e591e87c04a934159bdd485471be663767300d7c7aa1458ff7e9552b8fd610f119dbd6a49d55e6c4adb17f3f9788817219b71cfb47bbde0b73ddf702df17a558290e8d9f7c355855c38a8186a8b89ee408bd95c2cce1b7a7ec7f67de077a5bb029bff6e00da6c229b2e3ff03d18f35a32a66f44b0e92b9519ea133d6097399cd05c3d9416ac13d5e8dac286a8e017a48fd4ed36c094a81eaf2007fc6d2e08c50c9651409d71638f12ce8723ce4b6e3b9adb79b146da1a776312cffb5565f96164a1339e66940599199799ebd21b42e281d7021b20e78259e0c336c6fed5ed0eacef8b1d3fb04bcd8d5bb918a30956eac899d9350f9929c1c64dc5ed5fd7032b7adb85dccceca495bcb56f5df31caeb4308ca1d3ebcd44c6c18d71396bf9cf0763424eac6b8763dda344492cacb9c72cfa7b85997094e13613c284ab2d61fa3ed04989c2ad3a19b71149f37686b341961f4af065f5485ad5acfcb49f361388b3e132977ed450ce3bbbd6f64cefc4dda2e4676e41f3a11b04b494e4d5354b6ac7958d072e7c904f4a197b7b6ab9c0b7746bdb70165b6404525149fec60251bf70be16ee9d1a9e40c77e388416984d459e4e58c7cf03455ebaef5b55a123e69002cb5a7e3114ce7e1af6becb2085c802e092fb6c43bfc071bd9c57fe1838c91fa1b1eea044ccf99ad53d99ca1e5272a6e34616ce88f41b2b155de8a3bcd48db0904a8028f7ab067f379cf359494d3f552bdf91b3c24655bd014765d4e3aeaa59d87948af34e0d5f84f42705ae073fc02b155c4a858451fed1219a57e2767ff30ba8628eeb28545fd8d60adbf0f9a2f1c6864e97101be8ec4ce669609c3b60fc890ef3ed1b0b08989b3938182fbba1d77ff27e1095e29e9a9ceba5128ae4950d4ef40a1d1b816520d65e0cc87dd4dbe638c62065dbba93a700688f9eca95b33163a0554b467dab0ea608bf96169528c3f00fc98731b6b3519be8e75b6658e3d0847394dc7c8a97067f9e92e4b92b91740c3a93b9f2e1a3f6497050afc2cb8be65d23cd09082f0d39559985edda7f84f6daf759f2460d974184af64495374c5b37b27998576cf957aa3de3e40b720842c94b6cc4316ed1c67ee34a6befaeaf46a0bacc122f19564beed799e050a7fff18cdab07b63d01b622fd812783658b6600aaea1e1e2e70991ec7b6ed3bd2231bdeaf9535f5dfd4bae07c4db269b1ee79d5a9644e9c53eed63248184d6f4fde065c3f81c9112bd7ef5504b4105baedf58a24db41758e75e58cc64c12037dd568107dce6ac53b424cf88821286578b43f48fc34d5ecc90af6c3f1824f7c70735d9dca3685f5b9a9af34", 0x1000}, {&(0x7f0000003a80)="5d3f99987ddb3f20329317476c3a71d49484c1a5296cdfecafa88eba69c5741b8dce0380dd24ded651b06a1bbe69897e138074b5ed7033d1aeade6ebe7f526e7a39625e0f8b8c02cc5643c3fff193b96827b5b2e8492f9850b41675ab15712999838852f58984495a6eaf5453d4fe075a2158c7577b12732b53956efdac8098b2e97f988701f923ec950c02fc9b6386c71dc9689ca5c43", 0x97}, {&(0x7f0000003b40)="6f69d60334a64a63118f92b0e14e35797c560904cbe6a3b7346fe85e3cc83a28f7ab0b93ab646ce658baa3a7393d3d41ccc5f292764492bb9be62deaf83c7a9feaced395d39ee0f1912be4d598cb03f75877c0884986e8cfe77412e35cb1601d47ed8799ba925818593f2782252eba7457a66a3339e81a18df3b54b5f4da67023cf1403115082b26bd330af6fd5b1f8e8161a50c772a55e814ac513f41b140ddae6c14552e701278ff2ad0e903aa39256215c09cd156b2e10400776c38b8bcc5387fa77519", 0xc5}], 0x9, &(0x7f0000003d00)=[@iv={0xf8, 0x117, 0x2, 0xe0, "e96b8cd933d2d20911ca1850fcc7e4cb3f46995ceed045191085a2e6e67f9f414534dd84640245bb47c36f21a2e90c3ff2d8dece07ddedb19aa3e1002eb00714e3e4020fbde91ddb622ead718a2f6f8497d4792dbaf9abea27cf83ae300fa6e31e2ffef6954d581102578282fe4d37ffba943414edb8a49ce155c24f570bf2f49c8df5a6de5b81d2d765824f0cb3afb35ca2bf921f625456c36f8f0e610e6a055baf3ef3f549e285dbeabd3b162f0c571f8c461e4a4b8614255f8384291fd2cc31dfdad01cdd90b1d7ccf7611a2fa3929b1b73ccc5e5c9c3ad9d959953ba60c9"}, @assoc={0x18, 0x117, 0x4, 0xcd29}, @assoc={0x18, 0x117, 0x4, 0x8}, @op={0x18, 0x117, 0x3, 0x1}, @iv={0xe0, 0x117, 0x2, 0xc5, "f52269b3f17a9c7d53ac58ea50dc80ebe2e6ee6c4fccde09554a7889dc618d73d73f34decacb65a964256fad9e3b61d77a0f20f966f4542fb567ae3211e931a33cea57c4380fec37aa980a946b1a2cb1b3df7883a90b359875dd881bfe51778db940460ac3b59edd30190ed3a4eff12877b0f851459c1c5bd05631accea448ebca610db09646c070d92673dd3e79d466988d2ec034a27bbef9d1476c4dc458d50b0bccb21e4341633ef0f50c9bb95e5b8e5532c5967e53649877781cedf5ee19864f2a226e"}, @assoc={0x18, 0x117, 0x4, 0x5}, @iv={0x30, 0x117, 0x2, 0x17, "1179a79ba3163fc505ffb7291b546f07ab6446ab6bd853"}], 0x268, 0x8000}, {0x0, 0x0, &(0x7f00000043c0)=[{&(0x7f0000003f80)="76c31e5d8a4bf7247d683a2f72ac484b9b92ce1a2e531d69a0c91ace0ff4ad9b6ead87d5493ffedd3d81922dcf52722e135b27421cb101ea12142a83d7d407b16a070a3d069aeb01941cf3761da4ea15664c5c0a4fb606eb2198f891c43e3260a0d49527a9cd75929c38c93987596f6254cfcdebc2a2ca8baa83bc89f5a1254f115bed076342a50a3c0eef8ef4e5778c07df18bd0077ca5d9678f087e1503855ba34f28aeb0c5bec03f7bcd538984ea82e50cbef13784899bcdec8488660c1098e3189292686827d96fc22a3da16dc6baaefb886e12dde3d86426c799d82638f0dc574fff846", 0xe6}, {&(0x7f0000004080)="4d77596ea344336eb7", 0x9}, {&(0x7f00000040c0)="b3f2ce69", 0x4}, {&(0x7f0000004100)="2231b9a28daccffaaff1d983c9c9fa788c0360b72b27c705d9187420fada05868cd3408a21ea3c40e57553f519115880cfd671ee9c3acbe6b9349cfaa8c382075c545f5eae2d424af0ecd919e8a9630542b8bc1ff348d3774fd0cdeaa42f84554f7cbc62b7df609b93f3166d27feb7abb0816b1831f26b90cfb3a2ec9ef0de468eb366b6da05c84da5ab4ed7a489b8f8fa509b934beb9ed8edbc7b7b3a82dae907da5438580ae63aa61a7a957b86eb57fd6c45b696b7e788cc1e232e28f6b2b13c06a90de330593d9a6bf8a0c757c01d66eafee1fb3e49248c8201b6e0c7c98859b1c1800a2feb3f4fdea9ae58ddd78ecbde88d46dd9943bdc6abd", 0xfb}, {&(0x7f0000004200)="a7a8bae3be19de7d6ba64cf6b5d81a8b5c97ab2fc5ad789c5ef33c48744aaf8fd595ad97cf44c3f51c1cd3a19276cfaf500dcb1d0a27a4239963582edb636d7c683b7befb886704766bd2bfdcaad43964cd9c2cc62531687ca82b2519c5120c45482b6b19d402454d9be9695ac5b19e2c8aded8f7eef68ab027bf26aad21698a919f81c57f905fc6cd611918a4fde2ea7c2d60d8bb82b82908182474e7c800d88f9bcc227d28709afc56a5e22ac215663c17f6dc7df8f8226d713397b169309c66a884", 0xc3}, {&(0x7f0000004300)="3084e9f658bb1df3c7f1a3bb92eb7a758e027c4585280a852d9a6b520244daf0df9f064a4fa41294e6435ceb04d877e7a5a6f79737ca580cdf2079b5744f7f53bfd80dc394c92d6655c946afab9f76b8f6b12d2699f718e6c9506324197674784b0e39a5ed24c5719bd0310c6b91cf3aaa5ba061c70b8b2773a4aeecd6503796a7a907b2a729cd2ed3a90886b6b2", 0x8e}], 0x6, 0x0, 0x0, 0x20000000}, {0x0, 0x0, &(0x7f0000004700)=[{&(0x7f0000004440)="fa2fb1bd7cad8147fcf48505e1c257c432a32b1f1be9bfcc0eba11546c4c", 0x1e}, {&(0x7f0000004480)="97af09cd56f3e84f39c1cf091053e8436067bda33a7ae3116e57366d2d9a91b31a4eb49fa6a56d838ab4371a30e66c5309104d00b1aa3b95dd84df9c1bb86e73a576b0156645eb91667399e0b0d882090426ae1e912f54125805bba762775487276fc0e066e18201219ee02c690845932ad4595cd223234afc9575832b8ba4223c618d0f20c536d40bb3cb1ffeb1ded2dde4d2a25ba7650c71bcc40a5690f54b60e751947ebff961e7a620c6dae286633362108690a823427f617259464c83ca7aa7c6287b98fb95c44391bab58b8ca016ea35d6cc81857ba22ec06b15839c", 0xdf}, {&(0x7f0000004580)="938a199751b1409970ee3cda364a0214af07cc48d9442d77c1a1fda240b5930ca6eddaaef07f6c63defed54a8869ee812a25d87ca601b36c43e8742caab640723bcb2a20a3b65e0027dea7b59358bdb1e5fcf835f27f2f4fec074da1fb681ea5a5616ec5052cf2467bc503f0f576040852d1c9f72ff2d921e562018cb3537573b24818", 0x83}, {&(0x7f0000004640)="ced5d7d7961b6d2fd86e9fcc6da2cae30fe2d9dc20995571216a08119d593561bfef", 0x22}, {&(0x7f0000004680)="bde51e27e14a056723a3755ddc2db189acc4426c22116a8e4e033ec14fe95cffed48f34de8b16954af42383952e4db5d3522432067af6eb890abf1e2aa681c70411160919b28dc0e8d0a85679dd40cace837b24cc256f923ca555081f6d5faf6ee9979d817661beae9536047fd51b65267a06a00cf411afa79", 0x79}], 0x5, &(0x7f0000004780)=[@iv={0xd0, 0x117, 0x2, 0xbb, "a1ef0cb036472dda597e41be0cbb5c113c9e885a76ab4f7479a89ec987697d52eb03eb927cde51df0ea00f7533a65969335e83a94b6bb152ec62a278a5b73a7b24d5f2e910f9bf9ac2d0c57c5785d23bac58cf314f0bd40eb4122028bddf7f2c9af1ee735575f7b4dd315582928c333d2d0e44c3b5ffe3f2bc546b13483866999611f6517fc2c52a7a56124e0371f69d744b16d99e8c9b87c0b57c8ae861ee43a14a6a5c9dc576273819addf3392d4a7ee17a750c048d40f202935"}, @iv={0xd0, 0x117, 0x2, 0xba, "3a7483bc899e2a88b39284c71562ce152da7fe92f46c9d05b4d889691eaed0bc3ca887d8cce7e9901fa03bcbc525fcb58e6791bf0045296e23784e6d7e67135aa8e4f7d7194183f06403a42b81090053b0721d144953fcba11a8811fa7bd5708502154cd593de5024c665fae7f6a4b0ce51f80ac6f001519ccd57298baa6c7e4e6f3d9229b5edf956ec602f42eeb51eae4b13cc6d29429c68dcc40b0ab736dd6f1361aab2e1abab9fa5539d9eb9dcebf93eb7083651b1e0bb569"}], 0x1a0, 0x40000}, {0x0, 0x0, &(0x7f0000004a40)=[{&(0x7f0000004940)="eb34640bb5fa560ebc94d7b94ca106c768b6869e5f984de8e06ad0dcc4d85330643d18394f06ce1491a4da927f74badb3a0f28044cf710f03ae9d9813156010168ab7f8533147f98", 0x48}, {&(0x7f00000049c0)="db8ecbfff9339c1450a455df0f4bf2bba421214bc48e059a21bc7712947e4fb93fad0d940badeaed32349c0e540ca28a2f89ce04e74c9feb677f08f392111f8cccfdb0b7a0663f83422cf95c62eba0d3bb34d673ecaabbcce25e26a9e498e2eeb60f2a2d24f4dc5ccd3d050b8aa85945892a04cf", 0x74}], 0x2, &(0x7f0000004a80)=[@assoc={0x18, 0x117, 0x4, 0x6}, @iv={0x48, 0x117, 0x2, 0x2d, "7fe7bf5bec1aedc4359d4641c3055eafd689c07b4c5d5944a586a0497609dc57a0e74a826fb72ecae72ed4a205"}], 0x60, 0x800}, {0x0, 0x0, &(0x7f0000004dc0)=[{&(0x7f0000004b00)="d7a372064b117fee5b16e2f970ebc30aff1d8f1d7fb21f93e8b500650861a9f77a31f15840428c8b78876f920c82a33a95591b5d256b1096e86b9f12a32345b6faba3c533908d5001778a16c07a4171b2e04c4e2353f95bac448e914638b73c847a1143860cc322647f5d5a2d5766d11b76f24bcbb2b79e63795169f30050f6fbc37f6f5f9f08b389d9039d4ca33dba3dc690197bbf38e030ecfc83c672140b60214d471dbdac23fcccb24e4157d249bd197a5881952ba5ed6cbc3af98716b57d4bdfae9619d64349a24ef9caa4894114f5001857aa9739f15b46e56fba5cd553dc3007596a92d745f8346f6c3b27ab442844cb009b6c39ae99c72c3eeff", 0xfe}, {&(0x7f0000004c00)="f23fc6bf7eeb", 0x6}, {&(0x7f0000004c40)="2de0eba712708d227e41ef7eeb6b912b5d5c2cfbc6455e5cc5a6e47403728c412e469496d4ce639e266583db3df17f525e0cb03520d9c353e608c6f24f5b86bcc50225580cf95c1fa19889fbe7247859663296ad227194c077a52a0dce6aa3a170be9ef7d1f7632c14e8a8dba01752d085e042bd823f464ad590c35420f944b3353e632b31d4e0a2ee30f2d23009188f8595a02a0fb30c5cd5326b03ff67731336234f61f3dbfdce82020e080df02b6695abda70d7d12246bc1c5b338db37376d6e96041fe52b1186569c8a7d34fcf98d1a978fb3e34771ee054374d256610f3a7094780768872cb05f46366b41aeb5a6ebbe53196966eaf8bb570", 0xfb}, {&(0x7f0000004d40)="d69821c093810ba5dcb531301f63ba9cdbb97901396b930058f9b8274e2e3060cb8001704634597aae04ba48df94a8aaa1b9cd0534a5436c5d8edeeb84bfc781c392c8c867e907d6072445c29d3790da7d3028c26ac8308680f733c2139ed40c6613d46f482b0799e67b94dd", 0x6c}], 0x4, &(0x7f0000004e00)=[@op={0x18, 0x117, 0x3, 0x1}, @iv={0xc0, 0x117, 0x2, 0xa6, "587befdd5e0641e81e2ca2cb58f4734f40267adba3f1ede9c0318f2c1ed551074e778adb5c2b842bda050a30072701a8cf27cf3b609915a1429522375b1f38b2ec66a44470963a6fd54016735c6a4db0e645e2d9b5e0d9175f0799ab0cec8990470ec26d505b5ec2975e876d290b7d432f19d85387e1ebf341b3691ec27045aea2b63e74e0da663f417759b72593a0fbafbb323f46303e8a4a26356fed84421a7c11348aef2b"}, @iv={0x1018, 0x117, 0x2, 0x1000, "0010539ef0d515dc956a490829d3a9d9d46b96b6df9d30fe4703427d48552a51d71618514b2a69f6e712d0633735c87d445e7c643b2bd706f80e1684885db67c16785e09ad11dba014a37675b1928a409e9271319c43f14cf742403ac27cc61c4b2e2cd2eb07f874bb191543e1e17eda9d7f01d8082a9429037960e46ae33d4546ed552f442d5e00ab962c73e5266b50535f70629ed4241964e747e08aa6e30be63692f5fa1709aa5093b92d1871da8628119b549f28d0ef2d8fb8697935fa10a3bacfea6f17bb6427b0b19d422d8ecbb0ee0c02c9358cf73b75ad86f2e5ea5ab4c7a04211d1388a9f85c076eee2742f6cddef63000377ccd201ee5ca264cc3dbd9d0b594dc5416c2d2999f3b7d2dc142798e1fd17eb134a53b34a9d4077f90feac713a0fd6013b871130837e1af09443d3285d3377dc1ff64969d86d42fa19e16661e0fe546d0b4bc2a3f36e843f991358f7997744112349acccbc4a3e2f356c09f02b865f6be9f51b28b20ce6b2667d5193460782f7455039a049902a962426c654868c110009b4d493cfe1bfbbdba756fafbff774b4def8df594012ba32d26328cfb98da56e0a95f8c54fa23365d009728d031aa16f84992df2bf6e018f0729f36990c7ef68f6690932aa5762f52ba0d0d8a43b776632ef030ddc226d0794d6e0f533047205b4c677d6479c9428807cec23bf7ac4be9f2ee4f656b05db7b446e03a59b1b0eabdafacb7cf36b9c4d3d769a9f8e2dd0d4f2f9b7af4527a6a3b9b94c1ec7a5a1b2d23a73a2b8833b8ac79088983e6ab02caf7e5f3e29d20f1809ef4571874322d7c32a4dccec55e7ac8d38653a25200c3e1e8471a6a3fad9bf9a1892e6a6c8a1ea79ee3d5f4974cbcc7c15756e25596f406a3932fd476f9bdfd7eed6a808be1255b67d4fe3ccecb27a7a0e8ca83949917f9aa64cdc55bd177d433d3785dd0d314c9826e540ad29cfad164d5596bfd7ff1664dd63387cb6950b0ff3645790b12162b9eae71d4a0eddb2d862acb72ba5c186b70caed9d8e94a73c19f5ff1dd2997711c81b76f2028ebe5bf347429408288b699b0d5760ed7f9f0eb70fe21dd6836e0e33e8120ec88be4dfc5e234d98181a0174c6815300430ca688ea65319109d423500e039bd22e0461b29a8978b22075156a3d12e2d11738e6d74194b9b551f36a14fb75be2c511505d5e8d58581cebffff7e20007f33919c3865dfdfa168936cf00b813ad23c1cc1c2928286455680d4715ae881156b905ca68ed5f85342684f6519acca11847f3dfa2f03c1a2fe4de189f2055bd26c706a3e0dbff8b0ca644dd324e99ab6085463ad64ad6aed9fe307af954e32f8edc5f3bb71678dbf61bb1f4218d8f702f3f1d025c93396bda97f6819c6a248747d032f4793ce938d82bbf865b4adc809984c4f1cabc9b4f79187786ff0215b88ad35602283c200d03977332062605cfa945250a9814413fcbf4608073c25a7811057920dd22f72fcc8e97809207f126d92fa5b6b38674b8e9077d031380dbc5b2a29751cfb1fdb9bfd27bb18cd7918cac139f30b5997d9c55f13be6586450e0c3f7cc6963e98e7090806a9afab35ef3639f86573a10fd8c27e76e39c8c85768d4ca6575d57546f01a071adf81995140a48243dd5af1858deff4433464b0c8e68327500dbef871b35d52bca132ecfd32031e6393dc461624ab08d46351a3e54d964a34e04369217d778bd8aa5926b43c945a98cb513c749e35556c1c2d648ad6dfbb0ef4e1234b4229ecfdbcfeec4df163fa5aacf305d52272699b4a2ca827223da102082f0242685caa650fbdd452c2e25a706c5f7dc2efe502bdd80f795e82864e4034fdfc6be1e0ed571a6b6aefa486eeb8519389ea12d58e155e9d40e1ca1023936746138841e280788984dae00bfe9e98568643eb4e4c38990572625da05496147ab1a3bb5af49ce22f24d9854d697245c8c797272688ba91ef517c165f3670360f31af428e960c0abe47dc542986e93c28105eee09109f2c750c947c2257dd791b1eefab4aefd35e682fea6ee547a82d35f6947df3821d42b48332e4e07b2cd1e9f1da402cade1d7e51b7551191f62666e087bdd86d574d2fe48e1480af5aa14f1b8a0b1a8c4ba4bcda6ea15931ed38ab1f52d3d6b26f7f59ced549974b87a9e3b78e280e1c8c746dd98c64397b783dbd842f5b12c668d155e6490f3e1af31863772c859b8fb9706ef659ee97db1a3409cd837683679e76ef3749fe22784b9e3318e7cc2c23e851460a969c17b5ed5156e23e162f15a5a17679baa837adf54a0b082b640fed5bf7aaf2b783206f589a0ac8f02d3774f652d55e18f41a652e29322fbbeb6f3b5204b23f752a2ff7eec36f995a6583b86030f2e3f13a216dc2e3afbda1e18adeb8c50a95cae212845e71e2eb49c7c013c2bc9a6cc80cb22ed1411911f85050e83eca83d77d226587ff1741c0aef5678040c2ba0ad72ee35d384d83bd35f7be78de0545487aa21ec9d39877fe34e3ea19d07feb07e7fd0a8ba6ee149aa76d09abde3992879da969c832c0e7a718f072bfaad3aa8818e13e9d1ec642f41647328a83f377e8518cd984c380ce763e7668f1e67b32443f065b928c09831c01389921367a46ddfc2815621df66d637639f353bd9df3118d09c0f2c50dd44606649cfabcf59c53bfe7d75c54fb1002e5596360183977a188a0ab84535ceaea8eae4c464967f88c0c123d8851b3426acd5d18c71ca8ed874d91cb32312438d0d1de84acc0e9c93f92f1f90b56474c13fc55c64e67491c30bba4e75be5a61dfc26fe770ae1e4afe7051de34a522dcd92836ab9dc915dc09b99e316cc8b600b5bb5d7dfc741eca637d01ac651f0facf89ac1588c76ba6550f903cc79ca0654a65f9e891e84fb701e9aed652840e794d7de287a52a800a82c5b5ecb01c95505f054c1bbb51dc282462de297234c485a7cab1eeb48ad7b3d805fcd13b3325139c58815902b495a256a1e6983849cb3729d5f0d8ea08a08f481c2693739d0c00aefc8c845680c72a768075c684382f839104a2192b04cb11dbe563fd01ca75b8733d8881e91dd08730d08f207bc5b95d296d601216ebbd389f418b2f8a892784cb2a36fa81011963b384236546b883870776e601f4294d376284e8c99fee56625077780c422145113bd4b3dc1340f6f06e0d2a5e736d5cb743c7dc1f821173855c897ef3a60ce0449d35c5c9da0590faf966c139903ff833d09771f1888934a0b8706a37f3418d753c20f1a2c0260e8250932db9fc54a5e923caf5610423c6288b46cd3370e4f403e1ffe81b73b034d7110dfbb39cfc139633fc90c187aa824743dcc17067938f1cfc52a81b9b0fcc9c12d03b6c72d33380a93d9ff024df37dfd2d043f983c8423316e6c5905ca55df4a8c7edfe43005371b28e61b464a3ff7277a84bd5a3aef843f92c723c81c54b432eb2b4f072cf9803cb6fd7ebb307cf3d7a2ba5f9334d6604169c69a191a87f95e841642a4d3e9e0c74408ee4570cc558ce0edb82fbb01ee98b226bbf26f3ea666435d1db6c5b5bbcb2c4745f61679de0dbfdbb77a5bcd5554450da19a8d4c5b6ef2ae697bbc2b4ceccebc691fb0c2ac8caca4545e55028c17362896bfcdfd180b4b4c631855a8aa9a6f8c4d9fea6cc2b7f7792a4c3dd3954d129e8d8ab575093bb0eb1860f0242b59e7be3ffe8ff103f32c6e4da7adde9b9cd0317571277a451d1f0f14938d23ae52b8c8e70b73b7416020bb9cd54c28a356a5813f1753359855cb457e92403d2c4f8ccd276acf2f6bcf9f4e2a950202978d390b7d3e82828a63c2996005f7b62d049f6feae70a7d8e79cb00bb6a40871eea4b1080f347e3ff8126a039002d4dcae203c30dd3e9ea92d9174c6baab1469148dea07121d878f575c70270687c7c2facfee206d899bac5da4ecb6baf83ce38b8d42e4ef241bc5c64d3b0fd16362f57596d07f65a2cf5890e126246798d4266853f0500d497f93313eb1cc396e33878b465b2c2859524121f82dc10952cb6cc67d5ad4d819f4963b38aad5051220957c1cae496bea1fdcad1d39015793ef47dfea6445bd0478f909a5f4ff74197311b9513ff49fe047185cc23b27e58ac54876061c2f4f96c5bec5a92fc4b522f9abaeff5fb918143b5be4cb2ae8c7ce1807b4c4e1e74626e0c907caf4a87ea664b65c7564523e7e6b706b82fd9afe94ef985e23f11199bd3c44eab8d81c7e8ad7881b2b44a22cef6b5e11c9566487584507f394e5cd8c829b9252f47f7309bbfe861ca3ef9e6cb61cf907ffa745cbb5800abb27422aa232d5dfda1058dd2989913faefa652d97f7f4583ff2f335431ec9660b110071110d226541d2455071a636e19aa8e1d4a81a0fd7623f1934c7ea8d1d12aeb21a521c44b8a657ca082d64ae881e8af1b93640b6d47138f4217bc1e775d9ccf6c8f23fafd6ccd704d0bc1a47bd13cab1f540ca2e41c4d4ea3ae5c54235841cdaaaf07eb2c8cd11886dad40146eee6ecbf52ef563f13d3c3bd488935b4d7dd8e838647065cf16f27cb1f7ca10cda630a7e0d0453620fcceafcf225c8f1d845f8cbb64b623bc415b7447d2d1ced5c3eab261c8d5325247f571a67140140df2733f35176048f0bac6203f888b2b0a00c0665c7a7e79588b46d629c329e5775aac5ac38794dec2363096a8a546175054b225f09a490bbd7c8a1b0e8231fb7fe4600275621636ec6ba9f6843817fb78874842ddb0afb74ff6b59800fb860f4b6e84b0f3f12fa96734d2661fbb8eac88ed01ce1fa3eec8a25c930e84016a473916616ee1de51057d22ad48c685ddb75d0baa4c5b6bc29740b7f2fc6b699040b010031bbe3fc05d5f7f76a024a9184cce7bdf48030443c0d4c0fad291bf79acdaec4843a30f238c9e29e71240e6a828d7692b215323844d12ec50f4d344e711efb80a7565e5493f40c5f0cd23e8966d496fc3542b9babcf7f7e7d835ad1981944dbe01a01f88e93f7fc76ba26c86aecc20c522d584a52bb2cbbe5aee80da192e0cee1a8ad825a47802380ef55cf27e041ecbeff9941f2054a4533ca943c95de757445c3bfaed78ef57554a7999959b917ab29032f64ce7448b5c10e7ddd7d1eef0c6d15ce604c4109447629a2bbfa0c2bee5d221caa0d29b066db1831d43b9968af2f2b705279cea2b2b570370e93aaf6347b8f06d9d2a9446f16e38be54e44c36f0c1b5e698d27d912fc436d129f71da58f2d8c3d84f97c09e99aa680e36355f7c2df99b1f48fc662b8a0300f66e01cb65de0279e4c6f8fed71d098d02ce1d02a460f31492d25a19e9f120b1ee8ca524ba6900b52f148a0415b02ab2e92bcbf2654a6e45aa4e749c9106ea319ae60707b3a7d648f75b7fd033374b43b923b8699af48b91c8af22d21f3896a5b21d6f391076c278f2b97b434ed24f11b15f4565a17879634f64af46a6ba7a9d650a6ba26026a78c94e029d5ebe7fb18daad67ac8aeb5e1a8facbe2f0ed600960808871faf73c98f4cd9a4cd501ba0eccca07167d84920a9b188d05fe1fc84be77eb8ced1ad420c6ba5d364a2dcdc4f2680a128f5737f0f11c10bf14ee659b1ba3e0c6cb0bb1eacc0d20dd1e8eabfc3ef321ebe05f09e6c9f282b6cb9205b865f7bbbe22604a4d9d8ae8ea59f93a0f046a3ea7172cd4c0e0cae9431bac1fe38e6bba2b29acf1bc5ed62a13110ce55c89422e3cb627d52840758d74097ab5d5d3cb35f946d2ae4d72886b2234966398aaaa46c1f350f64be66c84f9a9b8467832ece2fb2294bc48af1615c10f22130c"}, @op={0x18, 0x117, 0x3, 0x1}, @op={0x18, 0x117, 0x3}, @iv={0x30, 0x117, 0x2, 0x1c, "f638a81fa8b529f5a4150f1fe42dc329144c357f4f47837a28a01b27"}, @iv={0x1018, 0x117, 0x2, 0x1000, "a60ec383c67073ffb743a96d4bd87a14bdbf0d389be8560057204cea945ac84d3f706f14ace25e25d7e2629cb6d31593ac91c05355610033de94ce9e4953ab9fd5675d4c2221beb85a6755bf905875d5fce37899c2d0d338217f4a184f2a2195b74eb839004cda3e812590d71c331ca7ab368da190246e528cbb9f17598b9c0e69721e981434dc93bbda99b3742db3318fabc9ddaf7d9a35c84f26ecfe03260e4f536e29b40895a8ff98018f0d4d13a2241ee40a00957673cb4a6dbb84d14dbf99648e18ab1226d2526f2fac6482d1c7c1d47b0009e4a08288d0da81702fab0042c5fa6732e8c891443a0bbc4b360ff15fcfdf6373110eff973b4f6383bb7534ae5baf333c8602ee59c31ffb9bf80b5d97e9c8e73b2f0b688b490c588f1df7b3ab63722ba7d4f8cdc2d0130565d8a99a9d5121cf5a1184d79f3b32c64bfc79d00e49f6cbbef8c127db6b28afc71e3f939bee410ab3cfaba91675f7017ebf674cd693ec8121e17f4702b1cc24bd1d7a3c35a41a59ab6825235f2bd718a77c14192c69ae792e7e3f43725376fd4da4b96ad25cdb28aba38c1384acf7aa73891c19cdab4ea9a47b894b20945d47c91c91d20a8e47901495679e8ec98b8346d9e0185b8a159fc923f6c1c069d555a5ddca88cf9ececcc0c33efa92333a18f07f2ff0ab503f352c3391923fe7a70495823b915dcc0728a3e8109db984b0993055b0c5c7339a145db9e3bc4c0ac3ba85b851d9cc5805f6f430d7f939402fa4f545b052d6cad5aae35ec4c7b03a5f221a9e400bbf86f03639cf187ea96a9245ffa70dc690d5f941770f3b797bb54b51ab79c0a3e55b7f751a067b3b4f7c875087ed6be5a15f71087b27cf63edc0e242daf9d4240ce4cb876978e1d7684e9c617f856ab9aca5b9c73c098dfc06c1c88decbd10c1aaecbd04da2fb11dd741f1bf51f9448ed12fa8fe49695be67ad96c8703e85f19fd4545107a77b4abcb6aacac71eab24920c3c747ddefd3e9c41ea0a8b662818c4fe92ca5c33775827c60802ee042eb34faed36e3009c56fad52be7ae46a4b1be9c742defb3c76959e265d3a507bb908ae4cbf6bc3139911036ba14bee743f8d5e3ab3e9baad42daf07bac5488cd378eb3d5a70b1081b022a6868ed9427c60c722651cbdf8f84e04d988bbcd051c59f83d0b9ee231f01605db9b527dd7c0e996c956f396c52850fd2b5cb19ce0d20ad6efe948ebcfc1df4d5ff6f772248934b03cf6947ad3886905aadfa187260d2ac7f887e0f735c6245a4a77b530239281f080ace7414d9c0e02d3838881389658d1e0aa1b77bfc9c568d8900f0b9de908cdf7d13395bcdf513725c71dbea476a3435ace9c666f1f9bfb65c978f6ac9eb27e7ee3b1d73af021232159b374824cb7cadf5fd635a24037ae8d5f35eced29aacbd90d515e1868dafdba6ccd65a3862be7e6aea1ed16a3c1389ee3fac9dc2998d9a192b5c0b5199d71fd9c23e5a98c85b5360f84b07bea095ee19dc0f6b25575b47890b2730744615955ea381de1356b7b8c26687f812211620343f8f51528d56fc4fd8e2910b2f9f19e2694f57332dd460a03084972635425cdc78869e875ef97ac7048a82edd4162e152f136d68f8e521cda5132a0bfd4e40950c1c3311a0dd6b0678b5494375e0ef0f3ac153a947eeafdd030fec24143a5ce3838a338c4a09727a8a16d28277d8a509115078a649762d3eef1cb5839d5801333eb3b5e31c8f4019787130dfd3d12704f9f90eef34a4d48ca702597c3dff19f3dd282306348c269ab2023e89d5215229c7b2afc716297eed39d35f4be27429b41354d942977bbbc3affb98491fe7dff39bec1d8874e3ad5ee07339fa24829c3e7a6af5bd1a54ab3d8d9e0f3f3422124f9a0af0ad118b5635bfee28cccb40eac14552c782c514542cf0553abf7b7af98508e4970ce2183ac8459513cb9d3fd6d4f628379a2b02b70bdecb2e6b53e54916a2c01272ff4937d537b5929ef0fe7f9602c33a34746a0c739984a3afec4ae6cb51dd6ef8b023ae25f49bd44aa3d299a436173d6242b4841f176f627233e7ef28fc5297543ab80807084713ef764cd7148133990bf24d4696859c553b13f705fb4bb01487909c17bf29ecce93257879a358fb32360f3dafa300bcdc195d6b37527cf1b289945397c7522effdae063aa521a80914053f6a6922795a1545e55d09a8ffd9c4377cc28a58a16ed9208d544768305b609af5bd1e97b53233c0d57983876c38fc03ac74aa8a1e8c212ba1cf805ad68dd8b5acf1c2b4ba175b57ca6e7b797a08a2941437e3e4ac2c076d305693831a5a631997d31662450e6aca3bc19981251c0fff67f63b056e58ace0042fe26260de669ce47d343fc682ad9b3855d2217e0d790ec2c2d72fa9197c4c60d7e255ba32ffb4fac73870886a704e9bdb403f48e4a6a36a254b4a3ae9598b48fc467ae9bd9f64eb5800c928b34e705a4620628ef9b91f0141beba9b0a85289538c12177ec1b565fca39075722f43741487b364aca57a25bf1ab2b2ece0f153ba4ebadcaf7dfd9207cd22de24b076b2856cbba29226dbb7803495afdc183eac5f880e4e45e1b8d3b8e6a017baf5c0632fda3d6f91f4ebad84e779ebd5d0613b264b756199c9c44d6062fdabdf7298330c46bfb85d2ff3b4d9bc55ffaaec5829a55bfb0b70e321a5fd072e3ae30bdf5eb2f904244f2d1b1447dc12d95e4b0b2f3ffb9403070fda54a1bcf04e6625bef11291983116baf7f5247d93322435f51a9e46a274df639ca540591dc73551133ebf92870af3af12148974b91c1b514444bf92ab2c2b29766deeae327fd119e97dfea56628c00dd940858ab8c1242924e6843b65ca622310fcfd87b46f4c5f959c6f1fdeef867771d81321972b49bdd3160eb9becba20ee82ea9de3222155e13d843e24a0d7403b8b69a0ed669f21427c38a9aeeef3b9e1928fd17ba3204172b36b25bd4bf63cd7155eb78108de54d1a38dcd33239a2c704285c27e835c8ee2ecc7278c76714225d17e528b42caaba52fcde5e613f499d83e95a6be3eaa0fe4aadfa40ebf9a7b45aeecda39144277514b5a2297c09db58dd76e6305866fc9a5862c777715893c849a29f4a5dd91178dfdbea183e000ea115c61250c834a7dab19c0256dd43ff08a5df247fa4df88ab2418a8f7c42cb124499045f0980a02c8f4015e58a4fced2b1ff5d19e05180aa01a2b7b25cb730f2adb2114c88720ebfedda943a75345a1f3103d2a6f8245071126a21b957b811f82c61d4c9a2a1ed34ea691ca11ad4c160c458b825d81e0b8ad13a39cab90e5e66b516d36a6a0629dda19cc2691c3dd8bcd8e2d43e8c16bdb56a17ec3c473538118336df87bed82bc29c12fc09037dfde1dedc3430fdad515b942e81b2d5577e411b564e50706d8dd216dd8699a01f3662555041eef1bbf03dfabaa36098f31da608713d46eba4c39e8d8448fe0990dfec606615e601c2d375dd57ead3dd90b215716aa049df63d4baaabeb22a9d19b300255ee8368507220000457f8fd614d2621aea2e752b987eb6709d711ac1c135acc39916c58c9f6550ef734fcf25cac0cc87fc1b2c1ed6b3dc8922dbd1456e22e0620009ea7faac56e1197cefe61c32a93e9850964737b7961a50e535a29f6e313296509205b7466f17926623763ed9758c7a3339b4dd53f9a12a124802d351f3c0acd7f8ee68c58bc2c09e078b5b26019cca8cb5f7580ecb70f3109ea1b4f9caf3f0468f8fa6363f903fd0e97e5bd9eec74b96a27532ef34299186ca663aca7b9dc74f73bb70f8ec04e5f77357893d917f4d521bd8221fd72e155d050ac8f2fe4cb6728be4fb9f9a5420b517c2193cd502ee63884795e51c652a48f775a4ed2d7f6ffbd2b8c9a0f79da68a4a83e91b39b3ebb05a6653f0706baefe98e3f60901800f7c457896e1fcff1cac018db6f76b374220c2c4bec690ad70bfac6e4af075556a1f0c109afee41ca47c45fb15648443cd325166dba287087e1bd2cd291b3b4e1dbcd03b27bf63bb32f8ddf9cf51937ac3dc402a0fb90e6418f0bfc8732b0495814bd13fcce7f413cda6371476e27ccfe1c09f800f54c4696b04455ad1fd1911d9f4fb373d5f1ff1130ea61a23d47b91113de1baae7a85e62109e296cb71e63352cef32455ea9c48cc2e315b4c2136cc0bfdf6131e0ed306d00b893635150b20ad913adc44fd7678add822795e4a0a31baaeee7867b8c85c83e1454ea1f85ac2c63172621cab9e5f4d45764cec89fee3e45402d891a6c164760f244c7750408eb70aa0752656cf1b16e4072714d16a8994e4eaffc5d0c9d543ac8c9b9ab4bd7298a180def2f524662c1efc85796c478bff6fbc024de6a99008c62616974566da31519ba1d8fca28b5f7618331b4f3ce9f1050e89c212276d9344a4fa0d291dcd0c2f350a2164c8069815e31c747ff38457330dbeaa0ab086408aba8df7a4e99ccf7f67992d6535dde55beb618d7b3bb262703c32efd37a6fd749b14689540712e1a34299001d91174d4480207041fd60678b83d1774f8cc75a153105ac3fe1e2a403eb5ed9a9d094a5d896e45c36b1d5ac628993ea0f6e69894b79d672283dfb784a3e95afa748072c6c60a0288fbfa65868a6a45251d430e518acb1176726c533571073d17eaaa65be967ae8908d08ee1d3e3c294fd84e5781cefd01a131d20fc1fc9e69f5f24ea8a5b6ea6d870b7acd521e815c30e5b4fae2394a172a7ecb687d12885a344834f1a53491032d1f9528a8bb7ee9149675189f75a0f3d1dd04c65377ea56abf11431995d15bf2796060edcef4f3d1b11239c644832e0cead55ea36344a8bd8f2754038686d0f27be8b7cf20e5433cb46eb3f8b729157dc8ca596e32ac63f2538eac67b54280971dcecaef22cd51530f82aa080d0cf34c74d67fab39cb50b86c635a6d922aa7e8290ec2a34384fbb29d133b98eb3268e276488bcaa89ac6f3090081782f669cabeeba4e385a04ec0f348e69110e032b110fc312744c8cfc8fee99a15e1673f8d24d3431c3296b2e81a5857bb2e5209cc394297d201caf27bf0b7631bd9b954d1b2445d8ceea97319e68bba8cbcfa9109f33327edd488405c0626ea8952470802a708ad00b8aaaba2c64a9f95f3e9fc0607260b15c2a01de4461647d35911f6fe0a8a6653050374375349455f0a6306c0fb0ebf9016eace7e9f5183f57c2c9fc9b5475d4ce6066918e661f2f1b299d1e15585619086ac1bd3fde3fce2a11eb4465b9b2bb5e7dbc6e7519c022f00caf4faab5eadafa242cefb61b151bbfec29817240f92eb3b8f8765a68f3a4e42820214cd2c5de410bddb161e87bf897844dc0e31e28aafc06db8a9a6d78d7ca2a76eff1b2019cf17bf3040aa04cdbad912e746d0f6f2b9df81d044b1bb6f4b68f1c2037b430d835af8844d851392a5349c97cd2756ad6dfa9af99362d74ff7d377107765820be220d7f47d8e670e8152b70d2a05fd98be684edd656959253c041d588e85035bd281bfd7c38d70b05e3c6ec28c93001418440ec96dbc947dd9925623982fec8a384fa36d6a29a1e1eb05e4c09dcc75cc01bea8370f54444c663ec633ca3870bfda6f6e609d611b639836439cfef0eabe0a5c0595306a72fc9c584202961360618f2dc23272d875cd9b7c267a2c80b15d8a9ef18fea1c954db5f421a366b479e9d91f761b50581bdf72b6bf8129d348995ff264f1965cf9c73b0c099ca88ad7797dda86acddd2919df8c0dab0d0cc07cf0bebfcd46138c4a54e8ba857ae9448e1b646848d6"}, @assoc={0x18, 0x117, 0x4, 0xffffffffffff8000}, @op={0x18, 0x117, 0x3}], 0x2198, 0x8000}], 0x9, 0x44010)

2018/05/15 13:07:35 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0045878, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:07:35 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x15, &(0x7f0000000040), 0x4)

2018/05/15 13:07:35 executing program 4:
bpf$MAP_CREATE(0xd402, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:35 executing program 0:
r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000500)='/dev/urandom\x00', 0x200, 0x0)
finit_module(r0, &(0x7f0000000540)='nat\x00', 0x1)
r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x80000, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r1, 0xc1205531, &(0x7f0000000280)={0xfffffffffffffffa, 0xffffffffffffffaf, 0x5, 0xa8, [], [], [], 0x0, 0x85e, 0x713, 0x4, "c23479e08eabccf10c3eaf742002cac6"})
getsockopt$EBT_SO_GET_ENTRIES(r1, 0x0, 0x81, &(0x7f0000000440)={'nat\x00', 0x0, 0x4, 0x34, [], 0x2, &(0x7f00000003c0)=[{}, {}], &(0x7f0000000400)=""/52}, &(0x7f00000004c0)=0x78)
socket$kcm(0x29, 0x5, 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r1, 0xc0a85320, &(0x7f00000001c0)={{0x7, 0x9}, 'port1\x00', 0x23, 0x10000, 0x2, 0x2, 0x9, 0x7, 0x1, 0x0, 0x2, 0x7793})
clone(0xa017ffd, &(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000180), &(0x7f0000000080)="04782e737d5ec8d6978e1c2bd53f5e43e9ee5a6feb3c0f463a099fef44d363edd9ebd46c8eac2d58168751b0126e7f0b167822259a4250bf080ba69e9eb56b25655be5f301d1089b36682a1f995bc2dd4d80e82f7752b305174655d602f3b908ac9e293fb58ae11c6dfdf888ef1c24b1d820c8890e6bf44e9200c0e48ef8a59dc6859b04fe843a69d6159917e0e69d4b0aeb3c5d55c3f79b7715ebae836129a70a40123bf7bae27241d45cdfa33e64535a4ca703")
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r1, &(0x7f0000000140)={0x4})

2018/05/15 13:07:36 executing program 3:
futex(&(0x7f0000000000)=0x1, 0x800000000006, 0x80000000000, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000100)='/dev/snd/midiC#D#\x00', 0xffff, 0x2400)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04)
r1 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r2=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r2+30000000}}, &(0x7f0000040000))
tkill(r1, 0x34)

2018/05/15 13:07:36 executing program 5:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_inet_SIOCGIFADDR(r1, 0x8915, &(0x7f0000000040)={'nr0\x00', {0x2, 0x4e24, @local={0xac, 0x14, 0x14, 0xaa}}})
listxattr(&(0x7f0000000000)='./file0\x00', &(0x7f00000001c0)=""/184, 0xb8)
setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000340)=[{0x0, 0x7}], 0x1)
ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r0, 0x80045530, &(0x7f0000000380)=""/185)
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
read(r0, &(0x7f00000000c0)=""/250, 0x142297bb)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
getsockopt$bt_BT_VOICE(r0, 0x112, 0xb, &(0x7f0000000280), &(0x7f00000002c0)=0x2)
ioctl$KDMKTONE(r1, 0x4b30, 0x7)

2018/05/15 13:07:36 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
vmsplice(r1, &(0x7f0000000280)=[{&(0x7f0000000180)='r', 0x1}], 0x1, 0x0)

2018/05/15 13:07:36 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000012000004000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:36 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0x2, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:07:36 executing program 4:
bpf$MAP_CREATE(0x4000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:36 executing program 0:
r0 = syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x5, 0x20000)
fcntl$addseals(r0, 0x409, 0x7)
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))

2018/05/15 13:07:36 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0xb, &(0x7f0000000040), 0x4)

2018/05/15 13:07:36 executing program 4:
bpf$MAP_CREATE(0xf6, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:36 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306254, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:07:36 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000007000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:36 executing program 0:
r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x400100, 0x0)
ioctl$DRM_IOCTL_FREE_BUFS(r0, 0x4010641a, &(0x7f0000000080)={0x5, &(0x7f0000000040)=[0x8, 0x9, 0x68, 0x3c, 0xffffffff80000000]})
ioctl$DRM_IOCTL_DROP_MASTER(r0, 0x641f)
r1 = semget$private(0x0, 0x0, 0x48)
semctl$GETNCNT(r1, 0x4, 0xe, &(0x7f00000000c0)=""/129)
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))

2018/05/15 13:07:36 executing program 4:
bpf$MAP_CREATE(0x8402, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:36 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000011000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

[  313.418116] binder: 19501:19502 ioctl c0306254 20000200 returned -22
2018/05/15 13:07:36 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x29, &(0x7f0000000040), 0x4)

2018/05/15 13:07:36 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0x40046205, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:07:37 executing program 3:
r0 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r0, &(0x7f0000003000)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff, 0xbb}}, 0x1, 0x15}}, 0x2e)
ioctl(r0, 0x40047452, &(0x7f0000000100))
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r1 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x35, 0x3}, &(0x7f0000000000))
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r2=>0x0})
r3 = syz_open_dev$mice(&(0x7f0000000200)='/dev/input/mice\x00', 0x0, 0x4002)
ioctl$TIOCNXCL(r3, 0x540d)
r4 = syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0xfffffffffffffffe, 0x82000)
ioctl$LOOP_GET_STATUS(r4, 0x4c03, &(0x7f0000000140))
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r2+30000000}}, &(0x7f0000040000))
tkill(r1, 0x1000000000016)

2018/05/15 13:07:37 executing program 5:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
read(r0, &(0x7f00000000c0)=""/250, 0x142297bb)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
timer_create(0x7, &(0x7f0000000000)={0x0, 0x6, 0x1, @tid=0xffffffffffffffff}, &(0x7f0000000040)=<r2=>0x0)
clock_gettime(0x0, &(0x7f00000001c0)={<r3=>0x0, <r4=>0x0})
setsockopt$inet_dccp_int(r0, 0x21, 0x7, &(0x7f0000000280)=0x7, 0x4)
timer_settime(r2, 0x1, &(0x7f0000000200)={{0x77359400}, {r3, r4+30000000}}, &(0x7f0000000240))

2018/05/15 13:07:37 executing program 7:
pipe(&(0x7f0000000100)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r0, 0xc04c5349, &(0x7f0000000140)={0x8, 0xd4a5, 0x2a83})
pipe2(&(0x7f0000000040)={<r1=>0xffffffffffffffff}, 0x80000)
fsetxattr(r1, &(0x7f0000000080)=@known='com.apple.system.Security\x00', &(0x7f00000000c0)='\x00', 0x1, 0x1)
clone(0x4000, &(0x7f0000000480), &(0x7f0000000000), &(0x7f00000005c0), &(0x7f0000000600))

2018/05/15 13:07:37 executing program 4:
bpf$MAP_CREATE(0x330, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:37 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0x5421, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:07:37 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000003000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:37 executing program 0:
r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x6, 0x301000)
r1 = fcntl$getown(r0, 0x9)
syz_open_dev$adsp(&(0x7f00000004c0)='/dev/adsp#\x00', 0x7, 0x4100)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0xffffffff, 0x7, 0x7ff, 0x3, "126a3f0590121096ac661414f66fdf0ce9d65762f4dac9dd1fe09af0f7c9575b8eca483fa7966dcfc1bc86d3", 0xfffffffffffffffb}, 0x0, 0x0, 0x0, r1, 0x400, 0x7, "7dfcc1252f09d6d47c474f54259506f2a5e4c3bd0c7778875730eaeeb20aac19c93cbc860d7f7e34e6d7e51777d821c4fe770725b56838855d3ef2905b597b61", &(0x7f0000000100)='/dev/usbmon#\x00', 0xd, [], [0x5bc, 0x2000000000000000, 0x4, 0x6]})
recvmsg$kcm(r0, &(0x7f0000000480)={&(0x7f0000000280)=@un=@abs, 0x80, &(0x7f0000000340)=[{&(0x7f0000000300)=""/39, 0x27}], 0x1, &(0x7f0000000380)=""/215, 0xd7, 0x5}, 0x42)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={r0, 0x28, &(0x7f0000000040)}, 0x10)
clone(0x4000, &(0x7f0000000480), &(0x7f00000000c0), &(0x7f00000005c0), &(0x7f0000000600))

2018/05/15 13:07:37 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x34, &(0x7f0000000040), 0x4)

2018/05/15 13:07:37 executing program 4:
bpf$MAP_CREATE(0x8, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:37 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0x40046207, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:07:37 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000030004000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:37 executing program 4:
bpf$MAP_CREATE(0xd6, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:37 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x2e, &(0x7f0000000040), 0x4)

2018/05/15 13:07:37 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000015000004000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:37 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0x40046208, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:07:37 executing program 7:
bpf$MAP_CREATE(0xfc00000000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:39 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
syz_open_dev$mouse(&(0x7f0000000240)='/dev/input/mouse#\x00', 0x9, 0x8000)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = gettid()
r1 = syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x100, 0x80802)
ioctl$EVIOCSMASK(r1, 0x40104593, &(0x7f0000000200)={0xe, 0xffffffe9, &(0x7f0000000100)="a55177c75d222f3d3db205a5702db9d28f1b4494cf2ad06d9db053181b72fee826d4e6a6b5702d1943d87d4b7f2ea00f406b798463c72c3c5d0f791a8e5adf8878ef4494e9150d0bfb3218cae2f271ec17da0997133dd3fc9597a41916cd8bff56ef36e34d3e5075d4fa0fdc692265fd667493b81fc2c005d8a3272de854f93058f8a119a352bb5493159b5847dcdb8b99d8eecc238dceae5d7dd15309f5d8b168cfad2d870036e2486c596b6ce790bccc9ae9f0cf853e47fc92c78ed695d5208630c45fdb547a0d55a13f65616c"})
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r2=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r2+30000000}}, &(0x7f0000040000))
tkill(r0, 0x1000000000016)

2018/05/15 13:07:39 executing program 4:
bpf$MAP_CREATE(0xc001000000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:39 executing program 0:
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000000)={{{@in, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r0=>0x0}}, {{@in6}, 0x0, @in=@broadcast}}, &(0x7f0000000100)=0xe8)
r1 = syz_open_dev$midi(&(0x7f0000000140)='/dev/midi#\x00', 0x8, 0x0)
getsockopt$IPT_SO_GET_REVISION_MATCH(r1, 0x0, 0x42, &(0x7f0000000180)={'HL\x00'}, &(0x7f00000001c0)=0x1e)
ioprio_get$uid(0x3, r0)
eventfd(0x101)
r2 = syz_open_dev$sndpcmc(&(0x7f0000000200)='/dev/snd/pcmC#D#c\x00', 0x66, 0x0)
setsockopt$inet6_MRT6_ADD_MFC_PROXY(r2, 0x29, 0xd2, &(0x7f0000000240)={{0xa, 0x4e21, 0x4, @remote={0xfe, 0x80, [], 0xbb}, 0x20}, {0xa, 0x4e21, 0x80, @mcast2={0xff, 0x2, [], 0x1}, 0x9}, 0x9, [0x9, 0x10000, 0x40, 0x6, 0xf90a, 0x2, 0x0, 0x401]}, 0x5c)

2018/05/15 13:07:39 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc018620b, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:07:39 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000016000004000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:39 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0)="20c4a95c7fa42223906b05ed47d5b63aeeed574de0b607ea8f594680bf8d06c167e1adab67b3eed13284e640b4e666d7efe90d8be56da6db7ded74350dc1075627409fa239a59992f412b8ebd3cc181fe58f57ab024595870416c4863d0860b8796887fbe8e7510b0201e0bf2e488c94d1e0ecc494ad7ce18d0d2ee2a563fdd985351cce208886beb59b38d5d307ae18891dce1240c39e076d3329cc6f5c03602351a7b69fb4569052f667199a9a21f12624b7b2b78e887cf3e3ef5fcac9d3b88577570bbd1957f479df755f6541401d778b", 0x3b5385d7)
read(r0, &(0x7f00000000c0)=""/250, 0x142297bb)
fcntl$setpipe(r0, 0x407, 0x9476fe0)

2018/05/15 13:07:39 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x35, &(0x7f0000000040), 0x4)

2018/05/15 13:07:39 executing program 5:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
read(r0, &(0x7f00000000c0)=""/250, 0x142297bb)
fgetxattr(r1, &(0x7f0000000000)=@random={'trusted.', '}wlan0wlan1\x00'}, &(0x7f0000000c00)=""/109, 0x6d)
write$binfmt_elf32(r0, &(0x7f00000001c0)={{0x7f, 0x45, 0x4c, 0x46, 0x1, 0xac5, 0x8, 0x8, 0x100000001, 0x3, 0x3, 0x0, 0x2a5, 0x38, 0xc1, 0x9b1, 0x7ff, 0x20, 0x2, 0x4, 0x8, 0x6}, [{0x0, 0x4, 0x5b, 0x0, 0x9, 0x8, 0x2, 0x4}], "27e0d5cfbd03e1b687e6baea58f8e843a1721ccc8df619b7363d51084283ed3b8d284aa12dd1a6102dddf23c3af7682b27b4100921207eb3805b4b763d7e389b7100b22c59875ba518cdee30d64f469285e855188c9a14c62ab580444a93a71a45d095c691db7f7f79faa7deee7b91e0bdcecf610f30cea7e15cae6bc25199c90584dd68e98bd437d4707bf8ad52ccd2b1602bc15c29418782367ea6e20399cb073e164e46ee4296774a127de06a3762280627e8", [[], [], [], [], [], [], [], [], []]}, 0xa0c)
fcntl$setpipe(r0, 0x407, 0x9476fe0)

2018/05/15 13:07:39 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306225, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:07:39 executing program 4:
bpf$MAP_CREATE(0x70910300, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:39 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000140004000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:39 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x22, &(0x7f0000000040), 0x4)

2018/05/15 13:07:39 executing program 4:
bpf$MAP_CREATE(0x8603, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

[  315.768198] binder: 19607:19614 ioctl c0306225 20000200 returned -22
2018/05/15 13:07:39 executing program 0:
socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
setsockopt$IP_VS_SO_SET_TIMEOUT(r0, 0x0, 0x48a, &(0x7f0000000040)={0x4, 0x20, 0x6}, 0xc)
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000000))

2018/05/15 13:07:39 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000110004000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:39 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306263, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

[  315.913203] binder: 19629:19633 ioctl c0306263 20000200 returned -22
2018/05/15 13:07:40 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)=<r1=>0x0)
r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x80000, 0x0)
setsockopt$inet6_MRT6_DEL_MFC(r2, 0x29, 0xcd, &(0x7f0000000100)={{0xa, 0x4e23, 0xff, @mcast1={0xff, 0x1, [], 0x1}, 0x3ff}, {0xa, 0x4e22, 0x5, @ipv4={[], [0xff, 0xff], @rand_addr=0x2}, 0x4}, 0x1ff, [0x1, 0xec, 0x100000000, 0xff, 0x7ff, 0x75e4, 0x345f, 0xfffffffffffffff7]}, 0x5c)
clock_gettime(0x0, &(0x7f00000000c0))
timer_settime(r1, 0x1, &(0x7f0000000240)={{0x77359400}, {0x77359400}}, &(0x7f0000000280))
tkill(r0, 0x1000000000016)

2018/05/15 13:07:40 executing program 4:
bpf$MAP_CREATE(0x38c, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:40 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000160004000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:40 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x21, &(0x7f0000000040), 0x4)

2018/05/15 13:07:40 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306209, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:07:40 executing program 0:
r0 = syz_open_dev$vcsa(&(0x7f0000000100)='/dev/vcsa#\x00', 0xb69, 0x2081)
write$binfmt_aout(r0, &(0x7f0000000180)={{0x108, 0x10000, 0x400, 0x16c, 0x16a, 0x3, 0x1f0, 0x2}, "eae6716ffa5709c48194cfcdd0d0cf2b5bf0d3a51d21d4ed0751ab3338814c99187eb637c2c7630818c4e3f57c60522b50d0c6b77efab7bc567d0b248ecacc46e4effa38aa27f3000037aa80e516cb333e58", [[], [], []]}, 0x372)
ppoll(&(0x7f0000000680)=[{r0}], 0x1, &(0x7f00000006c0), &(0x7f0000000700), 0x8)
write$eventfd(r0, &(0x7f0000000140), 0x8)
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))
r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x1, 0x0)
accept4$inet6(r1, 0x0, &(0x7f00000000c0), 0x800)
ioctl$ASHMEM_GET_PIN_STATUS(r0, 0x7709, 0x0)
getsockopt$inet6_tcp_int(r1, 0x6, 0x8, &(0x7f0000000040), &(0x7f0000000080)=0x4)

2018/05/15 13:07:40 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0)="20c4a95c7fa42223906b05ed47d5b63aeeed574de0b607ea8f594680bf8d06c167e1adab67b3eed13284e640b4e666d7efe90d8be56da6db7ded74350dc1075627409fa239a59992f412b8ebd3cc181fe58f57ab024595870416c4863d0860b8796887fbe8e7510b0201e0bf2e488c94d1e0ecc494ad7ce18d0d2ee2a563fdd985351cce208886beb59b38d5d307ae18891dce1240c39e076d3329cc6f5c03602351a7b69fb4569052f667199a9a21f12624b7b2b78e887cf3e3ef5fcac9d3b88577570bbd1957f479df755f6541401d778b", 0x3b5385d7)
read(r0, &(0x7f00000000c0)=""/250, 0x142297bb)
fcntl$setpipe(r0, 0x407, 0x9476fe0)

2018/05/15 13:07:40 executing program 5:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
io_setup(0x6, &(0x7f0000000000)=<r2=>0x0)
io_cancel(r2, &(0x7f0000000040)={0x0, 0x0, 0x0, 0xe, 0x64, r0, &(0x7f00000001c0)="d7f763f562b5360f6ae029996286e8477811146a6d961f7d7346446cceba48bfea157eca2ef2061ff959ddfb2a065dbe372ea81a3fc49e2a37664b74be026c70fca120352e4f597409892f1e380090d3ea9b11b2ad2ad69d294ac49b01d262d028ae464810dc4f12f6581a9a7e55f27e8e3e0f616763cecd3a938dd05aebd84b426f74c40dcf14c42c", 0x89, 0x0, 0x0, 0x0, r0}, &(0x7f0000000280))
read(r0, &(0x7f00000000c0)=""/250, 0xffffffffffffff8f)
fcntl$setpipe(r0, 0x407, 0x9476fe0)

2018/05/15 13:07:40 executing program 4:
bpf$MAP_CREATE(0x9401000000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

[  317.003745] binder: 19649:19654 ioctl c0306209 20000200 returned -22
2018/05/15 13:07:40 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c460000000000000000000000001f000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:40 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc020660b, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:07:40 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000004000004000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:40 executing program 4:
bpf$MAP_CREATE(0xec10200, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:40 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x23, &(0x7f0000000040), 0x4)

2018/05/15 13:07:40 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0045877, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:07:40 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000011000004000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:41 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x40012}, &(0x7f0000044000))
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r1=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r1+30000000}}, &(0x7f0000040000))
r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x200000, 0x0)
timerfd_gettime(r2, &(0x7f0000000100))
tkill(r0, 0x1000000000016)

2018/05/15 13:07:41 executing program 4:
bpf$MAP_CREATE(0x321cc, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:41 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0x5450, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:07:41 executing program 0:
r0 = socket(0x40000000015, 0x805, 0x0)
getsockopt$sock_int(r0, 0x1, 0x38, &(0x7f0000000440), &(0x7f0000000480)=0x4)
syz_open_dev$evdev(&(0x7f0000000100)='/dev/input/event#\x00', 0x5, 0x2000)
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cuse\x00', 0x141842, 0x0)
setsockopt$inet_opts(r1, 0x0, 0x4, &(0x7f0000000040)="ff665c3d5fc7cd11715fc95b202b7b577b5c9d94442ddc26977d86f408fab5f8e42da72b25b11741b85261414c3e880df685c7d86df81e6d566ff453e97ee80dea7773b3f06acc2018b3705dd2b7f410489969434f5b80429e9fcd97825922d0866733bec1a2b7fcf08148b175de83279a1bb16e3f070a11c76a258c77eba680103614b1257b46660846198186a08a51956bf8f1288cf930b2fa46590935e9531219fbc51f35ff61f85f7d8bdbe03fb14add67fdaa559f04102d01d6deba", 0xbe)

2018/05/15 13:07:41 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x28, &(0x7f0000000040), 0x4)

2018/05/15 13:07:41 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000014000004000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:41 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0)="20c4a95c7fa42223906b05ed47d5b63aeeed574de0b607ea8f594680bf8d06c167e1adab67b3eed13284e640b4e666d7efe90d8be56da6db7ded74350dc1075627409fa239a59992f412b8ebd3cc181fe58f57ab024595870416c4863d0860b8796887fbe8e7510b0201e0bf2e488c94d1e0ecc494ad7ce18d0d2ee2a563fdd985351cce208886beb59b38d5d307ae18891dce1240c39e076d3329cc6f5c03602351a7b69fb4569052f667199a9a21f12624b7b2b78e887cf3e3ef5fcac9d3b88577570bbd1957f479df755f6541401d778b", 0x3b5385d7)
read(r0, &(0x7f00000000c0)=""/250, 0x142297bb)
fcntl$setpipe(r0, 0x407, 0x9476fe0)

2018/05/15 13:07:41 executing program 5:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000040)={r1, 0x6, 0x1, 0x79ff, &(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0], 0x4}, 0x20)
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
read(r0, &(0x7f00000000c0)=""/250, 0x142297bb)
fcntl$setpipe(r0, 0x407, 0x9476fe0)

2018/05/15 13:07:41 executing program 4:
bpf$MAP_CREATE(0x1000000000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:41 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000050004000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:41 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0x5460, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:07:41 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x3c, &(0x7f0000000040), 0x4)

2018/05/15 13:07:41 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000002000004000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:41 executing program 0:
clone(0x4000, &(0x7f00000000c0)="c4256da15688a76add398bc94cbbd7e1f1741535dbb2f1071cb349070cc73364339e606fd253e888c8b809cf18c58649a5b9797dc397ac39eefd7645f83172f5faf7dedc9c610c8eea3eada2847ea946540ff487b528647a1fa70d7b6da391e312394bcee61f5eaa9fd89f4c4012ac378e89acd5bf4bf9aaae746c12", &(0x7f0000000040), &(0x7f00000005c0), &(0x7f0000000080))
r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x40000)
ioctl$RNDADDENTROPY(r0, 0x40085203, &(0x7f0000000140)=ANY=[@ANYBLOB="01000059ada9c37331542b9b92ffaa0065000000092b58c68607450abf54145498cd8c1eea611c30d633c2e7cfc3f109af732900c1aaf998c40e5a7d4545ec54d64e1cf9918a23fa19500b72f6fe6ebec81c2a04a2f5d853c57f056661f436a97e497e3ed6c5945af4f7"])
ioctl$sock_inet6_tcp_SIOCINQ(r0, 0x541b, &(0x7f0000000080))
syz_open_dev$sndmidi(&(0x7f00000001c0)='/dev/snd/midiC#D#\x00', 0x10000, 0x80000)

2018/05/15 13:07:42 executing program 4:
bpf$MAP_CREATE(0x7e020000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:42 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0x4020940d, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:07:43 executing program 3:
syz_extract_tcp_res$synack(&(0x7f0000000000), 0x1, 0x0)
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r1=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r1+30000000}}, &(0x7f0000040000))
tkill(r0, 0x1000000000016)

2018/05/15 13:07:43 executing program 4:
bpf$MAP_CREATE(0x28060300, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:43 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000003000004000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:43 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0189436, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:07:43 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x25, &(0x7f0000000040), 0x4)

2018/05/15 13:07:43 executing program 0:
r0 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x6ca, 0x0)
r1 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000100)={0x73, 0x79, 0x7a, 0x1}, 0x0, 0x0, 0xfffffffffffffff9)
r2 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a, 0x2}, 0x0, 0x0, 0x0)
keyctl$unlink(0x9, r1, r2)
setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000080)={0x3, &(0x7f0000000040)=[{0xffffffff, 0x2, 0x7dd, 0x3}, {0x100000001, 0xff, 0x2, 0x4}, {0x9d, 0x3f, 0x100, 0x8000}]}, 0x10)

2018/05/15 13:07:43 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0)="20c4a95c7fa42223906b05ed47d5b63aeeed574de0b607ea8f594680bf8d06c167e1adab67b3eed13284e640b4e666d7efe90d8be56da6db7ded74350dc1075627409fa239a59992f412b8ebd3cc181fe58f57ab024595870416c4863d0860b8796887fbe8e7510b0201e0bf2e488c94d1e0ecc494ad7ce18d0d2ee2a563fdd985351cce208886beb59b38d5d307ae18891dce1240c39e076d3329cc6f5c03602351a7b69fb4569052f667199a9a21f12624b7b2b78e887cf3e3ef5fcac9d3b88577570bbd1957f479df755f6541401d778b", 0x3b5385d7)
fcntl$setpipe(r0, 0x407, 0x9476fe0)

2018/05/15 13:07:43 executing program 5:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
read(r0, &(0x7f00000000c0)=""/250, 0x142297bb)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2f, &(0x7f00000001c0)={0x709, {{0xa, 0x4e24, 0x9, @mcast2={0xff, 0x2, [], 0x1}, 0xfffffffffffffffe}}, {{0xa, 0x4e22, 0x1, @mcast2={0xff, 0x2, [], 0x1}, 0xb73f}}}, 0x108)
syz_open_dev$sndseq(&(0x7f0000000000)='/dev/snd/seq\x00', 0x0, 0x10000)

2018/05/15 13:07:43 executing program 4:
bpf$MAP_CREATE(0xf6000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:43 executing program 0:
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))
openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)

2018/05/15 13:07:43 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000014000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:43 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306211, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:07:43 executing program 4:
bpf$MAP_CREATE(0xf600, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:43 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x33, &(0x7f0000000040), 0x4)

2018/05/15 13:07:43 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000005000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

[  319.876569] binder: 19789:19792 ioctl c0306211 20000200 returned -22
2018/05/15 13:07:43 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x53, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

[  319.978406] binder: 19807:19808 got reply transaction with no transaction stack
[  319.986019] binder: 19807:19808 transaction failed 29201/-71, size 0-0 line 2763
2018/05/15 13:07:44 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_GET_EMULATED_CPUID(r1, 0xc008ae09, &(0x7f0000000100)=""/85)
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r2=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r2+30000000}}, &(0x7f0000040000))
tkill(r0, 0x1000000000016)

2018/05/15 13:07:44 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x407, 0x9476fe0)

2018/05/15 13:07:44 executing program 5:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$TUNSETGROUP(r0, 0x400454ce, 0x0)
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
read(r0, &(0x7f00000000c0)=""/250, 0x142297bb)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000700)='/proc/self/net/pfkey\x00', 0x800, 0x0)
setsockopt$inet6_tcp_TLS_RX(r2, 0x6, 0x2, &(0x7f0000000740)={0x303, 0x33}, 0x4)

2018/05/15 13:07:44 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000012000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:44 executing program 4:
bpf$MAP_CREATE(0x2f2, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:44 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x54, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:07:44 executing program 0:
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))
r0 = semget$private(0x0, 0x3, 0x402)
semctl$SETVAL(r0, 0x4, 0x10, &(0x7f0000000000)=0x800)

2018/05/15 13:07:44 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000040), 0x4)

2018/05/15 13:07:44 executing program 4:
bpf$MAP_CREATE(0x4000000000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

[  320.776419] binder: 19824:19835 got reply transaction with no transaction stack
[  320.784023] binder: 19824:19835 transaction failed 29201/-71, size 0-0 line 2763
2018/05/15 13:07:44 executing program 7:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x9476fe0)

2018/05/15 13:07:44 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000120004000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:44 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x7a00000000000000, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:07:44 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff})
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x9476fe0)

2018/05/15 13:07:44 executing program 0:
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x600, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(r0, 0xc02c5341, &(0x7f0000000040))

2018/05/15 13:07:44 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c46000000000000000000001f0004000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:44 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x14, &(0x7f0000000040), 0x4)

2018/05/15 13:07:45 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)=<r1=>0x0)
clock_gettime(0x0, &(0x7f00000000c0))
timer_settime(r1, 0x1, &(0x7f0000000080)={{0x0, 0x989680}, {0x0, 0x989680}}, &(0x7f00000001c0))
tkill(r0, 0x1000000000016)
r2 = syz_open_dev$sndpcmp(&(0x7f0000000280)='/dev/snd/pcmC#D#p\x00', 0x7, 0x80002)
clock_gettime(0x0, &(0x7f0000000000)={<r3=>0x0, <r4=>0x0})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r2, 0x402c5342, &(0x7f0000000200)={0xdc, 0x5, 0x0, {r3, r4+10000000}, 0x8001, 0xfffffffffffffffe})
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffff9c, 0x84, 0x7c, &(0x7f00000002c0)={<r5=>0x0, 0xfffffffffffffffd, 0x80000000}, &(0x7f0000000300)=0x8)
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r2, 0x84, 0x1a, &(0x7f0000000340)={r5, 0xed, "7cd70f2133c319011f0e7be6da51cdcba660da0967cb8aa37b631203f96582528be77c44613a133fed22334109849aa987af258681525d3b22ab695661accf88c3d924a164216c7a1b59e1a01a93176f80d64bf12f749af41af7ef5c5a9c2bbb0a6858a33ec952dce76e7dc9da2d5f56a42bef0a0087f2648f7f922a2668d76499d6e60b3ce0eec51be8ccb94be16ee5cc56f26295657016f473430d18d3fb4c360388ffffe814c14a108d91c6507c2eba68610fb8abacd0c9de622164f5b76e790310f918ed1cc2163656a6cb06cef1f22b8fb2c669dd6911805dd58f56d3bfdad2c7a438647fdcf1d3d76a42"}, &(0x7f0000000440)=0xf5)
futex(&(0x7f0000000100)=0x2, 0x0, 0x2, &(0x7f0000000140), &(0x7f0000000180)=0x2, 0x2)

2018/05/15 13:07:45 executing program 4:
bpf$MAP_CREATE(0x2403000000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:45 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0xffffff7f, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:07:45 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x407, 0x0)

2018/05/15 13:07:45 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000015000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:45 executing program 0:
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f00000000c0)="e4253765a2265608c6b852e3f8d144298a5602f73ec530f338586d37e929bfc382f125072f25b8bc93b018ee43e968db1535b52825cebac0f3b533bc2c68e9d8c526151db871f2938db10ac41c97fd3347ad4f2c90155441ba5efcd68359e566dc9ecc955b29e20d5c64e10d08f57a3e4396ee8d3bb15ab7883935207850d82676a1a8dcf1ca0c3076d00335547c4e74bbbcf9d574f8c09718a5a260befa037d5023013d2b052857508c82000000000000000000")

2018/05/15 13:07:45 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x12, &(0x7f0000000040), 0x4)

2018/05/15 13:07:45 executing program 5:
pipe(&(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
fcntl$setpipe(r0, 0x407, 0x9476fe0)

2018/05/15 13:07:45 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x48000000, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:07:45 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x407, 0x0)

2018/05/15 13:07:45 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000016000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:45 executing program 4:
bpf$MAP_CREATE(0x8003000000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:45 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x407, 0x0)

2018/05/15 13:07:45 executing program 0:
r0 = shmget(0x3, 0x2000, 0x440, &(0x7f0000ffc000/0x2000)=nil)
shmat(r0, &(0x7f0000ffa000/0x4000)=nil, 0x3000)
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x484800, 0x0)
getsockopt$netrom_NETROM_IDLE(r1, 0x103, 0x7, &(0x7f0000000040)=0xfffffffffffffffc, &(0x7f0000000080)=0x4)

2018/05/15 13:07:45 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000150004000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:45 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x2, &(0x7f0000000040), 0x4)

2018/05/15 13:07:46 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)=<r1=>0x0)
timer_gettime(r1, &(0x7f0000000000))
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r2=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r2+30000000}}, &(0x7f0000040000))
tkill(r0, 0x1000000000016)

2018/05/15 13:07:46 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x600000000000000, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:07:46 executing program 4:
bpf$MAP_CREATE(0x1800000000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:46 executing program 7:
bpf$MAP_CREATE(0x4000000000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:46 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000110004000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:46 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0xa, &(0x7f0000000040), 0x4)

2018/05/15 13:07:46 executing program 0:
r0 = request_key(&(0x7f0000000000)='rxrpc_s\x00', &(0x7f0000000040)={0x73, 0x79, 0x7a, 0x2}, &(0x7f0000000080)='GPLeth0bdev+\x00', 0xfffffffffffffff8)
r1 = request_key(&(0x7f0000000140)='pkcs7_test\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a, 0x0}, &(0x7f00000001c0)='-\x00', 0xffffffffffffffff)
keyctl$search(0xa, r0, &(0x7f00000000c0)='ceph\x00', &(0x7f0000000100)={0x73, 0x79, 0x7a, 0x2}, r1)
r2 = syz_open_dev$sndpcmp(&(0x7f0000000200)='/dev/snd/pcmC#D#p\x00', 0x6, 0x420000)
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, &(0x7f0000000240)={<r3=>0x0, 0x8}, &(0x7f0000000280)=0x8)
getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r2, 0x84, 0x18, &(0x7f00000002c0)={r3, 0x7fffffff}, &(0x7f0000000300)=0x8)
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))

2018/05/15 13:07:46 executing program 5:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
read(r0, &(0x7f00000000c0)=""/250, 0x142297bb)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
setsockopt$inet_sctp6_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f0000000000)=0x3, 0x4)

2018/05/15 13:07:46 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x6c000000, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:07:46 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000160004000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:46 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x19, &(0x7f0000000040), 0x4)

2018/05/15 13:07:46 executing program 4:
bpf$MAP_CREATE(0xc203, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:46 executing program 0:
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))
r0 = dup2(0xffffffffffffff9c, 0xffffffffffffffff)
setsockopt$ARPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x61, &(0x7f0000000000)={'filter\x00', 0x4}, 0x68)

2018/05/15 13:07:46 executing program 7 (fault-call:1 fault-nth:0):
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x407, 0x9476fe0)

2018/05/15 13:07:46 executing program 4:
bpf$MAP_CREATE(0x2403, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

[  323.065110] FAULT_INJECTION: forcing a failure.
[  323.065110] name failslab, interval 1, probability 0, space 0, times 0
[  323.076454] CPU: 1 PID: 19972 Comm: syz-executor7 Not tainted 4.17.0-rc5+ #51
[  323.083740] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  323.093099] Call Trace:
[  323.095704]  dump_stack+0x1b9/0x294
[  323.099350]  ? dump_stack_print_info.cold.2+0x52/0x52
[  323.104558]  ? mutex_trylock+0x2a0/0x2a0
[  323.108644]  should_fail.cold.4+0xa/0x1a
2018/05/15 13:07:46 executing program 4:
bpf$MAP_CREATE(0x2f856, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

[  323.112722]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  323.118278]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  323.123397]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  323.128944]  ? _kstrtoull+0x180/0x230
[  323.132765]  ? graph_lock+0x170/0x170
[  323.136571]  ? lock_release+0xa10/0xa10
[  323.140552]  ? graph_lock+0x170/0x170
[  323.144363]  ? find_held_lock+0x36/0x1c0
[  323.148436]  ? __lock_is_held+0xb5/0x140
[  323.152520]  ? check_same_owner+0x320/0x320
[  323.156856]  ? rcu_note_context_switch+0x710/0x710
[  323.161801]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  323.167346]  __should_failslab+0x124/0x180
[  323.171593]  should_failslab+0x9/0x14
[  323.175407]  __kmalloc+0x2c8/0x760
[  323.178973]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  323.184516]  ? ns_capable_common+0x13f/0x170
[  323.188934]  ? pipe_fcntl+0x506/0x960
[  323.192754]  pipe_fcntl+0x506/0x960
[  323.196397]  ? get_pipe_info+0x80/0x80
[  323.200297]  ? wait_for_completion+0x870/0x870
[  323.204924]  ? __lock_is_held+0xb5/0x140
[  323.209010]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  323.214213]  do_fcntl+0x1c7/0x14b0
[  323.217768]  ? f_getown+0xc0/0xc0
[  323.221232]  ? fget_raw+0x20/0x20
[  323.224692]  ? __sb_end_write+0xac/0xe0
[  323.228684]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  323.234230]  ? fput+0x130/0x1a0
[  323.237523]  ? ksys_write+0x1a6/0x250
[  323.241334]  ? __ia32_sys_read+0xb0/0xb0
[  323.245412]  ? security_file_fcntl+0x94/0xc0
[  323.249831]  __x64_sys_fcntl+0x177/0x1f0
[  323.253902]  do_syscall_64+0x1b1/0x800
[  323.257797]  ? finish_task_switch+0x1ca/0x840
[  323.262302]  ? syscall_return_slowpath+0x5c0/0x5c0
[  323.267242]  ? syscall_return_slowpath+0x30f/0x5c0
[  323.272185]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  323.277563]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  323.282423]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  323.287616] RIP: 0033:0x455a09
[  323.290811] RSP: 002b:00007f5427f69c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000048
[  323.298528] RAX: ffffffffffffffda RBX: 00007f5427f6a6d4 RCX: 0000000000455a09
[  323.305801] RDX: 0000000009476fe0 RSI: 0000000000000407 RDI: 0000000000000013
[  323.313071] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  323.320326] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000015
[  323.327582] R13: 0000000000000095 R14: 00000000006f4e98 R15: 0000000000000000
2018/05/15 13:07:47 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r1=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r1+30000000}}, &(0x7f0000040000))
socket$nl_crypto(0x10, 0x3, 0x15)
tkill(r0, 0x1000000000016)

2018/05/15 13:07:47 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x7a000000, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:07:47 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x5, &(0x7f0000000040), 0x4)

2018/05/15 13:07:47 executing program 4:
bpf$MAP_CREATE(0x2001000000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:47 executing program 0:
clone(0x3ffd, &(0x7f0000000080)="c726621d2089d6cf7d7863830875600842f68115ce559e82d7ca652f82930ce8f3b45c0aae2ce9711d5943d3f86594f64b4a8e2912ec1c37cbf6aa865823fb9d119ab1440056e2f8d4436dfd148143ae4a1d8642163691f4d5e07ca2b3881fbdf5e74a61b525dfd3203316ee4731c6b7bb73906c0ba4a019effa0bd1bde4a66eba7f1c861bf88d52", &(0x7f0000000280), &(0x7f0000000040), &(0x7f00000002c0)="eb28562e55d38265e2f45aef26ece3a2ad2ceab16d4dc53a194fcc059415659e3ef110f2732e340cf6e704405afb9d1141bcae242bb41c1a79566cbf9538b4da3d9c744c97340a10caf99f0b85a59e313e")

2018/05/15 13:07:47 executing program 7 (fault-call:1 fault-nth:1):
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x407, 0x9476fe0)

2018/05/15 13:07:47 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000040004000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:47 executing program 5:
pipe(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
read(r0, &(0x7f00000000c0)=""/250, 0x142297bb)
fcntl$setpipe(r0, 0x407, 0x9476fe0)

2018/05/15 13:07:47 executing program 0:
r0 = getpgid(0x0)
getpgid(r0)
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))
r1 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0x2, 0x8002)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f00000000c0)={0x320, @time={0x0, 0x1c9c380}, 0x2, {0x8, 0xf6}, 0x7fff, 0x2, 0x1})
syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0x0, 0x800)
ioctl$KVM_KVMCLOCK_CTRL(r1, 0xaead)
syz_open_dev$binder(&(0x7f0000000080)='/dev/binder#\x00', 0x0, 0x800)

2018/05/15 13:07:47 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x2000000, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:07:47 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000140004000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:47 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x407, 0x9476fe0)

2018/05/15 13:07:47 executing program 4:
bpf$MAP_CREATE(0x8e01000000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:47 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x2f, &(0x7f0000000040), 0x4)

2018/05/15 13:07:47 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x6, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:07:47 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000001f04000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

[  324.072985] binder: 20040:20041 unknown command 0
[  324.108339] binder: 20040:20041 ioctl c0306201 20000200 returned -22
2018/05/15 13:07:48 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = semget(0x3, 0x2, 0x547)
semop(r0, &(0x7f0000000000)=[{0x3, 0x2, 0x1000}], 0x1)
r1 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r2=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r2+30000000}}, &(0x7f0000040000))
r3 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vsock\x00', 0x2100, 0x0)
ioctl$BLKIOOPT(r3, 0x1279, &(0x7f0000000140))
tkill(r1, 0x1000000000016)

2018/05/15 13:07:48 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x408, 0x9476fe0)

2018/05/15 13:07:48 executing program 4:
bpf$MAP_CREATE(0x1a010000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:48 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x60, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:07:48 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000150004000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:48 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x10, &(0x7f0000000040), 0x4)

2018/05/15 13:07:48 executing program 0:
mincore(&(0x7f0000ff9000/0x4000)=nil, 0x4000, &(0x7f0000000600)=""/4096)
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))
r0 = syz_open_dev$dspn(&(0x7f0000000040)='/dev/dsp#\x00', 0x1f, 0x2000)
ioctl$EVIOCSMASK(r0, 0x40104593, &(0x7f0000000140)={0x2, 0xb5, &(0x7f0000000080)="51b65561990953f14a953acc118ada32e23192c797742e71392a91eb07a7c7b0a9a1af5091c903bc7750f666ae4755cd35d1df02cb8910dd6b215c366cfa2c6a8e6df13978f60c5bb2cff3f79b25e3cb61d2dce8f93f822ac00b727160a670404d9643b2648bb5c6d4c68ec3ad0eab3c94901454b9094dba8604320488291234ceccff9bd4122b0dbfaee5252ca8feab081d0adfac70054e98b416d3a5d91c7704bd788a487ae15eb8df8c171761547a83064a4f18"})
r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x40000, 0x8)
ioctl$BLKRRPART(r1, 0x125f, 0x0)

2018/05/15 13:07:48 executing program 5:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
read(r0, &(0x7f00000002c0)=""/250, 0x10)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000040)={&(0x7f0000000000)='./file0\x00', 0x0, 0x18}, 0x10)
fcntl$setpipe(r0, 0x407, 0x9476fe0)

2018/05/15 13:07:48 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0xa, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:07:48 executing program 4:
bpf$MAP_CREATE(0xb6030000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:48 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000001104000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:48 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x24, 0x9476fe0)

[  324.873688] binder: 20079:20080 unknown command 0
2018/05/15 13:07:48 executing program 4:
bpf$MAP_CREATE(0xcc210300, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:48 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0xd, &(0x7f0000000040), 0x4)

2018/05/15 13:07:48 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000001404000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

[  324.910375] binder: 20079:20080 ioctl c0306201 20000200 returned -22
2018/05/15 13:07:48 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff})
fcntl$setpipe(r0, 0xa, 0x9476fe0)

[  325.613941] Unknown ioctl 4729
[  325.664414] Unknown ioctl 4729
2018/05/15 13:07:49 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = gettid()
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0xf195f83e05ff5012, 0x0)
faccessat(r1, &(0x7f0000000100)='./file0\x00', 0x10, 0x100)
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
ptrace$setsig(0x4203, r0, 0xbd, &(0x7f0000000140)={0x1a, 0x9ed9, 0x100000000, 0x8})
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r2=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r2+30000000}}, &(0x7f0000040000))
ioctl$DRM_IOCTL_DROP_MASTER(r1, 0x641f)
tkill(r0, 0x1000000000016)

2018/05/15 13:07:49 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0xfdfdffff00000000, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:07:49 executing program 4:
bpf$MAP_CREATE(0x6401, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:49 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000001504000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:49 executing program 0:
clone(0x4000, &(0x7f0000000040), &(0x7f0000000580), &(0x7f0000000000), &(0x7f0000000600))

2018/05/15 13:07:49 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x11, 0x9476fe0)

2018/05/15 13:07:49 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x2c, &(0x7f0000000040), 0x4)

2018/05/15 13:07:49 executing program 5:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$VT_SETMODE(r1, 0x5602, &(0x7f0000000000)={0x101, 0x5, 0x7fffffff, 0x4, 0x3})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
read(r0, &(0x7f00000000c0)=""/250, 0x142297bb)
fcntl$setpipe(r0, 0x407, 0x9476fe0)

2018/05/15 13:07:49 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x3000000, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:07:49 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000020004000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:49 executing program 4:
bpf$MAP_CREATE(0x2e6, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:49 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x40b, 0x9476fe0)

2018/05/15 13:07:49 executing program 0:
r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x20000, 0x0)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x4e24, @rand_addr=0x5}, 0x10)
ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f0000000080))
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))

2018/05/15 13:07:49 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x409, 0x9476fe0)

2018/05/15 13:07:49 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x7400, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:07:49 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x1d, &(0x7f0000000040), 0x4)

2018/05/15 13:07:50 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
ioctl$sock_FIOGETOWN(0xffffffffffffff9c, 0x8903, &(0x7f0000000000)=<r0=>0x0)
clock_gettime(0x0, &(0x7f0000000140)={<r1=>0x0, <r2=>0x0})
futex(&(0x7f0000000100), 0xb, 0x2, &(0x7f0000000180)={r1, r2+30000000}, &(0x7f00000001c0), 0x2)
tkill(r0, 0x19)
r3 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r4=>0x0})
r5 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000200)='/dev/rtc0\x00', 0x200000, 0x0)
write$binfmt_misc(r5, &(0x7f0000000240)={'syz1', "736fbc68b3f2265006f7003f5ae2fec244acaf74c296517d440b2df2c1e1814b0b16ef874735d10841a515f3c025915a706debef5a1325f014b2d9a48e937e0be7c66ef2b85a876847dd38b55078f7dec8564550c1fcfac6837d5ce3f565f80c39589566c936a1f021f2e642b6ed9463ef2f676b7e1f90de341e00a0475343acc03ce3c776c1bb7daad2af37edb354671c42d087bc"}, 0x99)
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r4+30000000}}, &(0x7f0000040000))
tkill(r3, 0x1000000000016)

2018/05/15 13:07:50 executing program 4:
bpf$MAP_CREATE(0x1002000000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:50 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000030004000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:50 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x4c00, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:07:50 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x12040, 0xb0)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f00000000c0)={0x3f, 0x2, 0x8, 0x4, 0x7f, 0x5, 0x9, 0x4, 0x1, 0x9, 0xf1d}, 0xb)
clone(0x4000, &(0x7f0000000100)="3d05ca99b67b019a3bc87cf7070054595100", &(0x7f0000000000), &(0x7f00000005c0), &(0x7f00000000c0))
r1 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000140)='/dev/mixer\x00', 0x1ff, 0x0)
ioctl$GIO_FONT(r1, 0x4b60, &(0x7f0000000080)=""/10)

2018/05/15 13:07:50 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x5, 0x9476fe0)

2018/05/15 13:07:50 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x31, &(0x7f0000000040), 0x4)

2018/05/15 13:07:50 executing program 5:
bpf$MAP_CREATE(0x2001000000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:50 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x6800000000000000, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:07:50 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x9, 0x9476fe0)

2018/05/15 13:07:50 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000050004000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:50 executing program 4:
bpf$MAP_CREATE(0xfe02000000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:50 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x402, 0x9476fe0)

2018/05/15 13:07:50 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000040), 0x4)

2018/05/15 13:07:50 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x2000000000000000, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:07:50 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000001204000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:51 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r1=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000100)={{0x0, 0x8}, {0x0, r1+30000000}}, &(0x7f0000040000))
ioctl$ASHMEM_GET_PIN_STATUS(0xffffffffffffffff, 0x7709, 0x0)
tkill(r0, 0x1000000000016)

2018/05/15 13:07:51 executing program 0:
clone(0x4000000, &(0x7f0000000000), &(0x7f0000000580), &(0x7f0000000040), &(0x7f0000000600))
r0 = syz_open_dev$sndmidi(&(0x7f0000000000)='/dev/snd/midiC#D#\x00', 0x10001, 0x2000)
mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x10, r0, 0x0)

2018/05/15 13:07:51 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x10, 0x9476fe0)

2018/05/15 13:07:51 executing program 5:
bpf$MAP_CREATE(0x2001000000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:51 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x6000000, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:07:51 executing program 4:
bpf$MAP_CREATE(0x3e00000000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:51 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000001604000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:51 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0xc, &(0x7f0000000040), 0x4)

2018/05/15 13:07:51 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x2000, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:07:51 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x8, 0x9476fe0)

2018/05/15 13:07:51 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000304000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:51 executing program 5 (fault-call:3 fault-nth:0):
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
vmsplice(r1, &(0x7f0000000280)=[{&(0x7f0000000180)='r', 0x1}], 0x1, 0x0)

2018/05/15 13:07:51 executing program 4:
bpf$MAP_CREATE(0xfcf8000000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:51 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x74, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:07:51 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x40a, 0x9476fe0)

2018/05/15 13:07:51 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x2b, &(0x7f0000000040), 0x4)

2018/05/15 13:07:52 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
stat(&(0x7f00000006c0)='./file0\x00', &(0x7f0000000700))
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r1=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r1+30000000}}, &(0x7f0000040000))
r2 = syz_open_dev$sndpcmp(&(0x7f0000000100)='/dev/snd/pcmC#D#p\x00', 0x20000000000, 0x442)
clock_gettime(0x0, &(0x7f0000000180)={<r3=>0x0, <r4=>0x0})
getsockopt$inet6_mreq(r2, 0x29, 0x15, &(0x7f00000007c0)={@mcast1}, &(0x7f0000000780)=0x3bc)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r2, 0xc4c85513, &(0x7f00000001c0)={{0x4, 0x7, 0x4, 0x5, "3f2085fa086a51c74ed4bb9d640c729c31515d35c41e1a930441bdb4ec4a11fbde67fc8caab49ae9de5e0b02", 0xb0f}, 0x5, [0x8, 0xffff, 0x2, 0x8, 0xfffffffffffffff9, 0x5bb1, 0x7, 0x0, 0x3, 0x40000000000000, 0x1000, 0x4, 0x46ef, 0x8ba, 0x0, 0x9, 0x9, 0x80, 0xffffffff00000001, 0x6, 0xfffffffffffffffa, 0x3, 0x4651, 0x21, 0xa8830, 0x5, 0x0, 0x7fffffff, 0x21, 0x9, 0x20, 0x8, 0x9, 0x1f, 0x4324, 0x9, 0xd21b, 0x3f, 0x8, 0x9, 0x6, 0x6, 0x81, 0xffff, 0x5, 0x3, 0x9, 0x1000, 0x8, 0x1, 0x1000, 0xe6, 0x8, 0x7fffffff, 0x7, 0x3dca081a, 0x0, 0x5, 0x80, 0x3, 0x8, 0x1, 0x4b1, 0x8, 0x1f1b, 0x2, 0xfffffffffffffffb, 0x7, 0x6, 0x1, 0x1f, 0x0, 0x400, 0xfffffffffffffffc, 0x7, 0x7a, 0x80, 0x1f, 0x0, 0xac55, 0x401, 0x3f, 0x9488, 0x8, 0x6, 0x6481, 0x3ff, 0xffffffff, 0x7fffffff, 0x1, 0x6, 0x20000000000000, 0x4, 0x8, 0x5, 0x4, 0x9, 0xff, 0xd3b, 0x7, 0x100000000, 0x9, 0x6, 0xfffffffffffffffe, 0xffffffff, 0x3ff, 0x8000, 0x6, 0x1, 0x9, 0x6, 0xcd2, 0x7f, 0x0, 0x100000000, 0x2, 0x7804, 0x9, 0x5, 0x80000000, 0x8, 0x0, 0x1, 0x0, 0xfffffffffffff01a, 0x4, 0x9, 0x200], {r3, r4+30000000}})
ioctl$KDSKBMETA(r2, 0x4b63, &(0x7f0000000140)=0x6)
ioctl$sock_SIOCGPGRP(0xffffffffffffff9c, 0x8904, &(0x7f0000000000))
tkill(r0, 0x1000000000016)

2018/05/15 13:07:52 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000120004000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:52 executing program 0:
clone(0x10000004, &(0x7f0000000300)="ac988713a7dafb33be3d269e8ea3af45034d5180efb6d70b3bea66df279043f74b54678f985a97b2c1c9ced9f4d3d464af530520b63a26e35dfa15c27494394ae94218219324913e7af8000000a289892d1e3e7663fd8df74739d293ea23aa89732ee9b98d687aad5428ef69fdfc09d6ba966ae005307d113c97fc2f9c8ec355c128990a1792511af91b37f7b3ec7bbb2004a9a293855e75079ef84c3e977ae85bd1b6da99ed53ac9ff44c818ae4d3e2304655a23f85fe3251d961ea2480a91bcf2620da90edfd301a618e3e9d9a100a6881ada88217109b5ae26d65c77dcad6cfeb6a6fcf8754d2", &(0x7f00000001c0), &(0x7f0000000080), &(0x7f0000000600))

2018/05/15 13:07:52 executing program 4:
bpf$MAP_CREATE(0x5c90030000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:52 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x2, 0x9476fe0)

2018/05/15 13:07:52 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x100000000000000, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:07:52 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x2d, &(0x7f0000000040), 0x4)

2018/05/15 13:07:52 executing program 5:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
vmsplice(r1, &(0x7f0000000280)=[{&(0x7f0000000180)='r', 0x1}], 0x1, 0x0)

2018/05/15 13:07:52 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x300, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:07:52 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x4, 0x9476fe0)

2018/05/15 13:07:52 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000504000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:52 executing program 4:
bpf$MAP_CREATE(0x2ec, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:52 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x3, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:07:52 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x2a, &(0x7f0000000040), 0x4)

2018/05/15 13:07:52 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x406, 0x9476fe0)

2018/05/15 13:07:52 executing program 0:
r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x40)
bind$netrom(r0, &(0x7f0000000040)=@full={{0x3, {"7a795c842dd928"}, 0x8}, [{"91fdd9f71f590e"}, {"314572a2d9daf9"}, {"0500d55752acaa"}, {"7c2e195c0bffe5"}, {"2186171cd24012"}, {"4f8ef933e811f9"}, {"bc5605c54d0fcd"}, {"d114417956b829"}]}, 0x48)
ioctl$EVIOCGBITKEY(r0, 0x80404521, &(0x7f00000000c0)=""/104)
clone(0x80000000003ffe, &(0x7f0000000180), &(0x7f0000000240), &(0x7f0000000200), &(0x7f00000001c0))
ioctl$SNDRV_TIMER_IOCTL_START(r0, 0x54a0)

[  329.012830] binder: 20310:20311 unknown command 64
[  329.038897] binder: 20310:20311 ioctl c0306201 20000200 returned -22
2018/05/15 13:07:53 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x4c000000, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:07:53 executing program 4:
bpf$MAP_CREATE(0x18, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:53 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000001504000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:53 executing program 0:
r0 = syz_open_dev$adsp(&(0x7f0000000100)='/dev/adsp#\x00', 0x7, 0x101040)
r1 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
connect$l2tp(r0, &(0x7f0000000140)=@pppol2tp={0x18, 0x1, {0x0, r1, {0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x11}}, 0x4, 0x0, 0x0, 0x4}}, 0x26)
clone(0x4000, &(0x7f0000000000)="285ab9ea28fcd3376d540bb0e38350273c1b0e637b9bf198ce2cc0c6e09f83fdee4c8be3f13a1b844064c82f0151782b0e5d8d3c1a8f0282b076b1eb0548b7b20a78676f07b72e93b182e1bf81e1bddc560535ae2ea960df626cbdf96b910bbc53d08141b769c13ab6eb178278535189306942505de87555d7b01c3bd449b303748e2ef37ffa192103bf8aca809a4cc1d7f19b66940139ee5862e1103b622a270ed04595b42713dfb444bdd50ba7318834bf920cdbe2b051bd07ac8c1d4ae9d334424193df16f174e3c0791237c211e5", &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))

2018/05/15 13:07:53 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff})
fcntl$setpipe(r0, 0xb, 0x9476fe0)

2018/05/15 13:07:53 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x32, &(0x7f0000000040), 0x4)

2018/05/15 13:07:53 executing program 5:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
vmsplice(r1, &(0x7f0000000280)=[{&(0x7f0000000180)='r', 0x2}], 0x1, 0x0)

2018/05/15 13:07:53 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = gettid()
capget(&(0x7f00000000c0)={0x20080522, r0}, &(0x7f0000000100)={0x5f48, 0x7, 0x7, 0x9, 0xe52, 0x2})
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
clock_gettime(0x0, &(0x7f0000000000)={0x0, <r1=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r1+30000000}}, &(0x7f0000040000))
tkill(r0, 0x1000000000016)

2018/05/15 13:07:53 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x25, 0x9476fe0)

2018/05/15 13:07:54 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x6c00, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:07:54 executing program 4:
bpf$MAP_CREATE(0x1a01, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:54 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000404000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:54 executing program 0:
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f0000000000), &(0x7f0000000040))

2018/05/15 13:07:54 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x26, 0x9476fe0)

2018/05/15 13:07:54 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x1a, &(0x7f0000000040), 0x4)

2018/05/15 13:07:54 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc0\x00', 0x400000, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60)
r1 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r2=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r2+30000000}}, &(0x7f0000040000))
tkill(r1, 0x1000000000016)

2018/05/15 13:07:54 executing program 5:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
vmsplice(r1, &(0x7f0000000280)=[{&(0x7f0000000180)='r', 0x8}], 0x1, 0x0)

2018/05/15 13:07:54 executing program 0:
clone(0x3ffd, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))

2018/05/15 13:07:54 executing program 4:
bpf$MAP_CREATE(0x2c8, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:54 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x3, 0x9476fe0)

2018/05/15 13:07:54 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x7, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:07:54 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000001604000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:54 executing program 0:
clone(0x4000, &(0x7f0000000100)="a81c58adb3efa67ee68c", &(0x7f0000000140), &(0x7f00000005c0), &(0x7f0000000600))
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x58220da59870a823, 0x0)
set_mempolicy(0x4000, &(0x7f00000000c0)=0x8, 0x1)
getsockopt$IP6T_SO_GET_REVISION_TARGET(r0, 0x29, 0x45, &(0x7f0000000040)={'ipvs\x00'}, &(0x7f0000000080)=0x1e)

2018/05/15 13:07:54 executing program 4:
bpf$MAP_CREATE(0x272, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:54 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x6, 0x9476fe0)

2018/05/15 13:07:54 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x6000000000000000, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

[  330.837451] binder: 20396:20399 unknown command 0
[  330.852163] binder: 20396:20399 ioctl c0306201 20000200 returned -22
2018/05/15 13:07:54 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x6, &(0x7f0000000040), 0x4)

2018/05/15 13:07:54 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000001104000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:54 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x7, 0x9476fe0)

2018/05/15 13:07:54 executing program 4:
bpf$MAP_CREATE(0xba59010000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:54 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x2, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

[  331.076480] binder: 20428:20429 unknown command 16448
[  331.088375] binder: 20428:20429 ioctl c0306201 20000200 returned -22
2018/05/15 13:07:55 executing program 5:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
vmsplice(r1, &(0x7f0000000280)=[{&(0x7f0000000180)='r', 0x20000181}], 0x1, 0x0)

2018/05/15 13:07:55 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000001204000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:55 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x40e, 0x9476fe0)

2018/05/15 13:07:55 executing program 4:
bpf$MAP_CREATE(0x4c02000000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:55 executing program 0:
socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff})
ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f0000000140)={0x3, {0x2, 0x4e20, @broadcast=0xffffffff}, {0x2, 0x4e23, @broadcast=0xffffffff}, {0x2, 0x4e24, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x28, 0x3ff, 0x4, 0x929c, 0x0, &(0x7f0000000100)='eql\x00', 0x8000, 0x2, 0x8})
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))
futex(&(0x7f0000000980), 0x3, 0x1, &(0x7f00000009c0)={0x0, 0x1c9c380}, &(0x7f0000000a00)=0x2, 0x0)
r1 = open(&(0x7f0000000000)='./file0\x00', 0x200000, 0x6)
r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000840)='IPVS\x00')
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000000a40)={{{@in6=@dev, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}}, {{@in6=@mcast2}, 0x0, @in=@loopback}}, &(0x7f0000000b40)=0xe8)
setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000b80)={@multicast1=0xe0000001, @dev={0xac, 0x14, 0x14, 0xb}, r3}, 0xc)
sendmsg$IPVS_CMD_DEL_SERVICE(r1, &(0x7f0000000940)={&(0x7f0000000800)={0x10, 0x0, 0x0, 0x100a0440}, 0xc, &(0x7f0000000900)={&(0x7f0000000880)={0x70, r2, 0x8, 0x70bd25, 0x25dfdbfd, {0x3}, [@IPVS_CMD_ATTR_SERVICE={0x18, 0x1, [@IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'sed\x00'}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x15, 0x10}}]}, @IPVS_CMD_ATTR_SERVICE={0x34, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x2, 0x20}}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x5}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x7f}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x10000}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x4}}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x4}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x7}]}, 0x70}, 0x1, 0x0, 0x0, 0x80}, 0x4000090)
setsockopt$IP_VS_SO_SET_ADDDEST(r1, 0x0, 0x487, &(0x7f0000000040)={{0x8, @remote={0xac, 0x14, 0x14, 0xbb}, 0x4e22, 0x2, 'lc\x00', 0x20, 0x5, 0x6d}, {@multicast2=0xe0000002, 0x4e23, 0x4003, 0x10001, 0x96, 0x3}}, 0x44)
ioctl$BLKZEROOUT(r1, 0x127f, &(0x7f00000007c0)={0x6, 0x3})
r4 = getpid()
ptrace(0x19, r4)
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000600)={{{@in6=@ipv4={[], [], @remote}, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0}}, {{@in=@rand_addr}, 0x0, @in=@multicast2}}, &(0x7f00000004c0)=0xe8)
stat(&(0x7f0000000500)='./file0\x00', &(0x7f0000000700)={0x0, 0x0, 0x0, 0x0, 0x0, <r6=>0x0})
sendmsg$unix(r1, &(0x7f0000000780)={&(0x7f00000001c0)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000480)=[{&(0x7f0000000240)="6ced7a52041d905391a4b4e5baff6240d9dd44703582e5d38815a8bbf03529ab251cbdcc581ceb029ef610a3457ac52d64a62cbb318c85e9390cd51bd4e260de65129daa90ce0b24eb9769e491a529c10327f1d8b5d7d36a73ea04e96fecac224f351551c76d144f9b6b54c1005d18f309edbff53020cdeb8daece198e74f1f49487ebcbbd95dd9672127fd629b080bdee6e07b1be1ea2236ecfba249361416362ffd410d2b6ef2581aa7d02fd198e59aa6d2a862a702dbb", 0xb8}, {&(0x7f0000000300)="e7e165171739178dba2718744572d73c5957300e6cf490125269159150bb762474ecc4501a9ea58c2dfc38b0c86f210905eec2a9a5054f4d45947aba23ad8e6232a19c464a1d7233dbec0f3e0e5f63a3b56015527a590ca7aed5cd24704e357704aa5ab7155fd169cdde73cb61dca2208d1924908e80379d13e5cb49642c48ae96da0ad6b00bcfd42dd3b56f368abad6447f0ecf11bd99cbbabe", 0x9a}, {&(0x7f00000003c0)="135afaeea66c425d5f101f5c4351e7bf7112354b9856c32d9120f7b316d25855b1e20586c6a68a5a8950cb", 0x2b}, {&(0x7f0000000400)="68f6c9329ca5991e35dd7b4135657e52d8375f8285b3cac032c6cf2f6749fef4dd32b0667ecaca028b42b32ec50302db3cdc6a9f5100db3bd363c28fcb96beddc97258218585e7792d29f9cd3cb82551e472a42a03212c24536d2cc224102a4ef9b7e776ee0c57677845b35d42c2", 0x6e}], 0x4, &(0x7f0000000540)=[@cred={0x20, 0x1, 0x2, r4, r5, r6}], 0x20, 0x48000}, 0x44800)
sendmsg$IPVS_CMD_GET_CONFIG(r1, &(0x7f0000000d40)={&(0x7f0000000bc0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000d00)={&(0x7f0000000c00)={0xd4, r2, 0x400, 0x70bd2a, 0x25dfdbfd, {0xd}, [@IPVS_CMD_ATTR_DEST={0x14, 0x2, [@IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x6}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3}]}, @IPVS_CMD_ATTR_DEST={0x24, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0xd8}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x8001}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x69}]}, @IPVS_CMD_ATTR_DAEMON={0x54, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'syz_tun\x00'}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x2}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x10000000000000}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'ip6tnl0\x00'}, @IPVS_DAEMON_ATTR_STATE={0x8, 0x1}]}, @IPVS_CMD_ATTR_DEST={0x2c, 0x2, [@IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x10001}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x7}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x1}, @IPVS_DEST_ATTR_PORT={0x8, 0x2, 0x4e23}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x89}]}, 0xd4}, 0x1, 0x0, 0x0, 0x40000}, 0x4040)

2018/05/15 13:07:55 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x60000000, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:07:55 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x9, &(0x7f0000000040), 0x4)

2018/05/15 13:07:55 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = gettid()
r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000200)='/dev/rfkill\x00', 0x10040, 0x0)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffff9c, 0x84, 0x9, &(0x7f0000000240)={<r2=>0x0, @in={{0x2, 0x4e20}}, 0x9, 0x1, 0x0, 0x8, 0x1}, &(0x7f0000000300)=0x98)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000340)={r2, 0x7fff}, 0x8)
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r3=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r3+30000000}}, &(0x7f0000040000))
get_robust_list(r0, &(0x7f0000000180)=&(0x7f0000000140)={&(0x7f0000000100)={&(0x7f0000000000)}}, &(0x7f00000001c0)=0x18)
ioctl$TCSETSW(r1, 0x5403, &(0x7f0000000380)={0x5, 0x2, 0x400, 0x0, 0x100000000, 0x40, 0x8, 0x1, 0x80eb, 0x7, 0x3f, 0x4})
tkill(r0, 0x1000000000016)

2018/05/15 13:07:55 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x1000000, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:07:55 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff})
fcntl$setpipe(r0, 0xf, 0x9476fe0)

2018/05/15 13:07:55 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000504000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:55 executing program 4:
bpf$MAP_CREATE(0x84020000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:55 executing program 7:
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0xffffffffffffff9c, 0x2, 0x0, 0x40, &(0x7f0000000040)=[0x0, 0x0], 0x2}, 0x20)
ioctl$EVIOCSABS3F(r0, 0x401845ff, &(0x7f0000000100)={0x1, 0x1, 0x1, 0x7, 0x800, 0x592})
pipe(&(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
setsockopt$netlink_NETLINK_PKTINFO(r1, 0x10e, 0x3, &(0x7f0000000140)=0x4, 0x4)
fcntl$setpipe(r1, 0x407, 0x9476fe0)
ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r2, 0xc0045520, &(0x7f0000000000)=0xffffffffffff84dc)

2018/05/15 13:07:55 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x74000000, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:07:55 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040)=0x12, 0x4)

2018/05/15 13:07:55 executing program 0:
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))
r0 = getpgid(0x0)
getpgrp(r0)

2018/05/15 13:07:55 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r1=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r1+30000000}}, &(0x7f0000040000))
tkill(r0, 0x1000000000016)
r2 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x4, 0x501000)
ioctl$sock_SIOCGPGRP(r2, 0x8904, &(0x7f0000000100))

2018/05/15 13:07:55 executing program 5:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
vmsplice(r1, &(0x7f0000000280)=[{&(0x7f0000000180)='r', 0x7ffff000}], 0x1, 0x0)

2018/05/15 13:07:56 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x7a, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:07:56 executing program 7:
pipe(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x407, 0x9476fe0)
r2 = gettid()
perf_event_open(&(0x7f0000000080)={0x1, 0x70, 0x1, 0xff, 0x647, 0x6, 0x0, 0x10001, 0x1020, 0x6, 0x2, 0xe8, 0x7, 0x6, 0x5, 0x2, 0x0, 0xfffffffffffff9de, 0x1f, 0xff, 0x80000000, 0x3, 0x1, 0x3, 0x72, 0x6, 0xfd4, 0x6, 0x8f4, 0x3f, 0x8001, 0x8, 0x9, 0x2, 0x0, 0xd8259d8000000000, 0x5, 0xfffffffffffffc00, 0x0, 0xba8, 0x7, @perf_bp={&(0x7f0000000040), 0x7}, 0x240, 0x80, 0xfffffffffffffffa, 0x6, 0x1, 0x9, 0x7}, r2, 0xb, r1, 0x1)

2018/05/15 13:07:56 executing program 4:
bpf$MAP_CREATE(0xfe02, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:56 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000204000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:56 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040)=0x1200, 0x4)

2018/05/15 13:07:56 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x6800, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:07:56 executing program 4:
bpf$MAP_CREATE(0x1cd60100, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:56 executing program 0:
syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x10000, 0x8000)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/lblcr_expiration\x00', 0x2, 0x0)
ioctl$VT_RELDISP(r0, 0x5605)
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))

2018/05/15 13:07:56 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000015000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:56 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff})
connect$pppoe(r0, &(0x7f0000000000)={0x18, 0x0, {0x2, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xf}, 'bpq0\x00'}}, 0x1e)
fcntl$setpipe(r0, 0x407, 0x9476fe0)

2018/05/15 13:07:56 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040)=0x12000000000000, 0x4)

2018/05/15 13:07:56 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x5, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:07:56 executing program 4:
bpf$MAP_CREATE(0x7000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:56 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000005000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

[  332.934768] binder: 20539:20541 unknown command 0
[  332.971286] binder: 20539:20541 ioctl c0306201 20000200 returned -22
2018/05/15 13:07:56 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
clock_gettime(0x0, &(0x7f00000000c0))
tkill(r0, 0x1000000000016)

2018/05/15 13:07:58 executing program 5:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
vmsplice(r1, &(0x7f0000000280)=[{&(0x7f0000000180)='r', 0x1400}], 0x1, 0x0)

2018/05/15 13:07:58 executing program 7:
r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x100)
ioctl$SG_IO(r0, 0x2285, &(0x7f0000000380)={0x53, 0xfffffffffffffffb, 0xbf, 0x400, @scatter={0x1, 0x0, &(0x7f0000000040)=[{&(0x7f00000000c0)=""/205, 0xcd}]}, &(0x7f00000001c0)="9ead3c349737ee43326c2edfa3d948a9bf08f638a17551e965d1ddfd3eef4b87360034fd29b9407e99879a907ba15ae1e4768993659ff912aa7e58de48f4426ffb6f121229ecd60d6f1e7a0e6ca5f01a68bffaafbf1fec787a24c6bbb078465746055de6ed91b768bd5bb4b333ffa514dc07c936b2eb4cc7cf710aa8ddf8ec9b053f1ccc07b669d55268bb57dc1285ad8df327d9ede82dd24df0cdb6582c135e02387ceffe170cb671cff3ab5926f7f39941c9a3ee22fadf7999ac25653b79", &(0x7f0000000280)=""/142, 0xfffffffffffff000, 0x22, 0x3, &(0x7f0000000340)})
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000400)='/dev/vga_arbiter\x00', 0x4040, 0x0)
pipe(&(0x7f0000000080)={<r1=>0xffffffffffffffff})
socket$kcm(0x29, 0x0, 0x0)
fcntl$setpipe(r1, 0x407, 0x9476fe0)

2018/05/15 13:07:58 executing program 0:
clone(0x4001, &(0x7f00000000c0), &(0x7f0000000140), &(0x7f0000000000), &(0x7f0000000040)="07f2801d694d50bb550af24e0a82")
r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000100)='/dev/full\x00', 0x48c80, 0x0)
write$cgroup_pid(r0, &(0x7f0000000180)=ANY=[@ANYBLOB="3252fd3fdab904da4aa6a60890c19d358e609b2e3025f5954e8cee145c4a608be42240090089b06579c04c83b181daef52abadd5ec901b761fa8c37ac6c8b2268b898564fd45a11cdd8999560afa246bf3"], 0x1)

2018/05/15 13:07:58 executing program 4:
bpf$MAP_CREATE(0x16a, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:58 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x5000000, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:07:58 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040)=0x120000, 0x4)

2018/05/15 13:07:58 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000011000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:58 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
socket$key(0xf, 0x3, 0x2)
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r1=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r1+30000000}}, &(0x7f0000040000))
tkill(r0, 0x1000000000016)

2018/05/15 13:07:58 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x600, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:07:58 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000014000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:58 executing program 4:
bpf$MAP_CREATE(0xda36020000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:58 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x200000000000000, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:07:58 executing program 7:
pipe(&(0x7f0000000000)={<r0=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x407, 0x9476fe0)
close(r0)

2018/05/15 13:07:58 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000304000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:58 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x3)

2018/05/15 13:07:58 executing program 0:
clone(0x4000, &(0x7f0000000480), &(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000080)="7c761aa1a024281fdfd78be195474f684f8374760e7ee8015cfaaefdd0329c6c90a034502e8df5ec99278591c8129a45ca33f0207ce65ce8cb49bce57f40f58a8a53c7edcaa32966fcd26e0fd949d9ca27620e4ed1470ad1c01ce008e2684bb1e1e7c9fc07119979d9")
r0 = gettid()
ioctl$sock_FIOGETOWN(0xffffffffffffff9c, 0x8903, &(0x7f0000000100)=<r1=>0x0)
setpgid(r0, r1)

2018/05/15 13:07:59 executing program 5:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
vmsplice(r1, &(0x7f0000000280)=[{&(0x7f0000000180)='r', 0x1}], 0x7ffff000, 0x0)

2018/05/15 13:07:59 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r1=>0x0})
r2 = socket$inet6_dccp(0xa, 0x6, 0x0)
ioctl$sock_inet_SIOCSIFDSTADDR(r2, 0x8918, &(0x7f0000000000)={'veth1_to_bond\x00', {0x2, 0x4e23, @broadcast=0xffffffff}})
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r1+30000000}}, &(0x7f0000040000))
tkill(r0, 0x1000000000016)

2018/05/15 13:07:59 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c460000000000000000000000001f000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:59 executing program 7:
r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x125502, 0x0)
getsockopt$packet_buf(r0, 0x107, 0x16, &(0x7f00000000c0)=""/251, &(0x7f0000000040)=0xfb)
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x100, 0x0)
pipe(&(0x7f0000000080)={<r1=>0xffffffffffffffff})
fcntl$setpipe(r1, 0x407, 0x2)

2018/05/15 13:07:59 executing program 0:

2018/05/15 13:07:59 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
io_setup(0x1, &(0x7f0000000080)=<r2=>0x0)
io_submit(r2, 0x5, &(0x7f0000001540)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x3ff, r0, &(0x7f0000000140)="7cdff67c7d11182d920ac5d3011847b60e031e526e98c63bddca9c6e69877e80973c0428fa8ff9b3887b3b4d14de9fdd8939b0e48799d154fb23900c8c5ad4ecfc8bdd20b80b7a981209f42243565dfb38057f9c5d530a7a1c60ea166fa71864cd4c0c2bb04a84b795a840e660bd826eebf2857bf7dc8ec329f7a9b51e7870676e7fe38dc248ccccf226e1f0c7766d3e3be42bb8d85af2df9239e57b5e881e8bb30ded93a7ba7f3fbec7858996a01055be10a2a0c9816fd62c4105f0ae0ecb9376", 0xc1, 0x778c, 0x0, 0x1, r1}, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x3, 0x8, r0, &(0x7f0000000240)="e517d55197c0f9b0fc8136fb95ca930cc7a1f3621f2e75235caf5ae12535e61cdcef7be4bb9f58fa3dfdc86dc2ddc6925e0dd026233a992d6c42bfe1a208eb7e8b7cf6be631e5244e847b313e3a8853bf3f8459a3275fe5f53101f30c030cb8dd3f62ed307490fe78b867b8154b4d8df04118de0bed7a5038437ab232cf67114aa2326e4fd8ad2d0f4e60767efd0cba054133470aea6a1492824147777f81f17761c82684926f25deda033602c54d1d259b0795e6616cbc88dfb", 0xba, 0x2, 0x0, 0x0, r1}, &(0x7f0000001340)={0x0, 0x0, 0x0, 0x7, 0x72, r0, &(0x7f0000000340)="bfed51395ef2aef46bd554bf2f89237dbfa2c56b5f594f0638de0d54b40ef0603506197aabbd62c7740938f8654af300dffad8a3da0048b7d332b928f464d03cf4caf73f6e52458354e31b1edaf233d3566aa7a2d48e7e78f808bf50cb367f8297f38220bcd53024b70a6c09fd3c2ff0684641c45f32681fcd56c59ce0b127f58ea7b04bca09f51b08ac1c867b7231420b25e1119de02e65db4a17d31c3dfd34ab555c162abb72c99d78049d7e61323015c48243ea61c1c727403a7c6487fe2cd5f49ae40ce7f92ae2ef5d07c3f201b1a8039f10edd6636db6feea48741f5cb732f18a642b1270700bee0ce359093d2f8a3e12d5df39ba2d59765733c1b4f105713317252d81470da8af1f035960b7642f3be42ec8211ba69d21f4cc3097f7a2614d640e382c4b75e729a583c2f34ad48cedde746d8a509cacf067c016f0fd01ed73a293231abe103d5dc95a394a22e1de949378af457e8689449229e96d68276b89cc15bc28905a476bbb3ddde3b5715b25031e7c0904da00b2bd441b73e011aa4d5d1716f7f262cfc9d8fc98767bba015548a3aee9376b3f645c7667a1a7175fe7145cf6587f865f1948e041df1ac4c609632c3c4df50bf60abbc37f216a1dafa14178024d80140b0f88ed8f482f8468c8ede07e3e5df78a35007d378423cc3f7cfacee4f4207355428466c9c9d4359637031744eaea15739025b7068600af43356239badcc38cfe4e5d5e9ab084bda6c5474c96dc28e956d1d3347bd158d67ca657679611470d038ac1272d5decc974bafdde6c9f43173d7425b388ecfeec890dc29c123af9b0843899b7e5cf550668c81c6c45888288cf8334ba26abf4e2cf30cdf26a5d39ea5cde04c2b30deb27c930f52c6f0c2ec93954c0704ccd43ea7774a0aedbdfd079e339aa228e0f73c00c82f138175eafc69489f1cc6069b27085f895b7f6f36d8b4e5a8236689a74fe82068ae9ea74d1778f1e6a1316c061b2b8492a1f026d71ad166313b800ae11d263f165a1aa6a6c4d6ad1ac699eb63dbd2c1813b7ea745a65a4a6bc7bef68c62ff2208e97ae125afbbe6c15a1a3c7fd7f8bf34d2dd2b7b4878e772da41939b71573c6784c9a7ca4eacd38cac1e699dd59b141aa533490060bd8b4d897277c8201da1bb6443dfa7ffe0ceed336468a151ebbff1f29f0dd0f4e0549587ebdc61c892b9ce3a1d5cd685327dc6c5a6bd7d5c63980ed4aee8d952b37ef878d1add10231db45e95148603d60b50aa3459abaf4c752e3f2d59bb8116f3dfd7826397a2d0d855e90d392b7b7d6a4bf9c1138b116133af151452d66eed235ee32b16834a9104187144fc757af7d0e0846ca4d1c1e0874e1c46127bcf18e24a5c47f7cc31bdd8bb67a6290647725fd3a72e2be0c0bc1fc1087c989dcc3c1642cd44df1a713f1374bcc1a021df99c9001d231d96802516077d84f02d99ba15064d5780be8bc489ee1f8a7bc8c3aa924a3aadc5835666b6b43e7a9a1a90b0fa55265a0a151e46219f21289291879041d9310f1b4a49c27dd4e99a395d6ed54091549d001ac0ac55be176313dbf282df2a015f05be7560be8dd59d7e995966a1843a070bef947b8c81cc84261776ecfc0b23035f72b48cc9751bf5a75c930761cd78d79146742407730caccd9cd2bf8b1893606f62842bde9af2fb4832dc00b50302df91689179294f1b5b9dd55e3e71581809d70a6519c2d20bdca2365fd6d5d4a237798ff98b117c7b8b524145086ca2baa9143bb7a93279694385f9802bab0af6353d9fa1cc3f11fa20db486361c6080f2ead928af638a82cb2b50ead2df44c3686be9295022ca1f068f8c2a528d97f1a6417e271430eb30e21f7ec75d90ea5023a5bd755ba571c55e8e50768fa81a7bec51048d34a5f35560c9dedf72c36fd542178e27a3be20b6c98ad94592c415632f864fd9a4b9fa3ecea1ac76281fa0ccf1a98bcd3e92637da6f192283269f6b4620a1e84846bc37d401142c224fa1d4a34b7fe2748ea87fb958ef275aa0f63404be61a6642f24269cfd89dcebd709e39651278cebafc7c13bc8c8b08604dc215d6eb6672fcbfa179a0ae83300962df9e633e7e82e83cd21681f62a60c6b277f08fce228dc6eb950aad446d45738e844251e41b60b8ffe1b86a36f0176ea77a5cc0ac14e00d47b55264cf64a3687c0aa3326b1f8248f0faaed29282f057e0e79b8da5780721c5148e802e3c8da887336c61130499f49ff755937283f5fd5adb6d32e1b1b94757c5f99ee86b2437e3d4feb9ee08287e7bf1bf7f72e7c87c02c542172b7f8079143608f5cc6464e6e338fadb3b6f0c2233abe2d67b2de72f5cb34ba949dee228a9e65b1748aa9d27e7cc5c55036bf2f6ae6de5f67939cbd6328d2e4bf96c8a4f163921af3b65efc9a314ad104d92153baee3b8ab0d87c5fca020a429c0f9cecaa3d9c5eb961221727891729685d4be3bc4cc79bc0215f1ffda251fc45a69c74f7f8e9160f7bf5ad6e399f569a42574de4e1c6fd77711994e2507ba59580c5e2e929f117cfd54c022ced7a845e7252c8292497b1c3225588a7dfd8b40b311612e6621b86905f8706da52b1b0316a500c8499ccd43b4428d0472b2ddfda4ce7f2d2c268b8df31a86a0be0a4eb11cdbce8d38776807437e9140a864c7d99316b79c090ebceac05dbaa7b0d62dadf044dfa333234c8881e6b6e27ed4df3c5952833d0d749e0255328b7819ace6f156bf3a97aa7f44e977bf2a354253b8bd6980a0a8e9f3ceafc548ac8f4617df35da1100487fccf2ac7870f8a3ef163423602736df25dda26a5783bfd59d7d125db58e38613e1180c77dbe449b693d038ca51a6929ff321c8afed44aec0d2459c7b281a2b1d77b2410637d696a3a33d5eb841a787710b7dc386545cf09ec6e7cccc216b75a9aa64b9e0805b50de4e4be83bc5a21ec241bea199f622ebb6a0c50c9cf35f99e007ca3ae8366cf32d595bae935a47bfc5d443a11b109b61b98c504c21905777f1ee490c27e0a893e2b0adaead60ce916429adc376be6d71d4b4ba732f9255fa896a7d15f6db0a5ab9f4c53d326077694c7c1b37ab50f9f3e15db35e230e3572324630810864b3fe64376efd8b31006825d940e3d449bf71e1a410d96b5920f1c9a996331879db4bf44882efab55a9a147e78c2bf00dd57ebdcd9e17f926c597a8b18b41d983eb30c98e9165c2c97b6e2478928c9720ae63c57c58216e8a8010787e53885b4baaa8d793b7043244cc0b8eaf91a5f8643370c7ee744237d9946175ad952e9c02b427f2a90983dc690e16b346091e1a029783daf577b34686a95e6b89dc7fc3f816208d079d0bb238685791c91ed9b6dee3da2dcdb0f5f1eaa82ba08bd2bb1234a47eb23432e5cce67241a0e20519e173e2d4815c350b210028f8b5fcda71e5cc471550ad68c6a446a43c5ca4f00d747ee1e4ac6ba5f7a8836cfb021950567bd421411e0f3d8eab0b0108359bfe10b2b1cfbede08237fca481ad4ef9b5ab51abd5dc9f82e22aa0bd6d2e181b5784239f4235758572362f4f850dcd37baf144a5c7cfd6c0bc063ad215a966ef191b095013a6ccb98fea7d1b573f51518c62a088ac4038800072fba78940fafb56950dce5139e09548714a5424954085dda582d08ee72612b31ab44ab4786bf4fd33ba6d8000effc3cee4dcbfef21f7cb5380faff4b4d16aa2d4104ec1948518c528c6c07a7d7f2d3a31933cc6385ce430b24118c74877e6b2b6837987119361e4f58106f2442459901fe07385c1ceb059ce6993dc4c123cc4571d1c31eeb39749d746807b7fdb616b904b903df844426dfd943e0720f3e07193851ef4232d046ba6b661636dace6f5c5e1e0383f3f67ea726f15b44b16e8bb6d0e099d97ffd9d5ed074882e317eb3a1513d60d15b4cfeca6f1e434edc4b1d9455c36b629d59efb25b64444f5e5a1f6ae472e2938ddc9f729a1548009fa3399589d9d11e98cf56fb9a73c7fca5a798da7388db695eb845e981c9b83008e78b44336a4ee3913b9489cb660386ac3f00422ad10a42ef374a91acbf9109c99c912991ae572d139a8a58eba1a96211ca6fcc9ccc85fc91c7a415add817af7e6aa9d7d65e00d8f1355fe9038844fd3b76f3ad6242cbfae6c7cc4cec5ac49717ec4e1ddd68154e0f63f524b6e830c19fb79a7f8bf77a21897516f3616d7e28450553216b3d215a714d620096b727bb9fdceefd0b23f91ae2bea201cda00b95e80f00552844914423d6fb98899ad42fc50ea497d7d009918e7bd80e449cbb9d7fdee7794597e19c2e003d0c3fed0028fb47f1153dd92f6764b6a9452e3086866e6e97ad15ef74ebc829daaf254be506dea7c6b960d1f4a50d34290b1658d091f4d3c943e5495abcea1431882276ec0f895f0aed382bbb2bb70deba8d427e200f2b70064ef4c2ca0b0e0c9fb26aefafdd4629b39fa47214c422c61b4607565acea11d19e86156094ac4730f5f193ebb6b8d3f1be7c19a754e04f10b7170b77b65f67a79ef20d8952b9369a08f2c45ad397daba33fa9c573745dab7751eb6347ed749e5dc847711c37316c7a25f6814551b18a96d5538a0a729b5598611232baf390a075734a4941351010dfa123dc54eda8210ff5c61a0ae302972e131c75f9552915315689beef4ca02194d764c54b9549697eb32497766e054df165020600f66026129672c1b6237aa7015ac44666054ddcaf5cc187267e147d101a0809096756a5e9699f9ab73a3aa93fa809e87020fa7751b80461bb608e9dea0a766c5c95ba6f460b0a48e5884a6c0470d1877405a1221e4d6d2e0b97c505363106eae99a10ef72412cc65ba1b9927fc2727720b5483ec4526617fbe4df130b2beaac4f39d44172428cbfc399074d9db1e1a9223f660a9d270fc50788a03c747c784ce246f28044be151ca6bd2d032a216c7184548461682a80974a38a182b757a771893c0c4ef7fcb551092dd889f5c0f562167262cb86a9a009e7bda1d4df955d6d5dc3a29a0ee6772b0af11254d29ca6189fe4ded11de0de3bc786ae1f67abaf5749abea7b8032954a4e8b4435576cd78dcffec55006c4d6047fe20daac3eb6b8da4e6f5533f33a5e5d963edde05b9b74b055a519013667a38a39ee7cb9d7963b3c07e1f620bbb262e349b645f61e8ea78ec0114cbc313ae00bf20e2eecee78949ee5aef1c036d44bbda9e257ff78aff5758d4068c758f6077273ef45a53e55f8b966df1ec7d28f811e69d37e7a5228abb94d53a8325050e3f6b4467c1dad03001a85dbf6c4991e9c9d015954ffeef5c182a2860a62fe92039e0c97348492187c7403571ae49c97099e20eabb0d1d09662dd167b1836c9873aaf0e2ed40b667860d81cecdcbaa78235358b2752540beb0a96cb7f55c9a8abfaaf68ac89b6cdfffe0604832c996561ea7308e328356e2cf4b8fb268150d3bc9fccd9e0dc96799f928150af4ad3511e27498ff2dd5be7b7b06b4d180549054da0c8dc0b0bf1123fb0a03e7f82f6ad15698553c07c92f23ebf5909d78e253052ac8c39e965c463eeeb7f4c37276235d5643429d7f449933def4f3c378e78d4f46b39ef1b358a0f93f8ceaf79fff6151a17a161d833f25dcdcfbc80d54394818aa382653b11f21b8ee7415f44709e3f4de3c7b5b07c42bc67b417498fcda9b6bff561951acb70f5ca45a23b17e2f75cbf8bebaa6bf30acba8a87c886445f0bfd16c7eb121a6dcbc7cd5acb157fd6ab3895ac3b64bbc95ed0f9aa03e178a03ba7c89cde5c7abcedc48cd51995bc403eeb552a7cc6bd", 0x1000, 0x8, 0x0, 0x0, r1}, &(0x7f0000001400)={0x0, 0x0, 0x0, 0x1, 0xa67, r1, &(0x7f0000001380)="d9563e69d8beba614e42c25e4735af5e4fb64d272a95515841de716ebc02048a1eb20eda8973acf957f1f9d73c4e8ece0236338183259885b438557c0ba8aa127d06f30c2abf1aeea34ac3dfc484a455631d4abdfa510d2d6448f66c", 0x5c, 0x40, 0x0, 0x1, r1}, &(0x7f0000001500)={0x0, 0x0, 0x0, 0x7, 0x5187, r0, &(0x7f0000001440)="fbf3ef6c4ad0adc947ae8562b07843c3ffd14aaa48f53cbf6560ef665833aee729a8387051256604d2319b8b79d6267c3d6baeff4bfd85a573f067e64e16ee8d1b809b6a8c6d9677811bad7347cf268f2f4af3b78269cd5fea7f85faa611bfd844caf6325b68b2ae462f5c24f7bad3418962c2b04a4f832ea8fc9c428bfa4c7b3eeaaced56d7b164facccabdd70f80530e3c3fc797f4d15fcc3b301c0e6dd76b890810c4dc8de6da3fbd", 0xaa, 0x5ea, 0x0, 0x0, r1}])
setsockopt$bt_BT_VOICE(r1, 0x112, 0xb, &(0x7f0000000000)=0x8, 0x2)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:07:59 executing program 4:
bpf$MAP_CREATE(0xf, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:59 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x700000000000000, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:07:59 executing program 0:

2018/05/15 13:07:59 executing program 4:
bpf$MAP_CREATE(0x39e2e, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:07:59 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000007000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:07:59 executing program 0:
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))

2018/05/15 13:07:59 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x7400000000000000, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:07:59 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
r1 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000000)='/dev/urandom\x00', 0x40, 0x0)
ioctl$KVM_SET_NR_MMU_PAGES(r1, 0xae44, 0x7fffffff)
shutdown(r0, 0x1)
r2 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r2, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r2, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:07:59 executing program 7:
pipe(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x407, 0x9476fe0)
ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f0000000040)=<r2=>0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000100)={r0, 0x0, 0xf1, 0x8a, &(0x7f0000000180)="fe2184098c211663afe64ab42a3918780b92562555f722bbcbe5577a532b8eebff6b85efa264fb169ea19c4debfd70f3d16d8f6431a2b344f79b8b4959cb80044c969d55683bb3e6ccf94a49b3bb93faebcd1f9592f9b632b6a659f9e772362fae72f71ec6d43dc38574391276d148d43783455323f8cc19b6463b7bdd7a1d845f7fdfe79fafd550fb44e66c34afebf820142a2c58ce8441aa7b5fe0c602bd9886ac3cf9e7d7a8ec644b16c01db828d4eab4853f5b17946283baf02cdd9ee25321edb03a40d3f56118578637657c12c8a227c95637c31994fbaf0b4587acb22d02b9136e0ca4bd65963c687a2f733d9498", &(0x7f0000000280)=""/138, 0x74, 0x7f}, 0x28)
move_pages(r2, 0x2, &(0x7f0000000080)=[&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil], &(0x7f0000000340)=[0xeb67], &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0], 0xe7a9ce83d41b9a80)

2018/05/15 13:07:59 executing program 4:
bpf$MAP_CREATE(0x3800000000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:00 executing program 5:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
vmsplice(r1, &(0x7f0000000280)=[{&(0x7f0000000180)='r', 0x1}], 0x1400, 0x0)

2018/05/15 13:08:00 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000003000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:00 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x400000000000000, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:00 executing program 4:
bpf$MAP_CREATE(0x1602000000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:00 executing program 7:
socketpair$inet6_dccp(0xa, 0x6, 0x0, &(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$IP6T_SO_GET_ENTRIES(r0, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYBLOB="6d616e676c6500000000000000000000000000000000000000000000000000f1da000000a8156182e9d99fff59ac444e399359ed7123a0a3c0cc39bded4beb26c991b8dfd6e8e58942e52041ebca20fb35b61fb503b565f442b3b11df2798834469944d676cb89890f6afe02a0c4c4fc32daf6a6edda575db61b3e795d6df59a24120917ad20a25bedd1e21ee29a92f5ea452444aae4023d890515e1791d7f0235cc3ff9416d8bad93d8a17929b045309f3984426c14b8ac243911441ccf68ec289622a47a3e87dbdeb2f51cb7f625b502bef08dbba40d9886f798d103d37fc34de9ce1053c0deb76087f9b571336494e92fc45f3e"], &(0x7f0000000240)=0xfe)
r2 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/mixer\x00', 0x101040, 0x0)
r3 = syz_open_dev$mouse(&(0x7f00000000c0)='/dev/input/mouse#\x00', 0x2, 0x801)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r2, 0x2405, r3)
pipe(&(0x7f0000000080)={<r4=>0xffffffffffffffff})
ioctl$UFFDIO_COPY(r4, 0xc028aa03, &(0x7f0000000000)={&(0x7f0000fff000/0x1000)=nil, 0x1000})
fcntl$setlease(r3, 0x400, 0x2)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r3, 0x4008af60, &(0x7f0000000300)={@hyper})
ioctl$KVM_INTERRUPT(r3, 0x4004ae86, &(0x7f00000002c0)=0x8)
fcntl$setpipe(r4, 0x407, 0x9476fe0)
ioctl$SG_GET_ACCESS_COUNT(r1, 0x2289, &(0x7f0000000280))

2018/05/15 13:08:00 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000200)={r1, 0xfffffc7a, &(0x7f0000000180)}, 0xfffffffffffffeaa)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ip6tnl0\x00'})

2018/05/15 13:08:00 executing program 0:
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))
r0 = syz_open_dev$sndseq(&(0x7f0000000000)='/dev/snd/seq\x00', 0x0, 0x109000)
write(r0, &(0x7f0000000040)="ea53447c9d885f3e7799be4caa569c8e9635313cf42658a2cbd289149d1efd392e5ff3aa1dc52072ecd2766be846efd8dd2cf9cb735fc108ca17d1fc9c187109df0772c7b79406d9e3ba5ff5b5fb4698d22d297d41c8dcd4d3bc52b7591fc1bad84ada63241f4fb699a40d33bd05fa3f6c605dbf6107c6843f4c02dee7aec4db8e7622b80661bf09cc7bb9414e08a803480cc6cf3d391a96d396d7a79c137bebf0369778", 0xa4)

2018/05/15 13:08:00 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r1=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000000)={{0x0, 0x8}, {0x0, r1+30000000}}, &(0x7f0000040000))
openat$kvm(0xffffffffffffff9c, &(0x7f0000001500)='/dev/kvm\x00', 0x8000, 0x0)
r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0)
sendmsg$netrom(r2, &(0x7f0000001680)={&(0x7f0000000100)=@ax25={0x3, {"e415ab6ff4411a"}, 0x101}, 0x10, &(0x7f0000001480)=[{&(0x7f0000000140)="fc5aaf9aa9fb94b4f6ef7ca5228d999b09f76f9aca98fb73faf214134d8ef1f9359aadd7b8c71cfc72c0fc28888f833fc5aa9e1f83ee247c26b570a9a6363d39ab13ae50c709196a1e8e2b487b701348c1e9b214", 0x54}, {&(0x7f00000001c0)}, {&(0x7f0000000200)="9bf4105e475e4e497a14c6ea897c330badba7e5d571dab6ae24d8167824e4fc1be2b8d95b2f1151eb5", 0x29}, {&(0x7f0000000240)="dc0ff77016a1b1fa304fc8cc6416dde23221597954a158d30af3cf89e15ecf8abc0ef0bd17cb7ef0c45084a6b7f00e8add3b49868312ade631a3b070dee287cef68759d56d23cce2206cd1785b7d57d670969506061b6eb6c5b9ff2439e20a99c5a54c925f0597e47f4c6b757558bde4446507771b4d7a18cedd7eca89890bebfe9101fe50d25f9a7be75d76091a0b266c412196254573860371eab5b9c965bb2d94", 0xa2}, {&(0x7f0000000300)="e8f2459b9cad191baac37f539b8b9684ef66071b2ef79e57e74fce0d4809c8ec7b0edf7a499d13d9560b9a4618007f9a8b528c8de55078f8b9382f18996a46e75c8ce03d72b2eb1c77361700c789fce83d5da969", 0x54}, {&(0x7f0000000380)="6a211eb9e44cd5f6ef14948e78dd1e4ce13560c7b619c2d1ee5307417da65f07d185a921b8ecac69dbeccdbb785b67a69847e1d9f530801578c53777c2a1f8791d1e6e0bbf0422fb9e7ad40ae438ba086ac8af38f465c4cbe6e16472ce829310045b13b31f46a931880afe425372e7f22dc2cc8215907d8e4400d4070e11462f231df468c0eea55f16cc0a9ed03bb4b2183fb904453b9910dc8fbb58d51b902acb8854bd87fde7288d4ef05dd201559c58bf5fd3c8d9c1f5da02986a2bd2c1f5a9a0ce6e2cd105fbc81c26327efe249f88913cfcfa3d0289240b2be249e82403be67d6b0bb34f0149534917bcf31", 0xee}, {&(0x7f0000000480)="e91302b1a8cae23266b9e14ea0f48a00a4e45211e4eeb98fa5f85afd59d2f13b71a9e6c85704d0c31b6b3a4afe228355891ae0737606e1ccea5971956dc522d01a194793d3cde32ef30488c2cbd7a3c6f4e2c1f59fdfb9fd488373f2f61ff816258701bc8c2787704a6039ff9879ebac1e897dacdad175bc3cfd82166cffd25cdc6971f096516802aaddab56165d65b77c0f209c0cd19f6d4b5ccb53f7d362cbd5da0e03f29d2aeee599dfb78502df6422f72140d23cc2f3e649b2873bf58761a32605ac94f8947c2e93695f1397bb55c092a16a6d8d7e0d873a07304fab1e2d6a1ef98b5370370c73e369a14b4cdba269111b47e7f9cf038775dd8b7dc5cf8179c882e1d6287612aabb790401d2a39928a3dd686dd65f87864eac27ea3da1a31c4fa7d164807a5013945e611988c98f9359f8b5d59f0e98b0967a1ac548c0962fe0267bba8f06616676acfe2353159ac8d45277ab6d372a15509069ff3e898ee26c19d8f66768b5e586e11c5ca20e63374340e608611d7684dfeeb1ddb6c5cce17e5033c69da2630f443fffbccc06a3e1858a2adc42ba43ef789824b27e03fefe5de816cc8de7173283d48df4f04d7fe943e5ce071498c969baa4c3f0400b492dd22f16a59708a9d44abc810acf068cbcb6da24f23d2a1d872dd6bcd2fb8ae8178c14b7fbea1cc30d5c41164295da414b5f87b97af8d04dd97d813adcfffff3e222156182810aac9342ceb2a60df09a09ce850adfbe5103609b184b06566efb598777a5422ecb39891fb8d8f9ab334a44ebbdd4a36a7b436c3ac7dd603e275221cf55f2f3d82932a4db79c302e94b7efe0690e2b0aaa39c95f8f17b30d2c5ffaecb86fa418e9f9ee3f79f315d8a3e2d72347dfdc7aff70eae3f833aef4edd7f0c1e0c98ead82538e1bf2aecd3600c4fe7c1f2c739a86a8dbd81d9adc4de9c21bc29185ef8c071ae47783a64fb5544f8e0bf5288f5868a309ba676caaded067206ea0071f58e85e329a2ba3c3cdbec29d3aa7f0ae71a5345a756612880dc2be2f52ea770755a40d5fa3384ed1937b206f7382921899a586720d9af39e9a461af1b59637957a5e7b6e7b835073dbc6421eb0463e89d4575f0f545ca09a82d6f93c10f7b1a02743b8097c9fb2ce3c1ab2e8efbf2e433c13c53739150088317d89e693d761145da77ee26d6db122a3be191633d163decc2dcb1a78166f689d26bc54680e8670a26bd4d570efdf34dd36ceea28c33f3d1a01526ec901e896ffe2d5a7d1906e27d42ff0aa30da19dc3b8dd70d805d3e238f871d5cf5bdaef3494f73c2f0d3dad564009d1036a7ffc00da7965f60ea0c4cc30ea86fed8e13aa285e42664f99848ef5e3c70b67cc2d26cbb503eb646d108d312050ac2185497f302a7cda824de45a8897e6289e7561df4877f0d67805883b3309e304e9357366b1d35b063e04ef5af70b28aebf466a42936244af301276a8eef6f50718b7c2547480691f41a1a087fa6ef493bb2c7d4d8afba2c4a9b336d582d91c2ad6e85cd276eaac3bba3b2edcf4f844aafb5a7939e5d5824fdf0f7f1091627516ca811b812292fc3b4799e99bef66e6ff375340d04796d7594cc8ac8255b2a1de9705a0349bccec675193175229cd99e46a5681735a24972453beea94df9856c456aea01dbeb0aff3f2ef8c6ba612b15b1481fddd98012f642bff0ee58f9dc9ec9f5e5afcfc5d928307d09e1526bcece7e9d0a3ec4e1b3565be2f760f8e76deaaf3ab7b2204a3b5d5cc2debbe1f84be6caec0428f800518e8f9beb18ee12163ce462941bfc91a93c3680df514424dee6a889f8538caf161670b668447c3aa04e3061be14912fa92a35f3721cf914d398f32bc8b8003371d93c73250223d2eb97a09cda48b00391b05af10ca9c899028cf5315b9f04da74a2fbe4c43c8827b7a4235fee9038ff0d747d616a4e97f0cc0e0aa1af4e74764a1ac818613cdf33e664b5be7fdd3a730c2e840fe78d3c61dbc2e6e49c3dc5f5ea5dc167fe65365eef4d3097adeb2f0e41b3afbc4c3383c4e7ac42207d143cbc7c6e3c566be4899612d296183fa8af444559772b27fa14154734adc6e833823bb37bb46371da826892ba5f9c27793df23c307061c574a3f7f110f751d77a6afebb146230a417b453ce1b42a5dc39bcf03c819ccc484158f8e31aa6635f94f575f6a04bd645ab812fabdcbe89c39bd870d67b0f08ff58a3b8aa57caf3332bd0e16d5f7106fc452ffe1e95b147c3bbbba8001afd1ab9cd8ba235747ef7b9cfd03010f930b375bfd966c9511f4d68c6bd3a8ad88249da74ac3ab2a2988a0317c65c490075a4cbf93d06413e9a86c7f7967a083f35e321e1e2ce7d21167c92578cf59f57cab87c3fbbce2489306cb1c4ab6fb8a6007455cdb4bba89f03d72a4c4987323fa4a7ae5549ab15545554d88f3e6c8031e8dbef2adaf8060648cb2543221cb9d92602f34c563f3230a407ca32ef51022995e6d993775c07d860c7b45c1c8664826b5e0a136e2964367be252b26575fdfa425af75f78df6880646282b5b9cfe67f418cbaa03b3597ad0f8c132e5ace9e261d54b898174ffe297ac9c8877c8bc6315e0669f73f10a25a9182a553760b3fca2250c2de3e7ae5e982b670bbbb0c368fb5e832a7e0a2de19d61212b660796c477a0f04b9e3b74d72da18a0f476d350fa8eea8e57ae4d88e304579e954770867ff4e8c0c40d109f3569623fc82a085344b25be544b4cd661ebdf1c5425b1da5fa48d66145d8bd5a19ba8b0cb69f2011b48ac5b0ddf56c60ccfef167624b56fbafa00ef5454616b91ff605a24d05888648494a17ce5ec05dbbc4c8a860b72f4b3de90d902fad3201191441458f27daaec391934b10f266a9376f0eb3e36a5d39143fb7918ed856d5a757f8f78f6fe2e43a50ae3e81f68bb2ff98a30b32f9ff295eaa6887cfb583694474f7bf966a0e4a528a8e2f3a00a90a5dc6a1430579b8bc3793237b0cef31219aab69fc1052311fa1fac76777310c96278e5fef2cabf78ed25cfe2a8ba0c4bc847d36a7072c5719b71dbfbb85e98f940cfc9db379644c4e60038d42310f58a553d637836e77b4cff786f12eefc32ca6507d2d1dfa712b22515f6c2971e7e941e41577c195726c17d6adbd953baca20f7a672352c9f029f894fe65395d18a70ef95602092ebf955771536b08334c885453a6befc39c70ec7bc2c6b2bf99ddce2743857203455578615f6664d4bfdd1bc3186c606f1ffe080af38e66100cb9b05ac0e9a5afd6b9c9cdebbed0ddb39eeaa2afb308735fcef14cd1640d91879fc92fbcbbee72d4fb2d950609db4de0fe8b40e4c3e29afe86c37df386321a69608826a257bfd5f8bde3b27959e37ea3553679c7dfe1c6286502c62fbf226df569a8dfa8a1114a9fc9276cf5f179e66c13772cb10906401d5ca7d360cd657d2d5e7b80ed5c42530052b7eac676c858241b2b236d57c8bf97ab67ff24748cf6c6aa8152906ede8d907a7bbd83992130913c50218f7272d220edfb391e6b17779f3f915e9920817c89d4124877f8cbce7aaa18a1250f597509e45144c5914301544ebbdbeb6e58627411b537a1712afdfc703fa9f65fd997b52fb51ceec58ab260958eb76bd927ca51111940b74e9c4566c2b67049e76fca553674b3cecb03354f1f30ea0309e7d8dbe82385e172d0e37d9d6b757c3731e9f5c9af0c25ef0cc62101001c94f91ce51899730c9728473140d403ff278d85f68bdc5f27adf272c0f400bfbbf94758e8b456b8a7d1039731c6b099a259d95430ea825f02137e6e754e92b7be6c2d027ce0f1f1d07c53c11587cdf447fb018ca9fe8c16212d0e37975b3624c5da0d28ddd2a9a5779b9afbf007901d0a488f61a93d1957a17d6641eb4ced049804e9e2e5a792897d150a13761088705128746817c15eba22815c2bdcc404ff4614ad3640e056e3d9a3d8704f342eb3b3aebd4dff752646cb3e6408496c909e80f1727920ce869d1ff8c819358c918d3539a0f5c6dce0aa59271ad46dcfe7b24be06a7a4bc3babd89fa8f5e37fdc4647b45f2cd7459b863f64c94327ab14bb4af0aee3a874f6e2b0e728ab3bca34cc42878f5582ce310a4668b0d3843eaf13ed4d8cd2d6ca045aa3ad67ec0266fdea36f6ef1caa8a7a5938a1bdea52ec19fd0565e485c292c0827551beebc5f63c9d39c725ec7f0f3b47ff556be7e2a860fe4a69faae78567d23e9f8b008cdafc91bffca5cbc34142d56fc526cdf8e169a06fb5ab69d9f16264864d92f75cae0eb409b5a11b39f0424f75fa4a8a8740c48c196dbd7ac7687a8939809959a44ff7ef286caded5cddec4846185e30cf36f9b58144227d4ade69f0d3ca645fa4a975ccc22df374549a1eb9bfab7b104fb8751df01655bb1d7f9aef391241f2d95f17d898e75b49ef8430150f731b4d80a276a9a05fd99e5531860ef0156777923efae0e5bb0ed475ffa7048b19c3fd4d244222043ff1a0bfa94dfc615ba52742af16a17178bc389782a325096905e9a41f3590b8b66956da9690db2b850cecb222bc3d154c8d803241f2db144d3418a4ed5073e668959f43d09a66b1071dadefbf0e8a0f1c2425a16361b6f9ec81fdc170dbac4da943fea477a7fb8d30d8cdffcfa20352c99f0f9ab483b16699bc016cab30b66275e2a3881af2441fe24e0b901f0ec8c4047f3a14c5f480ba569ec0e0ff762cb50269c6cb3f7781bfe1a34a30c6d706cfc9d3841687e7b1a25130a64ae1868a54c717d659fc3c9836d4b59e865030e57f188acdd2eece4501ba6e6dcfad54072ebd84919acfeb23feb34b8b9cc4c12a6d4f0d179dda67ccda2e796fb10ecf8961e72d78054476441483e1ed32d9c5df573dd0e7678c99e855986679851286c8ed61e336845b4d50af03e85421a1d3aa0bfea936cb245ef4c178194f67736e60ec102ac81771b01dd996d7f7d5583a249c6f6dfdcc26f13ecd4c1455f1dab03d6ee7d9518251b90bf1d05b5214315f8f1bbc9b0ea74c1d4b85991f7decb15f7259a101eb38c6ccbb1672787850d0751452e4d4baa48bdf623976a0bc36162ef36f63bf56cf7c98332035671b9bdd8126195ace2d180e14e756d6afac3baa7736cc6b23bd8588ec7e0f45489d444995903005d241d6ac4ba292715f4cdf5aec4a532c8352265d6807d5ab0402bdc78c7c73cc9ae16f8708313c4ce41ac2868a527e8fcc47e607db3b973e8e2e1936cb91a7655b8212140e35ef9f942195a7e7b5e5bcf8fe66f27bd2fa978b4fc89cfb1fb048abc2cab4704cd3ba417906984b73f9d59d0e7851335f0a38efbb7e5254541beae4a0c7be864b279d84251c277a3e648e101da71a13528a726366f5087c21b62b2070e42576c26507ca0f6159c20845750365a5381748c09285c19098fe64cee731342d2b91e1085a9b2d55b1446b8ce884188b3ee290794714806b34a02e0f939950ca2133921fb223388c7789dedf5d5962a4b00992282fa49f7bddadca005b7ace62193a4307bb46b54884f0080622a96a6cd8e05b94d07cef5bee23b05ec266a8181aee126e646bf50223e4418eed836620d708c812df9724e1999d4a1c5213e2dfddc97d8cd7e4c91f9fb12058bf4bb57e4ebc351aa52e2a81d69d66ce707adbdd25478d9d69055aed2ca429cd34da3682a5d86f001f45ee3dd7c2a8c306ed3ae8d02e0d7d83a8a0ba4debc63b4962e9f54df29acf098ac6fed1f6d17c457577aa40f278eaf0ebf8797bd169839951a4dc318615c65d5beba144f3ce06febbce9a042ce8c0e9d", 0x1000}], 0x7, &(0x7f00000016c0)=ANY=[@ANYBLOB="90000000000000001f0100000700000004270758fe5d0caeae6504f8c6dbfdc8dad065b1b620f05e8f51ba2832d35726b144769dbf6958b6a5bf0bec1fb9f3b37ad8150cb50077b0236a3953ec450c58023a785bda952fceadd4de63c3b19c2358ca305701000000e292624b04e0e47c58007c29359fd9c5d1a9b6435ce6faec28bd2cf58d059b5400fa96bbc500000078000000000000000e01000000000000b011251b9f14ea669e20d856e20e09351d2a129453d2d28a16bc31279a917e6682639bd9ad714bbe42a1864b82a31388f5ed332b40bb54bfbb1b1d775df932b96cb850df383e23a633b107ee697ec9e7543dc7a2613fd107630b485749b81a23f6c1c6000000000050000000000000001b0100000600000040d242fcd533711a095594af5cfbf5b6dc04f995325c569aa76f73c2861090c056e97ffce4a6edb088d6a62def8224fe4921ed74d282a2659d9411945923d3c7a8000000000000280000000000000015010000020000008d60abc21b1094e2a5f301efeac4663cf371000000000000"], 0x180, 0x800}, 0x1)
tkill(r0, 0x1000000000016)
ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f00000001c0)={0x2000})

2018/05/15 13:08:00 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0xa000000, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:00 executing program 4:
bpf$MAP_CREATE(0xae010000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:00 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000012000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:00 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x407, 0x9476fe0)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000000)=<r1=>0x0)
ioctl$sock_SIOCSPGRP(r0, 0x8902, &(0x7f0000000040)=r1)

2018/05/15 13:08:00 executing program 4:
bpf$MAP_CREATE(0xa2020000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:00 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000016000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:00 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
syz_open_dev$sndmidi(&(0x7f0000000000)='/dev/snd/midiC#D#\x00', 0x20, 0x101040)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:08:00 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x6000, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:01 executing program 5:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
vmsplice(r1, &(0x7f0000000280)=[{&(0x7f0000000180)='r', 0x1}], 0x2, 0x0)

2018/05/15 13:08:01 executing program 0:
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={0xffffffffffffff9c, 0x3, 0x1, 0x1, &(0x7f00000000c0)=[0x0, 0x0], 0x2}, 0x20)
getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, &(0x7f0000000240)={0x33c4fe45, 0x0, 0x1, 0x4, 0xfe1, 0xe2, 0x0, 0x9, <r1=>0x0}, &(0x7f0000000180)=0x20)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x73, &(0x7f00000001c0)={r1, 0xd02, 0x0, 0x7, 0x5}, &(0x7f0000000200)=0x18)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000000)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000040)=@abs={0x0, 0x0, 0x4e24}, 0x6e)

2018/05/15 13:08:01 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x8, {0x5, 0x8000, 0x401, 0x6, 0x2, 0x80}, 0x55b, 0x4}, 0xe)
fcntl$setpipe(r0, 0x407, 0x9476fe0)

2018/05/15 13:08:01 executing program 4:
bpf$MAP_CREATE(0x3c03, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:01 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x6c, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:01 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000001404000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:01 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
pipe(&(0x7f00000001c0))
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
recvmsg$netrom(r1, &(0x7f0000003700)={&(0x7f0000000200)=@full={{0x3, {"7fbfc5e14a9383"}, 0x8001}, [{"09cf1ca8bc4a14"}, {"648a81c95272af"}, {"7779f74ea728c1"}, {"afb2cd7cb39f3f"}, {"1d270717ddb956"}, {"7bda042ec70332"}, {"f4a91a60853573"}, {"2ea00448f3a2b8"}]}, 0x48, &(0x7f00000023c0)=[{&(0x7f0000000280)="cf99a06f535989c58616ecac7cc455dee9789e760270b1368b9f694bf1df2c17460ae2d7d1ae2bbf29f0c68592f350288a248635d79c587aef6a60b987e932364818a11bd46ed22fd38b446afbbe08c93ac3c12211f1df04a45ee6608c14d1f2477cfc2dcc0d412a8cb4af1e1d38786d3372f8c06dc1eec4d61654eef0b86c95a890c570b58429a76667cf6cc8506f9789a4f65ab17be8c337ae43537e679c7efe1d57d1f7912414e2de958934f1991f9b6c39291aba127761f40123645d54b04a8fcac3ba7b22596afe99c0f3337798a20c7e4a874bbb81b069d90c22d52e57ae6abf3f9a8ba86ee1c9145dee8f1d512c813853ea8581d540714665e4c509e69bb6518127cda9b7a8140ccf309ff7de48dfd0da7b4cd635c09bfd3a27364da9ea2a0259052fcca7f5e8d424d456329c3e7e272f3b8984d037db7b96e13817375882bc7d2dc84350b744fc52c3c15f8bf847fc3ea2956aca69712d7f4d2dae2876b7edf586b9ae7c37bdce41670bd6289cc9d19fafe123b4e91d3978af2bd4f9a9a56ad194435bf50746e043cf19d320eecdf81356387ac36f0053985fe7f60154b2df8135d944de17c0df82c458ca3cbafcd97867262ae956b62b1f385b7685b6aa61b753dec0de2207ef7dd095a6f40f61119f05383950b785a0832bb88b810283e6d3b70d17bbc5b9eaba032ce2e4c8314b61d692edec98de9070808d0edd170dcbccd6329b821fe16cd75ba99013b6b85e0dcb3c6db11f0d9f8e988211a7389bac4753729b7d5e826d4f3ad7e91b259eca42873527e9cefd00b1dd2bb6e818ba592c5d038db64f06ca6f40fb999d6dcc3db3bb5c684799aae6b56f624b2e2498b74f982b5bf0e1551eaa44a30c97a0152ef06638f0391ca008c02193221c337ea1a24ddaa14da5afa3cc6cff545f1e30da426eecbe4a6067ff682c024f1b3890e8cd8129674d4fb36b4f5767b031c416d5f17215dee83dfd206c97964b11b9b72aa585a950b69d06d54858b0c9aaf7af6bce7842a296f577f5df353d2b4e85d5d1c6232edfa0b786f269d49b4f1426f8dd974e9fd14e69080c6921a0aae002200343f2faa6d0ca2d67c56119adaa495137e586e9a9fc762104d135af59dba2807b1989ed96d7afb9cd92c2101ab4b3b6e634930ef34be6388e8f24692e9886e4dd65cd30a309b3e35bef40fb7de26a500d43b1dfd8cd28966baf3449e13453bf4d65816513115ca67917546641940ef473329c6e611b8bdf9046e0924cf6c2a36f341f33dfe622f0c4dd165330619b5aaedc2cd1abd928204684058337ace2dbad080ab13d758e5cb9c3298c8d476235cf8b63ebf4d0bf7c32b87d058f27e9b20c5caa219115a50c3f87776dbfe8da8a56d987a95d3ad4d77e84742da9734f6281ff12d337a9ddd6bac5f8095e1a1c7de828fe9ef14ea10b1f5150ca9ca4c7067a1271927ee90e498ad1c1ebdc65dddb996b691de4fd87f64d9f21d89f6355ab088ac446c8cb03659fd567dba4693cb3208052c33e4e5d503cf94a4d911d379a899d42aacab804d1f291bc074df7cad146b4f7bb1c3ce74453db7c4fd894f0351de3754d61f8ae956ec758c55c97edb2cd19a2ef17321ffb341299650e792fbb3cc7a537ecc09df82ecb1dcaae72958ce5f669471daee323a2a109cc3c481bf4870cdfb988fbdff38f867f9e20a578208f696473f9d6207511282575bab2df198467b7bedcd526de26775b899c303d17a272949a5aaeb6aecc611b9a8af2667b2da3b428f603ea78a4ea84c88cc8a32aa4f0ebd01d9811dd3ee6c7482496aa054b695165eb40020c5b76b801fb60ba9cf7ec274f7bbce72fb622680dfd961c07811f14bad381035c3fa550ea839713c07980cd67ddbd42f944d513922a293e0e7a44ae3164f5d44fb911949a61b7161432d83d13f834c1113a143266e85018cd1439af9e8ce7694f0ab5f529f921e6271ba3cd1f4ad81ab366a377b2a0ff1869cb560638c7c7ecec8ef623b41ac23015efcfd69883d2f82c8853354c62345772f1b3260d50d0913f12e39c86aea799283838ebb887b0914aa2c4d061d37464c68510cf7885557c9a8d658f6609c9a7524c21d618da67b4b7240709a8805ed4ac4cc2a674817d9e7a8ce2b54cfb254d1558597560011e2330fca96ebc756fa35032afa12846acf4caa06872558f87cb7990af554536abbd35c4d87c4828e513c6f9a20db96520c827b72d8f27f5d82073e108c872f4a85982e0b3d2fa5dd2f994bf8c530511ba93fdbe3dde71ac46a7263779e2a0800501f4a10adb303e29bd9027a36abbfd077e4ce3fc000fccc52bb2387e56939c13ddb7ee2b8e948d4ecceeb2e0ea95ea4e3db989cd7f1b1bddb338e91d194586241728e6d943b4d1515cbab3317aa05188a4ebbe445a82442c069d27e96e43493814e51b8f32741b9fddb60cad854db13645ff12fb892df8c02631df27ffe6aba450b0ad26cb9de03985e31af158c2d97860e38242d1b71a15ebbaa3b509c32264a1411c95aff294161ad4213813fd5be111b3b77c488f61ee8f32ba97239bff672206f3c5dd2d076fa150e1476e311b5c89e4ac2062197965fcb5398d3d68671bcf9588d2c8191a5b534e169531be76df20fd6d657b5fc200fd9e84ab5c719d2297d2e386850208564cf39088decee182125c6b5a0cd791f8c5b57d4ef3e678e436346e4b09fda5e9cdacd14d382a15a06f1c5d3f16112ba10e466e7f47c8532d47828e9c60aa4559ec2d7c984f7e3b5b74d13a7a73a56ce8668e92f04573d41299de00f0ab42d35dfa1bd6d688fa2ab3871f9a10b92c9601c6f85ad9cdcf26cbe9aca389ad2a2c1129f188e660c7ad9791dfa7d0dae55f104f75b3f08adc95d2a4e937b78e33ec7188dd6dc9c35a93b4a4b324b91c5e992e3f520d0df09aadec2cb47888dd1b03c6b41443890fa8f07b02af6c822ce6f7aec2ed72b7604999d014aeebb6c8e2784d124878df02bee606955b783d1ec33f6771aca88cf533dd9a101da7dc21f1ce66512f4e26d4a31e92ed373a56db158ad4d0dca3e6ce15799eb8d735e7a235bca5bfbe578b085806410cee62fd72fed6c65caeb59ac02dd26f2350d0303973e42536ced2c2845882e62a05c06c0e0cf1ed8023a65e39cf843c5016dc15abb2ce2a788d32fdac437a535e7ddb01ff7708fe0f32992d6a240e076a764a29a5477b63f078d8446fb71d6484737a23a4c908e049130fa22be7ebc5c077b8eb85ac37bccb02a62d90db6439bd632d913ad360f20fb0c6dc0d0c92a899bf43572e38fd76e54b00925ba2d1f3ec3eaf01b5d6dc29f8943c436fba4c412bafd538200c1f7d92dcdecb7a39c2fab397f1bd6de2f86307b5fe82a225238747b2f1272fb3d9593c93e4bb895114ee4dc79aef6b83df5d990bc771c1d30a4198e0fd1784e3842b25b1241118e972038364f797011c9bb95af84c94f46f73d6d695c02a178d5a29147344e658360cf36c90b54c8ffb74e1c3ba792f34217b1ab90e8b466f16633de111ac852c1a529698bb70e8ed3dab94dff6dc25e32528b187cdc8e4ffa461d6abe180d2577fc57e24c7b5603ad1e88aaa5ef8200cc2e564e71310dacdea23f40ec6ac5e2066426096faf22c90f1949d4b5df3eca065edfe18be53d8d40e305a0de5864fd737c01ac734d0fc83c53ac46f3f25cd62826dba9f90c75d2ce2e7061b807a9c0a1c52de20d27fb01d801d6ff245cc68a70f0c67e3ea4f7ff159548141757fc2dc35d9c73b6c6b0e86c9e119ab49a1d556373e40a3c550770b6f499472dd94d61ab24e0cf0056329fe7c9147189768845bb1b986b26e1bbf7a7969ad02d3d74e52da7609324ed2dfed56f4cbd6bcff3a1936d01c11146dd73d5d62c61111e14ed352b46852f365675cf9ea331984f77a9ba6b90b6dcea3131daae26a533781e47dea6634a0e9cb3be2d56bbd84607b40002aeee8cef4f7eed41ef61e587d217c788fa90f6aa7801ee6bed8a418b425e52ea4a2927673109dde5f1c0d2a7d5a9f2f1bb84c7bf3bf5350dd0c408da713f174e53f2a90125d7643fe282a3d478495847fe6f22e1ab36c2734c331192b22a683f6e11255d8be045c553de87199725d440c48c9ca107c8a53524c633107518cce6fde73877ec39946833fc664abdcfc77272a2a7e52c7064ee7984128ae20049167f37abcc63d83361ef92323f762e2be1dac6d1da32c89a273dd7162005579737562bdbb24760293c7af315fba78888b2e241de4ab03d85a1dbbfbd1d883a321de934d48500bea4ae0250fe43e9610630daa3c706465a42fb8643d62a0cb7553f1c03cc96013e2c83dfe7f31c946d4760c1e5b79844087ea4900b9d9d2ac559ef4aa621ef6eeef3549fbbab5c43a5200813a3b4ee75bfeda8af4fc0306a33ec558cd401a44d8bef8b2b3b7220d7a6a71396364f2457398472c88d289356891576ae4cd053ef481574a29d1f7c689430cc656780c47054ef6f1f28846648512c2320a61881de9519883ac5a49b85728c38f89a6a7577a465e8147ae068a783e7fe5e2cabb46b0f4e936eeb4c2a34b2a20e345144d3b775b04548deb69ef600af2ca848f586c231ee3f6f51ee6e1c332af4d3d9d292732fccc75e05b7b0090cfbfc96fc8e335230f48a4b12dd866af9e556feb8452ab7a0a67dc273da74dc3f2c21c935cab8b24e01e996666103aef1e50c9faf38a9c400139bd09d53c3003600a46292f6fe65b7ee54c0f12cbbb2080a8525cfd56845d4ae9207c153ead3ed5f8b98ca80af1fb79a8bdf4473385ea20282b8c6d29e580bb93636f38179d4e7a9560213259ea3447b73d4ae14faab2e121017a4f75865ddb3f2fef42861cabb8e7af59cdeb1ce4e3ae13ff1c05a104b52e7b7e865447703a2ea4c439015ca9cb0e02ba19b805cdbe4587ab85f68a20fdbe65d810e46fb2d729ac6708dfe54acf2002f59aec0b40d4b0413dff85db4da4163a944ea0d4f676702f592626376e92a18dc0c41cedc0797f0b3c450657fd08f6eaf4ee1aab3b71f6e0e6dadcf96a400549eaa74a902fb02960004b35092f820f6e8ab000d814c654fb0ac86766b36393b287b617009fd3c8e9ef6890b4b98f8f2f640eda73bfb69ba048e1ea4f5f425e3ba0a44d626ea82b0f306154d5bea2e3a2f6fc0d70952b320cfa57e8fffb3e12e96756ce3dc849f892e2a1015e72c587b3bb9ab69a721e91b7f724b3fc0051d5cb639846637693253be9a407c06eac3a22eba7b5471abf6da20f0323a8dfc90efbbb99cb2c0668ece25ce6477bc71a047267ac5f2b9d15eacd5a34ba5e1b7867a232de4fd8f00922537d5fce69285795777b02e2f15a37c5a2c983640aee10d6209b1d6c8a268efa1c89a2df7d6031212a33681c97341ffac7ba42d07f957ceed9b4b034cb9f24a8e595a87e27238b244a5d37e3c2eb3305b74c693b9513214c93fde21d23f6f7bc491af1aa2a9863b0d050b1dd49fc6b49a8446a6820837959fef74843fe82075a4cce214899edb5b149c0f250c86cd584534dd7ae17c780be76ffa1883150b3c498720a91d71d4b080ddcf1f20e3e020701671ed105bf7c0cb0e32b811218576ba0c9c3e0d47ca8a431c9ba1ca3ae60b3a151285245966766c6cbf598b0c1c37c62ea43880ec908f49a68e57e4be799cc5c1a748496f65c7a26a4c0979473545335afaadf6c403c79e1f2a864adb330381195037b7a211007ef44671fc7d5084ac5bfcf2569c01c8b55a7f064ddc55433be568bff89486f34db44eb6ee95579a7a64cb1", 0x1000}, {&(0x7f0000001280)="7c53e1c6ea981fe6a3c8d110ed748dc8f6448e19e54a4323969c7442b6d144883a2a5ce1e29db6139a66271670402818bc3af071956d9e9ec37c7785ee4bc166297a634eec12f37f7079e84027aa1ab2daf2fe9cf00a827f789536849e82e1de99d7ee4827ff799cf7a4afcf61da71453ab1fe90c3f3f292e206ebf669f7d38b954eab70bfbe9e40c8b3f8b382b4123f16dbe444d6171c8b4cd96fe303a5fe10e8790a5cc3d8662edbf3cf77bad243834ddcf15cf136224795e02caefd1cd2f65b7d1036c15b5a09b2040c4a5a63a6dfbd1508dd7a380bda40d86c22b69cc4ea265c32f296faae3a8643ab5ac8e3780433ce1847ee721d6a46b1368fa59e06c6a34de19b88a4170cff3f4701da0710e868e4f614a43a7010f0c61c4e6fbbdeb61f8cbb091cc73c9d5b5b3e3ec61bdc3398104bf8fe4e28dca29483b0b84fbe894add6424dab104d2bebe4431c7becb57e2175317ff20de93a3185e7de9a5d23e3efe3d5cd3d3cc6eb37e4d83edd918f500e66aeb2b44226f94b4eec9c00c0409a8ea824f41a03deffd2baf3061d2185704ef4ca3b802bc21472200c7d5ca4d00f4c824a43626df8861d12cbcbbb1bcc690a7f009fd4b09b6e2a08c42814caa60cf55e9cd4ee44560499de193cdcf219172672ef362426d72611ea5d60e3a3723876146d19797dcba3af37abd4b09e25b518c22fee82faa70fd03a5969e51f1410c2769802c6dbe0404120e51032935fd231e73855b1f388a615275f6abba745025e2c6e8bd09e7244029d8b152ea3500c6267b00703b8e12a6a520fe0deb849d4f2466f2e8632bed31d553da3bb8d807f87eb8a910489b594c656490e394ae48abc4dd3eaf1e07815c74284bf2776ec982cc1822a617f7620a27c003553261521f5dc84d89e158bcd6bbca5e0ae924c043995c17bce03f006c75b09d7c233841d1673d38b5ac812c9a2f632871ef7d28f2f26415afb9a6581e9855ca3f9c90559d7fef170977e7015b9270ee1cf391e412cee5acc14076276734934b8ba05ab6df1ed8edb10083352659d1278a21794efe6ba61de8b3232893a9d77e63491acad45ce8e5d64e5e8664cd7a6069e1d53e1efe845ab74fb454e430c10c6dd620917a335534e1b529eb8e6d9dcf59529931652dbf4121c9e327fdad4b8f4e16d55c5cf91911fa1f7515555200e9e285f0b76c686b556505ce729f6865f979427e7c54d91a414d27549a9993663f98f37d172ca1d98278202ff84878c39707d02d8e553ed634eae3b453be4965861e3265fa636a55c79bb2befa515a6c83adc9726e9ea8bd36c8c0b3fdbfb0a7785c477a1b58257f3c59933f2545f9ad4dcd442dbc26304f38e97b2759d66b1b43a45791903c086a1b5c2ce77bb64a5c30fa21fc3acf941d274dfe3074531765f51ea3f85fa52cc291f06e22ca582620a6f2d8216e162310dc43c83c84f9c066922f1f0faa71c566e631e0054026f010fcac1441a49407cbd23ffcb0fdf1c6c38edc8e6792f9a827b7774e288a093344ab0a91762193acff56d8fd831e1b776a9698317127e97ef70241a58f7218fbe99e3ad4c7fddfd6e898c2240ad284adba6822ae3fa19ac85f766086b2b5ec0e8a12f90c43a2f9f38a968c5f447021202a15823dd1f4b4d03f476f79f55bf8df487272a3d0b51eca5d3e2ac79ff0d0a534a73b86d06bed5751ce7f631aff6223418a0d0b8f25e036632f5b61159b9a6d459fc43c0db0883e53f54fe0de3280966f717606aab0ed0455f4fcb4e9be3780a8661a1fe240d32cacd9088dff9ce904b5e11857e4c9c7e364773e729abdfabb4e9296700114617b38bf96ea205a1c4f8ba52fbf75ad2a61dd6f5e18e261d396df2def3df854727ab48c13b524173285124f2f364547b1d196d9b8fa844ee4db5bcfcc83df758d39c9e809fb2616c8f3f5cde0b2fb4683d264cd519f2bf340935b537f0f13e5fb63319fe77679ef0245b9273e4240bad5effd402c8a71402389dee364923ea9cfb934ab5f6f87411d6daf782b57992dedcee23a66e48e4badf9c82af8625a3c1d8a1fc244f9393e58359eaeeab902254408989ff5d4feb393c962d97d8a22bcc7b9b9db4f8b595d145d054c70f2ca62ef5f723dd904339d7be61d8ea3db000e1b43cbf1a6bbaf3b18a303552f8d8d80e89162749abb8abe4c907c112993723dee4620be0b7e97dfb6a7081cd6c42c2745b0b3213abe43f6c638932ffcc150b1b5947c399c459498ab2fc7d94eec78c8e890a1018b432a772f987a30f22796eb7373638647dac5dc7505824da7eef2f6989d160db0458020d72e8625edef5d6d0be9b996ae57e052e4508f0767c1b4a7ecc736709c97746ab6c6d495b6a6d53962fca7748f54157a746835e874dbb4d156cf0f0ca9e38ea3b9880447a99d7f83ace4d124dff657a746979803febf5f3a120622e1e74fcbbeeb129dc05d2a5b9ceda47ef925a78aebc21ddb5ce5c12c1caf5250453b94fb7b7d3e73878942e67f332ea6e2b7cf5f2c7dc359903174911fd87881f5b946ab7fe04d4b3fdb00f87bd83a5fe2d8b4bbede18e1a891cb8b8527352757c20201a324dfb47cd58e474b56598a6030219f0c48d35a90935a7723db50b8979ee8503cc195395e1f8302c4cf4946aa98f8ae0147be4799387d7f15dcfd8eba1f8e297bf98c49818bea9025371d15cadf7d0a09c6f62d3b6e5639d87cee85917ae90b8b3e8c37d7f455f152721a1544926c0afa7efc81503ccfcee870bf8d65f6e13a3f955cf37026c5450410b1fb71908d0fa5696af56e4faa5e3025511b222c30be9973aa2ea181211a45b9d44a60a58603fce04a53adc039de5318ceae5aa8396e8ad75a00040ee236afcd5e3feb0b5c2d619e82db79fdf236fd44d16680dc6451a0d2646ed51f28cb0afa9f83bc5eff38404b57efb36f9de253d8370da55b6d7684eb6446798133f74800c2d2dc5077a7e2e905247b8bf23476314d8d67f0736b76baaabc34de536b58d8181fd30359ec11b6f1ca9c56e86b115de5709046519492da4f8f6a226fa14e0a4ef97f62090c24e67a0e06fdcead0470324f3976b3ac666d40391d0773615531c4b22f65c432964e2b09dcb6bbe28feb7c3a3df8d5038df3f6af9082b63e861fa6f7f1d3933ef18ffd71ddff05e4ae9de222d675f88f0d1841dd543d45712efec0ea76079a35dcee8caaa51d9c7b99123d3b442a2cdcbf595d83bf083d9d7472e335e74ff98115d16aa89751ca3f5c0cbe4f0a793436690a1ec74603c5ea71cb81f3a48031eec61a4be49eb1152c6c3b5cbd92215bab17017533e5960547a13e1026a00fd40c22a6c92a04d59405b24d25d72695903f5fc6c03dad1faa6a27a91bbba8d4e6663342e043bf5c176558e060277b676e01ea169ba5c85c6660289503d39e2b920062bbbbf82125bdf4c8732196cb7173ac20f49ae6e3953519f36e0a927f5b15bff549c7e0cc777e974ca5ea6c5117c601042b8779195fc980a1c93216c326a6d64b4c3b9fe80df1dc0b73ae6107700d1f388dd97f0db88f3b1bbba3acf2538ff25603358d3bba771dfe1d8462656f1325646916549efb1efeeda32771dda035274bbbeabdc08ed7160e2400493cd88a392672d4dadf5c96ce401e083fef9778d99fd3ff7d16f062061fc2e6b41fe53edb627038ed65cfdb6ae63075cd632835489b516522f42f6458507fdc6aded96e5ee37cb6dd38f71c33c3107d00d272c2f1cde2923a2baf56a7af091fac881d268748a7b1c552e817226fe8641c866a9fae5d31f64f05563eba485fa2b93efb9216fbd6f23589652d05f59b560de73329668536291662e5d9ab4b40fb6292f2c68c7a9ff60cbf2fd2d77f54c5bd6faaf3d7c7f5f623d001cadade8739d25d24bb39a09acba5c247af3fd64a7d1dc3107c21f5a29bd06cdc6583bb5e0add23a60ff66fa63c4284af1bcc4fb2dfb3c839a1a9739f62e31b4aed9eea59ed557aa2b3b31b325b7b3086bd5d35a51bf22cc0178bb913f4b2c9d531355c2230eea5d81685e1d1a153ba5c719104d0bd5ccbba2b0bb9ef1ade0b024b647d137bc9e78ff4e491e8e5142b31bcd8db43b5c3bac86a84204e254e2ef3267840816f878a16b92bfbdcb9e84df189c86330fcc42cba0bfca1848c40867814735dcca6064dd205b6bfd265ebe51a9defe8588642b902f7c4cdb501070b1d6adf432b627c938762892d5573c6361d4ff15466fc9447796909df6ad3b558d6953bb7df7c3124cdacddee53abbe803671e37fe26ac80dff252df56c92fccb704c77b2f7e1389f46bcad1690897f7591e658f1c5e08a383965f530278708ca034658723a2f20cb8e3aa5c4fb088c42e4db8f681c60b07c11890eff56c233792252c8c0d416237229ef50099282f26b59105ce10fdf233235da7c89176eed0e317a6fbe994322cbdeef8f64c043b9d91a012917a485597a2cb730907c96a5a30247bb0ceb8ce2ac34f190f70528f49ac5c1668648b14f1f02e048fffb59c0d8a007a99b49f51ca95b856e7cda71f21051d2fab3d38a092e731aa11814f56a0b4972fe6fc4c3552c2761db31848239fe17513defb03c44ff5679206bbf9faf758cb4ff0a640384b16e00a1a18120369d7ff8f5242bec029bc47c0a0fd4a2b104cef0ba43129b99b3a0062104e7921c51e88642030905c86bb8ad31e34fa6fc554f3d21a9ed28837d0eb5d09536244628aceab5bd37f78ecbcf65f2abbb2ee89e0dcfba1691fecdd5375b29a9cafc948b286229133de1d933fe4be4f29562ffced0ecdbaafbed02d9322c4a12b569e39c29fdba228e4d0b5c6d78532ec7b35f04b6b8eb72f50a0ffc2ddfc272fbf7d72c605f7d6018eda9b2c3b0baa4ebb7f2d9dbfb2d98b72767273588d22aa15f142d4a410c8a58a6b0d6c4674f4d87b88d045bc6400e3f9d61991367bc89fd39209bc8225e4225987e2d86ab922966c2b13d248f91bf4f47b65ba882750d2597dd910f4528300728304ebd6ab2363dd1b6aeb1f356b1ca2229e4a17b3bdc65c087cba2bee912c965449cbb64d3e605fe9d39bcc7c96d7585994fde31ca975705dd09a5408198a681600cd608953b68eb8d1cbdd8a28539691c5c789d44564769af2f0fe13f9c7169fcbd0a6540964cc7c804c7901510f476712fe0ab62758c04e881a539de919b76153c4f375c61a9ce33f6d2826ff441af189987134d5e2753f643d0461107e3a58611753cdf19453f61097f291051764c5fd3a213ba4d37ee234bea28ec2d77ea699cf1a201f9899e5d45a7b9ff95cd7b629fb653cc0f814191a70584ddf49389079e4053f8392092ec22e3832f39cf1834b32f179297425b6d76fe9b15ea709e56b93bf1826066f6708d98a8e0622513d19bd41bd78cb82ff21871acb72a3bd350acff428340d1dfcbd14ea11eadd61e816bfe96a658684ffcb48afab78999ba84ffc90ead8a26f67b69cea44af5ac2b32de1d77aa266baf88fd05a2fcce613c04d0d872ad2908f87e6e1fca3452381b2d9cc32b6a38285919b08b09a32e16ccd239cd228ea22c786a37ced6d3bbca1ee313f21fcc9295efe6d0d1883fa7ebd07ad80f89bef87d1fe204038a6cb2f6b18abd7caed6aa05d9ba996b983c5e335f705e1f87064fb027bcf428b5d3e81a7ac3abb94bc4c7537d2a874361ec7de2d8c7d018197293c2e046585ff107d2fe9385356e12c6f42107cf4c7260e3382778caf863d9cc8e4f352549721c33dd11d7b58c321e1c23bf8b23cadea5233918e5faa5f313696f4535345ddec1bae6c", 0x1000}, {&(0x7f0000002280)="c6414bbdc7089f26b93f39ce34446543c081780b00d2b298d11442caa06c140162d723e0bc32204978abee6d4522ddc69f048cfbdd7f8225e4ae05c64c6f09b10b64c045f12e980c4111cf8dcfdb77ca7d90197017036c592d678547728a3b01cb06b97b9d5b809820f88506f7a4d3a2bc92c875b358e22fca4b9741d6910f82cf37543eff6622c3ee1f54326de2cf37e8512cd351361cdee822980b930c4b47f60f981fc8254a8b9522df7576f5e2fb702d315bd6e858763fd09b3562e2cfb725ee35577a9f7b92416ae70f8eb8874b4fa624d2c0c239", 0xd7}, {&(0x7f0000002380)="e7592b26984874c7d1c2e27046c62710f726e4", 0x13}], 0x4, &(0x7f0000002400)=[{0x38, 0x116, 0x6, "cc0cb84ce4af0a47b75b109cf22faa0d6dc39d2bcb65e7fdf3bccc80cf50d13661"}, {0x18, 0x1bf, 0x2, "bbc6a171a95180"}, {0x50, 0x117, 0x20, "f490975ff784e1c205c6607fa3acfe79786909a41481ff8df5520e2b55202c23ba6b31c38e8a67fa7ff79c0237a1dc13fde00d328bfd5bf091"}, {0xa8, 0x117, 0x902, "0c6bdc6d517100257b6328e9515d90576127ce8fee09a5ebc29955ef94a8041b08d055d7c8b8e799bdcbedffda6ee4c837824290abed08838f1b3118e4143a9229fa8435e6c683585495b31fea7d371e8925df4c9d9cd37a10b33ffad033231a948f731e5de2b7cd6b1f0e5c8f4d56bf4127de72c1956a9c5464654368b272df302fb5b12eca4142d613c3dc97c4b8dca8c62e5d"}, {0x60, 0x0, 0x8001, "9df9f011604d2a297b00a5afe2b27737b34fc3867377dd21297e03728f25aa43b603b386deddd6d60d556c861ff60a56b51758f919b4c480991a28e4e4e16b55ccbd55fdf235e49559fa"}, {0x110, 0x102, 0x3, "51a934d44ce4a7b469f50f9563213badc33d553be1227882563e81f7050f8feaea5e93352006ebc7d3319b5cc1509c5255669b2f1b74789175cdb912381d8b1fd3c230f61f6ce02f562900a5749e44d4dec229cce68d8a87c004baa0a70308dc526765b1111b992a26c3a2b9b48c5c888c010f8cbb27ac7e950e31b98550eee6c690fc46054fd8fe2b5aa4865cefdf0a4d29fe57b74a12ca5a483ed9dfa43a07180e276e9bdc7738f69393bdb3ee342365aaf0f0dcdbd23c61839a6ff76f70b9b24b80601282a6263df7577948fa96bf094c9b88d4480d1abfea46701e27f67d0fa8abe98e22f20477ced7511bf3a7460306877861ac65800fe1"}, {0x1010, 0x117, 0x10001, "0787657dc680ea370aa5f320db333c8f1285185dbb75a4b7536c22d85d67783d1a170919b63505d8c714554b6a013f349a7e55d177461c5c4f46ef6180bcbc5c3f2fe3c2385b4479339d83bcd6f9d2d3336ac13d89b4fe00652f61e1a1f95dd623c1eb4118053d35b36ee44aa4d966d68c7fc2147720321016b32a187a0ab5777dc1016d2ab735d48e2044be8f48e3dfc21ac6fd06c8884e9472219bf81606db476643e33e5d796b099fbf3cffd4abc7ef712b58e010cbdb3c13136f0246c36aed8e113632b7be8a8bfee3d8102e372e7da1b582cd45ae388a217532cbe2062528ad725d279cb9504e57ac2f3d72ed2c6436b5e00e92902ec3b9d6a3b2797a3b0e5560cf2f31223a30c6ae6d745f7d05d5ac36482f3db89e86cd2c6798b855650e15f8a78366b95abb06f301b6343d8692879d290fc18cbaef200d6fff2e82d94ec36239b2e29ce919a444e19665521556972db437bd6b48ec2def2cf0aa46b77ae7d4b74c1e17203c12f39f36ddda804fa51829c20f0a4dc49e5943ddd9f96cc15352f4afd4e283ad680891b3aa2529f00f36ce273cef5360aef406ee856850c0f270effeac3d27926850e4c4c4fc9365cf26479ddf047d73e6f226a2b0e6c6611a97eefb99c55737c5a0157f8f01eb166b241f68eb3c0e7871c474d4563387067bcd0f2753a29d18956e9e3023995037f307ba9b007c5d8b556fbb56ac0dc9a39d2c4874cb457e62e71e8094a356560d4bb6e36a9e2991aaea79f9eed571ffacfcea2e9fa986b23545d77802208d9d7228d4e2eef484e05139159bada0c25f7897fe6b0061dc7f62362414f677902e3eced344114f1a728527cb7835203a599dbc14f43422f476eedf4dca602d3a593c93458f2df0d66a8c5feb5106af1af59759becf5fc8e7d2611ae9c4451d0d94ea1624c93acc3031c99cca894e6f066459d4d16f2a6bb522f1e36aca00c1589cba812ff9a3fdada256f449f2dd219b205550113e4ddb14b7ec583096ff08867245232e0f0f2daadb0a62dd1a2035067fad18d84ed79ebfcb2ebc3054bcb836f6a2cc79d3d8afa2360f393067b536fee1b67bd64617156c85fc4b926e8f0173fd3acff50d593fa68292765721c6580e43e51f81e89a2829b48f8ec289272603eea1627fb8734de211d4aa77a35a0946b64be586fc7fa744d337fd68530e9acc27962e770cfe908fa03938d9d68e71b29f849e9e0276338a4b3933943fd7b2261006d3044431edc17a431a46e683b592496f343bc8f6e64b91718060a2854435ad7c3582ce90eb83d7f26f89e9f2c7f75c574d4fd7acd6b64ad60d7e60eea0855dfc8788092d95b4a250e0105b754678d3838e397b18bb1de9b54a9480cfb7a2eac56e7ad44d5728d956469c0e6ff97447c69717dee3f1b1574412f491c4465ef78ee3e6ff8bc6f2207923c31ed92508f6e813bb778015d6359f5f1df42bb2ca63b1dcc374251c93df6bee71351e75c8d417d2bdf0a71e96de47328bd7b0c84325af093fead4d737a126540297e05bad096a6f72a60b16ebfaa64248a7c6f4597da952a022fdfb04d029a7b8beff1c6470c4c276ebd8440ff28857b86e7ae5c7c0ea3a8208a19fc43435b22d831449b2d30df102a3eeb89ff7c01b93490610530572441729bd7bc79cca871c0e4248a3ae447ba1822f6d6be50d17847f6082f6352b2a916027c6493b71a286b38129f92219117bbd2c210ba3819eab7088b0a0b566c91e666cef26aa49a19c9b2fe9ad3a43843dd99c352a89f3400ae12c7d8e5f5eeb6152ab14237af30e9c4201cbabb8cb6053116b41e9e303e3edc3e032c1c278170d5f742db82d29e851fa16c7d220b4c21a104f3ad47f389c84713da4e80df845e2cd1e51f9a041244dab0cb747f13d8758168994a2665e56a8bf4f17514fd6e3434a56ae4cfa33d6aafedec4d60ff98098b8376981011bbb1548c073199f40bad0d02b7fc7a168df797fc68829addf6b231d31ca5453c2f83c55a9183753368ca976f1d0c974a138beee524dc69eeaf84097d0024eff9a33da2aa90f6f39dcbc87a013be0ea41ee7ed12f013217bd4c92d0793b111826f06e15d65a83a00f61d55adaaee9c4fbdc8842e261af90feaa191144db780972aa94321df65972a6fc652cec51f0d1cf97c29fda923d9e5acadc20d28615ff988726e8ae38628a73f536980a720e33ac4133f630a59054551b293251a92166d78be6920b2b8b2978e2e96686877132ac6d4aaf46bb2ecaea50f24c5becfa83db335b612f16baed5d52487e4dd7bb41b89217582e4580e3962925ac3602de3eb5a51cad6b0a92887ecbcf4bed4ca49ecef8df033be89483171feab77eec15d0ed4f3b729470aadd8b61e56f8f4696c7ba8c4901db05722a1c3a833b58cdcca70b7eae084e3accb70f18a1a3d92d5d277a653f2da470d8034fc53a860e422b096fcd75568f8b8d30cb656d2cea757e547359c8af6a6187b47f1f8c144654ae55d6a51128b3f7a206c5301cb4f9015544b1e46b8866a8313dca51148823b31051a337dfb8980a05804103d0ee9d4719cd09c0e25f0b4dda941b8ba1096a2b3c364d96f84c713aa0e6b0e6f180014403c5f0e1459980a5ff2f51bcb07339d9201076ad0b6d771f9114a990661cfdae14a9c4b4f77b7dd9c2379352835f225c65fb7ff77e456b4a61b87516ff2cff0185b0dd4ac4be19d82c9dc4a06cc44f9a84a828874ff2ed8a797407653cbcac9e7629f33219fc3e08efbeb600f35df8c97cfcad15084e03501a7f88506f38963d9d7fd4661e9be49b9bbc4f08a4351a713d7ee33bc9bb24d61acc0efcd23d3dfacc4197576561cf02165b278da740499fbaba84072f1330ede6cb2d49a6eb3142fbe8795293f64d805190a6493989b51de14ee7ef9716195dabdef992db15b404ad623022190ec9da21b2dce3d45a29ae5f40cd77d6c8b98eedda05f0e67ba843f03812d5d9eabe20db9f80da08466b795d76709523638fea28a62bb6e9acd52aaaefa8393cd5ffa4bdfbef85c148a3039dbd30fbada5a3d054462cc9fa9dd12080124cb3edaefafb9eb6c39e5950c610786d3cb3ecdfe994f1a570ae06f34bb0dd2105633696ae1c4553c509b19899a722515d4e933912e8f64d00fe7f3125b40b358eb47d26838433b098bdfca54b746c5314f113799687141a880e549171cf000c77b24ef5a3c96921ebe9a4411943dba980c2ca09e279efa1cd1ced2696d0576536dd08fa28b30802f5b0750fb8fde9f757275ae2211a3750a957ed12b712356bb4170d3b86e150fba42418d967ef1e0d3fb578a88a470aed183a10cecfa802d2aa9617412a31436ce982152cd05699c6dd23fe9dd2502790cfad8ef147b0ce1f6aec2d8a1bc117f2f7304f0d6ff58c5e2777f1d4d00534feffb0745e8fccd0a77e234aa8f37e747fc1ddc354b90d66dda944f06ee99be25f9db52e5aa4d9e6795e824d7d85e8b45362312130dc6bd143ce10d0ada64f30fef43b26bf46be40f71654ca0112d520899f945da19d9bbf7b2d0d09e870e53ca8d797dafba6d12539add9af2d41c314d8baf4c2942bf6772893c7b53c801d3d7097289640df9f7dceebaacf0802c22895a2c06ae5e003ccf48a4f1b0c5a4322905364f91b3d466dce6d65b34f7dccd676695d8d0783f48118a77dd2321191bd5fe8766146d42420b564951747aa90a2326abf8a5a5e7a6296d9c9b9583f10fc60a6907d466fdc3f1319712a4c2e33f0cdda0937440f390fa60ef1f236d7b7900185c24603120d57cc704076bbaf01b801e2c41a9e0cef1dae2f54ec0437d1587a70a8497ba8b93579a3832fae8fb53b7329a5fb89d40250571e71f5dd57ae8ee01a4bde066b775b798d0ae6c052543b1074b583d9c2e47b81e2b40a7de1772b4d439a222ed21dadfc3f1abbf4d40fabf04720f8a10c2f3e61fd8ab998b243688576c1e81e5509277c9bca5e6348c571027a48c12ff801f0cb1d7ed3d1f0f90f399412018099eb395bb8f765ae908df3bb4e400a349fa99982bf70ef49c681d75e84bdeefed693f108daf67385fb7ac399398cb78a9aafdda1783e9f09b19a326f4f47e6113aa5ef9963e2c3d20b4713f2112b90363459c3963a74535b565594aa25c72bee564494b3cd1c2d892838a33435aeabbde2301a8771f8e90102b9eed04bf382ea461fb1b83446a616357b4e420c85d529c24270129d9211020ea755fb10a897333a9211bb333c0c019e6fa1861059594dfbe7d582f17edfc6c587532ad0e91403a6938bf9a52d6cfdfc65e6ed2b16feeb3c38eb57312f799590c66f49b5657bad7ae2989cf43af83f717696cac6a802b47a264cf58d6c77f4a279b4654da0f807ee48f9072fd78ff6b71182aecde1b39f1c49666668b2dfe683dd36db53294ba105b4e3375c6e9e310cdb6a924347520af54dbc84c08022f3a338eb5ac1dfdd972a087eb94c4736a1cbea2fd52fba2dc61507aa69e88eff1e152dd767570a46dd7ca218210bedb3c1182cdbfdf7a2deafe2e76d4c319f4e4f2ae5988baaa6e57fd202e57f1c99309391a4ec499fc64de164a8a68b81edaed52731ebe4d289cc44f5f1559983c7ee4f360f75300447fca67c4a3810bd3572d3b92e712758665c6b4b43a445d3783a8ec88d8935feeb8720f2b441bb5e8121a4df44d067956482979461a29eda60ddf95acc3988efb0ef4fafdb49a70eea184fee0066a116a4ae6e3bd5afd9f0742cca58dd8a392ac17abaec59cadbcb2a45716dd26ec638f01095bcca35957114b7b3e62fdd7dfc5bca47c04426d0c215f750747560e1542b65a7142cca485f1ef36bc9143b6593830fc5991ad38c28201927aadb13b3f7214ac7a15e5353615e2d8fac18e925b7514ed6771624d7a1eb378a52ff7b60bbd6a1a533d3f03832a52549b9ee8ed2186221802fafb46dadbb92f22dd4143b9175d7888744421a6e45cfaa1c3b240d1072b0009ec987900de71334a4daa9aaf7203642eb00fdf52ceabeab1c6c62b6c5f4144e9b55cb264ecc794d38b75dc53981c5dd30a47c75f1f49767101d86eced6a9e44da14844030fb62eca0a0c74a3186f429d1b1867ce31aeba6bf8f86770a6fe29a5601589148d04af241bc085b223ed5215e78536009282831d744bf89dd27eb4ccea81176c4faaa488a556982e367f9453a68d11b1bba4578d70b40378956dfdfcd511257b4c71395e58d8979069b8aee0e92220353b816c0492d89e1a5bac0670107b4cc164134b15ce2f44c4ef302449b6a5d8136401c4455cd81ceb80de1a6f2f068b0c855a8c882a53940a1f6094b989e58f0a4e45d6edc5db933e5cf3bec8021ae2a996d63e4d7f3927b0767503ca2a6fa938dc1b82b6180c8915dd5d0193a485d3f947b29d980a4f80d5dbb73f64170d4e7bf8f501ae214f0fd8b87632a85d73ffe6390d9ce990c026966b9bf84463fae18081f3aa8ec25e0db922e2d606419d243a255eea4d530a6dedd66db3dde0a573c19835f138fcaf20746b96fc7d59033a1f13adcf786b7bc54fe6fcf7fbe6136fbd792f3f514b3ee5943c2a79910740feff5240a23893dbc56dc27c51bb56d3b12cbe1817c737fb6a44a81567747d96ded3da92984a2a7f3c2d1b6407d21469d35d0ce052ae13a60e0a8093ac298c24b1f973da080c9c6aee5ea1da4f5c3bd48c7cfbbc171dcbe0adcc3a1cba2667c2a8120ce1bf849f011a0652086ed4ad3851f78b6ed000dc11949dc464dc752c77e9c7eb54c1b1aece174680f7b13fd2a808fe4b9c4e3c80f77106"}], 0x12c8, 0x40000}, 0x20)
readlinkat(r1, &(0x7f0000003740)='./file0\x00', &(0x7f0000003780)=""/4096, 0x1000)
getsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000000000), &(0x7f0000000080)=0x4)
setsockopt$sock_int(r1, 0x1, 0x3d, &(0x7f0000000040), 0x4)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000000c0)={<r2=>0x0}, &(0x7f0000000140)=0xc)
ioctl$sock_SIOCSPGRP(r0, 0x8902, &(0x7f0000000180)=r2)

2018/05/15 13:08:01 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
ioctl$TIOCGPGRP(0xffffffffffffff9c, 0x540f, &(0x7f0000000000)=<r0=>0x0)
wait4(r0, &(0x7f0000000100), 0x40000000, &(0x7f0000000140))
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r1 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r2=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r2+30000000}}, &(0x7f0000040000))
tkill(r1, 0x1000000000016)

2018/05/15 13:08:01 executing program 4:
bpf$MAP_CREATE(0xd000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:01 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x68, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:01 executing program 7:
pipe(&(0x7f0000000080))

2018/05/15 13:08:01 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000011000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:01 executing program 0:
clone(0x4000, &(0x7f0000000000), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))

2018/05/15 13:08:01 executing program 4:
bpf$MAP_CREATE(0xb, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:01 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000014000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:01 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x300000000000000, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:02 executing program 5:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
vmsplice(r1, &(0x7f0000000280)=[{&(0x7f0000000180)='r', 0x1}], 0x8, 0x0)

2018/05/15 13:08:02 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x4800000000000000, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:02 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
fcntl$setpipe(r1, 0x407, 0x0)
fcntl$setpipe(r0, 0x407, 0x9476fe0)

2018/05/15 13:08:02 executing program 4:
bpf$MAP_CREATE(0x500000000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:02 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000002000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:02 executing program 0:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x80000, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000040)=0xffffffff)
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))

2018/05/15 13:08:02 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x3ff, 0x40000)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:08:02 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
r0 = getpgid(0xffffffffffffffff)
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12, 0x1, @tid=r0}, &(0x7f0000000240)=<r1=>0x0)
clock_gettime(0x0, &(0x7f00000001c0)={<r2=>0x0, <r3=>0x0})
timer_settime(r1, 0x0, &(0x7f0000000200)={{0x77359400}, {r2, r3+10000000}}, 0x0)
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r4=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r4+30000000}}, &(0x7f0000040000))
r5 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x9, 0x0)
getsockopt$inet_dccp_int(r5, 0x21, 0x10, &(0x7f0000000100), &(0x7f0000000140)=0x4)
timerfd_settime(r5, 0x1, &(0x7f0000000180)={{0x0, 0x1c9c380}}, &(0x7f00000002c0))
tkill(0x0, 0x1000000000016)
syz_open_dev$sndseq(&(0x7f0000000280)='/dev/snd/seq\x00', 0x0, 0x0)
ioctl$KVM_GET_MSR_INDEX_LIST(r5, 0xc004ae02, &(0x7f0000000300)={0x4, [0x0, 0x0, 0x0, 0x0]})

2018/05/15 13:08:02 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x48, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:02 executing program 4:
bpf$MAP_CREATE(0x86cf0000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:02 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000003000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:02 executing program 7:
pipe(&(0x7f0000000080))

2018/05/15 13:08:02 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x20000000, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:02 executing program 4:
bpf$MAP_CREATE(0x1602, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:02 executing program 7:
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x407, 0x9476fe2)
ioctl$KVM_TRANSLATE(r0, 0xc018ae85, &(0x7f0000000000)={0x101000, 0x105000, 0xce6, 0x20, 0x3})
syz_mount_image$ntfs(&(0x7f0000000040)='ntfs\x00', &(0x7f00000000c0)='./file0\x00', 0x8001, 0x2, &(0x7f00000002c0)=[{&(0x7f0000000100)="1f236af51bdf58350581ee815f74ff30b820a4a3dab731d2fb9fbbfc5752ee4b5dc08642ca2616c522720103420b350a403f1a55d7b9039a9d9473bfbc254575a4b3bab36762147fbaf03fe9e214658fdd225e2fccac27bbcda392c5356676a561ffaf2bb23d221ae3d04e93db5fb7070bbb74c66c9ec6e3e5fc0a75d682c44e06fbf0e7209a46852a99bee46d217a962211d071bd98fd5b3b4c7ce5a60ddc84b479a3a549e5eaebadcd6ebc90a7403b7053b6684e0c7e66fc76453c748b01a37c3c2a1d7f18bc091355ad66d5b5548ecca830", 0xd3, 0x80000000}, {&(0x7f0000000200)="efe75b6deff7667b6ff6b4cfb161e80e77b49c403ff5ea11db041d8076592ebec51f959c89fe6ddf4784405ea7568a69cf2c4db3bc60dbc8778da2d7f10709556d44ad5ecd400ce0835b3a3f2b886cd31f914079b3aa9c25d1f8d4f37d76a4b105b0888fca262a3a2fcaa81246d0d64acfb70512ec506b65a49f97b6c998dee53f0819a1d7ac82748998ce106d712a6ee54540", 0x93, 0x100}], 0x1008, &(0x7f0000000300)={[{@errors_continue='errors=continue', 0x2c}, {@errors_remount='errors=remount-ro', 0x2c}]})

2018/05/15 13:08:02 executing program 0:
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))
r0 = dup3(0xffffffffffffff9c, 0xffffffffffffff9c, 0x0)
ioctl$TIOCSSOFTCAR(r0, 0x541a, &(0x7f0000000000)=0x891)

2018/05/15 13:08:03 executing program 5:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
vmsplice(r1, &(0x7f0000000280)=[{&(0x7f0000000180)='r', 0x1}], 0x20000181, 0x0)

2018/05/15 13:08:03 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x4800, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:03 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
clock_gettime(0x0, &(0x7f0000000000))
set_robust_list(&(0x7f0000000200)={&(0x7f0000000140)={&(0x7f0000000100)}, 0xf6f9, &(0x7f00000001c0)={&(0x7f0000000180)}}, 0x18)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000)={0x0, 0x1c9c380}, &(0x7f0000e7fffc), 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r1=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r1+30000000}}, &(0x7f0000040000))
tkill(r0, 0x1000000000016)

2018/05/15 13:08:03 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000015000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:03 executing program 7:
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x407, 0x10000)

2018/05/15 13:08:03 executing program 4:
bpf$MAP_CREATE(0x3828a, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:03 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)
timerfd_create(0x4, 0x80800)

2018/05/15 13:08:03 executing program 0:
socketpair$inet(0x2, 0x3, 0x5, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
readv(r0, &(0x7f0000000240)=[{&(0x7f0000000100)=""/115, 0x73}, {&(0x7f0000000180)=""/161, 0xa1}], 0x2)
getsockopt$inet_sctp_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000040)={<r2=>0x0, 0x800000000000200, 0x496, 0x7, 0x5, 0x8000000000000000}, &(0x7f0000000280)=0x14)
setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f00000000c0)={r2, 0x8}, 0xfffffffffffffe6d)

2018/05/15 13:08:03 executing program 7:
r0 = creat(&(0x7f0000000000)='./file0\x00', 0x100)
getsockopt$bt_rfcomm_RFCOMM_CONNINFO(r0, 0x12, 0x2, &(0x7f00000000c0)=""/77, &(0x7f0000000040)=0x4d)
pipe(&(0x7f0000000080)={<r1=>0xffffffffffffffff})
fcntl$setpipe(r1, 0x407, 0x9476fe0)

2018/05/15 13:08:03 executing program 4:
bpf$MAP_CREATE(0x2ae, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:03 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x6c00000000000000, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:03 executing program 0:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f0000000000), &(0x7f0000000600))
r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000100)='/dev/null\x00', 0x2002, 0x0)
ioctl$LOOP_SET_DIRECT_IO(r0, 0x4c08, 0x3f)
r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0)
getsockopt$inet_sctp6_SCTP_AUTOCLOSE(r1, 0x84, 0x4, &(0x7f0000000080), &(0x7f00000000c0)=0x4)

2018/05/15 13:08:03 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000005000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:03 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
readlink(&(0x7f0000000000)='./file0\x00', &(0x7f0000000140)=""/4096, 0x1000)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:08:03 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x700, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:03 executing program 7:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp\x00', 0x80, 0x0)
getpeername$inet6(r0, &(0x7f0000000080)={0x0, 0x0, 0x0, @mcast1}, &(0x7f00000000c0)=0x1c)
r1 = syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x7, 0x0)
pipe(&(0x7f0000000000)={<r2=>0xffffffffffffffff})
fcntl$setpipe(r1, 0x407, 0x10009476fe0)
setsockopt$sock_timeval(r2, 0x1, 0x15, &(0x7f0000000140)={0x0, 0x2710}, 0x10)

2018/05/15 13:08:04 executing program 5:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
vmsplice(r1, &(0x7f0000000280)=[{&(0x7f0000000180)='r', 0x1}], 0x1, 0x3f00)

2018/05/15 13:08:04 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000007000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:04 executing program 4:
bpf$MAP_CREATE(0xf8020000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:04 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x500000000000000, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:04 executing program 0:
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))
r0 = accept$ipx(0xffffffffffffff9c, 0x0, &(0x7f0000000000))
ioctl$sock_ipx_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000040)={'rose0\x00', {0x4, 0x6, 0x3, "1045d7846c10", 0x1c}})
r1 = dup2(r0, r0)
bind$vsock_stream(r1, &(0x7f0000000140)={0x28, 0x0, 0x2711, @my=0x1}, 0x10)
r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x400402, 0x0)
ioctl$PIO_FONT(r2, 0x4b61, &(0x7f00000000c0)="9e314437df5015879db3019e34a4a39b0e76548d35a4b6c65987a67eaf97d49f2b6577f6915a91e07df87ad05f5d77a074065cf95746400e55f58b0938d075b0c4c0978d4db43099d32d7c9a991b95b6fa50")

2018/05/15 13:08:04 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff})
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000000)=0xf5)
fcntl$setpipe(r0, 0x407, 0x9476fe0)

2018/05/15 13:08:04 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
unshare(0x200)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:08:04 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r1=>0x0})
r2 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x9, 0x8000)
getsockopt$IP6T_SO_GET_REVISION_TARGET(r2, 0x29, 0x45, &(0x7f0000000100)={'ah\x00'}, &(0x7f0000000140)=0x1e)
ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r2, 0x40505330, &(0x7f0000000180)={{0x1, 0x43b8}, {0x7882, 0x4}, 0x6, 0x4, 0x4})
ioctl$sock_inet_SIOCGIFDSTADDR(r2, 0x8917, &(0x7f0000000200)={'gretap0\x00', {0x2, 0x4e20}})
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r1+30000000}}, &(0x7f0000040000))
tkill(r0, 0x1000000000016)

2018/05/15 13:08:04 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x7a00, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:04 executing program 4:
bpf$MAP_CREATE(0xe4010000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:04 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000016000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:04 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x407, 0x9476fdc)

2018/05/15 13:08:04 executing program 4:
bpf$MAP_CREATE(0xc8030000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:04 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x68000000, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:04 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000012000400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:04 executing program 1:
r0 = dup3(0xffffffffffffff9c, 0xffffffffffffff9c, 0x80000)
getsockopt$inet6_tcp_buf(r0, 0x6, 0x1b, &(0x7f0000000080)=""/68, &(0x7f0000000140)=0x44)
r1 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$inet6_MRT6_ADD_MFC(r1, 0x29, 0xcc, &(0x7f0000000180)={{0xa, 0x54f, 0x4, @ipv4={[], [0xff, 0xff], @loopback=0x7f000001}, 0x1}, {0xa, 0x4e20, 0x7fffffff, @ipv4={[], [0xff, 0xff], @multicast1=0xe0000001}, 0x6}, 0x100000000000, [0x5, 0x7, 0x3, 0x401, 0x13, 0x2, 0x3]}, 0x5c)
shutdown(r1, 0x1)
r2 = dup2(r1, r1)
ioctl$VT_RESIZE(r2, 0x5609, &(0x7f0000000000)={0x5, 0x80000000, 0x8})
bind$inet6(r1, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r2, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x16)
getitimer(0x0, &(0x7f0000000200))
setsockopt$sock_int(r2, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:08:05 executing program 5:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
vmsplice(r1, &(0x7f0000000280)=[{&(0x7f0000000180)='r', 0x1}], 0x1, 0x4000)

2018/05/15 13:08:05 executing program 4:
bpf$MAP_CREATE(0x12272, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:05 executing program 0:
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f0000000140), &(0x7f00000000c0)="7f428a8a40e70392533532ff79435bbccaf79fc13f9f9362763bf356fcd00b5e164c26cb9d3a6e66845aed2d7ede5836dc19bec479f4857bd86344be954059c3162bf417f9f0ea89a86e3867bfd32c32716723863ac478fd6685851b03e3b90d52e0280084f2dbe1b9fd4b703261dd8a7a1381e1ab")
r0 = semget(0x2, 0x1, 0x416)
r1 = dup3(0xffffffffffffff9c, 0xffffffffffffff9c, 0x80000)
accept4$inet(r1, 0x0, &(0x7f0000000400), 0x80000)
r2 = geteuid()
r3 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000380)='/dev/cuse\x00', 0x208001, 0x0)
mq_getsetattr(r3, &(0x7f00000003c0)={0xfffffffffffffff9, 0x0, 0xbeab, 0x5, 0x6, 0x4, 0x9, 0x81}, 0x0)
lstat(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
stat(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, <r5=>0x0})
getresgid(&(0x7f0000000240), &(0x7f0000000280), &(0x7f00000002c0)=<r6=>0x0)
semctl$IPC_SET(r0, 0x0, 0x1, &(0x7f0000000300)={{0x9, r2, r4, r5, r6, 0x2, 0x400}, 0x10000, 0x9, 0x3})

2018/05/15 13:08:05 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0xfdfdffff, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:05 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x407, 0x9476fe0)
r1 = semget$private(0x0, 0x4, 0x100)
semctl$GETALL(r1, 0x0, 0xd, &(0x7f00000005c0)=""/229)

2018/05/15 13:08:05 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004001200000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:05 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000080)=@assoc_value={<r2=>0x0}, &(0x7f00000000c0)=0x8)
getsockopt$inet_sctp_SCTP_DELAYED_SACK(r1, 0x84, 0x10, &(0x7f0000000140)=@sack_info={r2, 0x1, 0x5}, &(0x7f0000000180)=0xc)
ioctl$SIOCGIFHWADDR(r0, 0x8927, &(0x7f0000000000))
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:08:05 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = gettid()
r1 = memfd_create(&(0x7f0000000000)='$*\x00', 0x3)
perf_event_open(&(0x7f0000000100)={0x5, 0x70, 0x3f, 0x40, 0x8000, 0x8, 0x0, 0x9, 0x2008, 0x4, 0x9, 0x7, 0x0, 0x4, 0x4, 0x5, 0x4, 0x100000001, 0xfffffffffffffffa, 0x1, 0x6, 0xffff, 0xee, 0x8, 0x6, 0x5, 0x0, 0x4, 0x0, 0x2, 0x3, 0x1, 0x6, 0x4, 0x41, 0x1e0abd0c, 0x4, 0x80, 0x0, 0x8, 0x0, @perf_config_ext={0x4, 0x3}, 0x20, 0x8, 0x1fffc0, 0x7, 0x100, 0x1000, 0x9}, r0, 0x2, r1, 0x0)
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
clock_gettime(0x0, &(0x7f0000000180)={0x0, <r2=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r2+30000000}}, &(0x7f0000040000))
tkill(r0, 0x1000000000016)

2018/05/15 13:08:05 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004140400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:05 executing program 4:
bpf$MAP_CREATE(0x5801000000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:05 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x7000000, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:05 executing program 7:
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x407, 0x9476fe0)
ioctl$DRM_IOCTL_GET_UNIQUE(r0, 0xc0106401, &(0x7f0000000080)={0x1, &(0x7f0000000000)=""/1})

2018/05/15 13:08:05 executing program 0:
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))
r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_DROP_MASTER(r0, 0x641f)

2018/05/15 13:08:05 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004001100000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:05 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23, 0x7fff}, 0xfffffffffffffffe)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)
r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x18000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000140)={0x110, r2, 0x310, 0x70bd2b, 0x25dfdbfc, {0xc}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x4}, @IPVS_CMD_ATTR_SERVICE={0x2c, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x2c, 0x3}}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@mcast1={0xff, 0x1, [], 0x1}}, @IPVS_SVC_ATTR_PROTOCOL={0x8, 0x2, 0xff}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x80000001}, @IPVS_CMD_ATTR_SERVICE={0x64, 0x1, [@IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x3}, @IPVS_SVC_ATTR_PROTOCOL={0x8, 0x2, 0x32}, @IPVS_SVC_ATTR_PORT={0x8, 0x4, 0x4e21}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x6c}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@local={0xac, 0x14, 0x14, 0xaa}}, @IPVS_SVC_ATTR_PORT={0x8, 0x4, 0x4e20}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x6b}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x8}]}, @IPVS_CMD_ATTR_DEST={0x54, 0x2, [@IPVS_DEST_ATTR_PORT={0x8, 0x2, 0xeb2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0xc92}, @IPVS_DEST_ATTR_PORT={0x8, 0x2, 0x4e24}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x101}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x5}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x2}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x4}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x1f}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x749}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x7ff}]}, 0x110}, 0x1, 0x0, 0x0, 0x400d0}, 0x0)

2018/05/15 13:08:05 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0xa00, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:06 executing program 5:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
vmsplice(r1, &(0x7f0000000280)=[{&(0x7f0000000180)='r', 0x1}], 0x1, 0x3f00000000000000)

2018/05/15 13:08:06 executing program 4:
bpf$MAP_CREATE(0xac00, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:06 executing program 7:
openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x200000, 0x0)
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f00000000c0)={<r2=>0x0, 0xe7, "30c45ff2e1d06a39d663613d36028f975de065a3cfad2d644f48a98bd46a3921e8ee3daae607fea57bddc75c6e9163d89adb43aaed249b7346c61ee1d3dce3f5468d5e1d34d7f9d36f2a74bc939e1194dc7cb1b65c7868bd971022f0b44927699141e93324a15a38acb9609e497298fb66d6d77ce4a2e957934bb74a1c83e79831a56c658ceae2c1a7f83c99d442332a98f7b4a7a0e1ee4c2d57dc3a243970224979e2773f3a0ed832ed235be8d5c6a0f4a5f211d58967d8d3818980f42978e14cb706b1e736be0489166171bd0ee2553942d702425fec906410a9e80287fbd9595e3513304afd"}, &(0x7f0000000040)=0xef)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x6, &(0x7f00000001c0)={r2, @in6={{0xa, 0x4e23, 0x10001, @local={0xfe, 0x80, [], 0xaa}, 0x100}}}, &(0x7f0000000280)=0x84)
fcntl$setpipe(r0, 0x407, 0x9476fe0)

2018/05/15 13:08:06 executing program 1:
r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000000)='/dev/urandom\x00', 0x300, 0x0)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffff9c, 0x84, 0x6c, &(0x7f0000000080)={<r1=>0x0, 0x47, "3fa7dfcc5fb342296d69cb8fd4e4e8ea306a5d4694a849d116640f7f22a53020dbd6ed8a8ee49c4db0166f19b6ea368cf0619c2a24c090439e486e7d1d6c173c3089049460a22a"}, &(0x7f0000000140)=0x4f)
getsockopt$inet_sctp_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f0000000180)={r1, 0xfc}, &(0x7f00000001c0)=0x8)
r2 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r2, 0x1)
r3 = dup2(r2, r2)
bind$inet6(r2, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r3, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r3, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:08:06 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004001f00000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:06 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x4, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:06 executing program 0:
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))
getsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(0xffffffffffffffff, 0x84, 0xc, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x2, 0x0)
getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(0xffffffffffffff9c, 0x84, 0x6, &(0x7f00000000c0)={<r1=>0x0, @in={{0x2, 0x4e24, @loopback=0x7f000001}}}, &(0x7f0000000180)=0x84)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f00000001c0)={r1, 0xfffffffffffffff9}, 0x8)

2018/05/15 13:08:06 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
clock_gettime(0x0, &(0x7f0000000140)={<r0=>0x0, <r1=>0x0})
futex(&(0x7f000000cffc), 0x0, 0x3, &(0x7f0000fd8000)={r0, r1+10000000}, &(0x7f0000e7fffc)=0x2, 0x0)
r2 = gettid()
timer_create(0x800000, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r3=>0x0})
r4 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/lblcr_expiration\x00', 0x2, 0x0)
ioctl$TIOCLINUX3(r4, 0x541c, &(0x7f0000000100)=0x3)
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r3+30000000}}, &(0x7f0000040000))
tkill(r2, 0x1000000000016)

[  342.943637] binder: 21033:21035 unknown command 0
2018/05/15 13:08:06 executing program 4:
bpf$MAP_CREATE(0x12c, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

[  342.966146] binder: 21033:21035 ioctl c0306201 20000200 returned -22
2018/05/15 13:08:06 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0xfffffdfd, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:06 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000500000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:06 executing program 7:
r0 = socket(0x10, 0x3, 0x3)
mmap(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x2, 0x32, r0, 0x0)
pipe(&(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(r2, 0xc02c5341, &(0x7f0000000000))
fcntl$setpipe(r1, 0x407, 0x9476fe0)

2018/05/15 13:08:06 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)
ioctl$EVIOCSABS2F(r1, 0x401845ef, &(0x7f0000000000)={0x277, 0x25, 0x9, 0x4, 0x800000000, 0x3f})

2018/05/15 13:08:06 executing program 4:
bpf$MAP_CREATE(0x3dc, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:06 executing program 0:
memfd_create(&(0x7f0000000000)='-\\:eth0%ppp1/vmnet1^eth1}\x00', 0x3)
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))

2018/05/15 13:08:06 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x4c00000000000000, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:07 executing program 5:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
vmsplice(r1, &(0x7f0000000280)=[{&(0x7f0000000180)='r', 0x1}], 0x1, 0x4000000000000000)

2018/05/15 13:08:07 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004110400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:07 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0xffffff7f00000000, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:07 executing program 4:
bpf$MAP_CREATE(0x8801, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:07 executing program 7:
pipe(&(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_inet_tcp_SIOCINQ(r0, 0x541b, &(0x7f0000000040))
setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000000)='htcp\x00', 0x5)
fcntl$setpipe(r0, 0x407, 0x9476fe0)

2018/05/15 13:08:07 executing program 0:
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))
io_setup(0x7ff, &(0x7f0000000080)=<r0=>0x0)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(0xffffffffffffff9c, 0xc00c642e, &(0x7f0000000340)={0x0, 0x80000, <r1=>0xffffffffffffff9c})
ioctl$DRM_IOCTL_CONTROL(r1, 0x40086414, &(0x7f0000000380)={0x3, 0x9})
r2 = accept$nfc_llcp(0xffffffffffffffff, &(0x7f00000000c0), &(0x7f0000000140)=0x60)
r3 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000280)='/dev/rfkill\x00', 0x0, 0x0)
io_cancel(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2, 0x80, r2, &(0x7f0000000180)="589ca78504951d05000df8dd02f56f27ba82ae45b7b343590792788c17a1fe37671c8ca19420618bbfe09e44815309fa04862c22bbcd75764ecc9fbed9cc9b3e732cf41983727e5b9c14b120a07d6514184b4f91f0a7bbf4c9b5d7a082e82627989d4cad725f919450ef2abd2af637754cd788879be986420e9337c4ff2780046ac83476f83e972afe50fa4a122c1b696eec851d22885c14bf2d28602bf7223c2daec1b73d1d95107ad92d204fc222c0dd6786c6337b07bd7cf6807a377b31c75878103a3db29f042df6e3fd2447775ab50adfbdf114f8dcae690f8fd0642e3ef3574a7a", 0xe4, 0xb5, 0x0, 0x0, r3}, &(0x7f0000000300))
r4 = dup3(0xffffffffffffff9c, 0xffffffffffffff9c, 0x80000)
ioctl$DRM_IOCTL_SET_MASTER(r4, 0x641e)
ioctl$KVM_IOEVENTFD(r4, 0x4040ae79, &(0x7f0000000040)={0x10000, &(0x7f0000000000), 0x0, r4, 0xe})

2018/05/15 13:08:07 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)
r2 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a, 0x1}, 0x0, 0x0, 0x0)
request_key(&(0x7f0000000000)='cifs.spnego\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a, 0x2}, &(0x7f00000000c0)='-security\x00', r2)
ioctl$BLKZEROOUT(r1, 0x127f, &(0x7f00000001c0)={0x1, 0xfffffffffffffbff})

2018/05/15 13:08:07 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000000000), &(0x7f0000e7fffc), 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r1=>0x0})
ptrace$peekuser(0x3, r0, 0x400)
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r1+30000000}}, &(0x7f0000040000))
tkill(r0, 0x1000000000016)

2018/05/15 13:08:07 executing program 4:
bpf$MAP_CREATE(0x2527e, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:07 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x4c, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:07 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff})
socketpair$inet_udp(0x2, 0x2, 0x0, &(0x7f0000000000))
fcntl$setpipe(r0, 0x407, 0x76)

2018/05/15 13:08:07 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004160400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:07 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0xa00000000000000, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:07 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
ioctl$EVIOCGABS0(r1, 0x80184540, &(0x7f0000000080)=""/85)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:08:07 executing program 7:
r0 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x81, 0x40)
r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer\x00', 0x1078c0, 0x0)
ioctl$sock_bt_bnep_BNEPCONNADD(r0, 0x400442c8, &(0x7f00000000c0)={r1, 0x1000, 0x1ff, "59ba84af45c02c408c8ccebb01486e1de20f4540055d6d15a08efeaa95e8cd58230428deaaec760f487a653ffadd623dbd9a5830dd6f7f75250ee665f65cc2c2eb2ca45e"})
pipe(&(0x7f0000000080)={<r2=>0xffffffffffffffff})
fcntl$setpipe(r2, 0x407, 0x9476fe0)

2018/05/15 13:08:07 executing program 4:
bpf$MAP_CREATE(0x6800000000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:08 executing program 5:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
vmsplice(r1, &(0x7f0000000280)=[{&(0x7f0000000180)='r', 0x1}], 0x1, 0x100000000000000)

2018/05/15 13:08:08 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004150400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:08 executing program 0:
r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000180)='/dev/mixer\x00', 0x82, 0x0)
ioctl$EVIOCGABS2F(r0, 0x8018456f, &(0x7f0000000500)=""/168)
clone(0x2000, &(0x7f0000000040)="b978aa4492d0ef127f44f9be9708efcbc256c405587e4b1ebcae2afc08cb367eb937615cea0b23fb95c21e85c612cfbd1864008a6260435154150e8c6a49c5c5397b69bbbd4b3ddef4cfdd5d01769377748321528958b887a4e5e140e3f3f87e230953fda003c1f7303bd08b31f1b70b360be87abe2de39f50bdb9841a559324ca82536180602263b79bfe8f588967190b60e07e8c1aa45d6d1d2586466b8b2c35a5ef21cf", &(0x7f0000000200), &(0x7f00000001c0), &(0x7f0000000300)="eeb81da754573cdd00506665b426f9c482c01467de2e0900ff7f0000f5643ce1f00781b46f4e7b9b0560ba908515c5c491eeb6b77e791dae122d91c07638c630f4f11a46a484c203548e326355d2f3bf72397edc679966ab51ea9e7b48d4dd82b0196810461ae529271fe952c3901caae238331bd656dee661802929fca2bafb4515edc5774216a49c58e68d9ba30b48fd2c56080b4f")
syz_read_part_table(0xb3, 0x4, &(0x7f0000000480)=[{&(0x7f0000000100)="ba039ed48d8c0b30e0f739901743cce5da5ad40319f49a1ee577df8d531a1445e2d44545b5d2b79e4dff13ebe5b6196b39490de85fb5d8b700bebd7bf8c2e9d965116d8958da9f27266e6ee0475601581f583afccf3d2c6b9c9da4ed19ccd875ae8ca73e5ba71325f7d41e1b4b382fe8f1604ff0ded94067", 0x78, 0x2}, {&(0x7f0000000000)="823c0c94d540a6a60602cfcc738063a3c30e9801ee688eef1ccf308341646ef86b9c2a0175d79a9bdc3ef12b0d40831b2eb002bf4947af8ef4058c35e671f8", 0x3f, 0x800}, {&(0x7f0000000240)="e90c222b41015ae935edf354d30280efbd5214779c237c9eaf076e33a60f8d853f9e9f08450744f77ff287d773a51b6afcb56bfb06245e5b46a987111510c8d66a185fff3a71118d35fee6dfd30efeb50c1925d53d6556b59e893871078f7af23ac32931ade821f1b6333ac179a76f54cf215d1d89de07bbc2141ae1ccc1816c80086210b8df1cc64461830a4e19dd71015e82a1895d5281360e1f0073b07659cf8e92d150c49eb29c8ceddc8cbab3c27ded56bdec385afd3b3fb19d61aecb", 0xbf, 0x3}, {&(0x7f00000003c0)="aaf2aa4e2d39f38b0ef2eeb8d497c3460439b05794dd543c86b06be37e4e3386563424e132e978929adb82eb857aba3a00ebc3343497c148d92f70d7adde5750c6031cdb1c8eb7529d0bc62069364c28e3bb5671f16feacb6e15c631d3f7b0d082b11741bb4f6b60fc1799d51e4b684f0a8b6ab9b6ee7b5a1edb91246b2ea34202ffeec143377d90770fc9d49ac49e3a9ee0ebb2cdb9855e3769f085326133434faa145e0cf6cc95d111cd54bb234c94658320810f83d689e70321ffd2f745", 0xbf, 0x400}])

2018/05/15 13:08:08 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x4000000, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:08 executing program 7:
r0 = msgget(0x0, 0x100)
msgrcv(r0, &(0x7f0000000100)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'], 0xd1, 0x3, 0x800)
r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000)='/dev/uinput\x00', 0x40, 0x0)
ioctl$TUNGETVNETHDRSZ(r1, 0x800454d7, &(0x7f00000000c0))
ioctl$RNDGETENTCNT(r1, 0x80045200, &(0x7f0000000040))
openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000200)='/dev/qat_adf_ctl\x00', 0x111000, 0x0)
pipe(&(0x7f0000000080)={<r2=>0xffffffffffffffff})
fcntl$setpipe(r2, 0x407, 0x9476fe0)

2018/05/15 13:08:08 executing program 4:
bpf$MAP_CREATE(0x7e520200, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:08 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
r1 = dup2(r0, r0)
getsockopt$inet_dccp_buf(r1, 0x21, 0xf, &(0x7f0000000140)=""/4096, &(0x7f0000000040)=0x1000)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
bind$nfc_llcp(r1, &(0x7f0000001140)={0x27, 0x0, 0x0, 0x4, 0x9, 0x4, "d4002a48f556ab2a739e65bf10b8061a318ba2c7f4a8a76e86465c6414ecb84802d170f185bb9f008da263f7b488a76911c69e93855255b001ae51f442a7ed"}, 0x60)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000080)={0x0, 0x5}, 0x4)
setsockopt$ARPT_SO_SET_REPLACE(r1, 0x0, 0x60, &(0x7f0000001300)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000000000000000000000000000000700000004000000a8040000000000004001000080020000c0030000c0030000c003000004000000", @ANYPTR=&(0x7f0000001800)=ANY=[@ANYBLOB="0000000000000000000000000000000000000000000000000010000000000020000006519ac86afdf8a9000000000000000000000000000000000000000000008322c4f4d9505515e5b508ea670ad0c433e41b28aeeb2cc22552ddbca0f7afb3f46aa0f66432cbb040a26a78f58d6af51cdd098a557f3a7c36eb730dc2764fa58b6dd58b8afeb75b3e2cc2d59cb86cacd1ac937f18525fed39b24c43ac06cb7502a70f337eb99b24ed5aea098e97f6e786439a248967f6eecd"], @ANYBLOB="000000e0e0000001000000ff0000000000000000000000000000000000000000000000000000000000ffffff000000000000000000000000000000000000000000000000000000000000000000000000ff0000ffffff00000000000000000000fffb0001000803ff0002726d73797a6b616c6c6572300000000000006272696467653000000000000000000000000000000000000000ff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010100000000000000000000f0004001000000000000000000000000000000000000000000000000000050006d616e676c650000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ac1414bb7f00000101000000ffffffffac1414aaffffffffffffffff00000000ffffffffffff00000000000000000000000000000000000000ffffffffff00000000000000000000000000000000000000000000000000000000000000000000ffff00ff0000000000000000000000000006000400078001000600f4626f6e643000000000000000000000000000000000000000000000000000000000000000000000000000ff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000f0004001000000000000000000000000000000000000000000000000000050006d616e676c65000000000000000000000000000000000000000000000000aaaaaaaaaaaa0000000000000000000000000000000000000000000000000000e0000002000000000f000000ffffffffe00000017f000001ffffff00ffffffff00000000000000000000000000000000000000000000000000ffff0000ff00000000000000000000aaaaaaaaaa0b00000000000000000000000000000000000000ffffff7600000000000000000000000000ffff000100040008000773797a6b616c6c65723100000000000073797a5f74756e00000000000000000000000000000000000000ff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000120000000000000000000000f0004001000000000000000000000000000000000000000000000000000050006d616e676c650000000000000000000000000000000000000000000000000180c20000010000000000000000000000000000000000000000000000000000ac1414bbe00000020c000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c000e8000000000000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000000feffffff00000000"], 0x4f8)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000000), 0x4)
getsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, &(0x7f00000011c0)={{{@in6=@remote, @in=@dev}}, {{@in6=@ipv4={[], [], @broadcast}}, 0x0, @in6}}, &(0x7f00000000c0)=0xe8)

2018/05/15 13:08:08 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = msgget$private(0x0, 0x20)
msgsnd(r0, &(0x7f0000000100)={0x3, "3c8a0602ee87c258c0ae0c570a76d5b820d524120ceaa276723d1c0a63fee5fbaf0541362d88631be006b4d31d2aff6928158a42f5b2839749c1f5836349adfdcefeb9dc34b18e708336b5ae17d58e681eae4ff3e3915e31525b9a603eca57a3d53a4a6aa6a7c1aca928fc7deb"}, 0x75, 0x800)
msgsnd(r0, &(0x7f0000000000)={0x3, "09ba9f398a1658353a20c8eeec540026dce15bbef77775e3c315102f4dc8902591"}, 0x29, 0x800)
r1 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
clock_gettime(0x2, &(0x7f0000000200)={0x0, <r2=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r2+30000000}}, &(0x7f0000040000))
tkill(r1, 0x1000000000016)

2018/05/15 13:08:08 executing program 4:
bpf$MAP_CREATE(0x4a, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:08 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x500, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:08 executing program 0:
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000000)="d476c96bf4ee7309b1dd17b8c6e26fc221d26f857a1b3b56d0d71d1117a679faaa490d80659b3ab8b53ba2b59328934a611466cd8edffb0532264c8fb2b0b4368e3855ee974f1aebd7747001fc56e1751fd0f58396117d4ed8564b24f31d26f71039b8f2d2cfceec00a4e96a90273ea6d738c409b03fe773843583429f1729228d9343b2cc223902bfa8465f19808a71d833fd05e201047bf135b1aa83dee650e13897b375140f7676908ea69969b8adc4a1ce6a8629f76489b3fbe3495ebf7eaa7036f9d6f7c6069f94a6218c88de2626439aaafd57bfed5a1bcc409cdb2356516cf3c46854d85d031208e6f77ba55200d66acefd690ab5396912d908318afdd78449df2c87784f31c30a9bee94a7d8b3")

2018/05/15 13:08:08 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004001400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:08 executing program 4:
bpf$MAP_CREATE(0x17c, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:08 executing program 7:
r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer2\x00', 0x0, 0x0)
fcntl$F_GET_FILE_RW_HINT(r0, 0x40d, &(0x7f0000000100))
pipe(&(0x7f0000000080)={<r1=>0xffffffffffffffff})
fcntl$setpipe(r1, 0x407, 0x63)
ioctl$KVM_SET_GUEST_DEBUG(r1, 0x4048ae9b, &(0x7f0000000000)={0x10001, 0x0, [0x7, 0x7, 0x8, 0x1, 0x7, 0x956, 0x7ff, 0x1]})

2018/05/15 13:08:08 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40106308, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:08 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004001500000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

[  345.527898] binder: 21191:21193 BC_INCREFS_DONE u0000000000000000 no match
[  345.535079] binder: 21191:21193 unknown command 0
[  345.565711] binder: 21191:21193 ioctl c0306201 20000200 returned -22
2018/05/15 13:08:09 executing program 5:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
vmsplice(r1, &(0x7f0000000280)=[{&(0x7f0000000180)='r', 0x1}], 0x1, 0x1000000)

2018/05/15 13:08:09 executing program 4:
bpf$MAP_CREATE(0xd20d000000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:09 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000000)={<r2=>0x0, 0x80000001}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(r1, 0x84, 0x1a, &(0x7f00000000c0)={r2, 0x17, "150e1dd891e48b58aaaa5f3c488dab557ab228ecf99b73"}, &(0x7f0000000100)=0x1f)
fcntl$setpipe(r0, 0x407, 0x9476fe0)

2018/05/15 13:08:09 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x9)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x45)
ioctl$KDDELIO(r1, 0x4b35, 0x6)
getsockopt$inet_dccp_buf(r1, 0x21, 0xc0, &(0x7f0000000140)=""/117, &(0x7f00000000c0)=0x75)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
getsockopt$bt_BT_POWER(r1, 0x112, 0x9, &(0x7f0000000000)=0x4, &(0x7f0000000080)=0x1)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:08:09 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004040400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:09 executing program 0:
pipe(&(0x7f0000000180)={<r0=>0xffffffffffffffff})
write$binfmt_script(r0, &(0x7f0000000040)={'#! ', './file0', [{0x20, 'vboxnet0)%\\wlan1,!system'}, {0x20}, {0x20, '(+'}, {0x20, 'vboxnet1'}, {0x20, 'mime_type+'}], 0xa, "0ab4308082fc8764e57f07f9589ef3f7d4c6f8899fe08330358bd12659d2dd6c5679ebbdba8239f0ce49776254c3db302a0187f411a6186480472b8dd0d600d815111cb63657620c43eeea5bebf9074890edfb9ea558fa3b4a7b8009d72f166a38a198f3bd2c6fb75c1473df4316b9008340155737766b050e110069f8777da08f69804054d27149e719cb686301fe7d90fa26fe985ee6e5d54acb8a452d1f145323c11a1cbdc05269b38776f250dd6fd72dd06eb226119e1de31e27981ea819524b6d29989f6e7cde13b4949724a3329ddb050aa802996b"}, 0x114)

2018/05/15 13:08:09 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x400c630f, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:09 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snapshot\x00', 0x800, 0x0)
ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000180)=0x9)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r1 = openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x1, 0x0)
ioctl$TCGETA(r1, 0x5405, &(0x7f0000000100))
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r3=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r3+30000000}}, &(0x7f0000040000))
tkill(r2, 0x1000000000016)

[  346.209879] binder: 21206:21217 BC_CLEAR_DEATH_NOTIFICATION invalid ref 0
[  346.216994] binder: 21206:21217 unknown command 0
2018/05/15 13:08:09 executing program 7:
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x400, 0x0)
getsockname$inet(r0, &(0x7f0000000040)={0x0, 0x0, @multicast2}, &(0x7f00000000c0)=0x10)
r1 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0)
ioctl$SG_SET_RESERVED_SIZE(r1, 0x2275, &(0x7f0000000080)=0x100040000000)
mmap(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x0, 0x2012, r1, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x81)

2018/05/15 13:08:09 executing program 4:
bpf$MAP_CREATE(0x7222010000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:09 executing program 0:
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000080))
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cuse\x00', 0x12200, 0x0)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000040)={@reserved=0x1})

2018/05/15 13:08:09 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004001600000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

[  346.255910] binder: 21206:21217 ioctl c0306201 20000200 returned -22
2018/05/15 13:08:09 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40086310, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:09 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)
getsockopt$inet6_tcp_int(r1, 0x6, 0x17, &(0x7f0000000000), &(0x7f0000000080)=0x4)

2018/05/15 13:08:09 executing program 7:
pipe(&(0x7f0000000000)={<r0=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x407, 0x9476fe0)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r0, 0x404c534a, &(0x7f0000000080)={0x5, 0x8})

2018/05/15 13:08:09 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000300000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

[  346.373980] binder: 21239:21241 BC_DEAD_BINDER_DONE 0000000000000000 not found
[  346.381814] binder: 21239:21241 unknown command 0
[  346.445180] binder: 21239:21241 ioctl c0306201 20000200 returned -22
2018/05/15 13:08:10 executing program 5:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
vmsplice(r1, &(0x7f0000000280)=[{&(0x7f0000000180)='r', 0x1}], 0x1, 0x3f000000)

2018/05/15 13:08:10 executing program 4:
bpf$MAP_CREATE(0x2aeb, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:10 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40086303, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:10 executing program 0:
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))
r0 = socket$inet6_dccp(0xa, 0x6, 0x0)
r1 = semget$private(0x0, 0x1, 0x14)
semctl$IPC_STAT(r1, 0x0, 0x2, &(0x7f0000000240)=""/235)
r2 = syz_open_dev$admmidi(&(0x7f0000000340)='/dev/admmidi#\x00', 0xfffffffffffffe00, 0x8200)
ioctl$DRM_IOCTL_GEM_FLINK(0xffffffffffffffff, 0xc008640a, &(0x7f0000000380)={0x0, <r3=>0x0})
ioctl$DRM_IOCTL_GEM_FLINK(0xffffffffffffffff, 0xc008640a, &(0x7f00000003c0)={<r4=>0x0})
ioctl$DRM_IOCTL_GEM_OPEN(r2, 0xc010640b, &(0x7f0000000400)={r3, r4})
getsockopt$IP6T_SO_GET_ENTRIES(r0, 0x29, 0x41, &(0x7f0000000440)=ANY=[@ANYBLOB="6e61740000000000000000000000000000000000000000000000000000000000c00000002c73f903236cc9974d10dc826a17a653880b4fa82d63ff4d7837309e1c0dff41275628bee27649e1415194b63fa6a0c28647e001283b3b40fdc2e5ffd8057daecf6fed2afaa2a56068037a9b0f039631ba047991ba6821f8a3875afeb63cb072b35b0dfcbb19d92fa632417f2ed2a40286dc8072ae48e1e4c1bd9f636998c5fc4d42d53c1f39d9b73a2aca384f87ae537e3ca7200a18d94d25dbf891e32d09b9e560fa60b02e47186b89b084bbbd8be5790459c36753d2236e2595d34d1aeb4e3bf0100e9c8891e09c87edd4"], &(0x7f0000000100)=0xe4)
r5 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x100, 0x0)
ioctl$TIOCLINUX6(r5, 0x541c, &(0x7f0000000180)={0x6, 0x3})
setsockopt$inet6_MRT6_DEL_MFC(r5, 0x29, 0xcd, &(0x7f00000001c0)={{0xa, 0x4e20, 0x5d, @mcast2={0xff, 0x2, [], 0x1}, 0xbe2}, {0xa, 0x4e22, 0x9, @local={0xfe, 0x80, [], 0xaa}, 0x9}, 0x1, [0x9, 0xa7, 0xfffffffffffffffb, 0xfffffffffffffffa, 0x100, 0x0, 0x5, 0x6]}, 0x5c)

2018/05/15 13:08:10 executing program 7:
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x407, 0x19476fe0)
setrlimit(0xd, &(0x7f0000000000)={0x5b1, 0x8})

2018/05/15 13:08:10 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
accept$unix(r1, &(0x7f0000000080)=@abs, &(0x7f0000000140)=0x6e)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000000)={r1, r1, 0xa, 0x1}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:08:10 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000700000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:10 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r0=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r0+30000000}}, &(0x7f0000040000))
tkill(0x0, 0x1000000000016)

[  347.236827] binder: 21273:21274 BC_FREE_BUFFER u0000000000000000 no match
[  347.243858] binder: 21273:21274 unknown command 0
2018/05/15 13:08:10 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x407, 0x9476fe0)
ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000000000)={{0x2, 0x4e24, @multicast1=0xe0000001}, {0x307, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x40, {0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x14}}, 'veth0_to_bridge\x00'})

2018/05/15 13:08:10 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004120400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:10 executing program 4:
bpf$MAP_CREATE(0x2c01, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

[  347.299149] binder: 21273:21274 ioctl c0306201 20000200 returned -22
2018/05/15 13:08:10 executing program 1:
r0 = syz_open_dev$sndpcmp(&(0x7f0000000340)='/dev/snd/pcmC#D#p\x00', 0x7fffffff, 0x101000)
accept(r0, &(0x7f0000000380)=@pppol2tpv3={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, &(0x7f00000005c0)=0x80)
r1 = openat$md(0xffffffffffffff9c, &(0x7f0000000000)='/dev/md0\x00', 0x2800, 0x0)
r2 = accept$inet6(0xffffffffffffffff, 0x0, &(0x7f0000000080))
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/nullb0\x00', 0x200000, 0x0)
r4 = syz_open_dev$usbmon(&(0x7f0000000140)='/dev/usbmon#\x00', 0x6, 0x10000)
r5 = accept$unix(0xffffffffffffff9c, &(0x7f0000000180)=@abs, &(0x7f0000000200)=0x6e)
r6 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000680)='/proc/self/net/pfkey\x00', 0x101040, 0x0)
r7 = accept4$unix(0xffffffffffffffff, &(0x7f0000000240)=@abs, &(0x7f00000002c0)=0x6e, 0x80000)
ioctl$KVM_S390_UCAS_MAP(r6, 0x4018ae50, &(0x7f00000006c0)={0xa75, 0x4, 0x6})
ioctl$ION_IOC_ALLOC(0xffffffffffffff9c, 0xc0184900, &(0x7f0000000400)={0x9, 0x6, 0x1, <r8=>0xffffffffffffffff})
r9 = syz_open_dev$dspn(&(0x7f0000000440)='/dev/dsp#\x00', 0x7fffffff, 0x40)
clock_gettime(0x0, &(0x7f0000000500)={<r10=>0x0, <r11=>0x0})
ppoll(&(0x7f0000000480)=[{r1, 0x401}, {r2, 0x1040}, {r3, 0x400}, {r4, 0x4}, {r5, 0x310}, {r6, 0x20}, {r7}, {0xffffffffffffffff, 0x80}, {r8, 0x400}, {r9, 0x20}], 0xa, &(0x7f0000000540)={r10, r11+30000000}, &(0x7f0000000580)={0x5da}, 0x8)
r12 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r12, 0x1)
accept$inet(r4, &(0x7f0000000600)={0x0, 0x0, @multicast2}, &(0x7f0000000640)=0x10)
r13 = dup2(r12, r12)
bind$inet6(r12, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r13, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r13, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:08:10 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x400c630e, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:10 executing program 4:
bpf$MAP_CREATE(0x24, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:10 executing program 0:
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))
r0 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x4, 0x486000)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0)
getsockopt$netrom_NETROM_N2(r0, 0x103, 0x3, &(0x7f0000000040)=0x5, &(0x7f0000000080)=0x4)

2018/05/15 13:08:10 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004020400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

[  347.435671] binder: 21301:21302 BC_REQUEST_DEATH_NOTIFICATION invalid ref 0
[  347.442990] binder: 21301:21302 unknown command 0
[  347.511426] binder: 21301:21302 ioctl c0306201 20000200 returned -22
2018/05/15 13:08:11 executing program 5:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
vmsplice(r1, &(0x7f0000000280)=[{&(0x7f0000000180)='r', 0x1}], 0x1, 0x40000000)

2018/05/15 13:08:11 executing program 7:
alarm(0xbec6)
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x407, 0x9476fe0)

2018/05/15 13:08:11 executing program 4:
bpf$MAP_CREATE(0x6a010000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:11 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004030400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:11 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x630b, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:11 executing program 0:
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x40, 0x0)
ioctl$PPPIOCSMRU(r0, 0x40047452, &(0x7f0000000040)=0x1000)

2018/05/15 13:08:11 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
fsync(r0)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:08:11 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
futex(&(0x7f0000000000)=0x1, 0x4, 0x0, &(0x7f0000000100), &(0x7f0000000140)=0x1, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r1=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r1+30000000}}, &(0x7f0000040000))
tkill(r0, 0x2e)

[  348.229565] binder: 21329:21334 ERROR: BC_REGISTER_LOOPER called without request
[  348.237212] binder: 21329:21334 unknown command 0
2018/05/15 13:08:11 executing program 4:
bpf$MAP_CREATE(0x386, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:11 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004050400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:11 executing program 7:
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/drop_packet\x00', 0x2, 0x0)
setsockopt$inet_opts(r0, 0x0, 0x9, &(0x7f0000000080), 0x0)
r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000040)='/dev/full\x00', 0x240400, 0x0)
ioctl$VHOST_NET_SET_BACKEND(r0, 0x4008af30, &(0x7f00000000c0)={0x0, r1})
pipe(&(0x7f0000000200)={<r2=>0xffffffffffffffff})
fcntl$setpipe(r2, 0x407, 0x9476fe0)

2018/05/15 13:08:11 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406354, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

[  348.296233] binder: 21329:21334 ioctl c0306201 20000200 returned -22
2018/05/15 13:08:11 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000000)={<r1=>0x0, @multicast1, @multicast1}, &(0x7f0000000080)=0xc)
ioctl$sock_SIOCBRADDBR(r0, 0x89a0, &(0x7f0000000280)='veth0_to_bridge\x00')
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000000c0)={0x0, <r2=>0x0}, &(0x7f0000000140)=0xc)
setsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000180)={{{@in6=@mcast1={0xff, 0x1, [], 0x1}, @in6, 0x4e20, 0xfffffffffffffffc, 0x4e24, 0x5, 0x2, 0x20, 0xa0, 0x2f, r1, r2}, {0x2e2, 0x9, 0x401, 0xef0, 0x1, 0x17d, 0x7f, 0x2}, {0xffffffffffff609d, 0x7f, 0x92, 0x41c14701}, 0x2505368e, 0x6e6bb6, 0x3, 0x1, 0x1}, {{@in6=@loopback={0x0, 0x1}, 0x4d4, 0x3b}, 0x2, @in=@broadcast=0xffffffff, 0x3505, 0x2, 0x0, 0x7, 0x4, 0x3}}, 0xe8)
r3 = dup2(r0, r0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r3, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r3, 0x1, 0x7, &(0x7f0000000040), 0x0)

2018/05/15 13:08:11 executing program 4:
bpf$MAP_CREATE(0xf000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:11 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000200000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:11 executing program 0:
r0 = dup3(0xffffffffffffff9c, 0xffffffffffffffff, 0x80000)
ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000000)=0xfffffffffffffffd)
setsockopt$inet6_MRT6_ADD_MFC(r0, 0x29, 0xcc, &(0x7f0000000040)={{0xa, 0x4e24, 0xfffffffffffffe01, @remote={0xfe, 0x80, [], 0xbb}, 0xfffffffffffffc00}, {0xa, 0x4e22, 0x7ff, @mcast2={0xff, 0x2, [], 0x1}, 0x6}, 0x10001, [0x6, 0x2, 0x200, 0xaa62, 0xe1, 0x121f, 0x7fffffff]}, 0x5c)
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))

[  348.388276] binder: 21357:21359 unknown command 1077961556
[  348.416008] binder: 21357:21359 ioctl c0306201 20000200 returned -22
2018/05/15 13:08:12 executing program 5:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000000c0)="b9cfaa713d069922ea49c0c6c10953e5abb0d075cd9fed4dbfe1a2abb6f71b15667f48728208a5e4b355a62ade506fab25bf1193e65ab925381767341a1e7b5e9f6cee75ed93978a033fdafa7a3b7c954a08c7bb8f1f7ac757bdbfd33030ff7bdfe28f6fb1dff67b269707902cf0ce7214f42d7d176081981b2533835146dde7782560dad7cc07a04c925099d5dd0b17d2", 0x91)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
vmsplice(r1, &(0x7f0000000280)=[{&(0x7f0000000180)='r', 0x1}], 0x1, 0x0)
ioctl$KDSKBLED(r0, 0x4b65, 0x1)

2018/05/15 13:08:12 executing program 7:
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x407, 0x2bb)

2018/05/15 13:08:12 executing program 4:
bpf$MAP_CREATE(0x9002000000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:12 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406309, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:12 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000500000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:12 executing program 0:
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x404000, 0x40)

2018/05/15 13:08:12 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
ioctl$KVM_SET_GUEST_DEBUG(r1, 0x4048ae9b, &(0x7f0000000080)={0x40002, 0x0, [0xffffffff, 0xd49, 0x7fff, 0x9, 0x850, 0xffff, 0x7, 0x9]})
ioctl$KVM_REINJECT_CONTROL(r1, 0xae71, &(0x7f0000000000)={0x7ded})
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:08:12 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
clock_gettime(0x7, &(0x7f00000000c0)={0x0, <r1=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r1+30000000}}, &(0x7f0000040000))
tkill(r0, 0x1000000000016)

2018/05/15 13:08:12 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004001400000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

[  349.220546] binder: 21396:21398 unknown command 1077961481
[  349.251347] binder: 21396:21398 ioctl c0306201 20000200 returned -22
2018/05/15 13:08:12 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x407, 0x9476fe4)
vmsplice(r0, &(0x7f0000001480)=[{&(0x7f0000000000)="59965765586f58b1385de8595a67bd978bed6d9d4b4da0a5155c9973e10b1e8f7ce87eb7dc7083d6156508afdcda75bc5fb29809ee22d610139edec213d6", 0x3e}, {&(0x7f0000000040)="1bd967cc4e888f0b5dd6695c4c95523aa56f1aaec6674eab", 0x18}, {&(0x7f00000000c0)="a3ed9cc38595fa378735d6c3c8e79fe64a24c82ffe524a0b6c1ac3cf8ee85d0bda825f03113aa5323723a9ac07dd72912224e59bcc29581561fb08a53b9964f1c4f8a7595b0d134a36443b3b4891be16517f9aeab636321f3287bbb6242f9fa6cd7002fb1ee983cd26d275bbd91e3775ce056042e97581cb4b317eb52361045b0da79d7db27c54246465d976d39e55ee922a4724947f75b74742b8096379355861f2f0bcd94469245054901fe6091460e1f5c0202ae889ea07e0c81cbbe23ef8c8e1e7ea1e3c058b7daa41296de73a7d4b3e45f94086155dd062d4a52bb375af2a363b6dc90ad39dc6e4c7f7c206007c25ad6df5c23ed0f2332c8f17f395d0b208f36ff7ab305ec85528548f1b6d88b63a7f2ebcc0f8eda32d91c250176b04221ec66a7efa869f1eedc91b41b0b827bf3ab2506a08d33bbc40de520b6f78a515f7ca677af8af662ecab33061b99bb335bf7d02ca21444d7c6f1ab8784ad96899e9494b2de1c97f994e245ebf1753aa5500ba4d0bc8dbb972aa08a01d97a7d4e5834a326342d06d428bd9ef55709f47cf972cdb20634d48909c5c1316c13ac202de77641d6e150f45f5b8af29f009419831211fe6af2d19843fd8e5b93a1b7be669a05f49aeec5aa3b8ceb9789623706755c78a2236b00860368c67ca703ea1d4e1e47a19c4989010892e70d3285a286d0474140cbee4df7668a7ed8549d153d4f3f2be1e341bd428588b9ce7c82bf2b90b625a2d8f361dcc65a176f53430c9212a1c8b4d4c3ce16b5b090146272dd00dd2fba0e03b5a393728dcecf251c45606814e890e8323ada2888f66e116cc4e0f71435fb9b49e1e81dc901b7f0d974d57225b40885f1b7cd5b246de8160e9c0b2bdb1794a802cd4ecb411f3eda7745f84d860be5f466d0ef09554b5a7fb0a38f60a69e6ff8c9ae6cf3d937f2beed4900cc83f85362e76977fd4d8975ca87f50138179621a54a13542ccb06ed35890b00e09331c3ed033fa3f56b493bed772904aebcae349be30b7a6d43683dcd99b7f7d0ef3443d9f8ad46dc60f023a68c62d34fe29090e983950d7534238d44c5db2895ff431ee50280930caf9c7d48e5e3235cab412e807bd06dc0920a857ca0723ba9af24c796995c29b77a7cae3dc6fae15606f15cbd3629ab1cd2fae2dfa9cdcfb440d686aea0ef7ff1cefd3aff852407cb4ef434b4c5316e0cf18a65977e77e5602e13b0aea136674a9312036ec954d88d6511700814cbfa9667496f5ec650cdf78283073d01f4ac2b5cf53a4a6cf33993729cac732812a4fcee85f2420a0202fc171e3dfaef3c8b0826df538c6a20a508aca09a67b7cf207998d51e13610183a5dcda743e3d33b84662a70852702e6b0c9573fe51a89a5a548f6d22b66ab5814951e2e251a2c72427fc48cf47b216b16aaea13a78ae71a71c9da26c4752bc80cab63467824a87e4590026b29dd8df6e3ab7fdae11b6aac4808b0b201ef0a449bd52afdc1d46261bfaac2983f7b3a6e79822515822972f6f827de713a227e438ff9da89d964637223e03e03d7872209e06f5819274eca8560a609751d814c26336e720e7767217b6e6c6cff6f8569a08ab95c0eca4108dfcc151f265466b6b778a4619e633d62b81ab368bbbd22bc72deda19086bcd0a57729ea1c1a568fcd6b5e7c1374debe024b3de35ca76f06faf9273202b987ecd74a4419dec02cf14fa2dabca5268c2f751a54d770eb1cbf6c3d6ebd617276fb8bfef955a1817fa8687be1088b68552287a3bf9fd9ecd369fa2627e7c1dbbbf00fcafd5feef7bc90c2e33552f20421e2166ef496136cf43c53f4a850d7d9b1a5aeb4af6ffd6c3b98d9c0017c7beab1416aa02fd9c6e8a7480553065b973bcf18b0836f52e9e72dafab77d6cc762b40dfedfbc082a18da004fb342b803e92213b53bc56618124f3539ac69d4a0466a4f57fa4f596ede037bb381f1e8815a15356dfd848f15c4c977a8243b7d06d6775f03a35674df0303c415cb17e7ba2d71c5d713854a6295b55affb8b7eb4283f27ac50974617250b9f7a8798aa42b0c84a001c0f4cb858f415e6fc6b173ae2b16ace4411ed661d3d9971d9cd07ec2cbd3b481a1b71ae36dfa16d7d53cfe1b4ae847b97a75bee9febee72d20bee7db4fe9067d7849235922bf6e57cf63d4615bccae87b17f1cca36b61dd35cb8fe5ed69cbe1129007c9b436ddf5cff9c172d51616f55de51756685fdc5a03e665756add834b9bbf2f9d0c8d536cc95ea4e93de8ee963cd87fa82221a9446116167806fed9c286fa9962eee8e05c95b5ea5ff7b0eca92facbc7d141f0dd2c1d57e9af8161d4fca002ff0c70ce0ec04f571be6422f77962ca84728553f03e622a6609289ffea55fccb34e61a268208a5c5f1719492d538fbf4c34d391cd863df270f056ad2bdff26b07ed68fd1061edce7fcb2a274a61c702d60caf414abfefa7f0e81796d1e8bb1573efcb63a8f4e9541321c2608366c9b5420d5a18fb789b5af55068718f29f2c18167f8e66bbbde207801f283ac92b30567eedcf132e1de94284fffad99a232cf21c09cc06ca1701088250c699940fb676788b4c0e63a233eb732f55c01a2f4574ab8d7e7f844c5f4fee0ddbff01aff5b4f0979dff74d82e13666c4e9d8ee513a386eafdec27c279669188c28d0f0217b90bcdfd32544413e16c239b9568b5dcf1cb9e94fb7e7a2c341fa75b96777ffe9d9f6e96e44e64f0b4108ea234ba7fcc22d6e59b2f3abb638e6ec34796fdc91204f54dc01b75354a5dc8db93a84710fd610cd69d6e5684cdb4c85570b92ab74f801e5cda0b85880fc46857c8d7e1a3a1ff4324946bbdcf3a7786e4f9d971c2e2253742ff7a505a657dfc608eece04af2e6b6b58bfb8e6f40a1f2d9f902defb138e8a6739860f344787338ca4c93c8a1ffbdb0e2e2e82f4cf5cf1b015a6bedc420253f0e2642367e87fca4e247b1b35c7d05ae58563e539de3107be179c7a94a4035daa4c65aca40b472a3ef7e27d79f8190e12560c56443c0275c238fd243f65306ebca11bc0847b78c56825819e380294544e3add8e54e12b0ebd840beb46075257509b5a9cbce0838acc7f90503371f86d6744ccb0e44e3e48ef1c8c988807c7a4f8002f764b1dcb0eddb0e3bf6d73a832e3dcc5e5d194f05d43e95e3a42dcc5334dc67a9a74dcb6644ab745b6caba4f8c8e2ae9cbd4df2aabab873f6d0d4be82898649852df769a0a0fe4e42e6d8d170b52688282f51f57ee91f36324dc3eb633f0d2635f6e9750a75cabb70104ac91651a393fa4eb1c4439d5014ae5acb77fc6d023da2d7d73ddde6a1e34316f3381fe092b71b2b8a91b9cf1565be7b68ae7a5fc743ded9be934388fd7093ba7adbb83eb1007238fac8b675379c10dadcf7706de2685293f86c1026f9cd221503182393bc36b33c18cfdc88c01b99054ae7a1fa15d9d80c13f555a647e9e3a30bab3e0d5cf20a7fb0bcf9166cc813f45e862900b66b9a5dff7b5ab968cab72ab2b8db1a1e527f2f0b1ae54d16abfe6d6277e753015300af9b30013f8d951131733a763c84944f5c7a8fc5ebfe02fc4b56859bd2273784dbc88f0b94ee041bf3a3022cec3c89e53b66ee45d52a6e2ae41718265cb6edeb7cd53e73381393a73223e4a8cd05f29e82d2360a61716d66f5084cbed3f26bec7b4b0859c01ade2ee87acfba45a3ce1a967f4fac2d8438ff614946ac3fe847ccc1835a67c2add36a5da9d409d31f803ac2d3ddb0e3291b5054f353823bc721f3c6b16df180b1cb54b2ca8ab85350ca979f89c777118155aaf635285731b9fe7d31c40574bed071cef5724085fa50443d65ff347137200f833df34175d2c3b7cc4b343360e884849fa375ff675e617bcfde2e16d77e394b0ebd7dc9a4a52bca5ab6d687717795208f8e96b7ccdaf0ea484eb24c2bd9803c4971b698bf7ff23e501d64a33c8dd50316336add5c102ef235d9cfbd1dfd6da78cac701d41acef33ee971817dc20e36655021e9a465419153b04bbdb02b1cdf737d50e77198524bfa9dc4e387aa5d5ccca0299f115a1729f193a7df5b3023411bf03a6fd59309f28ec12001fe0aa7bc72fd842ba0bd2c800771ec7024376f8d0213e390d03170945772447ee437b9ea92bab1e09a525dfc160b58b050b51955026103ac6f7ba9103926edd67be28f4c47c9e2e5518e9f8d52a07c37dd48a248efd3793fca05d4e2f2debf942cd6ea7b3c9fe19bb8036d345f0b703eaa89874956f7caae66d49b6c41fc84a3e4dc13b6b5011d5915d50ebeef66376b31031833e35da7648a1d2a4d8e65c4407f263c373ef552ce4a60c71fcae10da5db99955e8f774b993de128bb94025452a6686c824d24f655b376fff5e62e9b1fd64f2cce1c3c77a05fd57b719c4c634bd1a9046ef38ab0f74b3ae29740c146c041478b8d208108835d33cd9077ae1c9898a911650155205c3e995ba746442f055f50b0896bb36e06916c2b0b37d4c4d4a3a570aa0124512e1ca1909a7c8595a424fb4e8f59e33e7dcdda781cc4cbbbdd4c5162fc43890efe51c9b78ab9a01ae79954251f435c5e4da950121b596ad622b40725d9eec970badcfcfdd88f201c9ba25f68a0818bd519bf74758d70ca215057b5a53c9583a075349be044e53a99fc15fcf26e651954a2cd3174f5920ba78eb71e0a35223b82afc42f226d24ed590b54f127346b1e2a692c779c43e47d2443b464e2df59c7d6420e24f9e5b876e4c2c98afc1d6d2400909f0633a5a15396123750a135c605a7f36d0ee31ff6877125096aadc9050ef43bef4a5dc798160c79891f97bdf0572fde456023f0ed13a9ed786f848930c857f4760c8c9991b7c6acc76e8616da8c9c136cd2fd7ebb839275ffbf85e327510cc2c76fed8a3741691d4f81581b30838250d7e5046aaf6baa170e70937dec7df9e3915abc464bdaa119f14111981cc787ff0ad5d01a8c45dbfa5a239427ecd25941eb4d90544ad39e00d35b49fa5a336b6f6b1c718c98c87a7105710aa89e98300ff1deac1a6bd31014dea5493a3848fea5316cbfc7950f4384d75967f9099c7a4db59812144ce48186e23f6d63d44cbae26d9aabfb4f55bccecd3bae39d623753c16aa903ae13c1ac89fdd40b21e8b7e1665aec5230cd9bec7154f8385936d6a3211985c7185bac8f14c45a1ecbf57dd3e9cb66a27a9a6bce8131e7e27343bf06cc06d1bb7f342654f55e4f1d1ae261d0b6b760272c82cd79cfcf43ca353512dfce8e74499cb1ece641f042d786ed84857fca9062e4c7d01aa65db0f799c3907e084a5757b18cb0443c01fd694d30dd9377ced02038a7be0016aa2ca7c4b8bce186b35e008ee51197e9fcace954c3d0175e27be70ddadf78c2fb21eba3de99b0394ae438355754a6c7c3676d4e32ac9781d9a96965ba85baaa6904c48c969795a7f5448718326b31f78cfc3355c379565749b271a134687f23e64adfeeefaa657957e3271cc670a51484737843bc7699aad8f7ef76747b382fc4914ca6cb722d4b47daa3572eb36776e62085a6c0151d2e623306805fdfc61de3737a0c0ae9c109b538fa4ea5cde9704cf5fed8ee0a7dfe90b952d42dd7042fda52015ff5aeb6bd119e1ca3c65e3f0eed9d2a03a9fb459b0acb073a213d44d8ceccce3387621338a259719f4558f78bcafd98ffd0cb174c40a796638fc2b97cb345a9065c2a015044098794bb5128a86ff1b9a409e89e3beb69b49c8b81c7193e24aef5e75800c8e5cf061e4e43fdc844543c1b2661e9871e4e4ee8a1026bb438", 0x1000}, {&(0x7f00000010c0)="5acb2b8f29dc95efb4405c9faceb7a9ce1541e969f7dc65e145e0d658b1b20241f281cbb41a4d907bb75d268527f2f4539215b1ad196c86fc0e540e2ab858f1b16dcec868a8984125a49859017d50dcc84eeca185eb706a1396672383ecf4e1a8e423a63d2c774485264e165a95c50d74f59c4cb2fa3613449a3629cb7acfa2ed4fb644694a921f3341148a0a30d1a0420ea74c41b6bd6c1287c8526555e7123bd71132d5633673d8cf4ea2e901e70b98d8b65a0b0ee0c811b4601400aaa4924cc3bc038d8ba5c5e89a5f5120e60a416572c7a356dc7477b4fc192ee249dab940cf636e487", 0xe5}, {&(0x7f00000011c0)="0380ba5ae5e61e6c9d1ccd2faffc72ecfe529c50ee62a453cdd9542d416d2d94ca67b4a5452cd30eebb867a5630c16", 0x2f}, {&(0x7f0000001200)="7a30215d094fb6f6e86c233602d55dce4d65788c0556e9b6705c29929dbd8be7e19bed9564746bd223d2d29464b5cffec7148b08a512f3dd4dc3736e5f33f2eaccdf0430f91b999a621b83720ea33e1fd3a4986ac43b02a4dd089891ac8438157dbbe4054bf33c3fc6f9be3e2212cb7dfaba4876212a243deb4b950e1e8c989767af4a77643559c0d09318c00cf60f2ef0dce4fb0c75e417e3", 0x99}, {&(0x7f00000012c0)="418f8a39e79d6bbb071103987dc3774d6e56e9e95b26e930728cffa82112d7b8bfc9910c308c61aa24ec6162040c06e337470be3eb42ae00a1dbc2c7af3e073bd1ef532a6924bdff33b4b3eca0257ee1675156e48c43ab93dbb85f3d529da56c798214c3f7592a6d22f8717c1547e269f6a8159d7354cb58c9cdfa085bffd10b5e226b8af95ace2d92ca2a04df9dc8", 0x8f}, {&(0x7f0000001380)="776dc4aa352499b6d9b8b187f985bc5ab3b304b7a0c9803f41fcf84ea979529c4bf523a72a287eb11b73b87bef80b223efd401537ee10a2486e56022ccfac3da35868bf38a502437857b397661221390d4eb818b623b9cf4fcb0463a19d8d11f97a29ff2e0ed3f614c7201deaf9aab777713974894631423ca5a8f725a1e36620904d38c4c7ed1646462dae8d688427c12b71d32fe8886e71f872e7d1d761d4d68ea844141d4014e32076582ee80caffa31ecc0c67c7d455004ce58520513592055791b75e0feb9051246c792c8a1f92565ed8ffd245eb9d8602840a8d5ddd4433de734c9d4e3c7c839d88d342c218d6beef", 0xf2}], 0x8, 0x2)

2018/05/15 13:08:12 executing program 4:
bpf$MAP_CREATE(0xce06010000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:13 executing program 5:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
fcntl$setpipe(r0, 0x407, 0x9476fe0)

2018/05/15 13:08:13 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40046302, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:13 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000300000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:13 executing program 1:
r0 = accept4(0xffffffffffffffff, 0x0, &(0x7f0000000080), 0x800)
setsockopt$inet6_tcp_int(r0, 0x6, 0x14, &(0x7f00000000c0), 0x4)
r1 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r1, 0x1)
r2 = dup2(r1, r1)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f0000000140)={@mcast2={0xff, 0x2, [], 0x1}, 0x3, 0x1, 0xff, 0x6, 0x1, 0x8c, 0x9}, &(0x7f0000000180)=0x20)
bind$inet6(r1, &(0x7f0000000200)={0xa, 0x4e23}, 0x1c)
connect$inet6(r2, &(0x7f0000000100)={0xa, 0x4e24, 0x0, @loopback={0x0, 0x1}}, 0x1c)
ioctl$sock_SIOCGIFBR(r2, 0x8940, &(0x7f0000000000)=@generic={0x0, 0x8, 0xb71})
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)
ioctl$sock_ifreq(r1, 0x891e, &(0x7f00000001c0)={'eql\x00', @ifru_ivalue=0xff})

2018/05/15 13:08:13 executing program 0:
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000000)="c98a616d4faadabf891869090000006335e6ae763ab66fd9fa240000000000")

2018/05/15 13:08:13 executing program 4:
bpf$MAP_CREATE(0x60f6, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:13 executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.stat\x00', 0x0, 0x0)
ioctl$TCSBRK(r0, 0x5409, 0x5)
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r1 = gettid()
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r0, &(0x7f0000000100)={0x10})
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r2=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r2+30000000}}, &(0x7f0000040000))
tkill(r1, 0x1000000000016)

2018/05/15 13:08:13 executing program 7:
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000040)={&(0x7f0000000000)='./file0\x00'}, 0x10)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x9476fe3)
ioctl$KVM_TPR_ACCESS_REPORTING(0xffffffffffffffff, 0xc028ae92, &(0x7f00000001c0)={0x2fdc})
fsetxattr(0xffffffffffffffff, &(0x7f0000000100)=@known='com.apple.FinderInfo\x00', &(0x7f0000000140)='#wlan0proc\x00', 0xb, 0x3)
socketpair$inet6(0xa, 0x802, 0x7fff, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000002c0)='io.stat\x00', 0x0, 0x0)
sendto$unix(r1, &(0x7f0000000300)="f5b24cbde84cc2e1cae464c959b093c51c3f3f2e231917fc94eaa130f079f8757b3fb9ffe902b7789d2e2396e1461da6d6400fffae477329dde5a194d925f95fe2a2dad39b3589953f2e28cd1d8d07a6e6acbb93c7b4e869c89cd7ed9f8f35cab04af0afc2da61ca5b977f233049a0493e4a3fd696d967071f8e652f931f458574519ee3692f155383092d6972f371d91f8347fe1de68a373a7f4f3999dce804ce5c6ba391282ebf425d7747e2048e6a2b4a5a8911212d853fff3d370d502a92267731b694519639ac3562fde4ab56fc8e1b09b14cf851", 0xd7, 0x40, &(0x7f0000000400)=@abs={0x1, 0x0, 0x6}, 0x6e)
getsockopt$inet6_tcp_int(r0, 0x6, 0x18, &(0x7f00000000c0), &(0x7f0000000180)=0x4)
r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000200)='/proc/self/net/pfkey\x00', 0x90000, 0x0)
accept4$llc(r2, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @random}, &(0x7f0000000280)=0x10, 0x80800)

[  350.115585] binder: BC_ACQUIRE_RESULT not supported
[  350.137497] binder: 21429:21432 ioctl c0306201 20000200 returned -22
2018/05/15 13:08:14 executing program 4:
bpf$MAP_CREATE(0xd201000000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:14 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004001200000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:14 executing program 7:
r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x8300, 0x0)
ioctl$KVM_SET_DEBUGREGS(r0, 0x4080aea2, &(0x7f0000000040)={[0x5000, 0x0, 0x0, 0x100000], 0x2, 0x1, 0x6})
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff})
fcntl$setpipe(r1, 0x407, 0x9476fe0)
socket$inet6_tcp(0xa, 0x1, 0x0)

2018/05/15 13:08:14 executing program 0:
socketpair(0x3, 0x5, 0x5, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
getpeername(r0, &(0x7f0000000140)=@ll={0x0, 0x0, <r2=>0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f00000001c0)=0x80)
sendto$packet(r1, &(0x7f00000000c0)="a5b425e6616cc7393df838b6993d28211bc2fac559fe5508aab45716c84c2bace4e2d8129556f73336f5a7f56cdc33946bfcff9651d87a76f9aeca717f169bc037f21893daf42020d0398a9764001122afa772d7fa85460dfe0b37832856b03789975a8bc8517ff63acd19451190ecc3a125795978797abab8f8bdc6", 0x7c, 0x0, &(0x7f0000000200)={0x11, 0x1d, r2, 0x1, 0x1000, 0x6, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}}, 0x14)
ioctl$KDSKBSENT(r1, 0x4b49, &(0x7f0000000240)="c3eb5996789f141040acd61f273d1be8725f5a5acda01fb01740a2c87cbd239ddecc23aab628905eb1a52b40ec03feaf547b238b80f1a185c3344db95640b11af8487ae8545c0eac3a4c9a1671f192efd881be90a755e2c81a7b045a6e2e23702ba85a9523141435f685b82718ea62d9ec45e959e98d5d4b6d8b420d6afdead5689a8c16d1ee3ab015d3b0e3f1e88e913b750e764359ddd655d7fec76d46219b95b3bb8392dd68407b49a09d3b6fc39d74ceafc0c1d77b7db0dfb4e39a4a360138f8abdd667f06732d1a88f7c3de8ba603f6927025801017ab9b3994f15ee64b3dee6cc79d935a5cd09c57c892508a2d637f3cd45361988a")
getsockopt$llc_int(r1, 0x10c, 0x4, &(0x7f0000000040), &(0x7f0000000080)=0x4)
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))

2018/05/15 13:08:14 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x4008630a, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:14 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = syz_open_dev$adsp(&(0x7f0000000000)='/dev/adsp#\x00', 0x5, 0x0)
r2 = fcntl$dupfd(r0, 0x406, r0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, r2)
r3 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r3, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r3, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:08:14 executing program 5:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
setsockopt$inet_MCAST_LEAVE_GROUP(r0, 0x0, 0x2d, &(0x7f0000000340)={0x4, {{0x2, 0x4e21, @rand_addr=0x8bd}}}, 0x88)
ioctl$KVM_S390_UCAS_UNMAP(r1, 0x4018ae51, &(0x7f0000000040)={0x2, 0x3})
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f00000000c0)={<r2=>0x0, 0x9}, &(0x7f0000000100)=0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f00000002c0)=[@in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x21}}, @in6={0xa, 0x4e20, 0x3ff, @mcast2={0xff, 0x2, [], 0x1}, 0x4}, @in={0x2, 0x4e24, @broadcast=0xffffffff}, @in6={0xa, 0x4e20, 0x4, @mcast2={0xff, 0x2, [], 0x1}, 0x3}], 0x58)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f00000001c0)={r2, @in6={{0xa, 0x4e20, 0x1de, @empty, 0x5}}, 0x9, 0x400}, 0x90)
setsockopt$netlink_NETLINK_PKTINFO(r1, 0x10e, 0x3, &(0x7f0000000000)=0x3, 0x4)
fcntl$setpipe(r0, 0x407, 0x9476fdf)
vmsplice(r1, &(0x7f0000000280)=[{&(0x7f0000000180)='r', 0x1}], 0x1, 0x0)

2018/05/15 13:08:14 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f00000001c0)={0x77359400}, &(0x7f0000048000), 0x0)
r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x7, 0x100)
clock_gettime(0x0, &(0x7f0000000200)={<r1=>0x0, <r2=>0x0})
write$sndseq(r0, &(0x7f0000000240)=[{0x1, 0x9, 0x1000, 0x7, @tick=0x7fffffff, {0x6, 0x9}, {0x7a, 0xffffffffffff8001}, @addr={0x3, 0x2}}, {0x1, 0x850a, 0x2, 0x1, @time={0x0, 0x1c9c380}, {0x4, 0x6}, {0x80, 0x2}, @note={0x8, 0xffff, 0x5, 0x0, 0x1ff}}, {0x400, 0x3, 0x5, 0x4, @time={0x77359400}, {0x2, 0x5b0f291f}, {0x80}, @time=@time={0x0, 0x989680}}, {0x2, 0x2, 0x5, 0x96, @tick=0xd5c, {0x20, 0x7ff}, {0x81, 0x7ff}, @raw8={"fa5c412b49f9d90e4a08c344"}}, {0x5ffed6b0, 0xaa, 0x3ff, 0x0, @time={r1, r2+30000000}, {0x400, 0x71}, {0x1, 0x80000001}, @result={0x85, 0xa749}}, {0x7, 0x3, 0x0, 0xf16c, @tick=0x2, {0x6, 0xd5}, {0x2, 0x2}, @queue={0x7, {0x8, 0x3}}}, {0x8, 0x3, 0xfffffffffffffffb, 0x4, @tick=0x7fff, {0x2e9, 0x4}, {0x4, 0x5}, @note={0x80, 0x6, 0x85, 0x1, 0xfffffffffffffffc}}], 0x150)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r3 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x40000, 0x0)
getsockopt$inet_sctp6_SCTP_NODELAY(r4, 0x84, 0x3, &(0x7f0000000100), &(0x7f0000000140)=0x4)
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r5=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r5+30000000}}, &(0x7f0000040000))
setsockopt$sock_int(r4, 0x1, 0x2e, &(0x7f0000000180)=0x4, 0x4)
tkill(r3, 0x1000000000016)

2018/05/15 13:08:14 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004001100000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

[  351.203639] binder: BC_ATTEMPT_ACQUIRE not supported
[  351.229182] binder: 21466:21468 ioctl c0306201 20000200 returned -22
2018/05/15 13:08:14 executing program 4:
bpf$MAP_CREATE(0x96020000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:14 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x630c, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:14 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x407, 0x9476fe0)
fsetxattr(r1, &(0x7f0000000000)=@random={'btrfs.', "73797374656d776c616e313a656d305e6367726f75706c6f402c5e1600"}, &(0x7f0000000040)='lo*!nodevcgroup]\x00', 0x11, 0x3)
vmsplice(r0, &(0x7f0000000500)=[{&(0x7f0000000100)="d2fa3a6e02a0fd0711364d693a74b229a32489ecc8e8546ea92e15b2a9b6c6cf20ce3fd526aff386ebb0ddbdb51408021bd9960b16d64a109c5f4f4a326ac2a8b908ccc45a8f6ec1f49f66a6d7e0c41d86f615fae6ef60377a6e6b3d3a59098597cc42ebe5eb7c6c39cc26a76ae5c547f7696a7fe7e964a9de7b986f1df8e90eeed6cf5a3bc7d3b19773f9dee34014bd3111d51d0010b40d7f9885e962b15fff8716fb1ac4e674f3933a6f87124772dd211619", 0xb3}, {&(0x7f00000001c0)="797e97567c1a50ca6c968f5c52556e46ed0cf9b3183c4c3ca68733baafd8252e65077d70349dcbe28733c5ac261616f07682539eb4631538b1452398fc33d0463c3ccdeb0bd8a550d9da0854b9eba9f5e03c0da6cf6da0e62155b19c3bc2d746f03f8c3cdbe69759ea368d8b6e80216beb189d0ff36c60f1804c9f3728edce3b564313cb71242e5c997e38176f5ca0397f493d82767fd3913088a932f0434b1494284ba9f96ec3127b71ed4c463872722ed264c5e599b598c36b2ab31c0b41291cf9cd96cbf29dd8217a17dd3116a0e2e4cd0f00da0ab378ce44e16042948e4a072f117f7cdd6c1388e181263ba9673403d4aa321ae99652", 0xf8}, {&(0x7f00000002c0)="e93b826e", 0x4}, {&(0x7f0000000300)="a4d80fc6b118e97a7522a3cabaef9e9c6f4a3f140e66a74cab8c94ffe98fafc605d49c0b50e12b18c8537bb0360d47f7a61e3a747b61363e9a0fa2ae8326e2c2328481e72445be968985f4b93e2c7638d651e1f28889875493734a92de9b105d3eff8f2db3cde40500c407f5d7c8f8ee4967feaec8046fe11cdee505733b60c2786c252be31c1df7cda51ff522cd9531e347ef09cfe62a6c", 0x98}, {&(0x7f00000003c0)="a2e4933c6fbfb91e72c476a10d618ee35ba36d5f46eb119b3a81f762a937c4a41412d532015ac69d7c93db97436b5e938bf9f2f231f11da2e47d7389a8b2e12395f0743c2c762cf56a6f50253c1e3b77fdea2d06ef1db9c823b1e623b54cd8a567773b35", 0x64}, {&(0x7f0000000440)="943b4e189d5723f05c809bb57d6e543f151011dbec5882cf40bd190d353ad687001828bbac7d839f35ba7a6ace44cb7799b76b0f042ec56c2c86858d86530d58acb39dd3fa65c3e79d9a97b9aa9debc8372518bb57ab", 0x56}, {&(0x7f00000004c0)="0966a60ad270", 0x6}], 0x7, 0x1)
ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r1, 0xc0045520, &(0x7f00000000c0)=0xc6d)

2018/05/15 13:08:14 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$RDS_RECVERR(r1, 0x114, 0x5, &(0x7f0000000000), 0x4)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)
connect$nfc_raw(r1, &(0x7f0000000080)={0x27, 0x1, 0x1, 0x5}, 0x10)

2018/05/15 13:08:14 executing program 0:
r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000040)='/dev/full\x00', 0x4000, 0x0)
ioctl$KDGKBTYPE(r0, 0x4b33, &(0x7f0000000000))
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))

[  351.347925] binder: 21492:21495 unknown command 0
[  351.365486] binder: 21492:21495 ioctl c0306201 20000200 returned -22
2018/05/15 13:08:14 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004001500000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:14 executing program 4:
bpf$MAP_CREATE(0x11, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:14 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40046304, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:14 executing program 1:
r0 = socket$inet6(0xa, 0x0, 0x4)
shutdown(r0, 0xfffffffffffffffe)
fcntl$setpipe(r0, 0x407, 0x1ff)
r1 = dup2(r0, r0)
ioctl$TIOCGPGRP(r1, 0x540f, &(0x7f0000001700))
getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000001740)={{{@in6=@mcast2, @in=@multicast2}}, {{@in6=@dev}, 0x0, @in=@dev}}, &(0x7f0000001840)=0xe8)
fstat(r0, &(0x7f00000001c0))
gettid()
getresuid(&(0x7f0000003380), &(0x7f00000033c0), &(0x7f0000003400))
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000003440), &(0x7f0000003480)=0xc)
ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f00000034c0))
getuid()
getegid()
getpid()
getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000000000)={{{@in6=@ipv4={[], [], @broadcast}, @in=@loopback}}, {{@in6=@mcast2}, 0x0, @in=@loopback}}, &(0x7f0000003600)=0x3d7)
stat(&(0x7f0000003640)='./file0\x00', &(0x7f0000003680))
ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000003700))
getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000003740)={{{@in6=@remote, @in=@loopback}}, {{@in=@remote}, 0x0, @in6}}, &(0x7f0000003840)=0xe8)
getgid()
ioctl$sock_SIOCGPGRP(r1, 0x8904, &(0x7f0000003880))
getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f00000038c0)={{{@in=@multicast1, @in6=@mcast2}}, {{@in6=@remote}, 0x0, @in6=@mcast2}}, &(0x7f00000039c0)=0xe8)
getgid()
socketpair$inet_icmp(0x2, 0x2, 0x1, &(0x7f0000000180))
syz_open_dev$ndb(&(0x7f0000003a40)='/dev/nbd#\x00', 0x0, 0xc0000)
fcntl$getownex(r1, 0x10, &(0x7f0000004d80))
fstat(r1, &(0x7f0000004dc0))
getgroups(0x1, &(0x7f0000004e40)=[0xffffffffffffffff])
fcntl$getownex(r0, 0x10, &(0x7f0000004e80))
getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000004ec0)={{{@in=@rand_addr, @in6=@ipv4={[], [], @dev}}}, {{@in6=@dev}, 0x0, @in6=@mcast1}}, &(0x7f0000000100)=0xe8)
getegid()

2018/05/15 13:08:14 executing program 4:
bpf$MAP_CREATE(0xb8c8030000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:14 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004001600000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

[  351.511020] binder: 21512:21513 IncRefs 0 refcount change on invalid ref 0 ret -22
[  351.518950] binder: 21512:21513 unknown command 0
[  351.551149] binder: 21512:21513 ioctl c0306201 20000200 returned -22
2018/05/15 13:08:15 executing program 0:
r0 = socket$l2tp(0x18, 0x1, 0x1)
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))
r1 = dup3(r0, r0, 0x80000)
ioctl$DRM_IOCTL_AGP_ALLOC(r1, 0xc0206434, &(0x7f0000000080)={0x10000, <r2=>0x0, 0x10001, 0x98})
ioctl$DRM_IOCTL_AGP_ALLOC(r1, 0xc0206434, &(0x7f00000000c0)={0x228, r2, 0x0, 0x10001})
ioctl$sock_ipx_SIOCAIPXITFCRT(r1, 0x89e0, &(0x7f0000000000)=0x6)
setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000040)='yeah\x00', 0x5)

2018/05/15 13:08:15 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406312, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:15 executing program 4:
bpf$MAP_CREATE(0x1a01000000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:15 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000700000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:15 executing program 1:
r0 = socket$inet6(0xa, 0x4000004002, 0x800000000000001a)
shutdown(r0, 0x1)
r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000100)='/dev/null\x00', 0x501000, 0x0)
ioctl$DRM_IOCTL_GET_MAGIC(r1, 0x80046402, &(0x7f0000000440)=0x38)
r2 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0xfffffffffffffe83)
connect$inet6(r2, &(0x7f0000000400)={0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, [], 0x1e}}, 0x1c)
setsockopt$sock_int(r2, 0x1, 0x7, &(0x7f0000000040), 0x4)
ioctl$DRM_IOCTL_AGP_ALLOC(r0, 0xc0206434, &(0x7f0000000000)={0x86, <r3=>0x0, 0x10003})
sendmsg$nl_route_sched(r2, &(0x7f0000000340)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000300)={&(0x7f0000000140)=@gettaction={0x1a4, 0x32, 0x8, 0x70bd25, 0x25dfdbfe, {0x0, 0x4, 0x8}, [@action_gd=@TCA_ACT_TAB={0xa4, 0x1, [{0x10, 0x1f, @TCA_ACT_INDEX={0x8, 0x3, 0x9}}, {0x10, 0x1c, @TCA_ACT_INDEX={0x8, 0x3, 0x2}}, {0x10, 0x8, @TCA_ACT_INDEX={0x8, 0x3, 0x4}}, {0x10, 0x1f, @TCA_ACT_INDEX={0x8, 0x3, 0x327}}, {0x10, 0x12, @TCA_ACT_INDEX={0x8, 0x3, 0x980e}}, {0x18, 0x0, @TCA_ACT_KIND={0x10, 0x1, 'tunnel_key\x00'}}, {0x14, 0x19, @TCA_ACT_KIND={0xc, 0x1, 'skbmod\x00'}}, {0x14, 0x19, @TCA_ACT_KIND={0xc, 0x1, 'sample\x00'}}, {0x10, 0x1e, @TCA_ACT_KIND={0x8, 0x1, 'ipt\x00'}}]}, @action_dump_flags=@TCA_ROOT_TIME_DELTA={0x8, 0x4, 0x100000001}, @action_gd=@TCA_ACT_TAB={0x48, 0x1, [{0x10, 0x3, @TCA_ACT_INDEX={0x8, 0x3, 0x9}}, {0x10, 0x2, @TCA_ACT_KIND={0x8, 0x1, 'nat\x00'}}, {0x10, 0x1a, @TCA_ACT_KIND={0x8, 0x1, 'nat\x00'}}, {0x14, 0x7, @TCA_ACT_KIND={0xc, 0x1, 'skbedit\x00'}}]}, @action_dump_flags=@TCA_ROOT_FLAGS={0xc, 0x2, {0x1}}, @action_gd=@TCA_ACT_TAB={0x88, 0x1, [{0x10, 0x12, @TCA_ACT_INDEX={0x8, 0x3, 0xbf01}}, {0x10, 0xe, @TCA_ACT_KIND={0x8, 0x1, 'ipt\x00'}}, {0x10, 0x1b, @TCA_ACT_INDEX={0x8, 0x3, 0x1}}, {0x10, 0x12, @TCA_ACT_INDEX={0x8, 0x3, 0x1}}, {0x10, 0x3, @TCA_ACT_INDEX={0x8, 0x3, 0x200}}, {0x10, 0x1f, @TCA_ACT_INDEX={0x8, 0x3, 0x2}}, {0x10, 0x14, @TCA_ACT_INDEX={0x8, 0x3, 0x1}}, {0x14, 0x11, @TCA_ACT_KIND={0xc, 0x1, 'gact\x00'}}]}, @action_dump_flags=@TCA_ROOT_TIME_DELTA={0x8, 0x4, 0x100}]}, 0x1a4}, 0x1}, 0x40000)
ioctl$EVIOCGSND(r2, 0x8040451a, &(0x7f0000000380)=""/66)
ioctl$DRM_IOCTL_SG_ALLOC(r2, 0xc0106438, &(0x7f0000000080)={0x5, r3})

2018/05/15 13:08:15 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff})
syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x0, 0x200800)
fcntl$setpipe(r0, 0x407, 0x9476fe0)

2018/05/15 13:08:15 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r1=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r1+30000000}}, &(0x7f0000040000))
tkill(r0, 0x1000000000016)
r2 = accept$ax25(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000100)=0x10)
r3 = syz_open_dev$audion(&(0x7f00000001c0)='/dev/audio#\x00', 0x2, 0x0)
ioctl$PIO_FONTRESET(r3, 0x4b6d, 0x0)
getsockopt$sock_linger(r2, 0x1, 0xd, &(0x7f0000000140), &(0x7f0000000180)=0x8)

2018/05/15 13:08:15 executing program 5:
pipe(&(0x7f00000002c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
vmsplice(r1, &(0x7f0000000280)=[{&(0x7f00000001c0)="724eedd25fe7c74cbe43af056a76d1d1689ccd833f4867025e662c6cb4b33e2a980438d515503621a79a28f4d68463d4ce6f47e6c5a3cae3bc9ec16e1471795c153c482fa67617adeda9179e346e8c28606fa91bd83065c2859ae7428d226a957b27f4d60d100b709b408a783fc9f437e457facc6d9be2fe8ccc6b822287062586278f1dba4023afadc1177d3ae96226a0fb35a1b34f9b8932a8afa7a551fac834", 0xfffffffffffffea7}], 0x1, 0x1)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x0, 0xe9, 0x2, 0x80000001, 0x5, r0, 0x40}, 0x2c)
setsockopt$inet_sctp_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f0000000040)=0xc6dc, 0x4)

2018/05/15 13:08:15 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400000000000000020038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

[  352.372224] binder: 21543:21545 unknown command 1077961490
[  352.387170] binder: 21543:21545 ioctl c0306201 20000200 returned -22
2018/05/15 13:08:15 executing program 4:
bpf$MAP_CREATE(0xc400000000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:15 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
setsockopt$l2tp_PPPOL2TP_SO_RECVSEQ(r1, 0x111, 0x2, 0x1a4c, 0x4)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:08:15 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406325, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:15 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x407, 0x9c76fe0)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r1, 0x408c5333, &(0x7f00000000c0)={0x8, 0x3bb2, 0x100000001, 'queue1\x00', 0x61})
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000000)={<r2=>0x0}, &(0x7f0000000040)=0xc)
fcntl$setown(r0, 0x8, r2)

2018/05/15 13:08:15 executing program 0:
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))
r0 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x4, 0x20000)
ioctl$KVM_DEASSIGN_DEV_IRQ(r0, 0x4040ae75, &(0x7f0000000040)={0x4, 0x6, 0x40, 0x703})

2018/05/15 13:08:16 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400000000000000120038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

[  352.540163] binder: 21575:21577 unknown command 1077961509
[  352.567234] binder: 21575:21577 ioctl c0306201 20000200 returned -22
2018/05/15 13:08:16 executing program 4:
bpf$MAP_CREATE(0x1200000000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:16 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:16 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
r2 = shmget$private(0x0, 0x1000, 0x20, &(0x7f0000ffd000/0x1000)=nil)
shmctl$IPC_INFO(r2, 0x3, &(0x7f00000000c0)=""/200)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e23, 0x200000000000000, @loopback={0x0, 0x1}}, 0xfffffffffffffdd7)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:08:16 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x407, 0x9476fe0)
ioctl$KVM_CHECK_EXTENSION_VM(r0, 0xae03, 0x6)

2018/05/15 13:08:16 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400000014000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:16 executing program 0:
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))
r0 = syz_open_dev$mice(&(0x7f0000000380)='/dev/input/mice\x00', 0x0, 0x2000)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r0, 0x40a85323, &(0x7f00000003c0)={{0x401, 0x4f80814b}, 'port1\x00', 0x0, 0x1040, 0x7e05751d, 0x9, 0x1, 0x7f, 0x7f, 0x0, 0x5, 0xfffffffffffffffd})
ioctl$KVM_X86_SETUP_MCE(r0, 0x4008ae9c, &(0x7f0000000040)={0x3, 0x2, 0x6458bc52})
socketpair$inet6(0xa, 0x5, 0x9, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(r2, 0x84, 0x1a, &(0x7f00000004c0)={<r3=>0x0, 0xfffffffffffffd40, "2a7fe3a4938f1e30bb429c49cab85ff201ca2e90404f303ed7e24097"}, &(0x7f00000000c0)=0x32)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000080)={<r4=>0x0})
ioctl$DRM_IOCTL_DMA(r0, 0xc0406429, &(0x7f0000000340)={r4, 0x4, &(0x7f0000000240)=[0x6, 0x7, 0x100000001, 0xfff], &(0x7f0000000280)=[0x7f, 0x7, 0x200, 0xa, 0x10000002a6c34a4, 0x0], 0x2, 0x5, 0x6, &(0x7f00000002c0)=[0x8, 0x7, 0x40, 0x6, 0x4], &(0x7f0000000300)=[0x7, 0x6, 0x0, 0x6, 0x101, 0x3ff, 0x1ff, 0x8, 0x1]})
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000100)={r3, @in={{0x2, 0x4e23}}, 0xfb14, 0x4, 0x5, 0xf6ba, 0x1}, 0x98)
signalfd(r1, &(0x7f0000000200)={0x99}, 0x8)
openat$pfkey(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/net/pfkey\x00', 0x800, 0x0)

2018/05/15 13:08:16 executing program 5:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
epoll_create(0x800)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
r2 = shmget$private(0x0, 0x3000, 0x78000008, &(0x7f0000ffd000/0x3000)=nil)
shmctl$IPC_INFO(r2, 0x3, &(0x7f0000000100)=""/101)
getsockname$packet(r0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000000c0)=0x14)
vmsplice(r1, &(0x7f0000000280)=[{&(0x7f0000000180)='r', 0x1}], 0x1, 0x0)
openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x400400, 0x0)

2018/05/15 13:08:16 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = gettid()
timer_create(0x1, &(0x7f0000044000)={0x0, 0x12, 0x1}, &(0x7f0000000000))
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r1=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r1+30000000}}, &(0x7f0000040000))
tkill(r0, 0x1000000000016)

2018/05/15 13:08:16 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400000011000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:16 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
ioctl$BLKTRACETEARDOWN(r1, 0x1276, 0x0)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000000)=0x205c, 0x100000001)

[  353.376612] binder: 21605:21607 unknown command 1077961489
[  353.406133] binder: 21605:21607 ioctl c0306201 20000200 returned -22
2018/05/15 13:08:16 executing program 4:
bpf$MAP_CREATE(0xb200000000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:16 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
bind$vsock_stream(r1, &(0x7f0000000100)={0x28, 0x0, 0x2710, @hyper}, 0xfffffffffffffe84)
mq_getsetattr(r0, &(0x7f0000000000)={0x6, 0x3f, 0x0, 0x0, 0x3, 0x0, 0x0, 0x401}, &(0x7f0000000040))
fcntl$setpipe(r0, 0x407, 0x9476fe0)

2018/05/15 13:08:16 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40046307, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

[  353.520865] binder: 21634:21636 DecRefs 0 refcount change on invalid ref 0 ret -22
[  353.528753] binder: 21634:21636 unknown command 0
[  353.610100] binder: 21634:21636 ioctl c0306201 20000200 returned -22
2018/05/15 13:08:18 executing program 4:
bpf$MAP_CREATE(0x6200, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:18 executing program 7:
r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000040)='/dev/full\x00', 0x220000, 0x0)
bind$rds(r0, &(0x7f0000000080)={0x2, 0x4e23, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10)
pipe(&(0x7f0000000000)={<r1=>0xffffffffffffffff})
fcntl$setpipe(r1, 0x407, 0x9476fe0)

2018/05/15 13:08:18 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400120000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:18 executing program 1:
r0 = socket$inet6(0xa, 0x7fc, 0x1f)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000000)='IPVS\x00')

2018/05/15 13:08:18 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:18 executing program 0:
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))
syz_open_dev$ndb(&(0x7f0000000000)='/dev/nbd#\x00', 0x0, 0x20000)
r0 = syz_open_dev$midi(&(0x7f0000000040)='/dev/midi#\x00', 0x1, 0x100)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={r0, 0x0, 0x1, 0x1, &(0x7f0000000080)=[0x0, 0x0], 0x2}, 0x20)

2018/05/15 13:08:18 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x989680}, &(0x7f0000000240), 0x0)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000100)={&(0x7f00000000c0)='./file0\x00', 0x0, 0x8}, 0x10)
futex(&(0x7f000000cffc), 0x9, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
clock_gettime(0xfffffffdfffffffc, &(0x7f0000000000))
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, 0x1c9c380}}, &(0x7f0000040000))
syz_open_procfs$namespace(r0, &(0x7f0000000140)='ns/pid_for_children\x00')
tkill(r0, 0x1000000000016)
r1 = accept4$inet(0xffffffffffffff9c, 0x0, &(0x7f0000000180), 0x80000)
ioctl$sock_SIOCBRADDBR(r1, 0x89a0, &(0x7f00000001c0)='syz_tun\x00')

2018/05/15 13:08:18 executing program 5:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zero\x00', 0x8000, 0x0)
ioctl$EVIOCSABS20(r0, 0x401845e0, &(0x7f0000000080)={0xe8e, 0x81, 0x7fffffff, 0x40, 0x5, 0x5})
ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
pipe(&(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f00000001c0), 0xfaa8a4c0)
fcntl$setpipe(r1, 0x407, 0x9476fe0)
vmsplice(r2, &(0x7f0000000280)=[{&(0x7f0000000180)='r', 0x1}], 0x1, 0x0)

2018/05/15 13:08:18 executing program 4:
bpf$MAP_CREATE(0x296, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

[  354.741520] binder: 21658:21659 transaction failed 29189/-22, size 0-0 line 2856
2018/05/15 13:08:18 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400050000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:18 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)
getsockopt$inet6_mreq(r0, 0x29, 0x15, &(0x7f0000000000)={@remote, <r2=>0x0}, &(0x7f0000000080)=0x14)
setsockopt$inet_mreqn(r1, 0x0, 0x23, &(0x7f00000000c0)={@multicast1=0xe0000001, @empty, r2}, 0xc)

2018/05/15 13:08:18 executing program 7:
r0 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0x2, 0x20000)
ioctl$KVM_SET_TSS_ADDR(r0, 0xae47, 0xd000)
getsockopt$bt_rfcomm_RFCOMM_LM(r0, 0x12, 0x3, &(0x7f0000000040), &(0x7f00000000c0)=0x4)
pipe(&(0x7f0000000080)={<r1=>0xffffffffffffffff})
fcntl$setpipe(r1, 0x407, 0x9476fe0)

2018/05/15 13:08:18 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40486312, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:18 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = gettid()
r1 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0x3, 0x1)
ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(r1, 0x40405514, &(0x7f0000000100)={0x8, 0x7, 0x7fff, 0x800, "cd952d11191d02e204f41538aef9377144986a55700a81371372a7536d5176d2c064ac4688345a473740fce0", 0xfff})
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r2=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r2+30000000}}, &(0x7f0000040000))
tkill(r0, 0x1000000000016)

2018/05/15 13:08:18 executing program 4:
bpf$MAP_CREATE(0x126, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:18 executing program 0:
r0 = accept$inet6(0xffffffffffffff9c, &(0x7f0000000000)={0x0, 0x0, 0x0, @local}, &(0x7f0000000040)=0x1c)
getsockopt$inet_sctp6_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000000080)={<r1=>0x0, 0x6, 0x100000001, 0x1}, &(0x7f00000000c0)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000100)={r1, @in={{0x2, 0x4e21, @remote={0xac, 0x14, 0x14, 0xbb}}}}, &(0x7f00000001c0)=0x84)
getsockopt$inet_sctp6_SCTP_RECVNXTINFO(r0, 0x84, 0x21, &(0x7f0000000200), &(0x7f0000000240)=0x4)
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))

2018/05/15 13:08:18 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000416000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

[  354.931824] binder: 21692:21693 got reply transaction with no transaction stack
[  354.939441] binder: 21692:21693 transaction failed 29201/-71, size 0-0 line 2763
2018/05/15 13:08:18 executing program 4:
bpf$MAP_CREATE(0xea010000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:18 executing program 7:
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
openat$uinput(0xffffffffffffff9c, &(0x7f0000000000)='/dev/uinput\x00', 0x280180, 0x0)
fcntl$setpipe(r0, 0x407, 0x9476fde)

2018/05/15 13:08:18 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40106309, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:18 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
setsockopt$inet_sctp6_SCTP_NODELAY(r1, 0x84, 0x3, &(0x7f0000000000)=0xbd, 0x4)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:08:18 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c46000000000000000000000000040004000000000000001f0038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

[  355.086081] binder: 21713:21714 BC_ACQUIRE_DONE u0000000000000000 no match
[  355.093393] binder: 21713:21714 unknown command 0
2018/05/15 13:08:18 executing program 4:
bpf$MAP_CREATE(0x342, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

[  355.156471] binder: 21713:21714 ioctl c0306201 20000200 returned -22
2018/05/15 13:08:19 executing program 5:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
fcntl$setstatus(r0, 0x4, 0x6000)
pipe(&(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f00000001c0), 0xfaa8a4c0)
fcntl$setpipe(r1, 0x407, 0x9476fe0)
vmsplice(r2, &(0x7f0000000280)=[{&(0x7f0000000180)='r', 0x1}], 0x1, 0x0)

2018/05/15 13:08:19 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400000000000000110038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:19 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff})
lsetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)=@known='user.syz\x00', &(0x7f00000000c0)='ppp1\x00', 0x5, 0x2)
setsockopt$inet_sctp6_SCTP_AUTOCLOSE(r0, 0x84, 0x4, &(0x7f0000000100)=0x401, 0x4)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000140)={0x1, 0x7})

2018/05/15 13:08:19 executing program 0:
r0 = memfd_create(&(0x7f0000000280)="256370557073656c6647504c6e6f646576706f7369785f61636c5f6163636573732f76626f07000009306b657972696e67776c616e305d6b657972696e04000000f3e243340c990000000000000000", 0x2)
clone(0x4000, &(0x7f0000000100)="a926cf4fbc6702098c45f89442315114ce34d1399ae69412c791097282bb7dd4ac7d06f496151df21b737c4a6b0bdfe2febac3bc6bb12bf1d9edd981adc232bcf356f8c565ab36f3f344c04d4e84b966cf2286a19fb3a0033350647d7889799baf65fd0b5f6494ad703cdec41d464d85f2be2357343538037c8979c6ced9a8e8b91c7ed085394557dc3e003508a39e9a2eb2f3a0d8c83b9d9680d7cae4b63c3a6b662f6e225822f9b154b825ba7a3b5a021e33d385537825322212b2ea114e0c97e3a5b0", &(0x7f00000000c0), &(0x7f0000000200), &(0x7f0000000240)="c70ac5a6cb5fee8c0f27578f818982ccbc75cd4d4a7d16fafcc8d80a1cf71a782541d18e1d0f0150f7135de57898e8cc406fde")
r1 = semget$private(0x0, 0x3, 0x8)
semtimedop(r1, &(0x7f0000000000)=[{0x6, 0xc51f, 0x1000}, {0x6, 0xc75}, {0x7, 0x42c, 0x1000}], 0x3, &(0x7f0000000040)={0x77359400})
ioctl$VHOST_SET_VRING_ENDIAN(r0, 0x4008af13, &(0x7f0000000080)={0x3, 0x3})
getsockopt$inet_mreqsrc(r0, 0x0, 0x25, &(0x7f0000000340)={@multicast2, @rand_addr, @multicast2}, &(0x7f0000000380)=0xc)
inotify_add_watch(r0, &(0x7f0000000300)='./file0\x00', 0x10)

2018/05/15 13:08:19 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406363, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:19 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)
fcntl$setlease(r0, 0x400, 0x2)

[  355.675439] binder: 21736:21743 unknown command 1077961571
[  355.699962] binder: 21736:21743 ioctl c0306201 20000200 returned -22
2018/05/15 13:08:20 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r1=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r1+30000000}}, &(0x7f0000040000))
tkill(r0, 0x26)

2018/05/15 13:08:20 executing program 4:
bpf$MAP_CREATE(0x30030000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:20 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x407, 0x9476fe0)
getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000000)={<r1=>0x0, 0x6}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f00000000c0)={r1, @in6={{0xa, 0x4e21, 0x5, @mcast2={0xff, 0x2, [], 0x1}, 0x7fffffff}}}, 0x84)

2018/05/15 13:08:20 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x630d, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:20 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400000004000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:20 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:08:20 executing program 0:
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))
r0 = add_key$user(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={0x73, 0x79, 0x7a, 0x3}, &(0x7f0000000080)="deaad755df3a62a91c36a49c48dc17b03df8c60204dd0328ba1980cf4b1b33e88bb466dcee7bd0d975123fabdd97ea35113cd313f794ebfadb20090a85e8caf2452e256824f820e7bc67f391ab6bf4e26e525c6428c5425f6c47b4abbac52487d1e4fb", 0x63, 0xffffffffffffffff)
keyctl$update(0x2, r0, 0x0, 0x0)

2018/05/15 13:08:20 executing program 5:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
splice(r0, &(0x7f0000000000), r0, &(0x7f0000000040), 0x6, 0x5)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
vmsplice(r1, &(0x7f0000000280)=[{&(0x7f0000000180)='r', 0x1}], 0x1, 0x0)

[  356.606611] binder: 21764:21766 unknown command 0
2018/05/15 13:08:20 executing program 4:
bpf$MAP_CREATE(0x132, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:20 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff})
syz_open_dev$audion(&(0x7f0000000040)='/dev/audio#\x00', 0x95, 0x40)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
getsockopt$inet6_dccp_buf(r0, 0x21, 0xc0, &(0x7f00000000c0)=""/4096, &(0x7f0000000000)=0x1000)

2018/05/15 13:08:20 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400000015000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

[  356.629255] binder: 21764:21766 ioctl c0306201 20000200 returned -22
2018/05/15 13:08:20 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406300, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:20 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e24, 0x4, @ipv4={[], [0xff, 0xff], @rand_addr}, 0x8}, 0x1c)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0)='tls\x00', 0x4)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040)=0xffffffffffff0000, 0x142)
ioctl$sock_ipx_SIOCIPXCFGDATA(r1, 0x89e2, &(0x7f0000000000))
sync_file_range(0xffffffffffffff9c, 0x40, 0xff, 0x1)

2018/05/15 13:08:20 executing program 4:
bpf$MAP_CREATE(0xc689020000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:20 executing program 0:
r0 = syz_open_dev$amidi(&(0x7f00000000c0)='/dev/amidi#\x00', 0x8, 0x200)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000140)={0xaa, 0x55})
clone(0x4000, &(0x7f00000002c0)="d0e60ae640361444da014c47d2e379d1c4ce9d6b2cc4f59ef25396b148215ec2bd0bc675e9d4391de46337283d2ab7e9d1679131bd07e612e94b49020eaf2b1ecd0d2d4adab57fe856cbc16ed88c7e8bc8c08c6c2ddd5879265bf7de90b1ed506a1a4578f74411fbc9d9e9198d11e62c61fc0cc427b8f46314b37bf37969159cbd0f6cd7e573978708dd7c3f3f496a57293cd9f144cd87a0b06fe018497eef0d4898922302c90c47c427e462032bcea08b4e2136cf3141459408b8b5c1ce171096a2c5", &(0x7f0000000580), &(0x7f00000003c0), &(0x7f0000000280))
getpeername(0xffffffffffffff9c, &(0x7f0000000000)=@pppol2tpv3in6={0x0, 0x0, {0x0, <r1=>0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, @mcast1}}}, &(0x7f0000000080)=0x80)
ioctl$sock_inet_udp_SIOCOUTQ(r1, 0x5411, &(0x7f0000000100))

2018/05/15 13:08:20 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000414000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

[  356.758490] binder: 21794:21795 transaction failed 29189/-22, size 0-0 line 2856
2018/05/15 13:08:20 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = gettid()
r1 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x20d, 0x40242)
r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000140)='IPVS\x00')
sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="20802dbd7000fbdbdf250e0000000800050040000000240002000800030006000000080002004e230000080005000100000000000b00020000000c0003000800010003000000"], 0x4c}, 0x1, 0x0, 0x0, 0x20040800}, 0x80)
recvfrom(r1, &(0x7f0000000280)=""/13, 0xd, 0x1, &(0x7f00000002c0)=@alg={0x26, 'skcipher\x00', 0x0, 0x0, 'lrw-camellia-aesni-avx2\x00'}, 0x80)
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r3=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r3+30000000}}, &(0x7f0000040000))
tkill(r0, 0x1000000000016)

2018/05/15 13:08:20 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x407, 0x9476fe0)
ioctl$sock_inet_SIOCSIFBRDADDR(r0, 0x891a, &(0x7f0000000000)={'syz_tun\x00', {0x2, 0x4e24, @rand_addr=0x100000001}})
ioctl$TIOCLINUX7(r0, 0x541c, &(0x7f0000000040)={0x7, 0x200})

2018/05/15 13:08:20 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406302, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:20 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x40202, 0x0)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040)=0x1, 0x4)

2018/05/15 13:08:20 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400000002000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:20 executing program 4:
bpf$MAP_CREATE(0x72020000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:20 executing program 0:
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))
r0 = syz_open_dev$sndpcmp(&(0x7f0000000040)='/dev/snd/pcmC#D#p\x00', 0xfffffffffffffffc, 0x0)
ioctl$BLKPG(r0, 0x1269, &(0x7f0000000140)={0x7fffffff, 0x400, 0xa3, &(0x7f0000000080)="3bde21d75bd0881148ebff602343f0dd6311ab891f97af519433590dc07007f5c0efc9121edf5cd0a043073df22a980552f6b93f9b1e4e6bcbab59ca4ef9c65d9ee7d9ddf43a887fe4961f96b685a3de4450c79912b8fe5d667d7d43bd31460de02fc651417a9f467691d51d898b5aac84cc185734cd3b2cb1bd45720a1efdec3210eb1de9e8f3186aeb4eb432eba1a3104430ee72b5d0ed3e27351ff8a3a3139ff104"})
r1 = dup3(0xffffffffffffffff, 0xffffffffffffff9c, 0x80000)
accept$ipx(r1, 0x0, &(0x7f0000000000))

2018/05/15 13:08:20 executing program 5:
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
write(r0, &(0x7f00000001c0), 0xfaa8a4c0)
fcntl$setpipe(r0, 0x407, 0x5)
vmsplice(r0, &(0x7f0000000280)=[{&(0x7f0000000180)='r', 0x1}], 0x1, 0x0)

2018/05/15 13:08:21 executing program 4:
bpf$MAP_CREATE(0xee030000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:21 executing program 7:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$KVM_HAS_DEVICE_ATTR(r0, 0x4018aee3, &(0x7f0000000240)={0x0, 0x8, 0x81, &(0x7f0000000200)=0x2})
sendmsg$IPVS_CMD_DEL_DAEMON(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x74, 0x0, 0x100, 0x70bd2d, 0x25dfdbff, {0xa}, [@IPVS_CMD_ATTR_SERVICE={0xc, 0x1, [@IPVS_SVC_ATTR_PORT={0x8, 0x4, 0x4e23}]}, @IPVS_CMD_ATTR_SERVICE={0x28, 0x1, [@IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x1}, @IPVS_SVC_ATTR_PORT={0x8, 0x4, 0x4e24}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@loopback={0x0, 0x1}}]}, @IPVS_CMD_ATTR_DEST={0x14, 0x2, [@IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x101}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x3}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x800}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x7}]}, 0x74}, 0x1, 0x0, 0x0, 0x4000000}, 0xd0)
fcntl$setpipe(r1, 0x407, 0x7)
socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000000))

2018/05/15 13:08:21 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400000012000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

[  357.544600] binder: 21827:21834 unknown command 1077961474
[  357.572130] binder: 21827:21834 ioctl c0306201 20000200 returned -22
2018/05/15 13:08:21 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406353, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:21 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23, 0x0, @remote={0xfe, 0x80, [], 0xbb}, 0x200000000000000}, 0xac)
getsockopt$IPT_SO_GET_REVISION_TARGET(r1, 0x0, 0x43, &(0x7f0000000000)={'TPROXY\x00'}, &(0x7f0000000080)=0x1e)
getsockopt$inet_sctp_SCTP_NODELAY(r1, 0x84, 0x3, &(0x7f00000000c0), &(0x7f0000000140)=0x4)
setsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(r1, 0x84, 0x12, &(0x7f0000000180), 0x4)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:08:21 executing program 0:
r0 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x10, 0x1)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(0xffffffffffffff9c, 0x84, 0x77, &(0x7f0000000040)={<r1=>0x0, 0x401, 0x6, [0x1, 0x0, 0x5, 0x7, 0x7ff, 0x0]}, &(0x7f0000000080)=0x14)
setsockopt$inet_sctp_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f00000000c0)={r1}, 0x8)
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))

2018/05/15 13:08:21 executing program 4:
bpf$MAP_CREATE(0xb603, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:21 executing program 7:
pipe(&(0x7f0000000080))
r0 = getpgid(0x0)
ptrace(0xffffffffffffffff, r0)

[  357.712106] binder: 21853:21854 unknown command 1077961555
[  357.739671] binder: 21853:21854 ioctl c0306201 20000200 returned -22
2018/05/15 13:08:21 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r1=>0x0})
nanosleep(&(0x7f0000000000)={0x77359400}, &(0x7f0000000100))
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r1+30000000}}, &(0x7f0000040000))
tkill(r0, 0x1000000000016)

2018/05/15 13:08:21 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400140000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:21 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
setsockopt$IP_VS_SO_SET_ADDDEST(r1, 0x0, 0x487, &(0x7f0000000080)={{0x4, @local={0xac, 0x14, 0x14, 0xaa}, 0x4e20, 0x0, 'lblcr\x00', 0x7, 0x4, 0x52}, {@empty, 0x4e24, 0x2000, 0x0, 0xffffffffffffffc0, 0x401}}, 0x44)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x20000000000007, &(0x7f0000000040)=0x400000000000000, 0x9c)

2018/05/15 13:08:21 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setns(r1, 0x0)
fcntl$setpipe(r0, 0x407, 0x9476fe0)

2018/05/15 13:08:21 executing program 4:
bpf$MAP_CREATE(0x210, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:21 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x400000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:21 executing program 0:
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))
r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)
getsockopt$bt_BT_POWER(r0, 0x112, 0x9, &(0x7f0000000040)=0x80000001, &(0x7f0000000080)=0x1)
openat$ipvs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/vs/expire_nodest_conn\x00', 0x2, 0x0)

2018/05/15 13:08:21 executing program 5:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r1, 0xc0505350, &(0x7f0000000000)={{0x9, 0x8}, {0x5, 0x7f}, 0x12f38a1c, 0x6, 0x8})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
setsockopt$inet6_udp_int(r0, 0x11, 0x66, &(0x7f00000000c0)=0xca, 0x4)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
vmsplice(r1, &(0x7f0000000280)=[{&(0x7f0000000180)='r', 0x1}], 0x1, 0x0)

[  358.555446] IPVS: set_ctl: invalid protocol: 4 172.20.20.170:20000 lblcr
[  358.564462] binder: 21885:21887 got reply transaction with no transaction stack
[  358.572059] binder: 21885:21887 transaction failed 29201/-71, size 0-0 line 2763
2018/05/15 13:08:22 executing program 4:
bpf$MAP_CREATE(0x3e8, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:22 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000411000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:22 executing program 7:
r0 = perf_event_open(&(0x7f0000000000)={0x1, 0x70, 0x6fd, 0x8, 0x1, 0xd63e, 0x0, 0x2, 0x11000, 0x1, 0x3, 0x8, 0x8f48, 0x81, 0x40, 0x7, 0xfffffffffffeffff, 0x81, 0x8a9, 0x4, 0x8, 0x200, 0xffffffff, 0x4, 0x5, 0x480000, 0x99a, 0x8001, 0x3f, 0x9, 0x0, 0x2e8, 0x7398, 0x11, 0x1, 0x10001, 0x1, 0x7f, 0x0, 0xfffffffffffff0ab, 0xfffffffffffffffe, @perf_config_ext={0x7, 0x800}, 0x0, 0xfb3, 0x100, 0x4, 0x1, 0x9, 0x1}, 0x0, 0xe, 0xffffffffffffffff, 0x1)
r1 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/qat_adf_ctl\x00', 0x101000, 0x0)
ioctl$KVM_ARM_SET_DEVICE_ADDR(r1, 0x4010aeab, &(0x7f00000000c0)={0x6, 0x3002})
ioctl$PERF_EVENT_IOC_ID(r0, 0x80082407, &(0x7f0000000240))
pipe(&(0x7f0000000100)={<r2=>0xffffffffffffffff})
fcntl$setpipe(r2, 0x407, 0x5)

[  358.613880] IPVS: set_ctl: invalid protocol: 4 172.20.20.170:20000 lblcr
2018/05/15 13:08:22 executing program 4:
bpf$MAP_CREATE(0x3a02000000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:22 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x600, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

[  358.699686] QAT: Invalid ioctl
2018/05/15 13:08:22 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400000000000000140038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:22 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e24, 0x9, @empty, 0x2}, 0x1c)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
ioctl$sock_proto_private(r1, 0x89ef, &(0x7f0000000140)="047553853de04c6454f3aa85ff136fbb2d40b6994e3d049a1122602c0b4b6697fb576205df26561111b989b6108d06a2b0806f9c865387e4c6cd41b4ae0357caf7e1e0")
lseek(r1, 0x0, 0x1)
setsockopt$inet_sctp6_SCTP_HMAC_IDENT(r0, 0x84, 0x16, &(0x7f0000000200)=ANY=[@ANYBLOB="01000000ff00728f17b004bc8b318e95d9678339b5ba4143c7dd716eef1181a6d964c1e3acf5097e1897cd22726f40e14db16dc21e55a55777f84307cfa95ffffe905d0af347407a8a3f95a543065ad58b7623a1f08d14e63bc1e46d7e4b544bf583dd78639c338f0c216025ba460c73d9679ee4cb00f07ea4e05dae68fac93c2fc75f7f729e30dfa269f8e704afbc939b1590f8371bed5eb87c79a5ebd90a5abe2758d96112fb189cb2a8df274b029080c5ed9b21d9c75b4c0af8f22733d058a5237ce7f1080c4fb4acd564806eaa641431721fb9477da7e8de45de37e9fc35ea6539c2aa946afc167f4ce4f6213cad0d9b7f64f112df02cff3a3af66ecc7637c793d5e9a2408f8b0dd964e90a87f00219b74e4029e555cb53c902f1757d07216978001283dd2ec945ef1d08bfa10bac89d829a8218a58a42cdf39b6419cd4dd97a75ef32b4b657e7e3000000008000000000"], 0x6)
ioctl$SG_SCSI_RESET(r1, 0x2284, 0x0)
fchmod(r0, 0x8d)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

[  358.731726] QAT: Invalid ioctl
2018/05/15 13:08:22 executing program 0:
clone(0x4000, &(0x7f0000000000)="f727ab2b9dcbeb5fe11ca8d0277e2f6300120368136d3e70da1c77c35b7823b57cc15c7fb626f74937ab03642cc3015f585e2da6935a81918adbf1463ed02a5f2366595621491f0a5133c6fbf06201829ebd7f96f1404e5b4c13dd1e427fcf45b5e196249e98dd625c2d07a85d200ad0153a984c0e6bb1f41a57965071f9eae8719b3fa2749130f9b3dcd9c23d67ac8bdd1cdbd56ab37509cf1da5fdd73ca34197f7ed776276228696754d5c9f26e622297e4ab561380b01c5c1828aa3248aae8f25", &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))

[  358.756820] binder: 21916:21918 got reply transaction with no transaction stack
[  358.764448] binder: 21916:21918 transaction failed 29201/-71, size 0-0 line 2763
2018/05/15 13:08:22 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
r0 = socket(0xa, 0x2, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f")
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000002c0)={&(0x7f0000000040)={0x10}, 0xc, &(0x7f0000000280)={&(0x7f0000000200)=@ipv4_newroute={0x1c, 0x52, 0x1, 0x0, 0x0, {0x2}}, 0x1c}, 0x1}, 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)=<r3=>0x0)
clock_gettime(0x0, &(0x7f00000000c0))
timer_settime(r3, 0x1, &(0x7f0000000080)={{}, {0x0, 0x1c9c380}}, &(0x7f0000000140))
tkill(r2, 0x1000000000016)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop-control\x00', 0x1, 0x0)

2018/05/15 13:08:22 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x407, 0x9476fe0)
ioctl$DRM_IOCTL_AGP_ENABLE(r0, 0x40086432, &(0x7f0000000000)=0x3)

2018/05/15 13:08:22 executing program 4:
bpf$MAP_CREATE(0x9e03, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:22 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400110000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:22 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x74000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:22 executing program 0:
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x400000, 0x0)
ioctl$EVIOCGMASK(r0, 0x80104592, &(0x7f0000000140)={0x7, 0xe3, &(0x7f0000000040)="9663962a652f9042a9cb03e5881a05a266f8481c619a453a6662b47c06b45a8995b847ae57afb7ce57855bde942c538890c62fdfeb5565530e507254b42db2eacf55247323f2ab65722bf5af099122aa63876fb4dec36a0ab7c62a0ad225be35ff06afd71f20132f6c7501a6f0ab943b04ee1bfb06d59576bf31108eba26f86ca86d3b452de49dbb7319d9215c47f34c9e5fe2c4e9156502315fc76a0f5a98d4d90ea33ff8c8a06191e3ee30777044b2f64bc8c1580faa34330a37efa1ba8d631808f6399074a8e20b614b693af181c3028f8ac889326daf39271609f83fecf7a28347"})
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))

2018/05/15 13:08:22 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
syz_mount_image$f2fs(&(0x7f0000000000)='f2fs\x00', &(0x7f0000000080)='./file0\x00', 0x9, 0x5, &(0x7f0000000340)=[{&(0x7f0000000140)="c13c9abc71dbe4ebc1cdd213f4d87760eb4f345dcdd07045f02c5c1788029eecce0a3a9488dea80a28160058258f535f203ffec07b5b9df20784b53f2af2c63e16016ea58e38286a9e8f1310090164751963442c99a18df9de61e109e944808d028553ae9f54c23ca82516b4cfe50461483797de1f3c34ed5c059fb1600ebd8764a2bb0aefae018bd2d121d76ea1020145056304829b2f0fa93cfea4f162759ed96969e58ba0f408409c2db6fe9011db252af590a4f70c35ac2cb66bdeb438e4d935b02c959de4753eb7aeadf264970ea8", 0xd1, 0x9}, {&(0x7f00000000c0)="09344d393eb8444c3527284a3aef64ada61245b0488748fae5478fab33140b0b33", 0x21, 0x7}, {&(0x7f0000000240)="6b360a4cfcc1", 0x6, 0x2}, {&(0x7f0000000280)="744c7ae6fad0da4054318a934d542ca31a8481b6f7cd0543c62da0d49f1aa4f02bec7593", 0x24, 0x1}, {&(0x7f00000002c0)="2a2e21af64fda1777cc67fe173077bc0a5e8d9e8465379391da2556272a60e9006b4f26f7711687aaeeecd656598082589480a88c21a90a96968b61ebee228bda6865871f83bc02b45c71d204fa6f01457c4280df8b7c4c709396fd0837c3e6eb2cfd54c8e6252e7c40ac3278e8bdf2b60cea62802d170cffc", 0x79, 0x1}], 0x10000, &(0x7f00000003c0)={[{@prjquota={'prjquota', 0x3d, 'trusteduser'}, 0x2c}]})
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:08:22 executing program 5:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
getsockopt$inet_sctp_SCTP_HMAC_IDENT(r0, 0x84, 0x16, &(0x7f0000000000), &(0x7f0000000040)=0x4)
vmsplice(r1, &(0x7f0000000280)=[{&(0x7f0000000180)='r', 0x1}], 0x1, 0x0)

[  359.567206] binder: 21946:21947 got reply transaction with no transaction stack
[  359.574759] binder: 21946:21947 transaction failed 29201/-71, size 0-0 line 2763
2018/05/15 13:08:23 executing program 4:
bpf$MAP_CREATE(0x170, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:23 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400000000000000050038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

[  359.612534] F2FS-fs (loop1): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  359.619668] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
2018/05/15 13:08:23 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x407, 0x9476fe0)
getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r1, 0x84, 0x1b, &(0x7f0000000000)={<r2=>0x0, 0xa, "b4b9b61490d51d000053"}, &(0x7f0000000040)=0x12)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r1, 0x84, 0x1, &(0x7f00000000c0)={r2, 0x97e9, 0xffffffffffffff7f, 0x3, 0x101, 0x4}, &(0x7f0000000100)=0x14)

2018/05/15 13:08:23 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x5000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:23 executing program 4:
bpf$MAP_CREATE(0x5c900300, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:23 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c460000000000000000000000000400040000001f000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

[  359.717795] binder: 21976:21978 got reply transaction with no transaction stack
[  359.725429] binder: 21976:21978 transaction failed 29201/-71, size 0-0 line 2763
[  359.738218] F2FS-fs (loop1): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  359.745380] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock
2018/05/15 13:08:23 executing program 0:
clone(0x4000, &(0x7f0000000080)="0c0e196c04fc681a3bee51000010000000045df54c154528241f0f954e07562f6845456f9336f56c07dddb742e04edf212717e6de09a112258074a58796160421d47430c958ce058f4eb4cde13aa3803635e22f783db03f982ab3740a3594d4b60388f40267358923bb498aba598d73bee710acc81a43eadc668f92a2123995bddc3cababda5d90b234fd53d689b6e2f39398d239e6b6d6ee6f7b6696be44b91b4b11a732b6ad128688af0a837260168400e1ec76503fa1fa8d80d43036bd648e3efd22ba3c1d5b8214cee05f4639a9eff1869a70b7ba3900b", &(0x7f0000000580), &(0x7f0000000000), &(0x7f0000000240)="6a1cdc01aa8e0e91625fd1e1ac36be897fdad9b636b5665fd6d8ebf38e210bd1b96b0a3349f728206ea45989fc5ad9d67aa7f3d95477a89f5b7ee74284cd9953bf058baa99bac8abca527810e5bed7f199d6491ab47bb2aee0e9163f058851fad2c097b27eb2204be5c2815823768e8e6c8481f3a516e63b2fbe545320f58c4f72360212b934204119e0dd05208c2c7ee65ac59bf5")

2018/05/15 13:08:23 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x407, 0x9476fe0)
r2 = fcntl$dupfd(r0, 0x406, r1)
ioctl$VT_RESIZEX(r2, 0x560a, &(0x7f0000000000)={0xfd6, 0xfffffffffffeffff, 0x8, 0x728, 0xffff})

[  359.777662] F2FS-fs (loop1): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  359.784867] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  359.809244] F2FS-fs (loop1): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  359.816360] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock
[  359.949285] F2FS-fs (loop1): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  359.956485] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  360.409152] netlink: 8 bytes leftover after parsing attributes in process `syz-executor3'.
2018/05/15 13:08:24 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
clock_gettime(0x0, &(0x7f0000000140)={0x0, <r1=>0x0})
r2 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000)='/dev/uinput\x00', 0x107000, 0x0)
ioctl$sock_inet_tcp_SIOCOUTQNSD(r2, 0x894b, &(0x7f00000000c0))
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r1+30000000}}, &(0x7f0000040000))
tkill(r0, 0x1000000000016)

2018/05/15 13:08:24 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x7a00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:24 executing program 4:
bpf$MAP_CREATE(0xe00, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:24 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000404000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:24 executing program 7:
pipe(&(0x7f00000000c0)={<r0=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x407, 0x9476fe0)

2018/05/15 13:08:24 executing program 0:
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))
r0 = syz_open_dev$admmidi(&(0x7f00000000c0)='/dev/admmidi#\x00', 0x8, 0x10000)
epoll_pwait(r0, &(0x7f0000000100)=[{}, {}, {}, {}, {}, {}, {}, {}, {}, {}], 0xa, 0xa0, &(0x7f0000000180)={0xfffffffd}, 0x8)
r1 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x1, 0x2000)
syz_open_dev$sndpcmp(&(0x7f0000000080)='/dev/snd/pcmC#D#p\x00', 0x0, 0x2000)
syz_open_dev$admmidi(&(0x7f00000001c0)='/dev/admmidi#\x00', 0x9, 0x141000)
ioctl$TIOCLINUX7(r1, 0x541c, &(0x7f0000000040)={0x7, 0x8})

2018/05/15 13:08:24 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
ioctl$sock_kcm_SIOCKCMATTACH(r1, 0x89e0, &(0x7f0000000000)={r0, r0})
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:08:24 executing program 5:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
vmsplice(r1, &(0x7f0000000280)=[{&(0x7f0000000180)='r', 0x1}], 0x1, 0x0)
syz_kvm_setup_cpu$x86(r0, r1, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000000)="0f20d566b9800000c00f326635001000000f30660f3817a3003a0f213e0fc75d092ef2add8fc660fe31dea714bdb000f06", 0x31}], 0x1, 0x10, &(0x7f00000000c0)=[@cstype3={0x5, 0xe}, @flags={0x3, 0x4}], 0x2)

2018/05/15 13:08:24 executing program 4:
bpf$MAP_CREATE(0xe401000000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:24 executing program 7:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0)
setsockopt$l2tp_PPPOL2TP_SO_RECVSEQ(r0, 0x111, 0x2, 0x1, 0x4)
pipe(&(0x7f0000000080)={<r1=>0xffffffffffffffff})
fcntl$setpipe(r1, 0x407, 0x9476fe0)

[  360.985517] binder: 22019:22024 got reply transaction with no transaction stack
[  360.993137] binder: 22019:22024 transaction failed 29201/-71, size 0-0 line 2763
2018/05/15 13:08:24 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000415000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:24 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x68, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:24 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)
r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00')
sendmsg$IPVS_CMD_DEL_DEST(r1, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x24, r2, 0x8, 0x70bd2b, 0x25dfdbfc, {0x7}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x6c}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x10)

2018/05/15 13:08:24 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400000000000000030038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

[  361.119295] binder: 22041:22042 got reply transaction with no transaction stack
[  361.126975] binder: 22041:22042 transaction failed 29201/-71, size 0-0 line 2763
2018/05/15 13:08:24 executing program 4:
bpf$MAP_CREATE(0xbc03000000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:24 executing program 7:
r0 = syz_open_dev$adsp(&(0x7f0000000000)='/dev/adsp#\x00', 0x4062d20e, 0x4fffe)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_INFO(r0, 0x40bc5311, &(0x7f0000000140)={0x8001, 0x1, 'client0\x00', 0x0, "bd955a9fcb3dd79e", "3ef77798175f0ba616c8b3bccd780b50b9663b907317d1c33fb579654f3d0e8a", 0x4, 0x6})
setsockopt$inet6_MRT6_DEL_MFC(r0, 0x29, 0xcd, &(0x7f00000000c0)={{0xa, 0x4e22, 0x7, @mcast1={0xff, 0x1, [], 0x1}, 0x7}, {0xa, 0x4e24, 0xfff, @dev={0xfe, 0x80, [], 0x1f}, 0x9}, 0x0, [0xad5, 0xfffffffffffffffc, 0x5, 0x21, 0x8, 0x0, 0xfffffffffffffff9, 0x9]}, 0x5c)
ioctl$SG_SCSI_RESET(r0, 0x2284, 0x0)
pipe(&(0x7f0000000080)={<r1=>0xffffffffffffffff})
fcntl$setpipe(r1, 0x407, 0x9476fe0)
ioctl$sock_inet_tcp_SIOCOUTQ(r1, 0x5411, &(0x7f0000000040))

2018/05/15 13:08:25 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r1=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r1+30000000}}, &(0x7f0000040000))
tkill(r0, 0x1000000000016)
r2 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xaffa, 0x200)
ioctl$VHOST_GET_FEATURES(r2, 0x8008af00, &(0x7f0000000100))

2018/05/15 13:08:25 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400000000000000040038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:25 executing program 0:
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f0000000000), &(0x7f0000000600))
socket(0x10, 0x80000, 0xfffffffffffffffb)

2018/05/15 13:08:25 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x200000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:25 executing program 4:
bpf$MAP_CREATE(0x7601, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:25 executing program 1:
r0 = socket$inet6(0xa, 0x3, 0x2)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:08:25 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$bt_BT_SECURITY(r1, 0x112, 0x4, &(0x7f0000000040), 0x2)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
setsockopt$bt_BT_DEFER_SETUP(r1, 0x112, 0x7, &(0x7f0000000000)=0x47a7, 0x4)

2018/05/15 13:08:25 executing program 5:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0xfff)
getsockopt$bt_BT_VOICE(r1, 0x112, 0xb, &(0x7f0000000000), &(0x7f0000000040)=0x2)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
vmsplice(r1, &(0x7f0000000280)=[{&(0x7f0000000180)='r', 0x1}], 0x1, 0x0)

2018/05/15 13:08:25 executing program 7:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
fcntl$setpipe(r1, 0x407, 0x8)
connect$ipx(r0, &(0x7f0000000000)={0x4, 0x5, 0xa74f, "74992d55b381", 0x50}, 0x10)
getsockopt$netrom_NETROM_IDLE(r1, 0x103, 0x7, &(0x7f0000000080)=0x3, &(0x7f00000000c0)=0x4)

2018/05/15 13:08:25 executing program 4:
bpf$MAP_CREATE(0x3fa, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

[  361.892689] binder: 22067:22075 got reply transaction with no transaction stack
[  361.900291] binder: 22067:22075 transaction failed 29201/-71, size 0-0 line 2763
2018/05/15 13:08:25 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:25 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400000005000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:25 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$inet6_buf(r0, 0x29, 0xfb, &(0x7f00000002c0)="b778ccedc78489e4db5a137d248877d97911caf77cf4ef8274dabe1f740abb92bc91ae6c7b3257b39576c15e507e13618eb9c92a38ee027c0b488c5d01461dd59e86a3c0a5da02b63e2b6217d396f3fda8d8f327a882e02259ecc15b840999bfdad2f89bfff4c819c4cf6ecf6e7721e75f1f6c9234d53dd80410e99e502b6e94ec1f37ddd6948e28cf752c1e8f58940672e6e1322ecaa80ab32e9c5d25b08525e36cef066023bfaa476274982e9bd41319eb7df947fe7cf77a866381c94f57f43eed12b83ecc5857cea51349f254fb7bc696", 0xd2)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000140)={{{@in6=@dev, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{}, 0x0, @in=@multicast2}}, &(0x7f0000000080)=0xe8)
sendmsg$nl_route_sched(r1, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10001000}, 0xc, &(0x7f0000000240)={&(0x7f00000003c0)=ANY=[@ANYBLOB="2cefffff2b000019279d7000fbdbdf250000a1dfbdfff57e2a5710bd91ea2ddf820000", @ANYRES32=r2, @ANYBLOB="000000006459e0ff0000fbff08000b00f0a70000"], 0x2c}, 0x1, 0x0, 0x0, 0x20040814}, 0x4000)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
epoll_create1(0x80000)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:08:25 executing program 4:
bpf$MAP_CREATE(0x7e02, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:25 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff})
ioctl$ASHMEM_GET_SIZE(r0, 0x7704, 0x0)

[  362.008834] binder: 22098:22099 got reply transaction with no transaction stack
[  362.016449] binder: 22098:22099 transaction failed 29201/-71, size 0-0 line 2763
2018/05/15 13:08:25 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400000000000000160038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:26 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)=<r1=>0x0)
timer_settime(r1, 0x0, &(0x7f0000000000)={{0x77359400}}, 0x0)
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r2=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r2+30000000}}, &(0x7f0000040000))
tkill(r0, 0x1000000000016)

2018/05/15 13:08:26 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
pwrite64(r1, &(0x7f0000000080)="ea1c7a9fb0312ed4fb51cf41899e77c6515463d0524f8490d1fc00fe5449e9a8ab73863bc1e80859616573dd1840f11543eafa74ff83df7fe80b31125fcded12d8dfcb6598884014fbeb0288cb89c28e0a17c45f10e9b6c2c5729c7db467a38e2fc82971aae9a8231ae15aa5862476226d963b", 0x73, 0x38)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x7fff, @loopback={0x0, 0x1}}, 0x36c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:08:26 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0xfffffdfd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:26 executing program 4:
bpf$MAP_CREATE(0x1d8, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:26 executing program 0:
clone(0x400, &(0x7f0000000340)="22f616727980cff41c8cdc3ba53e2b0d92f3a5f67c446241656a2b3d8fb1d595b991528dc472aee5c8f2fadead59427d72dc7fffffff0988ff55345109687df5170f2463a26bdba3b1aca613b4ab344285edbd996565d3f0769ff90d18f77d1ecc4bac2df76b647378a3e1ae51ee94b5231b9622ef411bc3087393516d", &(0x7f0000000140), &(0x7f00000003c0), &(0x7f00000002c0))
r0 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000040)={&(0x7f0000000000)='./file0\x00', 0x0, 0x18}, 0x10)
r1 = socket(0x1d, 0x5, 0x9a)
setsockopt$inet_int(r1, 0x0, 0x0, &(0x7f0000000280)=0x4, 0x4)
r2 = socket$nl_crypto(0x10, 0x3, 0x15)
r3 = socket$unix(0x1, 0x5, 0x0)
r4 = accept$ax25(0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0)=0x10)
r5 = socket$can_bcm(0x1d, 0x2, 0x2)
r6 = socket$bt_cmtp(0x1f, 0x3, 0x5)
ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000100)={0x7, <r7=>0xffffffffffffffff, 0x1})
r8 = syz_open_procfs(0x0, &(0x7f0000000180)='fdinfo\x00')
ppoll(&(0x7f00000001c0)=[{r0, 0x400}, {r2}, {r3, 0x1480}, {r4, 0x20}, {r5, 0x85}, {r6, 0x88}, {r7}, {r8, 0x40}], 0x8, &(0x7f0000000200)={0x0, 0x989680}, &(0x7f0000000240)={0xc0000000000000}, 0x8)

2018/05/15 13:08:26 executing program 7:
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x407, 0x9476fe4)

2018/05/15 13:08:26 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400000016000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:26 executing program 5:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
vmsplice(r1, &(0x7f0000000280)=[{&(0x7f0000000180)='r', 0x1}], 0x1, 0x0)
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000000)={<r2=>0x0, 0x7}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f00000000c0)={r2, @in={{0x2, 0x4e23, @remote={0xac, 0x14, 0x14, 0xbb}}}, 0xfffffffffffffff7, 0x8}, &(0x7f00000001c0)=0x90)

2018/05/15 13:08:26 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e20, 0x2, @remote={0xfe, 0x80, [], 0xbb}, 0xd8ea}, 0x1c)
openat$cgroup_ro(r1, &(0x7f0000000040)='memory.swap.current\x00', 0x0, 0x0)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r0, 0x1, 0x7, &(0x7f00000000c0), 0xfffffdd8)

[  362.839595] binder: 22132:22134 got reply transaction with no transaction stack
[  362.847230] binder: 22132:22134 transaction failed 29201/-71, size 0-0 line 2763
2018/05/15 13:08:26 executing program 4:
bpf$MAP_CREATE(0x182, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:26 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400150000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:26 executing program 7:
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000040)={0x3f, 0x8, 0x1, 0x81, <r2=>0x0}, &(0x7f0000000080)=0x10)
setsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f00000000c0)={r2, 0xfffffffffffffffe}, 0x8)
ioctl$sock_inet_SIOCSIFNETMASK(r0, 0x891c, &(0x7f0000000000)={'lo\x00', {0x2, 0x4e21}})
epoll_create1(0x80000)
fcntl$setpipe(r0, 0x407, 0xffffffff)

2018/05/15 13:08:26 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x6800000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:26 executing program 4:
bpf$MAP_CREATE(0x226e0200, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:26 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/pfkey\x00', 0x400000, 0x0)
ioctl$SG_SET_TIMEOUT(r1, 0x2201, &(0x7f00000000c0)=0x7)
connect$vsock_dgram(r1, &(0x7f0000000140)={0x28, 0x0, 0xffffffff, @my=0x0}, 0x10)
shutdown(r0, 0x1)
r2 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r2, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
ioctl$BLKDISCARD(r2, 0x1277, &(0x7f0000000000)=0x1)
setsockopt$sock_int(r2, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:08:26 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000402000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

[  363.076544] binder: 22161:22168 got reply transaction with no transaction stack
[  363.084154] binder: 22161:22168 transaction failed 29201/-71, size 0-0 line 2763
2018/05/15 13:08:27 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000180)='/dev/rfkill\x00', 0x80000, 0x0)
getsockopt$netrom_NETROM_N2(r0, 0x103, 0x3, &(0x7f00000001c0)=0x1, &(0x7f0000000200)=0x4)
r1 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)=<r2=>0x0)
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r3=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000000)={{0x0, 0x8}, {0x0, r3+30000000}}, &(0x7f0000040000))
tkill(r1, 0x1000000000016)
clock_gettime(0x0, &(0x7f0000000080)={<r4=>0x0, <r5=>0x0})
ioctl$INOTIFY_IOC_SETNEXTWD(r0, 0x40044900, 0x3)
getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000440)={{{@in=@multicast2, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r6=>0x0}}, {{@in6=@ipv4={[], [], @multicast2}}, 0x0, @in=@multicast1}}, &(0x7f0000000300)=0xe8)
getsockopt$inet6_mreq(r0, 0x29, 0x1f, &(0x7f0000000540)={@remote, <r7=>0x0}, &(0x7f0000000580)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000800)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000007c0)={&(0x7f00000005c0)=@ipv4_delroute={0x1d4, 0x19, 0x60a, 0x70bd27, 0x25dfdbff, {0x2, 0x0, 0xb0, 0x4, 0xfd, 0x3, 0xfd, 0x9, 0x2800}, [@RTA_ENCAP_TYPE={0x8, 0x15, 0x4}, @RTA_DST={0x8, 0x1, @multicast1=0xe0000001}, @RTA_METRICS={0x100, 0x8, "bfcee3d53992fa71b4b5029f7f09bf1f0dd3e9e7dc41bf20622bd3344df29e0b5eaa3c9fd87451c6623ff60f8a030e99588701fc90773a35d8665c4ad0ce5bc3563c3bf749805dd7d849c21eacd794a555694023b73c1eab9ab45fa079f30d2829095bc46615162da114a36059febaf6f83bc9dea18833ee7c3da204748134c32788deda474bbe85f3bcc242421efe38f428dc9f612e427c23e551e3057d19c10eaaa332d85666374ee9dafe57bbb2da01320c04394fb99b26a82bc95c1121728529d74d37caeb0db5e00efa9b963d0e0608984962f07e33f64d6eec4c85bec6061a70c23a47428ecb67c23a8a07adcfb90237c19634f458d3"}, @RTA_ENCAP={0x80, 0x16, @generic="20ab1f4dd5e7963ba8934c52a8a5e6d91856d10679164f4721979904325f2397925b500b32a516bac06458f7022e901edc410e2833cc658cf739f0d333751168b9970928100bffc1f195cf4d76b6f206461d308d29ca71205f4f481f81de93079dd26799188a37fbba8c65fc02b323a8751c4daa9b3b2648ef"}, @RTA_ENCAP_TYPE={0x8, 0x15, 0x7}, @RTA_PREFSRC={0x8, 0x7, @multicast1=0xe0000001}, @RTA_OIF={0x8, 0x4, r6}, @RTA_GATEWAY={0x8, 0x5, @broadcast=0xffffffff}, @RTA_IIF={0x8, 0x1, r7}]}, 0x1d4}, 0x1, 0x0, 0x0, 0x40}, 0x40010)
r8 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000280)='IPVS\x00')
sendmsg$IPVS_CMD_SET_DEST(r0, &(0x7f0000000380)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x808}, 0xc, &(0x7f0000000340)={&(0x7f00000003c0)=ANY=[@ANYBLOB='\a\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="2c0725bd7000fadbdf2506000000080004000080000014000200080009000000000008000b000a000000080006007f00000008000600c70f00000800060007000000"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x10)
timer_settime(r2, 0x1, &(0x7f0000000100)={{0x0, 0x989680}, {r4, r5+30000000}}, &(0x7f0000000140))

2018/05/15 13:08:27 executing program 5:
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r0, &(0x7f00000001c0), 0xfaa8a4c0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000140)='dctcp\x00', 0x6)
mount(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='ubifs\x00', 0x80000, &(0x7f00000002c0)="e591f8b3380f0d3eaffcc7004a1545faeb540ffcc6ec1b259cdc9990fec69c8c0c3cba2395593a54d4e4e690027dc7cc81eeba4688bc3fb69f192d16c5ae5fed1bb84e7b73391ac5db9f676e7a0db188387a09e7f5bcc0cf7d5307859bf0ffc8162a510e9108b07c923cab6ad69586af4ef1e20c0bfdfc6cdd5e4e3fb4ae3e0c9de99798d5bf543bf17c2bf3176c9ccf164105db7de67f8c0bfbb0a9a6cbedc410216c252a166a1c8458a67b41a3b364782b662fcd615148c5a9cadfefa7e8a34cd6b5267ef8facf32184c8506569087bf2906cc448b2ba3cac9b7c6d79da1b5b0e2")
vmsplice(r0, &(0x7f0000000280)=[{&(0x7f0000000180)='r', 0xfe1c}], 0x1, 0x9)
epoll_ctl$EPOLL_CTL_DEL(r1, 0x2, r0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x131)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r1, 0x6, 0x1d, &(0x7f00000001c0)={0x9, 0x100000000, 0x10001, 0x16, 0x7}, 0x14)

2018/05/15 13:08:27 executing program 4:
bpf$MAP_CREATE(0xea01, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:27 executing program 7:
socketpair$inet6_icmp(0xa, 0x2, 0x3a, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sync_file_range(r0, 0x3ff, 0x1ff, 0x4)
r2 = syz_open_dev$sndmidi(&(0x7f0000000200)='/dev/snd/midiC#D#\x00', 0xfffffffffffffff8, 0x42)
r3 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000180)='/dev/qat_adf_ctl\x00', 0x1, 0x0)
ioctl$SG_GET_VERSION_NUM(r3, 0x2282, &(0x7f00000001c0))
pipe(&(0x7f0000000100)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$KVM_SET_VCPU_EVENTS(r5, 0x4040aea0, &(0x7f0000000080)={0x3, 0x80000001, 0x92a, 0x0, 0x3ff, 0x4, 0x1, 0x3, 0x1, 0x7, 0x1, 0x6, 0x0, 0x7, 0x20, 0x6, 0x5, 0x370e55cd, 0x1})
fcntl$setpipe(r4, 0x407, 0x9476fe0)
r6 = syz_genetlink_get_family_id$team(&(0x7f0000000280)='team\x00')
getsockopt$inet6_IPV6_XFRM_POLICY(r3, 0x29, 0x23, &(0x7f00000002c0)={{{@in6=@local, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r7=>0x0}}, {{@in6=@ipv4={[], [], @multicast2}}, 0x0, @in6=@loopback}}, &(0x7f00000003c0)=0xe8)
getsockopt$inet_mreqn(r4, 0x0, 0x27, &(0x7f0000000540)={@loopback, @multicast2, <r8=>0x0}, &(0x7f0000000440)=0xc)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000001740)={'team_slave_0\x00', <r9=>0x0})
getsockopt$inet_IP_XFRM_POLICY(r4, 0x0, 0x11, &(0x7f0000001780)={{{@in=@rand_addr, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r10=>0x0}}, {{@in=@multicast1}, 0x0, @in=@multicast2}}, &(0x7f0000001880)=0xe8)
getsockopt$inet_IP_IPSEC_POLICY(r3, 0x0, 0x10, &(0x7f00000019c0)={{{@in=@remote, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r11=>0x0}}, {{@in6=@mcast2}, 0x0, @in=@multicast1}}, &(0x7f0000001ac0)=0xe8)
getpeername(r1, &(0x7f0000001b00)=@hci={0x0, <r12=>0x0}, &(0x7f0000001b80)=0x80)
accept$packet(r5, &(0x7f0000001c00)={0x0, 0x0, <r13=>0x0, 0x0, 0x0, 0x0, @local}, &(0x7f0000001c40)=0x14)
getsockname$packet(r3, &(0x7f0000001c80)={0x0, 0x0, <r14=>0x0, 0x0, 0x0, 0x0, @dev}, &(0x7f0000001cc0)=0x14)
getsockopt$inet_IP_IPSEC_POLICY(r5, 0x0, 0x10, &(0x7f0000001d40)={{{@in6=@mcast1, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r15=>0x0}}, {{@in=@loopback}, 0x0, @in6=@loopback}}, &(0x7f0000001e40)=0xe8)
getsockname$packet(r5, &(0x7f0000001e80)={0x0, 0x0, <r16=>0x0, 0x0, 0x0, 0x0, @random}, &(0x7f0000001ec0)=0x14)
getsockopt$inet_IP_IPSEC_POLICY(r4, 0x0, 0x10, &(0x7f0000002080)={{{@in=@loopback, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r17=>0x0}}, {{@in=@local}, 0x0, @in6=@loopback}}, &(0x7f0000002180)=0xe8)
getsockname$packet(r2, &(0x7f00000021c0)={0x0, 0x0, <r18=>0x0}, &(0x7f0000002200)=0x14)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000002340)={'team0\x00', <r19=>0x0})
getsockopt$inet_IP_XFRM_POLICY(r5, 0x0, 0x11, &(0x7f0000002380)={{{@in6=@mcast2, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r20=>0x0}}, {{@in6=@mcast2}, 0x0, @in=@remote}}, &(0x7f0000002480)=0xe8)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x1, 0x4000000000000, 0xfd, 0xbe, 0x1, 0x3, 0x200, 0xfffffffffffffffd, 0x9dd, 0x1000, 0x10000, 0x4, 0x5, 0xc1be, 0x4, 0x4], 0x6000})
recvmmsg(r4, &(0x7f00000077c0)=[{{&(0x7f0000004900)=@can={0x0, <r21=>0x0}, 0x80, &(0x7f0000005dc0)=[{&(0x7f0000004980)=""/122, 0x7a}, {&(0x7f0000004a00)=""/68, 0x44}, {&(0x7f0000004a80)=""/4096, 0x1000}, {&(0x7f0000005a80)=""/47, 0x2f}, {&(0x7f0000005ac0)=""/36, 0x24}, {&(0x7f0000005b00)=""/214, 0xd6}, {&(0x7f0000005c00)=""/201, 0xfffffea0}, {&(0x7f0000005d00)=""/181, 0xb5}], 0x8, &(0x7f0000005e40)=""/86, 0x56, 0x5}, 0x1ff}, {{&(0x7f0000005ec0)=@pppol2tpv3={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @broadcast}}}, 0x80, &(0x7f00000060c0)=[{&(0x7f0000005f40)=""/112, 0x70}, {&(0x7f0000005fc0)=""/42, 0x2a}, {&(0x7f0000006000)=""/145, 0x91}], 0x3, &(0x7f0000006100)=""/92, 0x5c, 0x4}, 0x7}, {{&(0x7f0000006180)=@sco, 0x80, &(0x7f0000007480)=[{&(0x7f0000006200)=""/113, 0x71}, {&(0x7f0000006280)=""/4096, 0x1000}, {&(0x7f0000007280)=""/251, 0xfb}, {&(0x7f0000007380)=""/233, 0xe9}], 0x4, &(0x7f00000074c0)=""/111, 0xffffffffffffff20, 0x4}, 0x3ff}, {{0x0, 0x0, &(0x7f00000075c0)=[{&(0x7f0000007540)=""/81, 0x51}], 0x1, &(0x7f0000007600)=""/12, 0xc, 0x3f}}, {{&(0x7f0000007640)=@pppol2tpv3in6={0x0, 0x0, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, @loopback}}}, 0x80, &(0x7f0000007740)=[{&(0x7f00000076c0)=""/70, 0x46}], 0x1, &(0x7f0000007780)=""/5, 0x5, 0x7}, 0x10000}], 0x5, 0x10000, &(0x7f0000007900)={0x77359400})
getsockname$packet(r3, &(0x7f0000007ac0)={0x0, 0x0, <r22=>0x0}, &(0x7f0000007b00)=0x14)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000007b40)={'vcan0\x00', <r23=>0x0})
sendmsg$TEAM_CMD_OPTIONS_GET(r4, &(0x7f0000008100)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x8100}, 0xc, &(0x7f00000080c0)={&(0x7f0000000c40)=ANY=[@ANYBLOB="18050000", @ANYRES16=r6, @ANYBLOB="10002abd7000ffdbdf250200000008000100", @ANYRES32=r7, @ANYBLOB="c800020040000100240001006c625f74785f686173685f746f5f706f72745f6d617070696e67000000000000080003000300000008000400", @ANYRES32=r8, @ANYBLOB="08000700000000004c000100240001006270665f686173685f66756e6300000000000000000000000000000000000000080003000b0000001c000400090006fb060000000000009102000000090000010009000038000100240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000800030003000000080004000100000008000100", @ANYRES32=r9, @ANYBLOB="3c00020038000100240001006d636173745f72656a6f696e5f636f756e7400000000000000000000000000000800030003000000080004000400000008000100", @ANYRES32=r10, @ANYBLOB="4400020040000100240001006c625f686173685f737461747300000000000000000000000000000000000000080003000b0000000800040009000000080007000000000008000100", @ANYRES32=r11, @ANYBLOB="3001020038000100240001006d636173745f72656a6f696e5f636f756e7400000000000000000000000000000800030003000000080004000700000040000100240001006c625f74785f686173685f746f5f706f72745f6d617070696e67000000000000080003000300000008000400", @ANYRES32=r12, @ANYBLOB="080007000000000040000109240001007072696f72697479000000040000000000010000000000000000000000000000080003000e000000080004005d84000008000600", @ANYRES32=r13, @ANYBLOB="3c00010024000100656e61626c65640000000000000000000000000000000000000000000000000008000300060000000400040008000600", @ANYRES32=r14, @ANYBLOB="38000100240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000800030003000000080004000900000008000100", @ANYRES32=r15, @ANYBLOB="6402020040000100240001006c625f74785f686173685f746f5d706f72745f6d617070696e670000000000000800030003000000080004007e18eaf94b55641c427b49e523e4d6c24aebf9baa45bf3b874f8e212f8c86f13def5f2eb2f49443053ee2228ea3fa9006f95fb12224f2ce2bdf6dd9536813e8961b14d2c526c089e82d6a2ff977f0493b35faa971ccf4dbf8322952f763722e5501ef0f4473bb0f4", @ANYRES32=r16, @ANYBLOB="0800070000000000400001002400010071756575655f69640000000000000000000000000000000000000000000000000800030003000000080004000001000008000600", @ANYRES32=r17, @ANYBLOB="3c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000008000300060000000400040008000600", @ANYRES32=r18, @ANYBLOB="3800010024000100616374697665706f727400000000000000000000000000000000000000000000080003000300000008000400", @ANYRES32=r19, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f636f756e740000000000000000000000000000080003000300000008000400f483000040000100240001006c625f706f72745f737461747300000000000000000000000000000000000000080003000b000000080004000200000008000600", @ANYRES32=r20, @ANYBLOB="3c00010024000100656e61626c65640000000000000000000000000000000000000000000000000008000300060000000400040008000600", @ANYRES32=r21, @ANYBLOB="40000100240001006c625f74785f686173685f746f5f706f72745f6d617070696e67000000000000080003000300000008000400", @ANYRES32=r22, @ANYBLOB="08388208a06fe872ae0100757365725f6c696e6b75700000000000000000000000000000000000000000000800030006000000e50004000800060071ace35620ef12c5a74164730dcfc6f11ed48d6bd441ec82bd4071ab00e3b598337a14656478c82f5f63d18e059fdc0ca23d5b2329a590695c36a0c251fcc6d66c1bfd3f71a5591f0a86722b94a2fd3ad741c23ab258136b5d4e9c7b61317378fa6fb24c9027b5f7d214a8c7b565f60cfa339dc12c2e2b0bb9a28f755206cd88c7d189292097694ebcb7df0835d9499353eaffa672ce8137347cfcd327cb632dfdbbe6ee2cf986887631e7e27bb192f427a46f2dfd9c9c73e338c270a87a28cb08c434dd0520cf1c3230000001000000000039f38497f798fe2b65f852188ba0772d832287d8e6ddf36955ba40ac51402e86d51241bef612d0e5e87f4a1a4e24769e82de2bb3824a25ba80d24174d9cd407378d5c06f75c24d07afb7db2a0732be6e", @ANYRES32=r23, @ANYBLOB="3c000100240001006270665f686173685f66756e6300000000000000000000000000000000000000080003000b0000000c0004000100002004000000"], 0x518}, 0x1, 0x0, 0x0, 0x80}, 0x24040044)
ioctl$KVM_S390_INTERRUPT_CPU(r5, 0x4010ae94, &(0x7f0000000140)={0x9, 0x280000, 0x4})
getsockopt$bt_BT_VOICE(r4, 0x112, 0xb, &(0x7f0000000000)=0x5, &(0x7f0000000040)=0x2)

2018/05/15 13:08:27 executing program 0:
r0 = socket$vsock_dgram(0x28, 0x2, 0x0)
shutdown(r0, 0x0)
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))

2018/05/15 13:08:27 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000403000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:27 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x500000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:27 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000000), 0x4)

[  363.794707] binder: 22183:22184 got reply transaction with no transaction stack
[  363.802334] binder: 22183:22184 transaction failed 29201/-71, size 0-0 line 2763
[  363.805466] QAT: Invalid ioctl
2018/05/15 13:08:27 executing program 4:
bpf$MAP_CREATE(0x6e00, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:27 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000405000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:27 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_sctp(0x2, 0x402000400000005, 0x84)
setsockopt$inet_MCAST_MSFILTER(r2, 0x0, 0x30, &(0x7f0000000140)={0x0, {{0x2, 0x0, @broadcast=0xffffffff}}, 0x0, 0x1, [{{0x2, 0x0, @dev={0xac, 0x14, 0x14}}}]}, 0x10c)
setsockopt$l2tp_PPPOL2TP_SO_DEBUG(r0, 0x111, 0x1, 0x9, 0x4)
fcntl$setpipe(r1, 0x407, 0x9476fe0)

[  363.835898] QAT: Invalid ioctl
[  363.845033] QAT: Invalid ioctl
[  363.868732] QAT: Invalid ioctl
2018/05/15 13:08:27 executing program 0:
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))
getresgid(&(0x7f0000000000), &(0x7f0000000040)=<r0=>0x0, &(0x7f0000000080))
setfsgid(r0)

2018/05/15 13:08:27 executing program 4:
bpf$MAP_CREATE(0x14be8, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:27 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)
dup2(r1, r0)

2018/05/15 13:08:27 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x74, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:27 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400000000000000150038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

[  364.060540] binder: 22223:22227 got reply transaction with no transaction stack
[  364.068466] binder: 22223:22227 transaction failed 29201/-71, size 0-0 line 2763
2018/05/15 13:08:28 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400000000000000010038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:28 executing program 7:
pipe(&(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write$binfmt_misc(r1, &(0x7f0000000140)=ANY=[@ANYBLOB="73797a30f604c07d3e48e6b704384607b1bbbb39d205241e189e10a777fc2d71f26015fcb54f6d227a61b73b25a706d94da49b6f3615da8fc9d15073eaed2ce5cd12a48dee7b2c9abb1751d7af507282d3bb568a03fe81ef046bac6e011f977b99a57ad015401feec1acc4feae06a16c415ab254e88b7fd396107a734600efd14d130f37cabc4189fe9c8842d532989612a261674ad8fb2582325583124b054cb5cf85e2dfe438"], 0x9b)
ioctl$KVM_KVMCLOCK_CTRL(r1, 0xaead)
fcntl$setpipe(r0, 0x407, 0x8e)

2018/05/15 13:08:28 executing program 4:
bpf$MAP_CREATE(0x703d030000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:28 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x7a000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:28 executing program 0:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$IP_VS_SO_GET_TIMEOUT(r0, 0x0, 0x486, &(0x7f0000000000), &(0x7f00000000c0)=0xc)
r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000100)='/dev/snapshot\x00', 0x200, 0x0)
setsockopt$SO_VM_SOCKETS_BUFFER_MAX_SIZE(r1, 0x28, 0x2, &(0x7f0000000180)=0x2, 0x8)
ioctl$ION_IOC_HEAP_QUERY(r1, 0xc0184908, &(0x7f0000000140)={0xb55})
clone(0x4000, &(0x7f0000000080)="89db30659bcd930253ee52a1dfc11aef5a54ea4224e2c1152baa427c96b8085e643e0e97", &(0x7f0000000580), &(0x7f0000000040), &(0x7f0000000600))

2018/05/15 13:08:28 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x4}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:08:28 executing program 5:
r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x503000, 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000040)={{0x0, 0x1, 0x0, 0x1, 0x95a}})
readv(r0, &(0x7f0000000440)=[{&(0x7f00000000c0)=""/31, 0xd0}, {&(0x7f0000000100)=""/112, 0x70}, {&(0x7f00000001c0)=""/66, 0x42}, {&(0x7f00000002c0)=""/102, 0x66}, {&(0x7f0000000340)=""/207, 0xcf}], 0x5)
pipe(&(0x7f0000000600)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f00000001c0), 0xfaa8a4c0)
ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f00000004c0)={0x2, 0x0, 0xffff})
getsockopt$inet_sctp_SCTP_AUTOCLOSE(r0, 0x84, 0x4, &(0x7f0000000240), &(0x7f0000000500)=0xffffffffffffff34)
ioctl$LOOP_SET_FD(r2, 0x4c00, r2)
fcntl$setpipe(r1, 0x407, 0x9476fe0)
vmsplice(r2, &(0x7f0000000280)=[{&(0x7f0000000180)='r', 0x1}], 0x1, 0x0)

2018/05/15 13:08:28 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r1=>0x0})
r2 = creat(&(0x7f0000000000)='./file0\x00', 0x8)
r3 = syz_genetlink_get_family_id$team(&(0x7f0000000140)='team\x00')
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, &(0x7f00000002c0)={@multicast1, @multicast1, <r4=>0x0}, &(0x7f0000000300)=0xc)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000380)={'\x00', <r5=>0x0})
getsockname$packet(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, <r6=>0x0, 0x0, 0x0, 0x0, @local}, &(0x7f0000000400)=0x14)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000001640)={{{@in6=@mcast2, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r7=>0x0}}, {{@in6=@ipv4={[], [], @broadcast}}, 0x0, @in=@loopback}}, &(0x7f0000001740)=0xe8)
getpeername$packet(0xffffffffffffffff, &(0x7f0000001780)={0x0, 0x0, <r8=>0x0, 0x0, 0x0, 0x0, @dev}, &(0x7f00000017c0)=0x14)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000003100)={{{@in, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0}}, {{@in=@loopback}, 0x0, @in6=@dev}}, &(0x7f0000003200)=0xe8)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000003240)={{{@in6=@remote, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r10=>0x0}}, {{@in=@local}, 0x0, @in=@remote}}, &(0x7f0000003340)=0xe8)
accept(0xffffffffffffff9c, &(0x7f0000003380)=@ll={0x0, 0x0, <r11=>0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f0000003400)=0x80)
getpeername$packet(0xffffffffffffffff, &(0x7f0000003440)={0x0, 0x0, <r12=>0x0}, &(0x7f0000003480)=0x14)
recvmsg(0xffffffffffffffff, &(0x7f000000ec00)={&(0x7f000000e540)=@hci={0x0, <r13=>0x0}, 0x80, &(0x7f000000ea80)=[{&(0x7f000000e5c0)=""/143, 0x8f}, {&(0x7f000000e680)=""/158, 0x9e}, {&(0x7f000000e740)=""/244, 0xf4}, {&(0x7f000000e840)=""/239, 0xef}, {&(0x7f000000e940)=""/155, 0x9b}, {&(0x7f000000ea00)=""/81, 0x51}], 0x6, &(0x7f000000eb00)=""/232, 0xe8, 0x1}, 0x20)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffff9c, 0x0, 0x10, &(0x7f000000ec40)={{{@in=@remote, @in6=@ipv4={[], [], @rand_addr}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r14=>0x0}}, {{@in6=@loopback}, 0x0, @in6=@ipv4={[], [], @dev}}}, &(0x7f000000ed40)=0xe8)
getpeername$packet(0xffffffffffffff9c, &(0x7f000000ee40)={0x0, 0x0, <r15=>0x0, 0x0, 0x0, 0x0, @dev}, &(0x7f000000ee80)=0x14)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f000000f040)={{{@in, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r16=>0x0}}, {{@in=@loopback}, 0x0, @in=@loopback}}, &(0x7f000000f140)=0xe8)
accept$packet(0xffffffffffffffff, &(0x7f000000f180)={0x0, 0x0, <r17=>0x0, 0x0, 0x0, 0x0, @random}, &(0x7f000000f1c0)=0x14)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f000000f200)={{{@in=@remote, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r18=>0x0}}, {{@in=@rand_addr}, 0x0, @in=@multicast2}}, &(0x7f000000f300)=0xe8)
getpeername$packet(0xffffffffffffffff, &(0x7f000000f340)={0x0, 0x0, <r19=>0x0, 0x0, 0x0, 0x0, @dev}, &(0x7f000000f380)=0xfee9)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f000000f3c0)={{{@in=@remote, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r20=>0x0}}, {{@in6=@dev}, 0x0, @in=@rand_addr}}, &(0x7f000000f4c0)=0xe8)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffff9c, 0x0, 0x10, &(0x7f000000f500)={{{@in6=@remote, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r21=>0x0}}, {{@in=@multicast1}, 0x0, @in=@multicast1}}, &(0x7f000000f600)=0xe8)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f000000f780)={'team0\x00', <r22=>0x0})
accept4$packet(0xffffffffffffff9c, &(0x7f000000f9c0)={0x0, 0x0, <r23=>0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f000000fa00)=0x14, 0x800)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f000000fb00)={'team0\x00', <r24=>0x0})
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffff9c, 0x8933, &(0x7f000000fdc0)={'team0\x00', <r25=>0x0})
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f000000fe00)={{{@in6, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r26=>0x0}}, {{@in6=@mcast1}, 0x0, @in=@multicast2}}, &(0x7f000000ff00)=0xe8)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffff9c, 0x8933, &(0x7f000000ff40)={'team0\x00', <r27=>0x0})
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f000000ff80)={{{@in=@multicast2, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r28=>0x0}}, {{@in6=@local}, 0x0, @in=@multicast1}}, &(0x7f0000010080)=0xe8)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000010100)={{{@in6=@dev, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r29=>0x0}}, {{@in=@dev}, 0x0, @in6}}, &(0x7f0000010200)=0xe8)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000010240)={<r30=>0x0, @empty, @multicast2}, &(0x7f0000010280)=0xc)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffff9c, 0x8933, &(0x7f00000102c0)={'vcan0\x00', <r31=>0x0})
sendmsg$TEAM_CMD_NOOP(r2, &(0x7f0000010d00)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000010cc0)={&(0x7f0000010300)=ANY=[@ANYBLOB="bc090000", @ANYRES16=r3, @ANYBLOB="02002bbd7000ffdbdf25000071ed7a000008", @ANYRES32=r4, @ANYBLOB="4400020040000100240001006c625f686173685f737461747300000000000000000000000000000000000000080003000b0000000800040000020000080007000000000008000100", @ANYRES32=r5, @ANYBLOB="800002003c00010024000100656e61626c65640000000000000000000000000000000000000000000000000008000300060000000400040008000600", @ANYRES32=r6, @ANYBLOB="400001002400010071756575655f69640000000000000000000000000000000000000000000000000800030003000000080004000600000008000600", @ANYRES32=r7, @ANYBLOB="08000100", @ANYRES32=r8, @ANYBLOB="7401020040000100240001007072696f72697479000000000000000000000000000000000000000000000000080003000e000000080004000100000008000600", @ANYRES32=r9, @ANYBLOB="38000100240001006c625f73746174735f726566726573685f696e74657276616c000000000000000800030003000000080004001f00000040000100240001006c625f74785f686173685f746f5f706f72745f6d617070696e67000000000000080003000300000008000400", @ANYRES32=r10, @ANYBLOB="08000700000000003c00010024000100656e61626c65640000000000000000000000000000000000000000000000000008000300060000000400040008000600", @ANYRES32=r11, @ANYBLOB="3c00010024000100656e61626c65640000000000000000000000000000000000000000000000000008000300060000000400040008000600", @ANYRES32=r12, @ANYBLOB="40000100240001006c625f706f72745f737461747300000000000000000000000000000000000000080003000b000000080004000400000008000600", @ANYRES32=r13, @ANYBLOB="08000100", @ANYRES32=r14, @ANYBLOB="fc0002003c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000008000300060000000400040008000600", @ANYRES32=r15, @ANYBLOB="3800010024000100616374697665706f727400000000000000000000000000000000000000000000080003000300000008000400", @ANYRES32=r16, @ANYBLOB="400001002400010071756575655f69640000000000000000000000000000000000000000000000000800030003000000080004000700000008000600", @ANYRES32=r17, @ANYBLOB="44000100240001006270665f686173685f66756e6300000000000000000000000000000000000000080003000b00000014000400000820051f000000010087000200000008000100", @ANYRES32=r18, @ANYBLOB="cc0002003c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000008000300060000000400040008000600", @ANYRES32=r19, @ANYBLOB="4c000100240001006270665f686173685f66756e6300000000000000000000000000000000000000080003000b0000001c000400ff01049b5d8b0000ff0fc10603000000ffff03080300000040000100240001006c625f74785f686173685f746f5f706f72745f6d617070696e67000000000000080003000300000008000400", @ANYRES32=r20, @ANYBLOB="080007000000000008000100", @ANYRES32=r21, @ANYBLOB="e001020040000100240001006c625f74785f686173685f746f5f706f72745f6d617070696e67000000000000080003000300000008000400", @ANYRES32=0x0, @ANYBLOB="080007000000000038000100240001006d636173745f72656a6f696e5f636f756e7400000000000000000000000000000800030003000000080004000300000040000100240001006c625f706f72745f737461747300000000000000000000000000000000000000080003000b00000008000400030b000008000600", @ANYRES32=r22, @ANYBLOB="38000100240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000800030003000000080004000800000040000100240001006c625f686173685f737461747300000000000000000000000000000000000000080003000b000000080004000500000008000700000000003c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000008000300060000000400040008000600", @ANYRES32=r23, @ANYBLOB="3800010024000100616374697665706f727400000000000000000000000000000000000000000000080003000300000008000400", @ANYRES32=r24, @ANYBLOB="38000100240001006e6f746966795f70656572735f636f756e740000000000000000000000000000080003000300000008000400fdffffff08000100", @ANYRES32=r25, @ANYBLOB="f80002003c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000008000300060000000400040008000600", @ANYRES32=r26, @ANYBLOB="40000100240001006c625f74785f686173685f746f5f706f72745f6d617070696e67000000000000080003000300000008000400", @ANYRES32=r27, @ANYBLOB="080007000000000038000100240001006d636173745f72656a6f696e5f696e74657276616c00000000000000000000000800030003000000080004000500000040000100240001006c625f74785f686173685f746f5f706f72745f6d617070696e67000000000000080003000300000008000400", @ANYRES32=r28, @ANYBLOB="080007000000000008000100", @ANYRES32=r29, @ANYBLOB="900202003c000100240001006d6f64650000000000000000000000000000000000000000000000000000000008000300050000000c00040072616e646f6d000038000100240001006e6f746966795f70656572735f696e74657276616c0000000000000000000000080003000300000008000400020000003800010024000100616374697665706f727400000000000000000000000000000000000000000000080003000300000008000400", @ANYRES32=r30, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f696e74657276616c00000000000000000000000800030003000000080004000100000038000100240001006d636173745f72656a6f696e5f636f756e7400000000000000000000000000000800030003000000080004000000000040000100240001006c625f686173685f737461747300000000000000000000000000000000000000080003000b000000080004001d00000008000700000000003c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000008000300060000000400040008000600", @ANYRES32=r31, @ANYBLOB="38000100240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000800030003000000080004004000000084000100240001006270665f686173685f66756e6300000000000000000000000000000000000000080003000b0000005400040000010605400000000000000607000000ff03030604000000feff0100438c00000200070803000000ff030101ffff00000000010706000000020002d004000000020004070400000001001ca28617000038000100240001006c625f73746174735f726566726573685f696e74657276616c00000000000000080003000300000008000400f7ffffff"], 0x9bc}, 0x1, 0x0, 0x0, 0x40}, 0x800)
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r1+30000000}}, &(0x7f0000040000))
tkill(r0, 0x1000000000016)

2018/05/15 13:08:28 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
ioctl$TIOCMGET(r1, 0x5415, &(0x7f0000000000))
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

[  364.961393] binder: 22253:22256 got reply transaction with no transaction stack
[  364.969055] binder: 22253:22256 transaction failed 29201/-71, size 0-0 line 2763
2018/05/15 13:08:28 executing program 4:
bpf$MAP_CREATE(0xe84b0100, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:29 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400030000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:29 executing program 7:
r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000140)='/dev/qat_adf_ctl\x00', 0x8500, 0x0)
ioctl$DRM_IOCTL_GET_UNIQUE(r0, 0xc0106401, &(0x7f0000000100)={0x7a, &(0x7f0000000080)=""/122})
openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/qat_adf_ctl\x00', 0x10000, 0x0)
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
fcntl$setpipe(r1, 0x407, 0x7)
ioctl$SIOCGIFHWADDR(r0, 0x8927, &(0x7f0000000180))

2018/05/15 13:08:29 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x6c000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:29 executing program 0:
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))
r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x80000001, 0x1)
ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r0, 0xc058534f, &(0x7f0000000040)={{0x1, 0x1}, 0x1, 0x8001, 0x4, {0x9c18, 0x342}, 0x1000, 0x1000})

2018/05/15 13:08:29 executing program 4:
bpf$MAP_CREATE(0x7c01, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:29 executing program 1:
r0 = socket$inet6(0xa, 0x8000800, 0xffffdffffffffffd)
r1 = socket$kcm(0x29, 0x7, 0x0)
getsockopt$sock_int(r1, 0x1, 0x8, &(0x7f00000000c0), &(0x7f0000000200)=0x4)
shutdown(r0, 0x0)
r2 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
sendto$inet(r2, &(0x7f0000000140)="8f9c4ab5ffd9da7d4d2ca07951c1d0cc0cc61b8d159392732ee4a26a60cf0d3536d797a40cf19d6c43851e59a516ebf1d7557ec5347d72a651eea6ddc850b4b93aed6abe440112815080be0ab579e0da3a9a1e844d8430f06e1f211bddd541a3cc645e7a1e256c5ee60b891709f69c44a212e5df4945a10f6674979886e5f90287b7a2a259cb35a462a76d8d19cd906355c8dc1fcafa0f613d09659146716693d3373f48b7b9f4b7f94eea60400d06bdf1bd02a646cb2e6a2bcac9186ee6b2", 0xbf, 0x1, &(0x7f0000000080)={0x2, 0x4e22}, 0x10)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)={0x0, r2, 0xf, 0x3}, 0x14)
connect$inet6(r2, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r2, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:08:29 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = gettid()
ioctl$ION_IOC_HEAP_QUERY(0xffffffffffffff9c, 0xc0184908, &(0x7f0000000000)={0x1, 0x5, 0x1, <r1=>0xffffffffffffffff})
r2 = accept4(0xffffffffffffffff, &(0x7f0000000100)=@pppol2tpv3={0x0, 0x0, {0x0, <r3=>0xffffffffffffffff, {0x0, 0x0, @rand_addr}}}, &(0x7f0000000180)=0x80, 0x800)
dup3(r1, r3, 0x0)
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
connect$nfc_llcp(r2, &(0x7f00000001c0)={0x27, 0x0, 0x2, 0x4, 0x7, 0x100000001, "f2c37f5d28afbe5bba185fb0f16f444893ed32642d7537e334518be560248ecfb0e40c110a57cd65b48aea5c554133e55072a8118a9626e92acf35393a1288", 0x26}, 0x60)
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r4=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r4+30000000}}, &(0x7f0000040000))
tkill(r0, 0x1001000000000016)

2018/05/15 13:08:29 executing program 5:
pipe(&(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
fcntl$setpipe(r0, 0x407, 0x10001)
vmsplice(r1, &(0x7f0000000280)=[{&(0x7f0000000180)='r', 0x1}], 0x1, 0x0)

2018/05/15 13:08:29 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000412000000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:29 executing program 4:
bpf$MAP_CREATE(0x360, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

[  366.019379] QAT: Invalid ioctl
[  366.030085] binder: 22287:22289 got reply transaction with no transaction stack
[  366.037633] binder: 22287:22289 transaction failed 29201/-71, size 0-0 line 2763
[  366.057230] QAT: Invalid ioctl
[  366.061842] QAT: Invalid ioctl
2018/05/15 13:08:29 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
ioctl$sock_ipx_SIOCAIPXITFCRT(r1, 0x89e0, &(0x7f0000000000)=0x3)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:08:29 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x700, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:29 executing program 7:
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x407, 0x9)

2018/05/15 13:08:29 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400000003000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:29 executing program 4:
bpf$MAP_CREATE(0x300000000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:29 executing program 0:
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))
r0 = openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x2001, 0x80)
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f00000000c0)={0x4, 0x3, 0x3, 0x0, 0x1f})
write$binfmt_elf64(r0, &(0x7f0000000140)={{0x7f, 0x45, 0x4c, 0x46, 0x5, 0x4, 0x5, 0x100000000, 0x401, 0x2, 0x3, 0x4, 0x32f, 0x40, 0x302, 0x3, 0x1, 0x38, 0x1, 0x8, 0xffffffffffff9173, 0x4}, [{0x4, 0x8, 0x9, 0x3ff, 0x401, 0x800, 0x3, 0x20}, {0x3, 0x1, 0x589d, 0x2, 0x7fffffff, 0x73e3, 0x5, 0x1}], "ad3b3836f4a9789b148889151af6d16b75f76e3591fb4963033504c51030051914b87a1cc124eca2ef03caf99a3ab6dfee31f0ca148435daff0c34ec24b3d3ca5f185600059aca5311807790f6924338157d7a4e08b2e37b513fcb", [[], [], []]}, 0x40b)
ioctl$KVM_IRQFD(r0, 0x4020ae76, &(0x7f0000000040)={r0, 0xffffffff, 0x800, r0})
write$binfmt_elf64(r0, &(0x7f0000000600)={{0x7f, 0x45, 0x4c, 0x46, 0x10000, 0x2, 0x4, 0x4, 0x1, 0x2, 0x3, 0x1, 0x1df, 0x40, 0x57, 0x6, 0x6334, 0x38, 0x1, 0x1, 0x7fffffff, 0xffffffffffffff68}, [{0x6474e557, 0xffffffffffffff01, 0x1f, 0x27, 0x4650, 0xd6e, 0x7, 0x3}], "26ccac77741ad4e95c23d21d2bd2f796e3757a50865306826fb7f4bf165e8366e7918ab20c448594da33a3bb3602a23f441d6f8cff836c3d435a7cdac21e691b181964dd96fc8cd758dad1e9cfe7cf402d12a9151843a32adab83260ef7a2ce68b2c131f95bfa2e941da71f410db159faa9c7e723f4f2fc2f83c945b3f92ec578dae2f121bfcf5e5d441c7839c4fd05b7eaf33cf1fa6733e1f2ec1027ee6c8e8b34d15ed2ef89aa3dfa889de7fe53fbd0bd95701920d06410ab1b6650da079013a4ebed5ff0ca199d082cca5b2d204612021ba85e7f3f1cb7f45eb95316d04c64c03b1b39bc68405", [[], [], [], [], [], []]}, 0x760)

[  366.208676] binder: 22315:22317 got reply transaction with no transaction stack
[  366.216292] binder: 22315:22317 transaction failed 29201/-71, size 0-0 line 2763
2018/05/15 13:08:29 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_inet_tcp_SIOCATMARK(r0, 0x8905, &(0x7f0000000000))
r2 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/qat_adf_ctl\x00', 0x4580, 0x0)
ioctl$int_in(r2, 0x5452, &(0x7f0000000100)=0x7)
openat(r1, &(0x7f0000000040)='./file0\x00', 0x1, 0x2)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000180)={0x0, <r3=>0x0}, &(0x7f00000001c0)=0xc)
quotactl(0x5, &(0x7f0000000140)='./file0\x00', r3, &(0x7f0000000200)="26c27c369486")

2018/05/15 13:08:29 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:29 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400000001000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:29 executing program 4:
bpf$MAP_CREATE(0x5e750100, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

[  366.309045] binder: 22329:22330 got reply transaction with no transaction stack
[  366.316634] binder: 22329:22330 transaction failed 29201/-71, size 0-0 line 2763
2018/05/15 13:08:29 executing program 1:
r0 = socket$inet6(0xa, 0x8000000000000005, 0x5)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000080), &(0x7f00000000c0)=0x14)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$inet_mreq(r1, 0x0, 0x23, &(0x7f0000000000)={@remote={0xac, 0x14, 0x14, 0xbb}, @multicast2=0xe0000002}, 0x8)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:08:29 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c46000000000000000000000000040004001f0000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:30 executing program 3:
futex(&(0x7f000000cffc)=0x2, 0x800000000006, 0x2, &(0x7f0000000000)={0x77359400}, &(0x7f0000000100), 0xfffffffffffffffc)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12, 0x1}, &(0x7f0000044000))
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r1=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r1+30000000}}, &(0x7f0000040000))
tkill(r0, 0x1000000000016)

2018/05/15 13:08:30 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x7a00000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:30 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x407, 0x1009476fe0)
setsockopt$inet6_tcp_TCP_FASTOPEN_KEY(r0, 0x6, 0x21, &(0x7f0000000100)="3494aed6e330913422e4e21d4a25d646", 0x10)
getsockname(r1, &(0x7f0000000000)=@un=@abs, &(0x7f00000000c0)=0x80)
accept$unix(r0, &(0x7f0000000180), &(0x7f0000000200)=0x6e)
ioctl$TIOCGETD(r0, 0x5424, &(0x7f0000000140))
socket$l2tp(0x18, 0x1, 0x1)

2018/05/15 13:08:30 executing program 0:
clone(0x4000, &(0x7f0000000480), &(0x7f0000000580), &(0x7f00000005c0), &(0x7f0000000600))
r0 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0x2, 0x12000)
ioctl$EVIOCGREP(r0, 0x80084503, &(0x7f0000000040)=""/151)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000100)={0xffffffffe5941d16, 0x2, 0x8c3e, 0x3ff, 0x1, 0x4, 0x4, 0x4, 0x10001, 0x2})

2018/05/15 13:08:30 executing program 4:
bpf$MAP_CREATE(0x6a01, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:30 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400160000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:30 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
pipe(&(0x7f0000000000))
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:08:30 executing program 5:
pipe(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
vmsplice(r1, &(0x7f0000000280)=[{&(0x7f0000000180)='r', 0x1}], 0x1, 0x0)

2018/05/15 13:08:30 executing program 4:
bpf$MAP_CREATE(0xae02, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

[  367.007099] binder: 22369:22381 got reply transaction with no transaction stack
[  367.014688] binder: 22369:22381 transaction failed 29201/-71, size 0-0 line 2763
2018/05/15 13:08:30 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400150000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:30 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x6000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:30 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000040)=@assoc_value={<r2=>0x0}, &(0x7f00000000c0)=0x8)
setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r1, 0x84, 0x10, &(0x7f0000000100)=@sack_info={r2, 0x8, 0x2}, 0xc)
fcntl$setpipe(r0, 0x407, 0x7fff)
syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x5, 0x2082)

2018/05/15 13:08:30 executing program 4:
bpf$MAP_CREATE(0x7c01000000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:30 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
ioctl$KVM_SET_XSAVE(r1, 0x5000aea5, &(0x7f0000000140)={"4427ba52f1d32e378eb47ade7e655d57649a9120f3ff4737199f7803a26b7309753e3658c35eec6f413af52d9270ca350d0b460783778c503fc1531aa8b31aa3bf70fd6938042f762a26afc430ad7349585fcdc202bd0570cc6b747c2f75f18320c5bde7f27c7f338ec8badf85cd50058c44654f6a579a8e75e664629be5110abb78d27467c3a0dda106f8d0f60ed4ed160fc167c0ed400e739f3469006444e70e381b6b4d51e07809335f75d07fa8743dd9a553decf2064a5430c27b3d303d37ae75d7190a54ab462b9b1a7f5dafeaa9753d296fff87fcea2d3a3ef18a962e9d474d82d7b9aa6ff34663b46f9e55cd69afeda06c7ed28d678478728df95ba9f7936920d6da1193970120df16dbd8d2fe3d7ba2e81d67698975ec2b01556fc02635638fd64781ea0dd2f8b69daf7e9393ef2b1dda9b204ca3891efaf677fdb887a0e1ec85804369606b9a22d5543d19ff143a0edd857264b5300685291940ced677ecc2ba80e471c79c208b81e425ad1cc6666cd4d661417b974c2bc663c6ff35f57790ab112c427a84276c8b763c230d5b68733b270293123136d8ca42e4e1ca5cf0378600ed8a04f81a6f25abe66ea2dda668696171bf9e7efe500b57282780ca0272e7ae1bd392f4ef980b88ab505671abaeb30d58f8cf49e3c31e0d24b708b7f38be9147fec97648eb00df882ef53a8cbdb249e98d790eed248a1bd6bf3c3db1836781e6257857177ddc8f924ce7af1d979101dc3c4feebeab5e8a687e5be36ba186437337c968d71be26bb1fcf28a37f2e9e81954d876040f5e59e7f918ee6d2a977e29fdc0e7a1e1e81f50f9383f0a2e9341182288d42c1a989ef71015c7ac9691c1068eb500cedfe7b7efeb7188f99fbf2bf04660bcf2c5aa24924bcf1003be292b3ad55652afa1542c31717dffa65ffc823d6304e8fc5c1e7bd20781a0d320c038e2e75458d2d89d391777a77b72920536657ea40cc4fdd5684c4187afebc15803154ba9c2a1ce6bcd06780ebc72ef92861570321f94b19466c994717d3a8f22afd0b23192ec6f3340b4c0627f4ce6f8abd1567169abb1ec6423703d2d56f70b04296196ac6e62f40ac44bfc16e2046237a24acabc633e30b09366c7cf0c8f27364c919e09a066a138891315afb501a07ec242d99d0cc6338cce9bd16663646d848e18883eb14a0944b6be9417c873f284a60076076fc9c17ddaef736fd2179b355b52929ae21e87552b27f3ed81da1867379f2613c27ef43db4f14fc7c0f603384990238f485ba0a20dcc8ac2c1e168dc2f050ee8415e08d408b9eb8b1d6eb700b8d469bd8b29b1624c72f9c541c0f8175f2d3b54c02469314505df25489e3a137d82f866147d1c18c21d0eed16b80fbf172d051e845d35a73df9d765357ca1a44b3c1974955c69f829fa6a27056e4293d802d544007813618fd065"})
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:08:30 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0xfdfdffff00000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

[  367.120661] binder: 22392:22394 got reply transaction with no transaction stack
[  367.128258] binder: 22392:22394 transaction failed 29201/-71, size 0-0 line 2763
2018/05/15 13:08:30 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400000000020000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

[  367.222488] binder: 22405:22407 got reply transaction with no transaction stack
[  367.230092] binder: 22405:22407 transaction failed 29201/-71, size 0-0 line 2763
2018/05/15 13:08:31 executing program 3:
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r1=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r1+30000000}}, &(0x7f0000040000))
tkill(r0, 0x1000000000016)

2018/05/15 13:08:31 executing program 4:
bpf$MAP_CREATE(0x3201000000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:31 executing program 0:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000580)='reno\x00', 0x5)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10)
sendto$inet(r0, &(0x7f0000a88f88), 0x29f, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback=0x7f000001}, 0x10)

2018/05/15 13:08:31 executing program 7:
r0 = syz_open_dev$adsp(&(0x7f0000000000)='/dev/adsp#\x00', 0x800, 0x1)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x2400, 0x5a6)
read$eventfd(r0, &(0x7f0000000040), 0x8)
pipe(&(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
fcntl$setpipe(r1, 0x407, 0x9476fe0)
ioctl$TUNSETFILTEREBPF(r2, 0x800454e1, &(0x7f00000000c0)=r1)

2018/05/15 13:08:31 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400000000030000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:31 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x700000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:31 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
ioctl$ION_IOC_ALLOC(r1, 0xc0184900, &(0x7f0000000000)={0x9, 0x2, 0x1, r1})
ioctl$sock_inet_SIOCGIFBRDADDR(r0, 0x8919, &(0x7f0000000140)={"76e70000000054b593a9c56e6400", {0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x20}}})
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:08:31 executing program 5:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$RNDGETENTCNT(r1, 0x80045200, &(0x7f0000000000))
write(r1, &(0x7f0000000540)="de436499617007c093d0f361f83ea2c83e83d54f8235edfe2ad519ce01ba481958cff79be88b7bbc15d57816f05c474c338168b10e41fba5f0d904050f7ceb3a87b61b80aa3752e10c2b28fc8a36091755452e166ca46dff075dca65c1e3fc5d96eefa9fd8e77e913661db53bde6019185deca6491d1d169870658720e1a84c2e9abdb2a6d61b1f051a4adac118b8a5db523e3638839a5d46029b7cd4416f55e2f35fb8a6952be2a555e0de96ea063df1f2bb510f532837f91fdaea1317d4371307bc712ba8b7bd65e9f23a4d03cdc99de0887a48a50dea8edbc302a2c609274b52a0d0c5d445b3f7b26f7004d96fd17f4b7c32996c8643838f55d3547ceae960d91c1d9e10440b2c45bf411c94ca8b77ed21347a56a962c7ddd", 0x23d)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
epoll_ctl$EPOLL_CTL_DEL(r0, 0x2, r0)
vmsplice(r1, &(0x7f0000000280)=[{&(0x7f0000000180)='r', 0x1}], 0x1, 0x0)
getrusage(0xffffffffffffffff, &(0x7f00000000c0))

[  368.009450] binder: 22420:22421 got reply transaction with no transaction stack
[  368.017100] binder: 22420:22421 transaction failed 29201/-71, size 0-0 line 2763
2018/05/15 13:08:31 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x407, 0x9476fe0)
ioctl$DRM_IOCTL_GET_MAP(r0, 0xc0286404, &(0x7f0000000000)={&(0x7f0000ff9000/0x4000)=nil, 0x1, 0x5, 0x8, &(0x7f0000ff9000/0x4000)=nil, 0x3f})

2018/05/15 13:08:31 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400000000120000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:31 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0xfdfdffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:31 executing program 0:

2018/05/15 13:08:31 executing program 4:
bpf$MAP_CREATE(0xce020000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

[  368.246727] binder: 22454:22456 got reply transaction with no transaction stack
[  368.254315] binder: 22454:22456 transaction failed 29201/-71, size 0-0 line 2763
2018/05/15 13:08:31 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x0, 0x0)
ioctl$KVM_SET_TSC_KHZ(r1, 0xaea2, 0x6)
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r2=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r2+30000000}}, &(0x7f0000040000))
tkill(r0, 0x1000000000016)

2018/05/15 13:08:31 executing program 5:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
fcntl$setpipe(r0, 0x407, 0x6)
r2 = getpid()
ptrace$peekuser(0x3, r2, 0x0)
vmsplice(r1, &(0x7f0000000280)=[{&(0x7f0000000180)='r', 0x1}], 0x1, 0x0)

2018/05/15 13:08:31 executing program 7:
r0 = syz_open_dev$adsp(&(0x7f0000000080)='/dev/adsp#\x00', 0x6, 0x100)
socketpair$inet(0x2, 0x5, 0x76, &(0x7f00000000c0))
ioctl$BLKRAGET(r0, 0x1263, &(0x7f0000000180))
setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, &(0x7f0000000040)={0x3, &(0x7f0000000000)=[{0x4, 0xf2, 0x9, 0x4}, {0x8, 0xffff, 0x8, 0x467}, {0x8, 0x4, 0x8, 0x9}]}, 0x10)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x9476fe0)

2018/05/15 13:08:31 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
ioctl$KVM_SET_SIGNAL_MASK(r1, 0x4004ae8b, &(0x7f0000000580)=ANY=[@ANYBLOB="af000000ca297e59ce40f9f5bab1b0d02340a895d823c7a9726239a55bd2a8dc591db78dd9c407ca2a59dd3fea2cbfa1af63922d12ac40e34a956e80b4bfd932fede074f2515d1b4d83bffab9b3d47c6a7247a2c5aa71d9db22bd9364cd8c488fbac86287e69f0e50558ec52be01000000000000000000fd3b1edf9af8ca8ccf9895b426fa0fca4a4bc14fd4160871aba790aef76c72ac7812fa33e778eb7be11f653eeef50000000000000000000000000000e8793204ea37bf612f86e0ce789e14c36231b8410c0ee0ea272e6d351560b873a8eb6b46313d836bdedd069150f85c788ba7584941b0cb0d56e70b22b6db8ab36079f3d06650bb80743aba9ecc28f18828e5914b6d7e4ecfc73f13bb7d6d8746cd62af7bee55eff4141c1250a356c213c8ae9220044616eb7c33b7b2710db03e831724aef870dcfe40dd0652b5811bcc86cff830b95b9477ff9c782f7e8e93e60dfdc876fb40d440d173e7694789a47918b6002e472e73e3d1cd9b906c334275bcb9fd1b77b43e8092843b6cebbfdaa1cb991afbb0c2e9a2d7e4e10501de1f3dd8ca0f8508e35239f9012e4703f1bed266829d46f0ca405b739e8d92a0c470618488731aa3df2b5f3f904dfab3fe5cfe2ba37f1f33f4174277d8b460b78726e9dd7da8d1e07119e8d2b72e27cf59b6630722cb5c504e7adac6dfc39e00d9bca6c957000000000000000000000000000000"])
setsockopt$ALG_SET_AEAD_AUTHSIZE(r1, 0x117, 0x5, 0x0, 0x6)
ppoll(&(0x7f0000000140)=[{r0, 0x9021}, {r1, 0x480}, {r1}, {r0, 0x200}, {r1, 0x40}], 0x5, &(0x7f0000000180)={0x0, 0x1c9c380}, &(0x7f00000001c0)={0x4}, 0x8)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
setsockopt$IP_VS_SO_SET_TIMEOUT(r1, 0x0, 0x48a, &(0x7f0000000000)={0x9, 0x950e}, 0xc)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
getsockopt$inet_sctp_SCTP_INITMSG(r1, 0x84, 0x2, &(0x7f0000000080), &(0x7f00000000c0)=0x8)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:08:31 executing program 0:

2018/05/15 13:08:31 executing program 4:
bpf$MAP_CREATE(0x9a7c, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:31 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400020000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:31 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:31 executing program 0:

2018/05/15 13:08:31 executing program 4:
bpf$MAP_CREATE(0xcc01, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:31 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400000000000000001438000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

[  368.391363] binder: 22477:22478 got reply transaction with no transaction stack
[  368.398976] binder: 22477:22478 transaction failed 29201/-71, size 0-0 line 2763
2018/05/15 13:08:31 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x6800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:31 executing program 0:

2018/05/15 13:08:31 executing program 4:
bpf$MAP_CREATE(0x6c02, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:31 executing program 7:
pipe(&(0x7f0000000100)={<r0=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x407, 0x9476fe0)

[  368.520435] binder: 22494:22495 got reply transaction with no transaction stack
[  368.528057] binder: 22494:22495 transaction failed 29201/-71, size 0-0 line 2763
2018/05/15 13:08:32 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e22, 0x6, @loopback={0x0, 0x1}}, 0x1)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)
socket$inet6_icmp(0xa, 0x2, 0x3a)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x101000, 0x0)

2018/05/15 13:08:32 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400001600000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:32 executing program 0:

2018/05/15 13:08:32 executing program 4:
bpf$MAP_CREATE(0x4e03000000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:32 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x60, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:32 executing program 7:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x6001, 0x0)
ioctl$KVM_SET_GSI_ROUTING(r0, 0x4008ae6a, &(0x7f00000000c0)={0x5, 0x0, [{0x7fffffff, 0x2, 0x0, 0x0, @adapter={0x40, 0x2, 0x7ff, 0x6, 0x7ff}}, {0x4, 0x3, 0x0, 0x0, @adapter={0x81, 0x8, 0xfffffffffffffffa, 0xe458}}, {0x4, 0x5, 0x0, 0x0, @sint={0x4, 0xffffffffffffff79}}, {0xffffffffffffff4a, 0x3, 0x0, 0x0, @sint={0x4751, 0x400}}, {0x2, 0x3, 0x0, 0x0, @adapter={0x3, 0x9655, 0x81, 0x2}}]})
pipe(&(0x7f0000000080)={<r1=>0xffffffffffffffff})
fcntl$setpipe(r1, 0x407, 0x9476fe0)

2018/05/15 13:08:32 executing program 5:
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0xffffffffffffff9c, 0x7, 0x1, 0x6, &(0x7f0000000340)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x5}, 0x20)
epoll_wait(r0, &(0x7f00000003c0)=[{}, {}, {}, {}], 0x4, 0x1)
pipe(&(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
setsockopt$inet6_MRT6_DEL_MFC(r1, 0x29, 0xcd, &(0x7f00000002c0)={{0xa, 0x4e20, 0x7f, @empty, 0x2}, {0xa, 0x4e24, 0x81, @mcast1={0xff, 0x1, [], 0x1}, 0x40}, 0x1, [0x3, 0x7f, 0x2, 0xd2cc, 0x4, 0x0, 0x4, 0x80000001]}, 0x5c)
ioctl(r1, 0x20, &(0x7f00000001c0)="905ac6aa9a37e29fd122889ed250dfee3d513d35f3d7b2c7db480c7e0ec9f497785bd26f7d1ec5ac1bd3cdd8899cb3830f5edf409dd440ef2f4b7cbda282d23dbc86aabbd321ee88947e8420668622833b08557f108d7027d85a62d9d84d575b15008ad5c486bca5d616401781a92a1318c01ff8ece5e05745675128d570ab0524a32d2231e19302da22")
write(r2, &(0x7f00000001c0), 0xfaa8a4c0)
fcntl$setpipe(r1, 0x407, 0x9476fe0)
vmsplice(r2, &(0x7f0000000280)=[{&(0x7f0000000180)='r', 0x1}], 0x1, 0x0)
ioctl$DRM_IOCTL_AGP_ALLOC(r1, 0xc0206434, &(0x7f0000000000)={0x4, <r3=>0x0, 0x10000, 0x1})
ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f0000000040)={0x8, r3, 0x10002})
setsockopt$inet_sctp_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f00000000c0)=0x8, 0x4)
setsockopt$bt_rfcomm_RFCOMM_LM(r1, 0x12, 0x3, &(0x7f0000000140)=0x14, 0x4)
ioctl$TIOCGWINSZ(r1, 0x5413, &(0x7f0000000100))

2018/05/15 13:08:32 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12, 0x3}, &(0x7f0000044000)=<r1=>0x0)
clock_gettime(0x0, &(0x7f0000000000)={0x0, <r2=>0x0})
r3 = openat$sequencer(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer\x00', 0x40401, 0x0)
timer_gettime(r1, &(0x7f00000001c0))
getsockopt$inet6_mreq(r3, 0x29, 0x0, &(0x7f0000000280)={@dev, <r4=>0x0}, &(0x7f00000002c0)=0x14)
ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f0000000300)={@loopback={0x0, 0x1}, 0x71, r4})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(r3, 0x40405515, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x3, "b720b2de36d1b8aee478e4580e824661ac1a38731c2ddf93fa4d4c8680f21641bb012537985ec4a3241a8cb8", 0x7})
getsockopt$inet_sctp6_SCTP_MAXSEG(0xffffffffffffffff, 0x84, 0xd, &(0x7f0000000380)=@assoc_id=<r5=>0x0, &(0x7f0000000140)=0x4)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r3, 0x84, 0x7c, &(0x7f0000000180)={r5, 0x0, 0x7}, 0x8)
syz_open_dev$binder(&(0x7f0000000240)='/dev/binder#\x00', 0x0, 0x2)
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r2+30000000}}, &(0x7f0000040000))
tkill(r0, 0x1000000000016)

2018/05/15 13:08:32 executing program 0:

2018/05/15 13:08:32 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400030000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

[  369.342562] binder: 22521:22523 got reply transaction with no transaction stack
[  369.350173] binder: 22521:22523 transaction failed 29201/-71, size 0-0 line 2763
2018/05/15 13:08:32 executing program 7:
pipe(&(0x7f0000000180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x407, 0x9476fe0)
getsockopt$IP6T_SO_GET_INFO(r1, 0x29, 0x40, &(0x7f0000000000)={'filter\x00'}, &(0x7f00000000c0)=0x54)

2018/05/15 13:08:34 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x2000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:34 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
ioctl$DRM_IOCTL_AGP_ALLOC(r1, 0xc0206434, &(0x7f0000000080)={0x1, <r2=>0x0, 0x10002, 0x6})
ioctl$DRM_IOCTL_AGP_UNBIND(r1, 0x40106437, &(0x7f00000000c0)={r2, 0xffffffffffffff7b})
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
setsockopt$inet_sctp6_SCTP_RECVRCVINFO(r0, 0x84, 0x20, &(0x7f0000000000)=0x508f88fd, 0x4)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:08:34 executing program 0:

2018/05/15 13:08:34 executing program 4:
bpf$MAP_CREATE(0x2453, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:34 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400001100000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:34 executing program 7:
r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x40, 0x0)
ioctl$EVIOCGUNIQ(r0, 0x80404508, &(0x7f00000000c0)=""/4096)
pipe(&(0x7f0000000080)={<r1=>0xffffffffffffffff})
fcntl$setpipe(r1, 0x407, 0x9476fe0)

2018/05/15 13:08:34 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r1=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r1+30000000}}, &(0x7f0000040000))
socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
kcmp(r0, r0, 0x6, r2, r3)
tkill(r0, 0x1000000000016)

2018/05/15 13:08:34 executing program 5:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
vmsplice(r1, &(0x7f0000000280)=[{&(0x7f0000000180)='r', 0x1}], 0x1, 0x0)
openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x400, 0x0)

2018/05/15 13:08:34 executing program 0:

2018/05/15 13:08:34 executing program 4:
bpf$MAP_CREATE(0xc0f1010000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

[  370.698050] binder: 22561:22563 got reply transaction with no transaction stack
[  370.705614] binder: 22561:22563 transaction failed 29201/-71, size 0-0 line 2763
2018/05/15 13:08:34 executing program 7:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$DRM_IOCTL_AGP_ALLOC(r1, 0xc0206434, &(0x7f00000000c0)={0x0, <r2=>0x0, 0x10000, 0x7})
ioctl$DRM_IOCTL_AGP_ALLOC(r1, 0xc0206434, &(0x7f0000000100)={0xe048, r2, 0x2})
fcntl$setpipe(r0, 0x407, 0x9476fe0)
ioctl$DRM_IOCTL_AGP_ALLOC(r0, 0xc0206434, &(0x7f0000000000)={0x0, <r3=>0x0, 0x1, 0xffff})
ioctl$DRM_IOCTL_AGP_UNBIND(r0, 0x40106437, &(0x7f0000000080)={r3, 0x1})

2018/05/15 13:08:34 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c46000000000000000000000000040004000000001f0000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:34 executing program 0:
mkdir(&(0x7f0000000080)='./file1\x00', 0x0)
utimes(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000100)={{0x0, 0x7530}, {0x0, 0x7530}})

2018/05/15 13:08:34 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x6000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:34 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400000500000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:34 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
ioctl$sock_SIOCDELDLCI(r1, 0x8981, &(0x7f0000000000)={'vcan0\x00', 0x1})
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

[  370.872221] binder: 22582:22583 got reply transaction with no transaction stack
[  370.879805] binder: 22582:22583 transaction failed 29201/-71, size 0-0 line 2763
2018/05/15 13:08:35 executing program 4:
bpf$MAP_CREATE(0xf47b020000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:35 executing program 7:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x7)
r0 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x5, 0x88040)
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00')
sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="b0630000", @ANYRES16=r1, @ANYBLOB="00032dbd7000fcdbdf25030000001c0001000c00070004000000000000000c00070008000000000000006400020014000100ff020000000000000000000000000001080002004e230000080009007fec0000080009000700000008000900df000000080005000000000014000100ac1414bb000000000000000000000000080002004e21000008000800afa300001c000300080007004e24000008000400000000000800040001000000"], 0xb0}, 0x1, 0x0, 0x0, 0x8000}, 0x4)

2018/05/15 13:08:35 executing program 0:
r0 = socket$inet6(0xa, 0x202000000802, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000000)={@loopback={0x0, 0x1}}, 0x20)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f00000000c0)={@mcast1={0xff, 0x1, [], 0x1}, 0x0, 0x0, 0x0, 0x7, 0x7}, 0x20)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000100)={{{@in6=@mcast1, @in=@local}}, {{@in=@broadcast}, 0x0, @in=@dev}}, &(0x7f0000000200)=0xe8)

2018/05/15 13:08:35 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400050000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:35 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x4800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:35 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:08:35 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = gettid()
r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000180)='/dev/sequencer\x00', 0x800, 0x0)
ioctl$SG_SET_FORCE_PACK_ID(r1, 0x227b, &(0x7f00000000c0)=0x1)
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
clock_gettime(0x0, &(0x7f0000000000)={0x0, <r2=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r2+30000000}}, &(0x7f0000040000))
setsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r1, 0x84, 0x1e, &(0x7f0000000380)=0x4, 0x4)
tkill(r0, 0x1000000000016)
r3 = socket$bt_hidp(0x1f, 0x3, 0x6)
pwritev(r3, &(0x7f0000000000), 0x0, 0xfffffffffffffffc)
ioctl$TCSETSF(r1, 0x5404, &(0x7f0000000100)={0x1, 0x101, 0x3, 0xffffffffffffff7f, 0x1, 0x313, 0x0, 0x7, 0x80000001, 0x5, 0x7, 0x2})

2018/05/15 13:08:35 executing program 5:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
fcntl$setpipe(r1, 0x407, 0x9476fe4)
vmsplice(r1, &(0x7f0000000280)=[{&(0x7f0000000180)='r', 0x1}], 0x1, 0x0)
fstat(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0})
ioctl$LOOP_SET_STATUS(r1, 0x4c02, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x5dc2, 0xb, 0xc, 0x10, "239bdd4fd0c516920404adeacfca2a97e222ca17e5523c3817ce40282a0c78e22182ae458f7e5caf5d1d3f5a9c3134eefc12e5d3b59e7d64171cc1d7dfcfd6b4", "81d37e38fdc1861a94a8c90ba0027ffd6e3da6053d4c1ddc263b36d5b759d71f", [0x100000000]})
r3 = getegid()
getresgid(&(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140)=<r4=>0x0)
setresgid(r2, r3, r4)

2018/05/15 13:08:35 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x407, 0x9476fe0)
ioctl$TIOCSBRK(r1, 0x5427)

2018/05/15 13:08:35 executing program 4:
bpf$MAP_CREATE(0x3c030000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:35 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400000000050000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

[  372.112328] binder: 22612:22615 got reply transaction with no transaction stack
[  372.119908] binder: 22612:22615 transaction failed 29201/-71, size 0-0 line 2763
[  372.129201] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[  372.144882] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
2018/05/15 13:08:35 executing program 0:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10)
sendto$inet(r0, &(0x7f0000000480), 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23}, 0x10)
sendmmsg(r0, &(0x7f0000004200)=[{{&(0x7f0000000080)=@ax25={0x3, {"e004508d9f3562"}}, 0x80, &(0x7f0000000740), 0x0, &(0x7f0000000800)}}, {{&(0x7f0000002680)=@un=@abs={0x1, 0x0, 0x4e22}, 0x80, &(0x7f0000002a40)=[{&(0x7f0000002700)="8e61d76f0f3a1c18a14621770f5f49f708c9e3ea63c923fe7328949494d2f3ccd54f044442797652f06d99b7b000aa22a2376c08610c0a998f5d363386d52503908bcbaa3aa7a9ed9d3ba295e334cd789c0b13d2cfab68122cde0165712c4d92c081ee5d451c61b8a5196163d491179f8394f2149b5d9b1f1337f324548584443742a5fda5487ec43018c3a58be7774d212f87b0857c55a82fd2ef77a559401f5704237742a01d3b0db33b4d0211bb5ba2805dd9cf8f78d40d62a276e1e2ee8af033eb44bd8417b9f689eb7d75fa364e", 0xd0}, {&(0x7f0000002a00)="4aa3ca4626ebd3584c5876d431b43dc821dcd5cbed10dfa3c96037fa4e10bcdd6bb5ae29b0df8f3b5a15347ccfb9226b72e8d2d2186d0792c38c1122fe22f39d", 0x40}], 0x2, &(0x7f00000052c0), 0x0, 0xc0}, 0x9}, {{&(0x7f0000002ac0)=@vsock={0x28, 0x0, 0x2711, @my=0x1}, 0x80, &(0x7f0000002bc0)=[{&(0x7f0000002b40)="cbb82446578c1647fa84e86a82258a5f27789df62b9292ef60", 0x19}], 0x1, &(0x7f0000000100)=[{0x78, 0x11e, 0x7, "20f8fbe2320ef1351dc728be717481f24ecc295e978e287035dadf610dff4fcb0a0d49a0cb388f493d64be3947e8d03f43595f8cd80e163a18e243178b1aa4d7158ed3b8bac71d630a421e4ef46cfe0f71e95fe015132ab8fa007906400640c8b190"}], 0x78, 0x24000000}, 0xfff}, {{&(0x7f00000039c0)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x4e24, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x2, 0x0, 0x4, 0x1}}, 0x80, &(0x7f0000000000)=[{&(0x7f0000003b00)="e1f9664b3c76eab16173887baefca0abd84e7b644c63ab6bf88982764fcac541b3d1a26bfe4125c0b50c0978beec8823a5dce3507135225f29696de85a31e1a54877b9233915c00a695f213bedff2bfd4d11aacc866263cd790a231961", 0x5d}], 0x1, &(0x7f0000000200)=[{0xf8, 0x11f, 0x3417ebeb, "564dc7ef35a75dbe1628bbd955937bb4ed84e89cbececb2c2f103e872d045d996308b006269d6ad2a1831c465ac46d1aef2a814b0098867962d85748992ecb2b455e98c1aab5172ac9fed043e6e35ee9086e3ccee203a4312053b072dfe8322fe0bf82f41fe5c14b088adb6a19a57b482dbbced5692cb5e39e744217deac9c8d1cbb8b44fa06f26553018100523e0ffa69b08f374d18b1ea832947ce15a1fc8bc3915f1bca6d686466ca05958cef3059915f8d13ddfeb53dcd1962bbf4e2337bfbf3ee29206b6aa8bf7faa3554ad388015787822c07ecfd940015cb90c957f7c9dc06ce995"}], 0xf8, 0x4000080}, 0x4}, {{&(0x7f0000003f40)=@nl=@proc={0x10, 0x0, 0x25dfdbfc}, 0x80, &(0x7f0000004140)=[{&(0x7f00000064c0)="e23076a83360ce1dfdf9780ab169e9b51ec297fad705cab4c7f35672d4ea09b9900933e598b45b1097c423526dc1f6ae4773985a2896ccf7503b1f4f0e0b487792c49f3b41a228f11c95a9e1ea3c94090f0d36d48d72cc4cc200e3cea47123e9e3245cc3f11b8be66bee35f6ce2da076662289156bfcb590aa2394b6529c86ff7626a702b66598156c5c61c89e5fa5184ade027e400ceca3ff7ecf033fbce55746ebcd870e5a4fac3ef170ac2506edd82c5673081193b4aa6265604a80f51a096da01d632906ea1676224711897529e0f0b909d42c2ee6608732eccf91248f48d63b51f4531664f5c06ef5decf5e709023260aa872e641e54c6be5a4b14a01c550ca58f76d1e852d99053a67e649749798748f04bb105e845aca13dbc6a64b1c3119b68623f871355c877201a82898413aa682ac0759322ae9d8c5800b7a56752be5340543be88278b7750e8b0ce644c941c560b01e6437047bfa8ba7fd084bf93d92a1c721065f25972099c4dda8c5f7df478f79d8b1db9a68dd1d7bcca9c9555a8579a86104a9b9da57dbeb9982ddcd7c9a6f95586027cd81acf3e8a50853bb1f8a2a45f95dfef37ae0e62d994bab46643ecb36a970727b978e648b820b722dd5924b1efd511a82eda30cfcc22d2dea7bf505c5ed5a0a5f5217b4cf235a618b7ecae152849b4025833290e861d4035b7c588018ee8298b689c5014e849a2bd96ef68bb59771885f2e77afbd68888c22332ff3ffcc2499feacf2496eb4bf100e59dca55be66b4f1fbe74458be72ef6ab29a29d1e326528c28b9557e332952549b53e11cd43abc1ae647bafae0d43f5d3cc337881c08f32796edc80e6c170d477d0bc5896bd003406ac0ca59236985a2812ad302213dc52de5b0e5de8756941c69b1d911abf89bb57dcadf3f98b379e409ed03803152079ad6bcf58bca010fbfa07605e89b7e771f1181fcba7a1f599448e8cd2f162ce2a1f01a7cb2d3fd7e9dd8c307decef67d7316ef6eb47659971d45676e90ada566bbccc291826c532149044fc206c1f7ea0c0256e919ac984df1f6ba6bee2215edb380273768ca6c748720854d975cde95677cd948761ad621cf1309f8794e0d227aeb5332faf0f191f56341952845e6d9c0c231e1ae0c142be1b9ee71f684a4c73b24e8b6d57d4dbbc6a6038f7ce7471c12fb1d9825dda3ba767aa6fb530215200986cceb6c44e29a902795bba4a7a1358d2dd054af57e0afa6bc0c0f809aca545e0b7d9b90ff6f86b6bc37b0f7fa927222b457b18e071f98cec3eb5de06ade23858e434aebbaef28a4ca3df2463eba7a931226a5a65a2f4ea4dcf68207cedfeebfdeb93c7b8affdeed6e73043f407c1e3c13fab7ca8c605cfc9151baa469ecaf2300e7c62b7f13eeecc69d01f5a0f740036049814b1b992ff813ab48188dc473c326d194746932d3ffe9995eca84010424628f8a10fd8520dbca0d38b72e63064ee063220197d2f8ff2938bae74f60b650551b23ff1cc3cf39b5b39ef4fde58bcee13e7ed4e3b22de3ce68039a4038a71f6f4df63df2bd82738c2f041e6511d385ae4c31816e80605065e36155cb1a9b12f000c7c2f4cca5bdc226d4b767f1411f5c52673ffb49e194448662cde74ebc50454fd65903efda3850e509941d4d1f9adb0ad6e4b759743321a407321b26f90acc493d2bc0f94c656801c60f4e31e21080da3511bd6876ccafa180eed7d220587fa81360e40fa260184275267c05a904edf9d83f21217cc5ad6b62669d05a22deee0275fdef8f7f7d9ca1d3347a89116c056d54b4d2b59d06f1994e49604e38545238b0f93c3c71ce7b7c875f667a2f43fdf415d0e7b22f99ed1eb06aeacd61c3d4e17985a2ef03e6698c8688db61b8213e79e8f523d0dd48877ba60ece8f28d24ca572b6c31a3239e395725af2dec2847a6b5c1a96744a2f8d9c660fdfa79505ef7c34c57904f745a5e5db062ed95876523fbb8b385c208ff574f1a9d40b104503e017354262a9a82b57de672ae89e038fb2553a6beb6813bdf62f1dc3a601bb8742fb48772cfefd91df70a483b2f80d7b8b5820d5a8974fa23a56eb184bf0fe1d58a8df26d0e32d9be221ab92b302bd61a3813d06ac55f98c93a70b9ef275d5c9e87df5eb9ef40b10b4bcc45c18b307138cce24e079dc234cc105bedc23ba43d65fc2f7a9bcf36c7f22062c385c3c13f819e150f72b1368fecf609f115a3b6eff7aacebd6b78b44a597655f35dd0d704047a97ac481ab7db688d695fcdba7ccc9532b9298136217fd190472460ac195fb93ec15d40308dbdfc04db26b3524fb7d1b7b247ca430eaf3091f4c4034959b381f85a1e508f79ad1546ac10183eeaa38822187c83bf77bb9d4c4d00290e9242cf12e525810af903864fbd1f1acdf82d2f391710283142b040fec703afbf0f68eaf59e35e8c335d23b72c225e44e20809e7aa94fb2174b9acfda0c5ff3a31c62491585d6d30152b93b8c0968767b757bac733c02aaa31544a25e57bed98a036732833f39d3ed10e4b83d67f33ecb587aae638cdb9b6c05c3fbdc5f8dcfd2bc7f7377ba98f1687ed747e0f735e3dd426953e18325b1d2ca780512730e9b1990afc736cbef3a31251facc0135a958bbeb82c635890a440f481f89bd511f1e47ad2a2e07fe48352a63a14b5264c07e5f13cebc9d285255c18448572fb43c9a8912ef92fc52e6ac4e2e09b373fa09b2086a8cb1a53890f8ef611767dd3632b9b51d141187456895847ef76fe3836f2b7335d9afa7e16c9a5a8325aabfeeb0c42159fe3f1e27f54cb291b76a1fbc17d001d062b364d2e855d1d932febd5b0ba6bb4437c572e2f12ba17a3eae9784d11f7f35a64bc69ac016e83083621ffb7f256b471a0ff19fab82bdef5a7943a911ef4427897e70bb108c2c62edcc386a323bea2102f3171e6650f672869698de44ddfb49109006a27a624413cf9629923650fb45da266b1eeea106b93b275cc6236f8752f36a79585df7be2316b7906d4e6c5fcf6840eb2602d6674c1925488974c9522e0cfd15b1bb3b919985b7678ab0fc92572db01d844375beb043b8f6410e67f9788d8c7ed30a61e0e3b56f02a9d7072248b2262c69ba3c6695f9edfdca11da868e603fa41f68dabd8197fbd2298e20b16ed9c5c58be475662a53736d2b23d5bf9e6569638adc2637b5aac6b65fe0ad6b39fff86559dbefe0a32d9dcfceeeea50e3c6595d3b2ee8976b5ef37e9a15ba43ac36c49e2ebb6fa710a58f4401985eb84e3abb810422bfbdb1ff36e97ea502d5d2c6d351cf4743d9502a19fe96af1433f418bd98123feb1aa360275c980876941fda68ed63d29f9de7cc903cb0f9fdb8a60d0de685c9200550df20a33a5ed3a60a8b375e06873f0609b6fd36c45a03e3fab5910ea4dcc3229709df2e2586a081495578a694d833290617953ab5c89523378545f268a1701d4f017ae9eff2a772e5fbea4b72761cc3ebbfc694bbf282f2a51ee7bf36adc984762fa73f0ce86977b0ac783dfc54833e5eccea6092a7ed34802b66fe17d1b5f9be81833799b5acf8af2151cc4a271a4431691ec0b011e917f7eb9520f642bb50f80b0ad3f288a3f765055daeb5d0a3679ecb3276edc598f02d5bdea60ac905f2dcbb657df4c5b9b8b68d58d37640d551652c0ef3014ea6e348963ba64a25192d1c5ed764fa3d6a587bc99b90993de155494207bc3da787bc3a6ba0f3ad7acad01149dc8bbbd66534d2a60ead9218870f6fca12c9c52992fb2f78fbe26e92b3a1e3c5ff5768f03424e6fdccbf6505c335b92d92ad62f371e991e95c1b11071c46e8ac31376116b3dafd5de064e109a82958766e311d4f89fa76406532a96a344fdaa35023d32842525ae5fa0db20d05059d9b7830a3c63a8774adc229e937e62cc4163475119f4a34623038fb318d90664d6777c43601bf25862ba034d6bc180e09a07bb897c73431da2e17feeb32a9514ae5f8d4e5cd0f2267a4a97d07909e34ff8aad6c050e8707c9e3115a9a803f304640188091da85581e2fe0d3bfac889afc3bd26ed3beb9e0e330fb95822a05bc4aaa2e9643d49e4e2ed516d6cf81c55ca44cc091c1e7eb33e2ff09cfbf1d11eb75909dee241a9eb37f8e3702d041c6490ea6b3917ed7ff75c202dacb29b26c13cbfdc485f68d34384d9485eeff501076a5e08a2ab5d98791c40ad6cffdb094f40388e8e2315edf59e80b44762e011f09087929a88fe0e58475ad9e7bc9e8603e06c7da147dd70c4d07fbf4aeea853f9c0f6cb99db7445783ecfd4467022c50fc446940fa3db6c271b9a822a19ca19adf77c85167c6ed849511707722baf37003bdd03537ab2ab9e940b1dd4eaca4b72f70f214f5bd4f44bfdedfe2a5c19aceecf1e9fb3003e243072330d1292c4089edc1c977b2464ed324897fec2b0ac9e0ca040afc9270ccd6b1cc7861f1d83d7b0db7557e212ee7dc03438c73dca772e96417e6c3ae675ad8088fb1950498b50fee96db0e92b3ddc34530c861ad53a5a33b651d99b4d025cb480bfdb914e032df8872a352cec350e5a001d9352f1cd0a569b8ad9cb7c23d85b1fd650e843ab880b64de01494c8a693a20fe6b8d69ea5107ec32b42eec222ec150d71900d0e8d8a5403f61f4314b20bf34ad4ab69a4adbaf8c9a21a1c91393df97d4908657e1e6349a87590a200e191cfcfaa0d03ab44daf355e5f97ea740d7fad576b3209cef335aa70e04185ffd7d14df4acf9f5ba1ba54bae922c8cbf7d6c96d9109cbdda7c79303265f1cdf4e16a5375c2c12b6bcb6c745499dbdb3f564695039a4b2e712c7fa6a7fb39459b50ea0dfe4775d24819eb5e3b02a63fe2e0a43b7fcf98b6d35a7e8fec542c8bcee52a1fb911c3f94c7f5563ebf5ba06d3935d165219c1149ec40af67378c7d639a06ae88f7833b3ef5ff2a329139a69351af148518aff4a0e23d59b6894f6eafbd7168a0f734bd915c93f646dbde38af675a033036f9892864ee1f2576bcc1c6c198ae17d84cb9bf6a914651c87c15c048fa5987c0b39ab9b51460d943cccff628cb01f444090616031276c28167d200e04b79cb14202b04ca4dd36c7f8e895f9cc55da873e28d090d1d3a12812271ff5c4a8510c3e9aa149b4dc9c17486ea1d138bb3b6b2080bf82ea40bfc44208cc391bfd05d69fdc8b4519c3e9fa6a1549b389a75d9c75c5fb6572685daafb76ecf13ae5f52bd3313f1eba11fa808a5d7a332edd9239a92bb163c2299d2e9f546aaffe585d2dcca38801ea5b71fa661a1ef406dbf51514ca6db3aa644aa63ca0d3a3a4bd326eaf96b78b9f3b67fa0c2688e7f54f290f8e557779a4655307a37a6c987c5f12a460bcd72a14b3ac1556e821662bc9acb91e45d3ecb90432cbf3b9ce78209a4abc0ed3cfc8ef303e9a4873f76b5f8fc22ccffd07b5f2edd0e660b9f0d7beac876f2c843be96c95066d726307894824b6073eabed01549110ebf6e40bc3ba1d2df3870e10a8351112031c437340b4f8569bc2d8e57df84076bdb9128135b0cf8fccf17762a5b684c819cf6217e65618f7a5a7da90d9f44e2149915589573236ffc9ce7e93ee9a1cd83dec8075c4c387d9a224c9eb5bc305c08dad171cf7a0c4b7a2d667062ddcf35c021f6d494c1952ce20eef80f536e5fb00ad6425a753a9bde9061433c9a33500c46e0823b248db1bb79e381ded077fd7669a14b08698b30cef8a74529d1f83351a7332e4852c29b1923675a08567f779fa2d05dbcb4c4421bc67a32e397f6b078ab92c9f26ee20829c2efc2c32eba925a", 0x1000}], 0x1, &(0x7f0000004180)=[{0x80, 0x139, 0x50d, "3f3f55983d442ad3911e429e79b94054fa08e5965a7bc7c7160cfe3cea0973d900454d01474477d53f612ed84c2a32c2b056f122420be1ae1dd61b7e84982443a8214e863ba07436b6860122d2fd7e41c4d0498d54317739a0eb6fa976281a1c6106d2e94b43cadbcde6883290"}], 0x80, 0x20040001}, 0x9}], 0x5, 0x0)

2018/05/15 13:08:35 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x500, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:35 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='task\x00')
getdents(r2, &(0x7f0000000040)=""/182, 0x22)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

[  372.275725] binder: 22636:22637 got reply transaction with no transaction stack
[  372.283328] binder: 22636:22637 transaction failed 29201/-71, size 0-0 line 2763
2018/05/15 13:08:36 executing program 4:
bpf$MAP_CREATE(0xac, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:36 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, &(0x7f0000000940)={{{@in=@remote, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in6=@loopback}, 0x0, @in6=@remote}}, &(0x7f0000000a40)=0xe8)
sendmsg$nl_route_sched(r1, &(0x7f0000000b40)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000b00)={&(0x7f0000000a80)=@newtfilter={0x48, 0x2c, 0x720, 0x70bd28, 0x25dfdbfb, {0x0, r2, {0xf, 0x10}, {0xd, 0x6}, {0xffff, 0xfff2}}, [@TCA_RATE={0x8, 0x5, {0x8b9e, 0x2}}, @TCA_CHAIN={0x8, 0xb, 0x1}, @filter_kind_options=@f_bpf={{0x8, 0x1, 'bpf\x00'}, {0xc, 0x2, @TCA_BPF_OPS_LEN={0x8, 0x4, 0x7}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x40}, 0x10)
fcntl$setpipe(r1, 0x407, 0x6)
fcntl$setpipe(r0, 0x407, 0x9476fde)

2018/05/15 13:08:36 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400000000010000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:36 executing program 0:
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f0000000040), 0x0)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10)

2018/05/15 13:08:36 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x20000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:36 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)
ioctl$SNDRV_SEQ_IOCTL_PVERSION(r1, 0x80045300, &(0x7f0000000000))

2018/05/15 13:08:36 executing program 5:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000000c0)="abbe98438edfae22e9b2ad4eb9e5ee77d38a120000000000000007017622d55469f1222f4304a2f3a4ab6ee964cdf37c3e20abda69ba5700d2f6f78c78d2eaf01b88de22213b81bfae8612c19dee6436f9fa04e81c4acf7ba671c7680dea30efe1e22d459748c2b8d85f907175989ca9b12d7f8d0000000000000000", 0x7c)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
vmsplice(r1, &(0x7f0000000280)=[{&(0x7f0000000180)='r', 0x1}], 0x1, 0x0)

2018/05/15 13:08:36 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r1=>0x0})
r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x210000, 0x0)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(0xffffffffffffffff, 0x84, 0x70, &(0x7f0000000100)={<r3=>0x0, @in={{0x2, 0x4e21, @multicast2=0xe0000002}}, [0x6, 0x1, 0x1, 0x80, 0x9, 0x8, 0x8, 0x4f, 0x3, 0x9, 0x7, 0x9, 0x1, 0x401]}, &(0x7f0000000200)=0x100)
setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r2, 0x84, 0x19, &(0x7f0000000240)={r3, 0x9}, 0x8)
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r1+30000000}}, &(0x7f0000040000))
tkill(r0, 0x1000000000016)

2018/05/15 13:08:36 executing program 4:
bpf$MAP_CREATE(0x4, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

[  373.045805] binder: 22656:22658 got reply transaction with no transaction stack
[  373.053632] binder: 22656:22658 transaction failed 29201/-71, size 0-0 line 2763
2018/05/15 13:08:36 executing program 0:
r0 = socket(0xa, 0x1, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl(r0, 0x8912, &(0x7f0000000240)="c626262c8523bf012cf66f")
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)
ioctl$KVM_GET_CLOCK(r2, 0x4008ae48, &(0x7f0000000340))

2018/05/15 13:08:36 executing program 7:
r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x8000, 0x0)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r0, 0x408c5333, &(0x7f00000000c0)={0x2, 0x3, 0xfffffffffffff387, 'queue1\x00', 0x8})
pipe(&(0x7f0000000080)={<r1=>0xffffffffffffffff})
fcntl$setpipe(r1, 0x407, 0x9476fe0)

2018/05/15 13:08:36 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400000000160000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:36 executing program 5:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
bind$alg(r0, &(0x7f0000000080)={0x26, 'aead\x00', 0x0, 0x0, 'seqiv(ccm_base(ctr-camellia-asm,sha512))\x00'}, 0x58)
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
fcntl$setpipe(r0, 0x407, 0x9476fe3)
vmsplice(r0, &(0x7f0000000280), 0x1000000000000102, 0x1)

2018/05/15 13:08:36 executing program 4:
bpf$MAP_CREATE(0x5e01000000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:36 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:36 executing program 1:
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x105080, 0x0)
getsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000080), &(0x7f00000000c0)=0x4)
r1 = socket$inet6(0xa, 0x3, 0x7)
shutdown(r1, 0x1)
r2 = dup2(r1, r1)
bind$inet6(r1, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r2, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r2, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:08:36 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x407, 0x9)
r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x0, 0x0)
r2 = gettid()
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000040)={0x0, <r3=>0x0}, &(0x7f00000000c0)=0xc)
ioctl$DRM_IOCTL_GET_CLIENT(r0, 0xc0286405, &(0x7f0000000100)={0x7, 0x37a9, r2, 0xfffffffffffffff9, r3, 0x5, 0xdc8, 0xb8})

[  373.224143] binder: 22690:22692 got reply transaction with no transaction stack
[  373.231757] binder: 22690:22692 transaction failed 29201/-71, size 0-0 line 2763
2018/05/15 13:08:37 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400001400000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:37 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000000140)={0x0, 0x12}, &(0x7f0000000180)=<r1=>0x0)
clock_gettime(0x0, &(0x7f0000000280)={<r2=>0x0, <r3=>0x0})
r4 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000340)='/proc/self/net/pfkey\x00', 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r4, 0x84, 0x15, &(0x7f0000000380)={0x1}, 0x1)
timer_settime(r1, 0x0, &(0x7f00000002c0)={{0x77359400}, {r2, r3+30000000}}, &(0x7f0000000300))
clock_gettime(0x7, &(0x7f0000000000))
clock_gettime(0x0, &(0x7f00000000c0))
timer_settime(0x0, 0x0, &(0x7f0000000080)={{0x0, 0x8}}, &(0x7f0000040000))
clock_gettime(0x2, &(0x7f0000000100))
r5 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/rfkill\x00', 0x2000, 0x0)
r6 = syz_open_dev$mice(&(0x7f0000000200)='/dev/input/mice\x00', 0x0, 0x400000)
ioctl$FUSE_DEV_IOC_CLONE(r5, 0x8004e500, &(0x7f0000000240)=r6)
tkill(r0, 0x1000000000016)

2018/05/15 13:08:37 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = openat$rtc(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/rtc0\x00', 0x400, 0x0)
ioctl$TIOCLINUX7(r1, 0x541c, &(0x7f0000000140)={0x7, 0xff})
getsockopt$IP_VS_SO_GET_VERSION(r0, 0x0, 0x480, &(0x7f0000000000), &(0x7f0000000080)=0x40)
r2 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r2, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r2, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:08:37 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:37 executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x40000000000001, 0x1, 0x48, 0x100000001, 0x1}, 0x2c)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r0, &(0x7f0000000280), &(0x7f0000000040)}, 0x20)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f000033afe0)={r0, &(0x7f0000000140), &(0x7f0000000080)}, 0x20)

2018/05/15 13:08:37 executing program 4:
bpf$MAP_CREATE(0xe010000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:37 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
stat(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f00000002c0)={<r3=>0x0, 0x4654}, &(0x7f0000000300)=0x8)
getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000340)={r3, 0x751e}, &(0x7f0000000380)=0x8)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0, <r4=>0x0}, &(0x7f0000000280)=0xc)
syz_fuseblk_mount(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0xa000, r2, r4, 0x5, 0x2, 0x2000000)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
sendto$inet(r0, &(0x7f0000000000)="5f76f6df4298550554b53e80d70b30ad892bd0d89327e39c245a95a46b30a4da4026cfc81e9fb3245ee80820e0b3866105c50945106f40bfc56748da28104a0011671d74672f2129dc27147805d35d47eb0139738ee04d30dad806821c3e3d8729a84c3006aa6f9f984ba8b636744a", 0x6f, 0x8000, &(0x7f00000000c0)={0x2, 0x4e20, @loopback=0x7f000001}, 0x10)

2018/05/15 13:08:37 executing program 5:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
fcntl$setpipe(r0, 0x407, 0xed7)
vmsplice(r1, &(0x7f0000000280)=[{&(0x7f0000000180)='r', 0x1}], 0x1, 0x0)

2018/05/15 13:08:37 executing program 4:
bpf$MAP_CREATE(0x3780, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

[  374.333870] binder: 22716:22718 got reply transaction with no transaction stack
[  374.341777] binder: 22716:22718 transaction failed 29201/-71, size 0-0 line 2763
2018/05/15 13:08:37 executing program 0:
perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x3000004, 0x10, 0xffffffffffffffff, 0x0)
io_setup(0xc7ff, &(0x7f00000000c0))

2018/05/15 13:08:37 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400001500000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:37 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$SO_COOKIE(r1, 0x1, 0x39, &(0x7f00000000c0), &(0x7f0000000100)=0x8)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
getsockopt$inet_tcp_int(r1, 0x6, 0x0, &(0x7f0000000140), &(0x7f0000000180)=0x4)
ioctl$EVIOCGNAME(r0, 0x80404506, &(0x7f0000000000)=""/69)
ioctl$TUNDETACHFILTER(r0, 0x401054d6, 0x0)

2018/05/15 13:08:37 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x6c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:37 executing program 4:
bpf$MAP_CREATE(0x3a4, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:37 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e24, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

[  374.486160] binder: 22743:22747 got reply transaction with no transaction stack
[  374.493754] binder: 22743:22747 transaction failed 29201/-71, size 0-0 line 2763
2018/05/15 13:08:39 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400040000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:39 executing program 7:
r0 = syz_open_dev$sndpcmp(&(0x7f0000000080)='/dev/snd/pcmC#D#p\x00', 0x1, 0x2)
ioctl$KDSETLED(r0, 0x4b32, 0x1f)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
socketpair$inet6_tcp(0xa, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
write$fuse(r2, &(0x7f0000000100)=ANY=[@ANYBLOB="28ee0000010000000200000000000000000140000000052467d3d4615800000000000000005c1d54efdbff17928b32a208e97ae135c0fd04b36a1c71b6ea07abb8765daa8e3678abf411867a580458d0fd97a3aaf9c5b06432ca"], 0x28)
ioctl$TIOCGSID(r1, 0x5429, &(0x7f0000000040))
fcntl$setpipe(r3, 0x407, 0x9476fe0)

2018/05/15 13:08:39 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x4c000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:39 executing program 0:
perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x3000004, 0x10, 0xffffffffffffffff, 0x0)
io_setup(0xc7ff, &(0x7f00000000c0))

2018/05/15 13:08:39 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
socket$bt_rfcomm(0x1f, 0x3, 0x3)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
mlock2(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)
ioctl$DRM_IOCTL_WAIT_VBLANK(r1, 0xc018643a, &(0x7f0000000000)={0x40000000, 0x5, 0x2a})

2018/05/15 13:08:39 executing program 4:
bpf$MAP_CREATE(0x2806030000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:39 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = gettid()
timer_create(0x3, &(0x7f0000000000)={0x0, 0x12}, &(0x7f0000044000))
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r1=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r1+30000000}}, &(0x7f0000040000))
tkill(r0, 0x1000000000016)

2018/05/15 13:08:39 executing program 5:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
vmsplice(r1, &(0x7f0000000280)=[{&(0x7f0000000180)='r', 0x1}], 0x1, 0x0)
prctl$seccomp(0x16, 0x2, &(0x7f00000000c0)={0x9, &(0x7f0000000000)=[{0x7, 0x100, 0x0, 0xfff}, {0x80, 0x9, 0x4, 0x1}, {0x1, 0x1, 0xf7}, {0x800, 0x100000001, 0x0, 0x935d}, {0xdc4, 0x7, 0x3b7, 0xfffffffffffffc01}, {0x0, 0x400, 0x6e, 0x7fffffff}, {0x7, 0x5, 0x2}, {0x8, 0x8ef1, 0x3f, 0x1000}, {0x7fff, 0x100010000000, 0x1, 0x8}]})

2018/05/15 13:08:39 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400000000000000000338000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

[  375.705809] binder: 22769:22777 got reply transaction with no transaction stack
[  375.713431] binder: 22769:22777 transaction failed 29201/-71, size 0-0 line 2763
2018/05/15 13:08:39 executing program 4:
bpf$MAP_CREATE(0xc802000000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:39 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0xa000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:39 executing program 7:
r0 = syz_open_dev$vcsa(&(0x7f0000000180)='/dev/vcsa#\x00', 0x100000000000407, 0x20082)
ioctl$SG_GET_RESERVED_SIZE(r0, 0x2272, &(0x7f0000000000))
connect$rds(r0, &(0x7f0000000040)={0x2, 0x4e24, @rand_addr=0x43e7ebe1}, 0x10)
openat$full(0xffffffffffffff9c, &(0x7f0000000100)='/dev/full\x00', 0x1, 0x0)
ioctl$SG_SET_COMMAND_Q(r0, 0x2271, &(0x7f00000000c0))
pipe(&(0x7f0000000080)={<r1=>0xffffffffffffffff})
write$binfmt_script(r1, &(0x7f00000001c0)={'#! ', './file0', [{0x20, '/dev/vcsa#\x00'}, {0x20, '/'}, {0x20, '.'}, {0x20, '/dev/vcsa#\x00'}, {0x20, '/dev/full\x00'}], 0xa, "6f96e34c613039fb7d0a74febe49afa41e0f13c63cd0d2d9a69826436c3badcf9be4f5f5630d82313c690d10afca1de58c404a3ebaf3444d05ee519371637017a46a86986ea75a538d23dec63b1de1274568bb6b6d60f41be0e4aed116d4433f025b464270270cc8978522bb20c3fd5a914b3c40521c018eb5649549a4665b786b866a30410dce2c7e334219a205c2fb383cc149385c02b4eaa2d5e5635214b83a37ba2661aef360b6b7d69150b11f63be5dd869843f33504bf7888a736b6e897c033cc7041c036d"}, 0xfa)
setsockopt$bt_l2cap_L2CAP_OPTIONS(r0, 0x6, 0x1, &(0x7f0000000140)={0x4, 0x4a, 0x40, 0x7ff, 0x6, 0x3f9c, 0x401}, 0xc)

2018/05/15 13:08:39 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400000000140000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:39 executing program 0:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000200)={r1, 0xfffffc7a, &(0x7f0000000180)}, 0xfffffffffffffeaa)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ip6tnl0\x00'})

2018/05/15 13:08:39 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

[  375.850120] binder: 22797:22798 got reply transaction with no transaction stack
[  375.857752] binder: 22797:22798 transaction failed 29201/-71, size 0-0 line 2763
2018/05/15 13:08:39 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
ioctl$ASHMEM_GET_NAME(r1, 0x81007702, &(0x7f0000000140)=""/255)
ioctl$BLKSECDISCARD(r1, 0x127d, &(0x7f00000000c0)=0x3cf4)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

[  375.934506] binder: 22802:22803 got reply transaction with no transaction stack
[  375.942160] binder: 22802:22803 transaction failed 29201/-71, size 0-0 line 2763
2018/05/15 13:08:40 executing program 7:
pipe(&(0x7f0000000340)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x407, 0x800)
ioctl$SG_GET_VERSION_NUM(r0, 0x2282, &(0x7f0000000040))
fgetxattr(r1, &(0x7f0000000080)=@known='com.apple.FinderInfo\x00', &(0x7f0000000100)=""/195, 0xc3)
socketpair$inet_icmp(0x2, 0x2, 0x1, &(0x7f00000000c0))
socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet_dccp_buf(r1, 0x21, 0xce, &(0x7f0000000200)=""/196, &(0x7f0000000000)=0xc4)

2018/05/15 13:08:40 executing program 4:
bpf$MAP_CREATE(0x5c000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:40 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:40 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400000300000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:40 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
getsockopt$inet_sctp6_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f0000000000), &(0x7f0000000080)=0x8)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:08:40 executing program 0:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000200)={r1, 0xfffffc7a, &(0x7f0000000180)}, 0xfffffffffffffeaa)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ip6tnl0\x00'})

2018/05/15 13:08:40 executing program 3:
r0 = memfd_create(&(0x7f0000000000)='\x00', 0x3)
getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(0xffffffffffffffff, 0x84, 0x70, &(0x7f0000000100)={<r1=>0x0, @in6={{0xa, 0x4e23, 0xffffffffffffff00, @loopback={0x0, 0x1}, 0x1000}}, [0xfffc000000000000, 0x1, 0x0, 0x3, 0x1, 0x242, 0x1000, 0x1, 0x8, 0x1, 0xffff, 0x3, 0x2, 0x1, 0xfcae]}, &(0x7f0000000200)=0x100)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f0000000240)={r1, 0x1267102d00, 0x8}, &(0x7f0000000280)=0x8)
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r2 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r3=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r3+30000000}}, &(0x7f0000040000))
tkill(r2, 0x1000000000016)

2018/05/15 13:08:40 executing program 5:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f0000000000)="00105f3d50444b7fbee4e7fb6afffc350b6807586a750a42577ed3392c46d57ef5b2", 0x22)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
vmsplice(r1, &(0x7f0000000280)=[{&(0x7f0000000180)='r', 0x1}], 0x1, 0x0)

2018/05/15 13:08:40 executing program 4:
bpf$MAP_CREATE(0x7a000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

[  377.090836] binder: 22826:22834 got reply transaction with no transaction stack
[  377.098419] binder: 22826:22834 transaction failed 29201/-71, size 0-0 line 2763
2018/05/15 13:08:40 executing program 7:
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x9476fe0)
r0 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x3, 0x141000)
ioctl$KVM_GET_NR_MMU_PAGES(r0, 0xae45, 0xf0ed)
ioctl$KVM_GET_CLOCK(r0, 0x8030ae7c, &(0x7f0000000040))
symlink(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00')

2018/05/15 13:08:40 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400000000000000000438000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:40 executing program 5:
pipe(&(0x7f0000000700)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f0000000240)="bca315a8705ac6d65cc8d43fab090e3fd7573e1d0df59bf9db0540c520ea5c2491", 0x21)
getresgid(&(0x7f0000000080), &(0x7f0000000280)=<r2=>0x0, &(0x7f00000005c0))
r3 = getgid()
r4 = getgid()
getgroups(0x3, &(0x7f0000000600)=[r2, r3, r4])
r5 = syz_open_dev$amidi(&(0x7f0000000180)='/dev/amidi#\x00', 0x100000001, 0x10040)
fcntl$setpipe(r0, 0x407, 0x8001)
ioctl$TIOCSBRK(r5, 0x5427)
socketpair(0x0, 0x1, 0x3, &(0x7f0000000040)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$TCXONC(r6, 0x540a, 0x9)
vmsplice(r1, &(0x7f0000000540)=[{&(0x7f00000002c0)="633ba0cc9794c895672f8c2004c52ded6d1c38b8982ce879c252de3897fa2f9aa8ae35b9f5b17d11594e9837e874ddb03b49b90a9c1f120d7914f08291e11c25bcc1db3e75af138b2b00a9c1957e6a0db25b2251de05b3c3fa275cac1eadcbcc9aeac6b06d0406a350202f8a5f3ffe4ea431bd3aa72e892b14c1a2eb09922dd84ac268408d7f8aeb6d78e79cef7333c1b87f817f626ec23de2e1fe60dc2841ad8a1766f2c647e5d8a33289172454b21e4a5434678028c1d7c1bc50868ba0a77726654e74f5b2b62a10ca20e72d9b5af81652560f6855108493913db82466e6d15d2a01b0d057389068a4"}, {&(0x7f00000003c0)="55e5ec34bc209f593fe9bff5076d0341d4e48d9f06a6a0793cf47885dccebec47fae9b7dbdcca903f10636a8eb3d44b634acdb11df47698f22a4c8762bd05c62232a40671820d751dd09631cc60870d805e184199222aa2b0acaa5dfe2eeb9b2b54b080c93447dd002d7b13542ac8d805c94b33ea73dd45aac01b2ab36fa93aa1e2111eb338ebd8e7bd10e9b559991d0ddfd4c15292a70924c2da527f9c1fe1a170c1fabafe34473a9aac226c73a9029e6514ae0cc2f97ef23a5b380de37fed935b136b3a050944f718b76e4ccacd21a8f613846ed20c568f6a855662edd493d429c835cf63603ec1cb2da97c9ea01bbbb5ee264e2f90b13a426aa09"}, {&(0x7f0000000000)="74c0d4"}, {&(0x7f00000000c0)="a4e84d3c7232f0638ed65a6dbf124ee99e2e7bea204c30c0c81bc724d896fc84e9a066e4f0bd88733669c4c928c37ce3a6e6c4251379fb488e26bf7770fc0a2ad0c4a9d503423431378216db286d28522f68a23902ebfe8c536180f4dd36b000d08b49c164742a1c2791c4b18cdefc356b4834111465cb6c1965cecd92468a82205bdff66d86947a74fd14332aa54dbbb9996948b240f9e267eaeed07a44baad"}, {&(0x7f00000001c0)="e2340cb15e3a1e3ce94390fc3331db6c8b21b923bd36ed2771fb25a8505efc3cef8075f4d768ada73ae31c86017ed19e66010153782ec705fb3731598eb0dd77aa5a6c967fd46a28d0c852cf7075cd1f5f76916ca69d470fb087f12eef209b"}, {&(0x7f00000004c0)="786d8167638cebef6350e8157e2abc4e4003b918c907c060719114c56c34f263e26b490d0781846c4db0795074aa4eeedbd9a373b2840189abf7c41e74f9f83dd48d69897fdc1f63789bd7e3dc88fbc559a65a7bc499dce513310e5a5c0f4f08bd9aec"}], 0xfb7, 0x6)

2018/05/15 13:08:40 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:40 executing program 4:
bpf$MAP_CREATE(0xf001, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:40 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
getsockopt$inet_mreqn(r1, 0x0, 0x27, &(0x7f0000000000)={@broadcast, @multicast2, <r2=>0x0}, &(0x7f0000000080)=0xc)
ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f00000000c0)=r2)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:08:40 executing program 7:
syz_open_dev$random(&(0x7f0000000000)='/dev/random\x00', 0x0, 0x20000)
pipe(&(0x7f00000002c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
recvmmsg(r0, &(0x7f00000022c0)=[{{&(0x7f00000005c0)=@in6={0x0, 0x0, 0x0, @local}, 0x80, &(0x7f0000000780)=[{&(0x7f0000000640)=""/50, 0x32}, {&(0x7f0000000680)=""/114, 0x72}, {&(0x7f0000000700)=""/99, 0x63}], 0x3, &(0x7f00000007c0)=""/143, 0x8f, 0x10001}, 0x80000001}, {{&(0x7f0000000880)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @loopback}}}, 0x80, &(0x7f0000000b00)=[{&(0x7f0000000900)=""/197, 0xc5}, {&(0x7f0000000a00)=""/147, 0x93}, {&(0x7f0000000ac0)=""/13, 0xd}], 0x3, &(0x7f0000000b40)=""/73, 0x49, 0xeb18}, 0x8}, {{&(0x7f0000000bc0)=@pppol2tpin6={0x0, 0x0, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, @dev}}}, 0x80, &(0x7f0000001e00)=[{&(0x7f0000000c40)=""/4096, 0x1000}, {&(0x7f0000001c40)=""/80, 0x50}, {&(0x7f0000001cc0)=""/187, 0xbb}, {&(0x7f0000001d80)=""/63, 0x3f}, {&(0x7f0000001dc0)=""/14, 0xe}], 0x5, &(0x7f0000001e80)=""/90, 0x5a, 0x3}, 0x8}, {{0x0, 0x0, &(0x7f0000002240)=[{&(0x7f0000001f00)=""/65, 0x41}, {&(0x7f0000001f80)=""/6, 0x6}, {&(0x7f0000001fc0)=""/133, 0x85}, {&(0x7f0000002080)=""/170, 0xaa}, {&(0x7f0000002140)=""/252, 0xfc}], 0x5, 0x0, 0x0, 0x10000}, 0xffff}], 0x4, 0x10000, &(0x7f00000023c0)={0x0, 0x989680})
getsockopt$inet6_mtu(r1, 0x29, 0x17, &(0x7f0000000100), &(0x7f0000000140)=0x4)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
stat(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180)=<r3=>0x0)
sendmsg$nl_generic(r1, &(0x7f0000000580)={&(0x7f0000000040)={0x10}, 0xc, &(0x7f0000000540)={&(0x7f0000002400)=ANY=[@ANYBLOB="44030000210000012dbd7000fbdbdf250e00000008008600", @ANYRES32=r2, @ANYBLOB="68001e0065a509db48156729821e19319102e7adf504d17dad30070f4c4cb1cf95e61825925d235a735f1986622df85633c07fafd7340d00481c0c735b552b9adfec50efcdc72ba2bea540435fc1cf2471a4a0b12bcfc3d59b6c2cc4e76dcb176d07c2a6b952920014025500a459c09e9c90f8c23bb389f2a99ac9a51f6649bc5ed309aec009c70b5169aa4d1882eae9d256195f14094692a304929476b097198997922177b6f5bb7496ab5201f1732568ed015ff19cd47d90a985c5022f817ae15e751fdb17b41fdf62828fd0e0bbbf7a7fff32c9312f83f3021fb0a4e817c1c4b691b3f6a0a2da21bfafee23811ddbd3ce1c8fadb58738e9cbdfa3f47a2b4a8d6299890fc1152afe53d0a4b7c10a6afe7afd72278575aafc8851de37119fa92c634929ef5274cace23d96fcbb9250f5d01ee6bc504008900ac064afe9d52065ef30a9cc8ced32c3eaeeda8dd782fecc7421cd14706af192d63cb0e3f004748d5c13304698e5058fa6e6640bbac0ff9df1d75d7fe0dd146a36438572ffb3793ffeff54c97ddd87aafeb608948fe512aa09b92f837cd855634685cdecf495d227df7b77c5e7fbc07bf806f765b1636db0d9dba2e907a8a35a76eb07a6342b6163939391a928c8a7bc94d5a05037ff31e06e8a9c993659d323b189f0ec3f4a4dee76ffef80ef6280800a6d1", @ANYRES32=r3, @ANYBLOB="e620491436624f68bd1b2a369a189dd2cb3193d40d4313be929aa54918eb249367eaa22dcbbd51d9fb978aad0f7d1b98cfafbf667ba8ce7c8df4bbd8ded7ccc3e21c7c74529201afcd622d4f745a341fe7e704bd40959b9ee249ad99f74a2b8b7f4a8106ea43dc607c3c0a21af5e981e94b814ed21fcc0747eaf147cf1a09d23a1bb35dab9669686a68cbbed1517efba0f41fc2ae83253396b2690b52825f626da52a458acfceb548c12b518c127c60cc757dfa5999cb33113fcedbaefd8a6acb4fef0f39da2ad8660607f1f0b061e90f9d3d0d96db8822424ff4c8e16c41fa18a1fe8fa42e29ddef4251765ddf0ed52493865fcb2102608a1c4d08f4fa6dd7e3c7109e7b5eeca6abf1f0084c20396ab61b74f441b8ad83af54d7e6b3023b7018027bb69fdd569f398e4df399ed6eab01a17cfbbfd6017c71062c3637ab2660eeaee00000000000000"], 0x5}, 0x1, 0x0, 0x0, 0x4}, 0x800)

2018/05/15 13:08:40 executing program 0:
r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x125502, 0x0)
getsockopt$packet_buf(r0, 0x107, 0x16, &(0x7f00000000c0)=""/251, &(0x7f0000000040)=0xfb)
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x100, 0x0)
pipe(&(0x7f0000000080)={<r1=>0xffffffffffffffff})
fcntl$setpipe(r1, 0x407, 0x2)

[  377.264294] binder: 22852:22854 got reply transaction with no transaction stack
[  377.271872] binder: 22852:22854 transaction failed 29201/-71, size 0-0 line 2763
2018/05/15 13:08:40 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400000000150000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:40 executing program 4:
bpf$MAP_CREATE(0x278, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:41 executing program 5:
pipe(&(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
vmsplice(r1, &(0x7f0000000280)=[{&(0x7f0000000180)='r', 0x1}], 0x10000079, 0x0)
ioctl$TIOCGSID(r1, 0x5429, &(0x7f0000000000)=<r2=>0x0)
ioctl$TIOCSPGRP(r0, 0x5410, &(0x7f0000000040)=r2)

2018/05/15 13:08:41 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x4c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:41 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x407, 0x9476fe0)
fallocate(r1, 0x1, 0x5, 0x4)

2018/05/15 13:08:41 executing program 0:
r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x125502, 0x0)
getsockopt$packet_buf(r0, 0x107, 0x16, &(0x7f00000000c0)=""/251, &(0x7f0000000040)=0xfb)
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x100, 0x0)
pipe(&(0x7f0000000080)={<r1=>0xffffffffffffffff})
fcntl$setpipe(r1, 0x407, 0x2)

2018/05/15 13:08:41 executing program 4:
bpf$MAP_CREATE(0x138, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:41 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400001f00000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:41 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = gettid()
r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x8000, 0x0)
getsockopt$inet6_udp_int(r1, 0x11, 0x65, &(0x7f0000000240), &(0x7f0000000280)=0x4)
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)=<r2=>0x0)
clock_gettime(0x0, &(0x7f00000000c0))
dup3(0xffffffffffffffff, 0xffffffffffffff9c, 0x80000)
sendto$unix(r1, &(0x7f0000000480)="0ab300f761b9a42e1ef2be76597b9ab1b8758d0682728910713b8045bae6cb61175b3fe91250508893c9790d4982d82dc45bb47aff342a358e75e36ed0d3ca1bf7fd1d2448dc1a6d2bb938f757f27ab78288b88bc866e4abe4e7f541dc79523b1e414cb163a36905006a26c52c09387ccc62524813bcee3c79bd78f771318ca1ebeca04131cc8d0e9d83bee8d01710a559c384b44c64d690f8093e82132da0765bc3b1e569964a7a2dcad75ab93872dc4f1201000000332f0bbdeeda791f82ad6bf93a05e98d95bbe85cd15ed15658a1e246083ece14317cc6103dfb05fc9d9860c54baad5b296110bc6350d048e25e73b6f3554c35e2f21453d4671e8d783a490c175fab267ee8f672aeb2c7174346b12cd40b3c2c33f92c99211abe1fcaf58ffc33fa17399f5a728c856f822b76c34bdc7d399df379b1509742acaebfc806d52d3d45af3e7bdf533c0119a26a6e5b364ba7b339c3850831a92dcd43d8ad54111ed9d09e0e6efe73c0d8959e030", 0xffffffffffffff50, 0x4, &(0x7f00000001c0)=@file={0x0, './file0\x00'}, 0xffffffffffffff43)
clock_gettime(0x0, &(0x7f00000002c0)={<r3=>0x0, <r4=>0x0})
timer_settime(r2, 0x1, &(0x7f0000000080)={{r3, r4+10000000}, {0x0, 0x1c9c380}}, &(0x7f0000040000))
tkill(r0, 0x1000000000016)

2018/05/15 13:08:41 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$inet6_IPV6_ADDRFORM(r0, 0x29, 0x1, &(0x7f0000000000)=0x2, 0x4)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:08:41 executing program 4:
bpf$MAP_CREATE(0xb603000000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:41 executing program 0 (fault-call:1 fault-nth:0):
r0 = syz_open_procfs(0x0, &(0x7f0000000140)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a")
ioctl$DRM_IOCTL_RES_CTX(r0, 0x40086607, &(0x7f0000000080)={0x0, &(0x7f0000000540)})

[  377.993087] binder: 22892:22901 got reply transaction with no transaction stack
[  378.000682] binder: 22892:22901 transaction failed 29201/-71, size 0-0 line 2763
2018/05/15 13:08:41 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x100000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:41 executing program 7:
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_ALLOC(r0, 0xc0206434, &(0x7f0000000000)={0x8000, <r1=>0x0, 0x10003})
ioctl$DRM_IOCTL_SG_FREE(r0, 0x40106439, &(0x7f0000000040)={0x2, r1})
pipe(&(0x7f0000000080)={<r2=>0xffffffffffffffff})
fcntl$setpipe(r2, 0x407, 0x9476fe0)

2018/05/15 13:08:41 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400000000000000001138000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:41 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000080)={&(0x7f0000000000)='./file0\x00', r1}, 0x10)
r2 = dup2(r0, r0)
setsockopt$l2tp_PPPOL2TP_SO_LNSMODE(r2, 0x111, 0x4, 0x1, 0x4)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r2, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r2, 0x1, 0x7, &(0x7f0000000040), 0x4)

[  378.109809] FAULT_INJECTION: forcing a failure.
[  378.109809] name failslab, interval 1, probability 0, space 0, times 0
[  378.121540] CPU: 1 PID: 22912 Comm: syz-executor0 Not tainted 4.17.0-rc5+ #51
[  378.128825] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  378.138183] Call Trace:
[  378.140766]  dump_stack+0x1b9/0x294
[  378.144401]  ? dump_stack_print_info.cold.2+0x52/0x52
[  378.149590]  ? __lock_acquire+0x7f5/0x5140
[  378.153833]  should_fail.cold.4+0xa/0x1a
[  378.157909]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  378.163030]  ? __lock_acquire+0x7f5/0x5140
[  378.167259]  ? debug_check_no_locks_freed+0x310/0x310
[  378.172445]  ? print_usage_bug+0xc0/0xc0
[  378.176501]  ? reweight_task+0x130/0x130
[  378.180558]  ? __lock_is_held+0xb5/0x140
[  378.184634]  ? debug_check_no_locks_freed+0x310/0x310
[  378.189830]  ? graph_lock+0x170/0x170
[  378.193637]  ? print_usage_bug+0xc0/0xc0
[  378.197692]  ? print_usage_bug+0xc0/0xc0
[  378.201763]  ? __lock_is_held+0xb5/0x140
[  378.205828]  __should_failslab+0x124/0x180
[  378.210067]  should_failslab+0x9/0x14
[  378.213873]  kmem_cache_alloc+0x47/0x760
[  378.217922]  ? rcu_note_context_switch+0x710/0x710
[  378.222844]  ? graph_lock+0x170/0x170
[  378.226637]  ? mempool_free+0x370/0x370
[  378.230612]  mempool_alloc_slab+0x44/0x60
[  378.234756]  mempool_alloc+0x18b/0x490
[  378.238641]  ? jbd2_journal_flush+0x14e/0x540
[  378.243131]  ? remove_element.isra.4+0x1c0/0x1c0
[  378.247894]  ? lock_downgrade+0x8e0/0x8e0
[  378.252044]  bio_alloc_bioset+0x3a1/0x7f0
[  378.256201]  ? do_raw_spin_trylock+0x1b0/0x1b0
[  378.260776]  ? bvec_alloc+0x2d0/0x2d0
[  378.264567]  ? kasan_check_write+0x14/0x20
[  378.268804]  ? kasan_check_write+0x14/0x20
[  378.273040]  ? do_raw_read_unlock+0x3f/0x60
[  378.277360]  blkdev_issue_flush+0xf3/0x320
[  378.281586]  jbd2_cleanup_journal_tail+0x21c/0x2a0
[  378.286502]  ? jbd2_journal_skip_recovery.cold.13+0x5c/0x5c
[  378.292199]  ? find_held_lock+0x36/0x1c0
[  378.296256]  jbd2_log_do_checkpoint+0xc9/0x1340
[  378.300910]  ? find_held_lock+0x36/0x1c0
[  378.304957]  ? __jbd2_journal_remove_checkpoint+0x8c0/0x8c0
[  378.310655]  ? lock_downgrade+0x8e0/0x8e0
[  378.314792]  ? kasan_check_read+0x11/0x20
[  378.318936]  ? do_raw_spin_unlock+0x9e/0x2e0
[  378.323352]  ? do_raw_spin_trylock+0x1b0/0x1b0
[  378.327931]  ? kasan_check_write+0x14/0x20
[  378.332152]  ? do_raw_spin_lock+0xc1/0x200
[  378.336380]  jbd2_journal_flush+0x156/0x540
[  378.340696]  ext4_ioctl+0x241e/0x4210
[  378.344480]  ? _parse_integer+0x13b/0x190
[  378.348623]  ? ext4_ioctl_group_add+0x560/0x560
[  378.353278]  ? _parse_integer+0x190/0x190
[  378.357417]  ? graph_lock+0x170/0x170
[  378.361205]  ? lock_release+0xa10/0xa10
[  378.365177]  ? check_same_owner+0x320/0x320
[  378.369495]  ? find_held_lock+0x36/0x1c0
[  378.373549]  ? graph_lock+0x170/0x170
[  378.377351]  ? find_held_lock+0x36/0x1c0
[  378.381411]  ? lock_downgrade+0x8e0/0x8e0
[  378.385553]  ? kasan_check_read+0x11/0x20
[  378.389691]  ? rcu_is_watching+0x85/0x140
[  378.393839]  ? rcu_bh_force_quiescent_state+0x20/0x20
[  378.399031]  ? __fget+0x40c/0x650
[  378.402506]  ? match_held_lock+0x841/0x8b0
[  378.406760]  ? expand_files.part.8+0x9a0/0x9a0
[  378.411334]  ? kasan_check_write+0x14/0x20
[  378.415565]  ? __mutex_unlock_slowpath+0x180/0x8a0
[  378.420494]  ? wait_for_completion+0x870/0x870
[  378.425087]  ? ext4_ioctl_group_add+0x560/0x560
[  378.429757]  do_vfs_ioctl+0x1cf/0x16a0
[  378.433647]  ? ioctl_preallocate+0x2e0/0x2e0
[  378.438042]  ? fget_raw+0x20/0x20
[  378.441493]  ? __sb_end_write+0xac/0xe0
[  378.445465]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  378.450997]  ? fput+0x130/0x1a0
[  378.454276]  ? ksys_write+0x1a6/0x250
[  378.458062]  ? security_file_ioctl+0x94/0xc0
[  378.462455]  ksys_ioctl+0xa9/0xd0
[  378.465895]  __x64_sys_ioctl+0x73/0xb0
[  378.469774]  do_syscall_64+0x1b1/0x800
[  378.473655]  ? finish_task_switch+0x1ca/0x840
[  378.478146]  ? syscall_return_slowpath+0x5c0/0x5c0
[  378.483070]  ? syscall_return_slowpath+0x30f/0x5c0
[  378.488083]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  378.493446]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  378.498295]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  378.503476] RIP: 0033:0x455a09
[  378.506654] RSP: 002b:00007f899b091c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  378.514369] RAX: ffffffffffffffda RBX: 00007f899b0926d4 RCX: 0000000000455a09
[  378.521629] RDX: 0000000020000080 RSI: 0000000040086607 RDI: 0000000000000013
[  378.528891] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  378.536142] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014
[  378.543403] R13: 00000000000001e0 R14: 00000000006f6da0 R15: 0000000000000000
[  378.567006] binder: 22908:22914 got reply transaction with no transaction stack
[  378.574818] binder: 22908:22914 transaction failed 29201/-71, size 0-0 line 2763
2018/05/15 13:08:42 executing program 4:
bpf$MAP_CREATE(0x3801000000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:42 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x60000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:42 executing program 7:
lstat(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0))
shmget$private(0x0, 0x4000, 0x40, &(0x7f0000ffa000/0x4000)=nil)
r0 = socket$inet_icmp(0x2, 0x2, 0x1)
ioctl$int_in(r0, 0x5421, &(0x7f0000000040)=0xffff)
pipe(&(0x7f0000000080)={<r1=>0xffffffffffffffff})
fcntl$setpipe(r1, 0x407, 0x9476fe0)

2018/05/15 13:08:42 executing program 0 (fault-call:1 fault-nth:1):
r0 = syz_open_procfs(0x0, &(0x7f0000000140)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a")
ioctl$DRM_IOCTL_RES_CTX(r0, 0x40086607, &(0x7f0000000080)={0x0, &(0x7f0000000540)})

2018/05/15 13:08:42 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400000000000000001638000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:42 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0xffffffffffffffff)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:08:42 executing program 5:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
setsockopt$bt_BT_VOICE(r0, 0x112, 0xb, &(0x7f0000000040)=0x4, 0x2)
ioctl$sock_inet_SIOCSIFNETMASK(r1, 0x891c, &(0x7f00000000c0)={'dummy0\x00', {0x2, 0x4e22, @local={0xac, 0x14, 0x14, 0xaa}}})
vmsplice(r1, &(0x7f0000000280)=[{&(0x7f0000000180)='r', 0x1}], 0x1, 0x0)
setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000000000)=r1, 0x4)

2018/05/15 13:08:42 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/sequencer2\x00', 0x0, 0x0)
timerfd_gettime(r0, &(0x7f0000000500))
r1 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
r2 = accept4(0xffffffffffffffff, &(0x7f0000000100)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, &(0x7f0000000000)=0x80, 0x80000)
getsockopt$ARPT_SO_GET_INFO(r2, 0x0, 0x60, &(0x7f0000000180)={'filter\x00'}, &(0x7f0000000200)=0x44)
sendmsg$alg(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000240)="c00c4517bf8deec626e130d9882d382210446cbfc320c5741d6a9486a2e9810b90372a16cc8bfc0afc3c77d6e36c23200bc775d3a97015200c568a27e9322a385f53b01e30311dce7caff53fc0934f54cbaebc62e3fcda3dd33afd03893b14bb9434845a5196789e49d9a8a5ddb9a239ef5be462c674f0c3c30a6fd528797488ca200137291a6a0f690eba98e704ffa3e267b5d23fadf179de4eadc7adb2720e120aab335d220c71086304edc493a62c80cbfa3d60286eef7d", 0xb9}], 0x1, &(0x7f0000000340)=[@assoc={0x18, 0x117, 0x4, 0x6}, @op={0x18, 0x117, 0x3}, @assoc={0x18, 0x117, 0x4, 0x81}, @iv={0x78, 0x117, 0x2, 0x61, "d8480d24d820f277c9a1d265e79bfdf159254d4c00a41120d92be995fe934f4d3743ba2923e785ed237909fb18b606ee07e684d4273716c2dc57806e25a7cbfce364cef1890c2803229311c379919fd3d00dd5a7557786f82dca024251cff5d73d"}, @op={0x18, 0x117, 0x3}, @assoc={0x18, 0x117, 0x4, 0x1}, @op={0x18, 0x117, 0x3}, @assoc={0x18, 0x117, 0x4, 0x6}], 0x120, 0x40000}, 0x0)
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r3=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r3+30000000}}, &(0x7f0000040000))
tkill(r1, 0x1000000000016)

2018/05/15 13:08:42 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x407, 0x800)
ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r0, 0x40505331, &(0x7f0000000000)={{0xbe8, 0x100000001}, {0x3, 0x5}, 0x4f, 0x1, 0x6})
ioctl(r0, 0x3, &(0x7f0000000100)="b6ff41a3b2eece740ffc92ffd1036c89d3c07533eb7969780e861cba386629c2dfbc37554b85ab01eea148bf987c7621c9ba5c2139f1087a5491ebf3c7e14c07a2aa8fcecc2c6383730e0ecead5c8637c7e0161d0be4cc56e73ba1bdff1110dab96066943c02417c5f6cf23b503e99e88039a74c4b32fcf426ee7040bde964d9476309894456eb12d1d04c466a87d8303db845")
ioctl$DRM_IOCTL_SET_VERSION(r0, 0xc0106407, &(0x7f00000000c0)={0x13d, 0x3f, 0x8, 0x5})

[  379.020522] FAULT_INJECTION: forcing a failure.
[  379.020522] name failslab, interval 1, probability 0, space 0, times 0
[  379.031884] CPU: 1 PID: 22943 Comm: syz-executor0 Not tainted 4.17.0-rc5+ #51
[  379.039162] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  379.048519] Call Trace:
[  379.051126]  dump_stack+0x1b9/0x294
[  379.054768]  ? dump_stack_print_info.cold.2+0x52/0x52
[  379.059964]  ? print_usage_bug+0xc0/0xc0
[  379.064039]  should_fail.cold.4+0xa/0x1a
2018/05/15 13:08:42 executing program 4:
bpf$MAP_CREATE(0xdc000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

[  379.068119]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  379.073239]  ? __lock_acquire+0x7f5/0x5140
[  379.077500]  ? debug_check_no_locks_freed+0x310/0x310
[  379.082708]  ? task_fork_fair+0x660/0x660
[  379.086870]  ? graph_lock+0x170/0x170
[  379.090671]  ? print_usage_bug+0xc0/0xc0
[  379.094731]  __should_failslab+0x124/0x180
[  379.098955]  should_failslab+0x9/0x14
[  379.102747]  kmem_cache_alloc_node+0x56/0x780
[  379.107251]  create_task_io_context+0xb5/0x5e0
[  379.111839]  ? ioc_clear_queue+0x5e0/0x5e0
[  379.116060]  ? lock_downgrade+0x8e0/0x8e0
[  379.120207]  ? kasan_check_read+0x11/0x20
[  379.124353]  ? rcu_is_watching+0x85/0x140
[  379.128484]  ? __lock_is_held+0xb5/0x140
[  379.132532]  ? rcu_bh_force_quiescent_state+0x20/0x20
[  379.137724]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  379.142916]  generic_make_request_checks+0x163d/0x2400
[  379.148180]  ? blk_init_queue+0x30/0x30
[  379.152149]  ? blk_queue_enter+0xbf5/0xdf0
[  379.156393]  ? kmem_cache_alloc+0x12e/0x760
[  379.160712]  ? mempool_alloc_slab+0x44/0x60
[  379.165031]  ? submit_bh_wbc+0x155/0x7c0
[  379.169105]  ? blk_exit_rl+0x80/0x80
[  379.172824]  ? debug_check_no_locks_freed+0x310/0x310
[  379.178027]  ? print_usage_bug+0xc0/0xc0
[  379.182078]  ? print_usage_bug+0xc0/0xc0
[  379.186133]  ? graph_lock+0x170/0x170
[  379.189926]  ? graph_lock+0x170/0x170
[  379.193711]  ? debug_check_no_locks_freed+0x310/0x310
[  379.198885]  ? debug_check_no_locks_freed+0x310/0x310
[  379.204066]  ? graph_lock+0x170/0x170
[  379.207858]  ? __lock_is_held+0xb5/0x140
[  379.211909]  generic_make_request+0x166/0x1510
[  379.216474]  ? graph_lock+0x170/0x170
[  379.220262]  ? blk_get_request+0x40/0x40
[  379.224307]  ? mempool_alloc_slab+0x44/0x60
[  379.228611]  ? mempool_free+0x370/0x370
[  379.232577]  ? mempool_alloc_slab+0x44/0x60
[  379.236900]  ? find_held_lock+0x36/0x1c0
[  379.240971]  ? lock_downgrade+0x8e0/0x8e0
[  379.245116]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  379.250638]  ? __disk_get_part+0x202/0x310
[  379.254870]  submit_bio+0xba/0x460
[  379.258393]  ? submit_bio+0xba/0x460
[  379.262090]  ? rcu_bh_force_quiescent_state+0x20/0x20
[  379.267264]  ? generic_make_request+0x1510/0x1510
[  379.272098]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  379.277376]  ? guard_bio_eod+0x2b4/0x600
[  379.281437]  submit_bh_wbc+0x5e8/0x7c0
[  379.285329]  write_dirty_buffer+0xba/0x150
[  379.289557]  jbd2_log_do_checkpoint+0xbe6/0x1340
[  379.294315]  ? __jbd2_journal_remove_checkpoint+0x8c0/0x8c0
[  379.300021]  ? lock_downgrade+0x8e0/0x8e0
[  379.304177]  ? kasan_check_read+0x11/0x20
[  379.308325]  ? do_raw_spin_unlock+0x9e/0x2e0
[  379.312726]  ? kasan_check_write+0x14/0x20
[  379.316947]  ? do_raw_spin_lock+0xc1/0x200
[  379.321170]  jbd2_journal_flush+0x156/0x540
[  379.325487]  ext4_ioctl+0x241e/0x4210
[  379.329270]  ? _parse_integer+0x13b/0x190
[  379.333403]  ? ext4_ioctl_group_add+0x560/0x560
[  379.338065]  ? _parse_integer+0x190/0x190
[  379.342199]  ? graph_lock+0x170/0x170
[  379.345983]  ? lock_release+0xa10/0xa10
[  379.349943]  ? check_same_owner+0x320/0x320
[  379.354250]  ? find_held_lock+0x36/0x1c0
[  379.358297]  ? graph_lock+0x170/0x170
[  379.362089]  ? find_held_lock+0x36/0x1c0
[  379.366139]  ? lock_downgrade+0x8e0/0x8e0
[  379.370285]  ? kasan_check_read+0x11/0x20
[  379.374429]  ? rcu_is_watching+0x85/0x140
[  379.378569]  ? rcu_bh_force_quiescent_state+0x20/0x20
[  379.383758]  ? __fget+0x40c/0x650
[  379.387197]  ? match_held_lock+0x841/0x8b0
[  379.391415]  ? expand_files.part.8+0x9a0/0x9a0
[  379.395990]  ? kasan_check_write+0x14/0x20
[  379.400219]  ? __mutex_unlock_slowpath+0x180/0x8a0
[  379.405141]  ? wait_for_completion+0x870/0x870
[  379.409709]  ? ext4_ioctl_group_add+0x560/0x560
[  379.414366]  do_vfs_ioctl+0x1cf/0x16a0
[  379.418245]  ? ioctl_preallocate+0x2e0/0x2e0
[  379.422637]  ? fget_raw+0x20/0x20
[  379.426077]  ? __sb_end_write+0xac/0xe0
[  379.430046]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  379.435569]  ? fput+0x130/0x1a0
[  379.438831]  ? ksys_write+0x1a6/0x250
[  379.442621]  ? security_file_ioctl+0x94/0xc0
[  379.447023]  ksys_ioctl+0xa9/0xd0
[  379.450480]  __x64_sys_ioctl+0x73/0xb0
[  379.454373]  do_syscall_64+0x1b1/0x800
[  379.458255]  ? finish_task_switch+0x1ca/0x840
[  379.462745]  ? syscall_return_slowpath+0x5c0/0x5c0
[  379.467660]  ? syscall_return_slowpath+0x30f/0x5c0
[  379.472589]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  379.477948]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  379.482791]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  379.487981] RIP: 0033:0x455a09
[  379.491162] RSP: 002b:00007f899b091c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  379.498860] RAX: ffffffffffffffda RBX: 00007f899b0926d4 RCX: 0000000000455a09
[  379.506112] RDX: 0000000020000080 RSI: 0000000040086607 RDI: 0000000000000013
[  379.513543] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
2018/05/15 13:08:43 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400000000000000001f38000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

[  379.520805] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014
[  379.528056] R13: 00000000000001e0 R14: 00000000006f6da0 R15: 0000000000000001
[  379.546565] binder: 22944:22947 got reply transaction with no transaction stack
[  379.554116] binder: 22944:22947 transaction failed 29201/-71, size 0-0 line 2763
2018/05/15 13:08:43 executing program 4:
bpf$MAP_CREATE(0x9a7c0000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:43 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
ioctl$TIOCGSOFTCAR(r1, 0x5419, &(0x7f0000000000))
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x2f, &(0x7f0000000040), 0x4)

2018/05/15 13:08:43 executing program 7:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff})
socketpair$ax25(0x3, 0x141a4c8c55ad737, 0xcf, &(0x7f00000000c0))
fcntl$setpipe(r0, 0x407, 0x9476fe0)
r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x40000, 0x0)
ioctl$PIO_CMAP(r1, 0x4b71, &(0x7f0000000040)={0x0, 0x1, 0x1, 0xffffffff, 0x1, 0x3})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r0, 0x4058534c, &(0x7f0000000100)={0x400, 0xffffffff, 0x0, 0x2b, 0x10001, 0x7})

2018/05/15 13:08:43 executing program 0 (fault-call:1 fault-nth:2):
r0 = syz_open_procfs(0x0, &(0x7f0000000140)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a")
ioctl$DRM_IOCTL_RES_CTX(r0, 0x40086607, &(0x7f0000000080)={0x0, &(0x7f0000000540)})

[  379.720069] FAULT_INJECTION: forcing a failure.
[  379.720069] name failslab, interval 1, probability 0, space 0, times 0
[  379.731430] CPU: 1 PID: 22977 Comm: syz-executor0 Not tainted 4.17.0-rc5+ #51
[  379.738708] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  379.748080] Call Trace:
[  379.750685]  dump_stack+0x1b9/0x294
[  379.754331]  ? dump_stack_print_info.cold.2+0x52/0x52
[  379.759539]  should_fail.cold.4+0xa/0x1a
[  379.763602]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  379.768697]  ? kmem_cache_alloc+0x12e/0x760
[  379.773008]  ? mempool_alloc_slab+0x44/0x60
[  379.777339]  ? submit_bh_wbc+0x155/0x7c0
[  379.781393]  ? blk_exit_rl+0x80/0x80
[  379.785098]  ? find_held_lock+0x36/0x1c0
[  379.789145]  ? graph_lock+0x170/0x170
[  379.792950]  ? lock_downgrade+0x8e0/0x8e0
[  379.797117]  ? __lock_is_held+0xb5/0x140
[  379.801183]  __should_failslab+0x124/0x180
[  379.805415]  should_failslab+0x9/0x14
[  379.809227]  kmem_cache_alloc+0x47/0x760
[  379.813276]  ? rcu_note_context_switch+0x710/0x710
[  379.818199]  ? blk_get_request+0x40/0x40
[  379.822267]  ? mempool_free+0x370/0x370
[  379.826238]  mempool_alloc_slab+0x44/0x60
[  379.830383]  mempool_alloc+0x18b/0x490
[  379.834275]  ? remove_element.isra.4+0x1c0/0x1c0
[  379.839043]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  379.844588]  ? __lock_is_held+0xb5/0x140
[  379.848638]  bio_alloc_bioset+0x3a1/0x7f0
[  379.852772]  ? generic_make_request+0x1510/0x1510
[  379.857607]  ? bvec_alloc+0x2d0/0x2d0
[  379.861401]  ? check_same_owner+0x320/0x320
[  379.865816]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  379.870843]  ? guard_bio_eod+0x2b4/0x600
[  379.874906]  submit_bh_wbc+0x155/0x7c0
[  379.878796]  write_dirty_buffer+0xba/0x150
[  379.883031]  jbd2_log_do_checkpoint+0xbe6/0x1340
[  379.887788]  ? __jbd2_journal_remove_checkpoint+0x8c0/0x8c0
[  379.893486]  ? lock_downgrade+0x8e0/0x8e0
[  379.897620]  ? kasan_check_read+0x11/0x20
[  379.901757]  ? do_raw_spin_unlock+0x9e/0x2e0
[  379.906165]  ? kasan_check_write+0x14/0x20
[  379.910400]  ? do_raw_spin_lock+0xc1/0x200
[  379.914622]  jbd2_journal_flush+0x156/0x540
[  379.918960]  ext4_ioctl+0x241e/0x4210
[  379.922758]  ? _parse_integer+0x13b/0x190
[  379.926901]  ? ext4_ioctl_group_add+0x560/0x560
[  379.931557]  ? _parse_integer+0x190/0x190
[  379.935697]  ? graph_lock+0x170/0x170
[  379.939493]  ? lock_release+0xa10/0xa10
[  379.943458]  ? check_same_owner+0x320/0x320
[  379.947778]  ? find_held_lock+0x36/0x1c0
[  379.951846]  ? graph_lock+0x170/0x170
[  379.955642]  ? find_held_lock+0x36/0x1c0
[  379.959712]  ? lock_downgrade+0x8e0/0x8e0
[  379.963863]  ? kasan_check_read+0x11/0x20
[  379.968039]  ? rcu_is_watching+0x85/0x140
[  379.972207]  ? rcu_bh_force_quiescent_state+0x20/0x20
[  379.977397]  ? __fget+0x40c/0x650
[  379.980837]  ? match_held_lock+0x841/0x8b0
[  379.985069]  ? expand_files.part.8+0x9a0/0x9a0
[  379.989644]  ? kasan_check_write+0x14/0x20
[  379.993864]  ? __mutex_unlock_slowpath+0x180/0x8a0
[  379.998790]  ? wait_for_completion+0x870/0x870
[  380.003374]  ? ext4_ioctl_group_add+0x560/0x560
[  380.008061]  do_vfs_ioctl+0x1cf/0x16a0
[  380.011961]  ? ioctl_preallocate+0x2e0/0x2e0
[  380.016377]  ? fget_raw+0x20/0x20
[  380.019824]  ? __sb_end_write+0xac/0xe0
[  380.023798]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  380.029343]  ? fput+0x130/0x1a0
[  380.032632]  ? ksys_write+0x1a6/0x250
[  380.036442]  ? security_file_ioctl+0x94/0xc0
[  380.040842]  ksys_ioctl+0xa9/0xd0
[  380.044282]  __x64_sys_ioctl+0x73/0xb0
[  380.048161]  do_syscall_64+0x1b1/0x800
[  380.052052]  ? finish_task_switch+0x1ca/0x840
[  380.056544]  ? syscall_return_slowpath+0x5c0/0x5c0
[  380.061474]  ? syscall_return_slowpath+0x30f/0x5c0
[  380.066396]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  380.071749]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  380.076589]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  380.081766] RIP: 0033:0x455a09
[  380.084953] RSP: 002b:00007f899b091c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  380.092666] RAX: ffffffffffffffda RBX: 00007f899b0926d4 RCX: 0000000000455a09
[  380.099931] RDX: 0000000020000080 RSI: 0000000040086607 RDI: 0000000000000013
[  380.107189] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  380.114445] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014
[  380.121708] R13: 00000000000001e0 R14: 00000000006f6da0 R15: 0000000000000002
2018/05/15 13:08:43 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400000000000000001538000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:43 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x48, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:43 executing program 7:
pipe(&(0x7f0000000180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x72925b881a0406c0, 0x2, 0x1, 0x1000, &(0x7f0000fff000/0x1000)=nil})
setsockopt$inet_sctp6_SCTP_ADD_STREAMS(r0, 0x84, 0x79, &(0x7f0000000000), 0x4)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000080)={0x5, [<r2=>0x0, 0x0, 0x0, 0x0, 0x0]}, &(0x7f00000000c0)=0x18)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f00000001c0)={r2, @in={{0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1d}}}, 0x5, 0x100}, &(0x7f0000000100)=0x90)
fcntl$setpipe(r0, 0x407, 0x9476fe0)

2018/05/15 13:08:43 executing program 4:
bpf$MAP_CREATE(0xe2b3000000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:43 executing program 5:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r0, 0xc4c85513, &(0x7f00000002c0)={{0x4, 0x3, 0x7, 0x1, "861ba70e3575b5cafe72311110cfdc2e03bc3df4ef05d45be2b76fb7e71390cb89b0d21ef6dd711cf4d77dc5", 0x50b1}, 0x663, [0x1, 0x8, 0x7f, 0x8, 0x7ff, 0xffffffffffffffe1, 0x3f, 0x8852, 0x5, 0xd2d, 0x9, 0x9, 0x8000, 0x200, 0x4, 0x7fff, 0x3, 0x4, 0x2, 0x3, 0xfff, 0x5, 0x4, 0x6, 0x9, 0x10001, 0x80000001, 0x20, 0x13a3, 0x101, 0x80000000, 0x800, 0x0, 0x0, 0x0, 0x4, 0x1, 0x5, 0x0, 0x0, 0x52c, 0x80000001, 0x4, 0x18d5, 0x6, 0xffff, 0x6, 0xa51, 0x9, 0x0, 0x3, 0x2, 0xf5, 0x100, 0x3ff, 0x1, 0x20, 0x3, 0x6, 0x7, 0x8, 0x6, 0x2, 0x10001, 0x0, 0xd1a2, 0x31, 0x100000000, 0x0, 0x6, 0x0, 0xc41, 0xff, 0x3d7, 0xf63a, 0x2, 0x7fffffff, 0x40, 0x7, 0x85, 0x0, 0x8a, 0xfffffffffffffffb, 0x3ff, 0x1, 0x31e000000000, 0x2, 0x2, 0x1, 0x1800000000, 0x7, 0x8, 0x81, 0xfffffffffffffffe, 0x4c7abdd5, 0x2, 0x0, 0x101, 0x6, 0x5, 0x0, 0x927a, 0x9, 0x20, 0xfffffffffffffffe, 0x200, 0x40, 0xffffffffffffffe1, 0x8, 0xa9e, 0x1, 0x6, 0x1ff, 0x9, 0x101, 0x7f, 0x9, 0x4e4, 0x3, 0xfffffffffffff675, 0x9b, 0xe2, 0x1, 0x3f, 0x1ff, 0x100000000, 0x81, 0x9b8]})
fcntl$setpipe(r0, 0x407, 0x9476fe0)
vmsplice(r1, &(0x7f0000000280)=[{&(0x7f0000000180)='r', 0x1}], 0x1, 0x0)

2018/05/15 13:08:43 executing program 0 (fault-call:1 fault-nth:3):
r0 = syz_open_procfs(0x0, &(0x7f0000000140)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a")
ioctl$DRM_IOCTL_RES_CTX(r0, 0x40086607, &(0x7f0000000080)={0x0, &(0x7f0000000540)})

2018/05/15 13:08:43 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r0=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r0+30000000}}, &(0x7f0000040000))
tkill(0x0, 0x1000000000016)

2018/05/15 13:08:43 executing program 1:
r0 = fcntl$dupfd(0xffffffffffffff9c, 0x0, 0xffffffffffffff9c)
ioctl$SG_GET_SG_TABLESIZE(r0, 0x227f, &(0x7f0000000080))
r1 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r1, 0x400000000000004)
socket$inet6(0xa, 0x4, 0x100000001)
r2 = dup2(r1, r1)
bind$inet6(r1, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r2, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r2, 0x1, 0x7, &(0x7f0000000040), 0x4)
setsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r2, 0x84, 0x13, &(0x7f0000000000)=0x2, 0x4)

2018/05/15 13:08:43 executing program 4:
bpf$MAP_CREATE(0x36030000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:43 executing program 7 (fault-call:1 fault-nth:0):
r0 = syz_open_procfs(0x0, &(0x7f0000000140)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a")
ioctl$DRM_IOCTL_RES_CTX(r0, 0x40086607, &(0x7f0000000080)={0x0, &(0x7f0000000540)})

[  380.254303] FAULT_INJECTION: forcing a failure.
[  380.254303] name failslab, interval 1, probability 0, space 0, times 0
[  380.265780] CPU: 1 PID: 22988 Comm: syz-executor0 Not tainted 4.17.0-rc5+ #51
[  380.273062] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  380.282417] Call Trace:
[  380.285030]  dump_stack+0x1b9/0x294
[  380.288665]  ? dump_stack_print_info.cold.2+0x52/0x52
[  380.293850]  should_fail.cold.4+0xa/0x1a
[  380.297923]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  380.303046]  ? kmem_cache_alloc+0x12e/0x760
[  380.307365]  ? mempool_alloc_slab+0x44/0x60
[  380.311693]  ? submit_bh_wbc+0x155/0x7c0
[  380.315751]  ? blk_exit_rl+0x80/0x80
[  380.319467]  ? find_held_lock+0x36/0x1c0
[  380.323524]  ? graph_lock+0x170/0x170
[  380.327321]  ? lock_downgrade+0x8e0/0x8e0
[  380.331471]  ? __lock_is_held+0xb5/0x140
[  380.335534]  __should_failslab+0x124/0x180
[  380.339759]  should_failslab+0x9/0x14
[  380.343563]  kmem_cache_alloc+0x47/0x760
[  380.347615]  ? rcu_note_context_switch+0x710/0x710
[  380.352532]  ? blk_get_request+0x40/0x40
[  380.356594]  ? mempool_free+0x370/0x370
[  380.360570]  mempool_alloc_slab+0x44/0x60
[  380.364711]  mempool_alloc+0x18b/0x490
[  380.368595]  ? remove_element.isra.4+0x1c0/0x1c0
[  380.373344]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  380.378868]  ? __lock_is_held+0xb5/0x140
[  380.382919]  bio_alloc_bioset+0x3a1/0x7f0
[  380.387070]  ? generic_make_request+0x1510/0x1510
[  380.391910]  ? bvec_alloc+0x2d0/0x2d0
[  380.395704]  ? check_same_owner+0x320/0x320
[  380.400029]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  380.405049]  ? guard_bio_eod+0x2b4/0x600
[  380.409109]  submit_bh_wbc+0x155/0x7c0
[  380.412993]  write_dirty_buffer+0xba/0x150
[  380.417223]  jbd2_log_do_checkpoint+0xbe6/0x1340
[  380.421992]  ? __jbd2_journal_remove_checkpoint+0x8c0/0x8c0
[  380.427713]  ? lock_downgrade+0x8e0/0x8e0
[  380.431875]  ? kasan_check_read+0x11/0x20
[  380.436028]  ? do_raw_spin_unlock+0x9e/0x2e0
[  380.440430]  ? kasan_check_write+0x14/0x20
[  380.444650]  ? do_raw_spin_lock+0xc1/0x200
[  380.448876]  jbd2_journal_flush+0x156/0x540
[  380.453185]  ext4_ioctl+0x241e/0x4210
[  380.456971]  ? _parse_integer+0x13b/0x190
[  380.461107]  ? ext4_ioctl_group_add+0x560/0x560
[  380.465769]  ? _parse_integer+0x190/0x190
[  380.469900]  ? graph_lock+0x170/0x170
[  380.473683]  ? lock_release+0xa10/0xa10
[  380.477641]  ? check_same_owner+0x320/0x320
[  380.481949]  ? find_held_lock+0x36/0x1c0
[  380.485991]  ? graph_lock+0x170/0x170
[  380.489783]  ? find_held_lock+0x36/0x1c0
[  380.493843]  ? lock_downgrade+0x8e0/0x8e0
[  380.497979]  ? kasan_check_read+0x11/0x20
[  380.502119]  ? rcu_is_watching+0x85/0x140
[  380.506255]  ? rcu_bh_force_quiescent_state+0x20/0x20
[  380.511437]  ? __fget+0x40c/0x650
[  380.514883]  ? match_held_lock+0x841/0x8b0
[  380.519119]  ? expand_files.part.8+0x9a0/0x9a0
[  380.523700]  ? kasan_check_write+0x14/0x20
[  380.527919]  ? __mutex_unlock_slowpath+0x180/0x8a0
[  380.532847]  ? wait_for_completion+0x870/0x870
[  380.537427]  ? ext4_ioctl_group_add+0x560/0x560
[  380.542093]  do_vfs_ioctl+0x1cf/0x16a0
[  380.545980]  ? ioctl_preallocate+0x2e0/0x2e0
[  380.550376]  ? fget_raw+0x20/0x20
[  380.553817]  ? __sb_end_write+0xac/0xe0
[  380.557779]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  380.563326]  ? fput+0x130/0x1a0
[  380.566597]  ? ksys_write+0x1a6/0x250
[  380.570394]  ? security_file_ioctl+0x94/0xc0
[  380.574801]  ksys_ioctl+0xa9/0xd0
[  380.578250]  __x64_sys_ioctl+0x73/0xb0
[  380.582128]  do_syscall_64+0x1b1/0x800
[  380.586003]  ? finish_task_switch+0x1ca/0x840
[  380.590506]  ? syscall_return_slowpath+0x5c0/0x5c0
[  380.595434]  ? syscall_return_slowpath+0x30f/0x5c0
[  380.600363]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  380.605718]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  380.610555]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  380.615745] RIP: 0033:0x455a09
[  380.618925] RSP: 002b:00007f899b091c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  380.626631] RAX: ffffffffffffffda RBX: 00007f899b0926d4 RCX: 0000000000455a09
[  380.633902] RDX: 0000000020000080 RSI: 0000000040086607 RDI: 0000000000000013
[  380.641153] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  380.648406] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014
[  380.655668] R13: 00000000000001e0 R14: 00000000006f6da0 R15: 0000000000000003
[  380.673130] binder: 22991:22996 got reply transaction with no transaction stack
[  380.680667] binder: 22991:22996 transaction failed 29201/-71, size 0-0 line 2763
[  380.722629] FAULT_INJECTION: forcing a failure.
[  380.722629] name failslab, interval 1, probability 0, space 0, times 0
[  380.733988] CPU: 1 PID: 23009 Comm: syz-executor7 Not tainted 4.17.0-rc5+ #51
[  380.741621] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  380.750975] Call Trace:
[  380.753576]  dump_stack+0x1b9/0x294
[  380.757220]  ? dump_stack_print_info.cold.2+0x52/0x52
[  380.762421]  ? __lock_acquire+0x7f5/0x5140
[  380.766674]  should_fail.cold.4+0xa/0x1a
2018/05/15 13:08:44 executing program 5:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = syz_genetlink_get_family_id$team(&(0x7f0000000100)='team\x00')
getsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, &(0x7f00000003c0)={{{@in6=@local, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}}, {{@in6=@dev}}}, &(0x7f0000000140)=0xe8)
getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000004c0)={{{@in6=@local, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0, <r5=>0x0}}, {{}, 0x0, @in6=@dev}}, &(0x7f00000001c0)=0xe8)
r6 = accept(r0, &(0x7f0000000200)=@can={0x0, <r7=>0x0}, &(0x7f00000005c0)=0x80)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000000600)={{{@in=@loopback, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r8=>0x0}}, {{@in=@local}, 0x0, @in6=@local}}, &(0x7f0000000700)=0xe8)
getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000800)={{{@in6=@loopback, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0}}, {{@in=@rand_addr}, 0x0, @in=@multicast2}}, &(0x7f0000000900)=0xe8)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000940)={'veth0\x00', <r10=>0x0})
ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000780)=<r11=>0x0)
ioctl$DRM_IOCTL_GET_CLIENT(r0, 0xc0286405, &(0x7f00000007c0)={0x100000, 0x1, r11, 0x7ff, r5, 0x5, 0x2, 0x1})
getpeername$packet(r0, &(0x7f00000009c0)={0x0, 0x0, <r12=>0x0, 0x0, 0x0, 0x0, @link_local}, &(0x7f0000000a00)=0x14)
getsockopt$inet6_mreq(r0, 0x29, 0x1d, &(0x7f0000000b40)={@ipv4={[], [], @rand_addr}, <r13=>0x0}, &(0x7f0000000b80)=0x14)
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000001100)={{{@in=@loopback, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r14=>0x0}}, {{@in=@local}, 0x0, @in6=@remote}}, &(0x7f0000001200)=0xe8)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000001240)={'team0\x00', <r15=>0x0})
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000001580)={{{@in6=@mcast2, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r16=>0x0}}, {{}, 0x0, @in6=@ipv4={[], [], @multicast2}}}, &(0x7f0000001680)=0xe8)
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f00000016c0)={{{@in=@multicast2, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r17=>0x0}}, {{@in6=@loopback}, 0x0, @in=@loopback}}, &(0x7f00000017c0)=0xe8)
getsockopt$inet_IP_IPSEC_POLICY(r1, 0x0, 0x10, &(0x7f0000001800)={{{@in6=@remote, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r18=>0x0}}, {{@in6=@dev}, 0x0, @in6=@dev}}, &(0x7f0000001900)=0xe8)
sendmsg$TEAM_CMD_OPTIONS_GET(r1, &(0x7f0000001d00)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20400042}, 0xc, &(0x7f0000001cc0)={&(0x7f0000001940)={0x354, r2, 0x300, 0x70bd28, 0x25dfdbff, {0x2}, [{{0x8, 0x1, r3}, {0x22c, 0x2, [{0x3c, 0x1, @user_linkup_enabled={{{0x24, 0x1, 'user_linkup_enabled\x00'}, {0x8, 0x3, 0x6}, {0x4, 0x4}}, {0x8, 0x6, r4}}}, {0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8, 0x3, 0x6}, {0x4, 0x4}}, {0x8, 0x6, r7}}}, {0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x8, 0x3, 0xb}, {0x8, 0x4, 0x6}}, {0x8, 0x7}}}, {0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x8, 0x3, 0xe}, {0x8, 0x4, 0x3}}, {0x8, 0x6, r8}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8, 0x3, 0xb}, {0x8, 0x4, 0x3dc}}, {0x8, 0x6, r9}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8, 0x3, 0x6}, {0x4, 0x4}}, {0x8, 0x6, r10}}}, {0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8, 0x3, 0x6}, {0x4, 0x4}}, {0x8, 0x6, r12}}}, {0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, r13}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8, 0x3, 0xb}, {0x8, 0x4, 0x9}}, {0x8, 0x6, r14}}}]}}, {{0x8, 0x1, r15}, {0x104, 0x2, [{0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8, 0x3, 0x6}, {0x4, 0x4}}, {0x8, 0x6, r16}}}, {0x40, 0x1, @queue_id={{{0x24, 0x1, 'queue_id\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x3ff}}, {0x8, 0x6, r17}}}, {0x44, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8, 0x3, 0xb}, {0x14, 0x4, [{0x0, 0x6, 0x8, 0x7}, {0x81, 0x10001, 0x0, 0x4}]}}}, {0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x8, 0x3, 0xe}, {0x8, 0x4, 0xef02}}, {0x8, 0x6, r18}}}]}}]}, 0x354}, 0x1, 0x0, 0x0, 0x20000000}, 0x80)
setsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(r0, 0x84, 0x12, &(0x7f0000000740)=0x4, 0x4)
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
socket$unix(0x1, 0x3, 0x0)
vmsplice(r1, &(0x7f0000000280)=[{&(0x7f0000000180)='r', 0x1}], 0x1, 0x0)
flock(r1, 0x2)
getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(r0, 0x84, 0x70, &(0x7f00000002c0)={<r19=>0x0, @in6={{0xa, 0x4e23, 0x0, @mcast2={0xff, 0x2, [], 0x1}, 0x2}}, [0x8, 0x1, 0x4f67, 0x5, 0x8, 0x2, 0x76fc, 0xfffffffffffffffe, 0x100, 0x580, 0x7c, 0x1000, 0xcc, 0x514, 0x101]}, &(0x7f0000000000)=0x100)
setsockopt$inet_sctp_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f0000000040)={r19, 0x2}, 0x8)
ioctl$sock_SIOCETHTOOL(r6, 0x8946, &(0x7f0000000980)={'ip_vti0\x00', &(0x7f0000000a40)=@ethtool_eeprom={0xc, 0x8, 0x5, 0x7f, "ba37e3733c88affffd150e2ec645011c6c066d8cfe96afd5f3a62cbe6d377e9e1a3b8100b47f49e25c17c68d32001d5c59af11a654d5a9aec0ce835c40dc6f2d25282749da4fb6acea576959b70dc87cff153df19830c0b76730deeb14e937f2396e9a3cd672b046fb034dd53ade82c8f4aea66b5565545c169fadf9e9e3df"}})

2018/05/15 13:08:44 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x4800000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:44 executing program 0 (fault-call:1 fault-nth:4):
r0 = syz_open_procfs(0x0, &(0x7f0000000140)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a")
ioctl$DRM_IOCTL_RES_CTX(r0, 0x40086607, &(0x7f0000000080)={0x0, &(0x7f0000000540)})

[  380.770749]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  380.775865]  ? debug_check_no_locks_freed+0x310/0x310
[  380.781067]  ? debug_check_no_locks_freed+0x310/0x310
[  380.786272]  ? __lock_acquire+0x7f5/0x5140
[  380.790514]  ? print_usage_bug+0xc0/0xc0
[  380.794585]  ? print_usage_bug+0xc0/0xc0
[  380.798657]  ? graph_lock+0x170/0x170
[  380.802476]  ? debug_check_no_locks_freed+0x310/0x310
[  380.807665]  ? debug_check_no_locks_freed+0x310/0x310
[  380.812840]  ? graph_lock+0x170/0x170
[  380.816729]  ? __lock_is_held+0xb5/0x140
[  380.820814]  __should_failslab+0x124/0x180
[  380.825067]  should_failslab+0x9/0x14
[  380.828876]  kmem_cache_alloc+0x47/0x760
[  380.832938]  ? rcu_note_context_switch+0x710/0x710
[  380.837880]  ? mempool_free+0x370/0x370
[  380.841855]  mempool_alloc_slab+0x44/0x60
[  380.846004]  mempool_alloc+0x18b/0x490
[  380.849890]  ? remove_element.isra.4+0x1c0/0x1c0
[  380.854637]  ? kasan_check_read+0x11/0x20
[  380.858782]  ? do_raw_spin_unlock+0x9e/0x2e0
[  380.863184]  ? __lock_is_held+0xb5/0x140
[  380.867244]  bio_alloc_bioset+0x3a1/0x7f0
[  380.871385]  ? bvec_alloc+0x2d0/0x2d0
[  380.875175]  ? check_same_owner+0x320/0x320
[  380.879487]  submit_bh_wbc+0x155/0x7c0
[  380.883367]  write_dirty_buffer+0xba/0x150
[  380.887596]  jbd2_log_do_checkpoint+0xbe6/0x1340
[  380.892359]  ? __jbd2_journal_remove_checkpoint+0x8c0/0x8c0
[  380.898083]  ? lock_downgrade+0x8e0/0x8e0
[  380.902248]  ? kasan_check_read+0x11/0x20
[  380.906394]  ? do_raw_spin_unlock+0x9e/0x2e0
[  380.910791]  ? kasan_check_write+0x14/0x20
[  380.915017]  ? do_raw_spin_lock+0xc1/0x200
[  380.919249]  jbd2_journal_flush+0x156/0x540
[  380.923558]  ext4_ioctl+0x241e/0x4210
[  380.927342]  ? _parse_integer+0x13b/0x190
[  380.931478]  ? ext4_ioctl_group_add+0x560/0x560
[  380.936134]  ? _parse_integer+0x190/0x190
[  380.940267]  ? graph_lock+0x170/0x170
[  380.944064]  ? lock_release+0xa10/0xa10
[  380.948046]  ? check_same_owner+0x320/0x320
[  380.952360]  ? find_held_lock+0x36/0x1c0
[  380.956405]  ? graph_lock+0x170/0x170
[  380.960191]  ? find_held_lock+0x36/0x1c0
[  380.964242]  ? lock_downgrade+0x8e0/0x8e0
[  380.968383]  ? kasan_check_read+0x11/0x20
[  380.972516]  ? rcu_is_watching+0x85/0x140
[  380.976647]  ? rcu_bh_force_quiescent_state+0x20/0x20
[  380.981829]  ? __fget+0x40c/0x650
[  380.985267]  ? match_held_lock+0x841/0x8b0
[  380.989487]  ? expand_files.part.8+0x9a0/0x9a0
[  380.994059]  ? kasan_check_write+0x14/0x20
[  380.998280]  ? __mutex_unlock_slowpath+0x180/0x8a0
[  381.003202]  ? wait_for_completion+0x870/0x870
[  381.007784]  ? ext4_ioctl_group_add+0x560/0x560
[  381.012448]  do_vfs_ioctl+0x1cf/0x16a0
[  381.016336]  ? ioctl_preallocate+0x2e0/0x2e0
[  381.020732]  ? fget_raw+0x20/0x20
[  381.024175]  ? __sb_end_write+0xac/0xe0
[  381.028139]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  381.033669]  ? fput+0x130/0x1a0
[  381.036938]  ? ksys_write+0x1a6/0x250
[  381.040728]  ? security_file_ioctl+0x94/0xc0
[  381.045123]  ksys_ioctl+0xa9/0xd0
[  381.048571]  __x64_sys_ioctl+0x73/0xb0
[  381.052454]  do_syscall_64+0x1b1/0x800
[  381.056335]  ? finish_task_switch+0x1ca/0x840
[  381.060830]  ? syscall_return_slowpath+0x5c0/0x5c0
[  381.065757]  ? syscall_return_slowpath+0x30f/0x5c0
[  381.070696]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  381.076070]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  381.080916]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  381.086099] RIP: 0033:0x455a09
[  381.089275] RSP: 002b:00007f5427f69c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  381.096966] RAX: ffffffffffffffda RBX: 00007f5427f6a6d4 RCX: 0000000000455a09
[  381.104232] RDX: 0000000020000080 RSI: 0000000040086607 RDI: 0000000000000013
[  381.111509] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  381.118777] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014
[  381.126038] R13: 00000000000001e0 R14: 00000000006f6da0 R15: 0000000000000000
[  381.162797] binder: 23011:23014 got reply transaction with no transaction stack
2018/05/15 13:08:44 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400000000000000000538000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:44 executing program 4:
bpf$MAP_CREATE(0x9401, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:44 executing program 7 (fault-call:1 fault-nth:1):
r0 = syz_open_procfs(0x0, &(0x7f0000000140)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a")
ioctl$DRM_IOCTL_RES_CTX(r0, 0x40086607, &(0x7f0000000080)={0x0, &(0x7f0000000540)})

[  381.170389] binder: 23011:23014 transaction failed 29201/-71, size 0-0 line 2763
[  381.194473] FAULT_INJECTION: forcing a failure.
[  381.194473] name failslab, interval 1, probability 0, space 0, times 0
[  381.205820] CPU: 1 PID: 23016 Comm: syz-executor0 Not tainted 4.17.0-rc5+ #51
[  381.213116] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  381.222472] Call Trace:
[  381.225079]  dump_stack+0x1b9/0x294
[  381.228721]  ? dump_stack_print_info.cold.2+0x52/0x52
[  381.233932]  should_fail.cold.4+0xa/0x1a
[  381.238021]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  381.243135]  ? kmem_cache_alloc+0x12e/0x760
[  381.247465]  ? mempool_alloc_slab+0x44/0x60
[  381.251786]  ? submit_bh_wbc+0x155/0x7c0
[  381.255847]  ? blk_exit_rl+0x80/0x80
[  381.259562]  ? find_held_lock+0x36/0x1c0
[  381.263621]  ? graph_lock+0x170/0x170
[  381.267415]  ? lock_downgrade+0x8e0/0x8e0
[  381.271559]  ? __lock_is_held+0xb5/0x140
[  381.275612]  __should_failslab+0x124/0x180
[  381.279838]  should_failslab+0x9/0x14
[  381.283625]  kmem_cache_alloc+0x47/0x760
[  381.287686]  ? rcu_note_context_switch+0x710/0x710
[  381.292613]  ? blk_get_request+0x40/0x40
[  381.296665]  ? mempool_free+0x370/0x370
[  381.300629]  mempool_alloc_slab+0x44/0x60
[  381.304775]  mempool_alloc+0x18b/0x490
[  381.308662]  ? remove_element.isra.4+0x1c0/0x1c0
[  381.313421]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  381.318963]  ? __lock_is_held+0xb5/0x140
[  381.323034]  bio_alloc_bioset+0x3a1/0x7f0
[  381.327188]  ? generic_make_request+0x1510/0x1510
[  381.332039]  ? bvec_alloc+0x2d0/0x2d0
[  381.335843]  ? check_same_owner+0x320/0x320
[  381.340161]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  381.345167]  ? guard_bio_eod+0x2b4/0x600
[  381.349220]  submit_bh_wbc+0x155/0x7c0
[  381.353102]  write_dirty_buffer+0xba/0x150
[  381.357324]  jbd2_log_do_checkpoint+0xbe6/0x1340
[  381.362075]  ? __jbd2_journal_remove_checkpoint+0x8c0/0x8c0
[  381.367777]  ? lock_downgrade+0x8e0/0x8e0
[  381.371913]  ? kasan_check_read+0x11/0x20
[  381.376053]  ? do_raw_spin_unlock+0x9e/0x2e0
[  381.380455]  ? kasan_check_write+0x14/0x20
[  381.384674]  ? do_raw_spin_lock+0xc1/0x200
[  381.388899]  jbd2_journal_flush+0x156/0x540
[  381.393209]  ext4_ioctl+0x241e/0x4210
[  381.397002]  ? _parse_integer+0x13b/0x190
[  381.401149]  ? ext4_ioctl_group_add+0x560/0x560
[  381.405813]  ? _parse_integer+0x190/0x190
[  381.409955]  ? graph_lock+0x170/0x170
[  381.413739]  ? lock_release+0xa10/0xa10
[  381.417699]  ? check_same_owner+0x320/0x320
[  381.422008]  ? find_held_lock+0x36/0x1c0
[  381.426075]  ? graph_lock+0x170/0x170
[  381.429873]  ? find_held_lock+0x36/0x1c0
[  381.433922]  ? lock_downgrade+0x8e0/0x8e0
[  381.438067]  ? kasan_check_read+0x11/0x20
[  381.442209]  ? rcu_is_watching+0x85/0x140
[  381.446351]  ? rcu_bh_force_quiescent_state+0x20/0x20
[  381.451543]  ? __fget+0x40c/0x650
[  381.454985]  ? match_held_lock+0x841/0x8b0
[  381.459219]  ? expand_files.part.8+0x9a0/0x9a0
[  381.463802]  ? kasan_check_write+0x14/0x20
[  381.468035]  ? __mutex_unlock_slowpath+0x180/0x8a0
[  381.472972]  ? wait_for_completion+0x870/0x870
[  381.477542]  ? ext4_ioctl_group_add+0x560/0x560
[  381.482197]  do_vfs_ioctl+0x1cf/0x16a0
[  381.486078]  ? ioctl_preallocate+0x2e0/0x2e0
[  381.490483]  ? fget_raw+0x20/0x20
[  381.493923]  ? __sb_end_write+0xac/0xe0
[  381.497897]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  381.503436]  ? fput+0x130/0x1a0
[  381.506799]  ? ksys_write+0x1a6/0x250
[  381.510587]  ? security_file_ioctl+0x94/0xc0
[  381.514998]  ksys_ioctl+0xa9/0xd0
[  381.518457]  __x64_sys_ioctl+0x73/0xb0
[  381.522346]  do_syscall_64+0x1b1/0x800
[  381.526224]  ? finish_task_switch+0x1ca/0x840
[  381.530720]  ? syscall_return_slowpath+0x5c0/0x5c0
[  381.535646]  ? syscall_return_slowpath+0x30f/0x5c0
[  381.540573]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  381.545933]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  381.550772]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  381.555950] RIP: 0033:0x455a09
[  381.559134] RSP: 002b:00007f899b091c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  381.566859] RAX: ffffffffffffffda RBX: 00007f899b0926d4 RCX: 0000000000455a09
[  381.574144] RDX: 0000000020000080 RSI: 0000000040086607 RDI: 0000000000000013
[  381.581401] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  381.588657] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014
[  381.595939] R13: 00000000000001e0 R14: 00000000006f6da0 R15: 0000000000000004
[  381.645710] FAULT_INJECTION: forcing a failure.
[  381.645710] name failslab, interval 1, probability 0, space 0, times 0
[  381.657091] CPU: 1 PID: 23027 Comm: syz-executor7 Not tainted 4.17.0-rc5+ #51
[  381.664376] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  381.673738] Call Trace:
[  381.676341]  dump_stack+0x1b9/0x294
[  381.679982]  ? dump_stack_print_info.cold.2+0x52/0x52
[  381.685183]  ? print_usage_bug+0xc0/0xc0
[  381.689260]  should_fail.cold.4+0xa/0x1a
[  381.693337]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  381.698456]  ? __lock_acquire+0x7f5/0x5140
[  381.702713]  ? debug_check_no_locks_freed+0x310/0x310
[  381.707923]  ? task_fork_fair+0x660/0x660
[  381.712089]  ? graph_lock+0x170/0x170
[  381.715900]  ? print_usage_bug+0xc0/0xc0
[  381.720342]  __should_failslab+0x124/0x180
[  381.724568]  should_failslab+0x9/0x14
[  381.728371]  kmem_cache_alloc_node+0x56/0x780
[  381.732890]  create_task_io_context+0xb5/0x5e0
[  381.737483]  ? ioc_clear_queue+0x5e0/0x5e0
[  381.741729]  ? lock_downgrade+0x8e0/0x8e0
[  381.745881]  ? kasan_check_read+0x11/0x20
[  381.750031]  ? rcu_is_watching+0x85/0x140
[  381.754168]  ? __lock_is_held+0xb5/0x140
[  381.758223]  ? rcu_bh_force_quiescent_state+0x20/0x20
[  381.763403]  ? __sanitizer_cov_trace_switch+0x53/0x90
[  381.768580]  generic_make_request_checks+0x163d/0x2400
[  381.773864]  ? blk_init_queue+0x30/0x30
[  381.777839]  ? blk_queue_enter+0xbf5/0xdf0
[  381.782069]  ? kmem_cache_alloc+0x12e/0x760
[  381.786377]  ? mempool_alloc_slab+0x44/0x60
[  381.790684]  ? submit_bh_wbc+0x155/0x7c0
[  381.794742]  ? blk_exit_rl+0x80/0x80
[  381.798446]  ? debug_check_no_locks_freed+0x310/0x310
[  381.803617]  ? print_usage_bug+0xc0/0xc0
[  381.807667]  ? print_usage_bug+0xc0/0xc0
[  381.811710]  ? graph_lock+0x170/0x170
[  381.815505]  ? graph_lock+0x170/0x170
[  381.819300]  ? debug_check_no_locks_freed+0x310/0x310
[  381.824474]  ? debug_check_no_locks_freed+0x310/0x310
[  381.829646]  ? graph_lock+0x170/0x170
[  381.833443]  ? __lock_is_held+0xb5/0x140
[  381.837504]  generic_make_request+0x166/0x1510
[  381.842094]  ? graph_lock+0x170/0x170
[  381.845889]  ? blk_get_request+0x40/0x40
[  381.849937]  ? mempool_alloc_slab+0x44/0x60
[  381.854256]  ? mempool_free+0x370/0x370
[  381.858226]  ? mempool_alloc_slab+0x44/0x60
[  381.862548]  ? find_held_lock+0x36/0x1c0
[  381.866598]  ? lock_downgrade+0x8e0/0x8e0
[  381.870733]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  381.876255]  ? __disk_get_part+0x202/0x310
[  381.880505]  submit_bio+0xba/0x460
[  381.884049]  ? submit_bio+0xba/0x460
[  381.887759]  ? rcu_bh_force_quiescent_state+0x20/0x20
[  381.892933]  ? generic_make_request+0x1510/0x1510
[  381.897793]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  381.902793]  ? guard_bio_eod+0x2b4/0x600
[  381.906855]  submit_bh_wbc+0x5e8/0x7c0
[  381.910741]  write_dirty_buffer+0xba/0x150
[  381.914961]  jbd2_log_do_checkpoint+0xbe6/0x1340
[  381.919706]  ? __jbd2_journal_remove_checkpoint+0x8c0/0x8c0
[  381.925402]  ? lock_downgrade+0x8e0/0x8e0
[  381.929539]  ? kasan_check_read+0x11/0x20
[  381.933672]  ? do_raw_spin_unlock+0x9e/0x2e0
[  381.938071]  ? kasan_check_write+0x14/0x20
[  381.942303]  ? do_raw_spin_lock+0xc1/0x200
[  381.946538]  jbd2_journal_flush+0x156/0x540
[  381.950859]  ext4_ioctl+0x241e/0x4210
[  381.954645]  ? _parse_integer+0x13b/0x190
[  381.958780]  ? ext4_ioctl_group_add+0x560/0x560
[  381.963437]  ? _parse_integer+0x190/0x190
[  381.967585]  ? graph_lock+0x170/0x170
[  381.971382]  ? lock_release+0xa10/0xa10
[  381.975347]  ? check_same_owner+0x320/0x320
[  381.979660]  ? find_held_lock+0x36/0x1c0
[  381.983707]  ? graph_lock+0x170/0x170
[  381.987500]  ? find_held_lock+0x36/0x1c0
[  381.991552]  ? lock_downgrade+0x8e0/0x8e0
[  381.995689]  ? kasan_check_read+0x11/0x20
[  381.999830]  ? rcu_is_watching+0x85/0x140
[  382.003986]  ? rcu_bh_force_quiescent_state+0x20/0x20
[  382.009173]  ? __fget+0x40c/0x650
[  382.012639]  ? match_held_lock+0x841/0x8b0
[  382.016878]  ? expand_files.part.8+0x9a0/0x9a0
[  382.021457]  ? kasan_check_write+0x14/0x20
[  382.025681]  ? __mutex_unlock_slowpath+0x180/0x8a0
[  382.030599]  ? wait_for_completion+0x870/0x870
[  382.035192]  ? ext4_ioctl_group_add+0x560/0x560
[  382.039862]  do_vfs_ioctl+0x1cf/0x16a0
[  382.043772]  ? ioctl_preallocate+0x2e0/0x2e0
[  382.048174]  ? fget_raw+0x20/0x20
[  382.051618]  ? __sb_end_write+0xac/0xe0
[  382.055582]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  382.061103]  ? fput+0x130/0x1a0
[  382.064367]  ? ksys_write+0x1a6/0x250
[  382.068166]  ? security_file_ioctl+0x94/0xc0
[  382.072586]  ksys_ioctl+0xa9/0xd0
[  382.076039]  __x64_sys_ioctl+0x73/0xb0
[  382.079921]  do_syscall_64+0x1b1/0x800
[  382.083792]  ? finish_task_switch+0x1ca/0x840
[  382.088281]  ? syscall_return_slowpath+0x5c0/0x5c0
[  382.093193]  ? syscall_return_slowpath+0x30f/0x5c0
[  382.098120]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  382.103494]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  382.108323]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  382.113495] RIP: 0033:0x455a09
[  382.116669] RSP: 002b:00007f5427f69c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  382.124362] RAX: ffffffffffffffda RBX: 00007f5427f6a6d4 RCX: 0000000000455a09
[  382.131619] RDX: 0000000020000080 RSI: 0000000040086607 RDI: 0000000000000013
[  382.138873] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  382.146137] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014
[  382.153391] R13: 00000000000001e0 R14: 00000000006f6da0 R15: 0000000000000001
2018/05/15 13:08:45 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x4c00000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:45 executing program 0:
r0 = syz_open_procfs(0x0, &(0x7f0000000140)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a")
ioctl$DRM_IOCTL_RES_CTX(r0, 0x40086607, &(0x7f0000000080)={0x0, &(0x7f0000000540)})

2018/05/15 13:08:45 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
getsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000), 0x10)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @mcast2={0xff, 0x2, [], 0x1}}, 0x36b)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)
ioctl$SIOCSIFHWADDR(r1, 0x8924, &(0x7f0000000080)={'team_slave_0\x00', @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]})
getsockopt$inet_sctp6_SCTP_ASSOCINFO(r1, 0x84, 0x1, &(0x7f00000000c0)={<r2=>0x0, 0xfffffffffffffffd, 0x4, 0x80c, 0xbdc, 0x9}, &(0x7f0000000100)=0x14)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f0000000180)={r2, 0x8}, 0x8)

2018/05/15 13:08:45 executing program 7 (fault-call:1 fault-nth:2):
r0 = syz_open_procfs(0x0, &(0x7f0000000140)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a")
ioctl$DRM_IOCTL_RES_CTX(r0, 0x40086607, &(0x7f0000000080)={0x0, &(0x7f0000000540)})

2018/05/15 13:08:45 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400000000040000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:45 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r1=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r1+30000000}}, &(0x7f0000040000))
tkill(r0, 0x1000000000016)
shmget$private(0x0, 0x1000, 0x100, &(0x7f0000ffd000/0x1000)=nil)

2018/05/15 13:08:45 executing program 4:
bpf$MAP_CREATE(0xd0, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:45 executing program 5:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
r2 = accept$packet(r1, &(0x7f0000000000)={0x0, 0x0, <r3=>0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$can_raw(r1, &(0x7f0000000200)={&(0x7f00000000c0)={0x1d, r3}, 0x10, &(0x7f00000001c0)={&(0x7f0000000100)=@canfd={{0x3, 0xfff, 0x3cda, 0x6}, 0x12, 0x1, 0x0, 0x0, "4276d19e39604de5c1a06bea487e1de47a84bd287509836611e3c8be580081741700f5cb08d3ea848482b61327464524d16007ece1b690582124d8be3984a414"}, 0x48}, 0x1, 0x0, 0x0, 0x80}, 0x20008000)
vmsplice(r1, &(0x7f0000000280)=[{&(0x7f0000000180)='r', 0x1}], 0x1, 0x0)
ioctl$FUSE_DEV_IOC_CLONE(r0, 0x8004e500, &(0x7f0000000480)=r0)
getsockopt$inet_IP_IPSEC_POLICY(r1, 0x0, 0x10, &(0x7f00000002c0)={{{@in=@remote, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0}}, {{@in=@multicast1}, 0x0, @in6=@dev}}, &(0x7f0000000240)=0xe8)
lstat(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
fchown(r2, r4, r5)

[  382.260863] binder: 23046:23049 got reply transaction with no transaction stack
[  382.268421] binder: 23046:23049 transaction failed 29201/-71, size 0-0 line 2763
2018/05/15 13:08:45 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x7000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:45 executing program 4:
bpf$MAP_CREATE(0x7c9a, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:45 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @loopback={0x0, 0x1}}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

[  382.307784] FAULT_INJECTION: forcing a failure.
[  382.307784] name failslab, interval 1, probability 0, space 0, times 0
[  382.319181] CPU: 1 PID: 23060 Comm: syz-executor7 Not tainted 4.17.0-rc5+ #51
[  382.326518] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  382.335880] Call Trace:
[  382.338495]  dump_stack+0x1b9/0x294
[  382.342140]  ? dump_stack_print_info.cold.2+0x52/0x52
[  382.347349]  should_fail.cold.4+0xa/0x1a
[  382.351425]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  382.356534]  ? kmem_cache_alloc+0x12e/0x760
[  382.360875]  ? mempool_alloc_slab+0x44/0x60
[  382.365193]  ? submit_bh_wbc+0x155/0x7c0
[  382.369244]  ? blk_exit_rl+0x80/0x80
[  382.372950]  ? find_held_lock+0x36/0x1c0
[  382.377012]  ? graph_lock+0x170/0x170
[  382.380823]  ? lock_downgrade+0x8e0/0x8e0
[  382.384989]  ? __lock_is_held+0xb5/0x140
[  382.389051]  __should_failslab+0x124/0x180
[  382.393278]  should_failslab+0x9/0x14
[  382.397071]  kmem_cache_alloc+0x47/0x760
[  382.401122]  ? rcu_note_context_switch+0x710/0x710
[  382.406047]  ? blk_get_request+0x40/0x40
[  382.410114]  ? mempool_free+0x370/0x370
[  382.414077]  mempool_alloc_slab+0x44/0x60
[  382.418214]  mempool_alloc+0x18b/0x490
[  382.422104]  ? remove_element.isra.4+0x1c0/0x1c0
[  382.426854]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  382.432380]  ? __lock_is_held+0xb5/0x140
[  382.436433]  bio_alloc_bioset+0x3a1/0x7f0
[  382.440584]  ? generic_make_request+0x1510/0x1510
[  382.445423]  ? bvec_alloc+0x2d0/0x2d0
[  382.449225]  ? check_same_owner+0x320/0x320
[  382.453563]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  382.458578]  ? guard_bio_eod+0x2b4/0x600
[  382.462635]  submit_bh_wbc+0x155/0x7c0
[  382.466517]  write_dirty_buffer+0xba/0x150
[  382.470753]  jbd2_log_do_checkpoint+0xbe6/0x1340
[  382.475511]  ? __jbd2_journal_remove_checkpoint+0x8c0/0x8c0
[  382.481217]  ? lock_downgrade+0x8e0/0x8e0
[  382.485358]  ? kasan_check_read+0x11/0x20
[  382.489491]  ? do_raw_spin_unlock+0x9e/0x2e0
[  382.493887]  ? kasan_check_write+0x14/0x20
[  382.498112]  ? do_raw_spin_lock+0xc1/0x200
[  382.502335]  jbd2_journal_flush+0x156/0x540
[  382.506660]  ext4_ioctl+0x241e/0x4210
[  382.510452]  ? _parse_integer+0x13b/0x190
[  382.514593]  ? ext4_ioctl_group_add+0x560/0x560
[  382.519248]  ? _parse_integer+0x190/0x190
[  382.523395]  ? graph_lock+0x170/0x170
[  382.527188]  ? lock_release+0xa10/0xa10
[  382.531159]  ? check_same_owner+0x320/0x320
[  382.535465]  ? find_held_lock+0x36/0x1c0
[  382.539510]  ? graph_lock+0x170/0x170
[  382.543295]  ? find_held_lock+0x36/0x1c0
[  382.547366]  ? lock_downgrade+0x8e0/0x8e0
[  382.551514]  ? kasan_check_read+0x11/0x20
[  382.555646]  ? rcu_is_watching+0x85/0x140
[  382.559779]  ? rcu_bh_force_quiescent_state+0x20/0x20
[  382.564973]  ? __fget+0x40c/0x650
[  382.568435]  ? match_held_lock+0x841/0x8b0
[  382.572672]  ? expand_files.part.8+0x9a0/0x9a0
[  382.577247]  ? kasan_check_write+0x14/0x20
[  382.581467]  ? __mutex_unlock_slowpath+0x180/0x8a0
[  382.586390]  ? wait_for_completion+0x870/0x870
[  382.590963]  ? ext4_ioctl_group_add+0x560/0x560
[  382.595621]  do_vfs_ioctl+0x1cf/0x16a0
[  382.599516]  ? ioctl_preallocate+0x2e0/0x2e0
[  382.603920]  ? fget_raw+0x20/0x20
[  382.607368]  ? __sb_end_write+0xac/0xe0
[  382.611355]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  382.616893]  ? fput+0x130/0x1a0
[  382.620175]  ? ksys_write+0x1a6/0x250
[  382.623976]  ? security_file_ioctl+0x94/0xc0
[  382.628374]  ksys_ioctl+0xa9/0xd0
[  382.631837]  __x64_sys_ioctl+0x73/0xb0
[  382.635721]  do_syscall_64+0x1b1/0x800
[  382.639596]  ? syscall_return_slowpath+0x5c0/0x5c0
[  382.644522]  ? syscall_return_slowpath+0x30f/0x5c0
[  382.649449]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  382.654810]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  382.659641]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  382.664814] RIP: 0033:0x455a09
[  382.667985] RSP: 002b:00007f5427f69c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  382.675681] RAX: ffffffffffffffda RBX: 00007f5427f6a6d4 RCX: 0000000000455a09
[  382.682933] RDX: 0000000020000080 RSI: 0000000040086607 RDI: 0000000000000013
[  382.690201] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  382.697910] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014
2018/05/15 13:08:46 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400120000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

[  382.705170] R13: 00000000000001e0 R14: 00000000006f6da0 R15: 0000000000000002
2018/05/15 13:08:46 executing program 7 (fault-call:1 fault-nth:3):
r0 = syz_open_procfs(0x0, &(0x7f0000000140)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a")
ioctl$DRM_IOCTL_RES_CTX(r0, 0x40086607, &(0x7f0000000080)={0x0, &(0x7f0000000540)})

2018/05/15 13:08:46 executing program 0:
r0 = syz_open_procfs(0x0, &(0x7f0000000140)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a")
ioctl$DRM_IOCTL_RES_CTX(r0, 0x5450, &(0x7f0000000080)={0x0, &(0x7f0000000540)})

[  382.767369] binder: 23071:23072 got reply transaction with no transaction stack
[  382.774966] binder: 23071:23072 transaction failed 29201/-71, size 0-0 line 2763
[  382.828980] FAULT_INJECTION: forcing a failure.
[  382.828980] name failslab, interval 1, probability 0, space 0, times 0
[  382.840336] CPU: 0 PID: 23079 Comm: syz-executor7 Not tainted 4.17.0-rc5+ #51
[  382.847616] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  382.856973] Call Trace:
[  382.859577]  dump_stack+0x1b9/0x294
[  382.863217]  ? dump_stack_print_info.cold.2+0x52/0x52
[  382.868425]  should_fail.cold.4+0xa/0x1a
[  382.872500]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  382.877592]  ? kmem_cache_alloc+0x12e/0x760
[  382.881906]  ? mempool_alloc_slab+0x44/0x60
[  382.886227]  ? submit_bh_wbc+0x155/0x7c0
[  382.890283]  ? blk_exit_rl+0x80/0x80
[  382.893994]  ? find_held_lock+0x36/0x1c0
[  382.898055]  ? graph_lock+0x170/0x170
[  382.901856]  ? lock_downgrade+0x8e0/0x8e0
[  382.906001]  ? __lock_is_held+0xb5/0x140
[  382.910061]  __should_failslab+0x124/0x180
[  382.914286]  should_failslab+0x9/0x14
[  382.918097]  kmem_cache_alloc+0x47/0x760
[  382.922172]  ? rcu_note_context_switch+0x710/0x710
[  382.927088]  ? blk_get_request+0x40/0x40
[  382.931139]  ? mempool_free+0x370/0x370
[  382.935102]  mempool_alloc_slab+0x44/0x60
[  382.939249]  mempool_alloc+0x18b/0x490
[  382.943147]  ? remove_element.isra.4+0x1c0/0x1c0
[  382.947934]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  382.953478]  ? __lock_is_held+0xb5/0x140
[  382.957526]  bio_alloc_bioset+0x3a1/0x7f0
[  382.961663]  ? generic_make_request+0x1510/0x1510
[  382.966493]  ? bvec_alloc+0x2d0/0x2d0
[  382.970281]  ? check_same_owner+0x320/0x320
[  382.974590]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  382.979605]  ? guard_bio_eod+0x2b4/0x600
[  382.983664]  submit_bh_wbc+0x155/0x7c0
[  382.987540]  write_dirty_buffer+0xba/0x150
[  382.991774]  jbd2_log_do_checkpoint+0xbe6/0x1340
[  382.996530]  ? __jbd2_journal_remove_checkpoint+0x8c0/0x8c0
[  383.002240]  ? lock_downgrade+0x8e0/0x8e0
[  383.006389]  ? kasan_check_read+0x11/0x20
[  383.010537]  ? do_raw_spin_unlock+0x9e/0x2e0
[  383.014949]  ? kasan_check_write+0x14/0x20
[  383.019179]  ? do_raw_spin_lock+0xc1/0x200
[  383.023431]  jbd2_journal_flush+0x156/0x540
[  383.027752]  ext4_ioctl+0x241e/0x4210
[  383.031540]  ? _parse_integer+0x13b/0x190
[  383.035676]  ? ext4_ioctl_group_add+0x560/0x560
[  383.040347]  ? _parse_integer+0x190/0x190
[  383.044496]  ? graph_lock+0x170/0x170
[  383.048280]  ? lock_release+0xa10/0xa10
[  383.052237]  ? check_same_owner+0x320/0x320
[  383.056543]  ? find_held_lock+0x36/0x1c0
[  383.060585]  ? graph_lock+0x170/0x170
[  383.064372]  ? find_held_lock+0x36/0x1c0
[  383.068426]  ? lock_downgrade+0x8e0/0x8e0
[  383.072562]  ? kasan_check_read+0x11/0x20
[  383.076695]  ? rcu_is_watching+0x85/0x140
[  383.080841]  ? rcu_bh_force_quiescent_state+0x20/0x20
[  383.086032]  ? __fget+0x40c/0x650
[  383.089491]  ? match_held_lock+0x841/0x8b0
[  383.093723]  ? expand_files.part.8+0x9a0/0x9a0
[  383.098301]  ? kasan_check_write+0x14/0x20
[  383.102533]  ? __mutex_unlock_slowpath+0x180/0x8a0
[  383.107450]  ? wait_for_completion+0x870/0x870
[  383.112025]  ? ext4_ioctl_group_add+0x560/0x560
[  383.116684]  do_vfs_ioctl+0x1cf/0x16a0
[  383.120580]  ? ioctl_preallocate+0x2e0/0x2e0
[  383.124974]  ? fget_raw+0x20/0x20
2018/05/15 13:08:46 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0xa00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:46 executing program 4:
bpf$MAP_CREATE(0x5202000000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:46 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000140)=[@in={0x2, 0x4e22}, @in={0x2, 0x4e24, @multicast1=0xe0000001}, @in6={0xa, 0x4e23, 0x3f, @loopback={0x0, 0x1}, 0x80}, @in={0x2, 0x4e20, @loopback=0x7f000001}, @in6={0xa, 0x4e22, 0xfffffffffffffff8, @ipv4={[], [0xff, 0xff]}, 0xff}, @in={0x2, 0x4e21, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e24, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x20}}], 0x98)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

[  383.128421]  ? __sb_end_write+0xac/0xe0
[  383.132392]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  383.137915]  ? fput+0x130/0x1a0
[  383.141189]  ? ksys_write+0x1a6/0x250
[  383.144984]  ? security_file_ioctl+0x94/0xc0
[  383.149383]  ksys_ioctl+0xa9/0xd0
[  383.152830]  __x64_sys_ioctl+0x73/0xb0
[  383.156725]  do_syscall_64+0x1b1/0x800
[  383.160600]  ? finish_task_switch+0x1ca/0x840
[  383.165092]  ? syscall_return_slowpath+0x5c0/0x5c0
[  383.170022]  ? syscall_return_slowpath+0x30f/0x5c0
[  383.174945]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  383.180296]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  383.185137]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  383.190328] RIP: 0033:0x455a09
[  383.193499] RSP: 002b:00007f5427f69c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  383.201190] RAX: ffffffffffffffda RBX: 00007f5427f6a6d4 RCX: 0000000000455a09
[  383.208453] RDX: 0000000020000080 RSI: 0000000040086607 RDI: 0000000000000013
[  383.215725] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  383.222977] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014
[  383.230228] R13: 00000000000001e0 R14: 00000000006f6da0 R15: 0000000000000003
[  383.278607] binder: 23090:23091 got reply transaction with no transaction stack
[  383.286221] binder: 23090:23091 transaction failed 29201/-71, size 0-0 line 2763
2018/05/15 13:08:46 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400160000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:46 executing program 0:
r0 = syz_open_procfs(0x0, &(0x7f0000000140)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a")
ioctl$DRM_IOCTL_RES_CTX(r0, 0x40286608, &(0x7f0000000080)={0x0, &(0x7f0000000540)})

2018/05/15 13:08:46 executing program 5:
pipe(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
fcntl$setpipe(r0, 0x407, 0x9476fe0)
vmsplice(r1, &(0x7f0000000280)=[{&(0x7f0000000180)='r', 0x1}], 0x1, 0x0)

2018/05/15 13:08:46 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r1=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r1+30000000}}, &(0x7f0000040000))
tkill(r0, 0x1000000000016)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x8000, 0x0)
getsockopt$packet_buf(r2, 0x107, 0x0, &(0x7f0000000100)=""/55, &(0x7f0000000140)=0x37)

2018/05/15 13:08:46 executing program 7 (fault-call:1 fault-nth:4):
r0 = syz_open_procfs(0x0, &(0x7f0000000140)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a")
ioctl$DRM_IOCTL_RES_CTX(r0, 0x40086607, &(0x7f0000000080)={0x0, &(0x7f0000000540)})

2018/05/15 13:08:46 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x600000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:46 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x1, 0x0)

2018/05/15 13:08:46 executing program 4:
bpf$MAP_CREATE(0xc86e000000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

[  383.499146] binder: 23106:23107 got reply transaction with no transaction stack
[  383.506834] binder: 23106:23107 transaction failed 29201/-71, size 0-0 line 2763
2018/05/15 13:08:46 executing program 4:
bpf$MAP_CREATE(0x2ef20300, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:47 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x6c00000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

[  383.542112] FAULT_INJECTION: forcing a failure.
[  383.542112] name failslab, interval 1, probability 0, space 0, times 0
[  383.553435] CPU: 1 PID: 23114 Comm: syz-executor7 Not tainted 4.17.0-rc5+ #51
[  383.560718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  383.570084] Call Trace:
[  383.572675]  dump_stack+0x1b9/0x294
[  383.576305]  ? dump_stack_print_info.cold.2+0x52/0x52
[  383.581511]  should_fail.cold.4+0xa/0x1a
[  383.585566]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  383.590656]  ? kmem_cache_alloc+0x12e/0x760
[  383.594973]  ? mempool_alloc_slab+0x44/0x60
[  383.599283]  ? submit_bh_wbc+0x155/0x7c0
[  383.603329]  ? blk_exit_rl+0x80/0x80
[  383.607042]  ? find_held_lock+0x36/0x1c0
[  383.611099]  ? graph_lock+0x170/0x170
[  383.614893]  ? lock_downgrade+0x8e0/0x8e0
[  383.619040]  ? __lock_is_held+0xb5/0x140
[  383.623120]  __should_failslab+0x124/0x180
[  383.627366]  should_failslab+0x9/0x14
[  383.631163]  kmem_cache_alloc+0x47/0x760
[  383.635209]  ? rcu_note_context_switch+0x710/0x710
[  383.640123]  ? blk_get_request+0x40/0x40
[  383.644174]  ? mempool_free+0x370/0x370
[  383.648140]  mempool_alloc_slab+0x44/0x60
[  383.652274]  mempool_alloc+0x18b/0x490
[  383.656151]  ? remove_element.isra.4+0x1c0/0x1c0
[  383.660901]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  383.666427]  ? __lock_is_held+0xb5/0x140
[  383.670476]  bio_alloc_bioset+0x3a1/0x7f0
[  383.674609]  ? generic_make_request+0x1510/0x1510
[  383.679450]  ? bvec_alloc+0x2d0/0x2d0
[  383.683250]  ? check_same_owner+0x320/0x320
[  383.687566]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  383.692573]  ? guard_bio_eod+0x2b4/0x600
[  383.696635]  submit_bh_wbc+0x155/0x7c0
[  383.700513]  write_dirty_buffer+0xba/0x150
[  383.704731]  jbd2_log_do_checkpoint+0xbe6/0x1340
[  383.709477]  ? __jbd2_journal_remove_checkpoint+0x8c0/0x8c0
[  383.715188]  ? lock_downgrade+0x8e0/0x8e0
[  383.719325]  ? kasan_check_read+0x11/0x20
[  383.723466]  ? do_raw_spin_unlock+0x9e/0x2e0
[  383.727883]  ? kasan_check_write+0x14/0x20
[  383.732109]  ? do_raw_spin_lock+0xc1/0x200
[  383.736331]  jbd2_journal_flush+0x156/0x540
[  383.740647]  ext4_ioctl+0x241e/0x4210
[  383.744442]  ? _parse_integer+0x13b/0x190
[  383.748591]  ? ext4_ioctl_group_add+0x560/0x560
[  383.753253]  ? _parse_integer+0x190/0x190
[  383.757393]  ? graph_lock+0x170/0x170
[  383.761187]  ? lock_release+0xa10/0xa10
[  383.765152]  ? check_same_owner+0x320/0x320
[  383.769482]  ? find_held_lock+0x36/0x1c0
[  383.773545]  ? graph_lock+0x170/0x170
[  383.777329]  ? find_held_lock+0x36/0x1c0
[  383.781377]  ? lock_downgrade+0x8e0/0x8e0
[  383.786050]  ? kasan_check_read+0x11/0x20
[  383.790185]  ? rcu_is_watching+0x85/0x140
[  383.794317]  ? rcu_bh_force_quiescent_state+0x20/0x20
[  383.799498]  ? __fget+0x40c/0x650
[  383.802948]  ? match_held_lock+0x841/0x8b0
[  383.807189]  ? expand_files.part.8+0x9a0/0x9a0
[  383.811756]  ? kasan_check_write+0x14/0x20
[  383.815986]  ? __mutex_unlock_slowpath+0x180/0x8a0
[  383.820905]  ? wait_for_completion+0x870/0x870
[  383.825474]  ? ext4_ioctl_group_add+0x560/0x560
[  383.830143]  do_vfs_ioctl+0x1cf/0x16a0
[  383.834038]  ? ioctl_preallocate+0x2e0/0x2e0
[  383.838444]  ? fget_raw+0x20/0x20
[  383.841890]  ? __sb_end_write+0xac/0xe0
[  383.845888]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  383.851417]  ? fput+0x130/0x1a0
[  383.854678]  ? ksys_write+0x1a6/0x250
[  383.858477]  ? security_file_ioctl+0x94/0xc0
[  383.862884]  ksys_ioctl+0xa9/0xd0
[  383.866336]  __x64_sys_ioctl+0x73/0xb0
[  383.870218]  do_syscall_64+0x1b1/0x800
[  383.874101]  ? finish_task_switch+0x1ca/0x840
[  383.878582]  ? syscall_return_slowpath+0x5c0/0x5c0
[  383.883522]  ? syscall_return_slowpath+0x30f/0x5c0
[  383.888452]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  383.893803]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  383.898635]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  383.903816] RIP: 0033:0x455a09
[  383.906985] RSP: 002b:00007f5427f69c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  383.914690] RAX: ffffffffffffffda RBX: 00007f5427f6a6d4 RCX: 0000000000455a09
[  383.921940] RDX: 0000000020000080 RSI: 0000000040086607 RDI: 0000000000000013
[  383.929192] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  383.936450] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014
2018/05/15 13:08:47 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400140000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

[  383.943723] R13: 00000000000001e0 R14: 00000000006f6da0 R15: 0000000000000004
[  383.979516] EXT4-fs warning (device sda1): ext4_group_add:1634: No reserved GDT blocks, can't resize
2018/05/15 13:08:47 executing program 7 (fault-call:1 fault-nth:5):
r0 = syz_open_procfs(0x0, &(0x7f0000000140)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a")
ioctl$DRM_IOCTL_RES_CTX(r0, 0x40086607, &(0x7f0000000080)={0x0, &(0x7f0000000540)})

2018/05/15 13:08:47 executing program 4:
bpf$MAP_CREATE(0x1ba78, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:47 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
ioctl$KVM_SET_TSC_KHZ(r1, 0xaea2, 0x80000001)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

[  384.043258] binder: 23130:23132 got reply transaction with no transaction stack
[  384.050837] binder: 23130:23132 transaction failed 29201/-71, size 0-0 line 2763
2018/05/15 13:08:47 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x7400000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:47 executing program 0:
r0 = syz_open_procfs(0x0, &(0x7f0000000140)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a")
ioctl$DRM_IOCTL_RES_CTX(r0, 0x80086601, &(0x7f0000000080)={0x0, &(0x7f0000000540)})

2018/05/15 13:08:47 executing program 5:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r1, 0x84, 0x8, &(0x7f0000000000)=0xc3f, 0x4)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
vmsplice(r1, &(0x7f0000000280)=[{&(0x7f0000000180)='r', 0x1}], 0x1, 0x0)

[  384.126438] FAULT_INJECTION: forcing a failure.
[  384.126438] name failslab, interval 1, probability 0, space 0, times 0
[  384.137806] CPU: 1 PID: 23137 Comm: syz-executor7 Not tainted 4.17.0-rc5+ #51
[  384.145091] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  384.154452] Call Trace:
[  384.157058]  dump_stack+0x1b9/0x294
[  384.160707]  ? dump_stack_print_info.cold.2+0x52/0x52
[  384.165901]  should_fail.cold.4+0xa/0x1a
[  384.169951]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  384.175052]  ? kmem_cache_alloc+0x12e/0x760
[  384.179361]  ? mempool_alloc_slab+0x44/0x60
[  384.183669]  ? submit_bh_wbc+0x155/0x7c0
[  384.187718]  ? blk_exit_rl+0x80/0x80
[  384.191421]  ? find_held_lock+0x36/0x1c0
[  384.195472]  ? graph_lock+0x170/0x170
[  384.199258]  ? lock_downgrade+0x8e0/0x8e0
[  384.203410]  ? __lock_is_held+0xb5/0x140
[  384.207474]  __should_failslab+0x124/0x180
[  384.211716]  should_failslab+0x9/0x14
[  384.215518]  kmem_cache_alloc+0x47/0x760
[  384.219575]  ? rcu_note_context_switch+0x710/0x710
[  384.224504]  ? blk_get_request+0x40/0x40
[  384.228576]  ? mempool_free+0x370/0x370
[  384.232537]  mempool_alloc_slab+0x44/0x60
[  384.236679]  mempool_alloc+0x18b/0x490
[  384.240564]  ? remove_element.isra.4+0x1c0/0x1c0
[  384.245315]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  384.250841]  ? __lock_is_held+0xb5/0x140
[  384.254892]  bio_alloc_bioset+0x3a1/0x7f0
[  384.259037]  ? generic_make_request+0x1510/0x1510
[  384.263885]  ? bvec_alloc+0x2d0/0x2d0
[  384.267685]  ? check_same_owner+0x320/0x320
[  384.271996]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  384.277017]  ? guard_bio_eod+0x2b4/0x600
[  384.281082]  submit_bh_wbc+0x155/0x7c0
[  384.284957]  write_dirty_buffer+0xba/0x150
[  384.289180]  jbd2_log_do_checkpoint+0xbe6/0x1340
[  384.293945]  ? __jbd2_journal_remove_checkpoint+0x8c0/0x8c0
[  384.299644]  ? lock_downgrade+0x8e0/0x8e0
[  384.303783]  ? kasan_check_read+0x11/0x20
[  384.307917]  ? do_raw_spin_unlock+0x9e/0x2e0
[  384.312322]  ? kasan_check_write+0x14/0x20
[  384.316549]  ? do_raw_spin_lock+0xc1/0x200
[  384.320900]  jbd2_journal_flush+0x156/0x540
[  384.325224]  ext4_ioctl+0x241e/0x4210
[  384.329013]  ? _parse_integer+0x13b/0x190
[  384.333173]  ? ext4_ioctl_group_add+0x560/0x560
[  384.337834]  ? _parse_integer+0x190/0x190
[  384.341970]  ? graph_lock+0x170/0x170
[  384.345761]  ? lock_release+0xa10/0xa10
[  384.349732]  ? check_same_owner+0x320/0x320
[  384.354045]  ? find_held_lock+0x36/0x1c0
[  384.358094]  ? graph_lock+0x170/0x170
[  384.361889]  ? find_held_lock+0x36/0x1c0
[  384.365940]  ? lock_downgrade+0x8e0/0x8e0
[  384.370090]  ? kasan_check_read+0x11/0x20
[  384.374240]  ? rcu_is_watching+0x85/0x140
[  384.378372]  ? rcu_bh_force_quiescent_state+0x20/0x20
[  384.383553]  ? __fget+0x40c/0x650
[  384.387000]  ? match_held_lock+0x841/0x8b0
[  384.391232]  ? expand_files.part.8+0x9a0/0x9a0
[  384.395819]  ? kasan_check_write+0x14/0x20
[  384.400054]  ? __mutex_unlock_slowpath+0x180/0x8a0
[  384.404981]  ? wait_for_completion+0x870/0x870
[  384.409563]  ? ext4_ioctl_group_add+0x560/0x560
[  384.414220]  do_vfs_ioctl+0x1cf/0x16a0
[  384.418095]  ? ioctl_preallocate+0x2e0/0x2e0
[  384.422503]  ? fget_raw+0x20/0x20
[  384.425951]  ? __sb_end_write+0xac/0xe0
[  384.429927]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  384.435459]  ? fput+0x130/0x1a0
[  384.438732]  ? ksys_write+0x1a6/0x250
[  384.442521]  ? security_file_ioctl+0x94/0xc0
[  384.446916]  ksys_ioctl+0xa9/0xd0
[  384.450359]  __x64_sys_ioctl+0x73/0xb0
[  384.454235]  do_syscall_64+0x1b1/0x800
[  384.458107]  ? finish_task_switch+0x1ca/0x840
[  384.462586]  ? syscall_return_slowpath+0x5c0/0x5c0
[  384.467502]  ? syscall_return_slowpath+0x30f/0x5c0
[  384.472423]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  384.477784]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  384.482636]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  384.487810] RIP: 0033:0x455a09
[  384.490981] RSP: 002b:00007f5427f69c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  384.498679] RAX: ffffffffffffffda RBX: 00007f5427f6a6d4 RCX: 0000000000455a09
[  384.505942] RDX: 0000000020000080 RSI: 0000000040086607 RDI: 0000000000000013
[  384.513216] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  384.520482] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014
[  384.527735] R13: 00000000000001e0 R14: 00000000006f6da0 R15: 0000000000000005
[  384.605698] binder: 23149:23152 got reply transaction with no transaction stack
[  384.613446] binder: 23149:23152 transaction failed 29201/-71, size 0-0 line 2763
2018/05/15 13:08:48 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400000000000000001238000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:48 executing program 7 (fault-call:1 fault-nth:6):
r0 = syz_open_procfs(0x0, &(0x7f0000000140)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a")
ioctl$DRM_IOCTL_RES_CTX(r0, 0x40086607, &(0x7f0000000080)={0x0, &(0x7f0000000540)})

2018/05/15 13:08:48 executing program 4:
bpf$MAP_CREATE(0x5, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:48 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r1=>0x0})
r2 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x400000, 0x0)
getsockopt$ax25_int(r2, 0x101, 0x7, &(0x7f0000000100), &(0x7f0000000180)=0xffffffffffffff2d)
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r1+30000000}}, &(0x7f0000040000))
tkill(r0, 0x1000000000016)

2018/05/15 13:08:48 executing program 0:
r0 = syz_open_procfs(0x0, &(0x7f0000000140)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a")
ioctl$DRM_IOCTL_RES_CTX(r0, 0x80086603, &(0x7f0000000080)={0x0, &(0x7f0000000540)})

2018/05/15 13:08:48 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x48000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:48 executing program 5:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000000)={<r2=>0x0, 0x15, "a58412d47da2a744f6fb93e54ab11a563230258641"}, &(0x7f0000000040)=0x1d)
setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(r0, 0x84, 0x5, &(0x7f00000000c0)={r2, @in={{0x2, 0x4e23, @local={0xac, 0x14, 0x14, 0xaa}}}}, 0x84)
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
vmsplice(r1, &(0x7f0000000280)=[{&(0x7f0000000180)='r', 0x1}], 0x1, 0x0)

2018/05/15 13:08:48 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
r2 = getpid()
ioctl$sock_FIOSETOWN(r0, 0x8901, &(0x7f0000000000)=r2)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
socket$inet(0x2, 0x6, 0x5)
setsockopt$inet_buf(r1, 0x0, 0x9, &(0x7f0000000140)="86bc420fca481a72bc823bc330cd300cfcad851285aa389056a5a0ee8fcbe856180f4f051eca18d9406d909236dc7194bef6904e464a11915c6c25267c2128fdc672be16a7b70eb62ca6da3e34378b0ab4f990f94f4b672f5e284fb55e2487dd11f6d502162b32190b3d4dec9e4c7e731e5532038b6a29301192693a60e38ef940fbebfb286502", 0x87)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

[  385.514471] binder: 23165:23168 got reply transaction with no transaction stack
[  385.522307] binder: 23165:23168 transaction failed 29201/-71, size 0-0 line 2763
[  385.532366] FAULT_INJECTION: forcing a failure.
[  385.532366] name failslab, interval 1, probability 0, space 0, times 0
[  385.543674] CPU: 1 PID: 23170 Comm: syz-executor7 Not tainted 4.17.0-rc5+ #51
[  385.550954] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  385.560311] Call Trace:
2018/05/15 13:08:49 executing program 4:
bpf$MAP_CREATE(0x1b4, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:49 executing program 0:
r0 = syz_open_procfs(0x0, &(0x7f0000000140)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a")
ioctl$DRM_IOCTL_RES_CTX(r0, 0x40086604, &(0x7f0000000080)={0x0, &(0x7f0000000540)})

2018/05/15 13:08:49 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x6c00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

[  385.562911]  dump_stack+0x1b9/0x294
[  385.566552]  ? dump_stack_print_info.cold.2+0x52/0x52
[  385.571760]  should_fail.cold.4+0xa/0x1a
[  385.575838]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  385.580952]  ? kmem_cache_alloc+0x12e/0x760
[  385.585286]  ? mempool_alloc_slab+0x44/0x60
[  385.589617]  ? submit_bh_wbc+0x155/0x7c0
[  385.593684]  ? blk_exit_rl+0x80/0x80
[  385.597405]  ? find_held_lock+0x36/0x1c0
[  385.601469]  ? graph_lock+0x170/0x170
[  385.605264]  ? lock_downgrade+0x8e0/0x8e0
[  385.609402]  ? __lock_is_held+0xb5/0x140
[  385.613469]  __should_failslab+0x124/0x180
[  385.617709]  should_failslab+0x9/0x14
[  385.621496]  kmem_cache_alloc+0x47/0x760
[  385.625556]  ? rcu_note_context_switch+0x710/0x710
[  385.630482]  ? blk_get_request+0x40/0x40
[  385.634534]  ? mempool_free+0x370/0x370
[  385.638510]  mempool_alloc_slab+0x44/0x60
[  385.642649]  mempool_alloc+0x18b/0x490
[  385.646523]  ? remove_element.isra.4+0x1c0/0x1c0
[  385.651288]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  385.656837]  ? __lock_is_held+0xb5/0x140
[  385.660898]  bio_alloc_bioset+0x3a1/0x7f0
[  385.665044]  ? generic_make_request+0x1510/0x1510
[  385.669893]  ? bvec_alloc+0x2d0/0x2d0
[  385.673682]  ? check_same_owner+0x320/0x320
[  385.677995]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  385.683003]  ? guard_bio_eod+0x2b4/0x600
[  385.687073]  submit_bh_wbc+0x155/0x7c0
[  385.690962]  write_dirty_buffer+0xba/0x150
[  385.695185]  jbd2_log_do_checkpoint+0xbe6/0x1340
[  385.699950]  ? __jbd2_journal_remove_checkpoint+0x8c0/0x8c0
[  385.705662]  ? lock_downgrade+0x8e0/0x8e0
[  385.709812]  ? kasan_check_read+0x11/0x20
[  385.713953]  ? do_raw_spin_unlock+0x9e/0x2e0
[  385.718356]  ? kasan_check_write+0x14/0x20
[  385.722585]  ? do_raw_spin_lock+0xc1/0x200
[  385.726823]  jbd2_journal_flush+0x156/0x540
[  385.731144]  ext4_ioctl+0x241e/0x4210
[  385.734951]  ? _parse_integer+0x13b/0x190
[  385.739100]  ? ext4_ioctl_group_add+0x560/0x560
[  385.743765]  ? _parse_integer+0x190/0x190
[  385.747908]  ? graph_lock+0x170/0x170
[  385.751729]  ? lock_release+0xa10/0xa10
[  385.755713]  ? check_same_owner+0x320/0x320
[  385.760039]  ? find_held_lock+0x36/0x1c0
[  385.764101]  ? graph_lock+0x170/0x170
[  385.767910]  ? find_held_lock+0x36/0x1c0
[  385.771991]  ? lock_downgrade+0x8e0/0x8e0
[  385.776151]  ? kasan_check_read+0x11/0x20
[  385.780296]  ? rcu_is_watching+0x85/0x140
[  385.784436]  ? rcu_bh_force_quiescent_state+0x20/0x20
[  385.789627]  ? __fget+0x40c/0x650
[  385.793080]  ? match_held_lock+0x841/0x8b0
[  385.797310]  ? expand_files.part.8+0x9a0/0x9a0
[  385.801899]  ? kasan_check_write+0x14/0x20
[  385.806134]  ? __mutex_unlock_slowpath+0x180/0x8a0
[  385.811061]  ? wait_for_completion+0x870/0x870
[  385.815647]  ? ext4_ioctl_group_add+0x560/0x560
[  385.820306]  do_vfs_ioctl+0x1cf/0x16a0
[  385.824194]  ? ioctl_preallocate+0x2e0/0x2e0
[  385.828614]  ? fget_raw+0x20/0x20
[  385.832159]  ? __sb_end_write+0xac/0xe0
[  385.836136]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  385.841664]  ? fput+0x130/0x1a0
[  385.844932]  ? ksys_write+0x1a6/0x250
[  385.848719]  ? security_file_ioctl+0x94/0xc0
[  385.853114]  ksys_ioctl+0xa9/0xd0
[  385.856565]  __x64_sys_ioctl+0x73/0xb0
[  385.860443]  do_syscall_64+0x1b1/0x800
[  385.864328]  ? finish_task_switch+0x1ca/0x840
[  385.868830]  ? syscall_return_slowpath+0x5c0/0x5c0
[  385.873755]  ? syscall_return_slowpath+0x30f/0x5c0
[  385.878672]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  385.884039]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  385.888896]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  385.894079] RIP: 0033:0x455a09
[  385.897249] RSP: 002b:00007f5427f69c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  385.904945] RAX: ffffffffffffffda RBX: 00007f5427f6a6d4 RCX: 0000000000455a09
[  385.912198] RDX: 0000000020000080 RSI: 0000000040086607 RDI: 0000000000000013
[  385.919456] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  385.926717] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014
[  385.933979] R13: 00000000000001e0 R14: 00000000006f6da0 R15: 0000000000000006
2018/05/15 13:08:49 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400001200000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

[  385.967761] binder: 23181:23182 got reply transaction with no transaction stack
[  385.975383] binder: 23181:23182 transaction failed 29201/-71, size 0-0 line 2763
2018/05/15 13:08:49 executing program 7 (fault-call:1 fault-nth:7):
r0 = syz_open_procfs(0x0, &(0x7f0000000140)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a")
ioctl$DRM_IOCTL_RES_CTX(r0, 0x40086607, &(0x7f0000000080)={0x0, &(0x7f0000000540)})

[  386.076523] FAULT_INJECTION: forcing a failure.
[  386.076523] name failslab, interval 1, probability 0, space 0, times 0
[  386.087878] CPU: 1 PID: 23197 Comm: syz-executor7 Not tainted 4.17.0-rc5+ #51
[  386.095167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  386.104527] Call Trace:
[  386.107135]  dump_stack+0x1b9/0x294
[  386.110782]  ? dump_stack_print_info.cold.2+0x52/0x52
[  386.115991]  should_fail.cold.4+0xa/0x1a
[  386.120072]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  386.125196]  ? kmem_cache_alloc+0x12e/0x760
[  386.129507]  ? mempool_alloc_slab+0x44/0x60
[  386.133828]  ? submit_bh_wbc+0x155/0x7c0
[  386.137876]  ? blk_exit_rl+0x80/0x80
[  386.141581]  ? find_held_lock+0x36/0x1c0
[  386.145630]  ? graph_lock+0x170/0x170
[  386.149422]  ? lock_downgrade+0x8e0/0x8e0
[  386.153575]  ? __lock_is_held+0xb5/0x140
[  386.157631]  __should_failslab+0x124/0x180
[  386.161960]  should_failslab+0x9/0x14
[  386.165756]  kmem_cache_alloc+0x47/0x760
[  386.169806]  ? rcu_note_context_switch+0x710/0x710
[  386.174730]  ? blk_get_request+0x40/0x40
[  386.178788]  ? mempool_free+0x370/0x370
[  386.182747]  mempool_alloc_slab+0x44/0x60
[  386.186892]  mempool_alloc+0x18b/0x490
[  386.190781]  ? remove_element.isra.4+0x1c0/0x1c0
[  386.195529]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  386.201060]  ? __lock_is_held+0xb5/0x140
[  386.205112]  bio_alloc_bioset+0x3a1/0x7f0
[  386.209249]  ? generic_make_request+0x1510/0x1510
[  386.214076]  ? bvec_alloc+0x2d0/0x2d0
[  386.217862]  ? check_same_owner+0x320/0x320
[  386.222183]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  386.227207]  ? guard_bio_eod+0x2b4/0x600
[  386.231254]  submit_bh_wbc+0x155/0x7c0
[  386.235129]  write_dirty_buffer+0xba/0x150
[  386.239352]  jbd2_log_do_checkpoint+0xbe6/0x1340
[  386.244100]  ? __jbd2_journal_remove_checkpoint+0x8c0/0x8c0
[  386.249806]  ? lock_downgrade+0x8e0/0x8e0
[  386.253947]  ? kasan_check_read+0x11/0x20
[  386.258090]  ? do_raw_spin_unlock+0x9e/0x2e0
[  386.262506]  ? kasan_check_write+0x14/0x20
[  386.266729]  ? do_raw_spin_lock+0xc1/0x200
[  386.270954]  jbd2_journal_flush+0x156/0x540
[  386.275264]  ext4_ioctl+0x241e/0x4210
[  386.279054]  ? _parse_integer+0x13b/0x190
[  386.283193]  ? ext4_ioctl_group_add+0x560/0x560
[  386.287854]  ? _parse_integer+0x190/0x190
[  386.291998]  ? graph_lock+0x170/0x170
[  386.295789]  ? lock_release+0xa10/0xa10
[  386.299748]  ? check_same_owner+0x320/0x320
[  386.304063]  ? find_held_lock+0x36/0x1c0
[  386.308124]  ? graph_lock+0x170/0x170
[  386.311918]  ? find_held_lock+0x36/0x1c0
[  386.315992]  ? lock_downgrade+0x8e0/0x8e0
[  386.320139]  ? kasan_check_read+0x11/0x20
[  386.324273]  ? rcu_is_watching+0x85/0x140
[  386.328412]  ? rcu_bh_force_quiescent_state+0x20/0x20
[  386.333614]  ? __fget+0x40c/0x650
[  386.337072]  ? match_held_lock+0x841/0x8b0
[  386.341308]  ? expand_files.part.8+0x9a0/0x9a0
[  386.345888]  ? kasan_check_write+0x14/0x20
[  386.350124]  ? __mutex_unlock_slowpath+0x180/0x8a0
[  386.355073]  ? wait_for_completion+0x870/0x870
[  386.359650]  ? ext4_ioctl_group_add+0x560/0x560
[  386.364312]  do_vfs_ioctl+0x1cf/0x16a0
[  386.368307]  ? ioctl_preallocate+0x2e0/0x2e0
[  386.372722]  ? fget_raw+0x20/0x20
[  386.376193]  ? __sb_end_write+0xac/0xe0
[  386.380175]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  386.385721]  ? fput+0x130/0x1a0
[  386.389000]  ? ksys_write+0x1a6/0x250
[  386.392814]  ? security_file_ioctl+0x94/0xc0
[  386.397222]  ksys_ioctl+0xa9/0xd0
[  386.400677]  __x64_sys_ioctl+0x73/0xb0
[  386.404561]  do_syscall_64+0x1b1/0x800
[  386.408434]  ? syscall_slow_exit_work+0x4f0/0x4f0
[  386.413264]  ? syscall_return_slowpath+0x5c0/0x5c0
[  386.418181]  ? syscall_return_slowpath+0x30f/0x5c0
[  386.423097]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  386.428452]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  386.433286]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  386.438457] RIP: 0033:0x455a09
[  386.441653] RSP: 002b:00007f5427f69c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  386.449370] RAX: ffffffffffffffda RBX: 00007f5427f6a6d4 RCX: 0000000000455a09
[  386.456637] RDX: 0000000020000080 RSI: 0000000040086607 RDI: 0000000000000013
[  386.463912] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  386.471182] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014
[  386.478446] R13: 00000000000001e0 R14: 00000000006f6da0 R15: 0000000000000007
2018/05/15 13:08:50 executing program 0:
r0 = syz_open_procfs(0x0, &(0x7f0000000140)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a")
ioctl$DRM_IOCTL_RES_CTX(r0, 0x400866c0, &(0x7f0000000080)={0x0, &(0x7f0000000540)})

2018/05/15 13:08:50 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400110000000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:50 executing program 4:
bpf$MAP_CREATE(0xb874030000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:50 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0xffffff7f00000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:50 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
sendto$packet(r1, &(0x7f0000000140)="ae32fe91ac9ea21797bc4fbcf621f5f7a6c3d20ec1b3c5036697f08e7d0eb5df8ea725ae1f26306d3e4edd72dbed7304cb0a96a20f27b07ea8ff43cfccc06d64d8284b81e0c06893e99f3727df4e630670cf40e5054cee9887b71f7470aedbc59c8d495a89c6248bc46a9a6ec4ceb1c5588ad79e2faf791e86ee82e1ee8bb4b3e7583108ca1b5aa248dac8531c45f37554a3476fa41d9e69f113cf4cec2ce5684ec737d4fdb3e911266557be0720b19f18d72f3fb209202aa09ed59f6670e8240647976f00e5948fc62f27a83ea3aae3defdf052148b3d31b0297c01daffa1981e8104d7dc08cf4a6164", 0xea, 0x4, 0x0, 0x0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:08:50 executing program 7 (fault-call:1 fault-nth:8):
r0 = syz_open_procfs(0x0, &(0x7f0000000140)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a")
ioctl$DRM_IOCTL_RES_CTX(r0, 0x40086607, &(0x7f0000000080)={0x0, &(0x7f0000000540)})

2018/05/15 13:08:50 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x12, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0xffffffffffffffff)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r1=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r1+30000000}}, &(0x7f0000040000))
tkill(r0, 0x1000000000016)

2018/05/15 13:08:50 executing program 5:
pipe(&(0x7f00000009c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
getsockopt$inet6_mreq(r1, 0x29, 0x1c, &(0x7f00000001c0)={@ipv4={[], [], @dev}, <r2=>0x0}, &(0x7f0000000200)=0x14)
r3 = getuid()
ioctl$PERF_EVENT_IOC_RESET(r0, 0x2403, 0x5)
setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@mcast2={0xff, 0x2, [], 0x1}, @in6=@dev={0xfe, 0x80, [], 0xf}, 0x4e20, 0x6, 0x4e20, 0x0, 0x2, 0x20, 0x80, 0x3b, r2, r3}, {0x8, 0x7, 0x9, 0xac, 0x20, 0x9, 0x6, 0x5}, {0x1, 0x5, 0x1, 0x5aba}, 0x10001, 0x6e6bbb, 0x2, 0x0, 0x1, 0x2}, {{@in6=@ipv4={[], [0xff, 0xff], @multicast2=0xe0000002}, 0x4d3, 0xff}, 0xa, @in=@multicast1=0xe0000001, 0x3507, 0x2, 0x3, 0x200, 0x758, 0x4, 0x100}}, 0xe8)
ioctl$sock_ipx_SIOCAIPXITFCRT(r1, 0x89e0, &(0x7f00000000c0)=0xd6a0)
execve(&(0x7f0000000100)='./file0\x00', &(0x7f00000003c0)=[&(0x7f0000000140)='(\x00', &(0x7f0000000240)='+\x00'], &(0x7f0000000540)=[&(0x7f0000000400)='[nodev\x00', &(0x7f0000000440)='proc]&-GPLem1nodev\x00', &(0x7f0000000480)='\x00', &(0x7f00000004c0)='system%\x00', &(0x7f0000000500)='\x00'])
getresgid(&(0x7f0000000980), &(0x7f0000000a00), &(0x7f0000000a40)=<r4=>0x0)
syz_fuse_mount(&(0x7f0000000940)='./file0\x00', 0x0, r3, r4, 0x8, 0xe717fd3f0b3c919a)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
symlinkat(&(0x7f0000000000)='./file0\x00', r0, &(0x7f0000000040)='./file0\x00')
ioctl$KVM_HYPERV_EVENTFD(r1, 0x4018aebd, &(0x7f0000000080)={0x4, r1, 0x1})
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x8, 0x3, &(0x7f0000000880)=[{&(0x7f0000000600)="a6cc96befd6a365fa06e6e05de5a9eb1cf902d5ba9953ddf89de1ea0e388aff8ac6832ec07b07c346235ee6bddcbcf21a29d817e8008c57c3fd82bef76659fa7ade3101c58eadc74b4d668e4138d73e9323d477b1e88635467be086193f16dfb35dc7404be512e898937497bc36043439a2e75f7cda669678b480a57800b8000a06980a2eb885adc66b84cbe3fba88c3f5c28eaf74625fce229786c017afbc57eb6457cdf02cbe3681420d8b0e772b5faf682ce2da8ce43ce2c9645bb1efcb2cb8c760769bffde0a5406faf085a9", 0xce, 0x2}, {&(0x7f0000000700)="204d50d256981430feb106611c9dcc6aef6d03ec6b5b8e1a886a687a86fe34b333d44e5b53e43322177e45c7e8420775915892cf8ea96e56d95dc40f37a20b0af86b756a16e30c5ec1bc0b592f9acfbd6b73bc94eae70b6f6dbcea4b741ef18578366667fa58b9597e30022dce6fa8a763ea4118a887bc", 0x77, 0x20}, {&(0x7f0000000780)="32d39aa7d05efc8c4d7941f6f233c42883b77b9d2a7211d6883da11951ab6bd1fd3aad8e9216ed27339453a9bfa140f04437a5d1233fbcb0403a32c493d51f9a11888f5d2420dd08334e3a2e3e9e9f8e748a19e2a738844f15ff8036b67dc6b9e997fb249d0bcc0ec87e43a4f3310e9b37a9095e612bcd41aa346d97221808fa34199dfec62bba2fb4fef7a5b62073db8f55cb0f4c37dfb4caf0c771ea19c7aebfb68823185a3fb6d831950480f7ba707e4e81e8fbd385eb20ec2e9188158b6064ac56b69e3699e566fdfeb492682882ef1673026ec89c56ef199aee4e9a7ccf73c0d342af115afd1794dcc0bd329050866139db0da101", 0xf7, 0x5}], 0x8, &(0x7f0000000900)={[{@barrier='barrier', 0x2c}, {@minixdf='minixdf', 0x2c}, {@bsdgroups='bsdgroups', 0x2c}, {@max_batch_time={'max_batch_time', 0x3d, [0x32, 0x36, 0x37, 0x3d, 0x3f, 0x0, 0x7c]}, 0x2c}, {@delalloc='delalloc', 0x2c}]})
vmsplice(r1, &(0x7f0000000280)=[{&(0x7f0000000180)='r', 0x1}], 0x1, 0x0)

[  386.608406] FAULT_INJECTION: forcing a failure.
[  386.608406] name failslab, interval 1, probability 0, space 0, times 0
[  386.619737] CPU: 0 PID: 23218 Comm: syz-executor7 Not tainted 4.17.0-rc5+ #51
[  386.627019] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  386.636375] Call Trace:
[  386.638975]  dump_stack+0x1b9/0x294
[  386.642622]  ? dump_stack_print_info.cold.2+0x52/0x52
[  386.647832]  should_fail.cold.4+0xa/0x1a
[  386.651905]  ? fault_create_debugfs_attr+0x1f0/0x1f0
2018/05/15 13:08:50 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x4, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x2200, 0x0)
r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100)=0xffffffff, 0x4)
kcmp$KCMP_EPOLL_TFD(r0, r0, 0x7, r1, &(0x7f0000000140)={r2, r3})
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r4=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r4+30000000}}, &(0x7f0000040000))
tkill(r0, 0x1000000000016)

2018/05/15 13:08:50 executing program 0:
r0 = syz_open_procfs(0x0, &(0x7f0000000140)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a")
ioctl$DRM_IOCTL_RES_CTX(r0, 0x660c, &(0x7f0000000080)={0x0, &(0x7f0000000540)})

2018/05/15 13:08:50 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)
r2 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_ADD(r1, 0x4c80, r2)

2018/05/15 13:08:50 executing program 4:
bpf$MAP_CREATE(0x3cb3020000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

[  386.657021]  ? kmem_cache_alloc+0x12e/0x760
[  386.661353]  ? mempool_alloc_slab+0x44/0x60
[  386.665684]  ? submit_bh_wbc+0x155/0x7c0
[  386.669755]  ? blk_exit_rl+0x80/0x80
[  386.673469]  ? find_held_lock+0x36/0x1c0
[  386.677522]  ? graph_lock+0x170/0x170
[  386.681323]  ? lock_downgrade+0x8e0/0x8e0
[  386.685464]  ? __lock_is_held+0xb5/0x140
[  386.689530]  __should_failslab+0x124/0x180
[  386.693762]  should_failslab+0x9/0x14
[  386.697557]  kmem_cache_alloc+0x47/0x760
[  386.701603]  ? rcu_note_context_switch+0x710/0x710
[  386.706520]  ? blk_get_request+0x40/0x40
[  386.710567]  ? mempool_free+0x370/0x370
[  386.714535]  mempool_alloc_slab+0x44/0x60
[  386.718678]  mempool_alloc+0x18b/0x490
[  386.722550]  ? remove_element.isra.4+0x1c0/0x1c0
[  386.727297]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  386.732822]  ? __lock_is_held+0xb5/0x140
[  386.736869]  bio_alloc_bioset+0x3a1/0x7f0
[  386.741007]  ? generic_make_request+0x1510/0x1510
[  386.745857]  ? bvec_alloc+0x2d0/0x2d0
[  386.749651]  ? check_same_owner+0x320/0x320
[  386.753957]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  386.758959]  ? guard_bio_eod+0x2b4/0x600
[  386.763013]  submit_bh_wbc+0x155/0x7c0
[  386.766909]  write_dirty_buffer+0xba/0x150
[  386.771137]  jbd2_log_do_checkpoint+0xbe6/0x1340
[  386.775894]  ? __jbd2_journal_remove_checkpoint+0x8c0/0x8c0
[  386.781592]  ? lock_downgrade+0x8e0/0x8e0
[  386.785728]  ? kasan_check_read+0x11/0x20
[  386.789869]  ? do_raw_spin_unlock+0x9e/0x2e0
[  386.794282]  ? kasan_check_write+0x14/0x20
[  386.798502]  ? do_raw_spin_lock+0xc1/0x200
[  386.802729]  jbd2_journal_flush+0x156/0x540
[  386.807049]  ext4_ioctl+0x241e/0x4210
[  386.810845]  ? _parse_integer+0x13b/0x190
[  386.814992]  ? ext4_ioctl_group_add+0x560/0x560
[  386.819653]  ? _parse_integer+0x190/0x190
[  386.823794]  ? graph_lock+0x170/0x170
[  386.827587]  ? lock_release+0xa10/0xa10
[  386.831553]  ? check_same_owner+0x320/0x320
[  386.835868]  ? find_held_lock+0x36/0x1c0
[  386.839922]  ? graph_lock+0x170/0x170
[  386.843710]  ? find_held_lock+0x36/0x1c0
[  386.847770]  ? lock_downgrade+0x8e0/0x8e0
[  386.851903]  ? kasan_check_read+0x11/0x20
[  386.856039]  ? rcu_is_watching+0x85/0x140
[  386.860187]  ? rcu_bh_force_quiescent_state+0x20/0x20
[  386.865381]  ? __fget+0x40c/0x650
[  386.868823]  ? match_held_lock+0x841/0x8b0
[  386.873048]  ? expand_files.part.8+0x9a0/0x9a0
[  386.877615]  ? kasan_check_write+0x14/0x20
[  386.881836]  ? __mutex_unlock_slowpath+0x180/0x8a0
[  386.886748]  ? wait_for_completion+0x870/0x870
[  386.891315]  ? ext4_ioctl_group_add+0x560/0x560
[  386.895969]  do_vfs_ioctl+0x1cf/0x16a0
[  386.899857]  ? ioctl_preallocate+0x2e0/0x2e0
[  386.904269]  ? fget_raw+0x20/0x20
[  386.907729]  ? __sb_end_write+0xac/0xe0
[  386.911691]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  386.917218]  ? fput+0x130/0x1a0
[  386.920492]  ? ksys_write+0x1a6/0x250
[  386.924291]  ? security_file_ioctl+0x94/0xc0
[  386.928704]  ksys_ioctl+0xa9/0xd0
[  386.932143]  __x64_sys_ioctl+0x73/0xb0
[  386.936021]  do_syscall_64+0x1b1/0x800
[  386.939897]  ? finish_task_switch+0x1ca/0x840
[  386.944387]  ? syscall_return_slowpath+0x5c0/0x5c0
[  386.949303]  ? syscall_return_slowpath+0x30f/0x5c0
[  386.954220]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  386.959580]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  386.964425]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  386.969599] RIP: 0033:0x455a09
[  386.972771] RSP: 002b:00007f5427f69c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  386.980472] RAX: ffffffffffffffda RBX: 00007f5427f6a6d4 RCX: 0000000000455a09
[  386.987724] RDX: 0000000020000080 RSI: 0000000040086607 RDI: 0000000000000013
[  386.994975] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  387.002225] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014
2018/05/15 13:08:50 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400000000000000000138000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

[  387.009477] R13: 00000000000001e0 R14: 00000000006f6da0 R15: 0000000000000008
[  387.030805] binder: 23209:23222 got reply transaction with no transaction stack
[  387.038424] binder: 23209:23222 transaction failed 29201/-71, size 0-0 line 2763
2018/05/15 13:08:50 executing program 4:
bpf$MAP_CREATE(0x6c8a, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:50 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x300000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:50 executing program 7 (fault-call:1 fault-nth:9):
r0 = syz_open_procfs(0x0, &(0x7f0000000140)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a")
ioctl$DRM_IOCTL_RES_CTX(r0, 0x40086607, &(0x7f0000000080)={0x0, &(0x7f0000000540)})

2018/05/15 13:08:50 executing program 0:
r0 = syz_open_procfs(0x0, &(0x7f0000000140)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a")
ioctl$DRM_IOCTL_RES_CTX(r0, 0x6612, &(0x7f0000000080)={0x0, &(0x7f0000000540)})

[  387.181599] binder: 23241:23242 got reply transaction with no transaction stack
[  387.189173] binder: 23241:23242 transaction failed 29201/-71, size 0-0 line 2763
[  387.217989] FAULT_INJECTION: forcing a failure.
[  387.217989] name failslab, interval 1, probability 0, space 0, times 0
[  387.229361] CPU: 0 PID: 23245 Comm: syz-executor7 Not tainted 4.17.0-rc5+ #51
[  387.236637] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  387.245992] Call Trace:
[  387.248597]  dump_stack+0x1b9/0x294
[  387.252267]  ? dump_stack_print_info.cold.2+0x52/0x52
[  387.257475]  should_fail.cold.4+0xa/0x1a
[  387.261548]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  387.266652]  ? kmem_cache_alloc+0x12e/0x760
[  387.270964]  ? mempool_alloc_slab+0x44/0x60
[  387.275275]  ? submit_bh_wbc+0x155/0x7c0
[  387.279323]  ? blk_exit_rl+0x80/0x80
[  387.283040]  ? find_held_lock+0x36/0x1c0
[  387.287115]  ? graph_lock+0x170/0x170
[  387.290902]  ? lock_downgrade+0x8e0/0x8e0
[  387.295050]  ? __lock_is_held+0xb5/0x140
[  387.299110]  __should_failslab+0x124/0x180
[  387.303344]  should_failslab+0x9/0x14
[  387.307142]  kmem_cache_alloc+0x47/0x760
[  387.311206]  ? rcu_note_context_switch+0x710/0x710
[  387.316133]  ? blk_get_request+0x40/0x40
[  387.320184]  ? mempool_free+0x370/0x370
[  387.324145]  mempool_alloc_slab+0x44/0x60
[  387.328304]  mempool_alloc+0x18b/0x490
[  387.332321]  ? remove_element.isra.4+0x1c0/0x1c0
[  387.337083]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  387.342622]  ? __lock_is_held+0xb5/0x140
[  387.346685]  bio_alloc_bioset+0x3a1/0x7f0
[  387.350830]  ? generic_make_request+0x1510/0x1510
[  387.355669]  ? bvec_alloc+0x2d0/0x2d0
[  387.359469]  ? check_same_owner+0x320/0x320
[  387.363778]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  387.368791]  ? guard_bio_eod+0x2b4/0x600
[  387.372866]  submit_bh_wbc+0x155/0x7c0
[  387.376755]  write_dirty_buffer+0xba/0x150
[  387.380988]  jbd2_log_do_checkpoint+0xbe6/0x1340
[  387.385740]  ? __jbd2_journal_remove_checkpoint+0x8c0/0x8c0
[  387.391449]  ? lock_downgrade+0x8e0/0x8e0
[  387.395594]  ? kasan_check_read+0x11/0x20
[  387.399731]  ? do_raw_spin_unlock+0x9e/0x2e0
[  387.404146]  ? kasan_check_write+0x14/0x20
[  387.408381]  ? do_raw_spin_lock+0xc1/0x200
[  387.412607]  jbd2_journal_flush+0x156/0x540
[  387.416921]  ext4_ioctl+0x241e/0x4210
[  387.420704]  ? _parse_integer+0x13b/0x190
[  387.424855]  ? ext4_ioctl_group_add+0x560/0x560
[  387.429513]  ? _parse_integer+0x190/0x190
[  387.433645]  ? graph_lock+0x170/0x170
[  387.437437]  ? lock_release+0xa10/0xa10
[  387.441396]  ? check_same_owner+0x320/0x320
[  387.445709]  ? find_held_lock+0x36/0x1c0
[  387.449766]  ? graph_lock+0x170/0x170
[  387.453569]  ? find_held_lock+0x36/0x1c0
[  387.457618]  ? lock_downgrade+0x8e0/0x8e0
[  387.461754]  ? kasan_check_read+0x11/0x20
[  387.465885]  ? rcu_is_watching+0x85/0x140
[  387.470029]  ? rcu_bh_force_quiescent_state+0x20/0x20
[  387.475237]  ? __fget+0x40c/0x650
[  387.478686]  ? match_held_lock+0x841/0x8b0
[  387.482916]  ? expand_files.part.8+0x9a0/0x9a0
[  387.487492]  ? kasan_check_write+0x14/0x20
[  387.491721]  ? __mutex_unlock_slowpath+0x180/0x8a0
[  387.496640]  ? wait_for_completion+0x870/0x870
[  387.501207]  ? ext4_ioctl_group_add+0x560/0x560
[  387.505862]  do_vfs_ioctl+0x1cf/0x16a0
[  387.509746]  ? ioctl_preallocate+0x2e0/0x2e0
[  387.514149]  ? fget_raw+0x20/0x20
[  387.517586]  ? __sb_end_write+0xac/0xe0
[  387.521547]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  387.527070]  ? fput+0x130/0x1a0
[  387.530334]  ? ksys_write+0x1a6/0x250
[  387.534134]  ? security_file_ioctl+0x94/0xc0
[  387.538545]  ksys_ioctl+0xa9/0xd0
[  387.541994]  __x64_sys_ioctl+0x73/0xb0
[  387.545870]  do_syscall_64+0x1b1/0x800
[  387.549752]  ? finish_task_switch+0x1ca/0x840
[  387.554245]  ? syscall_return_slowpath+0x5c0/0x5c0
[  387.559167]  ? syscall_return_slowpath+0x30f/0x5c0
[  387.564097]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  387.569454]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  387.574286]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  387.579469] RIP: 0033:0x455a09
[  387.582645] RSP: 002b:00007f5427f69c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  387.590347] RAX: ffffffffffffffda RBX: 00007f5427f6a6d4 RCX: 0000000000455a09
[  387.597604] RDX: 0000000020000080 RSI: 0000000040086607 RDI: 0000000000000013
[  387.604855] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  387.612123] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014
[  387.619384] R13: 00000000000001e0 R14: 00000000006f6da0 R15: 0000000000000009
[  387.686499] EXT4-fs (loop5): VFS: Can't find ext4 filesystem
[  387.758381] EXT4-fs (loop5): VFS: Can't find ext4 filesystem
2018/05/15 13:08:51 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400000000000000000238000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:51 executing program 4:
bpf$MAP_CREATE(0x78ba010000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:51 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x4000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:51 executing program 0:
r0 = syz_open_procfs(0x0, &(0x7f0000000140)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a")
ioctl$DRM_IOCTL_RES_CTX(r0, 0x40305828, &(0x7f0000000080)={0x0, &(0x7f0000000540)})

2018/05/15 13:08:51 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = gettid()
r1 = semget(0x0, 0x0, 0x0)
semtimedop(r1, &(0x7f0000000100)=[{0x0, 0x1, 0x1000}, {0x1, 0x6, 0x1000}, {0x3, 0x4, 0x1800}], 0x3, &(0x7f0000000140)={0x0, 0x1c9c380})
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r2=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r2+30000000}}, &(0x7f0000040000))
tkill(r0, 0x1000000000016)
pipe2(&(0x7f0000000000)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x807fe)
getdents64(r3, &(0x7f0000000100), 0x0)

2018/05/15 13:08:51 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r1, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f0000000080)={0x2})
accept$unix(r1, 0x0, &(0x7f00000002c0))
getsockopt$ax25_buf(r1, 0x101, 0x19, &(0x7f0000000140)=""/225, &(0x7f0000000000)=0xfffffd7d)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)
sendto$inet(r1, &(0x7f0000000240)="54dfc21e42455da7856a53208f155a45edb0ecc7056a9a4294711610b15f7fc86d0f7a8b67311167d04b3b0076e7df81d1fdf230b3e1c9daa4cfa36cf220c967f8ac3ca33d305bf1a2cc97c3afb23f28fa93c9cc9a478217351fbe66838d269cb2ec8531067b6d3157c8af0dd295", 0x6e, 0x40, &(0x7f00000000c0)={0x2, 0x4e20, @loopback=0x7f000001}, 0x10)

2018/05/15 13:08:51 executing program 7 (fault-call:1 fault-nth:10):
r0 = syz_open_procfs(0x0, &(0x7f0000000140)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a")
ioctl$DRM_IOCTL_RES_CTX(r0, 0x40086607, &(0x7f0000000080)={0x0, &(0x7f0000000540)})

2018/05/15 13:08:51 executing program 5:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
socket$nl_route(0x10, 0x3, 0x0)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
vmsplice(r1, &(0x7f0000000280)=[{&(0x7f0000000180)='r', 0x1}], 0x1, 0x0)

[  387.958762] binder: 23269:23271 got reply transaction with no transaction stack
[  387.966414] binder: 23269:23271 transaction failed 29201/-71, size 0-0 line 2763
[  387.998097] FAULT_INJECTION: forcing a failure.
2018/05/15 13:08:51 executing program 0:
r0 = syz_open_procfs(0x0, &(0x7f0000000140)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a")
ioctl$DRM_IOCTL_RES_CTX(r0, 0x40087602, &(0x7f0000000080)={0x0, &(0x7f0000000540)})

2018/05/15 13:08:51 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x3000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

[  387.998097] name failslab, interval 1, probability 0, space 0, times 0
[  388.009449] CPU: 0 PID: 23279 Comm: syz-executor7 Not tainted 4.17.0-rc5+ #51
[  388.016726] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  388.026083] Call Trace:
[  388.028684]  dump_stack+0x1b9/0x294
[  388.032329]  ? dump_stack_print_info.cold.2+0x52/0x52
[  388.037541]  should_fail.cold.4+0xa/0x1a
[  388.041616]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  388.046734]  ? kmem_cache_alloc+0x12e/0x760
[  388.051061]  ? mempool_alloc_slab+0x44/0x60
[  388.055388]  ? submit_bh_wbc+0x155/0x7c0
2018/05/15 13:08:51 executing program 4:
bpf$MAP_CREATE(0xa000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

[  388.059459]  ? blk_exit_rl+0x80/0x80
[  388.063200]  ? find_held_lock+0x36/0x1c0
[  388.067260]  ? graph_lock+0x170/0x170
[  388.071066]  ? lock_downgrade+0x8e0/0x8e0
[  388.075216]  ? __lock_is_held+0xb5/0x140
[  388.079276]  __should_failslab+0x124/0x180
[  388.083501]  should_failslab+0x9/0x14
[  388.087288]  kmem_cache_alloc+0x47/0x760
[  388.091342]  ? rcu_note_context_switch+0x710/0x710
[  388.096258]  ? blk_get_request+0x40/0x40
[  388.100322]  ? mempool_free+0x370/0x370
[  388.104298]  mempool_alloc_slab+0x44/0x60
[  388.108445]  mempool_alloc+0x18b/0x490
[  388.112334]  ? remove_element.isra.4+0x1c0/0x1c0
[  388.117093]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  388.122616]  ? __lock_is_held+0xb5/0x140
[  388.126667]  bio_alloc_bioset+0x3a1/0x7f0
[  388.130801]  ? generic_make_request+0x1510/0x1510
[  388.135628]  ? bvec_alloc+0x2d0/0x2d0
[  388.139414]  ? check_same_owner+0x320/0x320
[  388.143730]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  388.148743]  ? guard_bio_eod+0x2b4/0x600
[  388.152811]  submit_bh_wbc+0x155/0x7c0
[  388.156696]  write_dirty_buffer+0xba/0x150
[  388.160920]  jbd2_log_do_checkpoint+0xbe6/0x1340
[  388.165667]  ? __jbd2_journal_remove_checkpoint+0x8c0/0x8c0
[  388.171371]  ? lock_downgrade+0x8e0/0x8e0
[  388.175525]  ? kasan_check_read+0x11/0x20
[  388.179665]  ? do_raw_spin_unlock+0x9e/0x2e0
[  388.184070]  ? kasan_check_write+0x14/0x20
[  388.188299]  ? do_raw_spin_lock+0xc1/0x200
[  388.192524]  jbd2_journal_flush+0x156/0x540
[  388.196835]  ext4_ioctl+0x241e/0x4210
[  388.200639]  ? _parse_integer+0x13b/0x190
[  388.204785]  ? ext4_ioctl_group_add+0x560/0x560
[  388.209444]  ? _parse_integer+0x190/0x190
[  388.213586]  ? graph_lock+0x170/0x170
[  388.217376]  ? lock_release+0xa10/0xa10
[  388.221354]  ? check_same_owner+0x320/0x320
[  388.225658]  ? find_held_lock+0x36/0x1c0
[  388.229701]  ? graph_lock+0x170/0x170
[  388.233530]  ? find_held_lock+0x36/0x1c0
[  388.237589]  ? lock_downgrade+0x8e0/0x8e0
[  388.241738]  ? kasan_check_read+0x11/0x20
[  388.245875]  ? rcu_is_watching+0x85/0x140
[  388.250017]  ? rcu_bh_force_quiescent_state+0x20/0x20
[  388.255208]  ? __fget+0x40c/0x650
[  388.258647]  ? match_held_lock+0x841/0x8b0
[  388.262867]  ? expand_files.part.8+0x9a0/0x9a0
[  388.267437]  ? kasan_check_write+0x14/0x20
[  388.271667]  ? __mutex_unlock_slowpath+0x180/0x8a0
[  388.276582]  ? wait_for_completion+0x870/0x870
[  388.281166]  ? ext4_ioctl_group_add+0x560/0x560
[  388.285832]  do_vfs_ioctl+0x1cf/0x16a0
[  388.289708]  ? ioctl_preallocate+0x2e0/0x2e0
[  388.294104]  ? fget_raw+0x20/0x20
[  388.297545]  ? __sb_end_write+0xac/0xe0
[  388.301509]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  388.307039]  ? fput+0x130/0x1a0
[  388.310317]  ? ksys_write+0x1a6/0x250
[  388.314125]  ? security_file_ioctl+0x94/0xc0
[  388.318541]  ksys_ioctl+0xa9/0xd0
[  388.321991]  __x64_sys_ioctl+0x73/0xb0
[  388.325868]  do_syscall_64+0x1b1/0x800
[  388.329751]  ? syscall_return_slowpath+0x5c0/0x5c0
[  388.334666]  ? syscall_return_slowpath+0x30f/0x5c0
[  388.339580]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  388.344936]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  388.349791]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  388.354981] RIP: 0033:0x455a09
2018/05/15 13:08:51 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400000000110000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

[  388.358160] RSP: 002b:00007f5427f69c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  388.365871] RAX: ffffffffffffffda RBX: 00007f5427f6a6d4 RCX: 0000000000455a09
[  388.373134] RDX: 0000000020000080 RSI: 0000000040086607 RDI: 0000000000000013
[  388.380384] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  388.387636] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014
[  388.394890] R13: 00000000000001e0 R14: 00000000006f6da0 R15: 000000000000000a
2018/05/15 13:08:51 executing program 4:
bpf$MAP_CREATE(0x14ad030000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:51 executing program 0:
r0 = syz_open_procfs(0x0, &(0x7f0000000140)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a")
ioctl$DRM_IOCTL_RES_CTX(r0, 0x400c6615, &(0x7f0000000080)={0x0, &(0x7f0000000540)})

[  388.462706] binder: 23292:23293 got reply transaction with no transaction stack
[  388.470434] binder: 23292:23293 transaction failed 29201/-71, size 0-0 line 2763
2018/05/15 13:08:52 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400000000000200000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:52 executing program 7 (fault-call:1 fault-nth:11):
r0 = syz_open_procfs(0x0, &(0x7f0000000140)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a")
ioctl$DRM_IOCTL_RES_CTX(r0, 0x40086607, &(0x7f0000000080)={0x0, &(0x7f0000000540)})

2018/05/15 13:08:52 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x2)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
getsockopt$IP_VS_SO_GET_INFO(r0, 0x0, 0x481, &(0x7f0000000000), &(0x7f0000000080)=0xc)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r1, 0xc058534f, &(0x7f0000000140)={{0x8, 0x80}, 0x1, 0x5, 0x7, {0x1000, 0x1b4}, 0xca, 0x715})
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:08:52 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:52 executing program 0:
r0 = syz_open_procfs(0x0, &(0x7f0000000140)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a")
ioctl$DRM_IOCTL_RES_CTX(r0, 0x40086603, &(0x7f0000000080)={0x0, &(0x7f0000000540)})

2018/05/15 13:08:52 executing program 4:
bpf$MAP_CREATE(0x7001000000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:52 executing program 5:
pipe(&(0x7f0000000140)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
vmsplice(r1, &(0x7f0000000280)=[{&(0x7f0000000180)='r', 0x1}], 0x1, 0x0)

2018/05/15 13:08:52 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r1=>0x0})
r2 = openat$null(0xffffffffffffff9c, &(0x7f0000001300)='/dev/null\x00', 0x480, 0x0)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r2, 0x29, 0x20, &(0x7f0000001340)={@empty, 0xffffffffffff1a73, 0x2, 0x0, 0x4, 0xffffffffffff8000, 0xfffffffffffffeff, 0xc69}, &(0x7f0000001380)=0x20)
r3 = creat(&(0x7f0000000000)='./file0\x00', 0x4)
mq_timedsend(r3, &(0x7f0000000100)="ac4372a74bbcdb3a35a8e96ac07274eddece04981074cab63ef952697a19a3ebea1a8cc29a1a1434a65753866d66f30bffb709805f1602725e7c8e8028f9f04a7b188e0cc42d7710f2d81d2f1a26c70ea16092a33f7c63fec35e758a2b4acc99bb10c4980342b981a682fce62feab121177ffa776c463b5e00cc671ff026a03f49374572a81aca7c6ec79831d03bc79fe2f3b4a2eda4c187c5f21a821356ca4967bb7b6b2443903bf564b4d15270d4ece27e543b672ce6ee31de5bb4619a8632862c0f189180ee7167e39483127bd37b6a0eca0a38db3f222f0292b325efb297834edea92a3318c75a8da464f249f8ec5cd2071232bab055b859bce8e190d325858c9a2716ae92850a2f9f4e05dab18aac89410744d1511cfcd19c124fae6e13d3587f45750f3ff5be33fb539e3d076441cf44c6b7960f54a26122af5b625923558c86ae884cc532838f5d9604b62f6014b34f29dca7d8f90f296e5844b45578e2075338f145c41d9098883a626878854281cfa1d8fdec0e4bf2dba64506650fd90066722f05fc120fc7522620debd5607e10baf25ae9ccd72246d362ebedbf0076ac8219cdead87154b1ec16d445c08cf52cd4546573c4b8a2921907069db208837dd286f6228c691bd2756d4d6e97f16cf653a652f59e116aeb2024eb40283595d1446ed210041a3513d9f704a7f4c2177a88067ff41e27e3a86efeb922ad12f7860070f8cedfb61208313b4eaf317afb0faa00d8cfebf129f3a349eac1d883df4e5c4c5f8dcace3b21328f6f6a8b0c9795f1f4d79f03afb4f553776e44462e55bd43474cafd991ab3056e18c08e76696ba5505d8d75ed39792d62bf940bdba3875b9ae5b8e10da1f8932ecbb8a23446e79f63acbbfc0217e30202530653629fcf4469bbec3193669e78480d381264c6e281c58831775a8e9e487a1f1029396f95edcfdd9dbe8fa58f54875df6cd7d519a0e079d00dd70e58bd64a0c3ade181894ebd18800d8e3cd8710517a228af39f83ae496eaac02992f8dc177d741632b65c410d542facc7a9aedf833e1553e5770eff02eaaea9c634bed450f63a94e7089de3cdc3f73a3647330cd85fbf7e0d4f83b4c834f67b1ed9bdd5e4ad3a1c7944bec98b21fbfe66a2a6234cb07227889608ff1ea0051a0caf75653917a88e2cfea822895266414ac8a0b348806ed1a135ec6d07ef241fb5f3d79ce7ffebe514030492bcfff012801dd8c7323d701eb765e48ea06c37d4dedf3e0be3dd39cb768cc52c1573ebb1bb361237a0405b6b9531e395fb00cb40d4f4884ed3aa665c67f14c9009124e64fbeaeb354d314f713eecbebec977b696ceb913e8983bb26eb084a4d3ff4d621e6e096ec538b284bf2099e835c3ce740e24d5a92e5558e03263f405f5de4f6abcd0f0e41ffcf63acb1d14c10b67bbf1fd1eec16e50d4119055b503f2f9ce09735bf115280419553426339d5e22a240042c56069c37d413be007442dab232a5cbc0cdb0113a9ba97b93349aaf92fba7add151455a97100b3f581e5ab4fec40a147be5ded15d68397f5afa4a72889899348bf854e8f9edaab40001996f47d93dc2080d676ea50d2f30394c5fda5a048feaf251f570d66de5af95cac4aa9549848e4b891f36601da86ea95efece4798f6326ac0a8b49ad8585be51f105180ac5fd655b88faf7669439ddc6d2969dee97873b9d74174df4e13c2b15c54758a48159c338c64d42b350dee6b49724087fba496535510b71193f06e75ef0de52f1af000774c24ef13b8e6a44f84675cb7d10c6c54a6f385f3e0c20743ab30191e9047a81a2ae409d42040f9757f65e46cd9dbd081b4ae79d8c7b736b5bf724a66a2afde3104c71ba3ea0cb2e7f8af3771acdeb854f05b819911ed1ca70908ab74e5e674286c4f4d8e78654986c90e5ad399bea677b7c313d0c10177efd4c8774ec81c4ca90f39226ee5e58b88f83cd5e28730efbfa3eab5b988bef6c47538e88c69c476452cc42a3bed806e38f65ac694959b254932ef72c7eaa68b2e83d127636dfd0aeef4cbdd4ca1b5627f33d5f0d072ee4b3593224e2f751794ee0ca65529ddea90758763c4a8a6500f490fa53e7c5db5637a376d2301fed1b557379c43a7c6b6b049b4888acb174ab9b194285d952bdf0d5fcfd10229ca1ead23545d67fddcc74c2af36a485918e7e5e61f971cb089f9b483ab696d8d8f572bf1bfbc95d932fbb2b11890f204f103a9405432de875df3921b9ba7ac6131ed22f22857fd2c6848abc753324b410cce9eede329bf273405b852e9ca9021a018bafe8acbf828ed1d0a978cefc73d35f537bb7d32eb299ecc4892bf9b70f68293e5ffcbd2ff18984301bd7fb5254162f4423b6f14dbd4341795c78a775b3a471ce88c93ab498a9eaa170b28044cdaf159f175690669cffca2890343ddb5cae755b56418a31dca0e34e658acf1c75b4ea540e13de6f069b9b8ece27b083a329e55e5da0dba3a8800dbf0fc896ddd40ba5d7b044605e3ec9e091180e279236313633fc8c1f5a909f50234b5ef7f577b6d67eb0a5cce3c51665081136c7849967cdb99324a952164d6263d30f87f94a29b7dc265740044818dd95f17d1dfa296055f79984e3951f9776e6aee408abb5547d63cb759850fde28d4ad52bae9363c1304024a1e0c485f7eec1fe346f39ec062998e2a646f28d1f4bd9ecf3606b88ee46cbae73dc7a99dd96d0d5d59cb4f5b03458beeaf03449be75097f208f15e373e7fab5b340a99b1caa83ff216d7f5c3af8093b18aee8ee3493521dede4be50dec7939d63de05531ec495b883c664caba072debd90ee9594fafde48a3352bb400a3579c61a16736a2e300e09a6953417b2fc9eec34c45ed023362533dbfc25c7e7358c0ee57d6951d9a8f8064ccfb5c51875e263aeb2c61be84047c7d82d9ecc830245f7a0b1f81a3bf6d608873110fff68c24a8d789117f1a499064ae1b81937440c4fa01b7b81b484e1303906c9ac9e0bf110db0abde8dc874ce3acf52b48563e5099104c172dc9574ff90bd03424f13f8fa11d13accd249236fbb5cb4812e178e9b4de6fa486bcdb77eb750380bb9929dbd0f1a0c4f07816b8898f4f63c71482637b436ac2fbce48327fb3454325af5cd5d8e84f331cdb7830b29ccb6f9a5dc6a8f2e7d83176bf053ccaebe95791af31424b7092909e3fe24dc0b23ad6ccf4f9672aa808ff72de80cab544f68a41e445c70d8dae5faa771b4079870f1df7b34ab8922978e5eed8a3a414d3818d72721d8aae5055f3d660462ac3be4028aad1addd9fb16cc8cc450dea8e4b9af88ed61d3e373de911ba1d318e94110b163bf55ec6622531201125b1b3629c28b6c3bf0ef551b0ff5a4561469cf058cc3cfae3d1087e2f359a5d38ffd3aadaa16ce11fd5eff566f4112d92d16886c18f6a9bf2aad3b34a6f29f92f87664683af1571c9bd9f41f4e3b8bc6351cdf508702ce01191c25fb487bf5c665fc59d923b04b845774ed9139467a588181e5d2e47a80456ef8077b9acd42a0b9c776522d6b775c4f6a94e39da6550c299f1302a577245d87adfb528ea2b6d350fb8225d663086004cb7511bdd52bee8e8ffeb4559d9fd29dffb7a4e364a7c55fb1b61e6076c57f0bc85d041116619822ac191f892d26b3906baed8d56a8119af5ffae8a220ae3b2ff98b7ad9ac6187b24568dc3774ff8312eb9a0d9a420b39d1d1128fe644d926abe4c89af6a1f22448704f1225f84343617cee4a8869478dff0c601bd53288e8241f8426a5b9759e13d7b512db48e3512433469008575b5ed0032f1f9d39f6904b4f4602cdc871b9ec88eb0283bc94cb5d50d405d6f646c40458207fcd21ccbec02a29e69726f9ce4b3437192bd835bf795115e262bc231fcd812292e626c9a44e5919e8a6579f9bc42982d306ae899eeadaa87bddd60222c3a856734ab130c6fb34bd156eddaa484ee994772c02e440964c8fbbbddd921071a68b230887f885affb8e3c9815325f486aeb82c55a1ca1e99af6ca87287261ebff5ac7b4f23819c7c512b7f1ef5e8f4e8b6b1e960effedc192a41c0ad0da49846da9b834eb8343ef93b474e394f97cfde9699381c5c00dc225075019559f8c6e89bd873afd2f752c1c61f3a9c5df5be0ab38541e5fdfa3b5fe0a9ae3228dc66cbcbc7eb25426453507b7153124093e77b9443fc100e94c7ca171a924cedaccc512b2bd9deff885aab27bd3fb7b5c5b2dd35dad339cd009cf480d2d403cfa89bb75d1d13ff9fa330e68b775338595503655ed4b998fe5e441799dc0db45fa88123881bdc45dbb2578def9f6b7699c374fa2f8ed7618c249d3113005916494103498b2c82777873bc573edc8f2382613a257896f9d98dd578da76718f9eab5ec26bebd08ee4cb65c0c7e8e8460ec249c010f02004ed95fcfc7c327915ab8c2bf8ac0a131819e7ef4b946b451e126cf58c98321ff55d4be1133973897d98b5a493ea3f7ca0a5744dbd61f3918768afdc228779946a451a0cfd0dae5475e3adf8eabdb93da84bc8b0f9d3168e43744aa400bd598f3e3b1d74930cf0551673c5ddb0f8a492a849a379521454c785b16f3133d0434d8a5e1236a0298fcf44d42f94b679def22efbc84f419437ea2e6b5cb1e617088ad2a134b1e6654f8cfcc9ed4655355658a7580202133978c6b895cffd710fd3b057a591918865cd4c0fd0e2da08f6012c61f42c78273fd07c72c9b22ef446bb1ee906d27009cdb6640752547e3a4c4fa7f86673d1bb0a7801d7089768a15a991b3a767db9136a4ea6c5a730ef84467724cb18f904b0474e8867f04f101991f37cd4465ef05314902722f7347310f44a62a774e6a5e1cb1c3d0ad1beaa2b41a26cd2416f92e66cce9c030e8ece9b1834f5e48ec7b7884e382e726bcba2e0a16fa29e974aa5c92415d73c5019e2eada58ddddf76f5c6dce543f8e650b94bb4792ddaf054a7f9ca38a555ddea9351acfa9b7fd5c5565f76748c96ba2c9ee9f6afe1fd82cf603af213de61d5647c37db1dff4af1406880262d6a29e3c5cd5c2e9795269b6edcacd2b540a12a6419c4f9c3aad8f572eec3caf220d04c49695b83ed1d4662ef5c86da811a48042714ee55264ce1d89a903569445099c60a758e39821083ff6c4b8e955e786b636b1198b297675601628d5470209ba1c5f6aa4e9b4d44f85573d9736c348a79eb032535aa5be76f44dba1a4891f0204aa5596e99898b443c354a5e80573cabdcb6308015161230509da72f59ce5415aac6584fde8b3839e3798ac334bac84edaff96c34eebb488bc8586963a356933eaa846a67a1df94e3b29d98295e157d2d8430a9e7ffbc43282235207e18f3411be0cbbccbd946413fc17695272a6bbbeac199bb4ac58a8a66ba1dcefd7c5b0805b67fb4881d7411e2fcd889995f2b8ec16641a0cce667c229c0c2f3fde21f2d9bc81d7746d93eac50ba28dce15cc7e67e133584c0e9631ffd02e7d365ca5933f0fddf35765eedc376f523a9068a62041d28aa6fc8d39f1c86141f9d8f2611b9f1b853422285fdacd1bf2a7b03a154f188afe3a739aebe03544b1d064d60640ba7050de269a15c3a77dc7bdc3e8fef6f7729f2493bbe83083aaaf060669f95914b4731ed1daaf314da7ce57ba9aa8751abddab6dc9556b00351dd7e3a0b83432f3e2a10af55426888cf1a76daaaca5c8c2b1e1c569bc57fa1c221cfba4eb11f62a396ed35e021679774f1b53974b02c38204ddb56e4f18948a1c3cff1a0abd52e2a78bb7b551bfa463eb547a613ec9decd1", 0x1000, 0xfffffffffffffff7, &(0x7f0000001100)={0x0, 0x989680})
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r1+30000000}}, &(0x7f0000040000))
getsockopt$inet_sctp_SCTP_DELAYED_SACK(r3, 0x84, 0x10, &(0x7f00000013c0)=@assoc_value={<r4=>0x0, 0x9f}, &(0x7f0000001400)=0x8)
setsockopt$inet_sctp_SCTP_RESET_ASSOC(r2, 0x84, 0x78, &(0x7f0000001440)=r4, 0x4)
getsockopt$inet_sctp_SCTP_DELAYED_SACK(r3, 0x84, 0x10, &(0x7f0000001140)=@sack_info={<r5=>0x0, 0x9, 0xc126}, &(0x7f0000001180)=0xc)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(r3, 0x84, 0x70, &(0x7f00000011c0)={r5, @in6={{0xa, 0x4e20, 0xc6, @remote={0xfe, 0x80, [], 0xbb}, 0x70}}, [0x100, 0x9, 0x3, 0x1000, 0x4, 0xff, 0x202, 0x1, 0x2, 0x2, 0x4, 0x1ff, 0xd29, 0x101]}, &(0x7f00000012c0)=0x100)
tkill(r0, 0x1000000000016)

[  389.024552] binder: 23313:23315 got reply transaction with no transaction stack
[  389.032121] binder: 23313:23315 transaction failed 29201/-71, size 0-0 line 2763
[  389.052332] FAULT_INJECTION: forcing a failure.
[  389.052332] name failslab, interval 1, probability 0, space 0, times 0
[  389.063686] CPU: 0 PID: 23312 Comm: syz-executor7 Not tainted 4.17.0-rc5+ #51
2018/05/15 13:08:52 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x68000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:52 executing program 4:
bpf$MAP_CREATE(0xc00000000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:52 executing program 0:
r0 = syz_open_procfs(0x0, &(0x7f0000000140)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a")
ioctl$DRM_IOCTL_RES_CTX(r0, 0x401c5820, &(0x7f0000000080)={0x0, &(0x7f0000000540)})

[  389.070965] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  389.080343] Call Trace:
[  389.082948]  dump_stack+0x1b9/0x294
[  389.086604]  ? dump_stack_print_info.cold.2+0x52/0x52
[  389.091812]  should_fail.cold.4+0xa/0x1a
[  389.095887]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  389.101011]  ? kmem_cache_alloc+0x12e/0x760
[  389.105336]  ? mempool_alloc_slab+0x44/0x60
[  389.109647]  ? submit_bh_wbc+0x155/0x7c0
[  389.113699]  ? blk_exit_rl+0x80/0x80
[  389.117420]  ? find_held_lock+0x36/0x1c0
[  389.121467]  ? graph_lock+0x170/0x170
[  389.125253]  ? lock_downgrade+0x8e0/0x8e0
[  389.129399]  ? __lock_is_held+0xb5/0x140
[  389.133476]  __should_failslab+0x124/0x180
[  389.137707]  should_failslab+0x9/0x14
[  389.141498]  kmem_cache_alloc+0x47/0x760
[  389.145563]  ? rcu_note_context_switch+0x710/0x710
[  389.150478]  ? blk_get_request+0x40/0x40
[  389.154542]  ? mempool_free+0x370/0x370
[  389.158522]  mempool_alloc_slab+0x44/0x60
[  389.162665]  mempool_alloc+0x18b/0x490
[  389.166541]  ? remove_element.isra.4+0x1c0/0x1c0
[  389.171302]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  389.176825]  ? __lock_is_held+0xb5/0x140
[  389.180876]  bio_alloc_bioset+0x3a1/0x7f0
[  389.185035]  ? generic_make_request+0x1510/0x1510
[  389.189865]  ? bvec_alloc+0x2d0/0x2d0
[  389.193653]  ? check_same_owner+0x320/0x320
[  389.197962]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  389.202975]  ? guard_bio_eod+0x2b4/0x600
[  389.207040]  submit_bh_wbc+0x155/0x7c0
[  389.210932]  write_dirty_buffer+0xba/0x150
[  389.215158]  jbd2_log_do_checkpoint+0xbe6/0x1340
[  389.219929]  ? __jbd2_journal_remove_checkpoint+0x8c0/0x8c0
2018/05/15 13:08:52 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e23, 0xfffffffffffffffa, @remote={0xfe, 0x80, [], 0xbb}, 0x2}, 0x1c)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e21, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0xfffffffffffffffd}, 0x1c)
recvfrom$ipx(r1, &(0x7f00000000c0)=""/48, 0x30, 0x40000000, &(0x7f0000000140)={0x4, 0x8, 0x8, "d802554d4b6c", 0x7}, 0x10)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

[  389.225627]  ? lock_downgrade+0x8e0/0x8e0
[  389.229763]  ? kasan_check_read+0x11/0x20
[  389.233911]  ? do_raw_spin_unlock+0x9e/0x2e0
[  389.238332]  ? kasan_check_write+0x14/0x20
[  389.242575]  ? do_raw_spin_lock+0xc1/0x200
[  389.246822]  jbd2_journal_flush+0x156/0x540
[  389.251153]  ext4_ioctl+0x241e/0x4210
[  389.254958]  ? _parse_integer+0x13b/0x190
[  389.259109]  ? ext4_ioctl_group_add+0x560/0x560
[  389.263775]  ? _parse_integer+0x190/0x190
[  389.267911]  ? graph_lock+0x170/0x170
[  389.271704]  ? lock_release+0xa10/0xa10
[  389.275670]  ? check_same_owner+0x320/0x320
[  389.279974]  ? find_held_lock+0x36/0x1c0
[  389.284065]  ? graph_lock+0x170/0x170
[  389.287872]  ? find_held_lock+0x36/0x1c0
[  389.291933]  ? lock_downgrade+0x8e0/0x8e0
[  389.296069]  ? kasan_check_read+0x11/0x20
[  389.300202]  ? rcu_is_watching+0x85/0x140
[  389.304339]  ? rcu_bh_force_quiescent_state+0x20/0x20
[  389.309523]  ? __fget+0x40c/0x650
[  389.312961]  ? match_held_lock+0x841/0x8b0
[  389.317188]  ? expand_files.part.8+0x9a0/0x9a0
[  389.321757]  ? kasan_check_write+0x14/0x20
[  389.325979]  ? __mutex_unlock_slowpath+0x180/0x8a0
[  389.330904]  ? wait_for_completion+0x870/0x870
[  389.335474]  ? ext4_ioctl_group_add+0x560/0x560
[  389.340137]  do_vfs_ioctl+0x1cf/0x16a0
[  389.344014]  ? ioctl_preallocate+0x2e0/0x2e0
[  389.348422]  ? fget_raw+0x20/0x20
[  389.351871]  ? __sb_end_write+0xac/0xe0
[  389.355857]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  389.361374]  ? fput+0x130/0x1a0
[  389.364638]  ? ksys_write+0x1a6/0x250
[  389.368425]  ? security_file_ioctl+0x94/0xc0
[  389.372820]  ksys_ioctl+0xa9/0xd0
[  389.376267]  __x64_sys_ioctl+0x73/0xb0
[  389.380139]  do_syscall_64+0x1b1/0x800
[  389.384042]  ? finish_task_switch+0x1ca/0x840
[  389.388580]  ? syscall_return_slowpath+0x5c0/0x5c0
[  389.393493]  ? syscall_return_slowpath+0x30f/0x5c0
[  389.398410]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  389.403760]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  389.408601]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  389.413781] RIP: 0033:0x455a09
[  389.416953] RSP: 002b:00007f5427f69c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  389.424657] RAX: ffffffffffffffda RBX: 00007f5427f6a6d4 RCX: 0000000000455a09
[  389.431908] RDX: 0000000020000080 RSI: 0000000040086607 RDI: 0000000000000013
[  389.439164] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  389.446423] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014
[  389.453674] R13: 00000000000001e0 R14: 00000000006f6da0 R15: 000000000000000b
2018/05/15 13:08:52 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400001200000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

[  389.479850] binder: 23329:23330 got reply transaction with no transaction stack
[  389.487450] binder: 23329:23330 transaction failed 29201/-71, size 0-0 line 2763
2018/05/15 13:08:53 executing program 7 (fault-call:1 fault-nth:12):
r0 = syz_open_procfs(0x0, &(0x7f0000000140)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a")
ioctl$DRM_IOCTL_RES_CTX(r0, 0x40086607, &(0x7f0000000080)={0x0, &(0x7f0000000540)})

2018/05/15 13:08:53 executing program 0:
r0 = syz_open_procfs(0x0, &(0x7f0000000140)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a")
ioctl$DRM_IOCTL_RES_CTX(r0, 0x800c6613, &(0x7f0000000080)={0x0, &(0x7f0000000540)})

2018/05/15 13:08:53 executing program 4:
bpf$MAP_CREATE(0x72220100, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:53 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0xffffff7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:53 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400001600000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

[  389.633947] FAULT_INJECTION: forcing a failure.
[  389.633947] name failslab, interval 1, probability 0, space 0, times 0
[  389.645322] CPU: 0 PID: 23349 Comm: syz-executor7 Not tainted 4.17.0-rc5+ #51
[  389.652617] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  389.661979] Call Trace:
[  389.664581]  dump_stack+0x1b9/0x294
[  389.668230]  ? dump_stack_print_info.cold.2+0x52/0x52
[  389.673530]  should_fail.cold.4+0xa/0x1a
[  389.677595]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  389.682699]  ? kmem_cache_alloc+0x12e/0x760
[  389.687019]  ? mempool_alloc_slab+0x44/0x60
[  389.691349]  ? submit_bh_wbc+0x155/0x7c0
[  389.695408]  ? blk_exit_rl+0x80/0x80
[  389.699115]  ? find_held_lock+0x36/0x1c0
[  389.703176]  ? graph_lock+0x170/0x170
[  389.706967]  ? lock_downgrade+0x8e0/0x8e0
[  389.711122]  ? __lock_is_held+0xb5/0x140
[  389.715186]  __should_failslab+0x124/0x180
[  389.719420]  should_failslab+0x9/0x14
[  389.723226]  kmem_cache_alloc+0x47/0x760
[  389.727294]  ? rcu_note_context_switch+0x710/0x710
[  389.732228]  ? blk_get_request+0x40/0x40
[  389.736290]  ? mempool_free+0x370/0x370
[  389.740268]  mempool_alloc_slab+0x44/0x60
[  389.744417]  mempool_alloc+0x18b/0x490
[  389.748309]  ? remove_element.isra.4+0x1c0/0x1c0
[  389.753079]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  389.758623]  ? __lock_is_held+0xb5/0x140
[  389.762674]  bio_alloc_bioset+0x3a1/0x7f0
[  389.766834]  ? generic_make_request+0x1510/0x1510
[  389.771686]  ? bvec_alloc+0x2d0/0x2d0
[  389.775491]  ? check_same_owner+0x320/0x320
[  389.779820]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  389.784840]  ? guard_bio_eod+0x2b4/0x600
[  389.788917]  submit_bh_wbc+0x155/0x7c0
[  389.792805]  write_dirty_buffer+0xba/0x150
[  389.797042]  jbd2_log_do_checkpoint+0xbe6/0x1340
[  389.801804]  ? __jbd2_journal_remove_checkpoint+0x8c0/0x8c0
[  389.807514]  ? lock_downgrade+0x8e0/0x8e0
[  389.811650]  ? kasan_check_read+0x11/0x20
[  389.815795]  ? do_raw_spin_unlock+0x9e/0x2e0
[  389.820202]  ? kasan_check_write+0x14/0x20
[  389.824429]  ? do_raw_spin_lock+0xc1/0x200
[  389.828653]  jbd2_journal_flush+0x156/0x540
[  389.832964]  ext4_ioctl+0x241e/0x4210
[  389.836781]  ? _parse_integer+0x13b/0x190
[  389.840944]  ? ext4_ioctl_group_add+0x560/0x560
[  389.845607]  ? _parse_integer+0x190/0x190
[  389.849755]  ? graph_lock+0x170/0x170
[  389.853562]  ? lock_release+0xa10/0xa10
[  389.857543]  ? check_same_owner+0x320/0x320
[  389.862682]  ? find_held_lock+0x36/0x1c0
[  389.866750]  ? graph_lock+0x170/0x170
[  389.870557]  ? find_held_lock+0x36/0x1c0
[  389.874655]  ? lock_downgrade+0x8e0/0x8e0
[  389.878820]  ? kasan_check_read+0x11/0x20
[  389.882982]  ? rcu_is_watching+0x85/0x140
[  389.887132]  ? rcu_bh_force_quiescent_state+0x20/0x20
[  389.892321]  ? __fget+0x40c/0x650
[  389.895761]  ? match_held_lock+0x841/0x8b0
[  389.899983]  ? expand_files.part.8+0x9a0/0x9a0
[  389.904554]  ? kasan_check_write+0x14/0x20
[  389.908879]  ? __mutex_unlock_slowpath+0x180/0x8a0
[  389.913813]  ? wait_for_completion+0x870/0x870
[  389.918400]  ? ext4_ioctl_group_add+0x560/0x560
[  389.923057]  do_vfs_ioctl+0x1cf/0x16a0
[  389.926933]  ? ioctl_preallocate+0x2e0/0x2e0
[  389.931327]  ? fget_raw+0x20/0x20
[  389.934769]  ? __sb_end_write+0xac/0xe0
[  389.938730]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  389.944251]  ? fput+0x130/0x1a0
[  389.947514]  ? ksys_write+0x1a6/0x250
[  389.951303]  ? security_file_ioctl+0x94/0xc0
[  389.955699]  ksys_ioctl+0xa9/0xd0
[  389.959151]  __x64_sys_ioctl+0x73/0xb0
[  389.963045]  do_syscall_64+0x1b1/0x800
[  389.966933]  ? finish_task_switch+0x1ca/0x840
[  389.971425]  ? syscall_return_slowpath+0x5c0/0x5c0
[  389.976360]  ? syscall_return_slowpath+0x30f/0x5c0
[  389.981296]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  389.986659]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  389.991502]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  389.996688] RIP: 0033:0x455a09
[  389.999869] RSP: 002b:00007f5427f69c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  390.007571] RAX: ffffffffffffffda RBX: 00007f5427f6a6d4 RCX: 0000000000455a09
[  390.014839] RDX: 0000000020000080 RSI: 0000000040086607 RDI: 0000000000000013
[  390.022105] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  390.029363] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014
[  390.036615] R13: 00000000000001e0 R14: 00000000006f6da0 R15: 000000000000000c
[  390.065769] binder: 23355:23358 got reply transaction with no transaction stack
[  390.073364] binder: 23355:23358 transaction failed 29201/-71, size 0-0 line 2763
[  390.111719] kworker/dying (71) used greatest stack depth: 12944 bytes left
2018/05/15 13:08:53 executing program 7 (fault-call:1 fault-nth:13):
r0 = syz_open_procfs(0x0, &(0x7f0000000140)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a")
ioctl$DRM_IOCTL_RES_CTX(r0, 0x40086607, &(0x7f0000000080)={0x0, &(0x7f0000000540)})

2018/05/15 13:08:53 executing program 4:
bpf$MAP_CREATE(0x8a02, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:53 executing program 0:
r0 = syz_open_procfs(0x0, &(0x7f0000000140)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a")
ioctl$DRM_IOCTL_RES_CTX(r0, 0xc0189436, &(0x7f0000000080)={0x0, &(0x7f0000000540)})

2018/05/15 13:08:53 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400000400000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:53 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:53 executing program 5:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
vmsplice(r1, &(0x7f0000000280)=[{&(0x7f0000000180)='r', 0x1}], 0x1, 0x0)
fsetxattr(r1, &(0x7f0000000000)=ANY=[@ANYBLOB='`ystea.\x00'], &(0x7f0000000040)='\x00', 0x1, 0x2)

2018/05/15 13:08:53 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
ioctl$sock_inet_SIOCSIFNETMASK(r0, 0x891c, &(0x7f0000000000)={'ip6gre0\x00', {0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xc}}})
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:08:53 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r1=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r1+30000000}}, &(0x7f0000040000))
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x40, 0x9)
ioctl$RNDGETENTCNT(r2, 0x80045200, &(0x7f0000000100))
tkill(r0, 0x1000000000016)

2018/05/15 13:08:53 executing program 4:
bpf$MAP_CREATE(0x1e3ee, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

[  390.504273] FAULT_INJECTION: forcing a failure.
[  390.504273] name failslab, interval 1, probability 0, space 0, times 0
[  390.515635] CPU: 0 PID: 23374 Comm: syz-executor7 Not tainted 4.17.0-rc5+ #51
[  390.522921] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  390.532290] Call Trace:
[  390.534871]  dump_stack+0x1b9/0x294
[  390.538497]  ? dump_stack_print_info.cold.2+0x52/0x52
[  390.543683]  should_fail.cold.4+0xa/0x1a
[  390.547752]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  390.552854]  ? kmem_cache_alloc+0x12e/0x760
[  390.557163]  ? mempool_alloc_slab+0x44/0x60
[  390.561479]  ? submit_bh_wbc+0x155/0x7c0
[  390.565544]  ? blk_exit_rl+0x80/0x80
[  390.569249]  ? find_held_lock+0x36/0x1c0
[  390.573298]  ? graph_lock+0x170/0x170
[  390.577086]  ? lock_downgrade+0x8e0/0x8e0
[  390.581243]  ? __lock_is_held+0xb5/0x140
[  390.585304]  __should_failslab+0x124/0x180
[  390.589537]  should_failslab+0x9/0x14
[  390.593335]  kmem_cache_alloc+0x47/0x760
[  390.597396]  ? rcu_note_context_switch+0x710/0x710
[  390.602325]  ? blk_get_request+0x40/0x40
[  390.606394]  ? mempool_free+0x370/0x370
[  390.610363]  mempool_alloc_slab+0x44/0x60
[  390.614502]  mempool_alloc+0x18b/0x490
[  390.618378]  ? remove_element.isra.4+0x1c0/0x1c0
[  390.623141]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  390.628682]  ? __lock_is_held+0xb5/0x140
[  390.632732]  bio_alloc_bioset+0x3a1/0x7f0
[  390.636866]  ? generic_make_request+0x1510/0x1510
[  390.641702]  ? bvec_alloc+0x2d0/0x2d0
[  390.645504]  ? check_same_owner+0x320/0x320
[  390.649822]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  390.654835]  ? guard_bio_eod+0x2b4/0x600
[  390.658881]  submit_bh_wbc+0x155/0x7c0
[  390.662757]  write_dirty_buffer+0xba/0x150
[  390.667003]  jbd2_log_do_checkpoint+0xbe6/0x1340
[  390.671759]  ? __jbd2_journal_remove_checkpoint+0x8c0/0x8c0
[  390.677465]  ? lock_downgrade+0x8e0/0x8e0
[  390.681613]  ? kasan_check_read+0x11/0x20
[  390.685766]  ? do_raw_spin_unlock+0x9e/0x2e0
[  390.690179]  ? kasan_check_write+0x14/0x20
[  390.694417]  ? do_raw_spin_lock+0xc1/0x200
[  390.698640]  jbd2_journal_flush+0x156/0x540
[  390.702951]  ext4_ioctl+0x241e/0x4210
[  390.706738]  ? _parse_integer+0x13b/0x190
[  390.710873]  ? ext4_ioctl_group_add+0x560/0x560
[  390.715526]  ? _parse_integer+0x190/0x190
[  390.719656]  ? graph_lock+0x170/0x170
[  390.723441]  ? lock_release+0xa10/0xa10
[  390.727398]  ? check_same_owner+0x320/0x320
[  390.731703]  ? find_held_lock+0x36/0x1c0
[  390.735779]  ? graph_lock+0x170/0x170
[  390.739571]  ? find_held_lock+0x36/0x1c0
[  390.743634]  ? lock_downgrade+0x8e0/0x8e0
[  390.747783]  ? kasan_check_read+0x11/0x20
[  390.751914]  ? rcu_is_watching+0x85/0x140
[  390.756051]  ? rcu_bh_force_quiescent_state+0x20/0x20
[  390.761232]  ? __fget+0x40c/0x650
[  390.764679]  ? match_held_lock+0x841/0x8b0
[  390.768908]  ? expand_files.part.8+0x9a0/0x9a0
[  390.773486]  ? kasan_check_write+0x14/0x20
[  390.777707]  ? __mutex_unlock_slowpath+0x180/0x8a0
[  390.782636]  ? wait_for_completion+0x870/0x870
[  390.787214]  ? ext4_ioctl_group_add+0x560/0x560
[  390.791879]  do_vfs_ioctl+0x1cf/0x16a0
[  390.795775]  ? ioctl_preallocate+0x2e0/0x2e0
[  390.800167]  ? fget_raw+0x20/0x20
[  390.803607]  ? __sb_end_write+0xac/0xe0
[  390.807569]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  390.813089]  ? fput+0x130/0x1a0
[  390.816362]  ? ksys_write+0x1a6/0x250
[  390.820149]  ? security_file_ioctl+0x94/0xc0
[  390.824544]  ksys_ioctl+0xa9/0xd0
[  390.827983]  __x64_sys_ioctl+0x73/0xb0
[  390.831858]  do_syscall_64+0x1b1/0x800
[  390.835730]  ? syscall_return_slowpath+0x5c0/0x5c0
[  390.840643]  ? syscall_return_slowpath+0x30f/0x5c0
[  390.845559]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  390.850908]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  390.855737]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  390.860922] RIP: 0033:0x455a09
[  390.864092] RSP: 002b:00007f5427f69c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  390.871782] RAX: ffffffffffffffda RBX: 00007f5427f6a6d4 RCX: 0000000000455a09
[  390.879043] RDX: 0000000020000080 RSI: 0000000040086607 RDI: 0000000000000013
[  390.886317] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  390.893568] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014
[  390.900831] R13: 00000000000001e0 R14: 00000000006f6da0 R15: 000000000000000d
2018/05/15 13:08:54 executing program 7 (fault-call:1 fault-nth:14):
r0 = syz_open_procfs(0x0, &(0x7f0000000140)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a")
ioctl$DRM_IOCTL_RES_CTX(r0, 0x40086607, &(0x7f0000000080)={0x0, &(0x7f0000000540)})

2018/05/15 13:08:54 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400000000000400000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:54 executing program 0:
r0 = syz_open_procfs(0x0, &(0x7f0000000140)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a")
ioctl$DRM_IOCTL_RES_CTX(r0, 0x4030582a, &(0x7f0000000080)={0x0, &(0x7f0000000540)})

[  390.930330] binder: 23380:23386 got reply transaction with no transaction stack
[  390.937927] binder: 23380:23386 transaction failed 29201/-71, size 0-0 line 2763
2018/05/15 13:08:54 executing program 4:
bpf$MAP_CREATE(0x7802000000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:54 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
syncfs(r0)
rmdir(&(0x7f00000000c0)='./file0\x00')
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)
getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r1, 0x84, 0x1e, &(0x7f0000000000), &(0x7f0000000080)=0x4)

[  391.034228] FAULT_INJECTION: forcing a failure.
[  391.034228] name failslab, interval 1, probability 0, space 0, times 0
[  391.045686] CPU: 0 PID: 23401 Comm: syz-executor7 Not tainted 4.17.0-rc5+ #51
[  391.052969] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  391.062323] Call Trace:
[  391.064922]  dump_stack+0x1b9/0x294
[  391.068564]  ? dump_stack_print_info.cold.2+0x52/0x52
[  391.073785]  should_fail.cold.4+0xa/0x1a
[  391.077856]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  391.082967]  ? kmem_cache_alloc+0x12e/0x760
[  391.087293]  ? mempool_alloc_slab+0x44/0x60
[  391.091612]  ? submit_bh_wbc+0x155/0x7c0
[  391.095660]  ? blk_exit_rl+0x80/0x80
[  391.099375]  ? find_held_lock+0x36/0x1c0
[  391.103433]  ? graph_lock+0x170/0x170
[  391.107222]  ? lock_downgrade+0x8e0/0x8e0
[  391.111361]  ? __lock_is_held+0xb5/0x140
[  391.115415]  __should_failslab+0x124/0x180
[  391.119640]  should_failslab+0x9/0x14
[  391.123425]  kmem_cache_alloc+0x47/0x760
[  391.127488]  ? rcu_note_context_switch+0x710/0x710
[  391.132416]  ? blk_get_request+0x40/0x40
[  391.136469]  ? mempool_free+0x370/0x370
[  391.140426]  mempool_alloc_slab+0x44/0x60
[  391.144572]  mempool_alloc+0x18b/0x490
[  391.148451]  ? remove_element.isra.4+0x1c0/0x1c0
[  391.153217]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  391.158747]  ? __lock_is_held+0xb5/0x140
[  391.162808]  bio_alloc_bioset+0x3a1/0x7f0
[  391.166947]  ? generic_make_request+0x1510/0x1510
[  391.171778]  ? bvec_alloc+0x2d0/0x2d0
[  391.175582]  ? check_same_owner+0x320/0x320
[  391.179910]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  391.184924]  ? guard_bio_eod+0x2b4/0x600
[  391.188979]  submit_bh_wbc+0x155/0x7c0
[  391.192867]  write_dirty_buffer+0xba/0x150
[  391.197088]  jbd2_log_do_checkpoint+0xbe6/0x1340
[  391.201848]  ? __jbd2_journal_remove_checkpoint+0x8c0/0x8c0
[  391.207557]  ? lock_downgrade+0x8e0/0x8e0
[  391.211700]  ? kasan_check_read+0x11/0x20
[  391.215847]  ? do_raw_spin_unlock+0x9e/0x2e0
[  391.220248]  ? kasan_check_write+0x14/0x20
[  391.224478]  ? do_raw_spin_lock+0xc1/0x200
[  391.228701]  jbd2_journal_flush+0x156/0x540
[  391.233013]  ext4_ioctl+0x241e/0x4210
[  391.236804]  ? _parse_integer+0x13b/0x190
[  391.240940]  ? ext4_ioctl_group_add+0x560/0x560
[  391.245592]  ? _parse_integer+0x190/0x190
[  391.249724]  ? graph_lock+0x170/0x170
[  391.253516]  ? lock_release+0xa10/0xa10
[  391.257500]  ? check_same_owner+0x320/0x320
[  391.261814]  ? find_held_lock+0x36/0x1c0
[  391.265873]  ? graph_lock+0x170/0x170
[  391.269660]  ? find_held_lock+0x36/0x1c0
[  391.273713]  ? lock_downgrade+0x8e0/0x8e0
[  391.277858]  ? kasan_check_read+0x11/0x20
[  391.282001]  ? rcu_is_watching+0x85/0x140
[  391.286144]  ? rcu_bh_force_quiescent_state+0x20/0x20
[  391.291332]  ? __fget+0x40c/0x650
[  391.294783]  ? match_held_lock+0x841/0x8b0
[  391.299018]  ? expand_files.part.8+0x9a0/0x9a0
[  391.303595]  ? kasan_check_write+0x14/0x20
[  391.307824]  ? __mutex_unlock_slowpath+0x180/0x8a0
[  391.312747]  ? wait_for_completion+0x870/0x870
[  391.317329]  ? ext4_ioctl_group_add+0x560/0x560
[  391.321992]  do_vfs_ioctl+0x1cf/0x16a0
[  391.325874]  ? ioctl_preallocate+0x2e0/0x2e0
[  391.330269]  ? fget_raw+0x20/0x20
[  391.333737]  ? __sb_end_write+0xac/0xe0
[  391.337711]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  391.343238]  ? fput+0x130/0x1a0
[  391.346502]  ? ksys_write+0x1a6/0x250
[  391.350292]  ? security_file_ioctl+0x94/0xc0
[  391.354687]  ksys_ioctl+0xa9/0xd0
[  391.358155]  __x64_sys_ioctl+0x73/0xb0
[  391.362051]  do_syscall_64+0x1b1/0x800
[  391.365934]  ? finish_task_switch+0x1ca/0x840
[  391.370435]  ? syscall_return_slowpath+0x5c0/0x5c0
[  391.375363]  ? syscall_return_slowpath+0x30f/0x5c0
[  391.380283]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  391.385636]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  391.390474]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  391.395650] RIP: 0033:0x455a09
[  391.398821] RSP: 002b:00007f5427f69c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  391.406513] RAX: ffffffffffffffda RBX: 00007f5427f6a6d4 RCX: 0000000000455a09
[  391.413773] RDX: 0000000020000080 RSI: 0000000040086607 RDI: 0000000000000013
[  391.421045] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  391.428308] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014
[  391.435562] R13: 00000000000001e0 R14: 00000000006f6da0 R15: 000000000000000e
2018/05/15 13:08:55 executing program 0:
r0 = syz_open_procfs(0x0, &(0x7f0000000140)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a")
ioctl$DRM_IOCTL_RES_CTX(r0, 0x5452, &(0x7f0000000080)={0x0, &(0x7f0000000540)})

2018/05/15 13:08:55 executing program 7 (fault-call:1 fault-nth:15):
r0 = syz_open_procfs(0x0, &(0x7f0000000140)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a")
ioctl$DRM_IOCTL_RES_CTX(r0, 0x40086607, &(0x7f0000000080)={0x0, &(0x7f0000000540)})

2018/05/15 13:08:55 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400000000000500000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:55 executing program 5:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
r2 = fcntl$getown(r0, 0x9)
tkill(r2, 0x1f)
r3 = semget$private(0x0, 0x3, 0x8713fc0f595ed970)
semctl$IPC_RMID(r3, 0x0, 0x0)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
ioctl$KDDISABIO(r0, 0x4b37)
vmsplice(r1, &(0x7f0000000280)=[{&(0x7f0000000180)='r', 0x1}], 0x1, 0x0)

2018/05/15 13:08:55 executing program 1:
r0 = socket$inet6_dccp(0xa, 0x6, 0x0)
getsockopt$inet_pktinfo(0xffffffffffffff9c, 0x0, 0x8, &(0x7f0000000000)={<r1=>0x0, @remote, @multicast1}, &(0x7f0000000080)=0xc)
r2 = syz_open_dev$amidi(&(0x7f0000004980)='/dev/amidi#\x00', 0x2, 0x20000)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000004e80)={{{@in, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}}, {{@in=@multicast1}, 0x0, @in=@remote}}, &(0x7f0000004f80)=0xe8)
getpeername$packet(0xffffffffffffffff, &(0x7f0000009c00)={0x0, 0x0, <r4=>0x0, 0x0, 0x0, 0x0, @link_local}, &(0x7f0000009c40)=0x14)
sendmmsg(r0, &(0x7f000000b500)=[{{&(0x7f0000000140)=@ll={0x11, 0x10, r1, 0x1, 0x4, 0x6, @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}}, 0x80, &(0x7f0000000900)=[{&(0x7f00000000c0)="e337d8873ca539deb6163d9049", 0xd}, {&(0x7f00000001c0)="545b1e4094dce154a44f4960f937f32d6d64d1250f22e9ffa42a72734f93b580091e9f7e098815d18024e81b9e5a0dcf549b198df8def52e698144391ec6cbc08e4a893d0c8604db97f292fa02c103bbef9b4f57a0499cd2ff", 0x59}, {&(0x7f0000000240)="05169c831307f6a2ad11f72b6d67c706063861cc26c28a4815126864969fab19c25b1fa1c564b866055c409515dead2dee36a48518e1ae57ccf95d89e6e9136803586c691747d98ba54475ea83535a293037a6052aef97bd2cc7cf63249fa4351dc1f97b3469a69d6b6fa6c5191853d0b8a642337bca5b57eed5989f263d9d141ba4f0f5e247eb9c454769aaf2030eafcc5b18dae3f8819c10dfc88d7f5d8ed7604ed9a6976f9b0ad38b73c2d6405924479459f92b2cea32fd855840a2be0540eb5c2f7cd788db33b3c02318e4a955ab9938f519389f9b361d3e577ac6d32a3a", 0xe0}, {&(0x7f0000000340)="2076dd38e036294dc86ee50dd115da6d67f4c28611d7456dc1127cf4b739c0cd058ec9b7754400597be87fad03e68d2607de728bddc18718ff9953663051d5d7d6063ec34ea82769a7b264d501eed7bed14c879137821fa8c56e4f313354fb6a2a4503c0ed6d927f40a43a492c60124e51c21cb29af3b6acd03f5bd3943233775f28f107ce690e94aa77f6af771c91121b6ff7dc0b949a429394cf4da5330146a6fbadca1db4135d1a9a5d6287", 0xad}, {&(0x7f0000000400)="1dfa3d414e7dda326dac7abfbe8dbfeb7e65785b47df5bbb873d62c71a38bb5fc57191edb5139da11e1825e49591301b3f10ad6da399efceaa7ae2fcedff05623dd28347aa652af0210fe9f638850ef7dc593de89487816ce1f11ac11a1c42f59ade0c84c170b9bd66f2024c9c230ea6238bc0481da4516b224f16b6cb3e1732f7c032fc2e899a5322427a8caa20763521dc88e8902b5bcb0f2ed019774e4bef2fe5a65bdadcdca0065ed61ce61a3a0c9d8a91dad11b748ea5aca00541c32d57bc6ee5349e0f450ddb1b12a4d2293176aed165c912544805aed83ea622da9b6a954486ea7b4fe37b76f84117a2", 0xed}, {&(0x7f0000000500)="78b0b4e1d3b04310f0dad8a8737d7a9369a6ccbfdd5b21eaae70e6018471ca8b7a598712841ada221ea8582fcd19e8bef691838f67f2040c23", 0x39}, {&(0x7f0000000540)="61016c50557c5940a5fb93527f0d47e4323e37664ad65e728b78c8fb88c4664aa01f9a021ba95232b5ca3246ab7259cb02ed05e751690fb73c3569309760346e717850f17d91cf41757c1fcb43443128c943a6c06ba3ff1cb7ed3350a1d7c463f1d4bc0c2974627398bbd8613c5a763b2624e255baaf2a3a142783c7499a2289f5a343b201f910a6c2de3c100629697443e3edfbf4a873924c18eba861e250b72895bc7a84fb5c4a389da9e2109e88c49ac0a7b9b7577e8d44f0a7d4dc6104472ba4d674af72409b82493824764c23295d171890a0f84afd3b720a3262b8b54927daa6d175fe93ebcf7fca", 0xeb}, {&(0x7f0000000640)="69ee15214ab0d1dcd9cc1ca3c41f0e90cfefe8b303624c1c3556b97496365c13a0ce02e2117889e16897c838820628edc1a0dcb37fe36b67917c5a1f56967c0ee5df01a802a7bcef38a4907403480d79181ed38bc17ac5d2d0ce87128415c5eb1f9d97368bb00b504202612e2b8fbd6c625d570d5fd4d6dcaab3ad895a86221e4c51a660dfd3c16e6747e5bb422102525d6a60325fa9f04d96086822a8ae05332a8b3d4b10bf86a79cd71d2a844ef5ce6c1c6b", 0xb3}, {&(0x7f0000000700)="06fca1173434da6abd3d148431666ef4d3d3ad7bbc8f476626433633e0035045e01eeed8330675d51b029feb90d461a3f32264df57e6f65d2614c47dabf9454331539c3e83dcd70c8e7ec10865564e689dd428316c791f6e8f0fd68f8500b9f474e2488bab31e5b61968133fa72e8fd6ddfdb6b179dca3f0e619d78a990f1a84dab201911c789be8c51718c79a494f31f977d40d5d3c377a78802a7fcce08519cd333649c0b6148edd6b2c22714ea0a5a938bb64535eef058921e8760bff98a2db0587a983a85cc27d0ecab3478f9644c51fac3b1c3f2552560ee78597f1c6fb", 0xe0}, {&(0x7f0000000800)="6bc09afcafed89cc74ab296c4e3746fb5a5c4d459e8cd946656899fdb59b013d1776dd4d99494f923aff95e6ae67a0719fa134eb210eba5f14d8e7233b2b01fd480fef544b1fc8639eac6e0728339b9ace1913472df99c659cc2758578a555f51b74851ac4326d2c3e2df1efdc333e25fc10d0cff4c3b4ef6111c08eeb0be322cf857ca417c8509fad5f5320c061ad2b39c618ef218c8af5ca1887d3d2654a8d6ff64cfc26dc155d66fbb4f62632147bab4c8e57eba61b28d0ce10c123f5026f7668f92dbb01432bea1895ed2a36ebaa0d0265647b349c6e3a1b0a245103f1c56e121dc8f525629cc2b779ed11112c", 0xef}], 0xa, &(0x7f00000009c0)=[{0x80, 0x111, 0x9, "90fb0f7aaf2db029953b95bbce65f4c68740f46eb7d1270f510e00f7fa02e5937fb42ec9fc19cb28e460c9b351c56503ffd08966a752801ad70c782906bbf59857a245833d7d1c534fbe45a830d9ac667f47030eec6f648ff4aa976c221ac0080da066d123e831d78236"}, {0xa8, 0x84, 0x4, "382cfd91f392b09e13283b995a99b2cfe330e03d3045ab3ab201c97392782f82bedf909e8b15c30b3d0c86d28e63a465a1809c046dcc8ec53d8f29e15aece976c688ae6dc7dc43594df0d9da11f5f9395886b1b92e2866637925dc3035245f2ac0c92ba0e2e1189c4a111abb70194fe29e183335b8334b1a949db0aee24999fa2f00a777e8eec1b9db3f3a265bc69372ecc32d4f8998"}], 0x128, 0x40}, 0xb94c}, {{&(0x7f0000000b00)=@ipx={0x4, 0x3, 0x5, "0d5ac1a2ed1a", 0x6}, 0x80, &(0x7f0000000d40)=[{&(0x7f0000000b80)="2456e12059d802b87d1f86d46652d53a3c70039873656b2efc03c334cef638d16f3c28ede70b", 0x26}, {&(0x7f0000000bc0)="b8389274109cb6185f44574542e5fd5830fe8ca498203896c6e9755cd8adcc7d457f1c20c2ca2264392925b65c977544746e402bfaeda5633b2e4147197055d081711b66b9f51116a15bb6b35a83bb27a08de060e3d3a0ab3341958bd7013c4fb617b5f98761a22cec56e0648eccbba323f3e1a176c77a2f07cb00d12d787d82c18afe1d2a186986eef1c3106a0de299b01d87f8e1eceabe790f90dab18fca52f94ea855d8a48a67c835b51cff45bd6f9dc4e4149dce38a535da52edc686676e79dde183b3c0194bd1432cd6d52f7867ec343c21cefa3927127aaed243466baff07f4c409a394d9d422f", 0xea}, {&(0x7f0000000cc0)="234a9e70ca9be87bf9c8ef97f1b55e14a99f22d94e6ec0ee97b961083bff373767963952144e742730df01aadfe6844bb4fa", 0x32}, {&(0x7f0000000d00)="67810d8c9b93231d2a459ea325d5c797a629dfe6d4148f886839f9ae1c03eaf55e4c7bb955", 0x25}], 0x4, &(0x7f0000000d80)=[{0x88, 0x0, 0x4, "23d02f610feacebe7c20a3b9c246f320b6953877cc05ee61b341e1fb5cfbe96d26384da6d686323255ec17769cbbc94c96b5a37fb49e03138aa07ecfb55d58bbb2063538cf2be1dd19672046cf499e8025c6e19336ee73bd4cdcb3f67b322ccfc0c6dc6d9367ce6cc2b41e2ce287f42a36"}, {0xa0, 0x104, 0x0, "464c38219da24445fdd89d4980f6a257979f5a194ace4dd86bdf14f5972bca90705c79a16824cb67d537e9fb808cc8766223f11559b95ca157380215f3b849d0016dcd7163e67c65df12bc9373efdf6340591b7460791b2b356dd8e76b86f3df0d56e8d10e2de7a96bfeba48740b65f77c288d44b72dfd4639a94eccf86bd16d138832e7f922804ab08dd219"}, {0xc0, 0x10c, 0x9, "b5453ffdc5022d02d466e69fc09f231e4239d097049cb44b299dbaa829792eec42581070f8ea6b5c7ba2740e12ff3dbbd7e19d6d5a023e41cbe8983f0a2dda2ccd6dee2de1428338cf1b7aca8b703f0e0526c467d799a7fee1678bf7b781e2e676bf64cf3694bac3a319adf89d2a171d181c7e05dcbdafdfb6fc0204c4cef9ab9bbf6e5e665f8b3b44060c647a380b36d2c72ec4569e8e0428057b203baf73ef117aa30b609fb13136a8"}, {0xa0, 0x0, 0x300, "dd38f046a60f5769dc474f44693025f85d8dd6a0c5b492b9c108a89d9be9266e94ea61195936257806d8515a6e82e3b89cfc77ef3e88411a9858e09fa8f70e2841408257807b0c36618056b910170311960e190e5be84ecbc056f41edc761fff70e11487201be055e607a52ccfd563ba22c6f9e9cdc38f6fc11f58cc292c24008053a4562abe78f9075e8a3790369f"}, {0x60, 0x101, 0x9, "ab5b2e7cd9fc9fbea4db89ddc1beab27d4477cf2c955394de8e0ddc486e025a71a341c95ea0268e9a7db1ab668c1eac1cdc098d11c08ef47505d85b15f5d7f8000e1d38e9a404378f25b8bd55503fb5d"}, {0x80, 0x84, 0x9, "b81e80ad4c0a7039cc7f0d0bdacd616650628b4fb049ca09e17b2f8819a39363c4d2ec5b8f8a79e9938a6709c241dd8478f75d53edd20cd6f57506c93b642c162caac9939f1a6efc1cc144b9ccb41c894066a0ac332ff1113d41ff30113e35f9cb2781e8d9a7c567d31eef"}, {0xe0, 0x0, 0x6449, "0f4a12e4f7e6dc6807662d72c827f4358dd53ad31d0396d15fe149eb1db4784c561262d672cd79be76c33d46abe100800a8140c47130cc2152c9e42132d32605f19b2c42db2aa1930ac1289e60e2ca6a0d1714f765098476869a86ed000f11ea72448d8ed56ec564495028c967ffa698ae5e062b1f47311239f6c5bc8d38ab4d6ecf016fddc37c480dd55560c6420a62f7dccdd5b6df11ccd34416382f2ff1e6f9304e439f95900480fd5a287ac867e2265f810b46c8824a5fc7d7b029883614a802e8cd684e7d228a855cd78bf809de"}], 0x448, 0x20000000}, 0x1}, {{0x0, 0x0, &(0x7f0000001600)=[{&(0x7f0000001200)="054312097f77bfcda5597ee552320822c03fc2092fdf37b18f0e4a2e7b9fda7eeac520f60ad10344e7874d7baac3ad04560372e8be6bf9708178e248f5c13e8ca678a0784fa30fb9f3701a7a8610e8236384759517f54e218b17b34fd03ff1d074a82c37ba902284515b7f4ada7d3a18afe289c845e268bb2cb3bd3e28b325a27e856787f639e27bcf1a2c036e444a29f6ae1f68de149f698e0e29131b8e08c822d0c589dd29e5fd1d201d194364ece6f238dee3077ceba9fe0e9c6758d1eb96130ced1651dfeaa6220f03", 0xcb}, {&(0x7f0000001300)="aa97cbf75dd64926038f1b51ac893c6b1e37661c133b95287af77c89fb8d19dfd01027352fa98917e8379d2811e041d8ad60db60d3e9c921449c417270523421729c55180fb34cd6fe84caa872bae535b5bd57d20909ccebab0fbfca32a1adf34e8c360d753e0a8a94380d062965d1f4a22000f1280f48de3372c2abe5a5f974a08bd12bc0e69d9411e8c985a78da3baedb09456937686d259f57e32c94dac1af8c1daa91b6e930ad8804c44f6657d424c1a7c82ef0359d88ff44cb2138f26458fe0976aa57a9d14cc74b699d2b1fd63508d3546aa266bbef07675db5b88e789decc4f7403d146945e6aaa6f4eec3e6b0d", 0xf1}, {&(0x7f0000001400)="19c55ee4d5a3a92e8428b02f7219", 0xe}, {&(0x7f0000001440)="f7f5d6572369f3e20c2c947a4f8c3084cb066fc1bc6a901df1bf71ed86bb4700cd1cb9d4448680229bd12ca052d695ccb46ddbf7f8e7eaa77aec8d284ead02c1a2a2dd4cc1fe1272f752811e086589d58447019945074dc76a3e03bf653310e6d29a70ecf24a2c1b0593b5ec0cba253d5f96ac53b28c7d057555a6875c79fef88cea31eee6036dcf2975", 0x8a}, {&(0x7f0000001500)="141c6b91153eca661454df8d22048de0d5c30f70d4189ca665090a848c7cf8c84cf576ac9fca1278650e1c68d491711040ef51707ff4d8c2c5d10075c5955b85e8841b86100b1dc94024856726b44c370d4b73f1babc3f3e610c11028d8faa58277aaf40f7a13b8bd7b7e2bc05ef98c7bca625f8f1a28ea3c73d5ed5e14267d8e298bb780f5f7dcc9106e4c2fc383002be99b62633ea6f4ed55cd31f2c1ad28c7c8e846ad193a696fd2a849e43b8ea70043fbc87049350e374e390e8b61654e5fa3a4416cd8fb92e2baba43481fb1a73c89f3080335b91279cd4229f74f37b6edd9d992df90e309866e9c7b61693ac94bc1de15a6d0920c33c", 0xf9}], 0x5, &(0x7f0000001680)=[{0x88, 0x113, 0x1, "b352338345e0407caa6f6cb17283a0c88ba065991f8800dce9c395931be27adee5875174c9d5b72e29eb17d92b8421ded49c0d9d1b2392396265b260f043998f3cb7f63894ab5b6a8ed02573564747f6a9b2db28ed0a0eb3570725bee0c98430421297568b44cbda3cc550e855585c663446645704"}, {0x108, 0x10e, 0x101, "fc6632bc8911e87168ad68c330261d89fc929805bc7e94ad3693524ccffdd15a562e3e4cd2af7ab4025c6b49ddf96da2d93bf467d4f4ec30f7567d4d4dd54d637726861e1115106646c6fff4c43b0ca4e7dd971e8db16115756afff924fb87a21d4d922df2145ee5e1012a259d6749b2e2741fe70c63884333ff6b51ea96c8490118ab2691a592a57fe42c377ef701a8c1745145f53c32c29ab2d4f586f7caa262d0a7b26189c6039b4ff6a679ed7cebcad7d27e8fcf696c1a36a63c178b1bcd3287298ba3917839c0bfdfb1597c2dca7d23ba6308be20a963a3ed91046b86115dbe06bbb60f0f9c932dca342fb5e221d6a81ba2"}, {0xf0, 0x10f, 0x1, "9a5480c0d8b8247aadcb6448a39bc1b7c23832324ea744f75031844a40313b533db61d6ce332e1e544dec63d89b91198b73a504e5f3f250d29d61a89d59aa92eb0f2d723d9e384f8b4fda2463f78db063f63e5f3f357773f285ebb6cd49b8a7178e37ce08aea91183403b62057e6f6f1f2a9664c1e2e31725d90af8f6ffbf049df9ea485501c73b3383e27d9ef29192c76fc3c0e47bbe68a791f714e4c87bad7ed20f57977384d3563510575b9535cc9ffa5ca51d57c427279ed90d372fbac8431c09a34a6621601d753889784943b916e725331bae70eb8f57c341024f2e1"}, {0x28, 0x10a, 0x5, "d0546014a53411b2c2572543b6ecf95f29c0e616a993c7a9"}, {0xd0, 0x10d, 0x5, "63e54cb6d3f80aed3770a452111b8a2d0dbba8e132d878adfaccde8db936151dc487cb9136daed2f65a4287b968ae80a03bf8fc2bafc23300dc6951a3a7cea5d122c73e63ccfef9208f7fed64450600b8c214a2f33754139fbecf6dc64c025a7ec8ee18a5d971c097da0fa743720246b80d3b3f1b13c24303f7b16c7d3318ddea66ea9fd12d52b3d467298728014ca30868cfd2752a13fb2940d511fae02ad8a6ee4ad5bf16e986e0baea7db8daeb7355d7500fd5c70a95b2d98de"}, {0xd0, 0x11f, 0x3ff, "e996156c293d1e5fcd96543d9403f8c35f66f3e52dfa2c12cdb4566ef59c3c760ad57cedc6db57df4797e25975b8af0ab9884856cf3ad393955e9e7ca6acb3e2ff602256f87a71678305803378db011c8cd2da69df6738d5acb0fc3310028bff361dd903aec9f352a39498f4ea1cb338172ab8b33f327472e491a43fd2e9de57dede05a525a62097541b694413c9cfb6fabefd2b70d4c4e6f0eb37796c2d3b9d215b10562b36ce13c5b1d4d327ea832c551d650331bd5d6c034af45f"}, {0x58, 0xff, 0x0, "43a640861e156a4c7cf778c8c7d3cdcb760259e1a2988800a997ed2a0b45dab848e562e77bebeb38916ca5e2bbec7dcde6f34d6353c179b60de12dbbd44c2efaf30d6ebd"}], 0x4a0, 0x814}, 0x8a4d}, {{&(0x7f0000001b40)=@nfc={0x27, 0x0, 0x2, 0x2}, 0x80, &(0x7f0000001d00)=[{&(0x7f0000001bc0)="c34039cef23b94aa3b11968724c78d2b4c2b0236e6a2accf40198f5f16db5316f8013875de8fff06a21573f287a995e92b44c7569eef8b2bb6c960a333544ac5ca4eed2e63c36e27635556f0192ed2a0317653799956dc08398dbac1234b7c24428e99688b715df48f5f08a1b5b71be1d284ec0be7", 0x75}, {&(0x7f0000001c40)="f7bf699832464bbaf4d33678d5def7c705eeb3e03a7750651ab63e2869c3c1801768277a022516a816d1d73e6d906c16801396d38e15134090cd578454e81dfcffeb4492dc8f8e646569bc94169a276515e0016c651ce56070b29111628e9f6f7e23177da2cfd7408a3f6f0c6142f52c0cc838ac0432e1119d2efacc55e0922a7feab7ada15dcbc2f9b657744ef704d638216513ad250b4ba1237b769644f239f01be56cc41f0377498990c8a1c1debfd2ad61bda92c", 0xb6}], 0x2, 0x0, 0x0, 0x40000}, 0x7}, {{&(0x7f00000049c0)=@pppol2tpv3={0x18, 0x1, {0x0, r2, {0x2, 0x4e20, @loopback=0x7f000001}, 0x4, 0x0, 0x3, 0x2}}, 0x80, &(0x7f0000004d40)=[{&(0x7f0000004a40)="683b2ac6b5d5934f9f12b68e17954320eb0b73c81777fe30ab2c2d6a9ad305928639d24d4e56c26e7f5e0816f6c19f22ac082cd8cc5a45295e7559e6e063ba29af4cbb9a08e1fe995e9cb747", 0x4c}, {&(0x7f0000004ac0)="621411d92c3e7e392d3dd6115977446415d0bbd2cc416a210648492ec8d87b620264e04668c7a947ccab413318e031328070987dcefd", 0x36}, {&(0x7f0000004b00)="9cc654e58f95d4152def9d65dec755cdd39336f485b82bb0b3c5603d2a8bf638203cc1ed267dbddac321e2027cf66d021b2a12a0ffec7b038dbbfd4ca42c085fcffe7f96143fffdb9dea0df8acc0f077c1f929cbbaf398e78cbe78406ef163cf8a986727b0158e3f07d571a593cba41d909d73c69dc03bd56a0edfa4c3558255044ac5", 0x83}, {&(0x7f0000004bc0)}, {&(0x7f0000004c00)="4ff1b7146e29dda7ef4ce4b5b9c9f5b6815805a003749a43199c14d9c1fe04a8076472a9064c6920dd6cd6af0f2b609b4baabd1eabf3706ba8", 0x39}, {&(0x7f0000004c40)="8ec3df157bf7fde28fc52dbd066efde4f9ce4f495868c501848ffc44bb2108057e6050c883a6a60bfcc79a05ed6f53e859e75cc2a5d043948e603120744ba4986e3bea705580298446d09f33102fa8a811f5080a0c6b5920288e80c43419edd70a7f7e1581cd71918532ea8c499f6535d4fd9a35ec1e8ec111af9e734975f89a9807f11e16705558bc562cb1645e9f3fc9d5315b7bb3e5578dc3b7f26fbc1f8a32b6f534bfbb9bfaa8eaa746fbc43d62c6e4ad15f9202203ae529ea35f259a47711c7a4aaf07488bfc414b7ff22c8ad594b6d1ad", 0xd4}], 0x6, 0x0, 0x0, 0x80}}, {{&(0x7f0000004fc0)=@ll={0x11, 0x17, r3, 0x1, 0x39, 0x6, @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xf}}, 0x80, &(0x7f0000006180)=[{&(0x7f0000005040)="0b95172e6ab3b400148459283b44661db98be2939abd9cf6b05c67de9c88b10df75814bbba52b432accbea9c88382d45cf14e95cafded24661fe538444f2ef9dbb38fd7ab974020dc721cad310aad8d1026ba8140fc80645c93c0e416e7f6afa55cdfffd6157c3e864f6c27a979d2c63517355ad4fe7af639dd61598ef836f08797648ba162139ceb0e8225097e0edd68b54af340125f324586b0670a9a282bd6c8b0cc0434f567eb76e20e57280fb37d3769d7f1c01ff50ec626af0bd4205062b", 0xc1}, {&(0x7f0000005140)="a57a4face87008f64e3cc246", 0xc}, {&(0x7f0000005180)="6e53dfc12a0a6ca8f5d189944bfabbad40f927466b70432824962074dc95d1a7f511518c296cc83375451588e28dbb09e046e7d5a4a9183eab9acb4e9e54fc8561186d33b4787401d1bea919f259d4479733d2df7e7256bfa512e837a128b582929c2d58cf2b7530b074f200fbe134913835c7c8868ee272c1999e2f02109b912ca3a6648d03c6ecdd9dc2d0f2399dffc0711611f3c2d594129576066f03faf79988210667d524382d7a6921a299f4fe5661c501374197c05f7be5db8311cf3999ea935eae8f74b8203da2791c27be76bf65dedcaa36e82d637771cacacb113d30bf25ad1a5ad6fccdefed5604052d215fbf3de551d5fdea214e897e7e53b4a59e92819d15e7b4d98f1f66a3957f9c0451d2b27e01f4e09e0371846eebd9be72a0b0b547d09d26385de451bb6e848078eef1d68feeef5075496e66388c91df5aad406b811d16c593885aa214d99a9648055344f808482e46afc81f96dcf3d9ddf81da51956eca454f78d3005c8db2c6204932d32f9518c2c0631810e1671f6d65a7d3bfd1a27784168a5291487c41c30a85a0d59188e174a4605d8073710f329e2530cd4aeea7332fbf131feb77dfb530b554373ba9981ef23ca02a14ee86809e8b211a3d47ea39513e4c0d8cb21cd073714a40861bc579683f34d4c51ee29291ed474a7e3ef00253ba4e5f134c420de3d2e217d7002bfcdbf47868b836857a1770c0f2594b573d4ffb93d0ced86cc2aed58a8a3d7e3989cfbdfb646906b0af1b386d4d772254c4ba4741a27f1a8464a7f60f3059e4f5595584257d2b6a657f7166e0ed78f3edbb2df392ca83d92bc286652bbbb2d0586ce89d797645ab13b049ce4156f0275f12417385c6b9197a11ad61f6310899a14c9eb18020c9b99832274561f569ec18501721bb9639bd27bd71d4152e0a7326524dc34f3c868844a7d49158ec2d18c8fe909ef1fcb600c588a5cb4338b4604aa1845e428d3276dff8def38ad129f30c9326416cbfd838279a03eb07b9731b6f0652eb213c3e966b2f9abdd78320b28a9343346c44085efedea9b34e6686ab88412bab2aa55f42fbbba675e358852953bed47286829247866ae023c0d47662b75d24fe594c11ebdbf661581b757324b9cb8d99d58d36d4fe1ca5692637e0e5b53afc2163ee4f203e67709a50d0d60744c228546995bd8e4c8b6b7535360ad8c28fd0169b8aafbf1375bbae8efd0a3e1df16eeef7a2ce4f6b58dd74e631663e213f5959ba74845500a41ca8c6734aeb0d272ae3dd371911b1271144ae50e46ef37ce70d85345f57a2c281889c36ff66dc5ee7e7e48cc63ffcc4fd08e0d960b00d23eb12986fbbf3ae950a801cd8a77eb59a2a676e9f0af53d004201c6aa6632b5dcf64e524e16f7a59d41e7aad95beaaf8590a58c69b8705975a54b93790c02273ef3a0c4dfc517818cf3ea7099453ddeb8003ecb162d2ef82c70faad2ef21d4855fb74acab7118c814f6113e0e1c609c089b710bd60e2ebc5f77aba8919148ae21fac27eaaac19779009ecb39466e0f808e54a70773a812e224a52b227e101f420b6a0bd11dc42f863fc3c678e716206028b63e75a630c71c24b3638bc6b33b7edbf5a5360b98efe86813ac26d53cb02eb86ab0c399f18b9a8aa2bd91058303452bb4050f8a17e91329df2222744c22a217089c8090d8b1a2927ad344f0757d3c4fc515e3a27d9e046834e5fe100cfc24ea770e9417936054c0700b1257248cb444baa982848a3276445b40730968e92dcfeb1d48bfb3ea527616705a55c824ced48dfd212f1fd182e070e27b091d500b7cdf59d8ae08a903758471324f99fdf630642cbfd8d0d27c72ffbdbc7120eb07e97582484d3a8b2dc0ffdcab1198b66eef3bcad3a6c694e470d5f2ed9441bdbe166571686f9aaf8215358434a4fff3213b40fffcfba364cc4983dab375134c0c8934d335f6952add887cd00edf138bf3b00e4bff9363f02d32a66bbbbe124ff357794e78a45a7ab93efa772b35308f60f0cea894b59cd802a42fafcbf27ad026ca724e61e76ee09fca7d3382cf01751fa380c0467c820f0c5d7b6aa3e7d255932a3e3f42c799332cdbb797fc61f31ff2ba861e56da689da21e4cd740c008f7fe62818e1b14a09da38a8f414eb9f89fb79da83e633d3ae0126affd9e050c38d124d52d5ca842eeb21526f7e798609f08fbda5655497e8f2faab7652fbaa3bf3a09da64e1d6e2ca0d79d8f6a63209c7dbb6bce9a63b7c793604b3aad7269bc9010794802655bab5def38290c83adb7b4adf822b36db9e7b27fc0bd3e198781ea732527f261cfeb262bdbf455cad54a99acc4d4ff8a478317793f9c5cb2d4e8d314aac1ccabe27f28e7a7ed2f85cf48f56fa07f63f93a3cd47a570934bd9944b11eb497d61c3dc77efca8cf512edc11bcdc90d6446b2517f5206391f61a98ef629ed6e1f56777439e34c0c006315723503088cf754bdab6819c4087dd6c381121d85c6a49b74765022744dcddddc4c34e22b368911833fdb3c683acb1b59bdc9bb6bf3a29cf3cefdc738c3d44ca56cdffdcd86335784823325455386d8e85832eda06cb3a7ce8f83cb26ab788aa2037ef385a4629d2a8a0a2e432de0274cc09c94da689175917a21a0977bc95023a8e8a649d766931842d2e3e5f1ba516a0fec3318c52fb617563eb280432f08eb285771bd851e7ca31a268982b99b1c6eac0518322461d4cc4d3b0d7791b486e4b8b57c35074947372766399bd9adac4c68d070bd511e7d293eabee9afdb3dd9bd8c65ec5fb394d2bfa294c87f8382c742291e4610630c3a0050f57d9c339fd52d24e313ad22e189cb6871d1da2c7cc543a717a8a9d64719a5546fbf96b7b2129dc87112a704fffe541f68a657f4a7cf5894e9189501c97987139d7d43b62f81b711fb3e378080a5514bfc3aeef6e12c9dab60291b18a5fd117b4f0e0bec34cf82a575e961252214e5859b5bfe42f749b2173652b9e9613d7345442c74732dbc6d6cc167f5e5ed5593f7b48409519ce6c5c8a1d8b77241ed60704e80addd942b20908d81d7f1a69349685d969e562d9ac9a52515c1266f55f6d27a062796fdd263677cbd51bcaad5145834fc12268eb22adb9bd00b52daf01fcf669cc3ca1d877c7b3bff2e887ea0ba45697ea6edf4c55ba8008b13511564bde5cd70bcd44d5711dbd6e21b0fee54bd17ca341af9e674be01398dd479cdc408f45019be09b14c0d3817b7270ccf82557acfc7c9cb754c564fe625aa7d213cc6d21c1076a92384e1157079efd96cee907c33000e3ad1c8711aafd2202ce7f8e9ef7fbcfaf427394feddbe9f8906380b493179095e8596de0a47dd153aadd697ae7ade037db1fbb0c003ae9ba4b01943b260cc8d92629c898082380a11fb42945706b40c24d1cf2b3c4a5793bedeb8a1093c5a4b91b6c19ae4e6b944d116e8f8b861ac84d27004ed2b9dd805bebf917f699b6ade52a0ac9dc2db422476915c1772e61abb8a828c840b540394775845f1d4d0ec5b768e0bd863fadc85129e9f404a66e6db0977ca74ad3c3d8ddfa1b4707267ef9096e9b3718635ef828385cb3276eef43506368310015c58a0269ec403a6c8d0db398ce78d91444ecc80edf636c14637ea207a533d9bc3b45d93e4fe1de5b9a9c94f87065ad005c81ddfc136d3e85fad034ae0fffed542d5cf401b5b2605bc059e977b96be0669584c040aa09d52353ae4748fbf73552b624d652a93189e38e04d5dfab784ff519cfeb84c488a8d9a4507e09a7e1da94465a0122c4057541aa5937a379b99e14eec092e1eafc0660a1d090eeeaeebe2337ccb96f26541426e1180a4570b365080c9769bd296c5d3bc52b2112e777359d94aa0834bfa9b92bb36afd558eee91e18df7ac8962e4cf6ccebba34b93004e13c184baf8bc325c623c0cc4de31454d70e885ff4c501219812ca58f0640fe9f9420b0b4d30d710b5b6b0269de15920d9ce6d1dcdc590b0fa10950d7d1204af31514727446af9aa9d5930a6c97cc00dbd9474f97eea30dc7accb5771e150824183e37791cc50d18509b915ca1b23cd0127e101d6c2c5bea6b0747e639ac3c7a4f71dbd918fc20083a4eb1c7abd9551461c7860a2f78f6f03a6f404adf8638d8dc06f09a858735405dbd9b28a50d218fb89676686e81baef5f4fea54e5fdcc9a679fde751f6619e8f1df037b9ea5bcb933bf58b7796d9a03bc20618f42a007db3a0f1c6e36b52649369039f514adb7f7f591e36c9bc5e0419246c75b8194841b3365bc9e597137377941087d70f65424ebaa80e95298748b9762a8a34c42d03fe2bf14371f86347abd02f11d099d01c2c54b7681aca9485a06d0724aa92a755484ed52e46613b76581d66c0b8b78ea68aa1dd669c5d3bb340174344a1e93e17d39fb22449b235ab3345a5d5c60c1969e5a07c0cb0ee80783f754c0978324c23e3c6b1e36ac302002a34bd281732129ddce8e3e6cc70f32f14e7238d2320f06e0e8262519ff1d86dca9e4388fd1e5e118de9414d05bcc5b2daffac0e619a4fc06d28e65b683c9b7b09b64ee71c08cbbd303cfebd27fcff37c2e2cc3880b4e2911d4960cbde20c86383cac7dbf7a0a25073cd6fdc4ba7f4fa3e37ba82a9f92cb514c5b31f598ec2d345c47ea41932d2e656a1f7eeaacf9319d41865a176c1fe23668686617dbc7d9c6f9a8f35cfa578930b0ac25b019a65c08271fb5024b71006bac1febf9cd9744eb053d8047938813837d64681b7a9450be327d9090c4cb7ddba4b25975f599098167d230723d32e8b87bb25b1719ac54e2d60eb34dc060bb9fd065131dfbe5f8bd4aa77b6e88dc55abfca978ec0c3ce12a1338495f9377c06b2f05b582d7b0b9c04a7f19025f020cc4756d1f94043fe9f1a96f6b4694ea0a0957060d31a558d4bbb94157629846850e74e2abd1d2efb422c7e35b281dfcf6fb44df98f4deafc82dcadff47f5150628ae95a902c36d8fcc0977cf75d45b2d2f10e3d61735befcf9d618ea45d27c11273f7b2c3907743cb7c84369cc03f6fb7860538949e40c6e2337c5501f8bd18c915f5b12fdf8565cb85f75b3835fd0222b33fdd1a5c653fff82a86114d9aff378f5fd8f7c87bfbdd8d731cc9901dc27a346e939f2b18ca1cbda0f3aeb119718f06986259bbc0e6a2490e400758cc50d72db679ff96aad4e1701f5c72bbceac23370db46e6cfb7443fff8dbce22488fe30da895f8ddeffb3a273008f43d4c88dd06a78f57f8b6682f4bb348eb93796307f36cf97a1bab75ee31e5c06cbcc183b78541117c11c19acecdc0079e8da876a84c17993294801f2e2576e9a64ce5947cac589834c5004019116aff3b2367e68315ab10e749f49cdb5a6b4c00cc93336dbb195230dbd3fa70d6f982264bdf223c7e5026d79476a3ef466e172a86d4ceb42bb55e11b145e344310604fdd0d36e63aadac026f01ec1b9e0832651aa23022095f8a2da1d4dba4d3d2fe508ba46c7b44b5512f750563ece2352f1c1e3c2efa8d1d666814afbace3f1d5059424731795f58d1ec4d6773d8311e49d75d7fe44e3e33879d400300f9564e11aac9672deb2ddf80c740b456fc2f353d1e0485bc9c81ae4ee16af8635061d4e0a12018a04669752cd27b652460045c8d6500e66a8ef8faf91abecb571c41b92d0f548c3cd3cb58c92425bcf2026a27738bd861b6ed06716ae27f2584e32d059fb7ea083619a2f9cb4f061410bdc1eb85b90601388b2ca6b7c09278cf23bf5f161016a1b33d3022b7a254b3161452b6a0ef950cf", 0x1000}], 0x3, &(0x7f00000061c0)=[{0xb8, 0x105, 0x7, "c9ac65a43e6879afee5f9b426620df064bf3e5da96113f84c2e95dad8dc358529b260650323078cfba0fdb49b42455192adb3657eff4c7814cffc493f59766bbbdc4d9be6809255faf66576ad01ab6252420f600a8f5519f1cbd2dd3f6e2879721d5a7207016e10a1f9a532f08c0ebf2674795aa6e11b6f0d4f00623fd35101d61fd0bd6fe36ae831a2e7aa3f2a711fdbb2b73190afefaab88e79df4900f86d02f1d5f"}, {0xf8, 0x0, 0x3f, "78048bc3f5e7054a6afafe3ecf12201f7e465b0616fe7b79fc0f8c17ed937662d94d39cb29616842bef4aca6c971578f67a4ee0ac41b7c1ec4e597b59d7a2421b55d1ec2edd2b91414a88be6e5ff2e0632089ca2c677948abdff0f6314f1975c056befae40e2509601ad74eea0b553d0201b29b3d968ef422227cdb6853808f810581f2e59730c4b82a9ab8d0a4c20aea77c6509fd72d63f1a9e16c3a2b4d964ae914191938eea1e673610f44a9b9cd61eb3f6f88e5aaa83b5788f3a7ee7b47909d84244d8c8b669b9bb276c55a16d37a5f4adad0e4af6c424ad412b2ed5465027d100"}, {0x28, 0x119, 0x4, "db5d94c7ada5212e42080f981dbf82ff25200574ad"}, {0x1010, 0x18d, 0x10, "fcc3fe249afea2a7c5fe56de0644ae920674f05e8fb6cfde19606813be134cf4b1c56ceb4fc3cf8ff9ba0fe6aaffedcab61f66b8b355b2b4aa2bb06fd24d266196b6f1aaa6e2902a8745a756045a070ca2a63ef08fb81097dfaa39e4f268b246c2f057840b7310db11ed4bf20fb6fa7cd40c2cb07b3d3b8c335abe2b4e59a9c12efa5a11c23a622c7537c6a8f4dcee50778abda0cc34517096a4bafd93d83488d09e07773ea736d1f764cd5596ac36b0bb7bdc6aa6dbd3256cea077862ede80caa0dcca4ff48950af82f3873cb03b60ac5c251cfcfe305fd3ebe4570ac05be246cad0be496dae356bdcc344c95257fab784bedd1c6182eebfd61373a7cafd31c038c0bced14f4ed35902183f7702886c16e7b6666c30a910b97bee2ace0c67acc81691525c9a8dce15c8e4824138b73e9cc2c22716c2ddda8df36697ce47f37ed93df096d51293885ab2d9d8c593e408450eba7d6e9bc99574f240a695d46d282b20ec9af6a5b78c11dcb9c5fbe0fc29a99b3e915034d4791ed0e1f799d927510c3bb01bbb4058b7aaf84055e1ebd4cde3e45878d4b00d1c418ae0518edadc1c56aa93594392ace5fb53a4ca61a8cacce4d609f7267e8a8668f812424436618a81db96061e8043c3678e11d42fe825f104bb65ebd358bba1567bd9e401d54fd6b86d3eb6d9cd56dc3d595c5b334fba98881a3e4d762a68cd7524034541dfc01b8197fee4ca5472d96eb3d9c774fb9687950c654e13a917053c12be3faccca3f5a4bcdb64137b7b9fd4de292f56fde2aefcefe891764a4e34a3b2f8b2981d964b064968e45659caed73aab2e897f368f8f3873997c33855b4967b8e88302ae9e0cc4333557c10438f93cad046ea4366739c1c7e7c50c683d1ec79ef78d948d4adee15878e5520c4cd342db68bf787a3de7173f364706df402e35b6712a2074d6a84d48efe5b64da9562e9e1e4ac96e67ec2959b2212532a8c903438963313ef8cbd3c5b156b375a9b73b3ea21f83fb33696ae8c12445a0c771d25ba602ed8aa54eb5fcd2826368531d91c23cec0ef25c761750d0beb2b3eed80f856f03468d78b368f927cf5acfc5f31427a99f277907c975e02a5bf9d7adfc3752b3bb45d07419562b16496a9b410347586894363d669b8f58bab481979ba5d1a4ed63514214f5b07d47f6b59a10c01d8fe8dd818c80f96f41b2ffc8544c84eaae42f986a0f6c85fe550ae7120baeb7aebb058ab99600c883aaa0852521fd0a81f59f5352ef2f8a2e6edb17dd949999d0fc31b190867170b03d9e5032fa51c19ac584d3ea057d1b6109c97604f54fb4bd332da5871092793e52fd9a24fa4f87a28f76b919be129eaf2f91c8c9df3b6949fa34762f3d9828fccdab4a3fb0786c54ab84fa2090c07147c947539c12b76f5e7b9b4b03a68d3844d8a2d93453c7bbba6db2a89d0c7c71f5cf519e9811394024c3b898fe34bc614087b9fb7f3264574385becf540212582e6520260360e16dd54a5a23da4f0cfdfb4e85bd524b0a8c0d59875e923a8fd6f7ac64789ef6b713ba768225f0ada96a9a554ba9d4271630041e3f6d99344aa695d8e5846f5eb37b2872592a2ff2a579ea4c69b4ff1748c175ee67d22daf3bbca4e7be1b01c5f6db34b14b9c3500eb1e73bfe4256612384b9183954e47dc8dbad99593f71b206dfc74835c783ce3f80454f9cd01ccb98cca434564578f68dcd6ad94ce0ddeb38d1958e979ba208d5b2e1d2c80574c9accb558c2d37c4bdd2badaf8a22cb0e0de4a523e0a20b9efe023365ac3ab5479ff513d7711ea3986e2a61c6433307b4cab5b09d9e1a488f1bcf110d18e1a4c824a16e79bbf7cb878bf1f8bd56f2f0551ba61842657efd838a98c1e441a97a337a7e0727357932cd2e3b6bca2375bc43842527afdb1a7684599c04e4029790b78b76af6aaaabebfd7be439fc174af7a5335859ab9d10b7fe15cca9a93b9783fe4f2229a76326b7327087082b4fe312680f4bbd48fe32cba9966731484f2fd794bb23102a0ae760bd845bf3f3f22b3ec67213104a1f5bad17567381d50892183ce46f18e1a31bc788a868f75a5fe1df0d7b703b8549cf1dee90315f804d1af42edbbe0f0ef73ccca94f18899cf8435eece5349cb28a736403bc4edcea4dda55c660ce7e6ba8b38d101b19643d2e223fab9754b2460417a6b32be769b4c4dd57010351583f13583407a2ba7e419ee0ab84048eeb68ad3126081fb3edc568a032a0ce87fac3c75f9e8e43fbe08b2c94468cebeadd83c3817cd95b667f446cfda90f0a40df946284b78300cb91d435a030a1f0cc9b732243a91fb9dd25c0b612ca2a098b9cde6a6d64b9116dfa0ec9619be4e0bcf774018701073f6d8256b00c365e739b5917cf5dc405386d5fddadc8cdcd4bcfdd87ad30d70d67eef6493e9b0065dda3172e8a8df4e261fd0859bb8d0277ef60978a3bce4ab92e215244c313e0f6553de62aed1bfdcd294cd5463e681bba24b7f2c15a9472cc956e8b49811ea9702430c51f47d9ba40907627717d45f575345d4302c820ef7009206e5d0a30eff8376297f7aa5ba60e900294fd83d1bb0b8e1caa41b9cd78c263d0d8abc1f62c4650bae7ad3c2a7c0434cd6278e734ae3f8574abda66d2fd9c9176618cc5e1dce582fec14ea1661aea04bd2dc27773b173c4badd7eafab14d35212d8aab6d96955425f46566aeecb3411b19a7bb3a768e5d121ce025c68f1ee52d2523cb844941563e8e42ded34552f42ab38a6cb6c50ba839a4b353246e21ea23d5161753d805944fb398832982d53f2a0eb0d93364133be364eb53e418b0aae0aa644f13f8b51991907fbb1f301bb41364ca227d67cef421385e45cb9c494355a94257516fdd7dd35e2fca8ba51f62889617e75bfe51b83357be47bf5f011b3114c30039681dae54d3ee71d8fa998d8007acd3fe93d6a6973e8e0c7c849373fef83e21877ff97ca9e2ba27d8577c7daed6dd0ee1fe3127aed6c7120a02d395210b7b0523dfb0e0e04df538ef3e319b6f5b48faf058d743a3444c565471945d26d71f1a0cf74b4c51cfaf1d6e3b2b68dd153778b615e6de32dc8f38891f7eae8ff77031be548366dcbe59562faf634ea335d7fd1ffd180ff406ba7ae6a0db095c1efa4a3747c5afa622fadb9e9c9e3e934128602a6de7026e06e5ccbdbb8e6301761a1205e614bbf5b15b823a2fb9c78a91970a68c236c0d918d0883b2fa4029c38cfdaf5d34ef8b9b2b544221bffd01943842ee43e449a6babc8f2c80c8b9e51ed2a01a7524c2bf9b63057270d8510fbc6b07bd050d713a7cd87ab66849d7ba2b443de01fe093a74f9dd6fcc59673831536c24a3332244fbc5f8536ef510d366637eeef978f0743400db44bdbe1beaf7a8135f548b2306b5206a8737e63ec392553bec09efec4d6d22cef210c56a948676bf4c25cda03d06f5db3be4ea51686657c156db8a7af27cadb041d05952bb84b775f38ca25cdaa18a64b68609788ab4bc02360aee5537ec18f0d0dc955116dc384661854e84015d8e0de59cdbc1cf5c2dec8606bfb21d06c37d94a9610c998cb9214498944326d8d5d712014914e6fcbe6d1b43ba28754f2bf7b3dd8e23ceb616a576aff18b78ad6d05d9b243f613b53f5ae7f6e9d2944e043ee285ad3bb59d02c66d65ba9e3f80d51a247fd7a875cb6005d464956a78a41788a6eb7238a0d07cd6c135d0f22a62c34fa8fc15acbcd183aacd8480b0f5932b9084088e67a9698e4acaed4b3133cbe2589aa3bed95cffbaa84cc7722987daa3923371d163cedb3f292a8fe096738beb2f4b86b439699cb49836cc2f4a4a2fc12db3836168003f3366b3451ca229d943cfba54b3ee73b6ffbc99c34d834d18a6c343e4b794e7d5fdb7028ed221f88c287f555270f287fdeb424358c09ae5d0fc9b6c20b834aee4939692abed8de4f9860bf6a4181f9c80fcfaefa91bfb1fd5222bf6c17497b81cc4ab7d086bba2c8bf996de64a8978feda050dcce659131ab9848947640729954dd9f7545edfc309b33c0fcae04104d2bb724cc437a7683e0dc57545429af3307526a6ea6ab564391849fb3c68f84c4e9a047dca474d9abdd181771b4ebe5b5f065a28f0bd91b1ca15c2e6880841cb986938ff22d39772afa0c397f9828dfc513b03688ad9e85c155525ef8c81f4d06832f1d3b18892b0b7d594afba4edec7abd08d94b79ee64361018148cb8a434ce63ae22603c4580d62aa4887d78709ee61bda5f1124f644486d832dfb2a238b373d11e9b0f26b2f8f1b5b2a802abd1578febd377801090da1dbac3880568210ab06a5ea722d16e00a92a9d7dc5ff6d3944406f07781f5e6acaa39e8b1f049ff5c642f0aa65b5d9396357cca7373b5cf63b82411e62b5276febfa98dd570381fdeb74153962507faf30418c86a6dbaad9cf65cfbbd5086914f69b7fe68ad6900abe1647dbe28df10a56f89386d41fa5e4aeb8f26f7ce2ffd7718e2f1c9b5ab0f9ae54b5da978de6d6920d04ea415bc39b9cc5cf0e5bccb68f8001420a957409e9b2529949b2e081739d8ddf93a7af0b02d7369e0530c0ab38ddeccf24701419ace0e67c66ddc2ad40751b09c1d1b205dae4cbe790fab6d895cc8734f2c2c41cd9e90c41716835e7e1efbffc6afdc8de25666663c69a188eeab7a4aa6a1445416b23d96f3f3a74b532d63096fcbe1be925fee6d593f8ecf40b94e52642c903e6a8a9400a0b3b515330f537d8ddd698531d55a1b2199887d462fcea4c21ce4663dcd5f0a776aa6c63847eb5b15be9db4e6f4625de3ff83b2ece479001f6c827d473e99e13c94c95ba6767195becfed35112d708ce17619d2fb9c9f06679d15d97a4bfb4c6bf55d6f61991f6177681a3834547884c09387651f08ace1ccfcb825f96560f1194460235f49d4676874d2f673a5fd9f983b36844ba8be7891cfb9ffc599cdcb3694d7d5b680a5e63ea722e7078b33b0f6d246e747756370292ca127e9e431ccb0a6391298835901e2d7550c16e15ed75cb4b5191fc3714af88ebf19946585839154f2cc946c04c5364b9f20ded3bb16e26dd21b81634587862870268d05fe10cd85851fa56b6dd6cfdcad2f148664e311c5a9f96d90827178a7f0f4bc6ef733dc1404b80c618ae934ecda09df3c7a86827873b46813f423db7c30be5fedaa5cd0011663cd8f9e40ec6f6356119b358a68be9ab00850b05a47af09ec91855c7b233cd3bd6931196979db52e54d32600d229747d45e11429d36f7a02a06fb95cc2af59b82581311754c2aa755c2efb26cbe79caf162b901d2c005dde3a2551a6b4db10a5729bb21f6e5e3ca183aa128f4b2f4c4c55ccf6397bff4523281fcd6815a6fa0a4506845a2243ed8eae1a63122b26d61a21aa89789bb3a17f3a73c1ae3627acccc52f8a17a85637f6f4717cf65d6ad6fa65a6329070c379d39fedd3b8184be98b612d323e194a148cdc4c9b4771078f31e7c6ddead02fc1e6acdb55a7c09a5141818599049114535e34b22c5339d7d9ce35386ac219a7940e0bc1cd36e8a29c3c6d1cb1d53efcd2ac30e4e5af39c6ec0571d1bd1f27d7c9ddde0b5abd64e1dc3cdbf5bce3e37a1343bb1eb907e14bbba29dd27d5db766e3190a2ac4cd777d95d701c497c584bd4ac871e794989cbaeb88866d12320e1dea7fe845cd0fef187d57177e44eb092ad4aff1112d1fbe1579405f3c8b189940bbd445425fd84ea1054265e6c20eaffca2c8686fa719714e1c4cfbd0d4a12aedc54c24042a75a771280c0ebff0ffffe8e308b9994cbb"}, {0xb8, 0x101, 0xfffffffffffffff8, "f63450914d3060aae732637005957be3f2e94c5229e2253cba5e02b86534d0e45d922a20696651d599b9b91c57fc17467f8255c1c8ca730bece33db99a488c7d05eca58c0b66698804a215f685be26d39aa2fc47723b5dc6c45453a2752a38c5ff3b7c90c5f1889217e75c27af2a1cf1aabb26445a8cdabe817315e41cd36d63895f0aab91f6c821963c68b58111ac8406810dd2d32df5feb8db594006d57c48c830c6"}, {0x18, 0x10f, 0x400, "524c999c"}, {0xd8, 0x11d, 0x6, "9dc746d8e0528b504fd370d222b54e6e10a76c433101c31e4a24790f967e2afe433722cc69c9cb0641ce2ce72963d563217b202af55c43203f379fdd1c005dc71d2e0a4001974290028c38708571704579df6220995facf73dff59aa8094c0061b0819ba3e892046006587138877bd720bad8d33948c27efba634395f2afb9c5baf6166ffff220d7b113c7d0429ec474fa5e228369d03f836a494786f5829fa63990d0ff8a874751268285e08f744c51db8818d737f918c3ffad3a127f59ded856967bec1a262c00"}], 0x1390, 0x4000800}, 0x2}, {{0x0, 0x0, &(0x7f0000009840)=[{&(0x7f0000007580)="cea2f0cc75d3779bb940931242da08bbd0913b26f80a1644d14ff4f915abfbc72784b492f91e9f79f7c2e13057f359035578159f7299056763793e84bb804dba2b0e2ded2251cd8a899867793a6c39baae979b200ebb3f9454c9f2702accba6824b4548dafe05ff5474d554b67492f1a0eda9b37bd7c8ae747d40cb82e5b29fe161082ef3f175109c62d448abc3e3b6f3b64ef5d23c1685a7c37896f8ab0332c8da56c41d039283d753d0a9710d802da05b534fe7a534394db93c27f5443d2a1ea83115e032adb04e694f9c48bac52e414b872e6da4edc01d97489f28bb9b224c641a554dee7bab073d1de7bfcf17f280c92d17d1c05362ac6d9612d185f466026130f3ebc93f7752bedad674b1d9e6754d34505c3fa929e6e53e39059b416668194e58ec86d354e09d08a7189da9d84593f6b10baa849bb6ba17d0774b27f34c1d7eb2b838f6c72caedd8492f4d7716dbc24a96a3a3627a0e901a744b0e992fb96772f4611491bcdc1df9b9bcb82d531645dcb50d000057f99999eee706bdcaf3d157775a4164f0e11071d3ff073b7c8a665f565f11390757343debf600703c3259af13d63258e7847b7ac192561afcf893e73a6eb7638c12d95e86b73bce5f1e26f46b9d577043f1a2b0f089944469e47a869d9773b04d742b0ed827ab45b2900bf5714084cf71c2e08f910c45f83b440d410adbf170326ee6dd8c082f860c50fb4d35c0b1f7e6e38b935844875e3980fec422068dd6953aa0e70c8acf876ea7d73d8e4c49f0143e158c7360593f9dadd3ba6714a8fcaa9b5bac12896111969c1d3e194bcc28a29a43f8138360cda660c2dbe3da6b3e54338caceb802e1846b8cc8fbf6a1b3f1bbba2a25c4e54c969c0f48d6bff7759620bd1160e64b87f55d7cbd7d5d4ac7af71adbc9f1e2410912420871ca115fa8c86920952d544cc1678ab85482a72d9bc3a0bfae785830ba1fd3cd79becf16c7acb076eca58d4dbf3eb14c21961acdacaad96725c6cfe755dc39b95eb1e7273eb817fe5bdf4bb3935b79666ac5b4e87d767ab8b6cb17621b801680681833a8de4ca84b501a42407285e1b04f1144042ee66f797ded640b098cc184f9c7890345d379a50ae89c172948bc915cc74de191bc2a346472b8dcb39b2719bd17dd294bc989c708182c137d05de5227984fce58707b79d6a904098a1e296e9a5a1e82f6ee7cfb711073c9c0f3b96f009777d1e16a42e1f3f7081f966c19fdd152bafcb9ae6f9e33fc1065ba4bfda68255d935c663339642a0e9023dd99543db927d1d67e59997e23ea36275caea2e33f4597ed273b64269c57acc639d29d54ff8260aa7aa53ba34f986f15f748646c2dbd260d2a3c9aa2fa95dbba0d6848d022e971a25a64473560dcc8db248ae9131b8f24c1820c989d25be6872f1dc2d9bcc9d6eeefd5abb8a4accb889f4ddac6933f4b8b9062c7230ce2715c3d6a19c9ebbec8a89040bfceff3428326b28b3b5f0971ffa4737762a95947ce0800dc3422ff33bfd2e05e8380d8c1efd8e44a71d8bfd9bac9b0daa1959145d244fc213205c0389bf01c7565906dfd88a15da1a76a45b0c1668da791054b698d10240f17e9206244d671c0a29ed7dc6908d3d43578c1e9baa10f8c3fb1193554f02671fb70e97fdd6df61bee0a9cc02fb99daf6d45d275ea6c0022892ab659e7108d68cc5120d6097d205ff622deaf392131b69b995b9136526624df616834d505a206813b2c1522cc3de75e0b89461dd1178a15c62d6da11123f810e64384ed59ff4511f5b42189b1582405eb727a8a8efbad6165b64f771b18f945931fcdd85a7731b54846356133840d8b4c8992f309beeb63a5f058b75536aa8e494cf1b7e0ea4e11267d7be5eb35f36d109e147103cfa742d07e3dcb973a9bd9e0324ef3a7ea5c41036bea67af84359fa339c54d0aa30736232a108b8a57040d3466aebe217d75f143e2d5f51e9e27f84f8f0cdc21abed24e46dfe8b60a91506f9ca65a7a2bb557016e6947e7739ac0cb133da6d355e1b947505d6656465bdb958aaed58c19c249912f7ca955943dfe9aa31e2f5e64c2468d5d89de410114e7f35a360989ff2d193a0b4fb5cd13950180f227e8079c58c7eb688bf6198ff775b781a2969fb6a6bc7deee0f442f6acd7644c089ac4a089238413b4c0ea0ecbc4a92331f40b451990250f816e9f1c0549c952b8ed3df92dbadd2f57c428b702ea085d2654d0071f7bb968f720b11b97ddfef1605ccec7bc3512ca5a24d67e7ce8082cf069772efed331f7ded2cc8e1f61614bceac8f87586c584f824936dcc06765dca5f9923ac3f95e21fb4999f8643f3f086f9c560aca8d4fab5d28a6895f0d151975d14ed0de01014281dd17bbf2c95dfbbba4e9bed3d2e2ff0a15e2f51db31ae07161f5956801164ada1d671d9db4e2756238ea663438eded3b93112f0e4d52503bf0319f5640d89381d7465e0b3ed57120c697c74384a558a7f9c6c6d69012134876ea6ebb10d5826662d67b4dd81e83839d2f79ad7a19a44d86b4441f3f82caea79a39b2d4e3592734c92f00e2df29417c40727aed225de22e6940169fb604ca008485d62406c9f828387072ce3a39cbf046548a87cdd90420833f09da542374035fcc318db9054e2f63958bfdaa02fd499583204152e96ee50845c2378935e28545302a3adf0bca5958277b57430ff0cd59480f1fd5964ac709c03a149d30f24eeabfbebdcf4276abbdb05bf3116f761850d48450c08e51f3a51c07991cd81ebf5228f83e308a0a6850e264e18e7b634410c2608cb34b75392c2d85d71fb4c604550c1c648771b4c8d7cf4af9345421efe0bf072a586b87c37e1d7ae7bda7bcc9bf24c1f44f30ea08e6d6186a2a44fba1bcccb28036033e8bda93157e362cc590fb7f2c23ea9964da21bf242b9e2a1f949de65e1baacbe71b54ea7d70287299da1c33440e9dd7594f0fa2902e9ee8734a7a5a1254da9f8969c127f7ce36445335eba0c05266abd8485fee0c801f24bd105d686e69def4514cd04051d68fed124e0de71c22924b0048d6c89a6eccb4b4b654e81bc81dc4780ce4c8561bed25754dcdcb4fbaa6650855d8c34e19f3a336cf2b56830fea74f4c403a57eec85e0760d9b30b1b7703e7b8ebc97022dbdd9c2e7a7d7bfbdb338aeadd62cf8db3f48cafc67ccf2067ec2f01ec8b27179d796ae9b7501b4e15f3d443f316dc01c4acbb136ccee9f174e7089593f3d4a10b76961fb559c61e0244fe2483848b14a18216b1afb135cd3e4d3a5050da46e53958c5054476eb2baf2be5295fd22a3f95091e912ae935a5b94e2d95b7135ae5ad74a8f0346907b9e542846f5bb6d1ba15fd36fe1e1661b1fad00f5a6c1760589b67e7e363d868871fcbb84439c91e1f4bcbdcc474a003d51b2f6391a7bd13320ffc15962b078d43e8084697998fd68406386b5494c3b1c129205eca08d57868055a915bb9258531d83aa959b84e29da23d77a6968b5ce44c1528a458599f9328ef833a0b80bb7204a0df2373c48ece8b53905f1827c2128eb98d91f6d541743beb3006244476dcd79cb99a09def2c70eaac9e5895b23bf7433d5d901ff9d60e18bc0d4021b413f5fa590643e6536c656e8d628b4244dda926a3ea8333a9d2a3fc57b758bdd6b90102f6a1cd132838b7e086b90a56063c34a2cb7872a65481bd85d8281c9c1a5bda2c71ca65778ec1d5c0294043e280894badf4e213ddbd3c735f64b851caea3e64122db9cc039d6f43ba67c0f79b559aa631b5195a5f2b0cd702ecc426a3da81bd81d9a118df4e9516ba389ab759604777205e9d3791c392c0728e6c13f935e8ff6b21b7fadd87525ccc4a8ef016c62aab9b96bf2e5899162acc6ea87f40ee9b6b330667574a8ab76131601c137f2acee144fb1280a3c6eed9b400856b3f0339a2043318a86cf2b6d5161507dd3ff9421834ca50f72cd2d0ccab1e19900efde23a9f92899eca77e89f6c201ce6f32cd08af9e112f20c567647430bbcdc09be3fb9ddb18ec7e50237869889077ed48df620ee31f78d583b3fd6314b70705b71545227760f6b898356466940ec94eb860ccfc135065d584b2fcd4b5649f69da99e8b90ab19659769d2def57516680200b87db24d7e09a74a83a99c806d056d86804ad216df782d8a6ba1e1207eef0fd8803a0cae6f582c3934428a6328ce2061192db9a5cdf8ed637ea8bda98c8b2a5be6e3cf7a7b24123ddfedc3b42ef1c87e4d497653dbf8f876b861f6a9331d1f43c3b69b97980e155dbdc75e47f6481a0d6db7e98b92ab10794af51120551a2ff1c562c363fd207ee45bbb30a871c103c42b1b52dd23094656acf4a326888146dc42a48c2ad70f38c3a97697a0c0d5f2ab4c1a97ec194e3af93f2b8149fc3e582ae62b51b7d0fc1bfd46f53999eb4cc5415a70ec87d2957d84ab2a83cfa405229769989085072e6560916f0277810d48fe7b0729c878ecb1c5b19e5aade28b3a7b53c52f7a2f4c0f6a0cce35accdd43ebc01ba73531a9132e001642f558bc30baaba23164a8986cdae47f079093d1b0a6bb2acacd614e6e7ee0ff46bcaa70b4fa9acc6229cb9aab52ad6dd0d75fb577668bff91188477fc281819a5584abc94763257eff8fae3b24054dbb4ebacfd6f8a10144903caf785daa737800f9fe50a862848e1586c2246ea339bd837e334e4f18f030837a5ddba7d0402706be9887872d70c6b1120c7ca25d8178634ca5c86fe24876abf482219aef25dad7b3b34000c08c9115a96cbc1429d2f32c06b43c4292cceb5e695f3ceed2d35c0a40772a46075a8e3a3d7ffe674e5057489c60b20305d1092b1924d1a64dfffe8f1f5d7439198975e83bba8543270df4aa178aeb497a343076bd41154e46f0a5573d2aa26134ddf0ec6ae072cc71b633af9fc6e63560fce29925b6120923f4b131659d28a1163b73e1b2336d3217bb5a4ab4c044b5ee353c723b0250138708cb5323ddfd572fe572468f92efc9452a1d1ac38a1950c7adf795de08dbc58fa72edccca9dfae78db0df30095dbb291ecfddb29c71fb1c28f3e34e37fb087ec4bf7660f0a5da936fbbfabff9e6f1987bd04dc35b06106d476e71a8c0a05f25bbf7722966ac50c3399e30d4303977f57b78422cdfbce4d6e78761ca8557d365f1ee4138120e42d08f4904f5c89dd21498d03047c017aef7122ad6c5e47c5551442f47dd11da78e45aa5e3302285d9450c4969f50f5501f86342161018af57f82538e3da655e31630a685e747b95d12953c2a3e438aefe4bca5ca77beff5df7789b390353a5e97d9ef88c68a1541b729b92f728b273e6271d1d653c5a9fe533e3b616082c40fbc008b364b7a18712ba20563e7820f71cba59e958c56021c4cfcba95a73a68795c30beac3421e64d68a0c8021381ae7b34b602487e308e77ccac18657c8823517c95e89b2dbed8d35da5dca586d626780c6692f0c48f37f60f19a22138988fef7c42b537677c9c82e0a40170d32f16c62660e772a20bcbc6041f3cfb77d201ea431d1fc8efcdfccc420701da16347d070fc1d39780aac3831ad627194c29d0389a75f38d4bf79daea23d68ca540239a8d89d7bb5552b524c24dba2b9b4a5390f511ac1749cbcebe9f1e51768095f2e39875e31c05ef4684a82fe5f1476ab56dd0f73e4ae008f7bd66ac48cfe4d56306a8ef4ea723a68d72fa69719a22168627ac00b19206a0f6e0e30c40d8602d93188a76f4382a22f8b7d659abc6ae7ba3c359519849d6c3a6d3ed3685fe59fa3a8cbcf5c0ed84", 0x1000}, {&(0x7f0000008580)="306ef97ebdb186d64288ca86d4063a17751994851cd00c88c7ea05ff9bfbeddd3ea1bde3291d7c4b5fbfb0acdb769cdbe249a61cb83dd613a14ebf7223e8547fa58dbeb16ef3dadcd11bda421b6b2ab6986ff22df0abe04540d066c11031717c8f53b06b6884b16da57aa6f8dde478a91c51b96b664ec972fe0a5e1e465361c97ecd46e24eaf3caae9a6c023bac899554ca31a043e4d694621de63892234f2204bf5ff3c368a02b5d610a069736b617924a6f2bde9f6c36c305c421aebb73e4fbd127aee3c4cb5f30b95ed99acdb26ceea074a2d0839720cd6473234d2f3082bec5f6560ce160783762fba1c7a2072dc55c96b95d504f10693", 0xf9}, {&(0x7f0000008680)="f662c194c204ca66d2bf01ac9f230a5aed4d56263d", 0x15}, {&(0x7f00000086c0)="098c75e663f9bc6aa5e8eb1061dafca8fd4a9b25fd4c8487f2b963529d75f0f8c21421a23e73671a199a05a1d6bda0b2144f772ce35da86559aa366606b9552f9a3ed2a70dc1901c7bffcaff73113362307885b92d155c092ef073eb1effb26ab17ac4d6e619ee6ce3d60426d8f70a0eebdb7ef0d6c86ac335b194be1c29f8880d5df081a0a90c4fb4384ddb8556b68d96eabbbc6d88ea53b060171f14bee46c661dde99d1d226d32edae27e1899abd1086451ac93c6f5d7bc7aeeaa301939e0e907947d6f4f80956ca9effe904a9137c275c9538c0301e7f34a7e9ec2c7cb0ab1dbe06408ea1beb12d7216a66f78485af5ddc40ba5ed68ae560d66ab95228b01235b69565b34713580211f3e398377e15a4ae8c6c8ba6bc1b38ee8c0741bd09e9d5aac8b816d6fa7c2ae4864b544b49a488c29d4501cdb9b26270c847aaaad63813a971666f199d25472f1f5f37274fad58ef597d504a5aa350050517e92bc7e84d499142f5ff6208c9ec60c85ca0704ddb98402146d89e18bf4ca001bb40b12ba418540378162935599ae93dc1b6b63a7c51ca5d72c4e792d0a478921ec5a8bb87959c01ad585114c092889ca41295d8cfa28f06774dcccb0bbe5a2835eb653c6eb21b1f91d053f603cd4f74aee680c338b6d02758f641b827728854ddeeac3b00c23299aee16571167e70bf0ebdca47e766e31adffbbc55864283e38a9d764299539fadeabb19a4d01715ba7664a39e4e826c88714835ac05dd37c2cda082ab1ddd209843d2d8f1ee2cf6b8f3a0236ab8ecb14c2e469117f64a5662a11eb7de798db3a3d9a8e2af1524058a4b7410a8f81456118a79748b729e555d74da31db233e53533abaf0428f6066e014912811847247dec67cf21b6c1c89d5b95563846f7dd6b48961f1381d60235da16e5501a2d1fcb1acdd70d46cbfa0a293f051f40d235e8ced8f40e65dcf1789c581f5214041c3b25eb7864287abb0874e0ec4109ca588a8f5e331a3d03197523243d740ba5e88e3895506058ac1ea796c37f3ddb3b9577934a8aa7a0502f8de0a6b8596f7bd30ba840191c68835922fa47a23e7258038b540b3299637055b1d8f5ca5da9445e666a2c27893937b472ff4574eab33cbf2bc0906b4de9b046d82540462f774716a239a2ac5236f8ceebe83fd51ff4a1cf59b671959683960b14ee626ce14bbba48127a648d42867fdd57b3fc86465f8d7a09599ed2769d6681ee95f2f0d589b0abdefaf7d628311b67a79d1e7bfebc4c2a5eb4c1f91cfff267de2102f9eb470dc3d781421354a8e5a8cd0877a668aa14386bca4a02b8038c1ed8cae39ea9e466a0afd6483290ec62e700b48c6a426bd283b9b2c0bf502ee8740d28bf5c9fa8dcc6cf8193fcf0f070335293e36e7b590f6200fab38a609f74ffac2f23716f2e7d16ca3e1c3b7b1e7d9416a3b3260d2c93bfdd12d615515811d137413952f38ab587af030d7e3555922d9008f498148db0647837f6b87c61e2eff616741a866204f34bb34bbedb5124584b70004063baa70a1805ff9bdba1df4bfc7b4d4438652e36d497246fdfabbd443ceb5d6868685b6733ce93085e5a9b3954bb569bd5c8cc16eb518e4ad854d4284f8e179d0eb3aa48eeb0d3e8c55528d35a48c18833ea6e9959a446d8ef67565408fdd8e07379fab09c8064f22878ad70f34219209e7d0025c3e53fd6755659e993b2fcbec2e737bada6ac78bc1f15342fb92dd9eeeb5b3b04935a4dc2b6db8bd2d638b43cc1d7f90503073cb1a5013ced4c0e8e5114d55c00ede6b87f71f4016939c80177e938d0a04597f02984a36075a9899d5674eef451d9599189dfc09992045064aef98125e7c9334b04e67ede460d3df3553731694eecd3efb433d4b5b5c2d0952ce3fb97e28f35ec5c4de490363b6f6963720ea618f1996c62411340eef769f356ab99de37688c0bba6e406dad4989138fdae4ec10af546279cdaa1cb2eab0a02cea0bb891ff1066de6dcc1577c53f00f127f1dcee21976f6575143e6575899c0d34fdf0a0073fdae125019a53b2ecced9b2dc10d2b000da678a8560523f0c85f802cf8097e61b8b573dbd8477e85a2d148729216b4d140f0bcdc59fbe0190ddb5b3bdf11650a2fc1db1ed497df2f5c778ad9e056129244c774fff9e1d74c67518f2585c18b59e1248b833e18e1763b2afce5333ce14c8b0feefb3137bce702dc4039d1a8f8de54ea47857117c1e0a2a5f3cb5fe2df109024a0bf9a3f7744425b8f62d6178ea1589e9bb73df78b7f9f79814c5583bc442fd9e4427360a716dc03c2cbdfc874652fe81f36e36b5029c992bf1f414de68306f611391297e3c831a5c5ad12c7f900aec2887fc998e1a2c69064d294063c6bb0e2bf0b350dc77c9453c9b98936d3e2b55297379d4062a59cd2260185b4a125e2dd5acf95559098973455f694f4dbbe096c0014e2aac17a8b9d284d42e35b0dab9009480427d59623b185f2bb81c787ba0545e4b0b343a2a141c6c9d439b6abe31e283272dd94b810d0f085897cd676846d402270ec23f06d06ce8f4a48a7ca2f567ae46cd1cbdd35fe1133a00ea6a8d74c01423e2dca9a86f191f3ea1bde9cba8057ff439e7a4d236fc2725caf1352dcaa75b48e6f00602953a8e523e5f5fa284fbedbced0940c971e0d0e5659dd3b46c8231b4acdf840eb4451b210fd5d0e7ecce428cf04b15673b82ad27dbde11b33555dfe1d726bc3fe8519db41019438fcf100d4da26c5ebf495cf1e50bcfa9a3174c0080e98c3be13cb73b41b194f69a9d964cc468cb702da068bc4e5fc3c61e189c261aa69ed22d095e2a4b89fea22e5a546a2df1056cb7c5a3ee3d662d5617b926dcb9f817bc5a53630a2c09d9a3d7d115789cb070cdc627490a5d3d5acb45af56f41d7ae0b61a5abfeb192b47de41dfd16962793ddec50ee32c698c9a96080a232522beb576eaf7d70a44a54e0e79894295a3d1f46d875e12c71054f260d5d969e2b9622cdd7c5ae48a2c86f41571a50aa6e9666bb68b1b8782da6ae3ed61eb4d2fdf3b047d0369304404b37a6684b35c3555206b4fb1d2c7d235a09dcb2f8c552554091e454fc668489b55dce713fd415f73e95b6ad1e8de7eff2d0a2ecd798a93ecc66a5656575e125a20d01297315b73368b5afa0c1d696537c907f7f51c80f473896b680949a26cc11cb7f4357f2c2d4f88d321fc89642f56bb29f98e46e24103bc0b31d5be12dd3e913cd86433a9da3d867fe0f196fefbad894804f901549f4c92eaca8ae8975165975fa8f91b5c505976847a396fba292a66e7387511e11f841e80e698a793b74aaf3d755f189ea377900827a1f34702b2511db9aecde79da0d80c1e7193baa00aabbfb092c86c911092bdadda7b534d21f9fe5c6c45a731a5bb956296e7f47c3764e796d2d99983fcfbf8d7ccf48c7a44ef1e07db54c7802821ca03aecae20683e39a5963350c595f4badf08c3bed8e139c8b0aa1bb588a4673ff5df01c7720bd4e7cbcb3c9673780f61733d837284387e7f4848f19731010161f69be41388a750da9efd4c36f1df4ceaed2a39bf6da48af3e6b398b5f0e046635030a4e17184f600ea9c8ae542ff3700aca7b22aff7e90e3adfefb0443ab3b9c2511da8d240bd328fe2929f4e28f81803087af3a4d5a1295d6db1854166f6f858a173979a05b329090592c98c1f10997b48bc3c95c12d77f5553e85e5589b8f4c628b14fd631c9c04f59ac446744e2195d245ca9e17ed5577055ff9cc8a0c0148c8089a567c7879d8303c3dbf09bae38a6a717a046e08d20aef90f5febc32b262d3cfa3fec12f82fd97912dea6b521c9f4161b181f26b76446032dd27b5bb7c291a4b70b61a1507a20cafbc6231f0a23a7a6977af519b912bee97f0f9367285632a9d187b2cf6f25e7947eb5ed8307b55d13c76236e2b02c8d97c39e8c3170303ee990bd49230158642688aead2f75fd116fbe8bd1635599edc23434230f66dd66111d9450a18b910d2114b237ab61eb3de6e771e0a19c52a84ff2393c1a263701c422d6075f2692d92ecdda290ffda1a453ad7c6e0c0dd12974c751a9fcb2bcb50f6cf09c4625a405988e85022ef0b604e098a109afc54a10df6ff53830728fc20badd2c03af3d0e6010ac4a15f0907b8227c2c380d35fa24d521d5d33184bca130205315f0d46575a082fa9665c4ada14c716a6b1223d4c9c6578bb9b435e3b10d51c619cae2b26e7389f7e48486929f3859ebde81403641e5256ee07fd8614c1526df3e6b673280eb82174f6226b6d201f2992b01c150a39ce0f6b870a0a8f049c1e8ca751c56c3c0e7893380ec4f3802a8699e82ebb20380db1153146e6adc13363097a64b20642958a8ac3270d91ae983a1cccf20d4d9ffb945b3380d578622fa7019317b3b50f486e418880413613b84907a92520d4672e3beba70734dd248351f00650cf86eb35a0a51e0fd5e63683a6b6e2c2ad3a3009cd1313eca15c8de6dbcacdcd8c3733ad45184bab1a2177246fb2dd3d0caabfe56213411e4941ff19b1d876a9ec553516de2c6dcc9384865f97d65ec7029b85dffd8834f5a8bd6529c489b35d2732d750abfcf9bce92070db73245ee2152086e0f5297a499131329dec1b2651ec43905c0150a8eb87f0864b66cc0cb8b162b8f4b6edb7a8954f3cc41deab24309ac9b57b87abda3995be0c62e10e82da6359f19263e4eb427df3f00d090beffd0b7dfe46ff305d371511748d2b4950b8090ae439eb10d589a383ec7136713cf4076858b5a6c9bbee6a6b4e843153c95e09d21493131589b843fdf2f8cdb37cebb734ce2091ee306d84bd91d4068256fefabaa3e87e19b7bd636f81fc8a0dfabe38f4b8b3d47d932907fcb0504e5d482f80136673106caaf2b3673a494d5a5465a9f979d97f3031b288e7cd6d0a29943cc73a1ba316de78997e48b45696c38b9176c246e3010674065e6c6ef3a5f7607fe2539d6a43f0422b919eb5e0776d39be07541232b1b1a1ab5236905516cfe75f43995ada93478e4b5ab028b7cb5d943001b6ae89e2d3a0282ba06437acf0cff8fa602040343be1bdeaa210d37cabf03549d6e2e876e86b7ee2b64ddbeb8b4b253ff0a26d277e09bf842b3754cb97b18338f48dfc884e378b5ba475859d38338c97a4494e6d166a64deb42c364fa76f1f21c9ba9dc69401d8f145a65c97509f2eee3810e074a55c9a4a97f4c16bacce766324134b94b08a90d74cf323c9592dce9837aefe660d8aeaaf2af620697fd9837f749a4a8c9970be53eeebcac3dfad62ac1bdd3894efa37f85d11cec6e70368caa7b9425f4f6dbd6fce68220c5c3ee5e34775f18143fd18ace3dda2aa082cf24f31d27eeeffda1e54204e4b00e4b3e046a05aa3367c29635ca44d1addc816eacb394073da07011c693bfa9a51db7cdbee95eb5860d312d2cfe7d3cacd2e2c342266f6bdf10d00973c5f85a43186bcd423db7e634801b827f920c950f8e51a9105e44b0b877b63788c7e9e1a4149723c8afc840fbd703d78b7f28e55430c169cd564c20d0f94850ff23eb170e45d281d278135c1d82b2d67fcce153b067864dabacec7e0f10d2dd72acbe25200bbc65d781475dfe5b6a392d14c4be2a94054d3537f0ed54c722fcf555feae287333dde2569407ad601551b4bc46e7b97e40cb64967b3c6e26c45d283c16a5236fc46f30474d63123fabb43f467ee30d2dbf822653ed2a3495a768d9867f8d2887e9b14f375990385a9aef554c7c4d320b62b1e8fde4df2a6398751f1d97b2dcd6", 0x1000}, {&(0x7f00000096c0)="35e7ce371e1c1809900e48164069a84943813041b68d81378b986d71e2a33362a695c3daaecf52fb9b127bd9d2b15229d49650ea97e621c6d5b52262acde76b1ecaab91e440005029138f0a0ac01a8c8247e5d5222cf782c032ce360924500ba642e768d550bda053ba234be93ba3507caa95bfbd205ee31b9361abd3f3bb3ac8d9b4e59a68e1991629de312f1b7bd3f9ecc0e43e64d92f695d289495b63c792e5d9803f5a6b3286dbaa8235fecfe252ffab1031ce4161ee43f962a27f", 0xbd}, {&(0x7f0000009780)="6eb99ca75bb014835fa7bf30d811d03d3bd2545a99f8c3ca3c8b8c3aa1ac", 0x1e}, {&(0x7f00000097c0)="8e1a5e01eb9141209218037d9ff7a8606d31c4d2a41dd1cb59434338471012b8c45d03da1d731a0718fbf03a84214c0dfe68b17bf42b14f7ee06779169db0357067dbbe04856f65e0b06c872971264735855c3bcb2caab71383e", 0x5a}], 0x7, &(0x7f00000098c0)=[{0x70, 0xa9, 0x6, "7c57911987d03e2d4c236481b2f6beb411cc9651e295bd64cf67b18234e45f53fca42b81698f32740842e0d399569d26154ecb34fc78d7fe877845818f907bed886dc3c6cb294c90e5c40ad14c06d05dc6a1584b7f882788da85"}, {0x88, 0x118, 0x6, "beb7dd7a1dcd95e832fa5039a2bc31aac6c1917ad150b5cb12072eb38118e1ba254d12090557c91ba61bb76b82f1f60b66e551e4cd3515bd1ab259f563fdf8514f4a6536b2b490c50b4b56b3b43d15e816b2a5122a8643c4c5cc7f0432237f15892bf1c650dd1d5bd940494338772f5412965ef3e6"}], 0xf8, 0x51}, 0x8000}, {{&(0x7f00000099c0)=@in={0x2, 0x4e22, @multicast2=0xe0000002}, 0x80, &(0x7f0000009b80)=[{&(0x7f0000009a40)="9285569b1efc15c290af54f40c649bc784bbec29374aced75479ba6be7eacf9b7529cc63a7afeb820a33b8d012d6bea2dbde6722ff65ae", 0x37}, {&(0x7f0000009a80)="e2c4eb71e18b883d98f34b3366d6afd7a4ae4826f021b060460dcf2929285c0f956c27769db45d22e6287707c241d26ec3ef9007d65f57da48eb2c89d051ff044cb92ed99416284a591e49227ad731c45fbf4f5b14a8f7d3de84554bb0d91b5e270eda34a2b2d217d4e38c4ebdb2e46569ffc24685135393ef79d608a10cd4e1cc5e98a6885993cada99a6c8fe449a69454aa5c2e53b18bf6a4bb175f57c85eed4f69bc166206679782caafbe4bf97ba0334f15dc7971fef85eaa72e30228e91a04f0d51fe1454c36f260705f128a0dc5b567756fd90773b0f244d437f6a4687625371c6d7bdde0a", 0xe8}], 0x2, &(0x7f0000009bc0)=[{0x18, 0x118, 0x5b9, "cb8c"}], 0x18, 0x4001}, 0xe4}, {{&(0x7f0000009c80)=@ll={0x11, 0x1f, r4, 0x1, 0xfffffffffffffffd, 0x6, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}}, 0x80, &(0x7f000000aec0)=[{&(0x7f0000009d00)="72945678f39828604f5772f5ec1980bd375019bd82f3f54677a9b666a454e6a65320baae4518a2f5a8bcdea9", 0x2c}, {&(0x7f0000009d40)="37038138301982d63942a9b3e951bd2bbcb8055eb65c757162742bd0565c54d3291e9deeb78ac8bc0f7698e2fd2f1d3381bcb5b170d01f0c266c9f1377a05fe327fb3beed67982cca6cf5281b813c395942dcc649583487e", 0x58}, {&(0x7f0000009dc0)="df81fcc682c5aa4898f603aa1cd947db8bc78b36b053aeda3dd5baa0744fbda385d4d6ce746446dfa843f945704ff665a40dd45db9ba81eeab27b1092b9313798eedb53777cac22e0c53e157a4e957d36736afc94d190d6a051c78da66fd1e57dd220ea0d36bf1f30a49145cbcad41fa49740bdeddacd4c697b3dd08193f087e17a74c4e02c5694edbc68962dd8e5fad1b3b80aa3fbbf1d436f1bc01a8528f6a6f430d5d1690d7f0da0cf0cc8404ba7dd40fdfdd0f3f6b1fe54623a2fa0e5f76da9cfe1cb894da945cb3a6dd4d9721c3bb399f7f867d2f38b309162e287d19325cc05a05f2", 0xe5}, {&(0x7f0000009ec0)="f080a54277a77e6301b48a3f0070b0e22b47f41db00e99f4f02871cada8e9ac7588c8bb3f197f176e9c364d647765be1096fa6d1374ccfab5fb06e54d9f3623713443d97002588a35193feaadf70813828ab07dca0cdcae2c0403eb39d5bfe54eb33f6cd74ee66acd2e4da9e2a2df450b10302eea2bdc54fd04c94e0aaae0db0c76d390dd6a1fe1c0dddc7c93cd1f5f983935a56665bd1020469707b10cf064db121ed2b3305aab7438e3cf490ce6c0cf1b02f384f3a9b6d6a6a1e38bc9b4ee7cd04cd1f41f0aa1d1b1a1d30bd12c4e30b7603f1d5d64ac9d4ea1c5205347b6b39e80f620573e79fb1270aa2aec376c14d28b32c9a7575f7711a2e2e8c99063a6689cdc798211dc391dc1227ff5ad80659103b53889049740cbd9334d059a7b36464780da08747db9ea311c288064a52ccb643e82862fa65a1ba1ac02b1b9f7a7ef726309af35c454342ae9e710d741fedc4b40eb60c4cf442640a9e0ac3977c731682815e6c73993542f8517732ef2c204fc97a16f2044c8c53e0a021f0d83ce8a806ad0b7c05a0db97d7ca91fe5ce7ed9d28d981255fa1a2e1b4963ea117d4a2c78c9fc7b55137a7123ecd35ca50f4f9d8d3f656c71823453044746c5a919b18459287dc38926fd5a01ae786d5a9b9ece97ca7853f0e02fa3e29be032803b8ee548b5fae8318441348f5fa2fb2084102edc5177b457b65b7587359a4742dc59c14b2160a29d52312ac9bd86d478adb715745ce6feab18833d4e9703e8f31c8e0660107d88c4ac7481c9c704310c4c798ab881b07aee7beb53aa22e7b1de0dfaf805c2036c084be20db599a46a84ad82e880e5558170d8ea1039cb390d11364a093072cb535704da9cda40b0ebaa5c3c46834328ff86064c2a60dd3df12fa47b8ac02ba120768ee0ff02a27177cd2e2ac8f793dfada2764504aecb1bdf3356f2b2b3528ff09c8b034a08c9407c0d94080a9a32d6c91981278e5c6db29341e3c28efa547e5bd74eb0820cf6fa160aa439e1b333544a18862bb6981c5959386712726f75349835b1bdfc207658ff922874b48abf1ba7f851cae83c405ca35ffba63ef18f91d26fcbff4f34d032811811e76cc4c0250a696408e31e55874bc2e57df3e7787be1907cca35004a68202733c3fe357d7de22561eb1656ea2a4bf7cfeafa80d8d8eef4e98e5c0dd51f2f1de2d0862adf795abb7f5d84f09e5334ce3b161fb4fa67776db9e6ab42b9b0d68d76d75dbe68fbcffa97c0a3c017564b66d0a273c75d4bad6d3fe08d46996d92a65c6fefb952b1c0d6d0aa82ab05642b6f651d9d3c0143157206ba6ffe95dbe32132333e039ec354bfe0a143f3f96579f3c4d56022a0299e02bce5570373d0e18603f8bf16abb3aea09003fe8c0f060799d92eba5c93fb1494264fa923312c3f17b740e4f007878a825fefc93594607a7cec54ed8e772a70cb72d2eec51fad01b29f89236e66fc0364a42f03967ba5db9ad9a630953283be2156be0a8186c2e1d751b415ce6fcc6cc1b020acc0f08cf86bb6191cb43055af6676967a7609d54ad007eeb75c089d20a5405f1591982c61fb77b41ba78b7206bcfcaa27427772cbe285509a6c9be9128ff0f725425692a3f31b8d377e2be1c07c6f298a7ac4585297d06b6b0587d82a1948939ab03e4b3ba0914475b1ccbeba0cb8ee502c4f6fe8d8e25d9e828192b3fe5c26e43b2792ed297b3b73a0cee21a598a7d8b94a4d50fd6201b58b35bafaf945ee746244174f086019ec8dab7cc3a2d819f06a10d86d325c492265e3c41ad9ae93afe643f106f960a79f4377ff8241585a9e89276106e0e84e6ef2055404401f2f12f4c77a2eee5751e7387ecb2d35215262bfa8081b08fc4bb6973e98cac345d0d4626dadffb48e9c4138af2f8022e8fbc512329e02f10e06a93cbcfe85e01215ed2bac2ad25467636e046fddafcec949f83e5c4193483e2e488ebcc95db7ab5dfb87cc9b335b160794802d88d898f5a26077faa86c9d7c719c2b4ec1e1722678570649510401282daec33de76cd03a794916fcf5d692e71277f452b177a396a4ddefe7f743e23ff020298e9f8f07de50769adfc0e206400c8e9dcac8edca22a3e4d92eaf04be078a3e2b5fef90cef84dc2def81d41b4cf5e1581b9c88931ac8143a1c0538f6483361de279151b3a44559298440223191c9487d82fad4a814c6d9add1f7f00432e3f5199f49f35300e74a04932d6938f2ee24252f4b8b53735613b23b00882b89be8f180d7f0e20c2840620875309f7a289deb41b128d7a620e58e1e593946d0b65cdf91ae640a3d0d41023e267c46fc4cfa9a54743013fa11ba825ff9bafb40e3a2379bb7f8ac73228c0614f3fab8a87657647a7cf455f49b006e6f80ca2e27ff0d3cdf31a9b748dc8d1fb7a49efe048014a36e4c0ff2c1d52bd36398c3158d0e29ccefac731d466e3818056714b66c374896eae81fc78e1651a49c03090013be1484715ce6cfb4bcbb4a911eb3d981c4bd3a96a9e191245731f8c6c2acd84bc916ba314ca56954c092840898bfe11e895d1e45fba55401fdb398441173d5bbccd4cf93c75152e3292426e52b707c6344e4ca8653ef997a1e83d6e46181def3a81a70eeceb85a8e5026cb4bfb1d3ade02bd4dd444f1c9909fd727a6f97b2a0021c8e1634034693000bf6eb6805f1a2e1f254ee5e5b3a5296c2036cab9556b9d4e34321820a265354c73792b6814c3f78c993a763381bcf143f7ee73c2f3af4745b88f13aafd163df06013a00e82bb3c2ea84af9ddb789ca5dc9b9cce276f26568ee19124cfcdebc0bce6a30a52c0b54bb56b889b80a2ac8a46ac0e5a19a70cc74ccc9c472c1b8bd3176c89f446fa77c855a3fd2323d59f52c14c194e222b501af7281777e16b2cb9ea148f5bb983fc05d400a0ce3c348fff89d816cffdba1200ea986ace48bac3251734d7705f37916c85b719a5cb51b75860dfd54952f2e84ed83102975e4bd91c8e161cf02a336ad52be9c29b757e9071094c78b9f8b81be141f9fc7ea5f2c0ee5316f6ca91d944795a9a110108bb5b69d9b9d8e3580a3486d70bf43841be3b39e0c6a68a04ce49a80918626d1d6d99a9687972933ebcc5ee07e1a1166158de432a60063a4626dd8e430fa413b81a337227f7f6cda555372990d39f95de8f4970b6008df4929733f5f02438d425ff6ef768e2e63eaa06ceef6f3f26f81657d4d55aa7eb3df5a43e723d84646b9c8b554bda0e549697397a68ac139717cea8635834ccc6633e027351552e1cd8770d788f67104e0b8d1264de92a2fb780000ab73811a3e880b648d969a5946eccac1ac384f60f50810507382a4ccdce812c69d830d09e1c086eb1f342281ab90b070914c3c0a7237cdaefffc40cefe8ce21aca99a949c5f4b80a90b1b33649b6c3e6129c17e7681df7fd8611b643c6862636edfdac380c8feb2e3e82d38f613331d95013775f1cbe97e3f8db4f17f54de2b642ac062d393476ecacf1b2d535e0330a62dbb5a4dfadfce628fa0c5943b75a5b1a4f69035ffccf4837298e8f21fac031260b8412ac134b4c7c174921b642fa7954263efb99777ad98f988316925f03d57c045431e41a78fa1889fb3ebf143d005a5b4d041f4cb25b0c54fd4bb172806b5e4ff3c18afdc26468f242e652dca652ce35660a1aa0dc425e2a4a2b4e8c1aac9ae22f8f64483f182bca63269072f846a4b3a4d9654c029828d926a1eff0cda2195edf265813fbd706066c3a098cfbed2a7b60cb563bcbb9a4d3fcf19d2ac1721a5471b009c3beda0b7b5a2df49261971b29d0ff67b755995a0bc8cfe991d7ed8f4ecd81815f82d36d16b3d616cf7f0af5de29844f36e1f2c924b501a37acc83374bf87ee721ec92cdfeebbf43dbe303e8c5e2bc6f6177316f73841d6a5c62b5b4f3f941e6b806f3df1e2572c773a8fb6b06d22aaca0d194f4752fab9ec3a09422ccafa19ec82430c7877a243d03b7e22896645a7c3a3156786b99af42772e6072824343d1b491f9849d289cd19ff1c9dc044071c61d85065a69267bca88dc055a27184c38c4a7ab21cd69611364d3ef81e58a1acd69ec7d8a694ed7822cfe5d827eb2096ffc757cf0c4fccdb9aea9210a5e1ba58986166f386b347912708a746c919baed6e34e30984776f869ad2b7cf59b7ea04815383c7095c4911acf641dcf5a8ad6078817d91bfec895b7fc5865709c58bf42084aa2079f985f76d730105731e8abcc0ce5e1ff09f3a39e9585972cd095be739f2c7d448125356617c1f5a000ad4aca576efd4315c75aa3808350a3512bf5d1d1d63576a29d86b5f94d091ee255fee93494da70438d24f98189e33038e9e8e615b4d1227a6ca014600e2abdee3b33f869205a4074b4ed56acc248bfeb95a34090fcd913032c5a87a1c127d55026ec851169f11d939aeccec502303b8922a1c3a3ae3733b4d3fbc0274a4fe3d6276e253654050785980debbf2d58b8df82c146225771d1fe10ae404a19f7610e1fa6935bea8f517b418755b8d358a9d2abb65fa325ac6ad262c5747449c65f151ad2f8872d53f6d3bc6504130608c17423f0120a1030a242a0b89675ae71c44fb2a0c34def40b863c991dc72c46a8bb7fd4ed797c69ab5ebfb90de60179feb9e909f82227937f89ebf29d7d7bedd2f80f015022ff0b9091be5b0fc8b6e12af70e2bd5554a5434c3a88b45634f442e74866a535db375e0f2545309fc604c13f28a7d11ac2a872d01e29b08bf773f6e0909a9aa57faa8fddd4922f39c962774ca92d8c5b4784cbe73875e3ce30ad3c2eb78ad38d66a65e763d4f29a06f5924fceb3ac179f7e465cebdd910ff880962e658309398568cdc609124ea751a2fafdb0c235485d81bdc0efa8af23e3213e60bb17fe5b4285234f887f71c0021ce2d7fc21ee48b074e5769c443862a5853dbabe92fd84ce4f4b7bd35ab3e9202609887837d93fc878711059f006a673fa6b8dfefe53c36e9ad17abececec1266e7210c2766c42215d86ee22cd4653e09dd0d2b6a4ee8a4ba5ee9cdcd3fc9e93be57e37ba56f79d19f90cb7c1a19dbd44f0eeaef83034b59006acd2e489ff9b96455b74cfe432b21bbd2667f2d8e3d6255d2191c4e72b70474ffd03f5539fc84dfd24079deb64f2047cfd95a52f45afcd1a05d868aeff5e318d0b7e84cf3bdd1b49bc1e84a6640822412692035238ab3a52895de6c420d72ec916e02b6dfd810da2b741119c390cb8b0dd41158e7b873752df9b60af63e572a12edf3b551293ff59e946329e04f72e196fd88364b5d10251f9b6a263d288293e821c4dc003ad64a847b1c357451ea0e9fc3d453386fdcf5b29780a54b3b64409590f164d40a4713717b6ef86888811790e82fd7432a4e5bf90f3b7edb66757b2333154e258d977c03c12463d376fd21e45bd8a2233ecff44b6e26baa7901ad4a9b4f588a48135bc6b52e51a90372a4e0bf10ac7666625000d103621ecbca78b663126383a753edb548c03264794de97f488bc31f2b77871b1ca507a2ed94e2cd76097b562bc11ddfb986bb25f4540384d935f7492560c15e20f48529dc3f4f70404be743f1febffb91a205b7def37fa1993519ebe9e4f5049357ebbc31a8b7489ea1e334b834f9beaf88b8ed0abb7a4e9867551f2343413b8890d1062b7bad8c9fad17ad15153a375ed4f163ddca7c9f0d3fe55ebf8ba6c78e9fe266efab9b7d4a9d623fb8911d6f26259b6eda8bd22018538a187b82b86732c936d54aa0da5661867a19846463133f53129c68bdb5bf2c0774db0", 0x1000}], 0x4, 0x0, 0x0, 0x4}, 0x5}, {{&(0x7f000000af00)=@can={0x1d}, 0x80, &(0x7f000000b0c0)=[{&(0x7f000000af80)="8c8b4365d87cc4a6fff970098ce503a5fb2f187ba1496a5139ddffd1fbc8cabfd8888cd59810cf86a3630d192d7988fe6c8b1a120fae0a31f1b19339cc34d05bb9d08675cf552d70bff4ff78dff7547ab190360b1fc8eb1c6efeb945ab057bdbfe6d4bba62cd2f0e8b7dbf7ec75e83314db1a175be19d6699212816336cb59e88b9b437e2291c213350be4625a4de33d128e4755f0f870827b84b4c4875cd1d3680ec3e8cfd4a0d47351e4dbcc41ea2ff50585f77b", 0xb5}, {&(0x7f000000b040)="5a9124b0c93938f28ade2dfcd3e6e18a02c2b63a86c78ce601bddc6eff3fcfa96d50f445d3cf10f43b89cac7aec91bd75574bdc68ca4a2ef4fb3fea96b65cd9d1c6f52491fc37cb79c78878715975052f6c873", 0x53}], 0x2, &(0x7f000000b100)=[{0x90, 0x11f, 0x7, "06762bec1db862b9c15e1661e4f8a10303d7e8cea74b4d620ad9893d618ed724f9239616d0d26e0467aeb41e270c727ff79f7bc13e7be7174f0fd42293eddd1f32c6f37772ad05aca52807519c0f434265934bc7720450fa48254ae4f884bc6cc2f07dca4b1dfcb027f11957bf878bdb4213b530ece13d420f"}, {0x98, 0x0, 0x5fb, "6323e2c0c4ec111abb4565be1bd9cbdf1cf2713745dcdfd1005f6f15f085b09659afd8805baae3cc8990487c7d4d1c1c6046c6dd41af0fb1aa1a4d412b0ae9375b373efcabeabc5685452dbeffda665328e7b82b779e559e74692105514ce0531cb45a4cf9120f967b0c887042f48d804f7965c32c8a840ee29408770d3e2b7ac9b3579af880b124"}, {0x38, 0x6, 0xfffffffffffffff9, "b663cf047d7a4c993a4949091bc4d97514eee5347cfdd9dc88ee0cf8cdd724f456a62df750d7"}, {0xf0, 0x29, 0x10000, "88599bb92538e90c37ae683de1c4e7e2ac7723d01b5ce8cccf3a2b5c96f9a7b4086153c46df7f04787d5ff2bd57c0eae4360bd4d281b405b61b8e20a5d5ca032418738078e359629d6dbc0ed3ca5d2219c066ff18df6bab3b1797da6fbeea76f30b50d3a63034e11108aaf9e86ffecc259e392753cb4142b8bfb9fdedf309651aa3f9bfcf3efbda994971b025abad6bcf3c033468e29ee54f0a7ceaf07279b389d0744e040ce696fa6fccd8634adadd80a16324a0220593a854429d51883112fa049f3166b10a07177764d0ed4e81aa89c6dc890a65fdf43b7e0fb18766f24e3"}, {0xd0, 0xff, 0x7fff, "e148c75d0da8b1339a51640f03a44920cded6729579203c2e4ca9566fc73e7f5efd6b73f39f8b7908db2ef82629a85f6437da841c3d908c8bd60eba4b709d3a8e45cb28e929fb453451cea6b1debd0fe4480765cf77fe45a9a9b37fadc7921864574f04116a9ccf56b54c8f0ca52329a41517849a3580c01d1381f47fc40f0ab4ce8ef957b9a06bf1f6f11018d55fabc82af13b3733b52fcc88f563e412b8cbf1d72a5aaba7956e18c8e8c49b9e8a4667d9d9780dfd24d01d4"}, {0x70, 0x11f, 0x40, "2bac63dfe4852d34b5f9fed49369d6b8d26045365e49ef714f59a5c1865de19c816084690c261654872a1e16eb8d9e4291474f405e27505a1b45111bd6eb04ea309603f26d3c95c0701d3f2c4022c2a6039125989933b094b3dca0e557ec42a2"}, {0x18, 0x10c, 0xdd06, "7ce4217f02b4361c"}, {0x48, 0x11, 0x100000001, "add2ceac1df84a97c30e9c8d2fcd0af764eac3f5f29b27a3544857c2f4995f9472d4ff060226fd49dccfcf05de778b76580733f681"}], 0x3f0, 0x40800}, 0x1}], 0xa, 0x20000000)
r5 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r5, 0x1)
r6 = dup2(r5, r5)
bind$inet6(r5, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r6, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r6, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:08:55 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r1=>0x0})
sched_rr_get_interval(r0, &(0x7f0000000000))
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r1+30000000}}, &(0x7f0000040000))

2018/05/15 13:08:55 executing program 4:
bpf$MAP_CREATE(0x5245000000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:55 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x7400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:55 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

[  391.618546] binder: 23424:23426 got reply transaction with no transaction stack
[  391.626208] binder: 23424:23426 transaction failed 29201/-71, size 0-0 line 2763
[  391.639837] FAULT_INJECTION: forcing a failure.
[  391.639837] name failslab, interval 1, probability 0, space 0, times 0
[  391.651169] CPU: 1 PID: 23421 Comm: syz-executor7 Not tainted 4.17.0-rc5+ #51
[  391.658451] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  391.667803] Call Trace:
[  391.670391]  dump_stack+0x1b9/0x294
[  391.674020]  ? dump_stack_print_info.cold.2+0x52/0x52
[  391.679224]  should_fail.cold.4+0xa/0x1a
[  391.683274]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  391.688367]  ? kmem_cache_alloc+0x12e/0x760
[  391.692688]  ? mempool_alloc_slab+0x44/0x60
[  391.697011]  ? submit_bh_wbc+0x155/0x7c0
[  391.701077]  ? blk_exit_rl+0x80/0x80
[  391.704778]  ? find_held_lock+0x36/0x1c0
[  391.708831]  ? graph_lock+0x170/0x170
[  391.712627]  ? lock_downgrade+0x8e0/0x8e0
[  391.716774]  ? __lock_is_held+0xb5/0x140
[  391.720838]  __should_failslab+0x124/0x180
[  391.725071]  should_failslab+0x9/0x14
[  391.728866]  kmem_cache_alloc+0x47/0x760
[  391.732916]  ? rcu_note_context_switch+0x710/0x710
[  391.737840]  ? blk_get_request+0x40/0x40
[  391.741896]  ? mempool_free+0x370/0x370
[  391.745864]  mempool_alloc_slab+0x44/0x60
[  391.749998]  mempool_alloc+0x18b/0x490
[  391.753884]  ? remove_element.isra.4+0x1c0/0x1c0
[  391.758630]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  391.764154]  ? __lock_is_held+0xb5/0x140
[  391.768217]  bio_alloc_bioset+0x3a1/0x7f0
[  391.772373]  ? generic_make_request+0x1510/0x1510
[  391.777223]  ? bvec_alloc+0x2d0/0x2d0
[  391.781044]  ? check_same_owner+0x320/0x320
[  391.785357]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  391.790368]  ? guard_bio_eod+0x2b4/0x600
[  391.794435]  submit_bh_wbc+0x155/0x7c0
[  391.798311]  write_dirty_buffer+0xba/0x150
[  391.802532]  jbd2_log_do_checkpoint+0xbe6/0x1340
[  391.807279]  ? __jbd2_journal_remove_checkpoint+0x8c0/0x8c0
[  391.812981]  ? lock_downgrade+0x8e0/0x8e0
[  391.817134]  ? kasan_check_read+0x11/0x20
[  391.821268]  ? do_raw_spin_unlock+0x9e/0x2e0
[  391.825674]  ? kasan_check_write+0x14/0x20
[  391.829905]  ? do_raw_spin_lock+0xc1/0x200
[  391.834125]  jbd2_journal_flush+0x156/0x540
[  391.838448]  ext4_ioctl+0x241e/0x4210
[  391.842248]  ? _parse_integer+0x13b/0x190
[  391.846389]  ? ext4_ioctl_group_add+0x560/0x560
[  391.851047]  ? _parse_integer+0x190/0x190
[  391.855195]  ? graph_lock+0x170/0x170
[  391.858985]  ? lock_release+0xa10/0xa10
[  391.862951]  ? check_same_owner+0x320/0x320
[  391.867268]  ? find_held_lock+0x36/0x1c0
[  391.871323]  ? graph_lock+0x170/0x170
[  391.875120]  ? find_held_lock+0x36/0x1c0
[  391.879182]  ? lock_downgrade+0x8e0/0x8e0
[  391.883319]  ? kasan_check_read+0x11/0x20
[  391.887451]  ? rcu_is_watching+0x85/0x140
[  391.891593]  ? rcu_bh_force_quiescent_state+0x20/0x20
[  391.896781]  ? __fget+0x40c/0x650
[  391.900229]  ? match_held_lock+0x841/0x8b0
[  391.904459]  ? expand_files.part.8+0x9a0/0x9a0
[  391.909040]  ? kasan_check_write+0x14/0x20
[  391.913271]  ? __mutex_unlock_slowpath+0x180/0x8a0
[  391.918199]  ? wait_for_completion+0x870/0x870
[  391.922775]  ? ext4_ioctl_group_add+0x560/0x560
[  391.927446]  do_vfs_ioctl+0x1cf/0x16a0
[  391.931344]  ? ioctl_preallocate+0x2e0/0x2e0
[  391.935736]  ? fget_raw+0x20/0x20
[  391.939188]  ? __sb_end_write+0xac/0xe0
[  391.943161]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  391.948685]  ? fput+0x130/0x1a0
[  391.951953]  ? ksys_write+0x1a6/0x250
[  391.955753]  ? security_file_ioctl+0x94/0xc0
[  391.960149]  ksys_ioctl+0xa9/0xd0
[  391.963603]  __x64_sys_ioctl+0x73/0xb0
[  391.967490]  do_syscall_64+0x1b1/0x800
[  391.971370]  ? finish_task_switch+0x1ca/0x840
[  391.975852]  ? syscall_return_slowpath+0x5c0/0x5c0
[  391.980782]  ? syscall_return_slowpath+0x30f/0x5c0
[  391.985721]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  391.991083]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  391.995927]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  392.001103] RIP: 0033:0x455a09
[  392.004276] RSP: 002b:00007f5427f69c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  392.011977] RAX: ffffffffffffffda RBX: 00007f5427f6a6d4 RCX: 0000000000455a09
2018/05/15 13:08:55 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400000012000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

[  392.019235] RDX: 0000000020000080 RSI: 0000000040086607 RDI: 0000000000000013
[  392.026491] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  392.033748] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014
[  392.041012] R13: 00000000000001e0 R14: 00000000006f6da0 R15: 000000000000000f
2018/05/15 13:08:55 executing program 4:
bpf$MAP_CREATE(0x86cf000000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:55 executing program 0:
r0 = syz_open_procfs(0x0, &(0x7f0000000140)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a")
ioctl$DRM_IOCTL_RES_CTX(r0, 0x40086610, &(0x7f0000000080)={0x0, &(0x7f0000000540)})

[  392.090724] binder: 23434:23436 got reply transaction with no transaction stack
[  392.098335] binder: 23434:23436 transaction failed 29201/-71, size 0-0 line 2763
2018/05/15 13:08:55 executing program 7 (fault-call:1 fault-nth:16):
r0 = syz_open_procfs(0x0, &(0x7f0000000140)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a")
ioctl$DRM_IOCTL_RES_CTX(r0, 0x40086607, &(0x7f0000000080)={0x0, &(0x7f0000000540)})

2018/05/15 13:08:55 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400001100000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:55 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:55 executing program 4:
bpf$MAP_CREATE(0x8801000000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

[  392.193980] FAULT_INJECTION: forcing a failure.
[  392.193980] name failslab, interval 1, probability 0, space 0, times 0
[  392.205353] CPU: 1 PID: 23444 Comm: syz-executor7 Not tainted 4.17.0-rc5+ #51
[  392.212632] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  392.221980] Call Trace:
[  392.224581]  dump_stack+0x1b9/0x294
[  392.228229]  ? dump_stack_print_info.cold.2+0x52/0x52
[  392.233427]  should_fail.cold.4+0xa/0x1a
[  392.237483]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  392.242587]  ? kmem_cache_alloc+0x12e/0x760
[  392.246898]  ? mempool_alloc_slab+0x44/0x60
[  392.251220]  ? submit_bh_wbc+0x155/0x7c0
[  392.255285]  ? blk_exit_rl+0x80/0x80
[  392.259010]  ? find_held_lock+0x36/0x1c0
[  392.263085]  ? graph_lock+0x170/0x170
[  392.266881]  ? lock_downgrade+0x8e0/0x8e0
[  392.271031]  ? __lock_is_held+0xb5/0x140
[  392.275104]  __should_failslab+0x124/0x180
[  392.279339]  should_failslab+0x9/0x14
[  392.283127]  kmem_cache_alloc+0x47/0x760
[  392.287203]  ? rcu_note_context_switch+0x710/0x710
[  392.292132]  ? blk_get_request+0x40/0x40
[  392.296201]  ? mempool_free+0x370/0x370
[  392.300178]  mempool_alloc_slab+0x44/0x60
[  392.304317]  mempool_alloc+0x18b/0x490
[  392.308204]  ? remove_element.isra.4+0x1c0/0x1c0
[  392.312964]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  392.318491]  ? __lock_is_held+0xb5/0x140
[  392.322546]  bio_alloc_bioset+0x3a1/0x7f0
[  392.326686]  ? generic_make_request+0x1510/0x1510
[  392.331516]  ? bvec_alloc+0x2d0/0x2d0
[  392.335321]  ? check_same_owner+0x320/0x320
[  392.339642]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  392.344662]  ? guard_bio_eod+0x2b4/0x600
[  392.348725]  submit_bh_wbc+0x155/0x7c0
[  392.352612]  write_dirty_buffer+0xba/0x150
[  392.356846]  jbd2_log_do_checkpoint+0xbe6/0x1340
[  392.361593]  ? __jbd2_journal_remove_checkpoint+0x8c0/0x8c0
[  392.367295]  ? lock_downgrade+0x8e0/0x8e0
[  392.371444]  ? kasan_check_read+0x11/0x20
[  392.375578]  ? do_raw_spin_unlock+0x9e/0x2e0
[  392.379985]  ? kasan_check_write+0x14/0x20
[  392.384221]  ? do_raw_spin_lock+0xc1/0x200
[  392.388456]  jbd2_journal_flush+0x156/0x540
[  392.392766]  ext4_ioctl+0x241e/0x4210
[  392.396561]  ? _parse_integer+0x13b/0x190
[  392.400697]  ? ext4_ioctl_group_add+0x560/0x560
[  392.405356]  ? _parse_integer+0x190/0x190
[  392.409507]  ? graph_lock+0x170/0x170
[  392.413293]  ? lock_release+0xa10/0xa10
[  392.417284]  ? check_same_owner+0x320/0x320
[  392.421604]  ? find_held_lock+0x36/0x1c0
[  392.425650]  ? graph_lock+0x170/0x170
[  392.429453]  ? find_held_lock+0x36/0x1c0
[  392.433516]  ? lock_downgrade+0x8e0/0x8e0
[  392.437656]  ? kasan_check_read+0x11/0x20
[  392.441791]  ? rcu_is_watching+0x85/0x140
[  392.445923]  ? rcu_bh_force_quiescent_state+0x20/0x20
[  392.451106]  ? __fget+0x40c/0x650
[  392.454570]  ? match_held_lock+0x841/0x8b0
[  392.458799]  ? expand_files.part.8+0x9a0/0x9a0
[  392.463374]  ? kasan_check_write+0x14/0x20
[  392.467600]  ? __mutex_unlock_slowpath+0x180/0x8a0
[  392.472527]  ? wait_for_completion+0x870/0x870
[  392.477102]  ? ext4_ioctl_group_add+0x560/0x560
[  392.481781]  do_vfs_ioctl+0x1cf/0x16a0
[  392.485684]  ? ioctl_preallocate+0x2e0/0x2e0
[  392.490080]  ? fget_raw+0x20/0x20
[  392.493533]  ? __sb_end_write+0xac/0xe0
[  392.497503]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  392.503035]  ? fput+0x130/0x1a0
[  392.506309]  ? ksys_write+0x1a6/0x250
[  392.510117]  ? security_file_ioctl+0x94/0xc0
[  392.514538]  ksys_ioctl+0xa9/0xd0
[  392.517989]  __x64_sys_ioctl+0x73/0xb0
[  392.521874]  do_syscall_64+0x1b1/0x800
[  392.525762]  ? finish_task_switch+0x1ca/0x840
[  392.530264]  ? syscall_return_slowpath+0x5c0/0x5c0
[  392.535195]  ? syscall_return_slowpath+0x30f/0x5c0
[  392.540133]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  392.545505]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  392.550334]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  392.555523] RIP: 0033:0x455a09
[  392.558713] RSP: 002b:00007f5427f69c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  392.566410] RAX: ffffffffffffffda RBX: 00007f5427f6a6d4 RCX: 0000000000455a09
[  392.573669] RDX: 0000000020000080 RSI: 0000000040086607 RDI: 0000000000000013
[  392.580924] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  392.588178] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014
[  392.595432] R13: 00000000000001e0 R14: 00000000006f6da0 R15: 0000000000000010
[  392.607608] EXT4-fs warning (device sda1): ext4_resize_fs:1914: can't read last block, resize aborted
2018/05/15 13:08:56 executing program 7 (fault-call:1 fault-nth:17):
r0 = syz_open_procfs(0x0, &(0x7f0000000140)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a")
ioctl$DRM_IOCTL_RES_CTX(r0, 0x40086607, &(0x7f0000000080)={0x0, &(0x7f0000000540)})

[  392.661056] binder: 23454:23456 got reply transaction with no transaction stack
[  392.668676] binder: 23454:23456 transaction failed 29201/-71, size 0-0 line 2763
[  392.739689] FAULT_INJECTION: forcing a failure.
[  392.739689] name failslab, interval 1, probability 0, space 0, times 0
[  392.751202] CPU: 1 PID: 23461 Comm: syz-executor7 Not tainted 4.17.0-rc5+ #51
[  392.758495] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  392.767857] Call Trace:
[  392.770459]  dump_stack+0x1b9/0x294
[  392.774106]  ? dump_stack_print_info.cold.2+0x52/0x52
[  392.779319]  should_fail.cold.4+0xa/0x1a
[  392.783394]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  392.788496]  ? kmem_cache_alloc+0x12e/0x760
[  392.792820]  ? mempool_alloc_slab+0x44/0x60
[  392.797155]  ? submit_bh_wbc+0x155/0x7c0
[  392.801230]  ? blk_exit_rl+0x80/0x80
[  392.804962]  ? find_held_lock+0x36/0x1c0
[  392.809040]  ? graph_lock+0x170/0x170
[  392.812859]  ? lock_downgrade+0x8e0/0x8e0
[  392.817029]  ? __lock_is_held+0xb5/0x140
[  392.821116]  __should_failslab+0x124/0x180
[  392.825365]  should_failslab+0x9/0x14
[  392.829173]  kmem_cache_alloc+0x47/0x760
[  392.833246]  ? rcu_note_context_switch+0x710/0x710
[  392.838182]  ? blk_get_request+0x40/0x40
[  392.842253]  ? mempool_free+0x370/0x370
[  392.846260]  mempool_alloc_slab+0x44/0x60
[  392.850417]  mempool_alloc+0x18b/0x490
[  392.854316]  ? remove_element.isra.4+0x1c0/0x1c0
[  392.859087]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  392.864627]  ? __lock_is_held+0xb5/0x140
[  392.868694]  bio_alloc_bioset+0x3a1/0x7f0
[  392.872828]  ? generic_make_request+0x1510/0x1510
[  392.877657]  ? bvec_alloc+0x2d0/0x2d0
[  392.881455]  ? check_same_owner+0x320/0x320
[  392.885765]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  392.890782]  ? guard_bio_eod+0x2b4/0x600
[  392.894831]  submit_bh_wbc+0x155/0x7c0
[  392.898705]  write_dirty_buffer+0xba/0x150
[  392.902927]  jbd2_log_do_checkpoint+0xbe6/0x1340
[  392.907672]  ? __jbd2_journal_remove_checkpoint+0x8c0/0x8c0
[  392.913373]  ? lock_downgrade+0x8e0/0x8e0
[  392.917525]  ? kasan_check_read+0x11/0x20
[  392.921656]  ? do_raw_spin_unlock+0x9e/0x2e0
[  392.926052]  ? kasan_check_write+0x14/0x20
[  392.930270]  ? do_raw_spin_lock+0xc1/0x200
[  392.934493]  jbd2_journal_flush+0x156/0x540
[  392.938808]  ext4_ioctl+0x241e/0x4210
[  392.942600]  ? _parse_integer+0x13b/0x190
[  392.946745]  ? ext4_ioctl_group_add+0x560/0x560
[  392.951407]  ? _parse_integer+0x190/0x190
[  392.955547]  ? graph_lock+0x170/0x170
[  392.959330]  ? lock_release+0xa10/0xa10
[  392.963290]  ? check_same_owner+0x320/0x320
[  392.967613]  ? find_held_lock+0x36/0x1c0
[  392.971677]  ? graph_lock+0x170/0x170
[  392.975472]  ? find_held_lock+0x36/0x1c0
[  392.979537]  ? lock_downgrade+0x8e0/0x8e0
[  392.983676]  ? kasan_check_read+0x11/0x20
[  392.987808]  ? rcu_is_watching+0x85/0x140
[  392.991942]  ? rcu_bh_force_quiescent_state+0x20/0x20
[  392.997119]  ? __fget+0x40c/0x650
[  393.000555]  ? match_held_lock+0x841/0x8b0
[  393.004776]  ? expand_files.part.8+0x9a0/0x9a0
[  393.009347]  ? kasan_check_write+0x14/0x20
[  393.013569]  ? __mutex_unlock_slowpath+0x180/0x8a0
[  393.018492]  ? wait_for_completion+0x870/0x870
[  393.023061]  ? ext4_ioctl_group_add+0x560/0x560
[  393.027718]  do_vfs_ioctl+0x1cf/0x16a0
[  393.031592]  ? ioctl_preallocate+0x2e0/0x2e0
[  393.035987]  ? fget_raw+0x20/0x20
[  393.039428]  ? __sb_end_write+0xac/0xe0
[  393.043400]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  393.048928]  ? fput+0x130/0x1a0
[  393.052191]  ? ksys_write+0x1a6/0x250
[  393.055976]  ? security_file_ioctl+0x94/0xc0
[  393.060370]  ksys_ioctl+0xa9/0xd0
[  393.063811]  __x64_sys_ioctl+0x73/0xb0
[  393.067694]  do_syscall_64+0x1b1/0x800
[  393.071566]  ? finish_task_switch+0x1ca/0x840
[  393.076051]  ? syscall_return_slowpath+0x5c0/0x5c0
[  393.080966]  ? syscall_return_slowpath+0x30f/0x5c0
[  393.085895]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  393.091243]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  393.096247]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  393.101426] RIP: 0033:0x455a09
[  393.104596] RSP: 002b:00007f5427f69c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  393.112293] RAX: ffffffffffffffda RBX: 00007f5427f6a6d4 RCX: 0000000000455a09
[  393.119545] RDX: 0000000020000080 RSI: 0000000040086607 RDI: 0000000000000013
[  393.126797] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  393.134059] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014
2018/05/15 13:08:56 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400000000001500000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:56 executing program 0:
r0 = syz_open_procfs(0x0, &(0x7f0000000140)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a")
ioctl$DRM_IOCTL_RES_CTX(r0, 0x6609, &(0x7f0000000080)={0x0, &(0x7f0000000540)})

2018/05/15 13:08:56 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r1=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r1+30000000}}, &(0x7f0000040000))
tkill(r0, 0x2f)

2018/05/15 13:08:56 executing program 4:
bpf$MAP_CREATE(0x2802000000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:56 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0xa00000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:56 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
openat$rtc(0xffffffffffffff9c, &(0x7f0000000080)='/dev/rtc0\x00', 0x100, 0x0)
r1 = dup2(r0, r0)
bind$inet6(r1, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
setsockopt$inet_MCAST_JOIN_GROUP(r1, 0x0, 0x2a, &(0x7f0000000140)={0x3, {{0x2, 0x4e24, @rand_addr=0x3}}}, 0x88)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e1f, 0x0, @loopback={0x0, 0x1}, 0x9}, 0x1c)
ioctl$LOOP_CLR_FD(r1, 0x4c01)
getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f00000000c0)={<r2=>0x0, 0x6}, &(0x7f0000000100)=0x8)
getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000200)={r2, 0x200}, &(0x7f0000000240)=0x8)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040)=0xfffffffffffffffc, 0x4)

2018/05/15 13:08:56 executing program 7 (fault-call:1 fault-nth:18):
r0 = syz_open_procfs(0x0, &(0x7f0000000140)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a")
ioctl$DRM_IOCTL_RES_CTX(r0, 0x40086607, &(0x7f0000000080)={0x0, &(0x7f0000000540)})

2018/05/15 13:08:56 executing program 5:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
vmsplice(r1, &(0x7f0000000280)=[{&(0x7f0000000180)='r', 0x1}], 0x1, 0x0)
r2 = socket(0x9, 0x3, 0x5)
setsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r2, 0x84, 0x13, &(0x7f0000000000)=0x8, 0x4)

[  393.141312] R13: 00000000000001e0 R14: 00000000006f6da0 R15: 0000000000000011
[  393.225549] binder: 23477:23478 got reply transaction with no transaction stack
[  393.233129] binder: 23477:23478 transaction failed 29201/-71, size 0-0 line 2763
2018/05/15 13:08:56 executing program 0:
r0 = syz_open_procfs(0x0, &(0x7f0000000140)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a")
ioctl$DRM_IOCTL_RES_CTX(r0, 0xc0185879, &(0x7f0000000080)={0x0, &(0x7f0000000540)})

[  393.290619] FAULT_INJECTION: forcing a failure.
[  393.290619] name failslab, interval 1, probability 0, space 0, times 0
[  393.301966] CPU: 0 PID: 23485 Comm: syz-executor7 Not tainted 4.17.0-rc5+ #51
[  393.309252] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  393.318619] Call Trace:
[  393.321210]  dump_stack+0x1b9/0x294
[  393.324839]  ? dump_stack_print_info.cold.2+0x52/0x52
[  393.330153]  should_fail.cold.4+0xa/0x1a
[  393.334206]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  393.339298]  ? kmem_cache_alloc+0x12e/0x760
[  393.343610]  ? mempool_alloc_slab+0x44/0x60
[  393.347926]  ? submit_bh_wbc+0x155/0x7c0
[  393.351983]  ? blk_exit_rl+0x80/0x80
[  393.355700]  ? find_held_lock+0x36/0x1c0
[  393.359767]  ? graph_lock+0x170/0x170
[  393.363568]  ? lock_downgrade+0x8e0/0x8e0
[  393.367712]  ? __lock_is_held+0xb5/0x140
[  393.371772]  __should_failslab+0x124/0x180
[  393.376031]  should_failslab+0x9/0x14
[  393.379825]  kmem_cache_alloc+0x47/0x760
[  393.383879]  ? rcu_note_context_switch+0x710/0x710
[  393.388810]  ? blk_get_request+0x40/0x40
[  393.392861]  ? mempool_free+0x370/0x370
[  393.396822]  mempool_alloc_slab+0x44/0x60
[  393.400958]  mempool_alloc+0x18b/0x490
[  393.404838]  ? remove_element.isra.4+0x1c0/0x1c0
[  393.409603]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  393.415128]  ? __lock_is_held+0xb5/0x140
[  393.419190]  bio_alloc_bioset+0x3a1/0x7f0
[  393.423335]  ? generic_make_request+0x1510/0x1510
[  393.428165]  ? bvec_alloc+0x2d0/0x2d0
[  393.431954]  ? check_same_owner+0x320/0x320
[  393.436263]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  393.441275]  ? guard_bio_eod+0x2b4/0x600
[  393.445333]  submit_bh_wbc+0x155/0x7c0
[  393.449210]  write_dirty_buffer+0xba/0x150
[  393.453437]  jbd2_log_do_checkpoint+0xbe6/0x1340
[  393.458193]  ? __jbd2_journal_remove_checkpoint+0x8c0/0x8c0
[  393.463891]  ? lock_downgrade+0x8e0/0x8e0
[  393.468044]  ? kasan_check_read+0x11/0x20
[  393.472185]  ? do_raw_spin_unlock+0x9e/0x2e0
[  393.476603]  ? kasan_check_write+0x14/0x20
[  393.480828]  ? do_raw_spin_lock+0xc1/0x200
[  393.485062]  jbd2_journal_flush+0x156/0x540
[  393.489378]  ext4_ioctl+0x241e/0x4210
[  393.493164]  ? _parse_integer+0x13b/0x190
[  393.497299]  ? ext4_ioctl_group_add+0x560/0x560
[  393.501949]  ? _parse_integer+0x190/0x190
[  393.506078]  ? graph_lock+0x170/0x170
[  393.509862]  ? lock_release+0xa10/0xa10
[  393.513825]  ? check_same_owner+0x320/0x320
[  393.518129]  ? find_held_lock+0x36/0x1c0
[  393.522175]  ? graph_lock+0x170/0x170
[  393.525961]  ? find_held_lock+0x36/0x1c0
[  393.530026]  ? lock_downgrade+0x8e0/0x8e0
[  393.534165]  ? kasan_check_read+0x11/0x20
[  393.538306]  ? rcu_is_watching+0x85/0x140
[  393.542441]  ? rcu_bh_force_quiescent_state+0x20/0x20
[  393.547624]  ? __fget+0x40c/0x650
[  393.551064]  ? match_held_lock+0x841/0x8b0
[  393.555283]  ? expand_files.part.8+0x9a0/0x9a0
[  393.559848]  ? kasan_check_write+0x14/0x20
[  393.564067]  ? __mutex_unlock_slowpath+0x180/0x8a0
[  393.568983]  ? wait_for_completion+0x870/0x870
[  393.573558]  ? ext4_ioctl_group_add+0x560/0x560
[  393.578212]  do_vfs_ioctl+0x1cf/0x16a0
[  393.582090]  ? ioctl_preallocate+0x2e0/0x2e0
[  393.586484]  ? fget_raw+0x20/0x20
[  393.590022]  ? __sb_end_write+0xac/0xe0
[  393.594007]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  393.599552]  ? fput+0x130/0x1a0
[  393.602815]  ? ksys_write+0x1a6/0x250
[  393.606607]  ? security_file_ioctl+0x94/0xc0
[  393.611008]  ksys_ioctl+0xa9/0xd0
[  393.614455]  __x64_sys_ioctl+0x73/0xb0
[  393.618327]  do_syscall_64+0x1b1/0x800
[  393.622210]  ? finish_task_switch+0x1ca/0x840
[  393.626701]  ? syscall_return_slowpath+0x5c0/0x5c0
[  393.631626]  ? syscall_return_slowpath+0x30f/0x5c0
[  393.636556]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  393.641913]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  393.646742]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  393.651919] RIP: 0033:0x455a09
[  393.655098] RSP: 002b:00007f5427f69c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  393.662790] RAX: ffffffffffffffda RBX: 00007f5427f6a6d4 RCX: 0000000000455a09
[  393.670048] RDX: 0000000020000080 RSI: 0000000040086607 RDI: 0000000000000013
[  393.677298] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  393.684551] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014
2018/05/15 13:08:57 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:57 executing program 4:
bpf$MAP_CREATE(0x22908, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:57 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400000000001200000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

[  393.691807] R13: 00000000000001e0 R14: 00000000006f6da0 R15: 0000000000000012
2018/05/15 13:08:57 executing program 1:
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000380)='/dev/ppp\x00', 0x0, 0x0)
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000400)='IPVS\x00')
sendmsg$IPVS_CMD_DEL_SERVICE(r0, &(0x7f0000000580)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000540)={&(0x7f0000000440)={0xd0, r1, 0x8, 0x70bd2b, 0x25dfdbff, {0x3}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x4}, @IPVS_CMD_ATTR_SERVICE={0x54, 0x1, [@IPVS_SVC_ATTR_PROTOCOL={0x8, 0x2, 0x3b}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0xe, 0x1}}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x2, 0x4}}, @IPVS_SVC_ATTR_SCHED_NAME={0xc, 0x6, 'lblc\x00'}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x1}, @IPVS_SVC_ATTR_AF={0x8, 0x1, 0xa}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x0, 0x12}}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x1}, @IPVS_CMD_ATTR_DAEMON={0x58, 0x3, [@IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e24}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @rand_addr=0x3}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'vlan0\x00'}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e24}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e22}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @multicast2=0xe0000002}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x1000}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x1}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x3}]}]}, 0xd0}, 0x1, 0x0, 0x0, 0x91}, 0x800)
r2 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r2, 0x1)
r3 = dup2(r2, r2)
bind$inet6(r2, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r3, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r3, 0x1, 0x7, &(0x7f0000000040), 0x4)
getsockopt$inet_IP_IPSEC_POLICY(r3, 0x0, 0x10, &(0x7f0000000140)={{{@in6=@dev, @in6=@ipv4={[], [], @multicast2}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0}}, {{@in=@multicast2}}}, &(0x7f0000000080)=0xe8)
sendmsg$nl_route_sched(r3, &(0x7f0000000340)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000008}, 0xc, &(0x7f00000000c0)={&(0x7f0000000240)=@deltclass={0xec, 0x29, 0x201, 0x70bd29, 0x25dfdbfc, {0x0, r4, {0xf, 0x10}, {0xfffd, 0xfff3}, {0xfffb, 0x2}}, [@tclass_kind_options=@c_atm={{0x8, 0x1, 'atm\x00'}, {0xc, 0x2, @TCA_ATM_EXCESS={0x8, 0x4, {0xfffb, 0xfff1}}}}, @tclass_kind_options=@c_cbq={{0x8, 0x1, 'cbq\x00'}, {0x14, 0x2, @TCA_CBQ_RATE={0x10, 0x5, {0x6, 0x2, 0x401, 0x5, 0x7611, 0x4}}}}, @tclass_kind_options=@c_cbq={{0x8, 0x1, 'cbq\x00'}, {0x1c, 0x2, @TCA_CBQ_LSSOPT={0x18, 0x1, {0x1e, 0x0, 0x5, 0x9, 0xf5c, 0xd9, 0x1a3, 0x9}}}}, @TCA_RATE={0x8, 0x5, {0xfffffffffffffff7, 0x1}}, @tclass_kind_options=@c_cbq={{0x8, 0x1, 'cbq\x00'}, {0x14, 0x2, @TCA_CBQ_WRROPT={0x10, 0x2, {0x0, 0x3, 0x9, 0x3, 0xca8c, 0x5}}}}, @TCA_RATE={0x8, 0x5, {0x6, 0x4}}, @TCA_RATE={0x8, 0x5, {0x6, 0x9}}, @tclass_kind_options=@c_atm={{0x8, 0x1, 'atm\x00'}, {0x38, 0x2, @TCA_ATM_HDR={0x34, 0x3, "337a67150f08f2993a22542d8bcd0e6765e419741c09fde3a56a0897667c0a8a8dc50c6cd8d64bab5a9217fd0783"}}}]}, 0xec}, 0x1, 0x0, 0x0, 0x94}, 0x1)

2018/05/15 13:08:57 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400000003000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

[  393.741203] binder: 23491:23493 got reply transaction with no transaction stack
[  393.748853] binder: 23491:23493 transaction failed 29201/-71, size 0-0 line 2763
2018/05/15 13:08:57 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x4c00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:57 executing program 0:
r0 = syz_open_procfs(0x0, &(0x7f0000000140)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a")
ioctl$DRM_IOCTL_RES_CTX(r0, 0xc0c0583b, &(0x7f0000000080)={0x0, &(0x7f0000000540)})

2018/05/15 13:08:57 executing program 4:
bpf$MAP_CREATE(0x2a03000000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:57 executing program 7 (fault-call:1 fault-nth:19):
r0 = syz_open_procfs(0x0, &(0x7f0000000140)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a")
ioctl$DRM_IOCTL_RES_CTX(r0, 0x40086607, &(0x7f0000000080)={0x0, &(0x7f0000000540)})

[  393.866980] binder: 23504:23506 got reply transaction with no transaction stack
[  393.874606] binder: 23504:23506 transaction failed 29201/-71, size 0-0 line 2763
[  393.905277] FAULT_INJECTION: forcing a failure.
[  393.905277] name failslab, interval 1, probability 0, space 0, times 0
[  393.916629] CPU: 0 PID: 23513 Comm: syz-executor7 Not tainted 4.17.0-rc5+ #51
[  393.923910] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  393.933263] Call Trace:
[  393.935861]  dump_stack+0x1b9/0x294
[  393.939510]  ? dump_stack_print_info.cold.2+0x52/0x52
[  393.944719]  should_fail.cold.4+0xa/0x1a
[  393.948794]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  393.953909]  ? kmem_cache_alloc+0x12e/0x760
[  393.958228]  ? mempool_alloc_slab+0x44/0x60
[  393.962539]  ? submit_bh_wbc+0x155/0x7c0
[  393.966588]  ? blk_exit_rl+0x80/0x80
[  393.970296]  ? find_held_lock+0x36/0x1c0
[  393.974343]  ? graph_lock+0x170/0x170
[  393.978130]  ? lock_downgrade+0x8e0/0x8e0
[  393.982283]  ? __lock_is_held+0xb5/0x140
[  393.986344]  __should_failslab+0x124/0x180
[  393.990570]  should_failslab+0x9/0x14
[  393.994356]  kmem_cache_alloc+0x47/0x760
[  393.998421]  ? rcu_note_context_switch+0x710/0x710
[  394.003373]  ? blk_get_request+0x40/0x40
[  394.007433]  ? mempool_free+0x370/0x370
[  394.011408]  mempool_alloc_slab+0x44/0x60
2018/05/15 13:08:57 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
r0 = openat$null(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/null\x00', 0x1, 0x0)
ioctl$EVIOCSABS20(r0, 0x401845e0, &(0x7f0000001b00)={0x8000, 0x1, 0x46fd, 0x5, 0x3031})
r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000)='/dev/uinput\x00', 0x400000, 0x0)
r2 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x8001, 0x200000)
recvmsg$kcm(r2, &(0x7f0000002080)={&(0x7f0000001b40)=@nfc, 0x80, &(0x7f0000001f80)=[{&(0x7f0000001bc0)=""/193, 0xc1}, {&(0x7f0000001cc0)=""/86, 0x56}, {&(0x7f0000001d40)=""/203, 0xcb}, {&(0x7f0000001e40)=""/26, 0x1a}, {&(0x7f0000001e80)=""/65, 0x41}, {&(0x7f0000001f00)=""/75, 0x4b}], 0x6, &(0x7f0000002000)=""/88, 0x58, 0x6}, 0x40010000)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000180)={0xf004, &(0x7f0000000100), 0x2, r2, 0x3})
write$eventfd(r1, &(0x7f00000020c0)=0x8, 0x8)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r3 = gettid()
recvmmsg(r2, &(0x7f0000000a80)=[{{&(0x7f0000000500)=@pppol2tpin6, 0x80, &(0x7f0000000980)=[{&(0x7f0000000580)=""/202, 0xca}, {&(0x7f0000000680)=""/191, 0xbf}, {&(0x7f0000000740)=""/2, 0x2}, {&(0x7f0000000780)=""/183, 0xb7}, {&(0x7f0000000840)=""/115, 0x73}, {&(0x7f00000008c0)=""/71, 0x47}, {&(0x7f0000000940)=""/23, 0x17}], 0x7, &(0x7f0000000a00)=""/118, 0x76, 0x1f}, 0x7}], 0x1, 0x2002, &(0x7f0000000ac0))
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
pwrite64(r0, &(0x7f0000000400)="aec9f58ff4ec5b6277c3fcfd6978b283ca775862f27e811b6f908e128d5110f27a71535f46d88e671016a561904b7813374d5247c9ceafa82d23b03eec9855a60ec8716e50bf123e60434996e281ca0ea8ac730336ed097e67fa8dce7724a1bd3a4ba1bea535f9b6034618163f438963efe03bd75f9a0e24a64c854ab70423616aff3367ff0a7ed283111765faec5eeea7a54bc4f6e9753e5e4523907f2425d4cd6f39ca7bea77fce0a042d710a3c92a2c9460190e5dab2f56e69cb6c97c0abdf665e6b1d279a958a8c5a5062c69fc07000c9035df3ad031674ddc953f95f89167bcfacdf23933b87cdc94edf2e523d912ba", 0xf2, 0x0)
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r4=>0x0})
nanosleep(&(0x7f00000001c0), &(0x7f0000000200))
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r4+30000000}}, &(0x7f0000040000))
tkill(r3, 0x1000000000016)
ioctl$KVM_IRQFD(r2, 0x4020ae76, &(0x7f0000000380)={r1, 0xfffffffffffffff7, 0xd4, r1})
setsockopt$kcm_KCM_RECV_DISABLE(r2, 0x119, 0x1, &(0x7f0000000240)=0x5, 0x4)
ioctl$GIO_SCRNMAP(r1, 0x4b40, &(0x7f0000000b00)=""/4096)
getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r2, 0x84, 0x75, &(0x7f0000000280)={<r5=>0x0}, &(0x7f00000002c0)=0x8)
getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f0000000300)={0x9, 0x2, 0xffffffffffffff29, 0x2, r5}, &(0x7f0000000340)=0x10)

2018/05/15 13:08:57 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x4c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:57 executing program 4:
bpf$MAP_CREATE(0x801000000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:57 executing program 0:
r0 = syz_open_procfs(0x0, &(0x7f0000000140)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a")
ioctl$DRM_IOCTL_RES_CTX(r0, 0x6611, &(0x7f0000000080)={0x0, &(0x7f0000000540)})

[  394.015565]  mempool_alloc+0x18b/0x490
[  394.019448]  ? remove_element.isra.4+0x1c0/0x1c0
[  394.024211]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  394.029759]  ? __lock_is_held+0xb5/0x140
[  394.033832]  bio_alloc_bioset+0x3a1/0x7f0
[  394.037993]  ? generic_make_request+0x1510/0x1510
[  394.042848]  ? bvec_alloc+0x2d0/0x2d0
[  394.046664]  ? check_same_owner+0x320/0x320
[  394.050989]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  394.056016]  ? guard_bio_eod+0x2b4/0x600
[  394.060093]  submit_bh_wbc+0x155/0x7c0
[  394.063997]  write_dirty_buffer+0xba/0x150
[  394.068242]  jbd2_log_do_checkpoint+0xbe6/0x1340
[  394.073016]  ? __jbd2_journal_remove_checkpoint+0x8c0/0x8c0
[  394.078741]  ? lock_downgrade+0x8e0/0x8e0
[  394.082907]  ? kasan_check_read+0x11/0x20
[  394.087057]  ? do_raw_spin_unlock+0x9e/0x2e0
[  394.091453]  ? kasan_check_write+0x14/0x20
[  394.095670]  ? do_raw_spin_lock+0xc1/0x200
[  394.099891]  jbd2_journal_flush+0x156/0x540
[  394.104212]  ext4_ioctl+0x241e/0x4210
[  394.108001]  ? _parse_integer+0x13b/0x190
[  394.112144]  ? ext4_ioctl_group_add+0x560/0x560
[  394.116796]  ? _parse_integer+0x190/0x190
[  394.120926]  ? graph_lock+0x170/0x170
[  394.124729]  ? lock_release+0xa10/0xa10
[  394.128696]  ? check_same_owner+0x320/0x320
[  394.133000]  ? find_held_lock+0x36/0x1c0
[  394.137056]  ? graph_lock+0x170/0x170
[  394.140841]  ? find_held_lock+0x36/0x1c0
[  394.144888]  ? lock_downgrade+0x8e0/0x8e0
[  394.149031]  ? kasan_check_read+0x11/0x20
[  394.153163]  ? rcu_is_watching+0x85/0x140
[  394.157302]  ? rcu_bh_force_quiescent_state+0x20/0x20
[  394.162498]  ? __fget+0x40c/0x650
[  394.165946]  ? match_held_lock+0x841/0x8b0
[  394.170166]  ? expand_files.part.8+0x9a0/0x9a0
[  394.174745]  ? kasan_check_write+0x14/0x20
[  394.178971]  ? __mutex_unlock_slowpath+0x180/0x8a0
[  394.183887]  ? wait_for_completion+0x870/0x870
[  394.188454]  ? ext4_ioctl_group_add+0x560/0x560
[  394.193117]  do_vfs_ioctl+0x1cf/0x16a0
[  394.196991]  ? ioctl_preallocate+0x2e0/0x2e0
[  394.201395]  ? fget_raw+0x20/0x20
[  394.204846]  ? __sb_end_write+0xac/0xe0
[  394.208811]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  394.214332]  ? fput+0x130/0x1a0
[  394.217602]  ? ksys_write+0x1a6/0x250
[  394.221389]  ? security_file_ioctl+0x94/0xc0
[  394.225783]  ksys_ioctl+0xa9/0xd0
[  394.229223]  __x64_sys_ioctl+0x73/0xb0
[  394.233096]  do_syscall_64+0x1b1/0x800
[  394.236968]  ? finish_task_switch+0x1ca/0x840
[  394.241456]  ? syscall_return_slowpath+0x5c0/0x5c0
[  394.246384]  ? syscall_return_slowpath+0x30f/0x5c0
[  394.251305]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  394.256669]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  394.261500]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
2018/05/15 13:08:57 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400000015000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

[  394.266670] RIP: 0033:0x455a09
[  394.269841] RSP: 002b:00007f5427f69c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  394.277545] RAX: ffffffffffffffda RBX: 00007f5427f6a6d4 RCX: 0000000000455a09
[  394.284808] RDX: 0000000020000080 RSI: 0000000040086607 RDI: 0000000000000013
[  394.292072] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  394.299333] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014
[  394.306600] R13: 00000000000001e0 R14: 00000000006f6da0 R15: 0000000000000013
[  394.370156] binder: 23525:23527 got reply transaction with no transaction stack
[  394.377759] binder: 23525:23527 transaction failed 29201/-71, size 0-0 line 2763
2018/05/15 13:08:58 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0xfffffffffffffe26)
connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(0xffffffffffffffff, 0x84, 0x70, &(0x7f0000000140)={<r1=>0x0, @in6={{0xa, 0x4e22, 0x2, @dev={0xfe, 0x80, [], 0x16}, 0xfffffffffffffffd}}, [0x1, 0x5, 0x108001, 0x6, 0xb59b, 0x7fffffff, 0x400, 0x84fd, 0x4, 0x4, 0x9, 0x7, 0x0, 0xffffffffffffff7d, 0xa0c808a]}, &(0x7f0000000540)=0x100)
r2 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/qat_adf_ctl\x00', 0x52002, 0x0)
accept$netrom(r2, &(0x7f0000000a00)=@full, &(0x7f0000000a80)=0x48)
setsockopt$inet_sctp_SCTP_MAXSEG(0xffffffffffffffff, 0x84, 0xd, &(0x7f0000000080)=@assoc_id=r1, 0x4)
socketpair$inet_udp(0x2, 0x2, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff})
setsockopt$inet_MCAST_MSFILTER(r3, 0x0, 0x30, &(0x7f0000000580)={0x9, {{0x2, 0x4e24, @remote={0xac, 0x14, 0x14, 0xbb}}}, 0x0, 0x7, [{{0x2, 0x4e24, @rand_addr=0x3}}, {{0x2, 0x4e21, @local={0xac, 0x14, 0x14, 0xaa}}}, {{0x2, 0x4e23, @remote={0xac, 0x14, 0x14, 0xbb}}}, {{0x2, 0x4e23, @broadcast=0xffffffff}}, {{0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}}, {{0x2, 0x4e24, @multicast2=0xe0000002}}, {{0x2, 0x4e21, @rand_addr=0xffff}}]}, 0x410)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x7, &(0x7f0000000040), 0x4)
execveat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000380)=[&(0x7f0000000240)='!selinux]#\x00', &(0x7f0000000280)="5d1d2b6d696d655f7479706500", &(0x7f00000002c0)='))-vmnet1\x00', &(0x7f0000000300)='+\x00', &(0x7f0000000340)='Ycpuset[\x00'], &(0x7f0000000500)=[&(0x7f00000003c0)='em1/nodev)\x00', &(0x7f0000000400)='\x00', &(0x7f0000000440)='^\'self\x00', &(0x7f0000000480)='!\x00', &(0x7f00000004c0)='lo-/\x00'], 0x1400)

2018/05/15 13:08:58 executing program 0:
r0 = syz_open_procfs(0x0, &(0x7f0000000140)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a")
ioctl$DRM_IOCTL_RES_CTX(r0, 0x40106614, &(0x7f0000000080)={0x0, &(0x7f0000000540)})

2018/05/15 13:08:58 executing program 7 (fault-call:1 fault-nth:20):
r0 = syz_open_procfs(0x0, &(0x7f0000000140)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a")
ioctl$DRM_IOCTL_RES_CTX(r0, 0x40086607, &(0x7f0000000080)={0x0, &(0x7f0000000540)})

2018/05/15 13:08:58 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400000500000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:58 executing program 4:
bpf$MAP_CREATE(0x3b0, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:08:58 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x74, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:08:58 executing program 5:
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
clock_adjtime(0x2, &(0x7f00000002c0)={0x1, 0x7ff, 0xfff, 0x37, 0x4, 0x6, 0x0, 0xffffffff, 0x80, 0x1, 0x0, 0x5, 0xbe, 0xca, 0x1, 0x9, 0x10000, 0x7f, 0x2, 0xcb8d, 0x0, 0x5, 0x6e8d, 0x7, 0x8, 0x1})
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
fcntl$setpipe(r1, 0x407, 0x9476fdb)
getsockopt$inet6_opts(r0, 0x29, 0x3f, &(0x7f0000000000)=""/56, &(0x7f0000000040)=0x38)
r2 = socket$inet6_sctp(0xa, 0x0, 0x84)
vmsplice(r1, &(0x7f0000000280)=[{&(0x7f0000000180)='r', 0x1}], 0x1, 0x0)
ioctl(r2, 0x20000000007, &(0x7f00000000c0)="25a469d2289a18df5c3cc9228320bd27d765ef0426c9589a9afd88dc25d281287f12eb3d0eb035b0a65a7660f57947435626aa33761997ad69d35dd2b633d29f4cb1639b22085b2c9a0f13")

2018/05/15 13:08:58 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r1=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r1+30000000}}, &(0x7f0000040000))
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x8000, 0x0)
r3 = syz_genetlink_get_family_id$team(&(0x7f0000000140)='team\x00')
getsockname$packet(0xffffffffffffff9c, &(0x7f0000000240)={0x0, 0x0, <r4=>0x0}, &(0x7f0000000280)=0x14)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000300)={{{@in=@rand_addr, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0}}, {{@in=@rand_addr}, 0x0, @in=@dev}}, &(0x7f0000000400)=0xe8)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f000000a140)={{{@in6=@loopback, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r6=>0x0}}, {{}, 0x0, @in6=@mcast2}}, &(0x7f000000a240)=0xe8)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffff9c, 0x8933, &(0x7f000000a340)={'ip6gre0\x00', <r7=>0x0})
accept4$packet(0xffffffffffffff9c, &(0x7f000000a380)={0x0, 0x0, <r8=>0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f000000a3c0)=0x14, 0x80800)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f000000a400)={{{@in=@broadcast, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0}}, {{@in=@multicast1}, 0x0, @in=@rand_addr}}, &(0x7f000000a500)=0xe8)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f000000a540)={{{@in6=@mcast1, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r10=>0x0}}, {{@in=@multicast2}, 0x0, @in6=@dev}}, &(0x7f000000a640)=0xe8)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffff9c, 0x8933, &(0x7f000000a680)={'gretap0\x00', <r11=>0x0})
accept4$packet(0xffffffffffffff9c, &(0x7f000000a6c0)={0x0, 0x0, <r12=>0x0, 0x0, 0x0, 0x0, @local}, &(0x7f000000a700)=0x14, 0xe8de5b00b1943373)
getsockopt$inet6_mreq(0xffffffffffffff9c, 0x29, 0x0, &(0x7f000000a800)={@ipv4={[], [], @local}, <r13=>0x0}, &(0x7f000000a840)=0x14)
getpeername$packet(0xffffffffffffff9c, &(0x7f000000a880)={0x0, 0x0, <r14=>0x0, 0x0, 0x0, 0x0, @link_local}, &(0x7f000000a8c0)=0x14)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f000000a9c0)={{{@in6, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r15=>0x0}}, {{@in6=@remote}, 0x0, @in=@dev}}, &(0x7f000000aac0)=0xe8)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f000000ab00)={{{@in, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r16=>0x0}}, {{@in6=@loopback}, 0x0, @in6=@local}}, &(0x7f000000ac00)=0xe8)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffff9c, 0x0, 0x10, &(0x7f000000b1c0)={{{@in=@multicast1, @in6=@ipv4={[], [], @broadcast}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r17=>0x0}}, {{@in=@loopback}, 0x0, @in=@rand_addr}}, &(0x7f000000b2c0)=0xe8)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f000000b300)={{{@in6=@mcast2, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r18=>0x0}}, {{@in=@multicast2}, 0x0, @in=@dev}}, &(0x7f000000b400)=0xe8)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f000000b740)={'team0\x00', <r19=>0x0})
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f000000b780)={{{@in=@local, @in=@multicast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r20=>0x0}}, {{@in6=@local}, 0x0, @in=@remote}}, &(0x7f000000b880)=0xe8)
sendmsg$TEAM_CMD_PORT_LIST_GET(r2, &(0x7f000000c080)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f000000c040)={&(0x7f000000b8c0)={0x750, r3, 0x0, 0x70bd27, 0x25dfdbfc, {0x3}, [{{0x8, 0x1, r4}, {0x48, 0x2, [{0x44, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x8, 0x3, 0x5}, {0x14, 0x4, 'activebackup\x00'}}}]}}, {{0x8, 0x1, r5}, {0xf4, 0x2, [{0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x390}}}, {0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x8, 0x3, 0xb}, {0x8, 0x4, 0x4}}, {0x8, 0x7}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24, 0x1, 'lb_stats_refresh_interval\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x5}}}, {0x40, 0x1, @queue_id={{{0x24, 0x1, 'queue_id\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x100}}, {0x8, 0x6, r6}}}]}}, {{0x8, 0x1, r7}, {0x164, 0x2, [{0x38, 0x1, @mcast_rejoin_count={{0x24, 0x1, 'mcast_rejoin_count\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x7}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24, 0x1, 'mcast_rejoin_count\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x101}}}, {0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, r8}}}, {0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x9}}}, {0x44, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x8, 0x3, 0x5}, {0x14, 0x4, 'activebackup\x00'}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24, 0x1, 'user_linkup_enabled\x00'}, {0x8, 0x3, 0x6}, {0x4, 0x4}}, {0x8, 0x6, r9}}}]}}, {{0x8, 0x1, r10}, {0x108, 0x2, [{0x4c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x8, 0x3, 0x5}, {0x1c, 0x4, 'hash_to_port_mapping\x00'}}}, {0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x8, 0x3, 0xb}, {0x8, 0x4, 0xfd}}, {0x8, 0x7}}}, {0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x8, 0x3, 0xb}, {0x8, 0x4, 0x2}}, {0x8, 0x7}}}, {0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, r11}}}]}}, {{0x8, 0x1, r12}, {0x134, 0x2, [{0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x4}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8, 0x3, 0x6}, {0x4, 0x4}}, {0x8, 0x6, r13}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, r14}}, {0x8, 0x7}}}, {0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x8, 0x3, 0xb}, {0x8, 0x4, 0xff9}}, {0x8, 0x7}}}, {0x3c, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x8, 0x3, 0x5}, {0xc, 0x4, 'random\x00'}}}]}}, {{0x8, 0x1, r15}, {0x80, 0x2, [{0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x8, 0x3, 0xb}, {0x8, 0x4, 0x7}}, {0x8, 0x7}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24, 0x1, 'user_linkup_enabled\x00'}, {0x8, 0x3, 0x6}, {0x4, 0x4}}, {0x8, 0x6, r16}}}]}}, {{0x8, 0x1, r17}, {0x1a8, 0x2, [{0x40, 0x1, @queue_id={{{0x24, 0x1, 'queue_id\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0xe983}}, {0x8, 0x6, r18}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, r19}}, {0x8, 0x7}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8, 0x3, 0xb}, {0x8, 0x4, 0x5}}, {0x8, 0x6, r20}}}, {0x38, 0x1, @notify_peers_interval={{0x24, 0x1, 'notify_peers_interval\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x1cf}}}, {0x74, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8, 0x3, 0xb}, {0x44, 0x4, [{0x855, 0xc73, 0x5, 0x10001}, {0x4, 0x7, 0x7f, 0x5}, {0x9f, 0x4, 0x3, 0x3c85}, {0x9, 0x9, 0x4, 0x6}, {0x100, 0x3f, 0x6, 0x8001}, {0x2b8, 0x19, 0x835e, 0xffffffff}, {0x7a, 0x1, 0xe407, 0x8}, {0x6, 0x52, 0xffffffff, 0x5}]}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24, 0x1, 'mcast_rejoin_count\x00'}, {0x8, 0x3, 0x3}, {0x8, 0x4, 0x5}}}]}}]}, 0x750}, 0x1, 0x0, 0x0, 0x41}, 0x80)
tkill(r0, 0x1000000000016)

2018/05/15 13:08:58 executing program 4:
bpf$MAP_CREATE(0x800000000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

[  395.330599] FAULT_INJECTION: forcing a failure.
[  395.330599] name failslab, interval 1, probability 0, space 0, times 0
[  395.341922] CPU: 0 PID: 23549 Comm: syz-executor7 Not tainted 4.17.0-rc5+ #51
[  395.349186] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  395.358535] Call Trace:
[  395.361122]  dump_stack+0x1b9/0x294
[  395.364739]  ? dump_stack_print_info.cold.2+0x52/0x52
[  395.369922]  should_fail.cold.4+0xa/0x1a
[  395.373985]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  395.379090]  ? kmem_cache_alloc+0x12e/0x760
[  395.383445]  ? mempool_alloc_slab+0x44/0x60
[  395.387761]  ? submit_bh_wbc+0x155/0x7c0
[  395.391807]  ? blk_exit_rl+0x80/0x80
[  395.395526]  ? find_held_lock+0x36/0x1c0
[  395.399580]  ? graph_lock+0x170/0x170
[  395.403368]  ? lock_downgrade+0x8e0/0x8e0
[  395.407533]  ? __lock_is_held+0xb5/0x140
[  395.411590]  __should_failslab+0x124/0x180
[  395.415815]  should_failslab+0x9/0x14
[  395.419606]  kmem_cache_alloc+0x47/0x760
[  395.423655]  ? rcu_note_context_switch+0x710/0x710
[  395.428574]  ? blk_get_request+0x40/0x40
[  395.432635]  ? mempool_free+0x370/0x370
[  395.436609]  mempool_alloc_slab+0x44/0x60
[  395.440750]  mempool_alloc+0x18b/0x490
[  395.444639]  ? remove_element.isra.4+0x1c0/0x1c0
[  395.449391]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  395.454934]  ? __lock_is_held+0xb5/0x140
[  395.458995]  bio_alloc_bioset+0x3a1/0x7f0
[  395.463145]  ? generic_make_request+0x1510/0x1510
[  395.467983]  ? bvec_alloc+0x2d0/0x2d0
[  395.471775]  ? check_same_owner+0x320/0x320
[  395.476099]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  395.481118]  ? guard_bio_eod+0x2b4/0x600
[  395.485187]  submit_bh_wbc+0x155/0x7c0
[  395.489071]  write_dirty_buffer+0xba/0x150
[  395.493304]  jbd2_log_do_checkpoint+0xbe6/0x1340
[  395.498066]  ? __jbd2_journal_remove_checkpoint+0x8c0/0x8c0
[  395.503776]  ? lock_downgrade+0x8e0/0x8e0
[  395.507922]  ? kasan_check_read+0x11/0x20
[  395.512065]  ? do_raw_spin_unlock+0x9e/0x2e0
[  395.516472]  ? kasan_check_write+0x14/0x20
[  395.520697]  ? do_raw_spin_lock+0xc1/0x200
[  395.524940]  jbd2_journal_flush+0x156/0x540
[  395.529251]  ext4_ioctl+0x241e/0x4210
[  395.533045]  ? _parse_integer+0x13b/0x190
[  395.537183]  ? ext4_ioctl_group_add+0x560/0x560
[  395.541836]  ? _parse_integer+0x190/0x190
[  395.545969]  ? graph_lock+0x170/0x170
[  395.549753]  ? lock_release+0xa10/0xa10
[  395.553712]  ? check_same_owner+0x320/0x320
[  395.558025]  ? find_held_lock+0x36/0x1c0
[  395.562076]  ? graph_lock+0x170/0x170
[  395.565872]  ? find_held_lock+0x36/0x1c0
[  395.569936]  ? lock_downgrade+0x8e0/0x8e0
[  395.574078]  ? kasan_check_read+0x11/0x20
[  395.578222]  ? rcu_is_watching+0x85/0x140
[  395.582367]  ? rcu_bh_force_quiescent_state+0x20/0x20
[  395.587559]  ? __fget+0x40c/0x650
[  395.591017]  ? match_held_lock+0x841/0x8b0
[  395.595261]  ? expand_files.part.8+0x9a0/0x9a0
[  395.599838]  ? kasan_check_write+0x14/0x20
[  395.604067]  ? __mutex_unlock_slowpath+0x180/0x8a0
[  395.608992]  ? wait_for_completion+0x870/0x870
[  395.613567]  ? ext4_ioctl_group_add+0x560/0x560
[  395.618312]  do_vfs_ioctl+0x1cf/0x16a0
[  395.622189]  ? ioctl_preallocate+0x2e0/0x2e0
[  395.626583]  ? fget_raw+0x20/0x20
[  395.630035]  ? __sb_end_write+0xac/0xe0
[  395.634010]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  395.639540]  ? fput+0x130/0x1a0
[  395.642804]  ? ksys_write+0x1a6/0x250
[  395.646600]  ? security_file_ioctl+0x94/0xc0
[  395.651036]  ksys_ioctl+0xa9/0xd0
[  395.654485]  __x64_sys_ioctl+0x73/0xb0
[  395.658364]  do_syscall_64+0x1b1/0x800
[  395.662247]  ? syscall_slow_exit_work+0x4f0/0x4f0
[  395.667075]  ? syscall_return_slowpath+0x5c0/0x5c0
[  395.672000]  ? syscall_return_slowpath+0x30f/0x5c0
[  395.676939]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  395.682299]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  395.687134]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  395.692315] RIP: 0033:0x455a09
[  395.695498] RSP: 002b:00007f5427f69c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  395.703191] RAX: ffffffffffffffda RBX: 00007f5427f6a6d4 RCX: 0000000000455a09
[  395.710466] RDX: 0000000020000080 RSI: 0000000040086607 RDI: 0000000000000013
[  395.717721] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  395.724975] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014
2018/05/15 13:08:59 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400000000000300000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:08:59 executing program 7 (fault-call:1 fault-nth:21):
r0 = syz_open_procfs(0x0, &(0x7f0000000140)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a")
ioctl$DRM_IOCTL_RES_CTX(r0, 0x40086607, &(0x7f0000000080)={0x0, &(0x7f0000000540)})

[  395.732245] R13: 00000000000001e0 R14: 00000000006f6da0 R15: 0000000000000014
[  395.755728] binder: 23548:23553 got reply transaction with no transaction stack
[  395.763298] binder: 23548:23553 transaction failed 29201/-71, size 0-0 line 2763
2018/05/15 13:08:59 executing program 0:
r0 = syz_open_procfs(0x0, &(0x7f0000000140)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a")
ioctl$DRM_IOCTL_RES_CTX(r0, 0xc028660f, &(0x7f0000000080)={0x0, &(0x7f0000000540)})

2018/05/15 13:08:59 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
ioctl$SNDRV_CTL_IOCTL_TLV_WRITE(r1, 0xc008551b, &(0x7f00000001c0)={0x705, 0x8, [0x5, 0x1ff]})
ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x891b, &(0x7f00000000c0)={'dummy0\x00', {0x2, 0x4e23, @remote={0xac, 0x14, 0x14, 0xbb}}})
ioctl$sock_inet6_udp_SIOCOUTQ(r1, 0x5411, &(0x7f0000000180))
setsockopt$SO_VM_SOCKETS_BUFFER_SIZE(r1, 0x28, 0x0, &(0x7f0000000140)=0x4, 0x8)
recvfrom$inet6(r1, &(0x7f0000000000)=""/11, 0xb, 0x20, &(0x7f0000000080)={0xa, 0x4e24, 0x8, @mcast2={0xff, 0x2, [], 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:08:59 executing program 4:
bpf$MAP_CREATE(0xe000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

[  395.859646] FAULT_INJECTION: forcing a failure.
[  395.859646] name failslab, interval 1, probability 0, space 0, times 0
[  395.870989] CPU: 0 PID: 23569 Comm: syz-executor7 Not tainted 4.17.0-rc5+ #51
[  395.878275] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  395.887631] Call Trace:
[  395.890223]  dump_stack+0x1b9/0x294
[  395.893841]  ? dump_stack_print_info.cold.2+0x52/0x52
[  395.899045]  should_fail.cold.4+0xa/0x1a
[  395.903110]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  395.908212]  ? kmem_cache_alloc+0x12e/0x760
[  395.912532]  ? mempool_alloc_slab+0x44/0x60
[  395.916842]  ? submit_bh_wbc+0x155/0x7c0
[  395.920898]  ? blk_exit_rl+0x80/0x80
[  395.924620]  ? find_held_lock+0x36/0x1c0
[  395.928680]  ? graph_lock+0x170/0x170
[  395.932477]  ? lock_downgrade+0x8e0/0x8e0
[  395.936616]  ? __lock_is_held+0xb5/0x140
[  395.940687]  __should_failslab+0x124/0x180
[  395.944922]  should_failslab+0x9/0x14
[  395.948718]  kmem_cache_alloc+0x47/0x760
[  395.952788]  ? rcu_note_context_switch+0x710/0x710
[  395.957705]  ? blk_get_request+0x40/0x40
[  395.961766]  ? mempool_free+0x370/0x370
[  395.965734]  mempool_alloc_slab+0x44/0x60
[  395.969880]  mempool_alloc+0x18b/0x490
[  395.973779]  ? remove_element.isra.4+0x1c0/0x1c0
[  395.978543]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  395.984072]  ? __lock_is_held+0xb5/0x140
[  395.988121]  bio_alloc_bioset+0x3a1/0x7f0
[  395.992257]  ? generic_make_request+0x1510/0x1510
[  395.997094]  ? bvec_alloc+0x2d0/0x2d0
[  396.000897]  ? check_same_owner+0x320/0x320
[  396.005215]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  396.010241]  ? guard_bio_eod+0x2b4/0x600
[  396.014310]  submit_bh_wbc+0x155/0x7c0
[  396.018199]  write_dirty_buffer+0xba/0x150
[  396.022419]  jbd2_log_do_checkpoint+0xbe6/0x1340
[  396.027166]  ? __jbd2_journal_remove_checkpoint+0x8c0/0x8c0
[  396.032865]  ? lock_downgrade+0x8e0/0x8e0
[  396.037000]  ? kasan_check_read+0x11/0x20
[  396.041140]  ? do_raw_spin_unlock+0x9e/0x2e0
[  396.045539]  ? kasan_check_write+0x14/0x20
[  396.049768]  ? do_raw_spin_lock+0xc1/0x200
[  396.054001]  jbd2_journal_flush+0x156/0x540
[  396.058339]  ext4_ioctl+0x241e/0x4210
[  396.062132]  ? _parse_integer+0x13b/0x190
[  396.066274]  ? ext4_ioctl_group_add+0x560/0x560
[  396.070929]  ? _parse_integer+0x190/0x190
[  396.075071]  ? graph_lock+0x170/0x170
[  396.078853]  ? lock_release+0xa10/0xa10
[  396.082820]  ? check_same_owner+0x320/0x320
[  396.087141]  ? find_held_lock+0x36/0x1c0
[  396.091196]  ? graph_lock+0x170/0x170
[  396.094989]  ? find_held_lock+0x36/0x1c0
[  396.099061]  ? lock_downgrade+0x8e0/0x8e0
[  396.103216]  ? kasan_check_read+0x11/0x20
[  396.107351]  ? rcu_is_watching+0x85/0x140
[  396.111490]  ? rcu_bh_force_quiescent_state+0x20/0x20
[  396.116690]  ? __fget+0x40c/0x650
[  396.120150]  ? match_held_lock+0x841/0x8b0
[  396.124383]  ? expand_files.part.8+0x9a0/0x9a0
[  396.128974]  ? kasan_check_write+0x14/0x20
[  396.133220]  ? __mutex_unlock_slowpath+0x180/0x8a0
[  396.138164]  ? wait_for_completion+0x870/0x870
[  396.142744]  ? ext4_ioctl_group_add+0x560/0x560
[  396.147412]  do_vfs_ioctl+0x1cf/0x16a0
[  396.151305]  ? ioctl_preallocate+0x2e0/0x2e0
[  396.155738]  ? fget_raw+0x20/0x20
[  396.159178]  ? __sb_end_write+0xac/0xe0
[  396.163152]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  396.168682]  ? fput+0x130/0x1a0
[  396.171947]  ? ksys_write+0x1a6/0x250
[  396.175749]  ? security_file_ioctl+0x94/0xc0
[  396.180165]  ksys_ioctl+0xa9/0xd0
[  396.183613]  __x64_sys_ioctl+0x73/0xb0
[  396.187499]  do_syscall_64+0x1b1/0x800
[  396.191385]  ? finish_task_switch+0x1ca/0x840
[  396.195878]  ? syscall_return_slowpath+0x5c0/0x5c0
[  396.200802]  ? syscall_return_slowpath+0x30f/0x5c0
[  396.205722]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  396.211073]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  396.215902]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  396.221081] RIP: 0033:0x455a09
[  396.224265] RSP: 002b:00007f5427f69c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  396.231967] RAX: ffffffffffffffda RBX: 00007f5427f6a6d4 RCX: 0000000000455a09
[  396.239239] RDX: 0000000020000080 RSI: 0000000040086607 RDI: 0000000000000013
[  396.246500] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  396.253762] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014
[  396.261019] R13: 00000000000001e0 R14: 00000000006f6da0 R15: 0000000000000015
2018/05/15 13:09:00 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0x700000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

2018/05/15 13:09:00 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400000016000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:09:00 executing program 4:
bpf$MAP_CREATE(0x374b8, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

2018/05/15 13:09:00 executing program 7 (fault-call:1 fault-nth:22):
r0 = syz_open_procfs(0x0, &(0x7f0000000140)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a")
ioctl$DRM_IOCTL_RES_CTX(r0, 0x40086607, &(0x7f0000000080)={0x0, &(0x7f0000000540)})

2018/05/15 13:09:00 executing program 0:
r0 = syz_open_procfs(0x0, &(0x7f0000000140)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a")
ioctl$DRM_IOCTL_RES_CTX(r0, 0x8004587d, &(0x7f0000000080)={0x0, &(0x7f0000000540)})

2018/05/15 13:09:00 executing program 1:
r0 = socket$inet6(0xa, 0x5, 0x0)
shutdown(r0, 0x1)
r1 = dup2(r0, r0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000080)={0x0, <r2=>0x0}, &(0x7f00000000c0)=0xc)
getgroups(0xa, &(0x7f0000000140)=[0xffffffffffffffff, 0xffffffffffffffff, <r3=>0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0])
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv4/vs/pmtu_disc\x00', 0x2, 0x0)
chown(&(0x7f0000000000)='./file0\x00', r2, r3)
bind$inet6(r0, &(0x7f00008a8000)={0xa, 0x4e23}, 0x1c)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0x7, &(0x7f0000000040), 0x4)

2018/05/15 13:09:00 executing program 5:
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f00000002c0)={{{@in=@multicast2, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in=@local}}}, &(0x7f0000000040)=0xe8)
quotactl(0x1, &(0x7f0000000000)='./file0\x00', r2, &(0x7f00000000c0)="f40287409a1fdf4b3f82383a30c1311a52811c3acfecbe299219a698792a922302a36c89cdfd413f54b4209bd61dc3139b16d90bc91df78ded8096f21fbde820b93b5a0b903373cdc8ee3958c5533f1dbec897c879de660cfc32678e12c6d0043d43530e1e4fee49d3bc67ab087f9839d986236a3a6e59876738121306aa3784b987c704103a67729e76f0c5c20f6f9f947b05c99fead2b24022bd5a32b7")
write(r1, &(0x7f00000001c0), 0xfaa8a4c0)
fcntl$setpipe(r0, 0x407, 0x9476fe0)
vmsplice(r1, &(0x7f0000000280)=[{&(0x7f0000000180)='r', 0x1}], 0x1, 0x0)

2018/05/15 13:09:00 executing program 3:
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, &(0x7f0000fd8000), &(0x7f0000e7fffc), 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(0xffffffffffffff9c, 0x84, 0x70, &(0x7f0000000100)={<r2=>0x0, @in6={{0xa, 0x4e21, 0x8, @mcast2={0xff, 0x2, [], 0x1}, 0x9}}, [0xf9, 0x0, 0x8, 0x4, 0x5, 0x9, 0xc6, 0xfff, 0xffff, 0x8, 0x3, 0x0, 0xfffffffffffffffe, 0x0, 0x1f]}, &(0x7f0000000200)=0x100)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r1, 0x84, 0xf, &(0x7f0000000240)={r2, @in6={{0xa, 0x4e23, 0x4, @local={0xfe, 0x80, [], 0xaa}, 0x7fff}}, 0x80000000, 0x0, 0x7, 0x27a2, 0xacf}, &(0x7f0000000300)=0x98)
clock_gettime(0x0, &(0x7f00000000c0)={0x0, <r3=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000080)={{0x0, 0x8}, {0x0, r3+30000000}}, &(0x7f0000040000))
tkill(r0, 0x1000000000016)

2018/05/15 13:09:00 executing program 4:
bpf$MAP_CREATE(0xe002000000000000, &(0x7f00000000c0)={0x5, 0x4, 0x3745, 0xd8, 0x0, 0xffffffffffffff9c}, 0x2c)

[  397.342132] binder: 23596:23606 got reply transaction with no transaction stack
[  397.342153] EXT4-fs (sda1): shut down requested (0)
[  397.349729] binder: 23596:23606 transaction failed 29201/-71, size 0-0 line 2763
[  397.372072] FAULT_INJECTION: forcing a failure.
[  397.372072] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  397.383921] CPU: 0 PID: 23607 Comm: syz-executor7 Not tainted 4.17.0-rc5+ #51
2018/05/15 13:09:00 executing program 2:
r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000200)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x0, 0xa00000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040), &(0x7f0000000100)}}], 0x1, 0x0, &(0x7f00000001c0)="dd"})

[  397.391197] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  397.400550] Call Trace:
[  397.403129]  dump_stack+0x1b9/0x294
[  397.406746]  ? dump_stack_print_info.cold.2+0x52/0x52
[  397.411921]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  397.417448]  should_fail.cold.4+0xa/0x1a
[  397.421508]  ? fault_create_debugfs_attr+0x1f0/0x1f0
[  397.426596]  ? graph_lock+0x170/0x170
[  397.430393]  ? debug_check_no_locks_freed+0x310/0x310
[  397.435583]  ? __lock_is_held+0xb5/0x140
[  397.439658]  ? generic_make_request_checks+0x57a/0x2400
[  397.445016]  ? blk_init_queue+0x30/0x30
[  397.449002]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  397.454532]  ? should_fail+0x21b/0xbcd
[  397.458411]  __alloc_pages_nodemask+0x34e/0xd70
[  397.463072]  ? kmem_cache_alloc+0x12e/0x760
[  397.467394]  ? mempool_alloc_slab+0x44/0x60
[  397.471715]  ? __alloc_pages_slowpath+0x2db0/0x2db0
[  397.476747]  ? graph_lock+0x170/0x170
[  397.480551]  ? lock_downgrade+0x8e0/0x8e0
[  397.484699]  ? __lock_is_held+0xb5/0x140
[  397.488756]  cache_grow_begin+0x72/0x6c0
[  397.492816]  kmem_cache_alloc+0x689/0x760
[  397.496966]  ? mempool_free+0x370/0x370
[  397.500924]  mempool_alloc_slab+0x44/0x60
[  397.505061]  mempool_alloc+0x18b/0x490
[  397.508949]  ? remove_element.isra.4+0x1c0/0x1c0
[  397.513695]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  397.519238]  ? __lock_is_held+0xb5/0x140
[  397.523296]  bio_alloc_bioset+0x3a1/0x7f0
[  397.527428]  ? generic_make_request+0x1510/0x1510
[  397.532255]  ? bvec_alloc+0x2d0/0x2d0
[  397.536053]  ? check_same_owner+0x320/0x320
[  397.540365]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  397.545367]  ? guard_bio_eod+0x2b4/0x600
[  397.549415]  submit_bh_wbc+0x155/0x7c0
[  397.553292]  write_dirty_buffer+0xba/0x150
[  397.557524]  jbd2_log_do_checkpoint+0xbe6/0x1340
[  397.562279]  ? __jbd2_journal_remove_checkpoint+0x8c0/0x8c0
[  397.567988]  ? lock_downgrade+0x8e0/0x8e0
[  397.572129]  ? kasan_check_read+0x11/0x20
[  397.576261]  ? do_raw_spin_unlock+0x9e/0x2e0
[  397.580658]  ? kasan_check_write+0x14/0x20
[  397.584877]  ? do_raw_spin_lock+0xc1/0x200
[  397.589099]  jbd2_journal_flush+0x156/0x540
[  397.593421]  ext4_ioctl+0x241e/0x4210
[  397.597215]  ? _parse_integer+0x13b/0x190
[  397.601367]  ? ext4_ioctl_group_add+0x560/0x560
[  397.606034]  ? _parse_integer+0x190/0x190
[  397.610177]  ? graph_lock+0x170/0x170
[  397.613969]  ? lock_release+0xa10/0xa10
[  397.617926]  ? check_same_owner+0x320/0x320
[  397.622232]  ? find_held_lock+0x36/0x1c0
[  397.626275]  ? graph_lock+0x170/0x170
[  397.630060]  ? find_held_lock+0x36/0x1c0
[  397.634121]  ? lock_downgrade+0x8e0/0x8e0
[  397.638268]  ? kasan_check_read+0x11/0x20
[  397.642399]  ? rcu_is_watching+0x85/0x140
[  397.646538]  ? rcu_bh_force_quiescent_state+0x20/0x20
[  397.651733]  ? __fget+0x40c/0x650
[  397.655184]  ? match_held_lock+0x841/0x8b0
[  397.659418]  ? expand_files.part.8+0x9a0/0x9a0
[  397.664003]  ? kasan_check_write+0x14/0x20
[  397.668242]  ? __mutex_unlock_slowpath+0x180/0x8a0
[  397.673165]  ? wait_for_completion+0x870/0x870
[  397.677755]  ? ext4_ioctl_group_add+0x560/0x560
[  397.682419]  do_vfs_ioctl+0x1cf/0x16a0
[  397.686302]  ? ioctl_preallocate+0x2e0/0x2e0
[  397.690694]  ? fget_raw+0x20/0x20
[  397.694237]  ? __sb_end_write+0xac/0xe0
[  397.698218]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  397.703745]  ? fput+0x130/0x1a0
[  397.707025]  ? ksys_write+0x1a6/0x250
[  397.711055]  ? security_file_ioctl+0x94/0xc0
[  397.715452]  ksys_ioctl+0xa9/0xd0
[  397.718891]  __x64_sys_ioctl+0x73/0xb0
[  397.722765]  do_syscall_64+0x1b1/0x800
[  397.726649]  ? finish_task_switch+0x1ca/0x840
[  397.731142]  ? syscall_return_slowpath+0x5c0/0x5c0
[  397.736062]  ? syscall_return_slowpath+0x30f/0x5c0
[  397.740994]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  397.746351]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  397.751190]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  397.756372] RIP: 0033:0x455a09
[  397.759546] RSP: 002b:00007f5427f69c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  397.767239] RAX: ffffffffffffffda RBX: 00007f5427f6a6d4 RCX: 0000000000455a09
[  397.774492] RDX: 0000000020000080 RSI: 0000000040086607 RDI: 0000000000000013
[  397.781753] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
2018/05/15 13:09:01 executing program 6:
r0 = syz_open_dev$evdev(&(0x7f0000000040)='/dev/input/event#\x00', 0xfffffffffffffffc, 0x5)
write$binfmt_elf32(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="7f454c4600000000000000000000000004000400000200000000000038000000000000000000000000002000000000000000000000000000000000000000000000000000"], 0x44)

2018/05/15 13:09:01 executing program 7 (fault-call:1 fault-nth:23):
r0 = syz_open_procfs(0x0, &(0x7f0000000140)="2f65786500000000000409004bddd9de91be10eebf000ee9a90f798058439ed554fa07424adee901d2da75af1f0200f5ab26d7a071fb35331ce39c5a")
ioctl$DRM_IOCTL_RES_CTX(r0, 0x40086607, &(0x7f0000000080)={0x0, &(0x7f0000000540)})

[  397.789020] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014
[  397.796280] R13: 00000000000001e0 R14: 00000000006f6da0 R15: 0000000000000016
[  397.855804] ------------[ cut here ]------------
[  397.861540] DEBUG_LOCKS_WARN_ON(sem->owner != get_current())
[  397.861644] WARNING: CPU: 0 PID: 23604 at kernel/locking/rwsem.c:133 up_write+0x1c6/0x210
[  397.875742] Kernel panic - not syncing: panic_on_warn set ...
[  397.875742] 
[  397.883107] CPU: 0 PID: 23604 Comm: syz-executor0 Not tainted 4.17.0-rc5+ #51
[  397.890371] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  397.899720] Call Trace:
[  397.902306]  dump_stack+0x1b9/0x294
[  397.905918]  ? dump_stack_print_info.cold.2+0x52/0x52
[  397.911090]  ? up_write+0x1a0/0x210
[  397.914707]  panic+0x22f/0x4de
[  397.917890]  ? add_taint.cold.5+0x16/0x16
[  397.922027]  ? __warn.cold.8+0x148/0x1b3
[  397.926083]  ? up_write+0x1c6/0x210
[  397.929690]  __warn.cold.8+0x163/0x1b3
[  397.933558]  ? up_write+0x1c6/0x210
[  397.937184]  report_bug+0x252/0x2d0
[  397.940794]  do_error_trap+0x1de/0x490
[  397.944674]  ? blk_start_plug+0xc4/0x360
[  397.948724]  ? math_error+0x420/0x420
[  397.952514]  ? vprintk_default+0x28/0x30
[  397.956567]  ? vprintk_func+0x81/0xe7
[  397.960353]  ? printk+0x9e/0xba
[  397.963619]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  397.968463]  do_invalid_op+0x1b/0x20
[  397.972174]  invalid_op+0x14/0x20
[  397.975610] RIP: 0010:up_write+0x1c6/0x210
[  397.979822] RSP: 0018:ffff880191f77680 EFLAGS: 00010286
[  397.985173] RAX: 0000000000000030 RBX: ffff8801cc528b00 RCX: ffffc90001eb8000
[  397.992433] RDX: 000000000002ebe3 RSI: ffffffff81610711 RDI: 0000000000000001
[  397.999682] RBP: ffff880191f77708 R08: ffff88019110e500 R09: fffffbfff11b0994
[  398.006931] R10: fffffbfff11b0994 R11: ffffffff88d84ca3 R12: 1ffff100323eeed0
[  398.014180] R13: dffffc0000000000 R14: ffff880191f776e0 R15: ffff8801cc528b58
[  398.021440]  ? vprintk_func+0x81/0xe7
[  398.025222]  ? up_read+0x110/0x110
[  398.028743]  ? wait_for_completion+0x870/0x870
[  398.033304]  ? lock_release+0xa10/0xa10
[  398.037259]  ? thaw_super_locked+0x109/0x260
[  398.041663]  percpu_up_write+0xcd/0x110
[  398.045625]  ? __percpu_up_read+0x50/0x50
[  398.049754]  ? down_write+0x87/0x120
[  398.053445]  ? thaw_super+0x16/0x30
[  398.057054]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  398.062573]  thaw_super_locked+0x1f5/0x260
[  398.066799]  thaw_super+0x1e/0x30
[  398.070236]  thaw_bdev+0x162/0x1a0
[  398.073758]  ext4_ioctl+0x180e/0x4210
[  398.077538]  ? lock_downgrade+0x8e0/0x8e0
[  398.081667]  ? ext4_ioctl_group_add+0x560/0x560
[  398.086328]  ? do_futex+0x249/0x27d0
[  398.090034]  ? rcu_is_watching+0x85/0x140
[  398.094171]  ? graph_lock+0x170/0x170
[  398.097951]  ? rcu_bh_force_quiescent_state+0x20/0x20
[  398.103134]  ? rcu_bh_force_quiescent_state+0x20/0x20
[  398.108322]  ? exit_robust_list+0x290/0x290
[  398.112633]  ? find_held_lock+0x36/0x1c0
[  398.116688]  ? lock_downgrade+0x8e0/0x8e0
[  398.120820]  ? kasan_check_read+0x11/0x20
[  398.124949]  ? rcu_is_watching+0x85/0x140
[  398.129076]  ? rcu_bh_force_quiescent_state+0x20/0x20
[  398.134263]  ? __fget+0x40c/0x650
[  398.137712]  ? expand_files.part.8+0x9a0/0x9a0
[  398.142286]  ? trace_hardirqs_off+0xd/0x10
[  398.146511]  ? _raw_spin_unlock_irqrestore+0x63/0xc0
[  398.151608]  ? debug_check_no_obj_freed+0x2ff/0x584
[  398.156609]  ? ext4_ioctl_group_add+0x560/0x560
[  398.161269]  do_vfs_ioctl+0x1cf/0x16a0
[  398.165147]  ? rcu_pm_notify+0xc0/0xc0
[  398.169022]  ? ioctl_preallocate+0x2e0/0x2e0
[  398.173447]  ? fget_raw+0x20/0x20
[  398.176893]  ? putname+0xf2/0x130
[  398.180326]  ? rcu_read_lock_sched_held+0x108/0x120
[  398.185321]  ? kmem_cache_free+0x25c/0x2d0
[  398.189536]  ? __x64_sys_futex+0x477/0x680
[  398.193749]  ? do_futex+0x27d0/0x27d0
[  398.197532]  ? security_file_ioctl+0x94/0xc0
[  398.201921]  ksys_ioctl+0xa9/0xd0
[  398.205354]  __x64_sys_ioctl+0x73/0xb0
[  398.209224]  do_syscall_64+0x1b1/0x800
[  398.213097]  ? finish_task_switch+0x1ca/0x840
[  398.217581]  ? syscall_return_slowpath+0x5c0/0x5c0
[  398.222500]  ? syscall_return_slowpath+0x30f/0x5c0
[  398.227423]  ? entry_SYSCALL_64_after_hwframe+0x59/0xbe
[  398.232784]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  398.237619]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  398.242789] RIP: 0033:0x455a09
[  398.245958] RSP: 002b:00007f899b091c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  398.253644] RAX: ffffffffffffffda RBX: 00007f899b0926d4 RCX: 0000000000455a09
[  398.260902] RDX: 0000000020000080 RSI: 000000008004587d RDI: 0000000000000013
[  398.268154] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000
[  398.275410] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
[  398.282666] R13: 00000000000001e0 R14: 00000000006f6da0 R15: 0000000000000000
[  398.290403] Dumping ftrace buffer:
[  398.293924]    (ftrace buffer empty)
[  398.297611] Kernel Offset: disabled
[  398.301217] Rebooting in 86400 seconds..