x6c}}, {{0xa, 0x4e20, 0x3f, @remote={0xfe, 0x80, [], 0xbb}}}}, 0x108) 2018/04/06 11:40:51 executing program 2: r0 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/enforce\x00', 0x40005, 0x0) fallocate(r0, 0x8, 0x0, 0x1000) ioctl$VHOST_SET_VRING_CALL(r0, 0x4008af21, &(0x7f0000000040)={0x0, r0}) 2018/04/06 11:40:51 executing program 0: r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000c45ff7)='/dev/dsp\x00', 0x0, 0x0) ppoll(&(0x7f0000000000)=[{r0}], 0x1, &(0x7f0000000040)={0x77359400}, &(0x7f0000000080)={0x9}, 0x8) r1 = gettid() getsockopt$inet_sctp_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000140)=@sack_info={0x0, 0x16b800, 0x80}, &(0x7f0000000180)=0xc) setsockopt$inet_sctp6_SCTP_AUTH_KEY(r0, 0x84, 0x17, &(0x7f00000001c0)={r2, 0x100000000, 0x97, "ea47f25251ddf9a41285d9ea25ef16f0895d536dd78a7a3e76b12b8ca5cc457f34946fb8dbc41070c30b8490e762b8c2ee5de609778acb246420bd4043f7e4510576e735b5ea9c699caa458aa19d40913c3ae48a5c15018975b1045c1d5a6243250d7395a8cceeab744925264e7c022b8e4fecd77a1ee9308f7576905752d2fe9a29d95178b87049537913f071e8528f389960ea8f9da7"}, 0x9f) timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) close(r0) tkill(r1, 0x15) 2018/04/06 11:40:51 executing program 1: r0 = socket(0x0, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) r1 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x100000f, 0x52, r1, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000000200)={r2, 0x6d, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30445cc3106098c1375dee48494f9360a6dceec8517e675add01d6167e244f8f663e3529bed2135afaa69efe4f927cc8fba0718a875d52"}, &(0x7f00000000c0)=0x75) close(r1) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(r0, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) r3 = perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$alg(0x26, 0x5, 0x0) r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000640)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000140), &(0x7f0000000180)) close(r4) sendmmsg(0xffffffffffffffff, &(0x7f0000002280)=[{{&(0x7f00000006c0)=@pppoe={0x18, 0x0, {0x3, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, 'ip6tnl0\x00'}}, 0x80, &(0x7f0000000ec0)=[{&(0x7f0000000740)="964616d1dafb11d6d905ea33bd4eaea0dd04eb847bc0a1210ca9456143e31b8ce14caf4a0646bc639707d10aba3e652495977a7a6d3fc41ef6364c47c2266aa410a490f920f407161207ec5352e1ce6c3822d3a2ae063583609298790a58b73fccaac3665dd78ab4a15d4c12a996799f41dc79b9f3d57a627a7517cb0b51c0cecf43519f19db25073246fa0d8e29d209ee94372325d56aa5ae8d45", 0x9b}], 0x1, &(0x7f0000000f40)=[{0x30, 0x103, 0x918, "b9b0597d21d227c112b74fbadc29c742bca992f94f18f93f4a69"}], 0x30, 0x4045}, 0x610}], 0x1, 0x4001) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x13860b96, 0xa0000) fcntl$getownex(r3, 0x10, &(0x7f0000000680)) 2018/04/06 11:40:51 executing program 6: socket$inet_udp(0x2, 0x2, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000095bffc)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) sendto$inet(r1, &(0x7f0000762fff), 0xfdc7, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000901}, 0x10) 2018/04/06 11:40:51 executing program 5: r0 = msgget(0x2, 0x58) r1 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x202, 0x0) msgctl$MSG_INFO(r0, 0xc, &(0x7f0000000080)=""/4096) ioctl$KDGKBLED(r1, 0x4b64, &(0x7f0000000040)) 2018/04/06 11:40:52 executing program 7: r0 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/enforce\x00', 0x40005, 0x0) fallocate(r0, 0x8, 0x0, 0x1000) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={0x0, 0x8000}, &(0x7f0000000080)=0x8) getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(r0, 0x84, 0x1a, &(0x7f00000000c0)={r1, 0xad, "48b07a9683ad6559a3d47634225387ee999b6ddbddd5f83bf9f4341772f3c78b3d459ae5bc20ce51ec49bfa150d07d1bfcd6f1eb919760a20919283c846c9ec8178bbcf5bddd5e6c744dd5dc8bf09bdbc753a896ff0dcb10c01eb51e6dc0b7d3be3222ab40b457bfe5dc15076c99f9e9013e7a39c42b8af03b9a7e308cc62ae719910dfaf54ca29b82e6a870d10836cfc5a6c3551e7d28a9d5b5679811f2cc1016dd446647672c575fae7d952f"}, &(0x7f0000000180)=0xb5) 2018/04/06 11:40:52 executing program 2: r0 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/enforce\x00', 0x40005, 0x0) setsockopt$inet6_buf(r0, 0x29, 0x2c, &(0x7f0000000100)="f13ef1338c5b9e7b3fe058a68e53447fceefa274b27e9dceceb1a43eb54a553becd5b1f28ad5ce6d0b6c6537c81d01bc94e32d998895b12993cf067cd2d420a5534275f8429cda97737ca635888009f0325da5669105dc87d3af4aff5c87af496427255442679b73a1b64a87378ef3f6deb35011e0dc83e2e397c3a2837734b5d93373c7d6e2ec983b0ca9dec437934fbefb10b69f2c08dec64c4a23bd664875c64bb9c61a67a6141a7d763b329d7f5c8e74bb0b48d170de21ed8beb7db83b6f1bee9225caf0df5be587c126c7", 0xcd) fallocate(r0, 0x8, 0x0, 0x1000) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000040)=""/128, &(0x7f00000000c0)=0x80) syz_open_dev$adsp(&(0x7f0000000200)='/dev/adsp#\x00', 0x4, 0x100) [ 369.574887] QAT: Invalid ioctl [ 370.165576] FAULT_FLAG_ALLOW_RETRY missing 30 [ 370.170213] CPU: 0 PID: 23650 Comm: syz-executor3 Not tainted 4.16.0+ #3 [ 370.177047] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 370.186381] Call Trace: [ 370.188960] dump_stack+0x1b9/0x294 [ 370.192578] ? dump_stack_print_info.cold.2+0x52/0x52 [ 370.197757] ? kasan_check_write+0x14/0x20 [ 370.201975] ? do_raw_spin_lock+0xc1/0x200 [ 370.206194] handle_userfault.cold.32+0x44/0x57 [ 370.210842] ? handle_userfault+0x16c6/0x2760 [ 370.215324] ? userfaultfd_ioctl+0x4d10/0x4d10 [ 370.219886] ? debug_check_no_locks_freed+0x310/0x310 [ 370.225059] ? rb_erase+0x3530/0x3530 [ 370.228860] ? print_usage_bug+0xc0/0xc0 [ 370.232912] ? match_held_lock+0x801/0x8b0 [ 370.237128] ? print_usage_bug+0xc0/0xc0 [ 370.241171] ? print_usage_bug+0xc0/0xc0 [ 370.245213] ? lock_downgrade+0x8e0/0x8e0 [ 370.249340] ? lock_downgrade+0x8e0/0x8e0 [ 370.253471] ? __lock_acquire+0x7f5/0x5130 [ 370.257693] ? graph_lock+0x170/0x170 [ 370.261476] ? debug_check_no_locks_freed+0x310/0x310 [ 370.266653] ? find_held_lock+0x36/0x1c0 [ 370.270715] ? lock_downgrade+0x8e0/0x8e0 [ 370.274860] ? kasan_check_read+0x11/0x20 [ 370.278989] ? do_raw_spin_unlock+0x9e/0x2e0 [ 370.283378] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 370.287942] ? kasan_check_write+0x14/0x20 [ 370.292160] ? do_raw_spin_lock+0xc1/0x200 [ 370.296377] __handle_mm_fault+0x34be/0x4150 [ 370.300771] ? vm_insert_mixed_mkwrite+0x40/0x40 [ 370.305510] ? graph_lock+0x170/0x170 [ 370.309295] ? find_held_lock+0x36/0x1c0 [ 370.313341] ? lock_downgrade+0x8e0/0x8e0 [ 370.317476] ? handle_mm_fault+0x8c0/0xc70 [ 370.321693] handle_mm_fault+0x53a/0xc70 [ 370.325739] ? __handle_mm_fault+0x4150/0x4150 [ 370.330313] ? find_vma+0x34/0x190 [ 370.333848] __do_page_fault+0x60b/0xe40 [ 370.337900] ? mm_fault_error+0x380/0x380 [ 370.342046] ? __schedule+0x80f/0x1e40 [ 370.345930] ? graph_lock+0x170/0x170 [ 370.349718] do_page_fault+0xee/0x8a7 [ 370.353502] ? vmalloc_sync_all+0x30/0x30 [ 370.357650] ? find_held_lock+0x36/0x1c0 [ 370.361727] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 370.366577] page_fault+0x25/0x50 [ 370.370030] RIP: 0010:copy_user_generic_unrolled+0x86/0xc0 [ 370.375644] RSP: 0018:ffff8801d4c4fce8 EFLAGS: 00010206 [ 370.381011] RAX: ffffed003a989fae RBX: 0000000000000018 RCX: 0000000000000003 [ 370.388274] RDX: 0000000000000000 RSI: 0000000020013000 RDI: ffff8801d4c4fd58 [ 370.395525] RBP: ffff8801d4c4fd20 R08: ffffed003a989fae R09: ffffed003a989fab [ 370.402773] R10: ffffed003a989fad R11: ffff8801d4c4fd6f R12: 0000000020013018 [ 370.410026] R13: 0000000020013000 R14: ffff8801d4c4fd58 R15: 00007ffffffff000 [ 370.417299] ? _copy_from_user+0x10d/0x150 [ 370.421518] SyS_sigaltstack+0xae/0x320 [ 370.425474] ? do_sigaction+0xa50/0xa50 [ 370.429429] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 370.434945] ? exit_to_usermode_loop+0x1ef/0x310 [ 370.439683] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 370.444504] ? ksys_ioctl+0x81/0xd0 [ 370.448120] ? do_syscall_64+0xb7/0x9d0 [ 370.452084] ? do_sigaction+0xa50/0xa50 [ 370.456039] do_syscall_64+0x29e/0x9d0 [ 370.459906] ? vmalloc_sync_all+0x30/0x30 [ 370.464040] ? _raw_spin_unlock_irq+0x27/0x70 [ 370.468520] ? finish_task_switch+0x1ca/0x820 [ 370.472997] ? syscall_return_slowpath+0x5c0/0x5c0 [ 370.477911] ? syscall_return_slowpath+0x30f/0x5c0 [ 370.482820] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 370.488164] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 370.492987] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 370.498158] RIP: 0033:0x4552d9 [ 370.501329] RSP: 002b:00007ff15ecfec68 EFLAGS: 00000246 ORIG_RAX: 0000000000000083 [ 370.509021] RAX: ffffffffffffffda RBX: 00007ff15ecff6d4 RCX: 00000000004552d9 [ 370.516288] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000020013000 [ 370.523536] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 370.530786] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 370.538037] R13: 0000000000000608 R14: 00000000006fc160 R15: 0000000000000000 2018/04/06 11:40:53 executing program 3: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) fcntl$getownex(0xffffffffffffff9c, 0x10, &(0x7f0000000100)) getpid() fcntl$getown(0xffffffffffffff9c, 0x9) gettid() ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) getpgrp(r0) r1 = memfd_create(&(0x7f0000000080)='em1\x00', 0x2) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000200)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) sigaltstack(&(0x7f0000013000/0x1000)=nil, &(0x7f00000000c0)) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000258f88)) msgsnd(0x0, &(0x7f0000284ff8)={0x3}, 0x0, 0x0) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000240)={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000640)={'\x00', 0x0}) ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f0000000680)) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000b40)={&(0x7f0000011000/0x4000)=nil, 0x4000}) io_setup(0x1000, &(0x7f0000000040)) io_submit(0x0, 0x0, &(0x7f0000000000)) ioctl$VHOST_RESET_OWNER(r1, 0xaf02, 0x0) 2018/04/06 11:40:53 executing program 2: r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vcs\x00', 0x40800, 0x0) accept4$unix(r0, 0x0, &(0x7f0000000140), 0x80000) mknod$loop(&(0x7f0000000040)='./file0\x00', 0x1082, 0x1) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000080)=0x0) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x40, 0x0, @tid=r1}, &(0x7f0000000180)) r2 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/enforce\x00', 0x20003e, 0x0) fallocate(r2, 0x8, 0x0, 0x1000) 2018/04/06 11:40:53 executing program 4: r0 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000200)={r1, 0x6d, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30445cc3106098c1375dee48494f9360a6dceec8517e675add01d6167e244f8f663e3529bed2135afaa69efe4f927cc8fba0718a875d52"}, &(0x7f00000000c0)=0x75) close(r0) setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$rdma_cm(0xffffffffffffffff, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080), 0x2}}, 0xfffffe84) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000002c0)={0xffffffffffffe55c, {{0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, [], 0x19}, 0x6c}}, {{0xa, 0x4e20, 0x3f, @remote={0xfe, 0x80, [], 0xbb}}}}, 0x108) 2018/04/06 11:40:53 executing program 6: socket$inet_udp(0x2, 0x2, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000095bffc)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) sendto$inet(r1, &(0x7f0000762fff), 0xfdc7, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000003}, 0x10) 2018/04/06 11:40:53 executing program 5: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000200)='/dev/sequencer2\x00', 0x400000, 0x0) ioctl$KDSETMODE(r0, 0x4b3a, 0x9) capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000240)) r1 = syz_open_dev$dspn(&(0x7f00000000c0)='/dev/dsp#\x00', 0x74963ba3, 0x40000) ioctl$sock_inet_SIOCADDRT(r1, 0x890b, &(0x7f0000000180)={0xfff, {0x2, 0x4e21, @multicast2=0xe0000002}, {0x2, 0x4e21, @multicast2=0xe0000002}, {0x2, 0x4e24}, 0x0, 0x4, 0x4, 0x3f, 0x9, &(0x7f0000000140)='tunl0\x00', 0x6, 0xfffffffffffffdd5, 0x7}) socket$can_raw(0x1d, 0x3, 0x1) msgget(0x2, 0x58) getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r1, 0x6, 0x1d, &(0x7f0000000280), &(0x7f0000000300)=0x14) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f00000002c0)={0x0, 0x4, 0xa6a}) ioctl$LOOP_CHANGE_FD(r1, 0x4c06, r1) r2 = syz_open_dev$sndmidi(&(0x7f0000000000)='/dev/snd/midiC#D#\x00', 0xffffffff, 0x0) r3 = accept4$bt_l2cap(0xffffffffffffff9c, &(0x7f0000000040), &(0x7f0000000080)=0xe, 0x800) ioctl$LOOP_CHANGE_FD(r2, 0x4c06, r3) ioctl$SNDRV_SEQ_IOCTL_RUNNING_MODE(r0, 0xc0105303, &(0x7f0000000340)={0x0, 0x4, 0x5}) socket$can_raw(0x1d, 0x3, 0x1) 2018/04/06 11:40:53 executing program 1: r0 = socket(0x0, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) r1 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x52, r1, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000000200)={r2, 0x6d, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30445cc3106098c1375dee48494f9360a6dceec8517e675add01d6167e244f8f663e3529bed2135afaa69efe4f927cc8fba0718a875d52"}, &(0x7f00000000c0)=0x75) close(r1) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(r0, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) r3 = perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$alg(0x26, 0x5, 0x0) r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000640)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000140), &(0x7f0000000180)) close(r4) sendmmsg(0xffffffffffffffff, &(0x7f0000002280)=[{{&(0x7f00000006c0)=@pppoe={0x18, 0x0, {0x3, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, 'ip6tnl0\x00'}}, 0x80, &(0x7f0000000ec0)=[{&(0x7f0000000740)="964616d1dafb11d6d905ea33bd4eaea0dd04eb847bc0a1210ca9456143e31b8ce14caf4a0646bc639707d10aba3e652495977a7a6d3fc41ef6364c47c2266aa410a490f920f407161207ec5352e1ce6c3822d3a2ae063583609298790a58b73fccaac3665dd78ab4a15d4c12a996799f41dc79b9f3d57a627a7517cb0b51c0cecf43519f19db25073246fa0d8e29d209ee94372325d56aa5ae8d45", 0x9b}], 0x1, &(0x7f0000000f40)=[{0x30, 0x103, 0x918, "b9b0597d21d227c112b74fbadc29c742bca992f94f18f93f4a69"}], 0x30, 0x4045}, 0x610}], 0x1, 0x4001) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x13860b96, 0xa0000) fcntl$getownex(r3, 0x10, &(0x7f0000000680)) 2018/04/06 11:40:53 executing program 7: r0 = syz_open_dev$usbmon(&(0x7f0000000040)='/dev/usbmon#\x00', 0x3, 0x100) ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r0, 0x40505331, &(0x7f0000000080)={{0x1, 0x800}, {0x8, 0x3ff}, 0x7, 0x6, 0x7}) ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r0, 0x40505331, &(0x7f0000000100)={{0xba3c, 0x2}, {0x870}, 0x785c, 0x2, 0x9}) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_STATUS(r0, 0xc05c5340, &(0x7f0000000180)={0x4, 0x8e, 0xa6d, {0x77359400}, 0x20, 0x4}) r1 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/enforce\x00', 0x40005, 0x0) fallocate(r1, 0x5, 0x0, 0x1000) 2018/04/06 11:40:53 executing program 0: r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000c45ff7)='/dev/dsp\x00', 0x0, 0x0) ppoll(&(0x7f0000000000)=[{r0}], 0x1, &(0x7f0000000040)={0x77359400}, &(0x7f0000000080)={0x9}, 0x8) r1 = gettid() getsockopt$inet_sctp_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000140)=@sack_info={0x0, 0x16b800, 0x80}, &(0x7f0000000180)=0xc) setsockopt$inet_sctp6_SCTP_AUTH_KEY(r0, 0x84, 0x17, &(0x7f00000001c0)={r2, 0x100000000, 0x97, "ea47f25251ddf9a41285d9ea25ef16f0895d536dd78a7a3e76b12b8ca5cc457f34946fb8dbc41070c30b8490e762b8c2ee5de609778acb246420bd4043f7e4510576e735b5ea9c699caa458aa19d40913c3ae48a5c15018975b1045c1d5a6243250d7395a8cceeab744925264e7c022b8e4fecd77a1ee9308f7576905752d2fe9a29d95178b87049537913f071e8528f389960ea8f9da7"}, 0x9f) timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) close(r0) tkill(r1, 0x15) 2018/04/06 11:40:53 executing program 2: r0 = syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x401, 0x14da80) sendmsg$nl_route(r0, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)=@ipv6_getanyicast={0x14, 0x3e, 0xc01, 0x70bd2b, 0x25dfdbfc, {0xa}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x20000004) r1 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f00000000c0)='/selinux/enforce\x00', 0x101000, 0x0) fallocate(r1, 0x6, 0x0, 0x7) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(r1, 0xc08c5335, &(0x7f0000000000)={0x7f, 0x4, 0x3, 'queue1\x00', 0x5}) 2018/04/06 11:40:53 executing program 7: r0 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/enforce\x00', 0x40005, 0x0) fallocate(r0, 0x8, 0x0, 0x1000) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000040)={0x0, @in6={{0xa, 0x4e22, 0x4, @empty, 0x9}}}, &(0x7f0000000100)=0x84) getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000140)={r1, 0x6}, &(0x7f0000000180)=0x8) 2018/04/06 11:40:53 executing program 4: r0 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000200)={r1, 0x6d, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30445cc3106098c1375dee48494f9360a6dceec8517e675add01d6167e244f8f663e3529bed2135afaa69efe4f927cc8fba0718a875d52"}, &(0x7f00000000c0)=0x75) close(r0) setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$rdma_cm(0xffffffffffffffff, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080), 0x2}}, 0xfffffe84) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000002c0)={0xffffffffffffe55c, {{0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, [], 0x19}, 0x6c}}, {{0xa, 0x4e20, 0x3f, @remote={0xfe, 0x80, [], 0xbb}}}}, 0x108) 2018/04/06 11:40:53 executing program 5: capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) 2018/04/06 11:40:53 executing program 6: socket$inet_udp(0x2, 0x2, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000095bffc)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) sendto$inet(r1, &(0x7f0000762fff), 0xfdc7, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe000000c}, 0x10) 2018/04/06 11:40:53 executing program 1: r0 = socket(0x0, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) r1 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x52, r1, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000000200)={r2, 0x6d, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30445cc3106098c1375dee48494f9360a6dceec8517e675add01d6167e244f8f663e3529bed2135afaa69efe4f927cc8fba0718a875d52"}, &(0x7f00000000c0)=0x75) close(r1) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(r0, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) r3 = perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$alg(0x26, 0x5, 0x0) r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000640)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000140), &(0x7f0000000180)) close(r4) sendmmsg(0xffffffffffffffff, &(0x7f0000002280)=[{{&(0x7f00000006c0)=@pppoe={0x18, 0x0, {0x3, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, 'ip6tnl0\x00'}}, 0x80, &(0x7f0000000ec0)=[{&(0x7f0000000740)="964616d1dafb11d6d905ea33bd4eaea0dd04eb847bc0a1210ca9456143e31b8ce14caf4a0646bc639707d10aba3e652495977a7a6d3fc41ef6364c47c2266aa410a490f920f407161207ec5352e1ce6c3822d3a2ae063583609298790a58b73fccaac3665dd78ab4a15d4c12a996799f41dc79b9f3d57a627a7517cb0b51c0cecf43519f19db25073246fa0d8e29d209ee94372325d56aa5ae8d45", 0x9b}], 0x1, &(0x7f0000000f40)=[{0x30, 0x103, 0x918, "b9b0597d21d227c112b74fbadc29c742bca992f94f18f93f4a69"}], 0x30, 0x4045}, 0x610}], 0x1, 0x4001) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x13860b96, 0xa0000) fcntl$getownex(r3, 0x10, &(0x7f0000000680)) [ 371.577619] FAULT_FLAG_ALLOW_RETRY missing 30 [ 371.582214] CPU: 1 PID: 23743 Comm: syz-executor3 Not tainted 4.16.0+ #3 [ 371.589048] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 371.598381] Call Trace: [ 371.600956] dump_stack+0x1b9/0x294 [ 371.604576] ? dump_stack_print_info.cold.2+0x52/0x52 [ 371.609752] ? kasan_check_write+0x14/0x20 [ 371.613975] ? do_raw_spin_lock+0xc1/0x200 [ 371.618206] handle_userfault.cold.32+0x44/0x57 [ 371.622865] ? handle_userfault+0x16c6/0x2760 [ 371.627347] ? userfaultfd_ioctl+0x4d10/0x4d10 [ 371.631910] ? debug_check_no_locks_freed+0x310/0x310 [ 371.637082] ? rb_erase+0x3530/0x3530 [ 371.640866] ? print_usage_bug+0xc0/0xc0 [ 371.644907] ? match_held_lock+0x801/0x8b0 [ 371.649128] ? print_usage_bug+0xc0/0xc0 [ 371.653180] ? print_usage_bug+0xc0/0xc0 [ 371.657225] ? find_held_lock+0x36/0x1c0 [ 371.661281] ? __lock_acquire+0x7f5/0x5130 [ 371.665510] ? graph_lock+0x170/0x170 [ 371.669312] ? debug_check_no_locks_freed+0x310/0x310 [ 371.674503] ? find_held_lock+0x36/0x1c0 [ 371.678560] ? lock_downgrade+0x8e0/0x8e0 [ 371.682695] ? kasan_check_read+0x11/0x20 [ 371.686828] ? do_raw_spin_unlock+0x9e/0x2e0 [ 371.691216] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 371.695783] ? kasan_check_write+0x14/0x20 [ 371.699995] ? do_raw_spin_lock+0xc1/0x200 [ 371.704212] __handle_mm_fault+0x34be/0x4150 [ 371.708601] ? vm_insert_mixed_mkwrite+0x40/0x40 [ 371.713335] ? graph_lock+0x170/0x170 [ 371.717118] ? find_held_lock+0x36/0x1c0 [ 371.721164] ? lock_downgrade+0x8e0/0x8e0 [ 371.725311] ? handle_mm_fault+0x8c0/0xc70 [ 371.729528] handle_mm_fault+0x53a/0xc70 [ 371.733570] ? __handle_mm_fault+0x4150/0x4150 [ 371.738130] ? find_vma+0x34/0x190 [ 371.741653] __do_page_fault+0x60b/0xe40 [ 371.745701] ? mm_fault_error+0x380/0x380 [ 371.749830] ? __schedule+0x80f/0x1e40 [ 371.753718] ? graph_lock+0x170/0x170 [ 371.757501] do_page_fault+0xee/0x8a7 [ 371.761286] ? vmalloc_sync_all+0x30/0x30 [ 371.765423] ? find_held_lock+0x36/0x1c0 [ 371.769469] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 371.774296] page_fault+0x25/0x50 [ 371.777732] RIP: 0010:copy_user_generic_unrolled+0x86/0xc0 [ 371.783328] RSP: 0018:ffff8801b92f7ce8 EFLAGS: 00010206 [ 371.788668] RAX: ffffed003725efae RBX: 0000000000000018 RCX: 0000000000000003 [ 371.795916] RDX: 0000000000000000 RSI: 0000000020013000 RDI: ffff8801b92f7d58 [ 371.803173] RBP: ffff8801b92f7d20 R08: ffffed003725efae R09: ffffed003725efab [ 371.810424] R10: ffffed003725efad R11: ffff8801b92f7d6f R12: 0000000020013018 [ 371.817670] R13: 0000000020013000 R14: ffff8801b92f7d58 R15: 00007ffffffff000 [ 371.824935] ? _copy_from_user+0x10d/0x150 [ 371.829154] SyS_sigaltstack+0xae/0x320 [ 371.833105] ? do_sigaction+0xa50/0xa50 [ 371.837058] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 371.842575] ? exit_to_usermode_loop+0x1ef/0x310 [ 371.847310] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 371.852132] ? ksys_ioctl+0x81/0xd0 [ 371.855736] ? do_syscall_64+0xb7/0x9d0 [ 371.859691] ? do_sigaction+0xa50/0xa50 [ 371.863646] do_syscall_64+0x29e/0x9d0 [ 371.867514] ? vmalloc_sync_all+0x30/0x30 [ 371.871645] ? _raw_spin_unlock_irq+0x27/0x70 [ 371.876118] ? finish_task_switch+0x1ca/0x820 [ 371.880591] ? syscall_return_slowpath+0x5c0/0x5c0 [ 371.885500] ? syscall_return_slowpath+0x30f/0x5c0 [ 371.890412] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 371.895759] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 371.900584] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 371.905753] RIP: 0033:0x4552d9 [ 371.908922] RSP: 002b:00007ff15ecfec68 EFLAGS: 00000246 ORIG_RAX: 0000000000000083 [ 371.916609] RAX: ffffffffffffffda RBX: 00007ff15ecff6d4 RCX: 00000000004552d9 [ 371.923854] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000020013000 [ 371.931100] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 371.938345] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 371.945592] R13: 0000000000000608 R14: 00000000006fc160 R15: 0000000000000000 2018/04/06 11:40:54 executing program 2: r0 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/enforce\x00', 0x40005, 0x0) fallocate(r0, 0x8, 0x0, 0x1000) r1 = getuid() ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000380)=0x0) getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f00000003c0)={{{@in6=@remote, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@loopback}, 0x0, @in6=@dev}}, &(0x7f00000004c0)=0xe8) r4 = geteuid() r5 = gettid() sendmsg$netlink(r0, &(0x7f00000018c0)={&(0x7f0000000040)=@proc={0x10, 0x0, 0x25dfdbfc}, 0xc, &(0x7f0000001800)=[{&(0x7f0000000080)={0x18, 0x40, 0x20, 0x70bd25, 0x25dfdbff, "", [@typed={0x8, 0x5b, @uid=r1}]}, 0x18}, {&(0x7f00000000c0)={0x98, 0x39, 0xe33, 0x70bd26, 0x25dfdbfd, "", [@generic="0fcf9d7a251eada0d86bccdf82581c671c3984cf0562a3695e6449ede31998b79b114a4f774b087ba82c4f5e31882d5ca9b98bc695979ecbd1892f13f11d48677b47ae2f4a293ee6320bae9ad5565b7aabc0442df55ba4ce778949f375aebbf1591c785994433da6096dcafae3e7b66014be80506d7472f5037b63c9509d9e05b89c960f0177fd"]}, 0x98}, {&(0x7f0000000180)={0x1f0, 0x31, 0x0, 0x70bd2a, 0x25dfdbff, "", [@typed={0xe8, 0x2a, @binary="b02931462b8c9ab45d57e79d840faf87dd531e0f71100c30b43ac058ba6dcb91ab232818acffc20a88a6a0ac1f4c5d729cfc83ddbac13e08abc1dc083b7e40a0bafef5bad5d999ed79f734737550f2bd03fdc59210ff4e156b16b37cb8b4498187af5e2e2a38c5851ad3acc6eb0dee9b8a73577fc8b79072b1691f168aa302d2987788318542e86be7e9a7b78e3b0eec80885f9fe1e87f580dd3847616b953a4715febf4e2ec50c47b46f4912f45a6e48fba5dd636626934a051b6977b259bf9be709d2d54e3096a5e17b2e9d06485cbdef24d0c856649fa91b1cfda81ac60c68f"}, @typed={0x8, 0x6c, @u32=0xe5d}, @generic="69a1e88e8e8d4a27be2fc346c879f68586525cb1655b21c956dd0c6c036469ccfae0f0b3905b520b678afa8760fc124fbb6f32c4c17be60b3f6ff49616160efc3571fcd11ef71ec9eba14e4f7d61eba50496884c6790a0b1e854201eb332d421a38e3deccd17af33ce5cb1747fc2abc9c284c43c4ca22651c4b9d5a46160ceeb7fce473580a80eb788097017c653774ebcd849a12c8891bbe3b48517651e76563f78c48affe3ed1f390bdbfe3d565abba568f99c97979baf303d50d8f12c812e886f070afe6453b2c071b29dc34cabf4e1a63bc50d9effb600845f3e33b15a82e87dcb2e12e60643024701edb22787"]}, 0x1f0}, {&(0x7f0000000500)=ANY=[@ANYBLOB="ac120000320000042cbd7000fbdbdf2534969744325c05d371b1a57201b9d313fedfe69fef0c658e9451c1f4236479274d4a4e6526865fcd6f30db972566b4aee5cb70aac2fdfda7d0b665e10f737b4d5825ade4671c662b20cd71b1c565261b3a1e8a62826edccd34435e02cedc641b4d2f29f24ab7dd0b3851d2e0bb3bd390f5f087627e0c318566508489e7987e9052bd2648bad6d467e3b4c2d655097e16524ded6499f661f526d16313312c1812b203f718609489fe99013b1ceccba4b60f0867e586d160a18ab058c1348c25d2101a9ece604d2736a32aae7676bd1540a38732d7aa398b072a653716fc8dbed23d55ee6e3b87278cc152720cbb4ad951b741173c0819ff3981fae9f86d8ba6271db9ad929b9700cbe484139c4f964c9e3072570167e1e951fe06be4e5ef8d68dd215b185acb49448f6d7553a4e1c90a127354d2e8938b3218caee75daa08593bf1b463e5ee40b33b71b143245be332392abbebac6e96d0f0bea33833aa40b0626637a95ffb3ee3ba4d9c3066d7b1656c3563219c2a6d975170d793a2ee01c79c7c5e81be58954faf49dcef345c2523e5449f68dbec91cb7ee3ee9e4dee1780a958a685b7bf6905dfc9b32ae6bc45fe7d5bac04de718fe003b12eff0ee010020004007f0008000900", @ANYRES32=r2, @ANYBLOB="78651a031bc6c9ad3b9345c8f72c90865de909a76a7a16a1903243be37a26f418bf94e4c204b17d97b6408c9ad8f38d75c0d6ae33a1321aed580508af43f7e3310fb37054ac09660e689b55ac08958c7b27c0d59125428c1e63acf318de2d8afb5dbb8a0a680588396588cad19977c8684e5987685b4d6005633f2fecfe98c5536bffc2432cc846c35d3c6e05ff6aa4aa30940ac6a9f96b2498ad3e91207679b185a4f6d7f645854e2d60ff8abd9e30679b6cbb0080fe94a6bbaa2f976f44decbfbbd3904c194e85bdc1d3e6e95b5003c801e2c3c87d4f4f3c673fb20184d18b14ad0b3f57a3da6cbb1625870ff2b5db7ded5f6d8bf199e977f48ede1a5987519ba12802c0ec8c50647e2d91167db95c3363af50c8473cce61b5c2d04695669754bfd2609c72f0d3ce6e9064a3ceb0cb5f67be197727a39bacf46a286f86d38427f87ab7a8e0ac2b8916fb6ae46a26f8c4c31cfdec4f54c53c824d4baa3abe385832630c6ad82242e931c663d399ae484347ce5efa3fb4113940b52e7c52696aab13d44b239f86a64aff37cb75a634c6ba7391c55af908e978650baa3f9299e096e7b9bb275470c020189b3f1abca50837cb296cb28fd48a72dd9a1a9742eb680fd563f3530600a435172939c967b3f125f2651340af80862e1cbd11caa3a9ed332ed9932834b2b371d892ad4953f5a81eb79c0d07f31f39ed796fbad7bf3c91cab24984917035385153e01faa983c75f0e88f4082694533d61b3e9796f5476d87191ff54e45a2e9d3402652b14a47949762910fea84a41f60d8ed305b5802e454f78bccff9ec842200cf77163d3bcdab6c8c341729531fa2d021ac71f498529148b8dc9387f941cbc6812d4a8944466a3d348049c9d1ce17a8ca007eecce8fa698f5fa8d95e487dbfc9798d8b8abc4ca4be348320a4ef119a897e6adc71dd39107a09f2abe4ae62aa01bed35dbba0f2f2eb0f7aa26123a24d02f14bf5f57546afb823ac030a1c82a40a59209f7dda62edc4ab644987f9fe741fa47e6f8963d724f176d149147660e525c707b4d3e45657d3c58cddb3089cc5783f2dc6a3a36227820ff0efde0318e4c75d75348d8aec9adad3175b7abba1f3f34c5714f885fc30c379dc59d1ef02f4a90228f3e7f9106e69dde7729e94de5113f227d782d55c42a2a2e9b2c5f160368660fd23103380d1b46517be99873f37aeeb12cbea24587cdfca832dffe696795b933045d8a6b88dc3db5511754ef6d17e39596a0e2c98267533e5778d71eb4f0af044d59f97476127a9d7cf7cf9f4722af2e9135e0fe3451f75dd64cccf782796f362d50269a1fc2c78f641ffa9ebe5f74c690e1cf4f82556f77953c5a40cd41465c4e5a33eb88d7d161decb71c55c25938d67308e78676c10fcf03d02d43feabea1924a4501d4ab5b6d1cb51fdeec6f1d0069a4eb47b3d108fede04e7428b561b85aea6bacda2d51efc180c46976f57fe2f4b71ff69ac2fece261d5c1ff1b81d2c16bec7e9aaef96d7ba8cd9571d1fb1bbcdcb9cd42c3e47fd051c255106b6e3c03c7bcc2bf313dfb0aaddd2fedfd9a54037bc60a2fe321b39f788f4d2d89218ce95aa086014400c1f4dec7232bcb2b8f22a268d462ed2acb82a9ab35e2137f7d1eba3b1a3c3fbb8851e6a1cacd1c33c3b4c9dd883eb3fedf4a97597bf1900699b55bcd038c5ac0860e77396c7fc7a425d13ac5b2c7d2d89f6b076d51c6654f8ccf5fd528298cc6d5a93176fa61e99741c5490cd9da748ec25f07c3435db1f3ce6c3602f558c44aa452f73f2e1c7cd7c15c78a01de609854a861b679b4a7ef84c42dc13a41a7664d8b314f04f0c22ba6adad5060b15b9351fef2cc9c470d804fa081719282e35e6d6217ad175b93115d9b9ca0229f0e9b656820ce02393d43e6b86fa1b0f22b0004d3dbb925c2177ef61087e01e2f537623cfa088e0eae3a6371a74c5474d3cd8063294714395c6ccdf70e28d300491d8b9e8781fdb752665b4e0e511209db497af942bc82e92af342a1fa86e780de6669ea137e35b7ce357233a5f5dd15955a0a404b342fcd7f7c8ec7c673fe028b4a5768b8ee6592c41570e73a3ec5313b94108df0725c4ccede58d5136042aeba90eff53d221885bf52989b8f2f32714ffcff1c3f56d7629a7061125fa226f139babba88a9fc436b095dc0deebc9f4a3da8d104be96160649a9f3ceed249b63366fd5dc7def6f311c4d6916a92508f183ed8a96feaaae8f20966b925138a5918f8a56d3d65e8da5a593efc76c040f03feac452373372ccf0002e13ec53be552b2f3c8ff1b4292e4e77793650fbf28cf95da466e45064f157e062892bd293bbe10f3aa72c50f091354ee3f8f62fa977daf327af73755276f995d82181ac81e54ddcfc95b5b1511a354992f5669a75996c21c516487f09e13a5688985bf6bfffcf8c71d99b8ca715d46a109681276fa0f568c0c4c478011915def94a399a303281e566fa3279bb84e603e5b678f4e8a8ede761931dbdeecd591e3264d556cb771353edc49a388d2d902a11a266e1ca5a35bfa30ca2fb3fc340e64cbbd48b46f672d06484c1c2bf7dc6b8926b32ec25cc4effd358f1de4e9d12aa39f2e5fa5fee36612bfe99ec1fdfc411464d7d8642e0e55da3ea9cb158caa128d554c301c21e50d83e6cb4eeac2673e084f340ae8dfffd917cc7c140b81af0791d26e3a05ba4e88caea258b1edabffd82f030b9d64169e3f7d9dbed9674c2446ab7e949651498576598fd042778cb33c7b9190235c73114de0d0706ed61332b33fa37c47b8a4ede34495b6d160f4c5e18da30c203d0c3ca892a46e0dd03cdba14a80780f577431cd21a93de354763f7b93da2f4abacde71895fa26fba84d341b2e055fe66df58f538503ca01186bb1b1426cc3322724ccb3f8f277dd35642458168d09a6c2f20fda362f9a89556b0497f4bf5ec0de5ab0b4d9438ce7868b6bab46e3a2371610755cff262b1266a9923c33f2e5d92273ee0653eef307624887ca226b479ff6557b91172b9399f5c3d3ffe9b43f8df665f9dee88a55154e11c0131d72c58a65c165fbef43a5b834c9dfc60a87b9342f74e3c0351e8d039adfb56592551696f67d0e44adba02a6b4c2a56342213fd587903349c991c2420e688ce24f68e44f7888a34ddcd284999c248aabea8f9f6fd4b101924929e61bc3b7d4286ab976a0dc1e1b774fbef45f9e058bbf9940b022873268587d951f8f5a4d0b189c1587b13007aae3ae4aac7715dd96c710959fd480da175569ce82d4e352c139499d638332f6b13e8d937f1ef30acf34ef98b47946b85ad09ffaa89ca26a4afee22e5a8ef35f3f16af0cbd476b6d8f5162bfd88ae003f7d7ef1de419e0c0c8c5a00948b05036c7dbcaed278134f372996c884d11fa2c151f9dba27d35c35a920babd40858368365e62a94c149314ca537f505eea56b3c13954e021f355477418b9f082192266d50ebfcf0aace25ff0fcb30fdb5976dcdab12e4a6c5b7055eb7bb8052301f3d76972b57d7f6f69824911d59016724e76191f149e133db48d9ea8d2ce30fb13bc3eb035a2dad3c6c28f042b7657dbb67b5e98140e985cabc34b363e2ed7016b0ca9c1e84dd7971b0e8a87a92d38e42541548bb31eb9838b4791d66b8cdc58796dbe5beb209fe2c9a8344fdd56bea08f6f9f43e2fba14f5bceab1ab568a70ced77867c7adcddfc12e2e6ddd81178145cda78d511d5076595a088bd56c1a646806f577ddaba1efc8591710a31643c6fd41deabfcd42cb5ce6594c8927762e0f030a064b4f38437d3f61cd9ee0197e1edf341d10a2ee90d3a0fec01136218775fbcc10c0607ff3879de883a70b9ec9a58d106d28fdb3d76df56a2a1367fbafd2aff26df2ddc2e3611e4455d430f7921966edb651fc0b93cd812a9566839b1a7c34b4710863ba5648079353a82f8c025f6ff67c73cfc2a575b37c272259420c4e58c5bf0b5317b54c1f51278e587d035e929f567252ab90e5ffa7f0daef8d7cb16cc88e315d38b856a715f37b660afcb00a7bff0784d13b629a9ed09f0953f69abfabe6ef02d75b4055e78e445b658b2e3e55cf0311996b37491efa82f260c3a91b07bd271fbe4d1c422c679852f696262197c4c04c5d8f014f47cbbba894e86e66865b77534d61be67b58e3c21dcef74c85edaa545f8d4e5e7895fafcc3aa8717e1f4bcc1c5f35fc40304f22d00fab6778f3a300dd4499d34765ad24b1534e1adb54ec381624340b616803979cb50caafec4120bac05954096c7651091707d16829d4b18fb492026e24b7d14b6e286712ff5eec5e985adab8f7bac0d98b2a525c645053b43d96f88d4a378db32359b832a3376ed55c07226a20bcddf937c7ef736fb110cf0d11af96748b8c56a0600cb2785e8a3cf71756ce345bdc64996050f6c482c35aa5fa5022429a2fc15602ead161d44fbfd9b340603a11dcc733267f73be717b851e9308745d4a5a3b02b44e8eb70927145d841d864d302d2252f4f0f94dff2afe1eb3f59a98396a812663578de06ca3d73f49cbd8d12d043a4c9e8ddec4edb558223f4e7c8ce6738c0454e044bf7f45ca123c4cb9cc9eea6e376552bd7cf717ebbfc411e65b96fdf89edc32337c613ba7ae2811a64adf12a0dcac510b4040f6143ef82d5a1636545290f8f5d4a9faeed078b1cc125a25cb3353e58813d40b64e44dc0d4b931322b7ab62583236336e02ef1a4764f2feb7e0d6e1074a75982554af3821906bf8dffdd72695e5e4ec4c0d17839f9c23fdaf3c6085823480988e4c5d26b97cff37eeed524cf67506e9bcfbf74fd4587f4c4bfc3e21af8772d5299713b3e854582b2f76497791f996925a6a63e1cf302f36ae95312ddcb0b079a1efaafe2ee8ed574f68dd22df598a94e777811c4edaf77a239ffc0901f523c4f5cc15cf34f2a41b572ba92ff82632bc51edefee5a3e06c2505a9983ee6a0b091e141aef4007f70462419c799d77c29b90bddb4afd906530751874715c2aa9933e6607dba1e8cff2e91306fd3f8d6f8faa555918d56a5e0113317fd1810e7d956bca4d3c885df175c42dc3e0a6d075e0409493ddaf55b04137d40bfa7c3486226b85272326a8cdf6955395e38c050f87a3d15a4578b858d008706e543c17833005485638aa81e8a011651fe6f6b2296e5d77d10bd248f8ab4487a0f771bdbb0b2500d566d7a9fcf7287d31d9a5d9bae9c37e5786d98a5f250ac3f2c76ec8f5a79f4a3b7ddb3779e8fc189b31f80336991d71601f6a122eab1d99ffe3314ca2b6c991d7261f7304997638002bb6181368c0f36849d53893c1e7ca5e1126340e4a74a2d61f75a012ac660185dd6bd9da9d7b64ed5cc7a5dbf9d68770eb883256b54b71a81ba4a614fcd9877fa9e93a3073d1b25aa4992ffaa0368edcefda2cdb4ae42d784e009d38c63ad376ced6cc0571f20dee12072526df1ba8a3180c7da0e65efb90d4fc150f2020c0c2ce1db3fa9adde668a83d8b56be20a31e5bf4410a1ee9e7c1dc1a1a1cbe153180feb287b7311e0cd373f9cf23455447a4776833f2e0bca253de56665c1a63f0e9f829a7f0290e141b1ccbcaa7b3d8ff5f38241a71e03e73b7791744823e23e2e988ac53b542b5b7cedb1afe3428255c9d1e65789bc4e57b98199c6a491d9970e5f55838355fb2c1e1ac7e9ec05095b45aafb229ed3c00d3a6509d2d63c2383141ef0abcc668b4d784a550a5d7c041972e618d1c537c8d25621b45b5fc2b62b4aa504513c73e2dcd8ef7f59b21379bd590809f0dff2640e6818f963d4a52cbe0bdd4150de82d37d41bd38c06608920d3576538e2d624860dfc2f1aff298920b721418fce1930a339468d656145843894321ef8c7473800e4c209910d7e40d127a05de863d0b57443ff9747791c2fef9502010c2f1c22fb6b495cd1ea44e87217284a48dd1333745080033407a793ef6eea662db0c95cae353742c598c03d066de2ec3e33a214b198b930326f148baf913726a02f84ba8a0cef785c029f468e454393d08fe6f93bb6866a6294168d080052008100000008007d00", @ANYRES32=r3, @ANYBLOB='\b\x00(\x00\x00\x00\x00\x00\x00\x00'], 0x12ac}, {&(0x7f00000017c0)={0x2c, 0x39, 0x10, 0x70bd25, 0x25dfdbff, "", [@nested={0x14, 0x82, [@typed={0x8, 0x77, @uid=r4}, @typed={0x8, 0x57, @ipv4=@remote={0xac, 0x14, 0x14, 0xbb}}]}, @typed={0x8, 0x48, @pid=r5}]}, 0x2c}], 0x5, &(0x7f0000001880)=[@rights={0x20, 0x1, 0x1, [r0, r0, r0]}], 0x20, 0x80}, 0x804) 2018/04/06 11:40:54 executing program 7: r0 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/enforce\x00', 0xa000, 0x0) fallocate(r0, 0x8, 0x0, 0x1000) 2018/04/06 11:40:54 executing program 4: r0 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000200)={r1, 0x6d, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30445cc3106098c1375dee48494f9360a6dceec8517e675add01d6167e244f8f663e3529bed2135afaa69efe4f927cc8fba0718a875d52"}, &(0x7f00000000c0)=0x75) close(r0) setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$rdma_cm(0xffffffffffffffff, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080), 0x2}}, 0xfffffe84) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000002c0)={0xffffffffffffe55c, {{0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, [], 0x19}, 0x6c}}, {{0xa, 0x4e20, 0x3f, @remote={0xfe, 0x80, [], 0xbb}}}}, 0x108) 2018/04/06 11:40:54 executing program 6: socket$inet_udp(0x2, 0x2, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000095bffc)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) sendto$inet(r1, &(0x7f0000762fff), 0xfdc7, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000010}, 0x10) 2018/04/06 11:40:54 executing program 5: capset(&(0x7f0000000100)={0x20080522}, &(0x7f0000292000)={0x0, 0x0, 0x3}) msgget(0x2, 0x58) 2018/04/06 11:40:54 executing program 1: r0 = socket(0x0, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) r1 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x0, r1, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000000200)={r2, 0x6d, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30445cc3106098c1375dee48494f9360a6dceec8517e675add01d6167e244f8f663e3529bed2135afaa69efe4f927cc8fba0718a875d52"}, &(0x7f00000000c0)=0x75) close(r1) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(r0, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) r3 = perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$alg(0x26, 0x5, 0x0) r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000640)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000140), &(0x7f0000000180)) close(r4) sendmmsg(0xffffffffffffffff, &(0x7f0000002280)=[{{&(0x7f00000006c0)=@pppoe={0x18, 0x0, {0x3, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, 'ip6tnl0\x00'}}, 0x80, &(0x7f0000000ec0)=[{&(0x7f0000000740)="964616d1dafb11d6d905ea33bd4eaea0dd04eb847bc0a1210ca9456143e31b8ce14caf4a0646bc639707d10aba3e652495977a7a6d3fc41ef6364c47c2266aa410a490f920f407161207ec5352e1ce6c3822d3a2ae063583609298790a58b73fccaac3665dd78ab4a15d4c12a996799f41dc79b9f3d57a627a7517cb0b51c0cecf43519f19db25073246fa0d8e29d209ee94372325d56aa5ae8d45", 0x9b}], 0x1, &(0x7f0000000f40)=[{0x30, 0x103, 0x918, "b9b0597d21d227c112b74fbadc29c742bca992f94f18f93f4a69"}], 0x30, 0x4045}, 0x610}], 0x1, 0x4001) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x13860b96, 0xa0000) fcntl$getownex(r3, 0x10, &(0x7f0000000680)) 2018/04/06 11:40:54 executing program 3: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) fcntl$getownex(0xffffffffffffff9c, 0x10, &(0x7f0000000100)) getpid() fcntl$getown(0xffffffffffffff9c, 0x9) gettid() ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) getpgrp(r0) r1 = memfd_create(&(0x7f0000000080)='em1\x00', 0x2) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000200)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) sigaltstack(&(0x7f0000013000/0x1000)=nil, &(0x7f00000000c0)) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000258f88)) msgsnd(0x0, &(0x7f0000284ff8)={0x3}, 0x0, 0x0) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000240)={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000640)={'\x00', 0x0}) ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f0000000680)=r3) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f0000000b40)={&(0x7f0000011000/0x4000)=nil, 0x4000}) io_setup(0x1000, &(0x7f0000000040)) io_submit(0x0, 0x0, &(0x7f0000000000)) ioctl$VHOST_RESET_OWNER(r1, 0xaf02, 0x0) 2018/04/06 11:40:54 executing program 0: mmap(&(0x7f0000000000/0xd99000)=nil, 0xd99000, 0x0, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = syz_open_dev$vcsn(&(0x7f0000000040)='/dev/vcs#\x00', 0x400, 0x8100) accept4$netrom(r1, &(0x7f0000000100), &(0x7f0000000140)=0x10, 0x80800) ioctl$EVIOCGPROP(r0, 0x80404509, &(0x7f0000000000)=""/47) ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000080)={@mcast2={0xff, 0x2, [], 0x1}, @mcast1={0xff, 0x1, [], 0x1}, @dev={0xfe, 0x80}}) 2018/04/06 11:40:54 executing program 7: r0 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/enforce\x00', 0x40005, 0x0) fallocate(r0, 0x8, 0x0, 0x1000) bind$nfc_llcp(r0, &(0x7f0000000040)={0x27, 0x0, 0x1, 0x4, 0x6, 0x6, "1ac7295c4d08a213055466707901d85119de7bf93854ba8849bfdbd555975526e896c18a99bb41c41bea46af824a69a4a594b68ef0a2ba32c68fa0b5b47f0c", 0x2a}, 0x60) ioctl$sock_ipx_SIOCSIFADDR(r0, 0x8916, &(0x7f00000000c0)={'yam0\x00', {0x4, 0x9, 0x7, "5697ffd0bca1", 0x100000001}}) 2018/04/06 11:40:54 executing program 2: r0 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/enforce\x00', 0x2000, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000000)={0x1, 0x8c, 0xc, 0x1, 0x9, 0x5, 0x1, 0x100000001, 0x0}, &(0x7f0000000040)=0x20) setsockopt$inet_sctp_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f00000000c0)={r1, 0x7777}, 0x8) fallocate(r0, 0x8, 0x400000000, 0x1000) 2018/04/06 11:40:54 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000080)=ANY=[@ANYBLOB="01000000000000007a010000001f0000005d0000000000008935768ef13683baeb68ad8c9841a3310759691c03312b99a519d9a8020a8bc16de16cfd87eb118daad3743a48fee7925705fadea80d8794e00e62ad71b83471fc50ceda3e1d31ad6e9129aad04ab25987d05bea7dcbf48921360e5491567fd5c71c2f24866bd974de27362ffecbd6e2964b7b479a2f8bada53bf73066df41520abe0815b094f6e07034c52933"]) 2018/04/06 11:40:54 executing program 5: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rtc\x00', 0x181000, 0x0) ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f00000000c0)) capset(&(0x7f0000000140)={0x19980330}, &(0x7f0000292000)={0x78d, 0x0, 0x0, 0x0, 0x0, 0x8}) r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x800, 0x0) ioctl$EVIOCREVOKE(r1, 0x40044591, &(0x7f0000000080)=0x5) msgget(0x2, 0x58) 2018/04/06 11:40:54 executing program 7: r0 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/enforce\x00', 0x420041, 0x0) fallocate(r0, 0x8, 0x0, 0x1000) 2018/04/06 11:40:54 executing program 4: r0 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000200)={r1, 0x6d, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30445cc3106098c1375dee48494f9360a6dceec8517e675add01d6167e244f8f663e3529bed2135afaa69efe4f927cc8fba0718a875d52"}, &(0x7f00000000c0)=0x75) close(r0) setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$rdma_cm(0xffffffffffffffff, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080), 0x2}}, 0xfffffe84) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000002c0)={0xffffffffffffe55c, {{0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, [], 0x19}, 0x6c}}, {{0xa, 0x4e20, 0x3f, @remote={0xfe, 0x80, [], 0xbb}}}}, 0x108) 2018/04/06 11:40:54 executing program 1: r0 = socket(0x0, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) r1 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x0, r1, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000000200)={r2, 0x6d, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30445cc3106098c1375dee48494f9360a6dceec8517e675add01d6167e244f8f663e3529bed2135afaa69efe4f927cc8fba0718a875d52"}, &(0x7f00000000c0)=0x75) close(r1) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(r0, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) r3 = perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$alg(0x26, 0x5, 0x0) r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000640)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000140), &(0x7f0000000180)) close(r4) sendmmsg(0xffffffffffffffff, &(0x7f0000002280)=[{{&(0x7f00000006c0)=@pppoe={0x18, 0x0, {0x3, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, 'ip6tnl0\x00'}}, 0x80, &(0x7f0000000ec0)=[{&(0x7f0000000740)="964616d1dafb11d6d905ea33bd4eaea0dd04eb847bc0a1210ca9456143e31b8ce14caf4a0646bc639707d10aba3e652495977a7a6d3fc41ef6364c47c2266aa410a490f920f407161207ec5352e1ce6c3822d3a2ae063583609298790a58b73fccaac3665dd78ab4a15d4c12a996799f41dc79b9f3d57a627a7517cb0b51c0cecf43519f19db25073246fa0d8e29d209ee94372325d56aa5ae8d45", 0x9b}], 0x1, &(0x7f0000000f40)=[{0x30, 0x103, 0x918, "b9b0597d21d227c112b74fbadc29c742bca992f94f18f93f4a69"}], 0x30, 0x4045}, 0x610}], 0x1, 0x4001) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x13860b96, 0xa0000) fcntl$getownex(r3, 0x10, &(0x7f0000000680)) 2018/04/06 11:40:54 executing program 6: socket$inet_udp(0x2, 0x2, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000095bffc)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) sendto$inet(r1, &(0x7f0000762fff), 0xfdc7, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001, [0xd7780000]}, 0x10) 2018/04/06 11:40:54 executing program 5: msgget(0x2, 0x40000000000055) 2018/04/06 11:40:54 executing program 2: r0 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/enforce\x00', 0x40005, 0x0) setsockopt$inet_sctp6_SCTP_RECVRCVINFO(r0, 0x84, 0x20, &(0x7f0000000040)=0xfffffffffffffff7, 0x4) fallocate(r0, 0x8, 0x0, 0x1000) 2018/04/06 11:40:54 executing program 7: r0 = request_key(&(0x7f0000000040)='.request_key_auth\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a, 0x2}, &(0x7f00000000c0)='bdev#*\x00', 0xfffffffffffffffa) keyctl$invalidate(0x15, r0) r1 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/enforce\x00', 0x40005, 0x0) socketpair$inet6_tcp(0xa, 0x1, 0x0, &(0x7f0000000340)) fallocate(r1, 0x8, 0x0, 0x1000) ioctl$KVM_SET_XCRS(r1, 0x4188aea7, &(0x7f0000000280)={0x4, 0x8fc, [{}, {0x5, 0x0, 0xffff}, {0x6, 0x0, 0xffff}, {0x40}]}) ioctl$sock_SIOCBRADDBR(r1, 0x89a0, &(0x7f0000000100)='bond0\x00') keyctl$instantiate(0xc, r0, &(0x7f0000000140)="571b27df074151247b89ce9f9b0b50943e98216f76e2a2ef8edd386489c96bea6818982d3864c4bc88e0c22404a5a95bfb129a6b42dc333429d2c00acb87a93280430b7bd8922e33506f6561c9454d15a3fce8701838b54559e81433892c96616066c6a474d3ff86ebca408b8a4df08230f4d2bffefc9efe5a9c8b8852dbf82fadf6e977c00454114bbde81f737eec9e719100304fa29ad472371afe9dce32304c9477f38f5228c6ca7e4b38111d877c3ebc853c", 0xb4, r0) keyctl$search(0xa, r0, &(0x7f0000000200)='cifs.spnego\x00', &(0x7f0000000240)={0x73, 0x79, 0x7a, 0x0}, r0) setsockopt$inet_sctp6_SCTP_AUTOCLOSE(r1, 0x84, 0x4, &(0x7f0000000300)=0x5, 0x4) 2018/04/06 11:40:55 executing program 3: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) fcntl$getownex(0xffffffffffffff9c, 0x10, &(0x7f0000000100)) getpid() fcntl$getown(0xffffffffffffff9c, 0x9) gettid() ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) getpgrp(r0) r1 = memfd_create(&(0x7f0000000080)='em1\x00', 0x2) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000200)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) sigaltstack(&(0x7f0000013000/0x1000)=nil, &(0x7f00000000c0)) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000258f88)) msgsnd(0x0, &(0x7f0000284ff8)={0x3}, 0x0, 0x0) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000240)={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000640)={'\x00', 0x0}) ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f0000000680)=r3) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f0000000b40)={&(0x7f0000011000/0x4000)=nil, 0x4000}) io_setup(0x1000, &(0x7f0000000040)) io_submit(0x0, 0x0, &(0x7f0000000000)) ioctl$VHOST_RESET_OWNER(r1, 0xaf02, 0x0) 2018/04/06 11:40:55 executing program 4: r0 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000002c0)={0x0}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000200)={r1, 0x6d, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30445cc3106098c1375dee48494f9360a6dceec8517e675add01d6167e244f8f663e3529bed2135afaa69efe4f927cc8fba0718a875d52"}, &(0x7f00000000c0)=0x75) close(r0) setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$rdma_cm(0xffffffffffffffff, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080), 0x2}}, 0xfffffe84) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000002c0)={0xffffffffffffe55c, {{0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, [], 0x19}, 0x6c}}, {{0xa, 0x4e20, 0x3f, @remote={0xfe, 0x80, [], 0xbb}}}}, 0x108) 2018/04/06 11:40:55 executing program 0: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/qat_adf_ctl\x00', 0x400000, 0x0) bind$ax25(r0, &(0x7f0000000100)={0x3, {"ea9d83bae8aef3"}, 0x7}, 0x10) openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x12000, 0x0) syz_open_dev$loop(&(0x7f0000000080)='/dev/loop#\x00', 0x0, 0x0) r1 = socket(0x1e, 0x2, 0x0) unlinkat(r0, &(0x7f0000000440)='./file0\x00', 0x0) bind(r1, &(0x7f00008a1f80)=@generic={0x42001e, "01030000000000b9000000004700000000a979f321b30c7bc8790405c7bad62e0a63a632ed4938d36d64fb8f8401a3ff59829a2b0afe7ce43a5b2470a0c5216669ca021f6f65dcf160e7e58f358c0002f0000158d19bcb31510000500000000000bdb9c8ea31000077aeb81c90001d6f7c980400000000f70dc136cb184a"}, 0x80) r2 = syz_open_procfs(0x0, &(0x7f00009e3ff2)='net/igmp\x00') sendfile(r2, r2, &(0x7f0000014000)=0x400000, 0x10001) r3 = socket(0x1e, 0x1, 0x0) sendmsg(r3, &(0x7f0000000000)={&(0x7f00000000c0)=@generic={0x10000000001e, "0100000000001e0000000001e526cc573c5bf86c483724c71e14dd6a739effea1b48006be61ffe06d79f00000000000000076c3f010039d8f986ff03000000000000af50d5fe32c419d67bcbc7e3ad316a198356ed0008341c1fd45624280027800ece70b076cf979ac40000bd767e2e78a1dfd300981a1565b3b16d7436"}, 0x80, &(0x7f0000000740), 0x0, &(0x7f0000000040), 0x0, 0x80000d}, 0x4) close(r1) ioctl$KVM_IRQFD(r2, 0x4020ae76, &(0x7f00000001c0)={r0, 0x9, 0x800, r2}) getsockopt$inet_sctp6_SCTP_ASSOCINFO(0xffffffffffffff9c, 0x84, 0x1, &(0x7f0000000080)={0x0, 0x101, 0x6, 0x8, 0x3, 0x1}, &(0x7f00000000c0)=0x14) ioctl$TUNSETVNETHDRSZ(r0, 0x400454d8, &(0x7f0000000540)=0x3) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f0000000100)={r4, 0x89}, 0xc) getsockopt$ax25_int(r0, 0x101, 0xa, &(0x7f0000000140), &(0x7f0000000180)=0x4) socket$inet_udp(0x2, 0x2, 0x0) getsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x8, &(0x7f0000000200)=0xfffffffffffff001, &(0x7f0000000240)=0x4) 2018/04/06 11:40:55 executing program 1: r0 = socket(0x0, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) r1 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x0, r1, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000000200)={r2, 0x6d, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30445cc3106098c1375dee48494f9360a6dceec8517e675add01d6167e244f8f663e3529bed2135afaa69efe4f927cc8fba0718a875d52"}, &(0x7f00000000c0)=0x75) close(r1) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(r0, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) r3 = perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$alg(0x26, 0x5, 0x0) r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000640)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000140), &(0x7f0000000180)) close(r4) sendmmsg(0xffffffffffffffff, &(0x7f0000002280)=[{{&(0x7f00000006c0)=@pppoe={0x18, 0x0, {0x3, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, 'ip6tnl0\x00'}}, 0x80, &(0x7f0000000ec0)=[{&(0x7f0000000740)="964616d1dafb11d6d905ea33bd4eaea0dd04eb847bc0a1210ca9456143e31b8ce14caf4a0646bc639707d10aba3e652495977a7a6d3fc41ef6364c47c2266aa410a490f920f407161207ec5352e1ce6c3822d3a2ae063583609298790a58b73fccaac3665dd78ab4a15d4c12a996799f41dc79b9f3d57a627a7517cb0b51c0cecf43519f19db25073246fa0d8e29d209ee94372325d56aa5ae8d45", 0x9b}], 0x1, &(0x7f0000000f40)=[{0x30, 0x103, 0x918, "b9b0597d21d227c112b74fbadc29c742bca992f94f18f93f4a69"}], 0x30, 0x4045}, 0x610}], 0x1, 0x4001) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x13860b96, 0xa0000) fcntl$getownex(r3, 0x10, &(0x7f0000000680)) 2018/04/06 11:40:55 executing program 5: ioctl$TIOCGSID(0xffffffffffffff9c, 0x5429, &(0x7f0000000000)=0x0) capset(&(0x7f0000000100)={0x19980330, r0}, &(0x7f0000292000)) msgget(0x2, 0x58) 2018/04/06 11:40:55 executing program 6: socket$inet_udp(0x2, 0x2, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000095bffc)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) sendto$inet(r1, &(0x7f0000762fff), 0xfdc7, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001, [0x5f50]}, 0x10) 2018/04/06 11:40:55 executing program 2: r0 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/enforce\x00', 0x40005, 0x0) fallocate(r0, 0x8, 0x0, 0x1000) getsockopt$inet_sctp6_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f0000000040), &(0x7f0000000080)=0x8) 2018/04/06 11:40:55 executing program 7: r0 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f00000001c0)='/selinux/enforce\x00', 0x5, 0x0) lgetxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@random={'trusted.', ']+\x00'}, &(0x7f00000000c0)=""/104, 0x68) fallocate(r0, 0x8, 0x0, 0x1000) 2018/04/06 11:40:56 executing program 7: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0x1e, &(0x7f0000000000)=0x200, 0x4) r1 = fcntl$dupfd(r0, 0x406, r0) ioctl$KVM_SET_ONE_REG(r1, 0x4010aeac, &(0x7f0000000100)={0x800, 0x4}) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f00004da000)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) syz_emit_ethernet(0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="9a52438e8227ffffffffffff08004f000028ffff0000000000ffffffff0d00907800000000000000000000000000000000559fb2d0c0f8de890d1020a8c613b8a0f11c2e32b61a5b80555774f41fe13cb2030fd026eed47d0703fead9454ff62b0fb86d10f97c9de4d57ddb49d2c2e0ee9245b57b9fc4a16ccf6217ada2e03f234a2a94e6dc90c6dcd22fe1f38d382d0f85dd1d611ac252b008a0c475a26d0985e5189ad6a9d"], &(0x7f0000ea3000)) accept4$netrom(r1, &(0x7f0000000140), &(0x7f0000000180)=0x10, 0x80800) 2018/04/06 11:40:56 executing program 2: r0 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/enforce\x00', 0x40005, 0x0) getsockopt$inet_sctp_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f0000000080)={0x0, 0x7fffffff}, &(0x7f00000000c0)=0x8) getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000180)={r1, 0x68, &(0x7f0000000100)=[@in={0x2, 0x4e24, @multicast1=0xe0000001}, @in={0x2, 0x4e23, @local={0xac, 0x14, 0x14, 0xaa}}, @in6={0xa, 0x4e21, 0x4, @loopback={0x0, 0x1}, 0x4}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, @in6={0xa, 0x4e24, 0x5, @loopback={0x0, 0x1}, 0x3f}]}, &(0x7f00000001c0)=0x10) syz_open_dev$audion(&(0x7f0000000040)='/dev/audio#\x00', 0x2, 0x8c000) fallocate(r0, 0x8, 0x0, 0x1000) ioctl$KVM_CHECK_EXTENSION_VM(r0, 0xae03, 0x4) setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000200)=[@in={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0xc}}, @in6={0xa, 0x4e21, 0x4, @dev={0xfe, 0x80, [], 0x10}}, @in6={0xa, 0x4e21, 0x8, @remote={0xfe, 0x80, [], 0xbb}, 0x7}], 0x48) 2018/04/06 11:40:56 executing program 5: capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) msgget(0x2, 0x58) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TIOCGPTPEER(r0, 0x5441, 0x2) 2018/04/06 11:40:56 executing program 0: perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0xe3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = getpgrp(0xffffffffffffffff) getpriority(0x3, r0) migrate_pages(0x0, 0x4, &(0x7f0000000180), &(0x7f00000001c0)=0x7) 2018/04/06 11:40:56 executing program 4: r0 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000002c0)={0x0}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000200)={r1, 0x6d, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30445cc3106098c1375dee48494f9360a6dceec8517e675add01d6167e244f8f663e3529bed2135afaa69efe4f927cc8fba0718a875d52"}, &(0x7f00000000c0)=0x75) close(r0) setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$rdma_cm(0xffffffffffffffff, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080), 0x2}}, 0xfffffe84) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000002c0)={0xffffffffffffe55c, {{0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, [], 0x19}, 0x6c}}, {{0xa, 0x4e20, 0x3f, @remote={0xfe, 0x80, [], 0xbb}}}}, 0x108) 2018/04/06 11:40:56 executing program 6: socket$inet_udp(0x2, 0x2, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000095bffc)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) sendto$inet(r1, &(0x7f0000762fff), 0xfdc7, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001, [0xbf95]}, 0x10) 2018/04/06 11:40:56 executing program 3: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) fcntl$getownex(0xffffffffffffff9c, 0x10, &(0x7f0000000100)) getpid() fcntl$getown(0xffffffffffffff9c, 0x9) gettid() ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) getpgrp(r0) r1 = memfd_create(&(0x7f0000000080)='em1\x00', 0x2) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000200)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) sigaltstack(&(0x7f0000013000/0x1000)=nil, &(0x7f00000000c0)) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000258f88)) msgsnd(0x0, &(0x7f0000284ff8)={0x3}, 0x0, 0x0) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000240)={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000640)={'\x00', 0x0}) ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f0000000680)=r3) ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f0000000b40)={&(0x7f0000011000/0x4000)=nil, 0x4000}) io_setup(0x1000, &(0x7f0000000040)) io_submit(0x0, 0x0, &(0x7f0000000000)) ioctl$VHOST_RESET_OWNER(r1, 0xaf02, 0x0) 2018/04/06 11:40:56 executing program 1: r0 = socket(0x0, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) r1 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x52, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000000200)={r2, 0x6d, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30445cc3106098c1375dee48494f9360a6dceec8517e675add01d6167e244f8f663e3529bed2135afaa69efe4f927cc8fba0718a875d52"}, &(0x7f00000000c0)=0x75) close(r1) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(r0, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) r3 = perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$alg(0x26, 0x5, 0x0) r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000640)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000140), &(0x7f0000000180)) close(r4) sendmmsg(0xffffffffffffffff, &(0x7f0000002280)=[{{&(0x7f00000006c0)=@pppoe={0x18, 0x0, {0x3, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, 'ip6tnl0\x00'}}, 0x80, &(0x7f0000000ec0)=[{&(0x7f0000000740)="964616d1dafb11d6d905ea33bd4eaea0dd04eb847bc0a1210ca9456143e31b8ce14caf4a0646bc639707d10aba3e652495977a7a6d3fc41ef6364c47c2266aa410a490f920f407161207ec5352e1ce6c3822d3a2ae063583609298790a58b73fccaac3665dd78ab4a15d4c12a996799f41dc79b9f3d57a627a7517cb0b51c0cecf43519f19db25073246fa0d8e29d209ee94372325d56aa5ae8d45", 0x9b}], 0x1, &(0x7f0000000f40)=[{0x30, 0x103, 0x918, "b9b0597d21d227c112b74fbadc29c742bca992f94f18f93f4a69"}], 0x30, 0x4045}, 0x610}], 0x1, 0x4001) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x13860b96, 0xa0000) fcntl$getownex(r3, 0x10, &(0x7f0000000680)) 2018/04/06 11:40:56 executing program 2: r0 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/enforce\x00', 0x40005, 0x0) fallocate(r0, 0x8, 0x0, 0x1000) inotify_add_watch(r0, &(0x7f0000000040)='./file0\x00', 0x100) 2018/04/06 11:40:56 executing program 4: r0 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000002c0)={0x0}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000200)={r1, 0x6d, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30445cc3106098c1375dee48494f9360a6dceec8517e675add01d6167e244f8f663e3529bed2135afaa69efe4f927cc8fba0718a875d52"}, &(0x7f00000000c0)=0x75) close(r0) setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$rdma_cm(0xffffffffffffffff, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080), 0x2}}, 0xfffffe84) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000002c0)={0xffffffffffffe55c, {{0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, [], 0x19}, 0x6c}}, {{0xa, 0x4e20, 0x3f, @remote={0xfe, 0x80, [], 0xbb}}}}, 0x108) 2018/04/06 11:40:56 executing program 7: r0 = openat$mixer(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/mixer\x00', 0x8100, 0x0) getsockopt$bt_BT_CHANNEL_POLICY(r0, 0x112, 0xa, &(0x7f0000000100)=0x3, &(0x7f0000000140)=0x4) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000001040)={0x26, 'aead\x00', 0x0, 0x0, 'rfc7539(chacha20-generic,poly1305)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000000)="0cf04c3b72329f96b1d0efbb07a2a301a750c957c178b8bc76644367e84ee8b01c3fc6f42c52da426d2d439607ac3d261a3b0ae0eff8de9e49e8afb04770bc4432984f256170ffa1d561e7f2ff128c7f2cffd5edc02247a39bcd17eb498531907ea20909b45b6a1adf1809361a98f8c58b97ae15a93b69cb08b230d6bfb760dba894303e924de729f8119dc7431666727c238c", 0x93) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f00003c1000)="0a0775b0d5e383e5b3b60ced5c54dbb7295df0df8217ad4000000000000000e6", 0x20) r2 = accept$alg(r1, 0x0, 0x0) sendmsg$alg(r2, &(0x7f0000f8dfc8)={0x0, 0x0, &(0x7f0000f92f80)=[{&(0x7f00007db000)="6ad64a6eab0cc54ec21b3a933b7680fdbf", 0x11}], 0x1, &(0x7f0000655000)}, 0x0) recvmsg(r2, &(0x7f00000a6000)={&(0x7f0000074000)=@alg, 0x80, &(0x7f0000eecfc0)=[{&(0x7f000065efd2)=""/46, 0x2e}], 0x1, &(0x7f0000f7ffca)=""/87, 0x57}, 0x0) 2018/04/06 11:40:56 executing program 5: capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) msgget(0x3, 0x180) ioctl$int_in(0xffffffffffffffff, 0x5473, &(0x7f0000000080)=0x7) r0 = syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x1, 0x4840) ioctl$EVIOCGBITKEY(r0, 0x80404521, &(0x7f0000000040)=""/2) r1 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x3ffd, 0x0) ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x89e0, &(0x7f0000000140)={r0, r1}) ioctl$sock_SIOCGPGRP(r1, 0x8904, &(0x7f00000001c0)=0x0) capset(&(0x7f0000000200)={0x39980732, r2}, &(0x7f0000000240)={0x7, 0x80000001, 0x19ed623e, 0x8, 0x5, 0x9}) mkdirat(r0, &(0x7f0000000180)='./file0\x00', 0xa) 2018/04/06 11:40:56 executing program 0: link(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00') prctl$intptr(0x24, 0x6) statfs(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)=""/54) 2018/04/06 11:40:56 executing program 6: socket$inet_udp(0x2, 0x2, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000095bffc)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) sendto$inet(r1, &(0x7f0000762fff), 0xfdc7, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001, [0x80ffffff00000000]}, 0x10) 2018/04/06 11:40:56 executing program 1: r0 = socket(0x0, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) r1 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x52, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000000200)={r2, 0x6d, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30445cc3106098c1375dee48494f9360a6dceec8517e675add01d6167e244f8f663e3529bed2135afaa69efe4f927cc8fba0718a875d52"}, &(0x7f00000000c0)=0x75) close(r1) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(r0, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) r3 = perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$alg(0x26, 0x5, 0x0) r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000640)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000140), &(0x7f0000000180)) close(r4) sendmmsg(0xffffffffffffffff, &(0x7f0000002280)=[{{&(0x7f00000006c0)=@pppoe={0x18, 0x0, {0x3, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, 'ip6tnl0\x00'}}, 0x80, &(0x7f0000000ec0)=[{&(0x7f0000000740)="964616d1dafb11d6d905ea33bd4eaea0dd04eb847bc0a1210ca9456143e31b8ce14caf4a0646bc639707d10aba3e652495977a7a6d3fc41ef6364c47c2266aa410a490f920f407161207ec5352e1ce6c3822d3a2ae063583609298790a58b73fccaac3665dd78ab4a15d4c12a996799f41dc79b9f3d57a627a7517cb0b51c0cecf43519f19db25073246fa0d8e29d209ee94372325d56aa5ae8d45", 0x9b}], 0x1, &(0x7f0000000f40)=[{0x30, 0x103, 0x918, "b9b0597d21d227c112b74fbadc29c742bca992f94f18f93f4a69"}], 0x30, 0x4045}, 0x610}], 0x1, 0x4001) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x13860b96, 0xa0000) fcntl$getownex(r3, 0x10, &(0x7f0000000680)) 2018/04/06 11:40:56 executing program 2: r0 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/enforce\x00', 0x40005, 0x0) fallocate(r0, 0x8, 0x0, 0x1000) 2018/04/06 11:40:56 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00005f4000)={0x26, 'skcipher\x00', 0x0, 0x0, 'salsa20-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000000)="e5fcb5bf91aa7855fbcdfef1ddb42113", 0x10) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000), 0x2bc, &(0x7f00004ecfa0)=[@op={0x18, 0x117, 0x3}], 0x18}], 0x1, 0x0) readv(r1, &(0x7f0000001180)=[{&(0x7f0000001080)=""/208, 0xd0}], 0x1) 2018/04/06 11:40:56 executing program 4: r0 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000200)={r1, 0x6d, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30445cc3106098c1375dee48494f9360a6dceec8517e675add01d6167e244f8f663e3529bed2135afaa69efe4f927cc8fba0718a875d52"}, &(0x7f00000000c0)=0x75) close(r0) setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$rdma_cm(0xffffffffffffffff, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080), 0x2}}, 0xfffffe84) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000002c0)={0xffffffffffffe55c, {{0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, [], 0x19}, 0x6c}}, {{0xa, 0x4e20, 0x3f, @remote={0xfe, 0x80, [], 0xbb}}}}, 0x108) 2018/04/06 11:40:57 executing program 2: r0 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/enforce\x00', 0x40005, 0x0) fallocate(r0, 0x7, 0x67, 0x8) 2018/04/06 11:40:57 executing program 6: socket$inet_udp(0x2, 0x2, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000095bffc)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) sendto$inet(r1, &(0x7f0000762fff), 0xfdc7, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001, [0x1c57]}, 0x10) 2018/04/06 11:40:57 executing program 5: capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) r0 = msgget(0x2, 0x58) msgctl$IPC_STAT(r0, 0x2, &(0x7f0000000140)=""/4096) 2018/04/06 11:40:57 executing program 3: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) fcntl$getownex(0xffffffffffffff9c, 0x10, &(0x7f0000000100)) getpid() fcntl$getown(0xffffffffffffff9c, 0x9) gettid() ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) getpgrp(r0) r1 = memfd_create(&(0x7f0000000080)='em1\x00', 0x2) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000200)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) sigaltstack(&(0x7f0000013000/0x1000)=nil, &(0x7f00000000c0)) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000258f88)) msgsnd(0x0, &(0x7f0000284ff8)={0x3}, 0x0, 0x0) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000240)={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000640)={'\x00', 0x0}) ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f0000000680)=r3) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000b40)={&(0x7f0000011000/0x4000)=nil, 0x4000}) io_setup(0x0, &(0x7f0000000040)) io_submit(0x0, 0x0, &(0x7f0000000000)) ioctl$VHOST_RESET_OWNER(r1, 0xaf02, 0x0) 2018/04/06 11:40:57 executing program 0: rt_sigprocmask(0x0, &(0x7f0000a9a000)={0xfffffffffffffffe}, 0x0, 0x8) setrlimit(0x1, &(0x7f0000011000)) syz_genetlink_get_family_id$ipvs(&(0x7f0000000240)='IPVS\x00') r0 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f00000000c0)='/selinux/enforce\x00', 0x16907e, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f0000000200)='IPVS\x00') setsockopt$inet_dccp_int(r0, 0x21, 0x6, &(0x7f0000000080)=0x6, 0x4) write$vnet(r0, &(0x7f0000000180)={0x1, {&(0x7f0000000000)=""/94, 0x1ea, &(0x7f0000000100)=""/116}}, 0x68) 2018/04/06 11:40:57 executing program 1: r0 = socket(0x0, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) r1 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x52, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000000200)={r2, 0x6d, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30445cc3106098c1375dee48494f9360a6dceec8517e675add01d6167e244f8f663e3529bed2135afaa69efe4f927cc8fba0718a875d52"}, &(0x7f00000000c0)=0x75) close(r1) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(r0, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) r3 = perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$alg(0x26, 0x5, 0x0) r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000640)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000140), &(0x7f0000000180)) close(r4) sendmmsg(0xffffffffffffffff, &(0x7f0000002280)=[{{&(0x7f00000006c0)=@pppoe={0x18, 0x0, {0x3, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, 'ip6tnl0\x00'}}, 0x80, &(0x7f0000000ec0)=[{&(0x7f0000000740)="964616d1dafb11d6d905ea33bd4eaea0dd04eb847bc0a1210ca9456143e31b8ce14caf4a0646bc639707d10aba3e652495977a7a6d3fc41ef6364c47c2266aa410a490f920f407161207ec5352e1ce6c3822d3a2ae063583609298790a58b73fccaac3665dd78ab4a15d4c12a996799f41dc79b9f3d57a627a7517cb0b51c0cecf43519f19db25073246fa0d8e29d209ee94372325d56aa5ae8d45", 0x9b}], 0x1, &(0x7f0000000f40)=[{0x30, 0x103, 0x918, "b9b0597d21d227c112b74fbadc29c742bca992f94f18f93f4a69"}], 0x30, 0x4045}, 0x610}], 0x1, 0x4001) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x13860b96, 0xa0000) fcntl$getownex(r3, 0x10, &(0x7f0000000680)) 2018/04/06 11:40:57 executing program 7: mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='vxfs\x00', 0x80002, &(0x7f0000000280)="01c8c70b4772242ba18a1d1f4c5f98d3b79ff9f587612dfc75ac1e9f18d19a4f8bff4a756e25d70f1c927322d54e649697425d157429017f3595a768d9d6de73c15490806c21cfe542e7f1d2ebab78f294d4b86eeddbe9c1fa43ad867d109eef98695a786fc99131cde87242881746e768d2c133f349ab74fcf6642fe3ee857c2c62e0445fcdd9c6dced6442060933d0cc1687da8ce98b32767accdc67cf4bdb565d5af33a061e0a82787276") mkdir(&(0x7f0000000080)='./file0\x00', 0x3ffffffff6) r0 = syz_open_dev$midi(&(0x7f0000000100)='/dev/midi#\x00', 0x800, 0x200000) getsockopt$netrom_NETROM_T2(r0, 0x103, 0x2, &(0x7f0000001940)=0x80000000, &(0x7f0000001980)=0x4) ioctl$EVIOCRMFF(r0, 0x40044581, &(0x7f00000003c0)=0x6) ioctl$DRM_IOCTL_RES_CTX(r0, 0xc0106426, &(0x7f0000000380)={0x2000000000000102, &(0x7f0000000340)=[{}, {}, {}, {}, {}]}) syz_mount_image$jfs(&(0x7f0000000400)='jfs\x00', &(0x7f0000000440)='./file0\x00', 0x1, 0x7, &(0x7f0000001840)=[{&(0x7f0000000480)="1c624c2de15e8cffd37662f97792698eb0c62807bbedcf0eb1c44edd5709ee09eee2fbd4ea8cc6e1a0c4544c415d781242a23f1af2009d41c0a2f4c4db", 0x3d, 0x8}, {&(0x7f00000004c0)="420e22e7678fa02eeb86d527aa351fb4af33fdae0b20a51a2ed6be06f11676684a4ae42b4c18cb186b9aaefc0b282464222fcd6b09c143075cef93fbde253f756e0e9101c83e8a66f7de4041a8d9b6d958a999390549cd0883ccf2bf31d93209ce2ebac7ddbc62c24cbe8821e4476987e40a", 0x72, 0x2}, {&(0x7f0000000540)="b4b2bfda81e6bcda5e355fc90b18d3608386b0132c8f9712d88c0ce7049dba41c1a3ce6765cc35f13e8a9467e5de23d72f313794a6857e53432143381fd2e0bf836039a75b7ed6f9b5ccb98d40be0594251fa540ed55259866c5d9241797828c0c35e15e7140e09ce8be1bc878a2e202e02b3f33e71b8ba93feb51fe42052ce698131392796e688176c8565c379655ab63b6bd8af171a3a1b1edd1435bbbb9f1d280977eead48f464c7fdffe77d32bed8d53", 0xb2, 0x8}, {&(0x7f0000000600)="1e9bcb460e5379999624a829c73d36bd7e596b5436b12c34ffb08d524715c3d3a528432554ff8ff95d75d64f4190b0361c5b8d96c9392a53b234a623ab1db546214f9b952a4f9e3680836591cde79882f90bb6dd1f977c45e38cc2f32945f1a41cc89bcc4bc7aa2ffaad0990be7b015e08384ae5e2190f9b6aab54ca0f3bfb715a607d6cb8afc0bb63ad0f7262e5238efd9a957ac51ac5a16bbc20cdf4be70cfba929bad15396bf6dd07946926056727b03bd478692d7dd551c5e3b237f9740b71609c2a70a33ad4fc63ca485f9b61f7dd230814c86bd79dd3c35187dbaf09738a7258", 0xe3, 0x1}, {&(0x7f0000000700)="faa753bdd0831079d017d11eb36965ea252eb1fd96013a4eeeaf3b22094497410b4e730a0bad54a9ff3c909b5b94d711a9674b69e12f375bc01a0d48fb8d1b197b9a42c48a23e6ba0db8e3533f86652008aaf603f1c3ade5287b32b0f810e859a44b1c8cf66899726e6867ae96e94d328bab8af6f01666ee03ccf9e57c870f41c2b20268975382a5e507263343a5ea70a286c06917259a970d8217ee65e6015a9c8487d3dd6ab539381ddf2f056e49dc48f479fa46ef96db8141bd2d7acc847beca3dca8", 0xc4, 0x9}, {&(0x7f0000000800)="6f0e99c01b0909972c7cfe92730fb4d88eba2bd14b3db79218a476830972573ec001a0d57168a2e9489ca2bda52ffdf6e8d34ccc11452f412881917cc200cb315d572c388dc9b14fcdec24965c349068995e2ae84ac35c660e4ee5551c02c691913e023584ca2926da1d49f6ff53ec056976336fa76a8a18cfcddfaa869392566fb9abb14aa60aec3de47677f42915c871d526c01de30bdc3a3c5070a3ab5cfca7203e4b1148eab282df54d986353db476ba282f8072dab472c72cad95c0595703ab12b086bfce15fa172c6af8abe90a5b26c23c036047f2c8501a4e41f524a44c5018b9993601c02fa589248b04d5cd472fce3beecc42d9c26092c9e9a2915f6154a9c0b0113ee0cc2199f711993593f536b8c8bac9139a55a87d5c9aac5999bba8c9c63cf69281a1549fe8de6af0c3f76fc25b391e78144c2ebf30ba3fc578bb0298ed37cd65fd35e6f26037559b794697c22315945e1a75d3544b46980908d2c7dc003a0fa60f9e08c3f0c67d9ff0013578d631e8957185757e40d4225b00ced44ed1436abc12f47fd65235f8eb555d88a03576444e5eaa0d6787f0c440e7e6243e8bab4211bcd9d03d8abe915b981eb165d58c1d965ebd8d8da9838671cd4fd14eff412ad9261e54f7630955da679ffe382dca015a11da843a12250663cd5e9bac285d0b0b3ef6b914c8336a705755446100123d811d4c250e2296f96c3c7bdd191b6d7978cccfb377f8b7ec6f8a44dddbb90172c4414963751c9df6a05bc638dca3385d50d3046dcd17f4a82f7187218fcb21d87b19557fbf55211787d0f3fcde0b388113f10f931d560b3c8182a535ce1d69247042a588dac3f9fdff0b88df57de2c1f2b8b967465c75bfb7197c3fd98283df2a2bfb4148ccc631dbc60f2a10ae93fd3d1dd0d28332370d11843d41ba15f1672ace49385fc9953012949ac8ac02dff27941b4acea4c3bc802cda46110d884e08a9200bbe255a8d8522edd621e6e9a0b544717b06838cfc6f8cda448341f66acb43a8f3fefe7df69cac49204bb082d3d4ee97f550fb2e3c3aced5a2845bca0b68e7457a462ab77490661878938f7248fdf004fda1fe9557d4aee3f7a30d9a8d482eeb93fc610cb811437236578e6179d088be5876ce6ec78700fc828975df04804f19241ebb0f0d184c7bc29fda29012298aabfdea34a59f6e4ceffc137ccd87a5ad652a15c06f89c9be2d64ff57e2fa8053d643f80eb5c2e90f54140a812a73fb9813314d10074b5952c408dc4d51fcf74431453fc6b3653e1b3d0b4fc4308b7e81e0bcd58ee623549d4466d08d82d7c6fe2cb85e533eeef7a70e06fadd6c25d420aef9e1aea5cc589fea122114798f5184729ceafecd82d7624224ff817d13527cae7f94657af58705baf9255846126de3728ca503476e1f109d1c08126c7213299a55cd8ebf37d22b5fae10f060c1d25c116b8d1e849d02985c9dd681c90df5bad918a4b811bc9a2feb545a34ec4666e4c3f8a5f6a629278e3716e845863d3e162429389f3742b545e972eb1d2ea0fbe45d238e7ef797e70a2bf23a0ed678340e5d0ce013a44c63360ac18dca44551472a89c99a14f26727e0bfb208f7f1f3e94ea0da5b1ee1fd8a562e1ee4e070f813bdee002bc5a8a3261c4dd058e6ad9ae9c9c3d3a81e82bd24d4b0aec035c41ca9f8b12924642ae4b8ef0a158b72fd9ebe146ba648df31eefa0250384dd9f5ede8d97e556675e5cd5d4dfc3a4a4f3a3ab5cc5cb69a130a958d68c62c3937eba31235f21a1db729c89c447650f26bf60d0b71bc2564a435a02b9e9392ee804e5b3d7d674920946c205768c6086a5e0fb63e30803c135f6e6cbd00a6afc608d2d450d7b4151747f1a8a3e682f63c0e1a070f624a3e0856060edc992f22f1582c526ad6b23dc2c52e4301f7e3f2f8bd3bd254398cfdf05b7fe096e8354f96e9ea57883e87ce63590ef3a92a03b9b36aed743cdb26ead5532636da5d374d1381c779b142c56f4823a5e2f90ce0a3fee861c01137dcaa0f39def51fe9bc27f95a084644a9a8671e0214678c2396e77a99af1ff2fb990e301d01c6c68f3e0094ba1a02db2353eb91a50dc1e33c43f84bf519af6f1bed4f56db2b7afa9ddac10f691fae7ec9205822d167ec495d1cc37041efd4c11e024b0880ed739ce2b17f2920e765f0d6f7a2585393b0100b0e4068b0dd91662d1c82347c59f51ff98bd750025327fd68fe2f28ec8ce490df4f9ec7973ef99e38d0fa6dc69f62035279d77a9d35f83e382c9b727e38f817ae5ab049b87a5feb0f338b29b64250f8fcd8f2f905db60936bf15ee5392ba96560c69e6b26c9460519c9d2507e22b1f15e70a70877d05bc07c66855437e69f194cccbca57754a8dcf4d54e63bd4ffa41903b9176e8f81f06e46fc39989b74e97de0d5d1560de492b1577a9a262c848c7393c728cbfeaf6497cc43423238428a7854146f785ae04517cfdaf0973a29818115a28d9bbed2c6c5e1c1915fe7f5297476e32a7bd040877429cc977a48f8bc0f90bddf8345e99cc734726af3264a562a6f73cf126bea67a5b7c40818a418db361445b1a5d9ec66be48283f81a4ab6421c33d6278a3d09f3591e994333811a4c570c88d6b23a512e9152edb2968e3ba67aa36c4270ab406afb5d913fa71e6397ab4048309814b8dd5359541f95d69ab9be04435108bb1a9013a705bd54a6e9a90c0f8ca73dfb191db92ee0194227c6977354acb6227fe0bd0bba6edb5b46c238496ebd14d2c9bf7f8e319713910051f22483344eb1ba4d5992e1601f196a4e37cd2ea346ffb86687b2e3da03b0567272cbf3efdc7a3427d16f669a8749595f86ded355c8beff604616eb46d2af569ca4f8b458113a7bfe6349092c53f3f49e3b546f678db00349b120a9bacb8c0b1bae56e18676a853519466827743b0f92a34a1a78bf70c299ac9ce470ee68f4c24c9f6598f50330d0de25834d85e239544541dde43404638bcd213b2406aaa1fca78691a7ccac687fc6f31dc5b6e9f0a2b1e58f9cc8c2ad69b17629db6e4d3582f6fa5eca9f80d297ae5f9d58dd1798bf69344965445a530b9828e43d0f14a3837c8f8abd724e5379952eeb49ba7b9a42b19114bcf49eb1abe18eaa72dec14545e7193f9b8768f32b5cfb31a5a4e56e1f84dca177d3a2a114eb84bf1c79a4bc2cfaefd6c99ca0f46bd8050853459256148d1e272fb67add5f5a337f5bbd26ee973ac529b79cc1c67db541c644e0322a9972ce08a2b41095a82e2d30da2b50a428c7d48b284c86cf92f5e29ca4b1d94d4d354ebc96e45619e9dcd599ba69ac8d9a0af76e89e11a6117b16c67d508288276436241f334b3d607a6cfe724ad7dd752d8cc2508600444eb0ff6edd29e5f935e0c3844713b128605470b7588b8dd2446dd21695ebf34ad051f794a31e4025600b90b300060696d4945f687ccda71b30ce13c71abdde83ae2312a02786037264848ed481828a5f36662ba4dc663236f54ba5bc7d8d40f42c85b9767be7d50b77eb09b2db29508a470f08280739f024f09bb7510e6886f544a1615f50ae1b40346cdcbe8a13d7c5296477af309e7680ecf9bc268e281de68d93005ea6d117183122bc1a0fb04c96dce76a86b478e003739bbbb014d9dcfc56b314c4342cbc1f597a5aabecf88480d381e24203cdfc7307469e48dba6e87a89700c34f322f0f4285f7f83cbb05c11065892020c5000d824cc5deb7d306dc73cc4c3752bc53dcc7bb081fb2add36048d00d1a929a8b6f115e437a50abebb057af4baf22f9b3c87fc790e79a18df81de5991f3ea289ad8c4a2a02ea43513a14a4b6ed9441dbf03c6084ebf10a5a0417408037c5e19230233dddeea9514b48115ba69707ff4a063d6114a39e8809b7169043e7562c5fba2d3be691f55bd33779052c09ddb6d8b27c1b84df4ea6530db6afc630a53042f85377fc648795aff80e5f7b532b4bd7581aab050a07f5d81438a4a67da88b93e56b76a2b5b5d2863f7e4bab9a84e102cfc2fcc166d22e4e03ed4a0fff058bce777fef0878c644b608ca3e53d167765df35ebbd82810434354bd6f2da801f0c591d968d4b21afc98cdc3ec5b74f6511072a97051ace716bf3ac8491f98d018e1d07f59f8f9347ff24a3034eb2a9bf5463d8ac46ad00113501f5aa2474e5598ca641527aceff617b3330998fb609c8f2511d5f1804f211d8f8f9a8e10b55fde18b96669ec473b770b9e53c73fef15efc68c6603006135bd0274a865cc5eef938d1c4aaa342a398a7c54886787d78a746c851a38cc9a92fc626a0b0e659486ab5df3e24a2e4bfa0c84d7bbdac167582c33b55dd806d1e5091f0e2f748a202f927d0d4e6551c1889535cd40bd5e1cf98f609e5c57805490df2311868e53d3a1bed127c05db412743bb444478fac6f4fb4a60fabebccc702d91c7c322fb5020106eddddf5877feb7396029e1516f8b4fd207dec2fb24efc2ca482ea9ab57e1286f3114e6452c02c1c1f2bb917c5ee3ccfdd40129fab3a3e52d04731db1172d2d69f1ba44d162b2aba7fbcaa9cbae7c417888be8d74a62fbba674c43a612afe6dec8ffe36a14e6ccd528b57cb5f5285e1241ce53416ebe77219ad102c5398e918bda5b8a14a3ba66bf37807ee9d20be8d8bcf1419c4b8adcbc68399392287c57a1322f9d0453ab6dee336760ec2fbf9d5619c9a5467361f5555109c183c128749ea5c57f23bc7af233152316ad60c92207a98bb6f6209ef4a914d4c5d84a4b44859498dda43e975af64169c16b39731897a714d42443d02b9c8486bf30ebf529f91adfa86a850545cb2d22adbae82e14dd95f0889e4637ff48f4d98ce88ce1817e2b8735464b0dac2480ac7795445dcc22b3ff311a7acfe300fc4e006a07b646e9a7454f032727ae89b35cfb170827fa48b5c50761dfa73f5eefbb939d674b06c070962266126c12c537438b095d6214f7d5f396e884e36828c8c54a0ebf7229ec2f59c3e2d101f676463de44177e34de5ffb307c0b1b3cb9bb13d3a936eb765757efe43cc5b3afc57efa8c3235832355a025f7ea51955cd46d72d1041f785bd8ee1a020440af719761f46363582b27761076c35af39cfc6d25a5fb963634fb25ad97e365a38c437ac7e6d5b4e55b2f29b5de64c6a6de7b7211cf22aa7c481ddde76e5498718f370e3ea00445b576187ed3460bd38d7a355d7cc1029f66ceb174cbe7ad6edaa6eb14295c8e552ca5c8a7788114cbd4b941bae5599155cd28e79a9452ff51c5ba213ae4530c6fb30fcb1815a92040bdf97554041868fe6772848591683ba8ee1cb1ad5518dd0aa962c38374e5cc5d4b51e88b75811de30877fe918192467e9a8a0ff875471dd0ffcec32072c31f96f2d1f54c6cd8808f5c44ab9dcf194001dfbdc7e3b585bc9f58b32deedf167c59e3f46e56394334ee5c33f010e49e5c9939bd62ae5fc43e3157a4597ff5d44f19f028218b457120b7fc4143e51cc8180e969908f0e52c9499b7f5c287f4c2b0a71e51570afd601ff73baad6424baeaea9005cbc5ea988dde5a6761e7f7982c2bbce91e58d1edab840583cbf03db2a39469a3d9d67b0ad2bd9acf8ee2c0c86560f78caf17c6176ba12fae1ee21f0065b58b44a69a5d0827044edfeb2610be295438ec773e9824f471b2f05af5dc60f30c990115627262ff3168049c05ee599f2200c6d1041fbeee766d9c179a53be83a310d261431953cfb7228e43a29d075a3ed2b99ba1ebd564ebe4c633d5e95c7b451086dba91823b8af112dbe836f920905efb52b3b5", 0x1000}, {&(0x7f0000001800)="2034f8423cde80a421", 0x9, 0x1f}], 0x8, &(0x7f0000001900)={[{@discard='discard', 0x2c}]}) getxattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=@known='user.syz\x00', &(0x7f00000001c0)=""/146, 0x92) 2018/04/06 11:40:57 executing program 4: r0 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000200)={r1, 0x6d, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30445cc3106098c1375dee48494f9360a6dceec8517e675add01d6167e244f8f663e3529bed2135afaa69efe4f927cc8fba0718a875d52"}, &(0x7f00000000c0)=0x75) close(r0) setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$rdma_cm(0xffffffffffffffff, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080), 0x2}}, 0xfffffe84) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000002c0)={0xffffffffffffe55c, {{0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, [], 0x19}, 0x6c}}, {{0xa, 0x4e20, 0x3f, @remote={0xfe, 0x80, [], 0xbb}}}}, 0x108) 2018/04/06 11:40:57 executing program 5: capset(&(0x7f00000000c0)={0x399f1736}, &(0x7f0000292000)={0x0, 0x5, 0xfffffffffffffffd, 0x7}) msgget(0x2, 0x58) r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='memory.events\x00', 0x0, 0x0) ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x7, 0x0, 0x9, 0x100000000}]}) set_robust_list(&(0x7f00000001c0)={&(0x7f0000000240)={&(0x7f0000000200)}, 0x1, &(0x7f0000000180)}, 0xa) 2018/04/06 11:40:57 executing program 2: r0 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/enforce\x00', 0x40005, 0x0) fallocate(r0, 0x8, 0x0, 0x1000) setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000000040)={0x1000, {{0xa, 0x4e21, 0xd8b, @local={0xfe, 0x80, [], 0xaa}, 0x8000}}}, 0x88) 2018/04/06 11:40:57 executing program 0: r0 = creat(&(0x7f00000002c0)='./file0/', 0x0) ioctl$DRM_IOCTL_RES_CTX(r0, 0xc0106426, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0x0}, {}]}) ioctl$DRM_IOCTL_SWITCH_CTX(r0, 0x40086424, &(0x7f0000000080)={r1, 0x544d914a2edcf16b}) 2018/04/06 11:40:57 executing program 4: r0 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000200)={r1, 0x6d, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30445cc3106098c1375dee48494f9360a6dceec8517e675add01d6167e244f8f663e3529bed2135afaa69efe4f927cc8fba0718a875d52"}, &(0x7f00000000c0)=0x75) close(r0) setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$rdma_cm(0xffffffffffffffff, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080), 0x2}}, 0xfffffe84) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000002c0)={0xffffffffffffe55c, {{0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, [], 0x19}, 0x6c}}, {{0xa, 0x4e20, 0x3f, @remote={0xfe, 0x80, [], 0xbb}}}}, 0x108) 2018/04/06 11:40:57 executing program 7: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000000000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x8200}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket(0x2, 0x1, 0x0) setsockopt(r1, 0x6, 0xe, &(0x7f0000902000)="020008000000000000005462fa01a15eaf0d2cf653f13cc379ede4eaf40f4a95bbff850a8263357506b31e58a98399b397e695c0f03d3b3d54436fe71cbcdc6e30ac10369300f6af7d07634832b8a5c0a94c470502e9337b3e7298fc74e81b1058d02f9b14732017e2466a9fc43aea71263335960415800020f9575da602000000001f0000d1b0e6ebcb12c7291871363e97100c4a4c2e9f5c0c14f1659ce8c8bed2e97e60a3649f93ea0c8263f864802ad72fa698807ef14a4a1813e976be1d113b514dbdc05ea1309163d6a4830de8391f2ecab7bbfbcb", 0xd8) setsockopt$inet6_tcp_TCP_MD5SIG(r1, 0x6, 0xe, &(0x7f0000000040)={@in={{0x0, 0x4e20}}, 0x0, 0x0, 0x0, "d29716947758f2572bce2418aa2f9f262a8158bcefafe2c87068772f7e216925de4612090571f4671410f047ed26a53a543cd72f03e389b08cbc39e5d3437d3495b31a5feb61bc78d0d6ebe907112f1b"}, 0x160) ioctl$PERF_EVENT_IOC_QUERY_BPF(r0, 0xc008240a, &(0x7f0000000140)={0x5, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0]}) 2018/04/06 11:40:57 executing program 1: r0 = socket(0x0, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) r1 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x52, r1, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000000200)={r2, 0x6d, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30445cc3106098c1375dee48494f9360a6dceec8517e675add01d6167e244f8f663e3529bed2135afaa69efe4f927cc8fba0718a875d52"}, &(0x7f00000000c0)=0x75) close(r1) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(r0, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) r3 = perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$alg(0x26, 0x5, 0x0) r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000640)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000140), &(0x7f0000000180)) close(r4) sendmmsg(0xffffffffffffffff, &(0x7f0000002280)=[{{&(0x7f00000006c0)=@pppoe={0x18, 0x0, {0x3, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, 'ip6tnl0\x00'}}, 0x80, &(0x7f0000000ec0)=[{&(0x7f0000000740)="964616d1dafb11d6d905ea33bd4eaea0dd04eb847bc0a1210ca9456143e31b8ce14caf4a0646bc639707d10aba3e652495977a7a6d3fc41ef6364c47c2266aa410a490f920f407161207ec5352e1ce6c3822d3a2ae063583609298790a58b73fccaac3665dd78ab4a15d4c12a996799f41dc79b9f3d57a627a7517cb0b51c0cecf43519f19db25073246fa0d8e29d209ee94372325d56aa5ae8d45", 0x9b}], 0x1, &(0x7f0000000f40)=[{0x30, 0x103, 0x918, "b9b0597d21d227c112b74fbadc29c742bca992f94f18f93f4a69"}], 0x30, 0x4045}, 0x610}], 0x1, 0x4001) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x13860b96, 0xa0000) fcntl$getownex(r3, 0x10, &(0x7f0000000680)) 2018/04/06 11:40:57 executing program 5: capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) msgget(0x2, 0x58) 2018/04/06 11:40:57 executing program 0: syz_emit_ethernet(0x66, &(0x7f0000000080)={@dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0x19}, @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x58, 0x0, 0x0, 0x0, 0xffffff88, 0x0, @empty, @broadcast=0xffffffff}, @gre={{0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x880b, 0x0, 0x3}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}}}}}}, 0x0) r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x80000001, 0x40080) ioctl$TCXONC(r0, 0x540a, 0x8) 2018/04/06 11:40:57 executing program 2: r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/expire_nodest_conn\x00', 0x2, 0x0) accept$netrom(r0, &(0x7f0000000080)=@full, &(0x7f0000000100)=0x48) r1 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/enforce\x00', 0x3, 0x0) fallocate(r1, 0x8, 0x0, 0x1000) 2018/04/06 11:40:57 executing program 6: socket$inet_udp(0x2, 0x2, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000095bffc)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) sendto$inet(r1, &(0x7f0000762fff), 0xfdc7, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001, [0x77ec000000000000]}, 0x10) [ 376.028586] FAULT_FLAG_ALLOW_RETRY missing 30 [ 376.033212] CPU: 1 PID: 23976 Comm: syz-executor3 Not tainted 4.16.0+ #3 [ 376.040046] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 376.049398] Call Trace: [ 376.051979] dump_stack+0x1b9/0x294 [ 376.055593] ? dump_stack_print_info.cold.2+0x52/0x52 [ 376.060772] ? kasan_check_write+0x14/0x20 [ 376.064993] ? do_raw_spin_lock+0xc1/0x200 [ 376.069214] handle_userfault.cold.32+0x44/0x57 [ 376.073862] ? handle_userfault+0x16c6/0x2760 [ 376.078353] ? userfaultfd_ioctl+0x4d10/0x4d10 [ 376.082914] ? debug_check_no_locks_freed+0x310/0x310 [ 376.088084] ? find_held_lock+0x36/0x1c0 [ 376.092142] ? print_usage_bug+0xc0/0xc0 [ 376.096187] ? print_usage_bug+0xc0/0xc0 [ 376.100247] ? check_same_owner+0x320/0x320 [ 376.104559] ? do_raw_spin_unlock+0x9e/0x2e0 [ 376.108952] ? __lock_acquire+0x7f5/0x5130 [ 376.113170] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 376.118688] ? graph_lock+0x170/0x170 [ 376.122475] ? debug_check_no_locks_freed+0x310/0x310 [ 376.127647] ? find_held_lock+0x36/0x1c0 [ 376.131692] ? lock_downgrade+0x8e0/0x8e0 [ 376.135825] ? kasan_check_read+0x11/0x20 [ 376.139963] ? do_raw_spin_unlock+0x9e/0x2e0 [ 376.144360] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 376.148926] ? kasan_check_write+0x14/0x20 [ 376.153141] ? do_raw_spin_lock+0xc1/0x200 [ 376.157359] __handle_mm_fault+0x34be/0x4150 [ 376.161748] ? vm_insert_mixed_mkwrite+0x40/0x40 [ 376.166482] ? graph_lock+0x170/0x170 [ 376.170263] ? find_held_lock+0x36/0x1c0 [ 376.174309] ? lock_downgrade+0x8e0/0x8e0 [ 376.178443] ? handle_mm_fault+0x8c0/0xc70 [ 376.182661] handle_mm_fault+0x53a/0xc70 [ 376.186705] ? __handle_mm_fault+0x4150/0x4150 [ 376.191270] ? find_vma+0x34/0x190 [ 376.194792] __do_page_fault+0x60b/0xe40 [ 376.198834] ? mm_fault_error+0x380/0x380 [ 376.202964] ? graph_lock+0x170/0x170 [ 376.206746] do_page_fault+0xee/0x8a7 [ 376.210529] ? vmalloc_sync_all+0x30/0x30 [ 376.214669] ? find_held_lock+0x36/0x1c0 [ 376.218717] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 376.223541] page_fault+0x25/0x50 [ 376.226981] RIP: 0010:copy_user_generic_unrolled+0x86/0xc0 [ 376.232578] RSP: 0018:ffff88018b5e7ce8 EFLAGS: 00010206 [ 376.237920] RAX: ffffed00316bcfae RBX: 0000000000000018 RCX: 0000000000000003 [ 376.245168] RDX: 0000000000000000 RSI: 0000000020013000 RDI: ffff88018b5e7d58 [ 376.252417] RBP: ffff88018b5e7d20 R08: ffffed00316bcfae R09: ffffed00316bcfab [ 376.259663] R10: ffffed00316bcfad R11: ffff88018b5e7d6f R12: 0000000020013018 [ 376.266911] R13: 0000000020013000 R14: ffff88018b5e7d58 R15: 00007ffffffff000 [ 376.274176] ? _copy_from_user+0x10d/0x150 [ 376.278394] SyS_sigaltstack+0xae/0x320 [ 376.282350] ? do_sigaction+0xa50/0xa50 [ 376.286306] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 376.291821] ? fput+0x130/0x1a0 [ 376.295081] ? ksys_ioctl+0x81/0xd0 [ 376.298691] ? do_syscall_64+0xb7/0x9d0 [ 376.302646] ? do_sigaction+0xa50/0xa50 [ 376.306598] do_syscall_64+0x29e/0x9d0 [ 376.310466] ? vmalloc_sync_all+0x30/0x30 [ 376.314596] ? _raw_spin_unlock_irq+0x27/0x70 [ 376.319075] ? finish_task_switch+0x1ca/0x820 [ 376.323557] ? syscall_return_slowpath+0x5c0/0x5c0 [ 376.328477] ? syscall_return_slowpath+0x30f/0x5c0 [ 376.333398] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 376.338746] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 376.343571] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 376.348738] RIP: 0033:0x4552d9 [ 376.351903] RSP: 002b:00007ff15ecfec68 EFLAGS: 00000246 ORIG_RAX: 0000000000000083 [ 376.359590] RAX: ffffffffffffffda RBX: 00007ff15ecff6d4 RCX: 00000000004552d9 [ 376.366843] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000020013000 2018/04/06 11:40:58 executing program 1: r0 = socket(0x0, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) r1 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x52, r1, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000000200)={r2, 0x6d, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30445cc3106098c1375dee48494f9360a6dceec8517e675add01d6167e244f8f663e3529bed2135afaa69efe4f927cc8fba0718a875d52"}, &(0x7f00000000c0)=0x75) close(r1) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(r0, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) r3 = perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$alg(0x26, 0x5, 0x0) r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000640)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000140), &(0x7f0000000180)) close(r4) sendmmsg(0xffffffffffffffff, &(0x7f0000002280)=[{{&(0x7f00000006c0)=@pppoe={0x18, 0x0, {0x3, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, 'ip6tnl0\x00'}}, 0x80, &(0x7f0000000ec0)=[{&(0x7f0000000740)="964616d1dafb11d6d905ea33bd4eaea0dd04eb847bc0a1210ca9456143e31b8ce14caf4a0646bc639707d10aba3e652495977a7a6d3fc41ef6364c47c2266aa410a490f920f407161207ec5352e1ce6c3822d3a2ae063583609298790a58b73fccaac3665dd78ab4a15d4c12a996799f41dc79b9f3d57a627a7517cb0b51c0cecf43519f19db25073246fa0d8e29d209ee94372325d56aa5ae8d45", 0x9b}], 0x1, &(0x7f0000000f40)=[{0x30, 0x103, 0x918, "b9b0597d21d227c112b74fbadc29c742bca992f94f18f93f4a69"}], 0x30, 0x4045}, 0x610}], 0x1, 0x4001) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x13860b96, 0xa0000) fcntl$getownex(r3, 0x10, &(0x7f0000000680)) 2018/04/06 11:40:58 executing program 3: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) fcntl$getownex(0xffffffffffffff9c, 0x10, &(0x7f0000000100)) getpid() fcntl$getown(0xffffffffffffff9c, 0x9) gettid() ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) getpgrp(r0) r1 = memfd_create(&(0x7f0000000080)='em1\x00', 0x2) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000200)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) sigaltstack(&(0x7f0000013000/0x1000)=nil, &(0x7f00000000c0)) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000258f88)) msgsnd(0x0, &(0x7f0000284ff8)={0x3}, 0x0, 0x0) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000240)={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000640)={'\x00', 0x0}) ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f0000000680)=r3) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000b40)={&(0x7f0000011000/0x4000)=nil, 0x4000}) io_setup(0x0, &(0x7f0000000040)) io_submit(0x0, 0x0, &(0x7f0000000000)) ioctl$VHOST_RESET_OWNER(r1, 0xaf02, 0x0) 2018/04/06 11:40:58 executing program 6: socket$inet_udp(0x2, 0x2, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000095bffc)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) sendto$inet(r1, &(0x7f0000762fff), 0xfdc7, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001, [0xbf950000]}, 0x10) 2018/04/06 11:40:58 executing program 7: r0 = memfd_create(&(0x7f0000002901)='dev ', 0x0) write(r0, &(0x7f0000000280)="164690f11220a801", 0x8) sendfile(r0, r0, &(0x7f0000001000), 0x6) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0) mq_timedsend(r0, &(0x7f0000000000), 0x0, 0x0, &(0x7f0000000040)={0x77359400}) 2018/04/06 11:40:58 executing program 4: r0 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000200)={0x0, 0x6d, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30445cc3106098c1375dee48494f9360a6dceec8517e675add01d6167e244f8f663e3529bed2135afaa69efe4f927cc8fba0718a875d52"}, &(0x7f00000000c0)=0x75) close(r0) setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$rdma_cm(0xffffffffffffffff, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080), 0x2}}, 0xfffffe84) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000002c0)={0xffffffffffffe55c, {{0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, [], 0x19}, 0x6c}}, {{0xa, 0x4e20, 0x3f, @remote={0xfe, 0x80, [], 0xbb}}}}, 0x108) 2018/04/06 11:40:58 executing program 5: r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000080)='/dev/audio\x00', 0x4000, 0x0) bind$vsock_stream(r0, &(0x7f0000000380)={0x28, 0x0, 0xffffffff, @hyper}, 0x10) capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) getsockopt$inet_opts(r0, 0x0, 0xd, &(0x7f0000000480)=""/157, &(0x7f0000000540)=0x9d) r1 = socket$l2tp(0x18, 0x1, 0x1) accept4(r1, 0x0, &(0x7f0000000040), 0x80800) msgget(0x2, 0x58) r2 = syz_open_dev$sndpcmc(&(0x7f0000001fee)='/dev/snd/pcmC#D#c\x00', 0x0, 0x0) ioctl(r2, 0x4161, &(0x7f0000005e0b)) r3 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x10800, 0x0) setxattr(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000400)=@known='trusted.syz\x00', &(0x7f0000000440)='eth1]trusted/.#:nodev', 0x15, 0x1) getsockopt$EBT_SO_GET_ENTRIES(r2, 0x0, 0x81, &(0x7f0000000300)={'nat\x00', 0x0, 0x4, 0x95, [], 0x0, &(0x7f0000000080), &(0x7f0000000240)=""/149}, &(0x7f00000000c0)=0x78) ioctl$LOOP_SET_STATUS64(r3, 0x4c04, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x8, 0x7, 0x0, 0x9, 0x3, 0x1, "6dcff01e478ec1c7b5e9309bcd737ca97ab2e2125bf325c8b5ac773c83a5403b621cb06c9b560615154feb0d3d8e11b7dee55d7240c05bf2c484658c2a6d5924", "c558a7eaec43e724f1c442e7d155a695164c8268486296acc25dfaddee68efafb2cc3b941bf29ea5f1e732b2cfdbb18019a5814bf7dae60b51ee25da1f23dd3f", "44fed9d23f64da2a175118c5ed14facc2546c3afeb8a3ab07458883bdd1a564f", [0x7, 0xff]}) 2018/04/06 11:40:58 executing program 0: r0 = perf_event_open(&(0x7f0000348f88)={0x2, 0x78, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bind$alg(0xffffffffffffffff, &(0x7f0000000300)={0x26, 'skcipher\x00', 0x0, 0x0, 'chacha20\x00'}, 0x58) r1 = dup2(0xffffffffffffffff, r0) r2 = accept$alg(0xffffffffffffffff, 0x0, 0x0) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000040)="873a3d2f8a1a4d5211133f7e9c4eb5be11586443165694444b00ee6b49ab992d", 0x20) ioctl$sock_bt_cmtp_CMTPCONNADD(r1, 0x400443c8, &(0x7f0000000280)={r1, 0xfffffffffffffffb}) sendmsg$can_raw(r2, &(0x7f0000477000)={&(0x7f0000000080)={0x1d}, 0x10, &(0x7f0000000240)={&(0x7f00000001c0)=@canfd={{}, 0x0, 0x0, 0x0, 0x0, "b5a419fb5df128c83ad9430362a22a5abf1e4123efccc641602c2da3630b58d04766c58b254ff2a965ccb226c8c7355c33306c99adaa0aa59006f8dc9b01b737"}, 0xff89}, 0x1}, 0x0) recvmmsg(r2, &(0x7f0000003340)=[{{&(0x7f00000000c0)=@sco, 0x8, &(0x7f0000000100), 0x0, &(0x7f0000000140)=""/94, 0x5e}}, {{&(0x7f0000002f40)=@pptp={0x0, 0x0, {0x0, @dev}}, 0x20, &(0x7f0000003200)=[{&(0x7f0000003100)=""/226, 0xffffff4a}], 0x1, &(0x7f0000000440)=""/239, 0xef}}], 0x2, 0x0, 0x0) 2018/04/06 11:40:58 executing program 2: r0 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000180)='/selinux/enforce\x00', 0x101800, 0x0) r1 = getpid() migrate_pages(r1, 0x7, &(0x7f0000000040)=0xff, &(0x7f0000000100)=0x5) fallocate(r0, 0x8, 0x0, 0x1000) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x89e2, &(0x7f00000000c0)={r0}) ioctl$KVM_SET_GSI_ROUTING(r0, 0x4008ae6a, &(0x7f0000000000)={0x1, 0x0, [{0xffffffff80000000, 0x5, 0x0, 0x0, @sint={0x3, 0x9}}]}) getsockopt$IP6T_SO_GET_INFO(r2, 0x29, 0x40, &(0x7f00000001c0)={'security\x00'}, &(0x7f0000000080)=0x54) [ 376.374088] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 376.381339] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 376.388587] R13: 0000000000000608 R14: 00000000006fc160 R15: 0000000000000000 2018/04/06 11:40:58 executing program 5: capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000000000)={0x0, 0x5}) mkdir(&(0x7f0000000040)='./file0\x00', 0x20) msgget(0x2, 0x58) 2018/04/06 11:40:58 executing program 7: pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_ipx_SIOCAIPXPRISLT(r0, 0x89e1, &(0x7f0000000040)) pipe(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PIO_UNIMAP(r0, 0x4b67, &(0x7f00000000c0)={0x6, &(0x7f0000000080)=[{0x9, 0x95ea}, {0x8, 0x9}, {0x2, 0x8}, {0x0, 0x9}, {0x800, 0x2}, {0x6, 0x8}]}) syz_emit_ethernet(0x1, &(0x7f0000002740)=ANY=[@ANYBLOB="0180c200000000001400000088480000000000f0ffff00000000000e000060187d91131c0604ff020000000000000000000000000001fe8000000000000000000000000000bb622600000000000001050000000000c910ff010000000000000000000000000001c9100000000000000000000000000000000101d5c414f2cd1ac7686d63b81137aaebf6b512cac106eb708d074ca9bb415b7fc20c08bd188cb42a4657393a62af2c18d6b701131f57b7d2acc9ac89d5a42cb3b6e4f325d61c30d690793cce368ebc1013751ce135412b62e50209bd6cbd13343800ad818d2a6df535b77aca075f5ed8bdcbbe2854932b8f6355dbbec70e750f0e0600dbb77bcebfc958cb89cb4764ac08e328888ea5f2ba514340303739574d0f179826d5b8e15e0d08a3ad82698714e909a747e030843c648fea8225a8f70908f01879c9db66b23b26503afab86a411ef95ea8626f4cc91000000000000000000000ffffe000000101050000000000c91000000000000000000000000000000001c20400000001000000000011080000000000000730800000000a030800060000000000000000000000010000001ab6000000000000c9300000000000000100008000000000c910ff010000000000000000000000000001000000006707000000000000c91000000000000000000000ffffe0000002010600000000000007108000000002ba00080800000000000000c20400000001040105000100011d000000000000c910fe8000000000000000000000000000aac204ffffff800502fff70152a8e5cb0e99bddf1a63c959c30794255ed50b5895b9c629232a232867815d20afb2ec7bf8d6026b6ef6721d9647fbed8866fcb659d992c612955c4be392a2afc06dcec3bce5abcaafbed0709720960a8c3697000100c910ff02000000000000000000000000000108674f75678ac72c5de12ccedbbab552b602101a7ebaaa393d194a5c8205b21d0072c0b07c86808233ea5f23de7422733c49263678a17759bfaaef1cc3665f6a9d25b9a1553b101d6af666b778acde0273deb76639cd186f4fb344e38b54fd6136c22409d1c9aa50eb0000f703000000000000c910fe8000000000000000000000000000aa0401090101002e0200000000000001070000000000000005020003c2040000000600000000004e234e23101490780206000180000000e13f0001a611521507d8fbe832405424030c01fd83deec9a04f5ac159e19b7a1a6d7e8c01b4f50e652a1ff66399b78f67e6fc858f5c0f58992c6c330a21790d4dd5e836d8ba2e4d8b0ec9733863f1dfe66bc2362e233c7e30b05adc646e3553aca0dbf931ea757ebccbd31e618cff5a5d03b208148be39f02f2c815351e190461cc2a9465389e6465d18f29efc19fc2c49f884322bc0d1be003ab81b8611a48df1c81d97ca240d8a4d0a48bc8566b296c18fa1ce1987de221a13d2004c63f9f11e558646b7cf33004d6dc04933c33fdb96d112513d75a54662cfb9eddb9f17610fcf07734ccebc8035d7f8e9edabaf6239c4d086b2537bde9ead70c1aa4aadb0a9554c9707b9d75435c07f7ae44a4c13099f54188504f0b89b08e027d94ccab4ff21cf3cf1dbec7b662d191b1e1934631df87fcd8c29e90ec56c04c9c0fda20d1bdd45d4b08a79bcb3b5f1e6580999edf58c106fe98379e7441fe20a511c8618ecef231f193b0c5aa91e9a0a112975f7ea8a7a8d56da8c03b67b7c0257aff08cb05d72b7233f2571500af3da1c1649dfbb844c7172b16b131438d3a8f1b21b0d47c8b22f6c69d91c1a82406b398784643d6d4f9e19fd0f6cad2b7f6a2fc2afd8cc39311927d931ce3ede7a326aea89b2937490976321c699b7c5199e4ca7a2f641cf9e2ac18c28ea29ee24b64f11623b6ae098b1c438debf173c6544144dfdc4903bf6f0a466753a30cdc82e1099ca5182191817ef3f51437f4ae928097b2125cdf4665c6e682fe8e78a784b0cdb9dffffd1f4a441a73ae67abf5d8a34e3d6aa8e5d5631706fc337f6ebdea1cd7c70d6b917f21cf32877e95489a2c993561547fecc21b6813b9880bf3f07154aa6418a25edeca7fd05d6115055333923c9ca1bcfd24b96dda7c1dea4b6e1b59dd0a56ffb79b5677719c8b838143b95f2aceb273e3ef2d713568a1b00ac6c59e70eb081ca6a2b9562344de421c848864e8ec14e72fd016e4571e9db2adf12983a25688014ecbb79d861c961fac032cb14fa30a6743cbae4204a6723b2aa6416b749d3ecefc602caeb924b2925e209abc8f49f5404887862d6d2c22bca5ff9eaaac6e3bf5432090f778288904d03cd14920a8be9a6095fcfe7223f9eb13f941cec4857b8f6e046a4d214ae92b8a07753eb233dacce06454173fe276fbd73a94b35e345106e5fe30984eb4e61e566ac89eb7b2c1a2b06affad5ca8fadaad4038713df691ee753e5a6bb71f43389a067e061155a40abf42add83ea803c3e69715253572ce8144f9fd8bfc6b6874ba880a2b33fddc14c414d66f2f0d57c6d2afb939f8c9ae0b34faedb5a8c3dce3ae3b6bd766e279c70ee8a44d16f8ef702bcd25aafc486abd9ed8b5848d174a056a6e16a472ab118dd86a3deb9fed31a6bed9a4ee25ddaeb2ac0ad2c958c5e7c5b855255c8d3561bb4a2f56e34c4af65ab654e43324c59ddc153269260e53f70574aca28ad5a9fb0f8854b31e9a850c76fc83538ff1bbc1e5d37a0c3f1adbcf764cadee0c38f3e9888950b0731fbfed880dd57c7654d5fa88d67b80a7952be3eac22b7bd9933a8d64b644f8770f9267f2ead95bd23b6ccaf33441d9e39260efcf793fd0c02350537134eaf530feb5adbbd01ec74bcfe1559129f996b85bdd0fbfc9cf4a5352902bb456b800f4782feac722a4a4d1e231597d83f5d408e6ada2a0510f38eeab5d499add5062f16f30dfd0e42f80163b7f84c8a5d958849a780de4d36f6f6237ae0557d258368ff0ab01856385c7e3aed99ad9193ed1bf881b60c2fa6838dfbcd84182a1c98c18320a85e28c7df3a6479542185df3757a281a9d12ef3eb9dd1f39bcbdac3c16b0349c0694f6ae2044d15dab39cb4ff2493b20a4b87a19349332fc2305b171bc10e59d06ea1c8e19629977b2d5f8a60f69a7c2423bb8a8820bb04a2633005c98edd3c7d899ea50d62847df2fc095474c60af88a7482fcc127c8af9f73b9931405c179c4bf3b8cb0ea5559edfc1859f28167be7d127c3555d798f9aae36058e00c6aac2d8e6ea5e729897b39701b287404fb96e4e3121fb436c84b3d419d8839320b0b1784ff0897066e54d4bbec937cc1a10b27979e76225a17bdf8a341b43b1872cae4bf48be88494e5063f4a41dfd422fb592fbc1d6da0fbd18aee6eedff9df0ccdfe24362a3a221995ae3867d8f8f34ec0eee241df8455a98b16c50f0f2409c73178ac8d014e9b61589f74b8651b0a3d78e9161030d4292fff2eb7394093b82267cd763822f075a70d1becf10943b14d6cd52bf4f41ea96980b230d054f994bb49e2cf8809cdba6d14e263b6569729731cadd5d368cebbbc232deb8155865d6f5bc0f93cb735c14384cefcaa595705b27e71298a1a6c747993f275922361247c6697feefd3fcbb25f7a1384a18635a5e29ebdab12562815d315285d56bb0e4fe21151391a7ddd7ec95fa7186bb26735919070f18fc15993c738ce70a9ce78bacfce6e4988aebde582c170b43da20c0d543c5e05c3d63be73500ca860242d45c52e6204250c24f932d3af87254b208849e6f8033429b925d8ed2e5c0e6d080ee65cbefd243ae0e80ca1d8a023a4986db14710c6e284f7711641ad1d9a3bce1b15ed91404f6caf0f17c9acc04b275c8b3ad973fc1dbcafec432c25460989cbc7d1f6cbfef3d32f8223bea1381007ac9b16641a10c374a69fae08dfbc2777c29b733385fc40b56c1cd197d6ca9f807919107aa6489bcf0168f005b42913c61b655f82ec12f16bb0960cf5c15100f21afba0a089528878f3b8c0c75ad13d14a64096dcb2897fbf87e7fe4f2e5bda4a32badd8996970f53cfa5878b08b3049ac0e8ec1dd9439bc8e66af22a70a441fd1e4f4a2a0e621aee6283d8030f776324e78a6d03d133854466ec3aadc127d1d42929dba9117524da42ed4470154c0f5e7e2b94616bf70ccb302779aca91bef8a2eaa1a0df35c744794f7a604451a555ebc0a37950758846bce46c27936523a977efed1a7e853162a7b6d27c6af9b9f4506685938fda92657dfc882f1658c1e017d1987c0d80ddd7829d80e3983b048341173cc8f10a811110f08f74d7d9822428200145c4a962d14df9b1bff4f100a32399c81ddf0df6a8b45a8750cf2a633577769d234aee10710151916be2591a5f987d5458370125b563360cca22b1028d53e1a5d43b285f14d7a440a2b3aafb060a8a2159e82d24f4414132a5588b30d5ba072675e47645d073d60fee59f02c8a3219bb5e128fe3617a9877a793b5a90c77e46b358dd8258e8c5c41e8d32979381b9284af0bca21d02b22f823fe19b0736d2d7459c7083f321656c9b0594b3b7d716dba600f28be75f25ed23be0f89f4751e924dfc759b556396e8294197ce22967768dc432c33ac0e5f3b23ae40d64dd4e7c0ce504f513b31d3df7db7b6b14d73fa2710637546bdfd47bd60357ae7daa655e0a1c2bbdc55f32d09822549a56a17d3f05e97eda59d9a02dd24f764c8c09a3767be7375f4da0d9b1a7888d59a52fb30fe1e485f9e32a2b5379238d7b8f7369952959e3a6093338602f5e269ac5e5288eb71b24ee340f23b5e694bdbe1f6da302a7ab81cbbe61da151ac0418df7f9b7929c1fff5547039cf0d9e4955bf36a0f5e39fc23c3f33b0772acf694fd44b796f3708152266e15c42e0cfc3134ce80de1c53c97b1e188ccf5eca839bb8bf3e536c81fbff51fe00c4cda8c58960ca9d6b0d5266005b5630d7a4ae2fef0333573addc008c951f30fba7fdd464ef59f6f46ba091b8ed3da9d1e8a228681f56235d3365eb62b2ba4848fd0307f6645fcc3dfe29d22a7168a33145dcb4073ac0012f0511ebd958c335da5efb4f459e80f7a5af52ee2f3ed6f8b3c47e4a4bbd146360df3ed017ab729e00657ae2fa793a2771fdad18a60838ac0f1ade0fa0725b693f6aaac6622d4a09a544950aed2fe74480950beb850f99796e071af9854b2af1000d69c6fb960c9b51a9e6fa22110b85b3f3f0939434a4357849e527b4087b51dc997db8e445ac518f07aa8a9c0b7be5744fae516559d5ebd3aabc25daef4efc996d8967513533b3d81109ffd28f433e0141d63b861d3c833d14893a8a3d360e7279d170dc412db4992423d25c772c8ec63b2c22b3e472a288e36dc1f3f122f0897625c8dca9aae0c6d39bd1aaa700f22b93063c31ff233e3c696270a3fbf81284141404782b64f48b916bc9d8c54949f6a424a339d6cd26ccc2883ce713c1166f0d8c961a63eae558eee82d8b220ae84a20ad8e1f69e7a372e0e23298abc7ae21980d118dedc536f3cd7b148a874c02be1f0c6d813f833e36afc7bb54929afe1871f4a2d82aac337b4b2b115e4d0bc52868cbdd3bf07019376b216fcfbc6307b5b11238f2336746ebafdb1efe6dffb1ea2f2f1bf344d8e0d791fc8cf4486ace6e5fc0609f489ac72631140801bbe5282cc4e842830d1c515529be0e18b10edfb72a03d630da8e75534bb2d3904973d704551893ac1b75de2bc4f38c2131c3a5fdfd43414419c6cfe469b330d43fda2fd24fb2bc7abd3176d6b27cd48c359ae628f3b3c53250df2f8a17f5ba07afa5cec2593a75092d8f716ed57369b90cfbbdf6d2a4b0395806c8cec997ed2c400ab5820f9e4483580dbbcdfa16504ce145671cb00c1041dab22fa076e8d896f77804ac4a6a3882f690f77bd082824e4a897c07cf0be6c545745d9c31ff0c59d48a40ae6b5f24e1ae235ff8fa9576ce72b16ca56638e388ad8f717fb14d1ce809e4d40463c9b8402bdf7760c9bf7c9059d63f1c95f591483e4d7e246d9ce9bcdb8dea63794a457038c108ce412b99532cace635968ae4d890a96dfb3b23e01f2437c1d2a8bd980bd40f06be387267dc0c9a5070810efcd8596d04e5d64e90989c1737f5ac4fa89b19059a7aa08f8d20223b749d5cb604f2ad700988e0b24f63cf749b28ff2e39e26ed31d43145280f73dbe184894ca17b637e2299592a7d0e1e69ac1f823f45895acfa8fac3b8a8ade4e31932ba7d87bee2e39d38f68cbc1f74cd470fb22ed3d0f6418ef9902e68bd48f0afc19c04fe364e6eb1c89e7995a4898937f212b7344bc936b401f256de6201bebf94d3a017a88cc947b4ee0272199d95bfc8c52f5584d6f51015261e4e6c7b0b8066d127457a50661d344dcde4a04dd5b945f280377d0cb7c842dec28f07c57daa65c581c236f1c6c3d54f9538ae75ff1d44e0073c5d449aae05b1daaf29d832bed73e4e1b0cc721bfab69a5671d4dbbd857f9f9c0141b1394596e26343d9026b8597b50deef135e12ccc8ea99048054b6838859e3a110fffc53346eecb0172af2cc62cd65f1370e42668f5e7e2ca6b15c26d602876332b160eed891ec902a48c98bf3c6439725b7bdff95f6c5ec9b87d03e2dd6452381fa50f860b3d58f79233fd64aee81f8eee93a3068fbded3b7a5dcd5554355911f3585af1fd50536643568a51c6dcac9dc25c3a0ab61299262ad06d09ec7f85d39588617565317403de4178ac98633633ff9ff1773a3a7ade40b56451d84bf64e36fedda3c65f2c948d5962646a0ec9bc442919b52df982c407978812bb7cfed2937c6437ea7022fc98cb963a87e4fc7363bb2991263993fc815730503d9d21dcace97cc47616e6caaa1bda1a7430e43f8f305eb232cc201f67edcfffe1fa7d27b23daf6ef727fcbcf5eb80fec26a77caba7cfb0156260eef383481d484c5e1342377a25fdb5cc3ef65bb85437c5d01cfa030fce43c19b66519dc81440ee4005278f6f58088ec8c81052d1b6099e25700650d8b760d0144b487c543c49443283e7f2e58a2c01ac4253e7a021eec01b0bb145e4adb224877f90d49271c056a9994ef92a9c2820e5caec93a"], 0x0) ioctl$VT_SETMODE(r0, 0x5602, &(0x7f0000000100)={0x100000000, 0x4, 0x1, 0x40, 0x9}) setsockopt$sock_int(r2, 0x1, 0x2f, &(0x7f0000000400)=0x81, 0x4) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280)='/dev/kvm\x00', 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) sendto$unix(r3, &(0x7f00000002c0)="44620ea71e9cc3efecfa9bbb45b863362a9f6e290aa3ff54cc01362fbc7b74f32dec8d0bdb99cf5f7b06d3c6d6b18a8695fc91488382a4d1e2bd44c66fd2e829cf5ae432bd8b459207cdc7f7823a9e8944140ba168f22750b40fea4ee0f98a2792c89b107fcf7ccfc668a84cd39f72cac601cd177c5208b607714b7dc1bfa9ea39f26497617a9f35c97e7aadff09cebc7a67f5d78d941ac59f8830692f9643e855fc41c40f0300b59ca86ff6", 0xac, 0x4000000, &(0x7f0000000380)=@file={0x1, './file0\x00'}, 0x6e) perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f000031f000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000348f88)={0x2, 0x78, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) setsockopt$sock_int(r0, 0x1, 0x2e, &(0x7f0000000240)=0x2, 0x4) ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000ade000)={0x4, 0xffffffffffffffff}) ioctl$KVM_SET_DEVICE_ATTR(r6, 0x4018aee1, &(0x7f00000000c0)={0x0, 0x4000000000001, 0x2, &(0x7f0000000080)}) ioctl$DRM_IOCTL_GEM_OPEN(r1, 0xc010640b, &(0x7f0000000180)={0x0, 0x0, 0x7695f3cf}) ioctl$DRM_IOCTL_GEM_FLINK(0xffffffffffffffff, 0xc008640a, &(0x7f00000001c0)={0x0, 0x0}) ioctl$DRM_IOCTL_GEM_FLINK(r1, 0xc008640a, &(0x7f0000000200)={r7, r8}) 2018/04/06 11:40:58 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) r1 = add_key(&(0x7f0000000080)='ceph\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a, 0x3}, 0x0, 0x0, 0xffffffffffffffff) r2 = add_key(&(0x7f0000000100)='.request_key_auth\x00', &(0x7f00000001c0)={0x73, 0x79, 0x7a, 0x1}, &(0x7f0000000380)="c3a660b5896f71ef21eb77a0610668acd90f619a17748cc4844e81f123ed06969db33852a79c9ab1cb2dbc70976f4958fa0d5f715f04e3a5d6429694a14be9f60a9625ddf310161fe8a4233dce6ab3ea000611f3c06b54239945fcdbe3d5a11071e5ac63933f815d1bd73d97c6919e807ebd079dd12826ec2ad74554d470b30fffc857384ce26f95fe3c3d9186f85433ebacc794ee9c5d9e804afe197cb9872cad9a8c69edc2f9504aba42b80df20c6a2fe3a65e42dbaabe3018e0fbe61f7e75b33dde69b0e4e69bdd", 0xc9, 0xfffffffffffffff9) keyctl$link(0x8, r1, r2) bind$alg(r0, &(0x7f0000000140)={0x26, 'hash\x00', 0x0, 0x0, 'sha512-avx\x00'}, 0x58) r3 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000340)='/dev/mixer\x00', 0x22001, 0x0) ioctl$KVM_NMI(r3, 0xae9a) r4 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x8000, 0x0) ioctl$KDGETLED(r4, 0x4b31, &(0x7f0000000040)) r5 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r5, &(0x7f00000006c0)=[{0x0, 0x0, &(0x7f0000000100), 0x0, &(0x7f0000000680)}], 0x1, 0x0) ioctl$TIOCSSOFTCAR(r4, 0x541a, &(0x7f0000000300)=0x1) 2018/04/06 11:40:58 executing program 2: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x840, 0x0) accept4$llc(r0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f00000000c0)=0x10, 0x800) r1 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/enforce\x00', 0x40005, 0x0) ioctl$KVM_NMI(r1, 0xae9a) fallocate(r1, 0x8, 0x0, 0x1000) socket$inet(0x2, 0x3, 0x10001) 2018/04/06 11:40:58 executing program 4: r0 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000200)={0x0, 0x6d, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30445cc3106098c1375dee48494f9360a6dceec8517e675add01d6167e244f8f663e3529bed2135afaa69efe4f927cc8fba0718a875d52"}, &(0x7f00000000c0)=0x75) close(r0) setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$rdma_cm(0xffffffffffffffff, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080), 0x2}}, 0xfffffe84) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000002c0)={0xffffffffffffe55c, {{0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, [], 0x19}, 0x6c}}, {{0xa, 0x4e20, 0x3f, @remote={0xfe, 0x80, [], 0xbb}}}}, 0x108) 2018/04/06 11:40:59 executing program 1: r0 = socket(0x0, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) r1 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x52, r1, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000000200)={r2, 0x6d, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30445cc3106098c1375dee48494f9360a6dceec8517e675add01d6167e244f8f663e3529bed2135afaa69efe4f927cc8fba0718a875d52"}, &(0x7f00000000c0)=0x75) close(r1) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(r0, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) r3 = perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$alg(0x26, 0x5, 0x0) r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000640)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000140), &(0x7f0000000180)) close(r4) sendmmsg(0xffffffffffffffff, &(0x7f0000002280)=[{{&(0x7f00000006c0)=@pppoe={0x18, 0x0, {0x3, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, 'ip6tnl0\x00'}}, 0x80, &(0x7f0000000ec0)=[{&(0x7f0000000740)="964616d1dafb11d6d905ea33bd4eaea0dd04eb847bc0a1210ca9456143e31b8ce14caf4a0646bc639707d10aba3e652495977a7a6d3fc41ef6364c47c2266aa410a490f920f407161207ec5352e1ce6c3822d3a2ae063583609298790a58b73fccaac3665dd78ab4a15d4c12a996799f41dc79b9f3d57a627a7517cb0b51c0cecf43519f19db25073246fa0d8e29d209ee94372325d56aa5ae8d45", 0x9b}], 0x1, &(0x7f0000000f40)=[{0x30, 0x103, 0x918, "b9b0597d21d227c112b74fbadc29c742bca992f94f18f93f4a69"}], 0x30, 0x4045}, 0x610}], 0x1, 0x4001) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x13860b96, 0xa0000) fcntl$getownex(r3, 0x10, &(0x7f0000000680)) 2018/04/06 11:40:59 executing program 5: capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) msgget(0x2, 0x58) r0 = accept4$inet(0xffffffffffffffff, &(0x7f0000000640)={0x0, 0x0, @multicast1}, &(0x7f0000000680)=0x10, 0x80000) getsockopt$inet_sctp_SCTP_RECVRCVINFO(r0, 0x84, 0x20, &(0x7f00000006c0), &(0x7f0000000700)=0x4) r1 = socket$inet_icmp(0x2, 0x2, 0x1) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETSW(r2, 0x5403, &(0x7f0000000080)={0x8, 0x401, 0xfe, 0xcbe5, 0x77e, 0x40, 0x0, 0x3, 0x2, 0x4, 0x5, 0x10000}) setsockopt$ARPT_SO_SET_REPLACE(r1, 0x0, 0x60, &(0x7f0000000140)={'filter\x00', 0x7, 0x4, 0x480, 0x118, 0x118, 0x258, 0x398, 0x398, 0x398, 0x4, &(0x7f0000000000), {[{{@uncond, 0xf0, 0x118}, @unspec=@CLASSIFY={0x28, 'CLASSIFY\x00', 0x0, {0xfffffffffffffff7}}}, {{@uncond, 0xf0, 0x140}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac=@random="2c8ffd59550e", @remote={0xac, 0x14, 0x14, 0xbb}, @dev={0xac, 0x14, 0x14, 0x19}, 0x8, 0xffffffff}}}, {{@arp={@dev={0xac, 0x14, 0x14, 0x11}, @multicast1=0xe0000001, 0xffffffff, 0xffffff00, @mac, {[0x0, 0xc64cb76c873958fd, 0x0, 0x0, 0x0, 0xff]}, @empty, {[0xff, 0xff, 0xff, 0xff, 0x0, 0xff]}, 0x4ee, 0x2, 0x4, 0x53a, 0x4, 0x2, 'irlan0\x00', 'irlan0\x00', {0xff}, {0xff}, 0x0, 0xc0}, 0xf0, 0x140}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @mac=@dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xe}, @rand_addr=0xdb2, @local={0xac, 0x14, 0x14, 0xaa}, 0xf, 0xffffffff}}}], {{[], 0xc0, 0xe8}, {0x28, '\x00', 0x0, 0xfffffffffffffffe}}}}, 0x4d0) [ 377.309556] FAULT_FLAG_ALLOW_RETRY missing 30 [ 377.314174] CPU: 0 PID: 24054 Comm: syz-executor3 Not tainted 4.16.0+ #3 [ 377.321006] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 377.330342] Call Trace: [ 377.332923] dump_stack+0x1b9/0x294 [ 377.336536] ? dump_stack_print_info.cold.2+0x52/0x52 [ 377.341707] ? kasan_check_write+0x14/0x20 [ 377.345926] ? do_raw_spin_lock+0xc1/0x200 [ 377.350146] handle_userfault.cold.32+0x44/0x57 [ 377.354794] ? handle_userfault+0x16c6/0x2760 [ 377.359295] ? userfaultfd_ioctl+0x4d10/0x4d10 [ 377.363871] ? debug_check_no_locks_freed+0x310/0x310 [ 377.369046] ? find_held_lock+0x36/0x1c0 [ 377.373091] ? print_usage_bug+0xc0/0xc0 [ 377.377135] ? print_usage_bug+0xc0/0xc0 [ 377.381178] ? perf_trace_lock+0xd6/0x900 [ 377.385305] ? check_same_owner+0x320/0x320 [ 377.389608] ? do_raw_spin_unlock+0x9e/0x2e0 [ 377.394003] ? __lock_acquire+0x7f5/0x5130 [ 377.398227] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 377.403744] ? graph_lock+0x170/0x170 [ 377.407528] ? debug_check_no_locks_freed+0x310/0x310 [ 377.412697] ? find_held_lock+0x36/0x1c0 [ 377.416741] ? lock_downgrade+0x8e0/0x8e0 [ 377.420872] ? kasan_check_read+0x11/0x20 [ 377.425001] ? do_raw_spin_unlock+0x9e/0x2e0 [ 377.429420] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 377.433997] ? kasan_check_write+0x14/0x20 [ 377.438221] ? do_raw_spin_lock+0xc1/0x200 [ 377.442438] __handle_mm_fault+0x34be/0x4150 [ 377.446850] ? vm_insert_mixed_mkwrite+0x40/0x40 [ 377.451585] ? graph_lock+0x170/0x170 [ 377.455367] ? find_held_lock+0x36/0x1c0 [ 377.459411] ? lock_downgrade+0x8e0/0x8e0 [ 377.463545] ? handle_mm_fault+0x8c0/0xc70 [ 377.467758] handle_mm_fault+0x53a/0xc70 [ 377.471807] ? __handle_mm_fault+0x4150/0x4150 [ 377.476379] ? find_vma+0x34/0x190 [ 377.479898] __do_page_fault+0x60b/0xe40 [ 377.483941] ? mm_fault_error+0x380/0x380 [ 377.488071] ? graph_lock+0x170/0x170 [ 377.491852] do_page_fault+0xee/0x8a7 [ 377.495633] ? vmalloc_sync_all+0x30/0x30 [ 377.499761] ? find_held_lock+0x36/0x1c0 [ 377.503809] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 377.508635] page_fault+0x25/0x50 [ 377.512070] RIP: 0010:copy_user_generic_unrolled+0x86/0xc0 [ 377.517668] RSP: 0018:ffff8801c8bd7ce8 EFLAGS: 00010206 [ 377.523015] RAX: ffffed003917afae RBX: 0000000000000018 RCX: 0000000000000003 [ 377.530273] RDX: 0000000000000000 RSI: 0000000020013000 RDI: ffff8801c8bd7d58 [ 377.537520] RBP: ffff8801c8bd7d20 R08: ffffed003917afae R09: ffffed003917afab [ 377.544766] R10: ffffed003917afad R11: ffff8801c8bd7d6f R12: 0000000020013018 [ 377.552037] R13: 0000000020013000 R14: ffff8801c8bd7d58 R15: 00007ffffffff000 [ 377.559305] ? _copy_from_user+0x10d/0x150 [ 377.563525] SyS_sigaltstack+0xae/0x320 [ 377.567479] ? do_sigaction+0xa50/0xa50 [ 377.571434] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 377.576964] ? fput+0x130/0x1a0 [ 377.580227] ? ksys_ioctl+0x81/0xd0 [ 377.583833] ? do_syscall_64+0xb7/0x9d0 [ 377.587787] ? do_sigaction+0xa50/0xa50 [ 377.591741] do_syscall_64+0x29e/0x9d0 [ 377.595608] ? vmalloc_sync_all+0x30/0x30 [ 377.599742] ? _raw_spin_unlock_irq+0x27/0x70 [ 377.604216] ? finish_task_switch+0x1ca/0x820 [ 377.608691] ? syscall_return_slowpath+0x5c0/0x5c0 [ 377.613619] ? syscall_return_slowpath+0x30f/0x5c0 [ 377.618530] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 377.623875] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 377.628705] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 377.633874] RIP: 0033:0x4552d9 [ 377.637048] RSP: 002b:00007ff15ecfec68 EFLAGS: 00000246 ORIG_RAX: 0000000000000083 [ 377.644744] RAX: ffffffffffffffda RBX: 00007ff15ecff6d4 RCX: 00000000004552d9 [ 377.651992] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000020013000 2018/04/06 11:41:00 executing program 2: r0 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/enforce\x00', 0x40005, 0x0) fallocate(r0, 0x0, 0xffffffffffffffff, 0x1000) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_inet_SIOCDARP(r1, 0x8953, &(0x7f0000000000)={{0x2, 0x0, @loopback=0x7f000001}, {0x0, @random="3b5f09814edc"}, 0x0, {0x2, 0x0, @broadcast=0xffffffff}, "00ffffffffffffff00"}) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000080)={{{@in6=@loopback, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{}, 0x0, @in=@multicast2}}, &(0x7f0000000180)=0xe8) getresgid(&(0x7f00000001c0)=0x0, &(0x7f0000000200), &(0x7f0000000240)) fchown(r0, r2, r3) ioctl$EVIOCGBITKEY(r0, 0x80404521, &(0x7f0000000040)) ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x89e0, &(0x7f0000000040)={r0, r0}) getsockopt$EBT_SO_GET_INIT_ENTRIES(r0, 0x0, 0x83, &(0x7f0000000400)={'nat\x00', 0x0, 0x4, 0xf7, [], 0x7, &(0x7f0000000280)=[{}, {}, {}, {}, {}, {}, {}], &(0x7f0000000300)=""/247}, &(0x7f0000000480)=0x78) 2018/04/06 11:41:00 executing program 6: socket$inet_udp(0x2, 0x2, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000095bffc)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) sendto$inet(r1, &(0x7f0000762fff), 0xfdc7, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001, [0x1f22000000000000]}, 0x10) 2018/04/06 11:41:00 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(ecb-camellia-asm)\x00'}, 0x58) r1 = fcntl$dupfd(r0, 0x406, r0) ioctl$LOOP_CHANGE_FD(r1, 0x4c06, r0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000ff8000)="0a0775b005e381e5b3b60ced5c54dbb7295df0df8217ad4000000000000000e6", 0x20) r2 = accept$alg(r0, 0x0, 0x0) ioctl$sock_inet6_udp_SIOCINQ(r2, 0x541b, &(0x7f0000000280)) sendmmsg$alg(r2, &(0x7f00000028c0)=[{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000001540)="2cce685da4200f4f93f174cde51eebf6c6c1ba6939673e56035aacef372be338ba198fc9613bb9a154818ccc4afe500df8d54ce239730a5fbb47ac8eb8236ce05f478fdf6209c3d9e2bc0bedcdfeb9331422a5dbe29f94a0d9f5ab1a33c501d698b09bd34cd1defa651c66f04f20af49fad0b302aff66bffcf87c34bba8a2c6e49b6fa337fc8fbed12e5d2bd5666cf2b731d7b1818bee334a4d4694eff35d15a8a6c64f8aa3327dda60e3ae8342e4f9e970cd9506dd444516ee12040717a79c4b0e85b3ce1c5053cf2d86b6d3d5e98f6d83fbdae740639a1cc738d61ad34711172a8a0bf5a22a211819202c3f99be97593fb01cc7b034fdebd8d78c627aad8a9ca455fe99a638b6815cea7239a980404a155ca57272c4e1d8978ebcef7ac187ffa0fbeaf6ece7424f43d2cb6900a7c0bce14ad071e90630274251ca145b295d22ce4ef9beb98de715c66a26ee8374c17dc72e263662a92b97b0c60981be52b8df959e53bb1c53a68b675659bea4307d202caa2e128c9c3a9745de1f3336afbd3c5005ad106783e0d9a52fbe6c2c156e32b8a633b4b7fbb58cf2e239d7606ac9aa323068df528dbcfd1053de6376c671f3e6e66e16e2708f927f146a169e81350e93e0c2f7e6bb4289bef2aedf50db0719d68ca48f9055fe31ba143c1ddf31da89e5f3fc185c977b66a6c8e4454d5e22351d8645bea970a4a077a6d5f7598c45c65b30b0b5c7f1f80e3a1a51dc4bcc8dd721f4cdd4554922c783d3cebcbab0331fca1374a9479dd659e225612fc83b26ee100dd133b296db7e30dc57019b2e2baddafb8b7b8188bffbe4088c9541fc96724e9c60e6f00b4408ed1dc730ddebb78e645d08784767926abefd945b606dcf14eb4c31fa2f01b3dc263659cc7cd7cc1ec9193031de16b182b012a2bf28478f4a912e3934411d7f95446e0b40a2fa1b52bbb69c5450e589e15db1cf19b2f3ac0bd49fee82d8ac9b5c47d1f71ab384200cfda42b2b24c226d168ee196c219310e209d40bc26ea6b84af5e3ae478217bf928979b4a10f4f272c9ed5e9928ad1e90c61a77587f69fe1b8bd4bb8d7a25306d90b6d10e8e1175b1584163a18dc4365b683f0478dfa0d08e6104e117983d8079c5cd5b2ea24b918404e4ab794964a2db71b94fab51ce1aaad92c8303476e95241781bf3835de3aef4ae6d1be0b032775b5de7b34bb08f7498c3607af732cc994ac84d26071fa68ca0f36f4760c11e25dceb09df8b3d294039e97bdd1f1ce85d7000c6431ed16140f7aef19f5a644d84bd69998b29480e4df3d48a370dd8756a4d898adce2c23823460f6b5c8eb56467e280d1ed0f0d8c7d3aa757337d6c6bc3319a284b0ae67f27f2a2a190ab5b30a45cb71bb6a7b76f697cbf7811500bdecf60e7b6e473564f705d6ab45fca6ce05a7838bd3e6c9cc4dc1a0ec8bd49fd547c2b3cca86c805a39d021c9baf2f9e2456fdcf6973f36970a9ca29fe3cc89a115209a756f83e494c96b7d8cf2d72448ae1ee190165433022eac2547a6886d660d413ab07bd575c88585176770d8d92991e6fd7bdda9cf3f28416ab7454656cf608d29c1ead7b4da88daea3254cb6b3b0a3cb3f86218b50426e1074c21c0220f43defe06fb327191373225f4a9ba55a43d67d7de1f9f5a5bcef81d3f6033a788feb6fa8f5151cb1f80a220c511f78fa7ee7b8e9ea71ccee16411063c6ac2a7a7cf2cc4f894a3466afe73c383bb293db3b80ae8dcc126a0c9a4b5e28fc6e0d73275f7d65f75d94ce78e2298f522749978b19508f10fb3580d5e4b4bb65f4f2b48833062ec5118f4216b629dbdde2704d995040cb2b5d5f64910fd4d403b662b3ce2144a1ea8498c5904202b8435a5e6bbaf36bddb32956d4f1879cab8716af8a041d7b57dda27482675f79a84e1cf368cf7d35bb208fa3e74e4105ad2f5eafd0a96229cce8a6cba44f18183ce58d30b8d2bc8cc2e39ca788469eadfcc49ec09ebb5d0090e27056347892bc5b3c66a24c5eab4984eb14c008c3c105ea9f8f028eac855e99616547e954b18deeefe6b36cffeb49476c30d59c2680dd927748523593b9b0060ff191637ab7347fbb376d489049edd61f14875da6d9d0a8154acf8c38ab8174c0eaf3db4d91fa5fc846d25b07d4c906f110a5a30c6cc6a3b6500fbef1d8a2eb6c03cd7db41be42017f4ba672c7ab3d81bc41f0bcf515d810f4b5eec00dafa79062633de9c93a27664af01a3581ae86068924bf83f0d018ad993562d2b2beb12c2367f96454ee240fb41738fd47c4628864a4f396e816e4255980a47d4eab9f041f8955774405da14c5efcc43797318330ec003c5e19420669ae27421aec53e3bb11d5e42f0e677d1a36e34b80a96601f635b0891f3af736c3c33d1310625651324271485125378cf81d21abad0c6d1c640e594a7d7b6d02435553b965c28757f4d77e7e29d533f2df3e0c02d95ee946279b51d3d18b3bf69bbd686186803a4d99362d9ad0d9392b33ba951352a619636eb690b0cacf65f052f2cf5246677dbe2c1dd29dad3e7917c32f5a7ea6bab29d5d38f1d3bed48fbadc326f3759f8ba4d22403abef2fb89993393168a6cbf58c68b7022ce29eaccaee4722228f2c580dfcdfd50b4ea588c63a2133ae1468bbb0c0e07c7458b0a0a4845ee05fbb2daab1b4a159c65ff885d3c34c5d5a3a825b5d55da16d365759246157bf02caf57c391c17d9b1a08e50c18560c819e24576ca170d11e6d76bcba9ee83c9c0e758fbf143b46ac817d898e33543b72bfc90561d76e0d639bf8966c266eba7fdcb1dc6d945b32fa2986285b8428f840e3675f2956af49c6fc51cc7c1f8819fccc75fd9ffcbb67dcfca668de6785d4e09b70cd0052562594ef16be6b3c8ba46394198b13f8ad8b6aff56258be45e7166fbf4d8fbed9fef1a9f92e7ac0f0601564fe2856b0c28eee9c6c9af3543af2397b0f7147ded951b9ade198c393aee4031f4f25fe2419b18f5b7060144a84f5b6cd3a0dbbdc81f063906d21a10c42c3b1c22cb9e977270fdb858b617f2a124cf045326676b2c6df69116bb75d195c7783a1d68e92aebbfb817ff9ca09df890069626ae5ddec91ae53d1e0ad9fdb9b28c6f5351e20898c4d7cb82c265e1ca53ff749a5539f24878df3a4269936eb38cd5e0f00e74a566f7f863dae0fe7181ec5d87c25524f4a1a21c36bf0a1a49c21f0b6c61912c9e6507cda809ed37444ec2f64db4d60c5ebf60166f6ef055dc4aa3b9a512a2963314767d3a1a026a373abd5dbe1d65e05cd938922011d70df5b019b3adfc571d4e7a3b17d7fc3ce527d903e6c283e5d019cd85de0c27df7d6f9efe86a9b018fbb85681f8f448ebac1fed759891671f54f5192d05230164fc6149d77b51903a18b79f89fc3014d9baab8df622e3078e77c76c45001af445fe129f654ac27af3b20b3e5071a18145740e65cef9e0e1e95e7693a3c2e5fa9e486a8b40b3292553076adba9f0f18bc4939f38dbe53a84bc0c92c979404c233263096528345f30c700eaa6e9d2a5993bee663200e9301a7269d2fa400dcbc850724486fddd8a361a19b6b61f3d373ea51733a0cea0a991b9fece0e36263a1ec5a8d62c8a5f04c244962199060c97edf87e89308615786f17036ea122d91933b06e90a6f53d3970fad274b80c32bca63a32911da85a97145c8173fdc4021328c9b905aff2ffb3388184cdd53561dab28fbde4f573df211a7d184d0f7c15e70b0757e9aa91d92cabf2324ca3a498047a27efe1bfbb3e7745693505568fa49cc3fc85c9b28f4c71c58cf983f05b2fc6e4a37b41c2c3fdfaba8e709fa059eb4fbb0d7faefda500eed340cba011ab9979ebfce2f1bae7ac86c90111cf8ae2e2f6c4a6d557cb74f8080622537e03c63198023a25042d342d888697332c589c7be8610f0c832eaa3b0798039d5592b3570d6868ee6ad58d93043894f8e3d09b5c5c4117a3d1e62c3ef4fa73c19692e601a9fc84a7722a2cfff95afc36de9a79414f018066321505660587e4bd6a659985b4f93121f07d047cff8f94ee7417d542f2c7c184f5b02815bc2941fae67bca6c0c01600d08c8a640b48945df442eeba5cfca086c0888ae18f2c4b0b02cc48db62fea753e92a70750f6928b4f0c8435c5a9dc871ca0fb73683bcf63b8b0416d66a1d9a9235fcc9951d05696a6c709ce6856a562131a40486dad12b547c720984e343b682c6d239637670d2736e4cd16ce9bdde85d2cc936383dc1e1b9b1598612f7cf7e52624eed57ff967eeac0c403e125de004dc46a78f7a77b38a3717dca3efc2ed51d7152288b1df0f67a30f9559952abb1d37aab88b6b9573fffd48cc08de821d4b7dcaccb66c2b007068b0fd33224dc5f8d0c9b5f8b30c15be7ddc86c1fdb8aefe79933ff358178f0b6b7aa72654d056c75a8ed5a8eb319a84ba493550c8198def424c450d2a675270f091ca2058bd2aa363a9327ab02f91f66794a3a8392c749919c8e9d278709c81f524e9da6e9e05906e587e440c1f064000719b7f26ce40f183948550b7d9750d7b57544818e6b92aed351cc4c8a51db647bfd6ba91be66347098d206a872b2b0356433680593b9252d6fffdc3e2594074d989651b49c2cdc91ce707ad7da7f6e70f40fd22d6f3554704f19a5f1d8b9001db1cf3cac6c959420f886773b136ecd844cb691af90aad841b1752165f5dbc968bdb92ce854e8ea28d61570f80bb690f89b66fb7518ef62c8350a4d36de504860951416b355f0164bb41c8e711c7f487407a445481ea977315436f06ce851546496b027fceb5f3d74a36805ec647128b1b40f0b14d993bb0da500245cc1a37bea2f01d4b020f791c6166922006ff30fd01f38b8984122e7ca6a2f5a3ae6bc73284ecd452a01b024983e903e4cf55dfd917dc5caab92d6804c9625e1234be92365280e15082ee799b767a9181d5cf311f9266a23a7423526bcfb8a6122e38db58c7e3fa666bce7a24f9de4ff3556ea84df90f4f0ff7d0de6dc59050427ce05fa7297ca69ffb7f16b4149d436bb6b331570baa84496f28dc748258f51586667db3f9dd199d5562371ba8b24eba248793a164a2aa2dac6dabba6cc39995d062741a6810c86686d0e0597a71a7a46aebcfc54a0c33664936adc6cf343870634a6b66040ab84082570809c53dcf8cf7c4ff463f9e04542b7f896d82d3ed39b60647e617dcced9d32250175ca6b7c4f6d420c2ce75234227619d86b8c1f2c2e161e70dc66d13661474f9c7afa6d7761c9f227edcf75121570d91ab36dd77b6fe78a1846d6ce9dd4298228cc91a3504875ccd9c52f5866d232d25b32e9e25947af436ab69cdea3502bdb4eef96cdf2e1cf6582da7648ae446c4d45fabde1e10e4ba6eb066b001bbf306e918b61a9bcddaccb7151c6efe350a8e2dea05e1eacdbc9118ad5476539f2fd36fe501a3c27d40b169d4f72f5e72d9e7b40e1aa575311365fb6d2bcabdf3ef7a37c8a27370173dc74a835a66329e59db17e54b15d0c430faedabe23dd7f92fa378bd4e36a7e9a65022af316d", 0xf51}], 0x1, 0x0, 0x0, 0x20000084}, {0x0, 0x0, &(0x7f0000002840)=[{&(0x7f0000002c80)="3f81e8e5b0b367e91a2202480b84a08e7bb8b9a5b25b6be242f9e90168662c2ebc6105d46b9d0e3890f44435c065c166074901f276a09e530be8d4cdb019b52c590955001b6be2ae493658428a2cddb4d49a1a78fd2cb485787038ac7dd6d1e70e49b19643d5dc8d15b3b78c0b7b7e860e6c19a57d35cdbcaee59e17f4c090b9b0b28be2ff3610bc4b5b950d6d5c3d18910fa66fa806b61a92f1199ed8c28cdfbaf8fb4beabde461c99066294ca1e6deb1ea8089eac0ef942d1716014a7fad7b1aed94e5140446f6082e6edf15d4d6dffe25a2e20d41a5ce070c3dcc35e9975c71a56e5c57f29675c77cd5c5a1099458c68599f87777d65cc1778741923ce612591795a22eb4a0bba99bfea61eba3a50306896f8c5095590b073e983f1100e7777a340c46747ac16c9510507ae0e625e14284be34b8b74591d6cd6fc72fe63d26ac40e5f11ad181c9b08c5a02db2387447c995c640a4e87ef8d1501a01b6c088a70b3910cf6c75e6bfd30127bc0c70b410eb632d4d6ed5269b6dfc654ffae1421994fadc00381e29c76161b344c54cfdbdba488aa1805a93e6f0bf2d6f2df92cc93c239e2070ca3858d18fc253c978a8eaebb0ede1b4fe386c777dd0c21741a291a666fb639f84bd7c2a7009b838774aea8eee95eb4222b78534b1fc609c4c3831f77a08695464b1e6032282186339bb618d32b967d10819c14b5245971abf11ae85b266f7916e25d05051efb1460c4f4bd8f9fb8f48a4eadf73e00e4d03cab410d59fde6ef098a57f4601e973fe5e04b465d5800fab3305cb769ee0b253795cd63a323a17ee2ad512831ba4ed6542a9cb865ea2970307e0b340ac5a30828977f630ae4679a88e02a1fb195c9ea1443c4161b0ec6c3a4fb7dfa8d56a8de83a2d1615bfcfca5ca7651adfa3bcca1161e98b1b87707d9e8c29119c2e11cdf9f1a60612bb64f5832ea4ca3f3249594de1cdc6e4b421cbd4f542a8907d0c9824b087f19c81f4c3bd4114eb2304884b409d500fab4be430315b33a31b4165ca48f227fc7671edccfbff6e121b421f599db5dd48d866230f1f6ef6a300a2fa44a443f4b35cd81d774b32d1aa27759fe77df870fb2e0f9c26e7259c3ce7529b6e5ec2273ddfbd0dffd63ead184d53f5e223e2c9d9b2b7ad2013be9fb2bd1237d30b5bcfaa23c12d73a621fb82a13c3fe947ab3fe26f32a9b2ed4bec4c99c5aee1d3779cc060288c5738bfb17bb2e7ca146bd3b9e08d28744fcf393e758b7e0a6cac18bcdf8125183418511909e5b08478f0464f5662f90b5a3fb5c4d2f0db15ba2ee4cbae9a7a991d96bb2731d73c5bc4066e386f9bd9fb08dd0227751b5933001ad689d900f4848d40bab515aab8391809d9c17255c9ce6298e3dd82e78954822d83b7e509884c1d4e5a239404cf852a1645afe24400126d278ee65ed248b24c52ca7e1a6b768793d958c7c732c2f5c3bd4c2edf6449b9d176839f4927f737b728208a16622a733caba4a1c6adf10ad4e5a8acb62b75a850228ec4e1ca4ab3922f5c13c054bb200184c5a5a3d4402a9b0cc6bc5ddddd29fe7bc0e247d5e6d35aa8585ac594d62a3a20121b3c9d8876f5ee23c274b95bb8d5fb229e245bc034cddf1fe38f806b9664e775b8847774f209cbb1cd21b50134c3681e1d90a7c563d7f24c1c89889c10f98514c748ee95c97afcd7af520d3d129c25766e68dd326dde4d7e65691ee252a496e0a3228f77f7d5445717ea8aec60bfddf89a5deb1446225336efd63224942a09fefebc25a35465e4170ed26c7a06eaa9776cbfc3159c7f1cbc4bc19da8f6969ccc5926911ca2ff2d209063ce8c425c891b0057453f5a1a74443eca61580d77138a6fc34db043785579303562475aa497de47bd0712bb52c60ca422271841a35091a0df23eaa351470da4ec2777cb40707b68a545ce84cfdf00791835fa5474304d6a09bc74cd5153195488d431fc1160bd4f038e39f6d4b71560a231c75b8e14a83bec7751a358b0a8f996462d8caa2387277697ae48fd649b5cf0e3e275dbe463a0becce7aeaa83322f8cbc324efe447261610d9d769df19997107b9a944a5bd6f12150a847d8b1075ef291923122ddd4562ea19ae4a4ee0037980fa2207910f6017f0e708d3669a28d51cf3d7fd3e0ced1ef983b5e824aafc6a94d06989ca6d1a943fb1ed9a2ee552ce79b98b0d498c342747fc41cbdd5b7fa9058531a82173e31ab107f5864f335b693932fbba55af10d574ca13371fb0c5e39beae64a9ffba724b8c8d3dd29775eee9233985693237f07328d636f61bc6270f62af0ba59838439b673b91411c0de0de62efcccaf8d0969201f42bf672dd30b6b3486da7b50183fcf4990ddb7d64cb8b18da177e1dd88a06362be4d2b4c4694d52672f1070c92afcb6c24954c320f839cd0ce1f19bc7ab76a5a0415703def7c362e66d6f1060affee9839264c0b40d516c336f906dfafb4de1847626f79596df5e28f718979559cda393a3b056bb22ec9a446689982e86a84471487f83862b15eee03605e8a816bf8462b55b5af902d3e65fa2bd12153a877668fd262053be4ac9ed3d47b43ce6d1ec779a6114eca1847db912f77bb29c1dbf56a1ab9be30ce8b8285ac5a459ae32fba10717880adfcbb3c4990e216b7a3561280d598ee3378c9119cf21358b5d818fcad56416ab2af69ca50b94c0998f88dac25606855ad741376f66e0556893e342446c8070a21392fd0ded0486fdbe8b0fafebd3e82186f2a3597d680fbeb8aef0da7c2ce059b091c51da79f8bd86e70ca3b9129553d392e332181123e05d067ea73f295705767ccf45ff8cd2c60633e38df57497a21573f18c7c28438a8e6729f85dd26cff12cdd0cead31ba0bf0cf07ceb90074bb2ab05cf101f4bed39ec5290f31cccb1b212e7483dde7b774909235cfbffa7f4f20a7d6e7baafe9404368a30bd41af2e7f464fddfa101a1c0a6b876cd01b88624b85b1279e3323ed7c31aa8d4c8d0a4d2835dc2637fb3b937548466d592351c74eb32dd14b603fe0caaf76543bcbfbaebbcad22542ed68e47700dd45ab87ab1b103c8249b62822d3f244a00733274a3b3cee6b71f215c1d162bfdf8576b5678dcedcd24062b7ecbff9484b184d818349d70baa2c29c3b09f0031e08427d097f207691340d0c23fd7ce74d6ab5c7cad36361c9b1d00ec7ae2d497d15b166a6472a10e1a146107aecfb05c58d746bbd4ad45ad6f193046e05cc3af1c9d835892eb393e7e443bfb43e4cabbc3b2c540542743eb7812b101ba1298af92f3d24b1faaa87675ceb5acefdb2648f2a6ee60c05c014376b1de0b17f88f51180fa6e43844c45fa478d513a8b075d80e1a0f807143843820f58d27cb517424761cd5cb1090793e23bc5c3ce4e4a934cda823b47d4bc9229a8d740973551a5225df5161ec4f6c0694c0628aa2a4cb49ec54df0d9b98bd95ba3b5caea3d4701003f7a9dec22d4725a693ccb8ba1a7f95bb818c8d3e716d9a8f96da70d8573a2eaa7325a6106780639dc4fb4bf83cfc81c1aa5a8be6421cfd05b84b6583d867574f99016202080e77530b83e042e275b8da16c797da0686330b2702668dab8d3b6c08c31aa3f6343851c99798569e14719ff619af38eb9bca049cebdb861b533b86fe44ef969260721f9a93c33fc0e2009a05e567bc7711756bd4c682d94f3f6481d2fe38dbe1b3415c3e746243c0de02f19deccdb42a70a16b8f4bf1b367bc6654faab17cc24ee8a083014d914043ec7b56a39a17dc2a36186609bd8b42dedcd91c9a8cba96f5547901537729d778ba482e32001906c95bce38fd07ca6ad0f52b5bd70686fe71d6ebc586e7f9b1f061a9d5084b42cea62234bde8f074b2f63c60314a4de558d259a6bdbf71950a306b083e53f2155cc315288dfb26330703cd9c76d3205a7f77f9e47bce06e39761d085f82c04b9d3ff779e9462145b2a5a2553d51cc2f24a8e258746edeee2686f4d954b98a46637a01df647a8c483756cff5f6c6c7b1a23f55ae0bd45f2bb355902ae6e27af225ccaefc8f1f870da51457b45bb16f49da5d852b89ccdc755189ac983cc78dd3e6208e225b8d8454be076ffb9f74f67fb8ed68eee5a78a8ed57e237f191a3b003f100f679db931cfebacb4d0ba87b5584c2539192f3c0d8ab4da76e074802a6827aab3ccf96f204f6a2cc8a3b429c7594554cb3a35b9a2782c1c851e6cc43ee2abf4203d644a803ad110447d37731b9444a52986e0a81b73ecf564306f27c9222a1fafbf28e0e56a6e6bf62c8fd5472c70c2d2c612ea6a5408fbb9282ea77ace9d648c39daa36a8343a98620ff08608379e5649d0db5ffdb5f313b5dd6cade0aa1924372ef4edeb74660b59e4d7a609aade3dd9ea360c5848434d7909f5052adf4be3d5b66573ae3041baddfc4e8457dfa344402081300caf01bcc32cb23484a50609091538b336920dfc518a0ffe130ca1a59dfebf226daf2d3790ff1b9242e6a54b86c8bd18211aa29b9a97e5e09d292a0822e02307d718fcead4fd69fee71cf5d9aa4edf6bee7daf43ff7b372b80549dbec100a6ed1640f492eba41a0f67b83b6f537c980aa56e0e982d91918db0a069a7e296e7823943f10d7f9e770159957e806afe77b80cfa1d9c2f6f917f272927f6740d55f5282e2fa0f780fb0d6d798057eb655e3671001174d6ee59e0fe9b5bbd34992492306a249c4247083bc8c6edb08af7c9dbd4a0ac2f83e727ba93497c62daf4ee6682f5b4d1139838c9bb566df36667e55c4f5f4c00d9efdd256f9a5735d841746c5735921230c618434e3bcf1ad2d492958b26f92710a8397536df333b904ff317a59f014b819d22a4545abccf9bd5a783a5e31c2c86fd6b96ac76ebf02c441eafd35673a53a08cf9502f9f419c124e893e2285e783080046e9c8cf54882471ca6b1070868c7bbf40469e26d8fd479d8ec2906b7e44ce2e371faf69eca5dbde530f80d403689cf454181b1a15011ce2a0480e41f3e091819dc961be900136ebf40635a918ba3676247f1a1d464b60aff5aebcafab9ec3a1d7091b2b643fb46ff75c932c8736ba332480baddd6f937931283f516e7c6fc988c1701329761e8579711a9406ff367653b9ed3534786558f3351d69a5179a00ecab80b7839a54950e8aaccf0aee83b4678a0f45e32ad382882c9081de0422215c208adc8208fbbe34804b8e4abef48d562a1f4ff36a5a853dee9c0baa6b3059333c5f328886b9d1e20fcbe92095368c028665f85ab1b691b7ccd025114191789d1764b63e344a4254e542e3e52194e2c49903a295fe6dbb0a4348cf0369f2c7aa17110b97fb8e93ac469b564e48d368853668a03225830ad6165b9a98eace7fbfd26abbb9d44034c5f11d7ddee43b7316f0e99bf5935ef2daadbe029e9106ea92e29c9f5095655ce8059be06dd65e06498538cd2219b09341a4d3d7caf614fd20f2e87545cff68b0b6a6c205eee0ae6cad256fe939464864d866b2830265ed7e58ae3053ba875bb4e1b533d1aac98950e4a15111f7effa2cb7f9ace43e1cceda556156af327b3f814c896c52e105b3a6d14e7689d1d00c59a0930f7bdce962c37f9639bb2de5f38fbb0e440dcbdf36922ee92cd35feee9f2e216f17fa0a7503a17220cd2e33032afe0f0272374207a9cbdb4333d11118dce7e01c4c1af5d9de57fb6836de264e50d2afe24a1a9507257c0e61dddb33d136174229b782d5463eff31ad44a06e69a1aab96ccf4fd2e39e04b2dc5ec57af938d8b8297be60f743fd1a38ddee477ea6", 0x1000}, {&(0x7f0000000300)="79a83fd29daf069f67dbeec8db0b803e7f1b59b579e90d086697353da46a7d53cdccf5d6d237e66fb1f732008674b6ba128bb8c3f7ebb9ca54afe3a51cb30fa648505b335e33b4a4cb95158c5652a080656f0116e8ade8e00d15b70a569790a930fcd5e2e1", 0x65}, {&(0x7f0000000380)="3d078b1bf34f24d926956ae1b2c25813bbb197c02fe39f061b", 0x19}, {&(0x7f0000002740)="c1cb7017d371539c04b3665e42f17cad3d0b2811536a5d641cc910a2e7df3a56cdab59fbda0d29de0a4c7d90df3e602106a8b11c0481407066142dfc057ad17ff1988c8d4defae0017d404e0ed50ef1a303ae5ab372fa1a4a00a4e99cc141737f336c557df3ddda26eb1959d8bc9142c687a761a18faccd4d05a7d284503dd1b04b71e565268e4258b68a19d338f8d8a3713bbc67aa2d3bfc2c883aa035a6eff579731032a103ab43a6c56c90a869c66b1f3c929216b769139ec27815d44e8b8ce3c1c7bd25f59c43ab27a28c23d19297023bf", 0xd3}], 0x4, 0x0, 0x0, 0x80}], 0x2, 0x48001) r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vga_arbiter\x00', 0x400000, 0x0) getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffff9c, 0x84, 0x13, &(0x7f0000000180)={0x0}, &(0x7f00000001c0)=0x8) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r3, 0x84, 0x7b, &(0x7f0000000200)={r4, 0x55}, &(0x7f0000000240)=0x8) setsockopt$inet6_udp_encap(r3, 0x11, 0x64, &(0x7f00000002c0)=0x3, 0x4) recvmsg(r2, &(0x7f0000001440)={&(0x7f0000000000)=@sco, 0x80, &(0x7f00000013c0)=[{&(0x7f0000001480)=""/171, 0x1c5}, {&(0x7f00000003c0)=""/4096, 0xff7c}], 0x2, &(0x7f0000001400)=""/6, 0x6}, 0x0) 2018/04/06 11:41:00 executing program 7: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$rdma_cm(r0, &(0x7f0000000ec0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000e80)={0xffffffff}, 0x2}}, 0x20) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$rdma_cm(r0, &(0x7f0000000f00)=@resolve_ip={0x3, 0x40, 0xfa00, {{0xa}, {0xa, 0x0, 0x0, @dev={0xfe, 0x80, [], 0x13}}, r1}}, 0x48) r2 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer\x00', 0x40, 0x0) ioctl$DRM_IOCTL_RM_MAP(r2, 0x4028641b, &(0x7f0000000080)={&(0x7f0000ffd000/0x2000)=nil, 0x6ea, 0x7, 0x0, &(0x7f0000ffc000/0x4000)=nil, 0x5}) ioctl$EVIOCGREP(r2, 0x80084503, &(0x7f0000000100)=""/172) 2018/04/06 11:41:00 executing program 4: r0 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000200)={0x0, 0x6d, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30445cc3106098c1375dee48494f9360a6dceec8517e675add01d6167e244f8f663e3529bed2135afaa69efe4f927cc8fba0718a875d52"}, &(0x7f00000000c0)=0x75) close(r0) setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$rdma_cm(0xffffffffffffffff, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080), 0x2}}, 0xfffffe84) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000002c0)={0xffffffffffffe55c, {{0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, [], 0x19}, 0x6c}}, {{0xa, 0x4e20, 0x3f, @remote={0xfe, 0x80, [], 0xbb}}}}, 0x108) 2018/04/06 11:41:00 executing program 3: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) fcntl$getownex(0xffffffffffffff9c, 0x10, &(0x7f0000000100)) getpid() fcntl$getown(0xffffffffffffff9c, 0x9) gettid() ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) getpgrp(r0) r1 = memfd_create(&(0x7f0000000080)='em1\x00', 0x2) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000200)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) sigaltstack(&(0x7f0000013000/0x1000)=nil, &(0x7f00000000c0)) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000258f88)) msgsnd(0x0, &(0x7f0000284ff8)={0x3}, 0x0, 0x0) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000240)={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000640)={'\x00', 0x0}) ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f0000000680)=r3) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000b40)={&(0x7f0000011000/0x4000)=nil, 0x4000}) io_setup(0x0, &(0x7f0000000040)) io_submit(0x0, 0x0, &(0x7f0000000000)) ioctl$VHOST_RESET_OWNER(r1, 0xaf02, 0x0) 2018/04/06 11:41:00 executing program 5: capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) msgget(0x0, 0x20) r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x200, 0x0) r1 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0xc49, 0x500c0) ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1) 2018/04/06 11:41:00 executing program 1: r0 = socket(0x0, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) r1 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x52, r1, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000002c0)={0x0}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000000200)={r2, 0x6d, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30445cc3106098c1375dee48494f9360a6dceec8517e675add01d6167e244f8f663e3529bed2135afaa69efe4f927cc8fba0718a875d52"}, &(0x7f00000000c0)=0x75) close(r1) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(r0, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) r3 = perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$alg(0x26, 0x5, 0x0) r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000640)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000140), &(0x7f0000000180)) close(r4) sendmmsg(0xffffffffffffffff, &(0x7f0000002280)=[{{&(0x7f00000006c0)=@pppoe={0x18, 0x0, {0x3, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, 'ip6tnl0\x00'}}, 0x80, &(0x7f0000000ec0)=[{&(0x7f0000000740)="964616d1dafb11d6d905ea33bd4eaea0dd04eb847bc0a1210ca9456143e31b8ce14caf4a0646bc639707d10aba3e652495977a7a6d3fc41ef6364c47c2266aa410a490f920f407161207ec5352e1ce6c3822d3a2ae063583609298790a58b73fccaac3665dd78ab4a15d4c12a996799f41dc79b9f3d57a627a7517cb0b51c0cecf43519f19db25073246fa0d8e29d209ee94372325d56aa5ae8d45", 0x9b}], 0x1, &(0x7f0000000f40)=[{0x30, 0x103, 0x918, "b9b0597d21d227c112b74fbadc29c742bca992f94f18f93f4a69"}], 0x30, 0x4045}, 0x610}], 0x1, 0x4001) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x13860b96, 0xa0000) fcntl$getownex(r3, 0x10, &(0x7f0000000680)) [ 377.659249] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 377.666495] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 377.673740] R13: 0000000000000608 R14: 00000000006fc160 R15: 0000000000000000 2018/04/06 11:41:00 executing program 5: capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000292000)={0x0, 0x40000, 0x0, 0x0, 0x0, 0xe59}) r0 = openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x20000, 0x80) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000180)=ANY=[@ANYBLOB="736563757269747900000000000000000000000000000000000000000000000004000000000000000000000000000000000000000000000000000000000000000000f1ff00000000000000000000001000000000000000000000000000000000000000000000000014441f180bbd82ae0367af"], 0x68) r1 = dup(0xffffffffffffffff) ioctl$DRM_IOCTL_FREE_BUFS(r1, 0x4010641a, &(0x7f0000000080)={0xa, &(0x7f0000000040)=[0x2, 0x1, 0x1, 0x9, 0x3, 0x101, 0x7, 0x3332, 0x5, 0x10000]}) msgget(0x2, 0x58) 2018/04/06 11:41:00 executing program 2: perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x5c831, 0xffffffffffffffff, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/hwrng\x00', 0x20000, 0x0) getsockopt$IP6T_SO_GET_REVISION_TARGET(r0, 0x29, 0x45, &(0x7f0000000100)={'NETMAP\x00'}, &(0x7f0000000140)=0x1e) madvise(&(0x7f0000a00000/0x600000)=nil, 0x600000, 0x9) r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp\x00', 0x222800, 0x0) ioctl$KVM_DEASSIGN_DEV_IRQ(r1, 0x4040ae75, &(0x7f0000000080)={0x3, 0xd4, 0x7, 0x404}) 2018/04/06 11:41:00 executing program 7: ioctl$SNDRV_CTL_IOCTL_ELEM_READ(0xffffffffffffffff, 0xc4c85512, &(0x7f00000001c0)={{0x9, 0x7, 0x80, 0x0, "fb36786291ec9f099c919051d8ef6c24950701619f3ad508084d229a743d2f6f759db73edc134806900f85f6", 0x9e8}, 0x5, [0x5, 0x4, 0x1, 0x49c, 0x10000, 0x9d, 0x8, 0x800, 0x6, 0xf705, 0x5, 0x9, 0x1, 0x7, 0xdcec, 0x5, 0xae8e, 0x2, 0x0, 0x9, 0x7, 0x6, 0x6, 0x0, 0x4, 0x4, 0xf4, 0xea04, 0x2, 0x401, 0x1ff, 0x68, 0x2f698f93, 0x8, 0x10000, 0x2, 0xffffffff7fffffff, 0x8, 0x7, 0x7, 0x5, 0x5, 0x14, 0x3, 0x10001, 0x7, 0xeb1c, 0xa3, 0x451, 0x7fff, 0x5, 0x5, 0x9, 0x633, 0xffff, 0x3, 0x100000000, 0x101, 0xffff, 0x7, 0x80, 0x2, 0xccc, 0x7f, 0x400, 0x2, 0x7fffffff, 0x0, 0x7f, 0x2, 0x6, 0xfe9, 0x3, 0x3, 0xfff, 0xbb6, 0x4, 0x100000001, 0xffffffffffffffc1, 0xfffffffffffffff9, 0x3, 0x9, 0x7fff, 0x0, 0x6c5, 0x9, 0x6, 0x6, 0x7, 0x1, 0x0, 0x1, 0x8, 0x2, 0x800, 0x6, 0x1, 0x6, 0x58d, 0xcb92, 0x3, 0x1ff, 0x8, 0x9, 0x80000001, 0x0, 0x23, 0x7, 0x8, 0x1, 0x8, 0x0, 0x7, 0x4, 0x9, 0x9, 0xffffffff, 0x1000, 0x1, 0x4, 0x8, 0x9, 0x4, 0xf4b9, 0x7, 0x0, 0x4, 0x100000001]}) r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x400, 0x0) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000840)={0x0, 0x6, 0x5, 0x3, 0x3, [{0x3, 0x200, 0x9, 0x0, 0x0, 0x81}, {0x1, 0x9, 0x3, 0x0, 0x0, 0x100}, {0x8, 0xb88, 0x5130db58}]}) ioctl$KVM_DEASSIGN_DEV_IRQ(r0, 0x4040ae75, &(0x7f00000000c0)={0x6, 0xd9a, 0x9, 0x400}) setsockopt$inet6_MRT6_ADD_MFC_PROXY(0xffffffffffffffff, 0x29, 0xd2, &(0x7f0000000040)={{0xa, 0x4e20, 0x7fff, @ipv4={[], [0xff, 0xff], @loopback=0x7f000001}, 0x9}, {0xa, 0x4e20, 0x6, @mcast1={0xff, 0x1, [], 0x1}, 0xfffffffffffffff7}, 0x15, [0x3e6, 0xfffffffffffeffff, 0x3, 0x8, 0x7ff, 0x2, 0x33, 0x16d]}, 0x5c) sendmsg(0xffffffffffffffff, &(0x7f0000001580)={&(0x7f0000000140)=@l2={0x1f}, 0x80, &(0x7f0000001240), 0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="30aa4a000000000000000100000000001ca41a9b5ea151da3dbdabb475a606e56cab80fab11299a8ab198a0000000000dc25dcfbfb8ba63d5e6109dd3a483f349c53e3c8750a760310bfb28b48353e669e0429731fa98c056e298fb8bd88d141093490dc09b10d790da4246ebb6a80c03ac79a069a2463e67acf628f22434ac0a05c5141a1f00ccb36579988f87ea63e11d95f80f725cab31d777087898a0dd2fffe4277b63086f5aeb3f96b92eb3cef2ed019fce7067b9f3a61e832f62ba3843f0cc41c6b42844b4d20e972fe7c83fd9e83ae43f42b59d6ddd74330ad0f49dac513efc647d5265eb5c4ced9d921606c88763c9de0fd76a335525d2bfea7e0b9799c079e4c6b8cca467045e59cb9a3cdcce715b7bf497a5619cf4a08c7a4f541e3964545e1741255d777a986cb767605139de6e796306eb3abe22ec9ff18462f642bdbb709496ed140124b3cc24be5"], 0x14f}, 0x0) getsockopt$bt_BT_SECURITY(0xffffffffffffffff, 0x112, 0x4, &(0x7f0000000100), 0x2) move_pages(0x0, 0x395, &(0x7f0000000080), 0x0, &(0x7f0000000080), 0x0) 2018/04/06 11:41:00 executing program 0: r0 = socket$inet(0x2, 0x6, 0x1) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip_vti0\x00', 0x10) sendto$inet(r0, &(0x7f00000002c0)="993d", 0x2, 0x8000, &(0x7f0000000280)={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) accept(r0, &(0x7f0000000000)=@pppol2tpv3={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @multicast1}}}, &(0x7f0000000140)=0x80) recvmsg$kcm(r1, &(0x7f0000000680)={&(0x7f00000001c0)=@pppol2tpv3={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @local}}}, 0x80, &(0x7f00000005c0)=[{&(0x7f0000000240)=""/59, 0x3b}, {&(0x7f0000000300)=""/35, 0x23}, {&(0x7f0000000340)=""/41, 0x29}, {&(0x7f0000000380)=""/97, 0x61}, {&(0x7f0000000400)=""/61, 0x3d}, {&(0x7f0000000440)=""/253, 0xfd}, {&(0x7f0000000540)}, {&(0x7f0000000580)=""/34, 0x22}], 0x8, 0x0, 0x0, 0x20}, 0x12000) syncfs(r0) sendmsg(r0, &(0x7f00000008c0)={&(0x7f0000000080)=@in={0x2, 0x0, @loopback=0x7f000001}, 0x80, &(0x7f0000000640)=[{&(0x7f0000000100)="00c3", 0x2}], 0x1, &(0x7f0000000140)}, 0x0) 2018/04/06 11:41:00 executing program 4: r0 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000200)={r1}, &(0x7f00000000c0)=0x8) close(r0) setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$rdma_cm(0xffffffffffffffff, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080), 0x2}}, 0xfffffe84) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000002c0)={0xffffffffffffe55c, {{0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, [], 0x19}, 0x6c}}, {{0xa, 0x4e20, 0x3f, @remote={0xfe, 0x80, [], 0xbb}}}}, 0x108) 2018/04/06 11:41:00 executing program 1: r0 = socket(0x0, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) r1 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x52, r1, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000002c0)={0x0}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000000200)={r2, 0x6d, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30445cc3106098c1375dee48494f9360a6dceec8517e675add01d6167e244f8f663e3529bed2135afaa69efe4f927cc8fba0718a875d52"}, &(0x7f00000000c0)=0x75) close(r1) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(r0, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) r3 = perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$alg(0x26, 0x5, 0x0) r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000640)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000140), &(0x7f0000000180)) close(r4) sendmmsg(0xffffffffffffffff, &(0x7f0000002280)=[{{&(0x7f00000006c0)=@pppoe={0x18, 0x0, {0x3, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, 'ip6tnl0\x00'}}, 0x80, &(0x7f0000000ec0)=[{&(0x7f0000000740)="964616d1dafb11d6d905ea33bd4eaea0dd04eb847bc0a1210ca9456143e31b8ce14caf4a0646bc639707d10aba3e652495977a7a6d3fc41ef6364c47c2266aa410a490f920f407161207ec5352e1ce6c3822d3a2ae063583609298790a58b73fccaac3665dd78ab4a15d4c12a996799f41dc79b9f3d57a627a7517cb0b51c0cecf43519f19db25073246fa0d8e29d209ee94372325d56aa5ae8d45", 0x9b}], 0x1, &(0x7f0000000f40)=[{0x30, 0x103, 0x918, "b9b0597d21d227c112b74fbadc29c742bca992f94f18f93f4a69"}], 0x30, 0x4045}, 0x610}], 0x1, 0x4001) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x13860b96, 0xa0000) fcntl$getownex(r3, 0x10, &(0x7f0000000680)) 2018/04/06 11:41:00 executing program 5: capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) msgget(0x2, 0x58) r0 = memfd_create(&(0x7f0000000000)='\x00', 0x2) ioctl$TCSBRK(r0, 0x5409, 0x9a4) ioctl$TIOCSSOFTCAR(r0, 0x541a, &(0x7f0000000040)=0x1) 2018/04/06 11:41:00 executing program 6: socket$inet_udp(0x2, 0x2, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000095bffc)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) sendto$inet(r1, &(0x7f0000762fff), 0xfdc7, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001, [0x9f7e]}, 0x10) 2018/04/06 11:41:00 executing program 2: clone(0x200, &(0x7f0000151000), &(0x7f0000000080), &(0x7f0000f8b000), &(0x7f000025e000)) mknod(&(0x7f0000b75ff8)='./file0\x00', 0x0, 0x0) execve(&(0x7f0000f8aff8)='./file0\x00', &(0x7f000080c000), &(0x7f0000868000)) mount(&(0x7f0000018000)='./file0\x00', &(0x7f0000a9eff8)='./file0\x00', &(0x7f00007fcffa)='ramfs\x00', 0x31d406, &(0x7f000000a000)) r0 = creat(&(0x7f0000b7a000)='./file0\x00', 0x0) r1 = getpid() ioctl$SNDRV_CTL_IOCTL_ELEM_INFO(r0, 0xc1105511, &(0x7f00000000c0)={{0x4, 0x6, 0x2, 0x1, "1a077d1bfe55cf2bc5644d348a0d24933801e4f6c8ce1173fe9c2fbaaaac86121eb3e3b235377cc5adeabac4", 0x4}, 0x0, 0x0, 0xc608, r1, 0x534, 0xff, "9b680a445ebcef6c0ff9806ec2ba991507654d8363f26f143b39ea06698e1c41047cc1089a126d850df1a51513b7b8c9da8f2ce29a6bf3c72076a73277698e7f", &(0x7f0000000000)='qnx6\x00', 0x5, [], [0x7, 0x3, 0x4, 0x1]}) 2018/04/06 11:41:00 executing program 7: futex(&(0x7f000000cffc)=0x4, 0x80000000000b, 0x4, &(0x7f0000edfff0)={0x77359400, 0x4}, &(0x7f0000048000), 0x0) clock_gettime(0x0, &(0x7f00000000c0)={0x0, 0x0}) futex(&(0x7f000000cffc)=0x4, 0x1, 0x4, &(0x7f0000000140)={r0, r1+30000000}, &(0x7f0000000100)=0x2, 0x40000000) futex(&(0x7f000000cffc), 0xc, 0x1, &(0x7f0000b7dff0), &(0x7f0000048000), 0x0) r2 = memfd_create(&(0x7f0000000040)='lowlan0@*/]nodev\x00', 0x0) openat$cgroup_type(r2, &(0x7f0000000180)='cgroup.type\x00', 0x2, 0x0) mmap(&(0x7f0000000000/0xddf000)=nil, 0xddf000, 0x0, 0x32, 0xffffffffffffffff, 0x0) r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x80, 0x0) r4 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000200)='/dev/sequencer2\x00', 0x40000, 0x0) r5 = fcntl$getown(r3, 0x9) accept4$ipx(r3, &(0x7f0000000240), &(0x7f0000000280)=0x10, 0x80800) socket$packet(0x11, 0x2, 0x300) rt_sigqueueinfo(r5, 0x1f, &(0x7f00000001c0)={0x0, 0x7f, 0x20, 0xffff}) ioctl$VHOST_SET_VRING_ERR(r3, 0x4008af22, &(0x7f0000000080)={0x0, r4}) exit(0x0) [ 378.594510] FAULT_FLAG_ALLOW_RETRY missing 30 [ 378.599130] CPU: 0 PID: 24118 Comm: syz-executor3 Not tainted 4.16.0+ #3 [ 378.606509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 378.615847] Call Trace: [ 378.618429] dump_stack+0x1b9/0x294 [ 378.622042] ? dump_stack_print_info.cold.2+0x52/0x52 [ 378.627216] ? kasan_check_write+0x14/0x20 [ 378.631433] ? do_raw_spin_lock+0xc1/0x200 [ 378.635651] handle_userfault.cold.32+0x44/0x57 [ 378.640303] ? handle_userfault+0x16c6/0x2760 [ 378.644799] ? userfaultfd_ioctl+0x4d10/0x4d10 [ 378.649375] ? debug_check_no_locks_freed+0x310/0x310 [ 378.654549] ? find_held_lock+0x36/0x1c0 [ 378.658605] ? print_usage_bug+0xc0/0xc0 [ 378.662661] ? print_usage_bug+0xc0/0xc0 [ 378.666706] ? perf_trace_lock+0xd6/0x900 [ 378.670838] ? check_same_owner+0x320/0x320 [ 378.675142] ? do_raw_spin_unlock+0x9e/0x2e0 [ 378.679545] ? __lock_acquire+0x7f5/0x5130 [ 378.683767] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 378.689299] ? graph_lock+0x170/0x170 [ 378.693093] ? debug_check_no_locks_freed+0x310/0x310 [ 378.698278] ? find_held_lock+0x36/0x1c0 [ 378.702331] ? lock_downgrade+0x8e0/0x8e0 [ 378.706461] ? kasan_check_read+0x11/0x20 [ 378.710609] ? do_raw_spin_unlock+0x9e/0x2e0 [ 378.715001] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 378.719585] ? kasan_check_write+0x14/0x20 [ 378.723810] ? do_raw_spin_lock+0xc1/0x200 [ 378.728047] __handle_mm_fault+0x34be/0x4150 [ 378.732449] ? vm_insert_mixed_mkwrite+0x40/0x40 [ 378.737189] ? graph_lock+0x170/0x170 [ 378.740976] ? find_held_lock+0x36/0x1c0 [ 378.745032] ? lock_downgrade+0x8e0/0x8e0 [ 378.749171] ? handle_mm_fault+0x8c0/0xc70 [ 378.753386] handle_mm_fault+0x53a/0xc70 [ 378.757430] ? __handle_mm_fault+0x4150/0x4150 [ 378.761994] ? find_vma+0x34/0x190 [ 378.765521] __do_page_fault+0x60b/0xe40 [ 378.769566] ? mm_fault_error+0x380/0x380 [ 378.773707] ? graph_lock+0x170/0x170 [ 378.777500] do_page_fault+0xee/0x8a7 [ 378.781280] ? vmalloc_sync_all+0x30/0x30 [ 378.785417] ? find_held_lock+0x36/0x1c0 [ 378.789464] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 378.794306] page_fault+0x25/0x50 [ 378.797751] RIP: 0010:copy_user_generic_unrolled+0x86/0xc0 [ 378.803348] RSP: 0018:ffff880189827ce8 EFLAGS: 00010206 [ 378.808691] RAX: ffffed0031304fae RBX: 0000000000000018 RCX: 0000000000000003 [ 378.815945] RDX: 0000000000000000 RSI: 0000000020013000 RDI: ffff880189827d58 [ 378.823194] RBP: ffff880189827d20 R08: ffffed0031304fae R09: ffffed0031304fab [ 378.830451] R10: ffffed0031304fad R11: ffff880189827d6f R12: 0000000020013018 [ 378.837708] R13: 0000000020013000 R14: ffff880189827d58 R15: 00007ffffffff000 [ 378.844981] ? _copy_from_user+0x10d/0x150 [ 378.849206] SyS_sigaltstack+0xae/0x320 [ 378.853166] ? do_sigaction+0xa50/0xa50 [ 378.857127] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 378.862647] ? fput+0x130/0x1a0 [ 378.865912] ? ksys_ioctl+0x81/0xd0 [ 378.869523] ? do_syscall_64+0xb7/0x9d0 [ 378.873483] ? do_sigaction+0xa50/0xa50 [ 378.877441] do_syscall_64+0x29e/0x9d0 [ 378.881311] ? vmalloc_sync_all+0x30/0x30 [ 378.885444] ? _raw_spin_unlock_irq+0x27/0x70 [ 378.889923] ? finish_task_switch+0x1ca/0x820 [ 378.894402] ? syscall_return_slowpath+0x5c0/0x5c0 [ 378.899313] ? syscall_return_slowpath+0x30f/0x5c0 [ 378.904228] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 378.909578] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 378.914407] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 378.919578] RIP: 0033:0x4552d9 [ 378.922747] RSP: 002b:00007ff15ecfec68 EFLAGS: 00000246 ORIG_RAX: 0000000000000083 [ 378.930437] RAX: ffffffffffffffda RBX: 00007ff15ecff6d4 RCX: 00000000004552d9 [ 378.937691] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000020013000 [ 378.944943] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 378.952195] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 378.959445] R13: 0000000000000608 R14: 00000000006fc160 R15: 0000000000000000 2018/04/06 11:41:01 executing program 4: r0 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000200)={r1}, &(0x7f00000000c0)=0x8) close(r0) setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$rdma_cm(0xffffffffffffffff, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080), 0x2}}, 0xfffffe84) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000002c0)={0xffffffffffffe55c, {{0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, [], 0x19}, 0x6c}}, {{0xa, 0x4e20, 0x3f, @remote={0xfe, 0x80, [], 0xbb}}}}, 0x108) 2018/04/06 11:41:01 executing program 1: r0 = socket(0x0, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) r1 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x52, r1, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000002c0)={0x0}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000000200)={r2, 0x6d, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30445cc3106098c1375dee48494f9360a6dceec8517e675add01d6167e244f8f663e3529bed2135afaa69efe4f927cc8fba0718a875d52"}, &(0x7f00000000c0)=0x75) close(r1) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(r0, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) r3 = perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$alg(0x26, 0x5, 0x0) r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000640)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000140), &(0x7f0000000180)) close(r4) sendmmsg(0xffffffffffffffff, &(0x7f0000002280)=[{{&(0x7f00000006c0)=@pppoe={0x18, 0x0, {0x3, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, 'ip6tnl0\x00'}}, 0x80, &(0x7f0000000ec0)=[{&(0x7f0000000740)="964616d1dafb11d6d905ea33bd4eaea0dd04eb847bc0a1210ca9456143e31b8ce14caf4a0646bc639707d10aba3e652495977a7a6d3fc41ef6364c47c2266aa410a490f920f407161207ec5352e1ce6c3822d3a2ae063583609298790a58b73fccaac3665dd78ab4a15d4c12a996799f41dc79b9f3d57a627a7517cb0b51c0cecf43519f19db25073246fa0d8e29d209ee94372325d56aa5ae8d45", 0x9b}], 0x1, &(0x7f0000000f40)=[{0x30, 0x103, 0x918, "b9b0597d21d227c112b74fbadc29c742bca992f94f18f93f4a69"}], 0x30, 0x4045}, 0x610}], 0x1, 0x4001) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x13860b96, 0xa0000) fcntl$getownex(r3, 0x10, &(0x7f0000000680)) 2018/04/06 11:41:01 executing program 5: lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)=@random={'system.', ',eth0wlan1]\x00'}, &(0x7f0000000140)=""/203, 0xcb) capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) msgget(0x2, 0x84) timer_create(0x0, &(0x7f00000003c0)={0x0, 0x2b, 0x4c33d9d425b38351, @thr={&(0x7f0000000240)="118ebfed876eb064fc8230da013c989914968acf8f04406782047fbf9c526e76b9ddf0b986058503ac0a27f7078be25c1387db314b79f71638d4f6db7ba1a8365ece9176592fd4b5f0f5c92f91d672d9a979d37983ba3d883f6645b1f2ad9674d429d4942181f3ed48a04724d41c3534daf11518d61a804afff789920f84cc5b30cef109878a986bfb795081bcbb5f2653dd69df392b811d5a31ae44d1673f3b0a1ed1be0add14b34eca80a150d323566afbdb44bd296c8ba4fc0466c6bfc91b2de71226afedffa1f564d6efa5b034093d001f25c70229ca5debe9b4d012e0c303411cdc9eb48e7665ff28fbbb", &(0x7f0000000340)="264c53d0a72162a8470de41459e4124e10a9230ad6a22027b754ca6fd1ba9913bf961126eff67c3e73a301fad147f12898baf750d1e1ed5f65878e8557814d25a617c1db928e4c69c968b794a24329d4959a93ecac8e0d4fdb4201e7555f6533eabc1d473cb56d4cb96481e3593815c6"}}, &(0x7f0000000400)=0x0) timer_gettime(r0, &(0x7f0000000440)) pivot_root(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00') 2018/04/06 11:41:01 executing program 0: mmap(&(0x7f0000000000/0xeef000)=nil, 0xeef000, 0x4, 0x32, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040), &(0x7f0000000080)=0x8) 2018/04/06 11:41:01 executing program 2: r0 = socket(0x10, 0x3, 0x0) write(r0, &(0x7f0000db4000)="26000000130047f10701c1b00e000000000000000100000009ef18ffff00f132050014006e35", 0x26) r1 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x4, 0x404800) ioctl$KVM_SET_SIGNAL_MASK(r1, 0x4004ae8b, &(0x7f0000000040)=ANY=[@ANYBLOB="7d0000009292d64a1c26e49d654e27c0bc6da540bc30daf4c3fa5b6f8d9aa57d7bc74eb3fb915b06be09f3a4766cc468fafb43a6b686a98537d14ab74be832800f0700d3cbd709e44e9be9ccc5fb66b27c04bd588c1351afe9fc4de344e6eddac5631f3e67ba0b423b8774a9050000000000000042772416d15ac94b5233f1319b"]) 2018/04/06 11:41:01 executing program 7: r0 = socket(0x10, 0x802, 0x0) sync_file_range(r0, 0xffffffff, 0x1, 0x1) sendmsg$nl_generic(r0, &(0x7f0000fc6fc8)={&(0x7f00000000c0)={0x10}, 0x1f1, &(0x7f0000000100)={&(0x7f0000611000)={0x14, 0x18, 0x303, 0x0, 0x0, {0x1d}}, 0xee}, 0x1}, 0x0) 2018/04/06 11:41:01 executing program 6: socket$inet_udp(0x2, 0x2, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000095bffc)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) sendto$inet(r1, &(0x7f0000762fff), 0xfdc7, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001, [0xffffffff00000000]}, 0x10) 2018/04/06 11:41:01 executing program 3: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) fcntl$getownex(0xffffffffffffff9c, 0x10, &(0x7f0000000100)) getpid() fcntl$getown(0xffffffffffffff9c, 0x9) gettid() ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) getpgrp(r0) r1 = memfd_create(&(0x7f0000000080)='em1\x00', 0x2) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000200)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) sigaltstack(&(0x7f0000013000/0x1000)=nil, &(0x7f00000000c0)) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000258f88)) msgsnd(0x0, &(0x7f0000284ff8)={0x3}, 0x0, 0x0) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000240)={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000640)={'\x00', 0x0}) ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f0000000680)=r3) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000b40)={&(0x7f0000011000/0x4000)=nil, 0x4000}) io_setup(0x1000, &(0x7f0000000040)) io_submit(0x0, 0x0, &(0x7f0000000000)) ioctl$VHOST_RESET_OWNER(0xffffffffffffffff, 0xaf02, 0x0) 2018/04/06 11:41:01 executing program 7: socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet_sctp(0x2, 0x1, 0x84) 2018/04/06 11:41:01 executing program 0: perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = gettid() rt_sigtimedwait(&(0x7f0000009ff8)={0xffffffffffff880a}, &(0x7f0000002000), &(0x7f0000010ff0)={0x1}, 0x8) r1 = memfd_create(&(0x7f0000000080)="769cfb85ba903a48d4161b3000", 0x0) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') sendmsg$IPVS_CMD_GET_DEST(r1, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x1c, r2, 0x400, 0x70bd2a, 0x25dfdbfc, {0x8}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x7ff}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x10) mmap(&(0x7f0000002000/0x1000)=nil, 0x1000, 0x3, 0x2012, r1, 0x0) r3 = shmget(0x0, 0x4000, 0x78001010, &(0x7f0000000000/0x4000)=nil) shmctl$IPC_RMID(r3, 0x0) fallocate(r1, 0x0, 0x0, 0x87dc) socket$nl_netfilter(0x10, 0x3, 0xc) mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x1, 0x2011, r1, 0x0) prctl$setname(0xf, &(0x7f0000001fff)='\x00') rt_sigqueueinfo(r0, 0x4, &(0x7f000000f000)={0x0, 0x0, 0x80000001}) 2018/04/06 11:41:01 executing program 4: r0 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000200)={r1}, &(0x7f00000000c0)=0x8) close(0xffffffffffffffff) setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$rdma_cm(0xffffffffffffffff, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080), 0x2}}, 0xfffffe84) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000002c0)={0xffffffffffffe55c, {{0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, [], 0x19}, 0x6c}}, {{0xa, 0x4e20, 0x3f, @remote={0xfe, 0x80, [], 0xbb}}}}, 0x108) 2018/04/06 11:41:01 executing program 5: capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) msgget(0x2, 0x58) r0 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x7, 0x880) getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000140)={0x0, 0x1000, "4873fc47b05a07fbecd9d0c25b6eeb1949d5f60bb5ef669d4dd48a1de2732cab7c43ab569f72c35b93ecfe4ae58ff565ba85af8bba29f76ee28c5fd38126be190c551f4aef69d952167461de0eeb95941a3138762eaf27a5a043cbf46c5d60e2884fc816df114038bfd5422c653c52daaa1838e96d544ed42333c7dfde00df4457cef5273181f68b35919e0bfa37f44676540d7112d1ed8f38e49a7926c1760313b16a9910e51c8b372889fc3eebb1c217132aad6deb982d482ab0ea2677f61624bfe13c870f8751fb69af99a8edaa162be0569f24052b59d5654e745344787b0bceab66d1483c955be496d1afda2aa40f0bc13a0ddedeff14b3046a39e379fa341f67e5fe7ff41a73c9f351a513a520e694ecf45de82ffdd7687b78f8ba3c7d8fa205cbc0a6e52fcddeaafcf68becff2400fee9deded8090d859a94bfbab8c9fadc07a27902c93f92b7a895085c17d332e36fa094ef6063e526f92e3a3eba879da2bcd1e2292878265cfe2a1bbf3bcac2c27a4a333942ef7c913d81686f5a2498b5f54d9cbb1fcf767406ea3548fbbb8915f762b2d67efbf2fb516826281f076c26420c130736c47fdd95cf8263c19528dbb494636ed1063f073a69c0422cce9fb5c7b924d3eac128049b211073cac7be46228a8494f39babdf7cfda95111b5ecce007e5779d09a2b90fe6133e9569e6b024be9d9754a3667a2d6bf6969d27a76f1f920a0956d635696002a1150a5548cc36bd0af673788bcb7f2c8e73fa691cc74a23bcfa0ea165236ceae62b5d883b9450f51852427c88905f4709011cb69bb1ea659c35f33efbb0948c430c835522b5ad7da8c6b7e8ba70001a8b34c1160462f2a20fa9cea4d3cb5e8549c2657045d94ad71c148c7764db17ae19d476bb70d6d181abcf795d6dc7bdb23105dd515a94740af769429015bd5478810f4620711a960e7cb8c29957054da6054bcbc3938a59d70bc3aadd6074ad2012de2464ae5f1f193a5a4a790dc8134a0a6121cd7e7d79e350e73a70ef4f0e37921f0b82295b46d530b7b1f282d4aeb76359d978709f94013504508087fc50a2423aaed6a4fd59c5ccff600825ff19f15aa1b2ce98ea19f670c39c2b58e078026a10867c9146efff2e036b832f26c509bb59155d1712314c741fbfabf7ba1ab21f3db31e35265abe19ac2ba83ad1fd6a34bbab5db757d59b338a25f47a2c07382a8aac36971933fd55a8085f2559a51a6bb586cf8f4332388092999c2b5b72ee10ed9a3e7a662606d18a6789455f7ae716d8a4690b80b57f6f89500a25c76109addc926cff2b0eabab240d3bbb9046a4fe428c794eb8049f4d62cef0ebb6982149f0e435adcf4767f9ae5b3d3330674edc168ad080c603c25cde794242219039c0f0037b48cdc253bf02d421d82fada18c21dab41388d16202a8a7712247fb2119e54a404ae4c06531b860987e614948c88e43f1645036a00caa0fd40899a5b5f57d6eacb9e555bc33af6faebb9292991996ccf251036f88486d4d263116e6af9ecc74642a072a16b40129526507a03de0a49799de69d4f8557e5f9212684df400d1d342ccd6f9dfa48a506b6dea3ea85d34dfe4f2cdd64ee3c910942a9476338e662ea396d976ef329f340ecf984669196e65c5d2cb6b3e692406f019949683e8238f402ae5e651b562b84bcaba53b4063121b5229c98b762531cb7bbcbaad1d9cf6880ec315a14490c1792cc3a3be1f3bf713a1ef896638c8615b0084aee712352c20ba75257af81d62be709ffd3d13f9e516e0fccd8c9cd01a2f9df3ca83eb0d2424bceb9875e2ac531fe766ffdf06ce5b8eddaa4bbdc38dc85d11d2b816c16fce2f250737970fa57231d9c1be3a017273add1a33d8a6a36e205efdb9ca34b81528e65da7e8a04ffa6fcffaefce59f97844e503ce085f1b0491a14eb5a9e2688f8b4c97383fa1e7b58675813c699895b3a07c2cd6cd7aa330a5b94be5eca8c8d3b1713be2ccf4425f5c4fbaefae319ca3c345b5d815eb0ee24b3bc8da4a5596cc8caaec2d8984da84dc41d2170edb4f838146a8008129dbdb573267d1f28e3ea267c8de5699fe6f7aa2320160e61687609ef7d41e79eaa6d2a832fe4f185ccf9dfdeba034ff77ede40f5b1f7321f549d7bbcd8c5cd1c728e1d051ae6af981add20b40891e7873fdca4d6e9a25d1a6813d4b9103d348d4b0e9c61db51e8147e1512b66ad221cb57a8409b911747a6d72a1cd63c85445d64f7399653f3c45a4a02a9283aaec8797b98790088eab6b566682d93c6f2f19eb48e76b8217e600e84f33c89fd9c4233a178bad0012880e7260bc80efacddd83c5be7898f1f36e25f0604605a618293012a12ef614bee7f063f85c60274ab6b05618f759d56a18f4cfe0107ed4cefeed9fc2834a04369083b0a3e665b04c115eef33a16eeaa100b0fad22d64e1d91d025a43c36b51ca68a4fb31e976a86a4a58db7800eccd68794647cb60435c14b0dac79eae167cb34a821cb2553c0b70b7368abf4e428ffa6071a28d927e6b372ae8729e12dab1c021f0fc2df873ded21d5dac71a81f93a44f7bb75e9be27c25de781e0c87c9257f0f084f7528b3a5f4385993b90441203fff59db034ad74c61ff3d7ac6b5a9355030d8542f188925073b654996c717f3536da1c28a8de97e5f67d34b07ae5e1f215e67dde0811933485906c169d6cba2ba3f4257f43aed153164ec2937f0525aaf2d6f97640e17a9e4a39367f4a61dd1b1623371b686c13ba5d4bbb0fc15f607d250b88b542f61bab454f09de8dd98355ed4b60ba857afd9344730d9479afa82b03a8a0c34d9f0324eb1c736659e5829b094f4313648fc35d5398f7dd03cfc9ac74b921184ffbca0de7360c8eb526aa42158a3efe47d04ffe40905dfd7836b63ffe8146adba2fcfe7349c7a628113957d0e805da23a98659477103555695c835a106b8f2c04e192464c489e64890b6ad1604dc012e54e2b7f4ebb738d3afb539535f54f757c0229c197d72cb98ccd090e5e94bb575e4211b0c8e7a41ee6db1b9516dd5b597439d27b3ecb3e1e76989b00735dc7def96eceb5513b1ae020467e3e960166c73ca76725a8fc9e362cd43451f0a7872408d48c6725d1f2be0f42e088766c89b9e494db42c44894927b5377567e1d4acc7de2cfefde7f56957b8dec1b545fbc1d4b6517db6b70cef52e08bedf0d62bea523a80095c7ec368645bb21711a0f8ec8e977046eb858fa7742a1267b3bb1b722102d38b9fcb12234c3556a034a40947d54a2d511142f83880466d0c64afe2e6983f83d61c76a40b6a936303bf75e336c49a52f0a39f4d7b55436231afe84e835203aa2dd43e8b27945f0d6af799208f576b60536e2b757686153eb099c402e28ad62b5ac702f010de737d90b2d5e578aee8c2f3386a3aebe90d005608cc2434507ac0c3052c0bc069b08e08c0108552a6a33be024aea76ab34325a7e2433b1ab64a16d872970a90990c039475f75ea78acab34f01d7a7b6f3f7e782752929532988c8ad1cff8f91f886d458d3cfbeb42ee012755804a95e3f235b9800f89deffbc2cc83e1a3e143dfa53a3b1b606d90f869e364adefe5b70f822d63794411ae7350d3161ba6368cbd6b31e4b76c4770a183bd88df9068fa01e56bb575eab0b29f85236198421c40d27bc81e47eebc17c08872d187e4ac09a9c3bd1397b4a71a7fc0cf272a321d1eb852de2a7d42f9d2830fa489a035077779fe032ec29b89050c5c6b445c730a4df9f1793e98ae2fdd8486d59fa38fa9182217ca4d78b7b0082235410a653cbf9180b243a25cc0bee5826a9e25888e1253501f5ea50d9d12b3a6895b30cbdbe67a1a687c7806373b93dad9e73056e462a35c699ce87dc0add38babe6c0dd7b189524a4b038ef4bdec196c6b07b99cfe077fa8137dc8eb04cae4b1acc678909b2ab63a70645f9176410ba72342612aa86431122ea594594d2ae1e403055c1cc1ac6ac3e8bb4ca42dfb0f7c105ff5aa4f05d42f5e199c68c180e4ece81bb70d4f9c0b2e0a621fa70ac8468f102da19a5316f205e69b9f573d80e524092ce504a4d11655bdacfb38fa036b2f006baadbada9148cab991e598b41bd5579a4354b35954add09f37d2cce35e503aad7c8755ac8b9367fedded7b94c71d085df215479a14ac851b8ac35cee74a37425e4aab2b815d4e3e4f28aaa4411e92d97736314b6a7b35d89563f2d2c691f06dcc95b41526d905818163d0819c5690633ae3346f54016d9f94ebe63395cbb4e9f1e2a186702a324fab90514802e3b578ab6a8a48f4928898af8ed1302f25286faf015307466ee894ee98935311a5bd14aa7bd1d3b1f5014b76051a43b5d79d18f312d69830ebe94c001ddf4950939c06e21ffea35e8e3174db468844146ef6143d9c0193339e30e79a6199860a8463574e37dfae910145b9a84196303d17835a43fbe36025c9492bf5413c53d148685062261e34797fd79af70fd2d09569e93df7ad4bdad5a3919851522827e82e3739c46bfa3967e065c8646cbaa92555090dae5d6c25143d76a99b33e6a776d34729b5016c7d17067b20d6135837cc7218db638a86b8b30a5b68c4cf1c83339c68a4b393d658f4c5f0996b0c46ce69d4c3fa5d73ddc5f1758e12672066e6c5b91fd58045beaaae8b5e6c7577ac4f90299d97c1244baf8e069862e9795ffc7a97badb6c6cbfcaa8ece6b015520c4c80bf34302a08b20c09789edfd3521fe77c7095f916dac46ffa7b36eccb04cbbb52ccfe93c08f0e061306a1bf3dc64b5338c60bbc8cce373c497e0e95372bd7da81b1a7b5c878e033efa33ffb4df19ec112212a88b660cd9fcae9b1f478a96f37635d58b8461c65240898dde1275fd153b58251f4f4f4ece7d603adf3a8086ce06e773e54eb6ecf012b6dd6f157bb9a4b8e595e25e2a2f24d4b69eb2394c42dfa0295d3b2c490af158193a2144f3fae99e511ebbd10bec01bf390045ee5e19d42683737307d28fe9f022b45ee6842c593403a5aa31bb1ed7f00b9d736beacff4e30fd0b7e102b713ff7ecb99d95101bfd6e230314ce026fb61ab3ef3dc6dc5c169e6b0587712081e693ae7e7813f5d398a321227f235e78160d670823cbb985a5b3316a87ebc861448a2ccae28d2c5cceaf0835aa0e4ac802a89b9f513e1ef67a885125aabdefd57d9b2202fd3dda7ef9804ec65221aa4c9238f0eeb5f058354498bf3a2d9b8d08fe7ba425b20247e2bfcb0f543ad834bfc3b24a0da927bf93e5c2bb968f90f688207616eb4865418e7764d1de8c9cbb1d501271177f42fdebd76301b3a211d60318168495e064d1280f327ae645d8e2c51885693e992422003403ce4fe35a5c8995cf952855b10e097570af70fbac6762568f77f3aa4b22ebeae84937f8f077e701bc8753626aa54466218816c07f8ca88836731d9fa0ed47d87f770e76af54cb22b0762ca40ce35f8fa2f70fb92b478976ac9447d9845ac43d7d771b8fe2f124698b8b797f5422a05b6ed306eacd9a630fcfd899305a296bfcf83ca006de49ea560930fe78da8e1b6102332c92077daa7e6a71d2284f3a270fb8b48ef06ae3a6461ac7c0b208004fb1c52ea840f86fecf369a290f0c6de03358cc9a324b9d63ac2da53f94b7f7302dcabce68235dc822c19e84bc22644d1c10291c8796f58cfefcf3426c6570d1bf0df88d9a6a02df65de01c8890e89d4089b6c8b233c624e06ddb1634a65f8f585c5c665c334d847346f997d88c06e1dfe77fcaef45c5a7b689db456694b65e57e7a44466f2aabe"}, &(0x7f0000000040)=0x1008) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000001180)={r1, @in={{0x2, 0x4e22, @multicast2=0xe0000002}}, 0x4, 0xfffffffffffffc01}, 0x90) ioctl$DRM_IOCTL_AGP_ENABLE(r0, 0x40086432, &(0x7f0000000080)=0x5) [ 379.323409] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready [ 379.360656] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready 2018/04/06 11:41:01 executing program 1: r0 = socket(0x0, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) r1 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x52, r1, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000200)={r2, 0x6d, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30445cc3106098c1375dee48494f9360a6dceec8517e675add01d6167e244f8f663e3529bed2135afaa69efe4f927cc8fba0718a875d52"}, &(0x7f00000000c0)=0x75) close(r1) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(r0, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) r3 = perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$alg(0x26, 0x5, 0x0) r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000640)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000140), &(0x7f0000000180)) close(r4) sendmmsg(0xffffffffffffffff, &(0x7f0000002280)=[{{&(0x7f00000006c0)=@pppoe={0x18, 0x0, {0x3, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, 'ip6tnl0\x00'}}, 0x80, &(0x7f0000000ec0)=[{&(0x7f0000000740)="964616d1dafb11d6d905ea33bd4eaea0dd04eb847bc0a1210ca9456143e31b8ce14caf4a0646bc639707d10aba3e652495977a7a6d3fc41ef6364c47c2266aa410a490f920f407161207ec5352e1ce6c3822d3a2ae063583609298790a58b73fccaac3665dd78ab4a15d4c12a996799f41dc79b9f3d57a627a7517cb0b51c0cecf43519f19db25073246fa0d8e29d209ee94372325d56aa5ae8d45", 0x9b}], 0x1, &(0x7f0000000f40)=[{0x30, 0x103, 0x918, "b9b0597d21d227c112b74fbadc29c742bca992f94f18f93f4a69"}], 0x30, 0x4045}, 0x610}], 0x1, 0x4001) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x13860b96, 0xa0000) fcntl$getownex(r3, 0x10, &(0x7f0000000680)) 2018/04/06 11:41:01 executing program 6: socket$inet_udp(0x2, 0x2, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000095bffc)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) sendto$inet(r1, &(0x7f0000762fff), 0xfdc7, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001, [0x17a7000000000000]}, 0x10) 2018/04/06 11:41:01 executing program 2: r0 = socket(0x1e, 0x805, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000, 0x0, 0x2, 0x3ff}, 0xfeda) listen(r0, 0x0) sendmsg(r0, &(0x7f0000030000)={&(0x7f00004f5000)=@generic={0x10000000001e, "0100000900000000000000000226cc573c080000003724c71e14dd6a739effea1b48006be61ffe0000e103000000f8000004003f010039d8f986ff01000300000004af50d50700000000000000e3ad316a1983000000001d00e0dfcb24281e27800000100076c3979ac40000bd15020078a1dfd300881a8365b1b16d7436"}, 0x80, &(0x7f0000447ff0), 0x0, &(0x7f00006e9c68)}, 0x0) accept$ipx(r0, &(0x7f0000000080), &(0x7f00000000c0)=0x10) r1 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x4cce, 0x410000) ioctl$SNDRV_CTL_IOCTL_TLV_COMMAND(r1, 0xc008551c, &(0x7f0000000100)={0x80}) 2018/04/06 11:41:01 executing program 7: r0 = socket(0x200000000000010, 0x2, 0x9) write(r0, &(0x7f0000000100)="1f000000f90300ff1400000120ce00000700090000a5a34dbac2ae00e1ff000000000101016c9e0000000000bbffff74", 0x30) setsockopt$SO_RDS_MSG_RXPATH_LATENCY(r0, 0x114, 0xa, &(0x7f0000000000)={0x3, "d285e4"}, 0x4) 2018/04/06 11:41:01 executing program 5: capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x4}) msgget(0x2, 0x58) [ 380.159723] FAULT_FLAG_ALLOW_RETRY missing 30 [ 380.164337] CPU: 1 PID: 24188 Comm: syz-executor3 Not tainted 4.16.0+ #3 [ 380.171171] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 380.180523] Call Trace: [ 380.183102] dump_stack+0x1b9/0x294 [ 380.186713] ? dump_stack_print_info.cold.2+0x52/0x52 [ 380.191889] ? kasan_check_write+0x14/0x20 [ 380.196119] ? do_raw_spin_lock+0xc1/0x200 [ 380.200371] handle_userfault.cold.32+0x44/0x57 [ 380.205030] ? handle_userfault+0x16c6/0x2760 [ 380.209516] ? userfaultfd_ioctl+0x4d10/0x4d10 [ 380.214083] ? debug_check_no_locks_freed+0x310/0x310 [ 380.219268] ? find_held_lock+0x36/0x1c0 [ 380.223316] ? print_usage_bug+0xc0/0xc0 [ 380.227365] ? print_usage_bug+0xc0/0xc0 [ 380.231434] ? perf_trace_lock_acquire+0xe3/0x980 [ 380.236290] ? perf_trace_lock+0x900/0x900 [ 380.240529] ? __lock_acquire+0x7f5/0x5130 [ 380.244762] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 380.250286] ? graph_lock+0x170/0x170 [ 380.254079] ? debug_check_no_locks_freed+0x310/0x310 [ 380.259258] ? find_held_lock+0x36/0x1c0 [ 380.263308] ? lock_downgrade+0x8e0/0x8e0 [ 380.267447] ? kasan_check_read+0x11/0x20 [ 380.271584] ? do_raw_spin_unlock+0x9e/0x2e0 [ 380.275978] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 380.280545] ? kasan_check_write+0x14/0x20 [ 380.284759] ? do_raw_spin_lock+0xc1/0x200 [ 380.288980] __handle_mm_fault+0x34be/0x4150 [ 380.293374] ? vm_insert_mixed_mkwrite+0x40/0x40 [ 380.298113] ? graph_lock+0x170/0x170 [ 380.301903] ? find_held_lock+0x36/0x1c0 [ 380.305955] ? lock_downgrade+0x8e0/0x8e0 [ 380.310094] ? handle_mm_fault+0x8c0/0xc70 [ 380.314312] handle_mm_fault+0x53a/0xc70 [ 380.318358] ? __handle_mm_fault+0x4150/0x4150 [ 380.322924] ? find_vma+0x34/0x190 [ 380.326450] __do_page_fault+0x60b/0xe40 [ 380.330496] ? mm_fault_error+0x380/0x380 [ 380.334636] ? graph_lock+0x170/0x170 [ 380.338421] do_page_fault+0xee/0x8a7 [ 380.342214] ? vmalloc_sync_all+0x30/0x30 [ 380.346357] ? find_held_lock+0x36/0x1c0 [ 380.350415] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 380.355243] page_fault+0x25/0x50 [ 380.358677] RIP: 0010:copy_user_generic_unrolled+0x86/0xc0 [ 380.364275] RSP: 0018:ffff88018ecd7ce8 EFLAGS: 00010206 [ 380.369619] RAX: ffffed0031d9afae RBX: 0000000000000018 RCX: 0000000000000003 [ 380.376871] RDX: 0000000000000000 RSI: 0000000020013000 RDI: ffff88018ecd7d58 [ 380.384133] RBP: ffff88018ecd7d20 R08: ffffed0031d9afae R09: ffffed0031d9afab [ 380.391402] R10: ffffed0031d9afad R11: ffff88018ecd7d6f R12: 0000000020013018 [ 380.398676] R13: 0000000020013000 R14: ffff88018ecd7d58 R15: 00007ffffffff000 [ 380.405972] ? _copy_from_user+0x10d/0x150 [ 380.410199] SyS_sigaltstack+0xae/0x320 [ 380.414159] ? do_sigaction+0xa50/0xa50 [ 380.418123] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 380.423645] ? fput+0x130/0x1a0 [ 380.426912] ? ksys_ioctl+0x81/0xd0 [ 380.430524] ? do_syscall_64+0xb7/0x9d0 [ 380.434486] ? do_sigaction+0xa50/0xa50 [ 380.438448] do_syscall_64+0x29e/0x9d0 [ 380.442325] ? vmalloc_sync_all+0x30/0x30 [ 380.446465] ? _raw_spin_unlock_irq+0x27/0x70 [ 380.450949] ? finish_task_switch+0x1ca/0x820 [ 380.455431] ? syscall_return_slowpath+0x5c0/0x5c0 [ 380.460346] ? syscall_return_slowpath+0x30f/0x5c0 [ 380.465265] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 380.470618] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 380.475449] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 380.480623] RIP: 0033:0x4552d9 [ 380.483798] RSP: 002b:00007ff15ecfec68 EFLAGS: 00000246 ORIG_RAX: 0000000000000083 [ 380.491493] RAX: ffffffffffffffda RBX: 00007ff15ecff6d4 RCX: 00000000004552d9 [ 380.498747] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000020013000 [ 380.505998] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 380.513256] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 380.520509] R13: 0000000000000608 R14: 00000000006fc160 R15: 0000000000000000 2018/04/06 11:41:03 executing program 4: r0 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000200)={r1}, &(0x7f00000000c0)=0x8) close(r0) setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x65, 0x5, &(0x7f0000000000), 0x4) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$rdma_cm(0xffffffffffffffff, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080), 0x2}}, 0xfffffe84) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000002c0)={0xffffffffffffe55c, {{0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, [], 0x19}, 0x6c}}, {{0xa, 0x4e20, 0x3f, @remote={0xfe, 0x80, [], 0xbb}}}}, 0x108) 2018/04/06 11:41:03 executing program 7: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00003e0000)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc)) r1 = syz_open_pts(r0, 0x10000000000) read(r1, &(0x7f0000a8bfff)=""/1, 0x805031ae) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000180)) r2 = memfd_create(&(0x7f0000000340)='-md5sum:$em1\x00', 0x3) ioctl$LOOP_CLR_FD(r2, 0x4c01) ioctl$TCXONC(r1, 0x540a, 0x3) r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vga_arbiter\x00', 0x800, 0x0) setsockopt$bt_BT_FLUSHABLE(r3, 0x112, 0x8, &(0x7f0000000100)=0x40, 0x4) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_inet_SIOCSIFNETMASK(r4, 0x891c, &(0x7f0000000040)={'bcsh0\x00', {0x2, 0x4e22, @multicast1=0xe0000001}}) syz_open_pts(r0, 0x200000) setsockopt$sock_int(r5, 0x1, 0xa, &(0x7f0000000080)=0xd3, 0x4) bind$ax25(r3, &(0x7f0000000380)={0x3, {"f1a68b12f3a114"}, 0x5}, 0x10) ioctl$TIOCGSID(r1, 0x5429, &(0x7f00000001c0)=0x0) ptrace$setregs(0xf, r6, 0x2, &(0x7f0000000200)) r7 = dup3(r1, r0, 0x0) r8 = accept4$inet(r3, &(0x7f0000000200)={0x0, 0x0, @dev}, &(0x7f0000000240)=0x10, 0x80000) accept(r8, &(0x7f0000000280)=@in6={0x0, 0x0, 0x0, @dev}, &(0x7f0000000300)=0x80) ioctl$TCFLSH(r0, 0x540b, 0x0) setsockopt$inet_tcp_int(r7, 0x6, 0x1e, &(0x7f0000000140)=0x6000000000000000, 0x4) 2018/04/06 11:41:03 executing program 5: capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc\x00', 0x0, 0x0) ioctl$TIOCGSOFTCAR(r0, 0x5419, &(0x7f0000000040)) msgget(0x2, 0x58) 2018/04/06 11:41:03 executing program 2: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x9, 0x0, 0x0, 0x0, 0xffff7fffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa3, 0x0, 0x3f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/if_inet6\x00') setsockopt$RDS_RECVERR(r0, 0x114, 0x5, &(0x7f0000000080), 0x4) getsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000100), &(0x7f0000000140)=0x8) r1 = socket(0xa, 0x2, 0x88) r2 = socket$netlink(0x10, 0x3, 0x4) perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet(r1, &(0x7f0000ffdff0)={0x2, 0x0, @loopback=0x7f000001}, 0x10) socketpair(0x10, 0x800, 0x10001, &(0x7f0000000180)) writev(r2, &(0x7f0000644ff0)=[{&(0x7f0000001200)="480000001400257f09004b01fcfc8c560a880000f21759ef783be00600000000000000a2bc560300000000000000200028213ee20600000000ef00ffff5bf1ff00c7e5ed58000000", 0x48}], 0x1) signalfd(r0, &(0x7f0000000040)={0x7}, 0x8) preadv(r0, &(0x7f0000b5cff8)=[{&(0x7f00006f0000)=""/154, 0x9a}], 0x1, 0x0) 2018/04/06 11:41:03 executing program 6: socket$inet_udp(0x2, 0x2, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000095bffc)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) sendto$inet(r1, &(0x7f0000762fff), 0xfdc7, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001, [0x7733]}, 0x10) 2018/04/06 11:41:03 executing program 1: r0 = socket(0x0, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) r1 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x52, r1, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000200)={r2, 0x6d, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30445cc3106098c1375dee48494f9360a6dceec8517e675add01d6167e244f8f663e3529bed2135afaa69efe4f927cc8fba0718a875d52"}, &(0x7f00000000c0)=0x75) close(r1) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(r0, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) r3 = perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$alg(0x26, 0x5, 0x0) r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000640)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000140), &(0x7f0000000180)) close(r4) sendmmsg(0xffffffffffffffff, &(0x7f0000002280)=[{{&(0x7f00000006c0)=@pppoe={0x18, 0x0, {0x3, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, 'ip6tnl0\x00'}}, 0x80, &(0x7f0000000ec0)=[{&(0x7f0000000740)="964616d1dafb11d6d905ea33bd4eaea0dd04eb847bc0a1210ca9456143e31b8ce14caf4a0646bc639707d10aba3e652495977a7a6d3fc41ef6364c47c2266aa410a490f920f407161207ec5352e1ce6c3822d3a2ae063583609298790a58b73fccaac3665dd78ab4a15d4c12a996799f41dc79b9f3d57a627a7517cb0b51c0cecf43519f19db25073246fa0d8e29d209ee94372325d56aa5ae8d45", 0x9b}], 0x1, &(0x7f0000000f40)=[{0x30, 0x103, 0x918, "b9b0597d21d227c112b74fbadc29c742bca992f94f18f93f4a69"}], 0x30, 0x4045}, 0x610}], 0x1, 0x4001) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x13860b96, 0xa0000) fcntl$getownex(r3, 0x10, &(0x7f0000000680)) 2018/04/06 11:41:03 executing program 3: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) fcntl$getownex(0xffffffffffffff9c, 0x10, &(0x7f0000000100)) getpid() fcntl$getown(0xffffffffffffff9c, 0x9) gettid() ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) getpgrp(r0) r1 = memfd_create(&(0x7f0000000080)='em1\x00', 0x2) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000200)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) sigaltstack(&(0x7f0000013000/0x1000)=nil, &(0x7f00000000c0)) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000258f88)) msgsnd(0x0, &(0x7f0000284ff8)={0x3}, 0x0, 0x0) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000240)={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000640)={'\x00', 0x0}) ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f0000000680)=r3) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000b40)={&(0x7f0000011000/0x4000)=nil, 0x4000}) io_setup(0x1000, &(0x7f0000000040)) io_submit(0x0, 0x0, &(0x7f0000000000)) ioctl$VHOST_RESET_OWNER(0xffffffffffffffff, 0xaf02, 0x0) 2018/04/06 11:41:03 executing program 0: r0 = socket(0x1e, 0x2000000000000005, 0x101) ioctl$sock_SIOCETHTOOL(r0, 0x89f0, &(0x7f0000000380)={'bridge0\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="ac00000000000000000000000000000000"]}) 2018/04/06 11:41:03 executing program 0: mkdir(&(0x7f000063543e)='./file0\x00', 0x0) mount(&(0x7f0000018000)='./file0\x00', &(0x7f0000a9eff8)='./file0\x00', &(0x7f00007fcffa)='ramfs\x00', 0x0, &(0x7f000000a000)) chroot(&(0x7f0000fddff8)='./file0\x00') mount(&(0x7f0000000140)='./file0\x00', &(0x7f00009a2ff8)='./file0\x00', &(0x7f0000ab4000)='aufs\x00', 0x2002fff, 0x0) unshare(0x200) chdir(&(0x7f0000bddc23)='./file0\x00') socketpair(0x13, 0x8000a, 0x4, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$KVM_SET_PIT2(r0, 0x4070aea0, &(0x7f0000000040)={[{0x3, 0x7, 0x800, 0x9, 0x20, 0xd13, 0xffffffffffffffff, 0x3, 0x7, 0x8, 0x9, 0x101, 0x19}, {0x6, 0x100000000, 0x2, 0x5, 0x1, 0x1f, 0xf56f, 0x1, 0x79, 0x100000000, 0x9, 0x4, 0x8000}, {0xed, 0x7, 0x0, 0x0, 0xfc4, 0xff, 0x2, 0x4, 0x8, 0x4, 0x3, 0x1f, 0x5}], 0x7}) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000100)={&(0x7f00000000c0)='./file0\x00', r1}, 0x10) poll(&(0x7f00006cd000), 0x0, 0xfffffffffffffffa) pivot_root(&(0x7f0000359ff8)='./file0\x00', &(0x7f00007d7ff8)='./file0\x00') pivot_root(&(0x7f00000e6ff8)='./file0\x00', &(0x7f0000451000)='./file0\x00') 2018/04/06 11:41:03 executing program 5: capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) msgget(0x2, 0x58) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x200000, 0x0) socketpair$inet_icmp(0x2, 0x2, 0x1, &(0x7f0000000040)) 2018/04/06 11:41:03 executing program 4: r0 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000200)={r1}, &(0x7f00000000c0)=0x8) close(r0) setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x65, 0x5, &(0x7f0000000000), 0x4) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$rdma_cm(0xffffffffffffffff, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080), 0x2}}, 0xfffffe84) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000002c0)={0xffffffffffffe55c, {{0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, [], 0x19}, 0x6c}}, {{0xa, 0x4e20, 0x3f, @remote={0xfe, 0x80, [], 0xbb}}}}, 0x108) 2018/04/06 11:41:03 executing program 1: r0 = socket(0x0, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) r1 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x52, r1, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000200)={r2, 0x6d, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30445cc3106098c1375dee48494f9360a6dceec8517e675add01d6167e244f8f663e3529bed2135afaa69efe4f927cc8fba0718a875d52"}, &(0x7f00000000c0)=0x75) close(r1) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(r0, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) r3 = perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$alg(0x26, 0x5, 0x0) r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000640)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000140), &(0x7f0000000180)) close(r4) sendmmsg(0xffffffffffffffff, &(0x7f0000002280)=[{{&(0x7f00000006c0)=@pppoe={0x18, 0x0, {0x3, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, 'ip6tnl0\x00'}}, 0x80, &(0x7f0000000ec0)=[{&(0x7f0000000740)="964616d1dafb11d6d905ea33bd4eaea0dd04eb847bc0a1210ca9456143e31b8ce14caf4a0646bc639707d10aba3e652495977a7a6d3fc41ef6364c47c2266aa410a490f920f407161207ec5352e1ce6c3822d3a2ae063583609298790a58b73fccaac3665dd78ab4a15d4c12a996799f41dc79b9f3d57a627a7517cb0b51c0cecf43519f19db25073246fa0d8e29d209ee94372325d56aa5ae8d45", 0x9b}], 0x1, &(0x7f0000000f40)=[{0x30, 0x103, 0x918, "b9b0597d21d227c112b74fbadc29c742bca992f94f18f93f4a69"}], 0x30, 0x4045}, 0x610}], 0x1, 0x4001) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x13860b96, 0xa0000) fcntl$getownex(r3, 0x10, &(0x7f0000000680)) 2018/04/06 11:41:03 executing program 6: socket$inet_udp(0x2, 0x2, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000095bffc)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) sendto$inet(r1, &(0x7f0000762fff), 0xfdc7, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001, [0x300]}, 0x10) 2018/04/06 11:41:03 executing program 2: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$sndseq(&(0x7f0000f3eff3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0) r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x80000, 0x0) ioctl$KVM_GET_PIT2(r2, 0x8070ae9f, &(0x7f0000000080)) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r1, 0xc0a85352, &(0x7f0000000100)={{}, 'port0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8abf}) fallocate(r2, 0x1, 0x1000, 0x40) setsockopt$IP6T_SO_SET_ADD_COUNTERS(r2, 0x29, 0x41, &(0x7f00000001c0)={'raw\x00', 0x5, [{}, {}, {}, {}, {}]}, 0x78) [ 381.541482] FAULT_FLAG_ALLOW_RETRY missing 30 [ 381.546107] CPU: 0 PID: 24262 Comm: syz-executor3 Not tainted 4.16.0+ #3 [ 381.552941] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 381.562285] Call Trace: [ 381.564866] dump_stack+0x1b9/0x294 [ 381.568497] ? dump_stack_print_info.cold.2+0x52/0x52 [ 381.573679] ? kasan_check_write+0x14/0x20 [ 381.577901] ? do_raw_spin_lock+0xc1/0x200 [ 381.582121] handle_userfault.cold.32+0x44/0x57 [ 381.586776] ? handle_userfault+0x16c6/0x2760 [ 381.591257] ? userfaultfd_ioctl+0x4d10/0x4d10 [ 381.595826] ? debug_check_no_locks_freed+0x310/0x310 [ 381.601002] ? find_held_lock+0x36/0x1c0 [ 381.605066] ? print_usage_bug+0xc0/0xc0 [ 381.609136] ? print_usage_bug+0xc0/0xc0 [ 381.613201] ? check_same_owner+0x320/0x320 [ 381.617527] ? do_raw_spin_unlock+0x9e/0x2e0 [ 381.621943] ? __lock_acquire+0x7f5/0x5130 [ 381.626186] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 381.631738] ? graph_lock+0x170/0x170 [ 381.635559] ? debug_check_no_locks_freed+0x310/0x310 [ 381.640763] ? find_held_lock+0x36/0x1c0 [ 381.644843] ? lock_downgrade+0x8e0/0x8e0 [ 381.649011] ? kasan_check_read+0x11/0x20 [ 381.653166] ? do_raw_spin_unlock+0x9e/0x2e0 [ 381.657580] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 381.662163] ? kasan_check_write+0x14/0x20 [ 381.666380] ? do_raw_spin_lock+0xc1/0x200 [ 381.670597] __handle_mm_fault+0x34be/0x4150 [ 381.674989] ? vm_insert_mixed_mkwrite+0x40/0x40 [ 381.679738] ? graph_lock+0x170/0x170 [ 381.683539] ? find_held_lock+0x36/0x1c0 [ 381.687613] ? lock_downgrade+0x8e0/0x8e0 [ 381.691766] ? handle_mm_fault+0x8c0/0xc70 [ 381.695984] handle_mm_fault+0x53a/0xc70 [ 381.700044] ? __handle_mm_fault+0x4150/0x4150 [ 381.704628] ? find_vma+0x34/0x190 [ 381.708171] __do_page_fault+0x60b/0xe40 [ 381.712239] ? mm_fault_error+0x380/0x380 [ 381.716389] ? graph_lock+0x170/0x170 [ 381.720183] do_page_fault+0xee/0x8a7 [ 381.723963] ? vmalloc_sync_all+0x30/0x30 [ 381.728093] ? find_held_lock+0x36/0x1c0 [ 381.732138] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 381.736963] page_fault+0x25/0x50 [ 381.740403] RIP: 0010:copy_user_generic_unrolled+0x86/0xc0 [ 381.746002] RSP: 0018:ffff8801c658fce8 EFLAGS: 00010206 [ 381.751354] RAX: ffffed0038cb1fae RBX: 0000000000000018 RCX: 0000000000000003 [ 381.758600] RDX: 0000000000000000 RSI: 0000000020013000 RDI: ffff8801c658fd58 [ 381.765849] RBP: ffff8801c658fd20 R08: ffffed0038cb1fae R09: ffffed0038cb1fab [ 381.773095] R10: ffffed0038cb1fad R11: ffff8801c658fd6f R12: 0000000020013018 [ 381.780353] R13: 0000000020013000 R14: ffff8801c658fd58 R15: 00007ffffffff000 [ 381.787619] ? _copy_from_user+0x10d/0x150 [ 381.791836] SyS_sigaltstack+0xae/0x320 [ 381.795799] ? do_sigaction+0xa50/0xa50 [ 381.799764] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 381.805280] ? fput+0x130/0x1a0 [ 381.808539] ? ksys_ioctl+0x81/0xd0 [ 381.812150] ? do_syscall_64+0xb7/0x9d0 [ 381.816115] ? do_sigaction+0xa50/0xa50 [ 381.820071] do_syscall_64+0x29e/0x9d0 [ 381.823938] ? vmalloc_sync_all+0x30/0x30 [ 381.828068] ? _raw_spin_unlock_irq+0x27/0x70 [ 381.832547] ? finish_task_switch+0x1ca/0x820 [ 381.837031] ? syscall_return_slowpath+0x5c0/0x5c0 [ 381.841942] ? syscall_return_slowpath+0x30f/0x5c0 [ 381.846858] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 381.852207] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 381.857038] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 381.862206] RIP: 0033:0x4552d9 [ 381.865378] RSP: 002b:00007ff15ecfec68 EFLAGS: 00000246 ORIG_RAX: 0000000000000083 [ 381.873079] RAX: ffffffffffffffda RBX: 00007ff15ecff6d4 RCX: 00000000004552d9 [ 381.880329] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000020013000 [ 381.887574] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 381.894822] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 381.902071] R13: 0000000000000608 R14: 00000000006fc160 R15: 0000000000000000 2018/04/06 11:41:04 executing program 5: capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) msgget(0x2, 0x58) r0 = perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x3, 0x8, 0x6, 0x10000, 0x0, 0x9dd, 0x3201, 0x4, 0x8, 0x8, 0x2, 0x3ff, 0x10000, 0x80, 0x7, 0x4, 0x298e6314, 0x1000, 0x9, 0x2, 0x5, 0x2, 0xfffffffffffffff9, 0x3, 0x3f, 0x10001, 0x7, 0x8001, 0x4, 0x10001, 0x8, 0xfffffffffffffff8, 0xe86, 0x7, 0x6, 0x4, 0x0, 0xfff, 0x4, @perf_bp={&(0x7f0000000000), 0x2}, 0x2000, 0xf2, 0x9, 0x7, 0x101, 0x0, 0x1000}, 0x0, 0x3, 0xffffffffffffffff, 0x8) write$binfmt_aout(r0, &(0x7f0000000140)={{0x1cf, 0x71, 0x228, 0x352, 0x2b8, 0x0, 0x7, 0x4}, "6825faf2be914d5fa1a742e7c69745fb964df578900a4eeedc941fb59d7e2146ce28fb575d6ffce4a6380a3bda1a03fd5b9c12413e2ef50edefc99ce7983a0fbea4007d0d67fb7665839395e40f37841328416959b210ad4de57fd1bbe4ec1d111a8be518697706d980432c5e32064f32a72a3b2dfcae7fd162211e0674becd7b41469de85fc55f1651fb60668d1c94200011e3d1fa147cf52ead61d4e3e88addb07aa0f48549f0de8f26d5a01e8ebddcab78a41f070c456b84405f5ce224cc7cd0f2934182792cbcda6cfd643b4dc4677f0bd58cb7a597944a7bff45e8d2e96556d856a2d538f1653d97504393237550491215ee6c6d31e868b2ffcbd7a1f35514deb83ef6d8185b539ce713b85ff8016eaea31ffd217f371120b2e8d755fdb5e7b5457e5320a0306be28ffb5ef1da832247b65a2fa30788e8261a07fbde7929cbd7e3f6ee03ca84803eac96ab454cfb3b1f9e23005b1b2ce99d0d4a5b2f6c09314555160bffd310ef4501ca9f4355d24874e1e2a387487fff8376620c35a7c12ca40d71ca5badee8ab3634d3e62a0c5e7fefcb4300cf7fa4c58f73e37ff341ecb468e77b594d532f09fcf739e0ba7974fc6077c3cf6a6e632ba874d6a950373dabd65397250d770fc9bb81ad7e0f0a2291a4450130e61054ddb1bf83fe24f5c77387a8d7e7997d2b81892367d7c2d6b10c5a7da4dd0733ff3b9464583e6fe9fe669b12584d39517cc4cf75031db378002e7e6ed154487e955f2b5b94074d6cd4e5c0f5ca25680aa07c4ef69f9a55006cd034d8404944f12213ec6f0bbda28670edafc6cb1c08ed87ecd721a18de432b981cca54472f30159b23b1e91bea7bdf5aea4b7737e64535a1180966beaad8c0e888ce65bafaedac62da9ee9bcb3a048520deac8d261d1bc00a33128023c0b518240c7e0512b498db827aafb773e1144c6550c64afb6727b9dd23d0675cc126c5024a0309852d2bab2d25ba45fbb1cb21334ee70f343d027395f08b943a9d7ba9e05eb51e7f23249921a922cd9956c31f8b70294156224c2f0ae31a904c4124f6e6b1a6491eb7eb68019fd762ef849ede5b1ca3d244eaef256c95964d441c3aa189a78b831da3f29582ba9d9750e481882a629695631f152564356f10704ec45d913e8b6f239fadb26070ac84cd31aa6ef23b612bcf5f98cb971826a14313a718914b968d9e3b8e78b6e9949bc0c3357fa405bb12c5f8a93b272476a4903ebea7dfe0a38a8b71d66565400d0bcbc60c0862df711865b2b498ef2d5fddb9736d28018581a7be9fab9e21aab3cf68b65d7397647b5f42bbfc9bc54be4640c4395c6454780cbfcae36c089b1c8825e1d543a1b53aac306b73c20fb49ceaf7b58d6537051782083bc3dfbaafc104feeb6af45eab77b5bd85e0bcfd0557d08f7a6b4430f57b32a11d6c611bf7dc79a848e2dd95ecd2c009671e6f565f8d9b81d69f99a3fd3e0733db24e1acee06b3f9d7b59e677dc3fb19195b3bb5104671ca75a07122c7063c77c7373f2d724b96d35651538e43a157309a1ca2f3b83d88447a4e2b7c870df3f33025fd35ffc7064102c120db3a4a4e3c7f0b853482cecb24f39c363fd13d70f5b448d096683b87ef1fc13a368d4abc9f3961252b35cdfa860cc32dc3c3b20bb5d57d5c8855e391d8040e45bd7c7509eafab269875424b41b39a6fdf3f3ca8ed534314afd7e3dca20bc938446afdbbff2f4f084740201db32feb2bddc601af5971e07d6ac9e9e499ea7fdef6321ddf9e3d9f7c472ebc7d3410a4cfd35169bd8d0f70398e49800cf0ea0cf21994d5a2af913990a3348fe5235bab53302362d6b22dc21d141a203ed46ae98b2ce826e214b03f25e40b5974a6dd19253a442cfabfd4b52fd46473d101736b79938256b2bae9c8a37ed5f1b505af595cfbe98b83332af40acbce13e5c808e5823ed36b42232a2328cb69f649b5814bce9bb53f27c187b9863a0de6c43d97d0c1eec694a93a2f7069f23fd59329ccb659a4e1f344ce68a14872c360e1acd90b3a25189e67ef1bf6236de0abff7c30275876a76e55efd93d24dd820ade0c04e91914e4fa4f6ee5fd7e3cd44d886de1c97118240e87477106b56d874e2be8793bf38ebd3819150c26796c9729c79e0d57a8df7cb3c49d3de93d9ef2e28ce5ea6d186737ccc9ff480c0cffd92ee418347fd2386114a09f5dc7f91a55fd114340b0e56e84ce25dd696ae2185de8cfb92c403cfc7d614665d1ee3ad0e01ba9635c8c5e10f2bf88d21de085ff2ae17bc9a728af88eb3680c490afd963fc9c8b3994dd33bac9168b1aa511e96fc4a7cb02310180c111b3df7fd6783ef6abd536e730db314577f4f1b8563a74d73e74036c979fe2ee5f295b25aea3634016f843c98fe2ee3edff6674d7032d084f69be42851bbc20395f8dd9af27ac98369501010a942350c1a4b511ce091916c096fbc2d45c84d1727bb0aaab27306e4c08ccb796af46cd9eccfd77add835869ca66f68cb4ac182fc9ddf3766ce2eefecad04647def1b380a7cd5173496482b3e03d2340805a4d57a4e0ba1c435dbbe3e3b6d0efe26dc43d351c14d0ef660e3a3a73b0412e6b8eac6f332797bee7d4ac024282ba380a366e195cff84054e36698d5e50b9072c60b079b04d9743576ecf7f37d265d69a42435e8de612fd21530df2e1c0e6e5e70d571da0c8b9dcc2250490027c35ebbd2d69e8f3c88fbffc5c4950207b13005615767271b4c66d850fd94a107576d81132654412e444ed52213931cbfef223ebddd8c9622a92417afe9f98db63ed0ed3fa956fd71c08be1a453379b206915b77deea4b410cd8d566cb9e53ceac54fe06b713abd1f6391b1b6545ba54b6982fc4994ecd309e401b26f61cc9ab13cf97efd131ce30cd0f6c8f4fceaaca4d776f36685aeefcbc2ab16e4104bdbf4928299a6e3252f34ea019c29a8f316b23b2b95485e84bbd6385d6a4d49688665b2a7d22fa4be5894834bd38546bd5cae08f11e0eab321ddfa3d6d42ec284c1a433b272094987d42af96a34f5648fd645007e5a9d2a358fe2d43daf63ba90b04250097ca569126437e3223bfdb83ec60bba87628b9abca2e599a7efacd3d65f983d8a05f660835fa44d1a6f38539bbc6da1c9f889a1e9bc5d675f3c6b51dd6bd0592cf56a6a7ef547ccfa32beac24764de95ee8e950b494e57f280fc11f109af9a366d8dbc55df3cf96313493e0a12563b44f3e0f5163d07f6a5dc7f5c7c3efd1d457a1e027844347d0e73ecaaecb8add3648b59f26729accbbf893613b91fbadaf6baa54282a53f189dbc42da4b737aec8ff177b196ee5d9e001320a75b1cfde48da7262d71b8233840092f0d9efd7ff210d79652c329d800b516ac371f3c1b11be81c4619180735143a1eff5cd65705ac39574773878375ef3f45f3339fece543274a9e608bf6cce1caae931751cbb46546c2576c5c54eda3c19f76bddc66e1af4b3ad96d207c9b25ee8b4645a9bb5b28b05000fdfb88392872815c205718d2cb0b7e1cbf8ac81d7d39647d4a8ff96a4ea7addaec348b80e5992c92f7ac4c399ca521cf77dff12de17efdd45611185c29a8d83032fc7930267e92222881a87cd135526463928214be3f7fdb88e483def403058f7cbdb6fc6bf89718b42c81c9ae13885ef613e45b489dace6a8c6c254c356d988f8ec4b218ee0387e02d1920ceea96a88a5d68e496ba1c796661afd29514524074faa257645467ff4bd74a104e89ffa8c720f4f6e86d45667be1e9899381f5e91e4f8d3d9e03b1e2f3b38caf98845d04a6ca2cc7d878b58fee64a422810d86fa9232c623f2a5c07e7fbadb78e6c47666705b4f0e8298746e6340a7a7fe2cd59d60b8b0010720a1d4dcb074dff1d9ab99998c22681935d77e5dc069c1951159898424f7d9c5b1cad1f0dfad24963bb5d06ed407c6ea31186d4d1cdb806c10f20bc7c1ac58ac5c11bd1aab5b955e63f9f38b38290b65a95b6e5cdd4ff4a46c9bf044e2fefe963faaac1b8f4b4dcfbf97d6ffe620583e6aea7434d3a7a7b18970cd9139af96383586ecc0733b065cbac22aed6fcbbe152b374192f3845464c1cb8bbec8645e89733979f5a45ecd170f3354b9b92f1f65d74011ec03851d75dae3f110f0cdbfb671a3581f9b9cc37f4d26386cc48ea6da5a458c2d672d793e89fb0f9b9528cbc8eb985dea0b6189b02833b46b4b56fe64fbd4ce1d7c39ce88bd5ac8299a344fc39944ab8d9f5cb96680f0362fe12b0245a80f96a24220cfa3874e23d112c4815b0d940ab85c8ebdf40abb3f924491c6f5709afb470c9bf37902602b963422e1020429844b138bf57420bd89decf8b5fb795117517b6610d21636409d343bcbb928dbf1d73cd6b7ba45c4e67e8f064d5d12c867e541a25f0384a9c459a479e2eb1d1331aeef997407103a6674b904b8dad2712cc4dd1f8fea1ea3dc659b403ce25fe4e5acaac7b5168bae712c4e7e9af428171f2073de14e0d48682a1f9428f5dfef49cc54b51f20ffad60d3534e358149913f0ee48cc1e8f9ede5b6c63076a694dee226ba4787fb63d432866c0379be85e465febe9addf79e0269a8af0ea2ba52cbfb20a6678d8858886621e91d901cbc09ffc08d7729ef3b5b690f85bd1ec905f78b034a2ef1b953018bf4eefed99cfa119c836e5d7e0fcb7b044d725868836bb6ef1ab5238481b7ef69d187e542a57a77728cc5f3bb892149be1d428fd0927f586aed268c9552e7cdfdfd96f6abd5f16a0c1ddddc8f018dfee5d28be0c929879bfe765e023fbc2bed1a0b1aa10e8960ca3e8036c9790351630f6e28f7e9f8eabfe42d77a86756619bdec8ff83c06877816daa3819a120be03aa2bf4c2e67feeec2d8c81538bb10da51f67113fec6760c9637ea0fc5cd1a96f7bf10c02e56eb7d07d008120921ea3bc18d22692ee8bd2cc20741a3e9cecbd2f60f14ed1610332bf5d5ba31d67f506d1562361de2d089293dde8232b8503623c797612b6dd478d60621f5b293aa93c6294d5d31363f9244a84b96b77a730434f10278a16c9a188926e878fd0e62e38fe2f7099c857cc7f3f850d97eff20d3f12b8926bbb34063ebf23002c21ad2109127fedff6d91153b8fef0c30465c39d935f1cf0f5a7707e38674c4796c9a830b483e78171ca6be9a22974682f9f5b8bf8c19b03f3d83118d894e8a94c1bfed230eedee3db456a08efb35fce4d9b689b9c6a4b20cbb3f52f5379ee078a495467c0c6a931c5898b8ac756b82a7a743c4fba9ebbaafb06d9e3894e35277373ccdd550d7c68258909395ca9ccbd1791f3408e08272872960148a2026eb21959004a6a44124d83881a484a3b16598856b753d6efc75b789d40cf7dc60329d434b85b1c30fccc5483827d8cd6e47ac1c12349722185b064abaf8d706713e00f3720b0575d57d2a04d54e86ed912d216cc78530a1a6df7e3b82aa987a5f2b7425774a95a533a1b0fcd8f0103e7fb1775611e87d732104aa1d37960dc793393b22ffaf3a652adfcde9f67219800ae322f87c65ff0f96b0d17f9f1175893d4d6a077bada7285da09582e2fe880016137d4f4be037e12c2f7d0e46d6f9f8e95b897a2b9e56b7c33aa8b89030bd02547cbd08a5234462dff673e5822054abebc984e6646eb215b5055cbd39cd6877141a1cf13a8d31e4beffbd6b507b527af7147439d081cfe6a881f54791d895f7cb5f04c2b54e0850d035e7bfb76f90b23033b92436791a5dd60eb5a4f134d65b5a002ef914f5f52cb51bcfabb6eff756cdef673e3ab5f1aff53fed", [[], []]}, 0x1220) 2018/04/06 11:41:04 executing program 4: r0 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000200)={r1}, &(0x7f00000000c0)=0x8) close(r0) setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x65, 0x5, &(0x7f0000000000), 0x4) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$rdma_cm(0xffffffffffffffff, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080), 0x2}}, 0xfffffe84) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000002c0)={0xffffffffffffe55c, {{0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, [], 0x19}, 0x6c}}, {{0xa, 0x4e20, 0x3f, @remote={0xfe, 0x80, [], 0xbb}}}}, 0x108) 2018/04/06 11:41:04 executing program 6: socket$inet_udp(0x2, 0x2, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000095bffc)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) sendto$inet(r1, &(0x7f0000762fff), 0xfdc7, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001, [0x44cf]}, 0x10) 2018/04/06 11:41:04 executing program 2: r0 = socket$alg(0x26, 0x5, 0x0) accept$alg(r0, 0x0, 0x0) bind$alg(r0, &(0x7f000074cfa8)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000b3aff0)="e5fcb5bf0b00000000000007ddb42113", 0x10) getsockname$packet(0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0)=0x14) r1 = accept$alg(r0, 0x0, 0x0) recvmsg(r1, &(0x7f000004bfc8)={&(0x7f0000d18000)=@l2, 0xe, &(0x7f0000deaf60)=[{&(0x7f000034e000)=""/4096, 0x1000}], 0x1, &(0x7f00008b0000)=""/4096, 0x1000}, 0x0) r2 = syz_open_dev$amidi(&(0x7f0000000000)='/dev/amidi#\x00', 0x8000, 0x8000) mmap$binder(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x8, 0x1010, r2, 0x0) write$cgroup_pid(r2, &(0x7f0000000040)={[0x33]}, 0x1) 2018/04/06 11:41:04 executing program 1: r0 = socket(0x0, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) r1 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x52, r1, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000000200)={0x0, 0x6d, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30445cc3106098c1375dee48494f9360a6dceec8517e675add01d6167e244f8f663e3529bed2135afaa69efe4f927cc8fba0718a875d52"}, &(0x7f00000000c0)=0x75) close(r1) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(r0, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) r3 = perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$alg(0x26, 0x5, 0x0) r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000640)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000140), &(0x7f0000000180)) close(r4) sendmmsg(0xffffffffffffffff, &(0x7f0000002280)=[{{&(0x7f00000006c0)=@pppoe={0x18, 0x0, {0x3, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, 'ip6tnl0\x00'}}, 0x80, &(0x7f0000000ec0)=[{&(0x7f0000000740)="964616d1dafb11d6d905ea33bd4eaea0dd04eb847bc0a1210ca9456143e31b8ce14caf4a0646bc639707d10aba3e652495977a7a6d3fc41ef6364c47c2266aa410a490f920f407161207ec5352e1ce6c3822d3a2ae063583609298790a58b73fccaac3665dd78ab4a15d4c12a996799f41dc79b9f3d57a627a7517cb0b51c0cecf43519f19db25073246fa0d8e29d209ee94372325d56aa5ae8d45", 0x9b}], 0x1, &(0x7f0000000f40)=[{0x30, 0x103, 0x918, "b9b0597d21d227c112b74fbadc29c742bca992f94f18f93f4a69"}], 0x30, 0x4045}, 0x610}], 0x1, 0x4001) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x13860b96, 0xa0000) fcntl$getownex(r3, 0x10, &(0x7f0000000680)) 2018/04/06 11:41:04 executing program 3: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) fcntl$getownex(0xffffffffffffff9c, 0x10, &(0x7f0000000100)) getpid() fcntl$getown(0xffffffffffffff9c, 0x9) gettid() ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) getpgrp(r0) r1 = memfd_create(&(0x7f0000000080)='em1\x00', 0x2) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000200)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) sigaltstack(&(0x7f0000013000/0x1000)=nil, &(0x7f00000000c0)) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000258f88)) msgsnd(0x0, &(0x7f0000284ff8)={0x3}, 0x0, 0x0) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000240)={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000640)={'\x00', 0x0}) ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f0000000680)=r3) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000b40)={&(0x7f0000011000/0x4000)=nil, 0x4000}) io_setup(0x1000, &(0x7f0000000040)) io_submit(0x0, 0x0, &(0x7f0000000000)) ioctl$VHOST_RESET_OWNER(0xffffffffffffffff, 0xaf02, 0x0) 2018/04/06 11:41:04 executing program 7: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00003e0000)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc)) r1 = syz_open_pts(r0, 0x10000000000) read(r1, &(0x7f0000a8bfff)=""/1, 0x805031ae) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000180)) r2 = memfd_create(&(0x7f0000000340)='-md5sum:$em1\x00', 0x3) ioctl$LOOP_CLR_FD(r2, 0x4c01) ioctl$TCXONC(r1, 0x540a, 0x3) r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vga_arbiter\x00', 0x800, 0x0) setsockopt$bt_BT_FLUSHABLE(r3, 0x112, 0x8, &(0x7f0000000100)=0x40, 0x4) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_inet_SIOCSIFNETMASK(r4, 0x891c, &(0x7f0000000040)={'bcsh0\x00', {0x2, 0x4e22, @multicast1=0xe0000001}}) syz_open_pts(r0, 0x200000) setsockopt$sock_int(r5, 0x1, 0xa, &(0x7f0000000080)=0xd3, 0x4) bind$ax25(r3, &(0x7f0000000380)={0x3, {"f1a68b12f3a114"}, 0x5}, 0x10) ioctl$TIOCGSID(r1, 0x5429, &(0x7f00000001c0)=0x0) ptrace$setregs(0xf, r6, 0x2, &(0x7f0000000200)) r7 = dup3(r1, r0, 0x0) r8 = accept4$inet(r3, &(0x7f0000000200)={0x0, 0x0, @dev}, &(0x7f0000000240)=0x10, 0x80000) accept(r8, &(0x7f0000000280)=@in6={0x0, 0x0, 0x0, @dev}, &(0x7f0000000300)=0x80) ioctl$TCFLSH(r0, 0x540b, 0x0) setsockopt$inet_tcp_int(r7, 0x6, 0x1e, &(0x7f0000000140)=0x6000000000000000, 0x4) 2018/04/06 11:41:04 executing program 0: r0 = socket$inet_icmp(0x2, 0x2, 0x1) setsockopt$sock_void(r0, 0x1, 0x24, 0x0, 0x0) r1 = syz_open_dev$sndpcmc(&(0x7f0000000180)='/dev/snd/pcmC#D#c\x00', 0x3, 0x8000) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000000, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000000000000, 0x0, 0x0, 0x0, @perf_bp, 0xfffffffffffffffc, 0x0, 0x0, 0x4, 0x0, 0x0, 0x1000}, 0x0, 0xfffffffffffffffd, r1, 0x2) openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0106426, &(0x7f0000001000)={0x1, &(0x7f0000007000)=[{}]}) ioctl(r2, 0xc0184908, &(0x7f0000000140)="0e") r3 = syz_open_dev$midi(&(0x7f0000000040)='/dev/midi#\x00', 0x2, 0x20200) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r3, 0x4010640d, &(0x7f0000000080)={0x1, 0x8}) symlinkat(&(0x7f00000000c0)='./file0\x00', r3, &(0x7f0000000100)='./file0\x00') 2018/04/06 11:41:04 executing program 5: fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000000)={0x0, 0x0}) capset(&(0x7f0000000100)={0x19980330, r0}, &(0x7f0000292000)={0x0, 0xffffffffffffffff, 0x8}) msgget(0x2, 0x28) 2018/04/06 11:41:04 executing program 0: r0 = socket(0xa, 0x80806, 0x0) ioctl$fiemap(0xffffffffffffffff, 0xc020660b, &(0x7f0000000000)=ANY=[@ANYBLOB="000000000000000000800000000000084100000001"]) ioctl(r0, 0x8916, &(0x7f0000000000)) ioctl$sock_inet6_tcp_SIOCINQ(r0, 0x541b, &(0x7f0000000500)) ioctl(r0, 0x8936, &(0x7f0000000000)) r1 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f00000000c0)={'bridge0\x00', 0x21fff}) r2 = open(&(0x7f0000000380)='./file0\x00', 0x400000, 0x10) getsockopt$IP_VS_SO_GET_SERVICES(r2, 0x0, 0x482, &(0x7f0000000180)=""/193, &(0x7f0000000280)=0xc1) ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f00000002c0)={'sit0\x00', &(0x7f00000003c0)=@ethtool_coalesce={0xe, 0x100000001, 0x1, 0x4, 0x1, 0x9, 0x4, 0x5, 0x7, 0x0, 0x5, 0x6, 0x7, 0x5, 0xb2, 0xfff, 0xf56, 0xf61, 0x10000, 0x8, 0x80000000, 0xb045, 0x10000}}) getsockname$inet(r2, &(0x7f0000000480)={0x0, 0x0, @multicast2}, &(0x7f0000000080)=0xffffffb3) ioctl$sock_inet_SIOCGIFBRDADDR(r1, 0x8919, &(0x7f0000000100)={'bcsf0\x00', {0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x10}}}) get_thread_area(&(0x7f0000000040)={0x0, 0x0, 0x0, 0x6, 0x1, 0x4, 0x9, 0xc35c, 0x42, 0x200}) 2018/04/06 11:41:04 executing program 2: r0 = socket(0x4, 0x2, 0x0) getsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4) r1 = open(&(0x7f00000000c0)='./file0\x00', 0x68042, 0x0) setsockopt$inet6_udp_int(r0, 0x11, 0x1, &(0x7f0000db6ffc)=0x300ff, 0x4) fallocate(r1, 0x0, 0xffff, 0x81) sendto$inet(r0, &(0x7f000038cf97), 0x0, 0x0, &(0x7f0000000000)={0x2, 0x4e23}, 0x10) sendfile(r0, r1, &(0x7f0000af5000)=0x61, 0x10001) ioctl$SNDRV_CTL_IOCTL_HWDEP_INFO(r1, 0x80dc5521, &(0x7f0000000100)=""/175) 2018/04/06 11:41:04 executing program 4: r0 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000200)={r1}, &(0x7f00000000c0)=0x8) close(r0) setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040), 0x4) perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$rdma_cm(0xffffffffffffffff, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080), 0x2}}, 0xfffffe84) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000002c0)={0xffffffffffffe55c, {{0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, [], 0x19}, 0x6c}}, {{0xa, 0x4e20, 0x3f, @remote={0xfe, 0x80, [], 0xbb}}}}, 0x108) 2018/04/06 11:41:04 executing program 6: socket$inet_udp(0x2, 0x2, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000095bffc)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) sendto$inet(r1, &(0x7f0000762fff), 0xfdc7, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001, [0xfffff000]}, 0x10) 2018/04/06 11:41:04 executing program 1: r0 = socket(0x0, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) r1 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x52, r1, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000000200), &(0x7f00000000c0)=0x8) close(r1) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(r0, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$alg(0x26, 0x5, 0x0) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000640)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000140), &(0x7f0000000180)) close(r3) sendmmsg(0xffffffffffffffff, &(0x7f0000002280)=[{{&(0x7f00000006c0)=@pppoe={0x18, 0x0, {0x3, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, 'ip6tnl0\x00'}}, 0x80, &(0x7f0000000ec0)=[{&(0x7f0000000740)="964616d1dafb11d6d905ea33bd4eaea0dd04eb847bc0a1210ca9456143e31b8ce14caf4a0646bc639707d10aba3e652495977a7a6d3fc41ef6364c47c2266aa410a490f920f407161207ec5352e1ce6c3822d3a2ae063583609298790a58b73fccaac3665dd78ab4a15d4c12a996799f41dc79b9f3d57a627a7517cb0b51c0cecf43519f19db25073246fa0d8e29d209ee94372325d56aa5ae8d45", 0x9b}], 0x1, &(0x7f0000000f40)=[{0x30, 0x103, 0x918, "b9b0597d21d227c112b74fbadc29c742bca992f94f18f93f4a69"}], 0x30, 0x4045}, 0x610}], 0x1, 0x4001) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x13860b96, 0xa0000) fcntl$getownex(r2, 0x10, &(0x7f0000000680)) [ 382.194216] device bridge0 entered promiscuous mode 2018/04/06 11:41:04 executing program 5: capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) msgget(0x2, 0x58) r0 = syz_open_dev$amidi(&(0x7f0000000000)='/dev/amidi#\x00', 0x7, 0x12000) ioctl$KVM_SET_TSC_KHZ(r0, 0xaea2, 0x6) 2018/04/06 11:41:04 executing program 0: clone(0x200, &(0x7f0000151000), &(0x7f0000000080), &(0x7f0000f8b000), &(0x7f000025e000)) mknod(&(0x7f0000b75ff8)='./file0\x00', 0x0, 0x0) execve(&(0x7f0000f8aff8)='./file0\x00', &(0x7f000080c000), &(0x7f0000868000)) mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000a9eff8)='./file0\x00', &(0x7f00007fcffa)="726170f06673", 0x8000, &(0x7f000000a000)) mount(&(0x7f0000adcff8)='./file0\x00', &(0x7f00009a2ff8)='./file0\x00', &(0x7f0000ab4000)='qnx6\x00', 0x2003002, 0x0) r0 = creat(&(0x7f0000b7a000)='./file0\x00', 0x0) openat$cgroup_subtree(r0, &(0x7f0000000000)='cgroup.subtree_control\x00', 0x2, 0x0) [ 382.931498] FAULT_FLAG_ALLOW_RETRY missing 30 [ 382.936116] CPU: 0 PID: 24324 Comm: syz-executor3 Not tainted 4.16.0+ #3 [ 382.942952] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 382.952300] Call Trace: [ 382.954902] dump_stack+0x1b9/0x294 [ 382.958534] ? dump_stack_print_info.cold.2+0x52/0x52 [ 382.963732] ? kasan_check_write+0x14/0x20 [ 382.967961] ? do_raw_spin_lock+0xc1/0x200 [ 382.972206] handle_userfault.cold.32+0x44/0x57 [ 382.976882] ? handle_userfault+0x16c6/0x2760 [ 382.981395] ? userfaultfd_ioctl+0x4d10/0x4d10 [ 382.985976] ? debug_check_no_locks_freed+0x310/0x310 [ 382.991153] ? find_held_lock+0x36/0x1c0 [ 382.995199] ? print_usage_bug+0xc0/0xc0 [ 382.999242] ? print_usage_bug+0xc0/0xc0 [ 383.003288] ? check_same_owner+0x320/0x320 [ 383.007588] ? do_raw_spin_unlock+0x9e/0x2e0 [ 383.011978] ? __lock_acquire+0x7f5/0x5130 [ 383.016197] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 383.021715] ? graph_lock+0x170/0x170 [ 383.025499] ? debug_check_no_locks_freed+0x310/0x310 [ 383.030672] ? find_held_lock+0x36/0x1c0 [ 383.034716] ? lock_downgrade+0x8e0/0x8e0 [ 383.038848] ? kasan_check_read+0x11/0x20 [ 383.042975] ? do_raw_spin_unlock+0x9e/0x2e0 [ 383.047362] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 383.051927] ? kasan_check_write+0x14/0x20 [ 383.056140] ? do_raw_spin_lock+0xc1/0x200 [ 383.060361] __handle_mm_fault+0x34be/0x4150 [ 383.064754] ? vm_insert_mixed_mkwrite+0x40/0x40 [ 383.069488] ? graph_lock+0x170/0x170 [ 383.073270] ? find_held_lock+0x36/0x1c0 [ 383.077315] ? lock_downgrade+0x8e0/0x8e0 [ 383.081448] ? handle_mm_fault+0x8c0/0xc70 [ 383.085666] handle_mm_fault+0x53a/0xc70 [ 383.089712] ? __handle_mm_fault+0x4150/0x4150 [ 383.094275] ? find_vma+0x34/0x190 [ 383.097797] __do_page_fault+0x60b/0xe40 [ 383.101840] ? mm_fault_error+0x380/0x380 [ 383.105969] ? graph_lock+0x170/0x170 [ 383.109753] do_page_fault+0xee/0x8a7 [ 383.113533] ? vmalloc_sync_all+0x30/0x30 [ 383.117662] ? find_held_lock+0x36/0x1c0 [ 383.121709] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 383.126534] page_fault+0x25/0x50 [ 383.129966] RIP: 0010:copy_user_generic_unrolled+0x86/0xc0 [ 383.135568] RSP: 0018:ffff8801c658fce8 EFLAGS: 00010206 [ 383.140915] RAX: ffffed0038cb1fae RBX: 0000000000000018 RCX: 0000000000000003 [ 383.148172] RDX: 0000000000000000 RSI: 0000000020013000 RDI: ffff8801c658fd58 [ 383.155421] RBP: ffff8801c658fd20 R08: ffffed0038cb1fae R09: ffffed0038cb1fab [ 383.162668] R10: ffffed0038cb1fad R11: ffff8801c658fd6f R12: 0000000020013018 [ 383.169916] R13: 0000000020013000 R14: ffff8801c658fd58 R15: 00007ffffffff000 [ 383.177180] ? _copy_from_user+0x10d/0x150 [ 383.181400] SyS_sigaltstack+0xae/0x320 [ 383.185355] ? do_sigaction+0xa50/0xa50 [ 383.189311] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 383.194829] ? fput+0x130/0x1a0 [ 383.198091] ? ksys_ioctl+0x81/0xd0 [ 383.201701] ? do_syscall_64+0xb7/0x9d0 [ 383.205655] ? do_sigaction+0xa50/0xa50 [ 383.209611] do_syscall_64+0x29e/0x9d0 [ 383.213477] ? vmalloc_sync_all+0x30/0x30 [ 383.217615] ? _raw_spin_unlock_irq+0x27/0x70 [ 383.222090] ? finish_task_switch+0x1ca/0x820 [ 383.226565] ? syscall_return_slowpath+0x5c0/0x5c0 [ 383.231481] ? syscall_return_slowpath+0x30f/0x5c0 [ 383.236403] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 383.241748] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 383.246574] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 383.251742] RIP: 0033:0x4552d9 [ 383.254908] RSP: 002b:00007ff15ecfec68 EFLAGS: 00000246 ORIG_RAX: 0000000000000083 [ 383.262595] RAX: ffffffffffffffda RBX: 00007ff15ecff6d4 RCX: 00000000004552d9 [ 383.269846] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000020013000 [ 383.277092] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 383.284342] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 383.291591] R13: 0000000000000608 R14: 00000000006fc160 R15: 0000000000000000 2018/04/06 11:41:05 executing program 4: r0 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000200)={r1}, &(0x7f00000000c0)=0x8) close(r0) setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040), 0x4) perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$rdma_cm(0xffffffffffffffff, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080), 0x2}}, 0xfffffe84) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000002c0)={0xffffffffffffe55c, {{0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, [], 0x19}, 0x6c}}, {{0xa, 0x4e20, 0x3f, @remote={0xfe, 0x80, [], 0xbb}}}}, 0x108) 2018/04/06 11:41:05 executing program 2: socket$nl_xfrm(0xa, 0x3, 0x87) socket$nl_xfrm(0x10, 0x3, 0x6) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0xffffff87, 0x0, @local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, {[], @tcp={{0x4e20, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, &(0x7f00000002c0)) 2018/04/06 11:41:05 executing program 3 (fault-call:19 fault-nth:0): mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) fcntl$getownex(0xffffffffffffff9c, 0x10, &(0x7f0000000100)) getpid() fcntl$getown(0xffffffffffffff9c, 0x9) gettid() ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) getpgrp(r0) r1 = memfd_create(&(0x7f0000000080)='em1\x00', 0x2) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000200)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) sigaltstack(&(0x7f0000013000/0x1000)=nil, &(0x7f00000000c0)) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000258f88)) msgsnd(0x0, &(0x7f0000284ff8)={0x3}, 0x0, 0x0) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000240)={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000640)={'\x00', 0x0}) ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f0000000680)=r3) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000b40)={&(0x7f0000011000/0x4000)=nil, 0x4000}) io_setup(0x1000, &(0x7f0000000040)) io_submit(0x0, 0x0, &(0x7f0000000000)) ioctl$VHOST_RESET_OWNER(r1, 0xaf02, 0x0) 2018/04/06 11:41:05 executing program 6: socket$inet_udp(0x2, 0x2, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000095bffc)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) sendto$inet(r1, &(0x7f0000762fff), 0xfdc7, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001, [0xffc30000]}, 0x10) 2018/04/06 11:41:05 executing program 5: msgget(0x2, 0x58) 2018/04/06 11:41:05 executing program 1: r0 = socket(0x0, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) r1 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x52, r1, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000000200), &(0x7f00000000c0)=0x8) close(r1) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(r0, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$alg(0x26, 0x5, 0x0) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000640)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000140), &(0x7f0000000180)) close(r3) sendmmsg(0xffffffffffffffff, &(0x7f0000002280)=[{{&(0x7f00000006c0)=@pppoe={0x18, 0x0, {0x3, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, 'ip6tnl0\x00'}}, 0x80, &(0x7f0000000ec0)=[{&(0x7f0000000740)="964616d1dafb11d6d905ea33bd4eaea0dd04eb847bc0a1210ca9456143e31b8ce14caf4a0646bc639707d10aba3e652495977a7a6d3fc41ef6364c47c2266aa410a490f920f407161207ec5352e1ce6c3822d3a2ae063583609298790a58b73fccaac3665dd78ab4a15d4c12a996799f41dc79b9f3d57a627a7517cb0b51c0cecf43519f19db25073246fa0d8e29d209ee94372325d56aa5ae8d45", 0x9b}], 0x1, &(0x7f0000000f40)=[{0x30, 0x103, 0x918, "b9b0597d21d227c112b74fbadc29c742bca992f94f18f93f4a69"}], 0x30, 0x4045}, 0x610}], 0x1, 0x4001) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x13860b96, 0xa0000) fcntl$getownex(r2, 0x10, &(0x7f0000000680)) 2018/04/06 11:41:05 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x80000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = semget(0x2, 0x0, 0x4) semctl$GETALL(r2, 0x0, 0xd, &(0x7f0000000340)=""/142) pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r5 = userfaultfd(0x0) ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f0000000080)={0xaa}) fcntl$setstatus(r3, 0x4, 0x2000) ioctl$UFFDIO_REGISTER(r5, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) write$sndseq(r4, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x1c) dup2(r4, r3) ioctl$FIONREAD(r4, 0x541b, &(0x7f0000604ffc)) dup2(r3, r5) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r6 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffff9c, 0x89e2, &(0x7f0000000000)={0xffffffffffffff9c}) setsockopt$inet6_tcp_TCP_MD5SIG(r7, 0x6, 0xe, &(0x7f0000000100)={@in6={{0xa, 0x4e22, 0x80000000, @dev={0xfe, 0x80, [], 0x10}, 0xffffffff}}, 0x1, 0x0, 0x800, "b44771bd232850451e4abcd51cbf47e873c73caeaf172177005e49228a92c28511003b73a6ca3b8efd2a084c96d4c54e7f92978db10184c32a71b60bd81f3352469a3787a2711d4abb601390ba9a371a"}, 0xd8) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_CPUID(r6, 0x4008ae8a, &(0x7f0000000500)=ANY=[@ANYBLOB="010000010100001a0400000000000000607ef610fcf73adaac6e0d9391f574d57f84c8d340966a78bf065afbdf9cad3831e38e0909aa32b372bc09665e88178aa94246f386704c31b40780cd2a2a3a4a9e24168760cb6fdbe5ff29373b3b8e66e3ea2b914b7130f3968207c60962481024920bf65d06800aa40891869a592a0bb6"]) ioctl$KVM_SET_LAPIC(r6, 0x4400ae8f, &(0x7f00000012c0)={"d2ce5d92aa5cefed90db270a624a67359efcd6e18b6583ab8f4b8034869f0f03a0e5300994aaabff20177905dc7e69a062189c3e250e23f4b0b4d5081465227d068dd134e83cd3fdbb71fbcdcf6b2645d08b0dd7e70e5970d252cb044108bd5acf903f9a6494d6007e36fc6642c21932999cf616c6cbd0ff9c7b745801700a8c1b75a8245aaa10edca8f7ab4d6a66c717999b0ff000000aa66f4bd96ab5f6cae05caf4f35ae45a12137501f6b97c9a50da517e4900fe037327a41146c8006737b54a650b4b007e5471a72ae0b30295a6b1d762a52c5bd7b9adb5d4baf93e09b191783af5d445228c7934883d22fd766288d640486ecec568bc4d7896a0a00919a0a25c5bf469cf040e2d6647ee1fdb379d8af71d8e69b3ff803438a7cac766795a0cb694bfad53c0f2e6d623dbb0f218fa9363daa987b48261fb3d34ab03ad5ec8382c6f786aac9c1f6117c1fb60aa614c3e1744cbca91cf45613a7e1d9a65dd5ab39a8421ac8d538a2a3264e145b65b6068e9cec30110cc56647908bff809eb31b79524f826ef3979b70a0c85c69258454b91e697b2f7d942f60e3440d4747fa3d324951a53dc8a5680aed2d353af531d483725635ec81dbc88548408f0231b48ca1e5141635f99f75c84abf64e3701000000c27bd91fb9b0e645ccf6c24f2f012a45a63cf9a5e1a6437a0dd291c7b476b90c4b3e9e5a652325f427f2012048f205ef174d1d8fa3f6352a01c3abf84899744cc8fdc76734c9de73a6443b8d1747591fed87ab6750268ca6725256d90945333504cab54539a395ba8c26dde90e5f31dfe395bb7e4f472d534ea69d160c2acd9e078fda2560a975b092d0273a7c2fa9d0c1a0bbb821aa6d6b9dc884cf04da319525e9a5581c9e0a5fb903f049574091727d796eef30e4d069558728986c03cef6bb321b1aa0ee46c01e71a74499e6178095236bb0b34a3dc3dea06619450ab1aa0ba373c4d3dd2285efda91ae7ee35ce29bb9395f4654b9ee96462122bdb83ee0e51d1163fb146cb5851b00da53276c2d6d6d8bc7e8482b9b1c736333c9c9b2a4ad8ff4a495d664d9256d3f40cc7f6aad673099b16ddb251bada38d51fa99714ef0165190b647087cf30122e2ae93fe7f97c97b1cd9dbf3be26a8d9e23f02aafe4c495e651406fa479faf5c076b817f28094aec41be6e2bd3dc899c3f71e5a0794eb25a243b9cc0c3f3eeb0b6b7ae872892715fdf348d10bc9fb1ac5ed80627c75e2bbad5382de31536642efe2a1090c654d33d664b02752e3a6af60943eaa36b1b052df1512b22051d59348661952f3d6f25dfb83a010507bb7e1c0990d7fd5b4b44b53af51485bbe178064474f8a535ccb831c74ed81086663591ec0fe6cc2ba68bc906b6aacdc1ad8f500d54744e62d80c0c4bdcb31f783a4cad59209eb853c520656409df5760dbf1e7e3d6"}) ioctl$sock_kcm_SIOCKCMCLONE(r7, 0x89e2, &(0x7f0000000240)={r7}) syz_open_procfs(0x0, &(0x7f00004c6f8b)='mounts\x00') setsockopt$inet6_MRT6_ADD_MIF(0xffffffffffffffff, 0x29, 0xca, &(0x7f0000000180)={0x0, 0x0, 0xff, 0x1}, 0xc) perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000d2af88)={0x2, 0x78, 0xe2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x15300200, &(0x7f0000000440)="1edf68ccf4834772238843bc17048423fc03dff59b8d824a78673b8a2985a458ad61cbfe1c17f474b415c04b454baaa6217f2591f4cc1ad55e1a9bf9a3bf9f722e64947f042ddd1e1dcf7cee60f8985814a9ca5a4e23545daea5acfdfdbf4d8c95f71faafcf950d4a5daaa668e0e84a46581340646f2b91a1ef1820652261fdda8f719cac6bc202048f29697b63cf5ad0a41cd520abdcc", &(0x7f000006fffc), &(0x7f00000000c0), &(0x7f0000000300)) ioctl$sock_FIOGETOWN(r7, 0x8903, &(0x7f0000000400)=0x0) wait4(r8, &(0x7f0000000240), 0x1, 0x0) socketpair$inet_sctp(0x2, 0x5, 0x84, &(0x7f0000000040)) 2018/04/06 11:41:05 executing program 7: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00003e0000)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc)) r1 = syz_open_pts(r0, 0x10000000000) read(r1, &(0x7f0000a8bfff)=""/1, 0x805031ae) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000180)) r2 = memfd_create(&(0x7f0000000340)='-md5sum:$em1\x00', 0x3) ioctl$LOOP_CLR_FD(r2, 0x4c01) ioctl$TCXONC(r1, 0x540a, 0x3) r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vga_arbiter\x00', 0x800, 0x0) setsockopt$bt_BT_FLUSHABLE(r3, 0x112, 0x8, &(0x7f0000000100)=0x40, 0x4) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_inet_SIOCSIFNETMASK(r4, 0x891c, &(0x7f0000000040)={'bcsh0\x00', {0x2, 0x4e22, @multicast1=0xe0000001}}) syz_open_pts(r0, 0x200000) setsockopt$sock_int(r5, 0x1, 0xa, &(0x7f0000000080)=0xd3, 0x4) bind$ax25(r3, &(0x7f0000000380)={0x3, {"f1a68b12f3a114"}, 0x5}, 0x10) ioctl$TIOCGSID(r1, 0x5429, &(0x7f00000001c0)=0x0) ptrace$setregs(0xf, r6, 0x2, &(0x7f0000000200)) r7 = dup3(r1, r0, 0x0) r8 = accept4$inet(r3, &(0x7f0000000200)={0x0, 0x0, @dev}, &(0x7f0000000240)=0x10, 0x80000) accept(r8, &(0x7f0000000280)=@in6={0x0, 0x0, 0x0, @dev}, &(0x7f0000000300)=0x80) ioctl$TCFLSH(r0, 0x540b, 0x0) setsockopt$inet_tcp_int(r7, 0x6, 0x1e, &(0x7f0000000140)=0x6000000000000000, 0x4) 2018/04/06 11:41:05 executing program 5: capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) r0 = syz_open_dev$audion(&(0x7f00000001c0)='/dev/audio#\x00', 0x101, 0x200) sendto$ax25(r0, &(0x7f0000000200)="cbc6f442e0cec657b701a9dcdbdf5e9c1ed3fcb3140bde778777dced2ac28a477499b53d359a870f34d744039a09315a73e4ec8e807764e4fb35d7dafce83222051786be23432ac8baadd2386bc6ea45ccf23773603e4bba94229f698773429673217c684d0860aeebe39c210da185d47c893f5cd0308cabbf49e1bab5fda03d54fc7c9292b83bf09ea800c7a280d99d96dbe18e91b61c33bfb90af6ede69670636d4f3fd306ee6252cf81f223ee57b8d5c8b6b8cbe5116c96b428067b8e57550b0dfd6bfbd2e49ab1260bf9b3a7a960f3026cc634bb985f3c5d77994713eec914bb7948d4a43149fa22403ca195ed6afe2653bd8b92d8f4c015e9c665bd8ac00333ab76b22b19a680385b753d28464c596c5c7725de57c76dcb7ff827bb1640c84e500afaeb04d760e3005619c918410aaf426dcd65578964b0954ca9bd4d94396957d210a0cb0fd0c5babd3f6b9b48d70a7344f8f1aca1ddd4c9c373f9f8cf04ccb0a2c4db90c6b2a996d9390843293ef517c4f9269d57794ae85ed65ca9d6a5b271fe1440c13fdbf20206f02e18fd1462b22183c68f964b9fd7f9dc97750652b1ab8d4481ad7301ae214931a3d74666a25a431560cae6ddde4d1ed25428bd1ff91743c0d3f3f5b5cbffb16849e5de1a13cba9af0f105afd347d06228e2db87c3a5afb0a9b0c0bbd17382998955e001209d3885f3086c2caf9d3228ee49538f6b21dea480a9760fb59c9f2ed1921b93f33abd4c3d17c143d5475b88af8e8a60822c927ff459b04c7b000aa697daecc0ff4eb5f2f7d51eddc7a84e6091e9c60c7de44622d411c89503299edd85929d06e307c71762de3b7013e87345c6366660ecc4d5313bf4863a387b1a5a2d19516a20080c5aea352183d8e96c19bc34fb7c2f4324c5f8135d12fbd4e826708b61dba9140f1767925bc75b3cdffef22511d159a21d565ad8f49441dd742c0c6dd41f98a250bcb903b4295a118a8bc73394b67e20aa84c750eb5c979ff5bc05728a5475e56e7734d7eb23f9685b4af088739db96a55d62ea00af03fdfb1f86fb2cc4945ec8ebb127cecbc4c70d26102f06c16d6249a68e4e93d8924cecf711e69c6a01ad6be8cf59772e15245f4480446f2cc73d9ea6a7a86b2d3a484e295f3358dca875e8fde298a5d8623e4a47bd5746c287893dc00360c74b0f1cb6267cf6899b861a9cd0f50635dd9e3af9feaa62192c041aa72f9c90d464ef5db4c55da2afbfd36b4372316a86b62e2280d861b8115e64f20b7ab0b27bb3fb3ee4b08ab4045a67046100b2b60b9a82c509f740b59cf086126351924189f5822f710c6a8a6a292888de19c7114f6d1e0ee14a3cb895e20ea92ceae75c56edeb2b7a51b0ff9d78417fa704cee9cd8800b1d7d6b76a2ece57b85d6b28348d5aa5429d76e3c8069b9c8db82824f2814c4edaf6d8b7fc017f7540eb0c6d5f9ad07ae5103ecae7756c64c7a65f07593570b7e06bbe4b39a4bc6418f02cbbc24f2cf914d6c88e6622893f93e74db6b7036861b74f70b78decd5160370f399eea362ef9b68e2dd1b5759cc5b119cf189239244e23f450b112f804ea404e4db8d663137672ce618cb1c595fb0ef6a0018a411b965153ebd4548b8e29c9243b8cd6f4d672fcde9550f85215250513af801a0572e8025edcf2714cb39ab678e42ce405ccc1bb2e15069860b200383da7f76f88a340963cd6fd1f179f676dcf1d91075f2f5cfb3831cd1cf37e28e6fda8d3a75947b82ed1515ffb7606c74cc068604bbfd454e343fdf6d87e85f98aad3e54df1020e73418c9835e51b35bd631dd6b43cc569261db69e953efa099b4bb79ca8a13071928ecdb20433dd4f6f70f2d5160ffee9b73b2b1574dfeb1abb00647a3a758fc37fc986d115a0fe20e5f04a38b76606665dd7d66ce3518134deef211a67ba682afdc27812e3ddc5bb1502a0eb8462b6de31da502ca87b302eb98cd43e52bb7b5697acad2b87f8e496fe5696126c45df5a078e75721621f12dcb9a74dc5ea5d28cb1768a419bd10daa8f10559bbf4daf74e5a7a2e458c29be6d57c5d9478abdf96c51a5c446a968a26c732206a53dae8e8e8cfc1701f91c4e43ae90e5c5fc6a41575a8143c2e30342aee091f8d09ee70d3603377ca195a1e65cd757ebd919e3dc24f4574f47c5e0dfbc3ea3c156e4273317f80ac17035f0ea414d72a2f25225bd34b70596f34774ca435853313f3958d5bebe43ecc507c755cf6743fdca29e0fb0c08df395434237a47826289807951bd160f5ac4ed8b03d8bd90d153cb903b5e15c358fd26d62c7c120ea5c81b438344e3a3c8c60874f428d627409fa20f41a964aef258ad064e0491ee648978e7fb5902c5f3a144e1038777e4b0d4d16d5a797a97845035fec38f49dbe336380c0956df49453a699f49d68bc2c01dfbf519292b42ab2b313d9103febb958eafba9e247c3ac322861c3f63a153233380f64934dfe278d06b9d77460767ea1dcccac2dd3e25ffe24c24f82847c2901212d601cf1f94e029edee593cacc5cb74cfeed6b58753196de7b887e117e9d69b20df9767d954df07e087c56848105b03aa418172a87ce8d2b3e6b5ada1310136e888711104901f93e84b0e9e928fdfa4497a0e45ee5006d611d2ca2cf4e4b0c768a09a38e13ed8ee233f4e5faeef6e4c9787f6ddbfe13d42410686b620dd7870423e4a9c7dc07ee9094659fb1fd54491f091fddd1d27504996abb7f9b498260830d1d433559b2304fb54c311d68c884c5b41c3b056e7fe42854e02016e3bfd99b1de8ea922f6da637845fb0b36a5d1786427530c36c05565b2f4407caccbff7aba677ff79f370d7b920465af491ab45a07eefbf9bdb739aa328aa0540fbeb5aff829e39df4a6da19af5d0fa1295d2c4c16fdcd501999b335b6079cc684729f12ff8dd833173d176017505ae46439f08bd8df6e15f4c56bd1010cd61906e90620f01492e8dd39b0bbb5b729648e3339d1c5cf95b7243c0cb1398a215b75ea7bb8be3d46334a459f4e9bf2b2765ba8a607ab8fd3a220fc00492424298f9d219250aebd352b84c5783089b5c0da1e840eb7a9ab04095ab1bd43f0d09c196263d30ecbd19cf9e5fc50b48dca15ff7c2721b671828efa32b060008fff2d70a2b7d043ec86afd983bfe51528b1ca1400140408dd3523625cebccd2e87c6ec12287457377a5c0b7ab2929026bf0f8d26b01456862a5b072cd92e8525ca59bdd8409ff95b75268668132076fa8f609fa2ff2e4edac0170b2e739e143b8f9339b63e97b28412016f8a2c4b4e473571b9b7219f14ecd9db2446dda5f9d8c46b40c47876d718222143df87da5d77e7842ed80e0f6c2ebc2f1c10ecd2bfce0bdef71372e555ca7d78eb54c0465faaf92b6de21316f4b9784e2dd8663b3870723d3ca603243d6e732f7bd070ff3e0d0f98c71aff8254ca2203fed987d983c174f63721b1fcae7402acc18997a45958eff6f3ea932081c88da277b49ecd2628757e71ad42cee8a571bbb70291b9e834fce5ecc6010f477cbd3645fbac0f2262baf77fae18884464727d1a132dbd4d62932678ea6771936057582eddf0b72cfae23eaad7a9109863a36d9060df0a7d3a71fc7626a0c564ae78b12bf5e8f749cbdab0778262d8c96cc3aba93b9b1ad5989a3f47a413561df4f943c5dc9082a77d8b3c3b8577194aba64d95518b7b55f1a1e1f60d170be165607e1bc1f53227d8521ecc529c3680feeccf60e677e8e6cb59e05f08ce637a6c4a7537a84eff3a1bf24c594b40c0546ec96fb80a0aadd3cad7520847f450ce1cb64548fc8262d0f4eda702835aa619256135190d2759395de340a3e1b554f180a6d5d1e044a63b8f2fb05ad51914eab649cf0d61c0e93b6e5539de42b38a348a1a3abdec6c2964c2b7795dfbfe0271a335010ee92532f17bebfc89867ef0303df15b313c52e01fc5a6b55bc9e27985e517a26f68ea3fc00089c41356c49c478b08c9211bb66df127d2c4907a2a4a4032c19754a66f33a4ad5e87cf178c3a3669dbffad077f769485c5f86526f186b8d975105bd786e20a9668d1862eb9acea074156b052e463cdb2a73dcf7a1706a198c7c8d49d040c91c0de6c08fc4581143d005d824820692c9fb49d7bc2e2398bbb9c616dda6d03d3ad631de7db65320f21fc8bb425e46a3b50119b5e5fcf61d2403eca83417a283a4f7d30848374516904f8530617ca43561a1bc2b1eb000aa1a968359b1de4aa90eb11e68e8c168860724b3cac93c57460328228f44e84f7612bcd11e7c4ec501a35bc33eb0de4134f23d364ee9756cd6f08cb4f6ea4a639e77058bd63daa6a875aec515e3f4fbfa960ebf3f1db955bc92476860def783b326ae96c4395a3754f140f63190f08b2eb21c0625f71f676169c05cc672b09010707d91ad90dfd3545cbdb82d870b9e0accbe5ef7fe3ae2f9a1b8ba537ef0cfb323243e2a6cce538c4764c26ea039766d419913da88232c88a95f7be5d43f19c227e077baf13bf9cdb2a643b907cd084408cb4fc8bf36d2977bbc6136c63f4d09dda56f91dd3f913a5bed4207a8755bb0c732ce5a9c787392009c6e498320ca055055c459498e00a10ea00a6adb704e7a76ec1eafddda0d2ec693276b21cf4c6ae739e1f336a731994f47949a60f8af53141771161e7a37cd4507ecceb735a40d48b058ec6205f0802b52496f3123f9a7ca9e563a9db880e227a55f2feb0d19e6a0efddcca0eea2812ae78136b39271c84d40e954a095839c27a8ba542d8f030cc1e71d051f1c5258ed45bcd65ce1a0d04e71c8d2e9f3cff319f37313f7798513ffe450be60d86aa30a2b7ccdaa439d074e3bed6f46233c44b41a3962d8ca73c69013207870f766c125f7e73afd5069403bf3d014c260b28e5388aea8eff943b12d8deb9ba03618ed2de49de7657fec27012f0c2ff4c1a36eecf31b0181bf8bfd499f0b92e7a0851562def87735d8a1ee3250a3569179e72d40c34d863dcda9ca26034d8c8a4aede0dc39a10f3686f15b9ce3b596291b017cf950e2e2ea305a819352e1f4578892621cb24871523b971d0231136f043c5946aa37250b5a413e9b4132c3f158826311cd398bddac01858a68ec1c7a60666302b3bd1085854899e2e40a62d1199cf5add1d3dca55211925220955c0bac75e9c161a8952b7b032b8850a72f3cad90ac3591ef095708e3641b22bf237e77b694fcfa629c4bc53e06c3b5d4f026c97d882d95ba5bca6363e935e296491787e858c09172ce59eb8d60e9cdcda170f4a5c50f4c1bb625b48e04107f7c85d9c6833fba95d8381ce825330f4b3f4978ee484dead3bf61bb3b081cdd966d7993c614292e74deb4dcb65f9ac9ceaa1b94929b4799d3848c45434601b29575dc0cb36cd269ad3d60774e7380cf00fc7592c5ca556d6a3b688b6845e121c451ad7e7ccb2a930e8b0bcb921c30e762d69a5ced04ed57f6a4a1f07b98cba5776fd2a1db65b129b4f4a4ad9cf87c6cb44aef5311a20fa25a5847817e249badfa6510814b415a3aa5bea293eb061eeb027971ce119d060513bb17c64f64baf616b6e1cce53e72c3eae10ef46422da14faf08bc46d1a47bfe47ba95fde36f644149f29a0cc4d09afd6401e79496660ab2d0fab5823ea4146165e591b4b9c5dbf5b96908b64b498df02bf2fadaf4991f3f4d03ae6b2213639e602a5e250753c714b38ae8fac1a9d02050d123a85aeceacf0b6d5ea8b2cd55f165c19b22d2fafc6cdaecede0545299b22723d6c3e96f73f3071017c32dc49f04e3b24c5e72", 0x1000, 0x40000, &(0x7f0000001200)={0x3, {"469293250753ce"}, 0x3}, 0x10) msgget(0x2, 0x58) r1 = accept(0xffffffffffffff9c, &(0x7f0000000000)=@hci, &(0x7f0000000080)=0x80) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, &(0x7f00000000c0)={0x0, 0xc0, 0x200}, &(0x7f0000000140)=0x8) setsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f0000000180)={0x1000, 0x200, 0xffff, 0x67f7, r2}, 0x10) 2018/04/06 11:41:05 executing program 4: r0 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000200)={r1}, &(0x7f00000000c0)=0x8) close(r0) setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040), 0x4) perf_event_open(&(0x7f000025c000)={0x0, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$rdma_cm(0xffffffffffffffff, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080), 0x2}}, 0xfffffe84) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000002c0)={0xffffffffffffe55c, {{0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, [], 0x19}, 0x6c}}, {{0xa, 0x4e20, 0x3f, @remote={0xfe, 0x80, [], 0xbb}}}}, 0x108) 2018/04/06 11:41:05 executing program 2: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) mmap(&(0x7f0000000000/0xeef000)=nil, 0xeef000, 0x4, 0x32, 0xffffffffffffffff, 0x0) setsockopt$inet_sctp6_SCTP_NODELAY(r0, 0x84, 0x3, &(0x7f00000000c0), 0x4) r1 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000140)='/dev/mixer\x00', 0x800, 0x0) getsockopt$inet_pktinfo(0xffffffffffffff9c, 0x0, 0x8, &(0x7f0000000180)={0x0, @remote, @dev}, &(0x7f00000001c0)=0xc) bind$can_raw(r1, &(0x7f0000000200)={0x1d, r2}, 0x10) readv(r0, &(0x7f0000000100)=[{&(0x7f0000000000)=""/117, 0x75}, {&(0x7f0000000080)=""/63, 0x3f}], 0x2) 2018/04/06 11:41:05 executing program 1: r0 = socket(0x0, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) r1 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x52, r1, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000000200), &(0x7f00000000c0)=0x8) close(r1) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(r0, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$alg(0x26, 0x5, 0x0) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000640)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000140), &(0x7f0000000180)) close(r3) sendmmsg(0xffffffffffffffff, &(0x7f0000002280)=[{{&(0x7f00000006c0)=@pppoe={0x18, 0x0, {0x3, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, 'ip6tnl0\x00'}}, 0x80, &(0x7f0000000ec0)=[{&(0x7f0000000740)="964616d1dafb11d6d905ea33bd4eaea0dd04eb847bc0a1210ca9456143e31b8ce14caf4a0646bc639707d10aba3e652495977a7a6d3fc41ef6364c47c2266aa410a490f920f407161207ec5352e1ce6c3822d3a2ae063583609298790a58b73fccaac3665dd78ab4a15d4c12a996799f41dc79b9f3d57a627a7517cb0b51c0cecf43519f19db25073246fa0d8e29d209ee94372325d56aa5ae8d45", 0x9b}], 0x1, &(0x7f0000000f40)=[{0x30, 0x103, 0x918, "b9b0597d21d227c112b74fbadc29c742bca992f94f18f93f4a69"}], 0x30, 0x4045}, 0x610}], 0x1, 0x4001) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x13860b96, 0xa0000) fcntl$getownex(r2, 0x10, &(0x7f0000000680)) 2018/04/06 11:41:06 executing program 6: socket$inet_udp(0x2, 0x2, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000095bffc)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) sendto$inet(r1, &(0x7f0000762fff), 0xfdc7, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001, [0xff0a0000]}, 0x10) 2018/04/06 11:41:06 executing program 2: openat$ppp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ppp\x00', 0x0, 0x0) 2018/04/06 11:41:06 executing program 5: capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) msgget(0x3, 0x58) r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc\x00', 0x2, 0x0) getsockname$ipx(r0, &(0x7f0000000040), &(0x7f0000000080)=0x10) 2018/04/06 11:41:06 executing program 4: r0 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000200)={r1}, &(0x7f00000000c0)=0x8) close(r0) setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040), 0x4) perf_event_open(&(0x7f000025c000)={0x0, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$rdma_cm(0xffffffffffffffff, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080), 0x2}}, 0xfffffe84) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000002c0)={0xffffffffffffe55c, {{0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, [], 0x19}, 0x6c}}, {{0xa, 0x4e20, 0x3f, @remote={0xfe, 0x80, [], 0xbb}}}}, 0x108) 2018/04/06 11:41:06 executing program 2: r0 = syz_open_dev$sndctrl(&(0x7f000000a000)='/dev/snd/controlC#\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PVERSION(0xffffffffffffffff, 0xc1105517, &(0x7f0000000700)=""/250) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r0, r3, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000de9000)=[@text32={0x20, &(0x7f0000f59fc6)="0fc75fedc4c3c968fb6c0f9cfbb9040100c00f3266b842008ee80f230064672ec015dec4e245bea5d41e6082f9440f20c03506000000440f22c0", 0x3a}], 0x1, 0x0, &(0x7f0000000080), 0x0) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_ifreq(r4, 0x8931, &(0x7f0000000100)={"73697430000000003f6a3ea4d7e0879c", @ifru_addrs=@ipx={0x4, 0x0, 0x0, "372861280f26"}}) [ 384.308798] FAULT_FLAG_ALLOW_RETRY missing 30 [ 384.313556] CPU: 0 PID: 24399 Comm: syz-executor3 Not tainted 4.16.0+ #3 [ 384.320396] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 384.329739] Call Trace: [ 384.332326] dump_stack+0x1b9/0x294 [ 384.335951] ? dump_stack_print_info.cold.2+0x52/0x52 [ 384.341131] ? kasan_check_write+0x14/0x20 [ 384.345351] ? do_raw_spin_lock+0xc1/0x200 [ 384.349579] handle_userfault.cold.32+0x44/0x57 [ 384.354232] ? handle_userfault+0x16c6/0x2760 [ 384.358723] ? userfaultfd_ioctl+0x4d10/0x4d10 [ 384.363292] ? debug_check_no_locks_freed+0x310/0x310 [ 384.368469] ? find_held_lock+0x36/0x1c0 [ 384.372526] ? print_usage_bug+0xc0/0xc0 [ 384.376578] ? print_usage_bug+0xc0/0xc0 [ 384.380635] ? check_same_owner+0x320/0x320 [ 384.384942] ? do_raw_spin_unlock+0x9e/0x2e0 [ 384.389342] ? __lock_acquire+0x7f5/0x5130 [ 384.393568] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 384.399090] ? graph_lock+0x170/0x170 [ 384.402886] ? debug_check_no_locks_freed+0x310/0x310 [ 384.408064] ? find_held_lock+0x36/0x1c0 [ 384.412118] ? lock_downgrade+0x8e0/0x8e0 [ 384.416259] ? kasan_check_read+0x11/0x20 [ 384.420392] ? do_raw_spin_unlock+0x9e/0x2e0 [ 384.424785] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 384.429354] ? kasan_check_write+0x14/0x20 [ 384.433573] ? do_raw_spin_lock+0xc1/0x200 [ 384.437801] __handle_mm_fault+0x34be/0x4150 [ 384.442202] ? vm_insert_mixed_mkwrite+0x40/0x40 [ 384.446941] ? graph_lock+0x170/0x170 [ 384.450733] ? find_held_lock+0x36/0x1c0 [ 384.454789] ? lock_downgrade+0x8e0/0x8e0 [ 384.458934] ? handle_mm_fault+0x8c0/0xc70 [ 384.463161] handle_mm_fault+0x53a/0xc70 [ 384.467211] ? __handle_mm_fault+0x4150/0x4150 [ 384.471783] ? find_vma+0x34/0x190 [ 384.475313] __do_page_fault+0x60b/0xe40 [ 384.479366] ? mm_fault_error+0x380/0x380 [ 384.483502] ? graph_lock+0x170/0x170 [ 384.487296] do_page_fault+0xee/0x8a7 [ 384.491081] ? vmalloc_sync_all+0x30/0x30 [ 384.495218] ? find_held_lock+0x36/0x1c0 [ 384.499281] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 384.504118] page_fault+0x25/0x50 [ 384.507558] RIP: 0010:copy_user_generic_unrolled+0x86/0xc0 [ 384.513163] RSP: 0018:ffff8801cf167ce8 EFLAGS: 00010206 [ 384.518515] RAX: ffffed0039e2cfae RBX: 0000000000000018 RCX: 0000000000000003 [ 384.525768] RDX: 0000000000000000 RSI: 0000000020013000 RDI: ffff8801cf167d58 [ 384.533027] RBP: ffff8801cf167d20 R08: ffffed0039e2cfae R09: ffffed0039e2cfab [ 384.540285] R10: ffffed0039e2cfad R11: ffff8801cf167d6f R12: 0000000020013018 [ 384.547540] R13: 0000000020013000 R14: ffff8801cf167d58 R15: 00007ffffffff000 [ 384.554815] ? _copy_from_user+0x10d/0x150 [ 384.559047] SyS_sigaltstack+0xae/0x320 [ 384.563013] ? do_sigaction+0xa50/0xa50 [ 384.566983] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 384.572506] ? fput+0x130/0x1a0 [ 384.575777] ? ksys_ioctl+0x81/0xd0 [ 384.579387] ? do_syscall_64+0xb7/0x9d0 [ 384.583348] ? do_sigaction+0xa50/0xa50 [ 384.587308] do_syscall_64+0x29e/0x9d0 [ 384.591180] ? vmalloc_sync_all+0x30/0x30 [ 384.595318] ? _raw_spin_unlock_irq+0x27/0x70 [ 384.600164] ? finish_task_switch+0x1ca/0x820 [ 384.604649] ? syscall_return_slowpath+0x5c0/0x5c0 [ 384.609570] ? syscall_return_slowpath+0x30f/0x5c0 [ 384.614488] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 384.619843] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 384.624676] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 384.629849] RIP: 0033:0x4552d9 [ 384.633024] RSP: 002b:00007ff15ecfec68 EFLAGS: 00000246 ORIG_RAX: 0000000000000083 [ 384.640724] RAX: ffffffffffffffda RBX: 00007ff15ecff6d4 RCX: 00000000004552d9 [ 384.647976] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000020013000 [ 384.655229] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 384.662484] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 384.669739] R13: 0000000000000608 R14: 00000000006fc160 R15: 0000000000000000 2018/04/06 11:41:07 executing program 1: r0 = socket(0x0, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) r1 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x52, r1, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000000200)={0x0, 0x37, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30"}, &(0x7f00000000c0)=0x3f) close(r1) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(r0, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$alg(0x26, 0x5, 0x0) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000640)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000140), &(0x7f0000000180)) close(r3) sendmmsg(0xffffffffffffffff, &(0x7f0000002280)=[{{&(0x7f00000006c0)=@pppoe={0x18, 0x0, {0x3, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, 'ip6tnl0\x00'}}, 0x80, &(0x7f0000000ec0)=[{&(0x7f0000000740)="964616d1dafb11d6d905ea33bd4eaea0dd04eb847bc0a1210ca9456143e31b8ce14caf4a0646bc639707d10aba3e652495977a7a6d3fc41ef6364c47c2266aa410a490f920f407161207ec5352e1ce6c3822d3a2ae063583609298790a58b73fccaac3665dd78ab4a15d4c12a996799f41dc79b9f3d57a627a7517cb0b51c0cecf43519f19db25073246fa0d8e29d209ee94372325d56aa5ae8d45", 0x9b}], 0x1, &(0x7f0000000f40)=[{0x30, 0x103, 0x918, "b9b0597d21d227c112b74fbadc29c742bca992f94f18f93f4a69"}], 0x30, 0x4045}, 0x610}], 0x1, 0x4001) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x13860b96, 0xa0000) fcntl$getownex(r2, 0x10, &(0x7f0000000680)) 2018/04/06 11:41:07 executing program 4: r0 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000200)={r1}, &(0x7f00000000c0)=0x8) close(r0) setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040), 0x4) perf_event_open(&(0x7f000025c000)={0x0, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$rdma_cm(0xffffffffffffffff, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080), 0x2}}, 0xfffffe84) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000002c0)={0xffffffffffffe55c, {{0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, [], 0x19}, 0x6c}}, {{0xa, 0x4e20, 0x3f, @remote={0xfe, 0x80, [], 0xbb}}}}, 0x108) 2018/04/06 11:41:07 executing program 5: capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) r0 = syz_open_dev$amidi(&(0x7f0000000600)='/dev/amidi#\x00', 0xfff, 0xa4003) ioctl$KDSKBMETA(r0, 0x4b63, &(0x7f0000000640)=0x5) r1 = dup3(r0, r0, 0x80000) openat$cgroup_procs(r1, &(0x7f0000000680)='cgroup.threads\x00', 0x2, 0x0) pipe2(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4000) sendmmsg$unix(r2, &(0x7f00000005c0)=[{&(0x7f0000000140)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000000540)=[{&(0x7f00000001c0)="2177e0ffc28eaa83a5f4850400d66bebb05e9ad3301177aec3ac02d0b6cf4f12e986819ea4e7760333db1faeb83b2e5708aebb88140790b47de0daba2eeab79d42e6714be668ac34e1c10fa3abe1c1638910354c4b3185eb2ad472e20ac725e6b106738e2464", 0x66}, {&(0x7f0000000240)="80d244822bc50c7859e6ee4b14339ce6dd2e3fd76d1d4a5f53f9e096d946f2fb383da5465a6e8a7f1ea42a776bbb65ad80f6286efd876480cfb2a39e5c137860aa292540cf1c23077f257c1d9a82a53caa94810556c36d3a8913f1dc91d53babfc71e6df5b2b7797e15cfd8086784c1afc9cf12f3cac3dd425ec55d5505c60ca6d2b38079346bc8a387b30a6a80ae5ad6433460b1f1f8b9c211006995f7b672b58ad7c2ea54de29320ad323875c0b8c739000720534a2045ba37256617de06a8c8e4a628753b4767f532416145f6ef8ab7497fc909a3656c076a9c6cafab2372ce4d412bf6df671c938d96d3b654847a87c9ed4d52bcd0", 0xf7}, {&(0x7f0000000340)="b7b285fc53edcbbcce507029c45c22ca216ab4d816fec1bc506d42e72cada10ec0f0a01b0ee91f248142a03c52affe1919d5d64f424fa84681ca96724d696473b8c469c46f6ad1d0935ac6cf28e58a87227ab752e7fc732254f94690a13fcb626c104b2807e14eef78e9736a175e900d83105db77ec31c004e0b98077e013b8051d0f087968f1048c13cf613eff99c46cf9573b62123051000bf5e0fe6155f387caedcb3a853", 0xa6}, {&(0x7f0000000400)="823c1e2c8e43a5e162b73a1bc24e24989bd05ee1e8fbde7577dc4dc4c5868793ce6add57b388d48d9f78ba6db4ef8d8bfad3375b48ef64857f94316f0b8e70289280ef98eca3b2642a9cae2d0d3483187c8744ef82468994748d596260d82a6f0ccdee23bea78165408ae2967301b077bf9e063f79d745a94cc00f9c4e1a329cdbff267d1583b54fca4804a7acc36600fe3c708bf3eff1e58b64bc3efc", 0x9d}, {&(0x7f00000000c0)="6a5625767733b0f275a9050f9a4a5a94a64276648ef40f9790fbb19f1b07de7c4566d6250b9d1999b250b7247ec5eebe7c", 0x31}, {&(0x7f00000004c0)="5690b477b189ed1ae9a4a979fb59a595660791fd20e0aac83baced441007702f397d776fc94fea6ef1872f82cd2f36408f7a33ee9484b49a485f59e4fecb1f8793e199c9ccb9d23e4910566d4a967e", 0x4f}], 0x6, 0x0, 0x0, 0x8080}], 0x1, 0x48800) msgget(0x2, 0x58) r3 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x8, 0x100) ioctl$KVM_X86_SETUP_MCE(r3, 0x4008ae9c, &(0x7f0000000040)={0xa, 0x3, 0x9}) 2018/04/06 11:41:07 executing program 6: socket$inet_udp(0x2, 0x2, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000095bffc)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) sendto$inet(r1, &(0x7f0000762fff), 0xfdc7, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001, [0x1fdb]}, 0x10) 2018/04/06 11:41:07 executing program 2: r0 = syz_open_dev$sndctrl(&(0x7f0000006000)='/dev/snd/controlC#\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f000000affc)) r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000009000)='/dev/audio\x00', 0x0, 0x0) r2 = syz_open_dev$sndpcmp(&(0x7f000000afee)='/dev/snd/pcmC#D#p\x00', 0x0, 0x0) r3 = syz_open_dev$sndpcmc(&(0x7f00006a6fee)='/dev/snd/pcmC#D#c\x00', 0x0, 0x40400) r4 = dup2(r2, r1) getsockopt$ax25_int(r4, 0x101, 0xc, &(0x7f0000000040), &(0x7f0000000080)=0x4) io_setup(0x4, &(0x7f0000000000)=0x0) io_submit(r5, 0x1, &(0x7f0000001440)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x7, 0x0, r3, &(0x7f0000000100)}]) 2018/04/06 11:41:07 executing program 7: syz_open_dev$mice(&(0x7f0000000300)='/dev/input/mice\x00', 0x0, 0x100000000) inotify_init() epoll_create1(0x0) unshare(0x7fffd) pselect6(0x40, &(0x7f0000000080)={0x3ffffd}, &(0x7f0000768000), &(0x7f0000086000), &(0x7f0000000040), &(0x7f0000000100)={&(0x7f0000a65ff8), 0x8}) 2018/04/06 11:41:07 executing program 3: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) fcntl$getownex(0xffffffffffffff9c, 0x10, &(0x7f0000000100)) getpid() fcntl$getown(0xffffffffffffff9c, 0x9) gettid() ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) getpgrp(r0) r1 = memfd_create(&(0x7f0000000080)='em1\x00', 0x2) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000200)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) sigaltstack(&(0x7f0000013000/0x1000)=nil, &(0x7f00000000c0)) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000258f88)) msgsnd(0x0, &(0x7f0000284ff8)={0x3}, 0x0, 0x0) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000240)={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000640)={'\x00', 0x0}) ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f0000000680)=r3) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000b40)={&(0x7f0000011000/0x4000)=nil, 0x4000}) io_setup(0x1000, &(0x7f0000000040)) io_submit(0x0, 0x0, &(0x7f0000000000)) ioctl$VHOST_RESET_OWNER(r1, 0xaf02, 0x0) 2018/04/06 11:41:07 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300)='/dev/kvm\x00', 0x80000, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = semget(0x2, 0x0, 0x4) semctl$GETALL(r2, 0x0, 0xd, &(0x7f0000000340)=""/142) pipe2(&(0x7f0000f61000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r5 = userfaultfd(0x0) ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f0000000080)={0xaa}) fcntl$setstatus(r3, 0x4, 0x2000) ioctl$UFFDIO_REGISTER(r5, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) write$sndseq(r4, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x1c) dup2(r4, r3) ioctl$FIONREAD(r4, 0x541b, &(0x7f0000604ffc)) dup2(r3, r5) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r6 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffff9c, 0x89e2, &(0x7f0000000000)={0xffffffffffffff9c}) setsockopt$inet6_tcp_TCP_MD5SIG(r7, 0x6, 0xe, &(0x7f0000000100)={@in6={{0xa, 0x4e22, 0x80000000, @dev={0xfe, 0x80, [], 0x10}, 0xffffffff}}, 0x1, 0x0, 0x800, "b44771bd232850451e4abcd51cbf47e873c73caeaf172177005e49228a92c28511003b73a6ca3b8efd2a084c96d4c54e7f92978db10184c32a71b60bd81f3352469a3787a2711d4abb601390ba9a371a"}, 0xd8) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_CPUID(r6, 0x4008ae8a, &(0x7f0000000500)=ANY=[@ANYBLOB="010000010100001a0400000000000000607ef610fcf73adaac6e0d9391f574d57f84c8d340966a78bf065afbdf9cad3831e38e0909aa32b372bc09665e88178aa94246f386704c31b40780cd2a2a3a4a9e24168760cb6fdbe5ff29373b3b8e66e3ea2b914b7130f3968207c60962481024920bf65d06800aa40891869a592a0bb6"]) ioctl$KVM_SET_LAPIC(r6, 0x4400ae8f, &(0x7f00000012c0)={"d2ce5d92aa5cefed90db270a624a67359efcd6e18b6583ab8f4b8034869f0f03a0e5300994aaabff20177905dc7e69a062189c3e250e23f4b0b4d5081465227d068dd134e83cd3fdbb71fbcdcf6b2645d08b0dd7e70e5970d252cb044108bd5acf903f9a6494d6007e36fc6642c21932999cf616c6cbd0ff9c7b745801700a8c1b75a8245aaa10edca8f7ab4d6a66c717999b0ff000000aa66f4bd96ab5f6cae05caf4f35ae45a12137501f6b97c9a50da517e4900fe037327a41146c8006737b54a650b4b007e5471a72ae0b30295a6b1d762a52c5bd7b9adb5d4baf93e09b191783af5d445228c7934883d22fd766288d640486ecec568bc4d7896a0a00919a0a25c5bf469cf040e2d6647ee1fdb379d8af71d8e69b3ff803438a7cac766795a0cb694bfad53c0f2e6d623dbb0f218fa9363daa987b48261fb3d34ab03ad5ec8382c6f786aac9c1f6117c1fb60aa614c3e1744cbca91cf45613a7e1d9a65dd5ab39a8421ac8d538a2a3264e145b65b6068e9cec30110cc56647908bff809eb31b79524f826ef3979b70a0c85c69258454b91e697b2f7d942f60e3440d4747fa3d324951a53dc8a5680aed2d353af531d483725635ec81dbc88548408f0231b48ca1e5141635f99f75c84abf64e3701000000c27bd91fb9b0e645ccf6c24f2f012a45a63cf9a5e1a6437a0dd291c7b476b90c4b3e9e5a652325f427f2012048f205ef174d1d8fa3f6352a01c3abf84899744cc8fdc76734c9de73a6443b8d1747591fed87ab6750268ca6725256d90945333504cab54539a395ba8c26dde90e5f31dfe395bb7e4f472d534ea69d160c2acd9e078fda2560a975b092d0273a7c2fa9d0c1a0bbb821aa6d6b9dc884cf04da319525e9a5581c9e0a5fb903f049574091727d796eef30e4d069558728986c03cef6bb321b1aa0ee46c01e71a74499e6178095236bb0b34a3dc3dea06619450ab1aa0ba373c4d3dd2285efda91ae7ee35ce29bb9395f4654b9ee96462122bdb83ee0e51d1163fb146cb5851b00da53276c2d6d6d8bc7e8482b9b1c736333c9c9b2a4ad8ff4a495d664d9256d3f40cc7f6aad673099b16ddb251bada38d51fa99714ef0165190b647087cf30122e2ae93fe7f97c97b1cd9dbf3be26a8d9e23f02aafe4c495e651406fa479faf5c076b817f28094aec41be6e2bd3dc899c3f71e5a0794eb25a243b9cc0c3f3eeb0b6b7ae872892715fdf348d10bc9fb1ac5ed80627c75e2bbad5382de31536642efe2a1090c654d33d664b02752e3a6af60943eaa36b1b052df1512b22051d59348661952f3d6f25dfb83a010507bb7e1c0990d7fd5b4b44b53af51485bbe178064474f8a535ccb831c74ed81086663591ec0fe6cc2ba68bc906b6aacdc1ad8f500d54744e62d80c0c4bdcb31f783a4cad59209eb853c520656409df5760dbf1e7e3d6"}) ioctl$sock_kcm_SIOCKCMCLONE(r7, 0x89e2, &(0x7f0000000240)={r7}) syz_open_procfs(0x0, &(0x7f00004c6f8b)='mounts\x00') setsockopt$inet6_MRT6_ADD_MIF(0xffffffffffffffff, 0x29, 0xca, &(0x7f0000000180)={0x0, 0x0, 0xff, 0x1}, 0xc) perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000d2af88)={0x2, 0x78, 0xe2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x15300200, &(0x7f0000000440)="1edf68ccf4834772238843bc17048423fc03dff59b8d824a78673b8a2985a458ad61cbfe1c17f474b415c04b454baaa6217f2591f4cc1ad55e1a9bf9a3bf9f722e64947f042ddd1e1dcf7cee60f8985814a9ca5a4e23545daea5acfdfdbf4d8c95f71faafcf950d4a5daaa668e0e84a46581340646f2b91a1ef1820652261fdda8f719cac6bc202048f29697b63cf5ad0a41cd520abdcc", &(0x7f000006fffc), &(0x7f00000000c0), &(0x7f0000000300)) ioctl$sock_FIOGETOWN(r7, 0x8903, &(0x7f0000000400)=0x0) wait4(r8, &(0x7f0000000240), 0x1, 0x0) socketpair$inet_sctp(0x2, 0x5, 0x84, &(0x7f0000000040)) 2018/04/06 11:41:07 executing program 4: r0 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000200)={r1}, &(0x7f00000000c0)=0x8) close(r0) setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040), 0x4) perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$rdma_cm(0xffffffffffffffff, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080)}}, 0xfffffe84) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000002c0)={0xffffffffffffe55c, {{0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, [], 0x19}, 0x6c}}, {{0xa, 0x4e20, 0x3f, @remote={0xfe, 0x80, [], 0xbb}}}}, 0x108) 2018/04/06 11:41:07 executing program 5: capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x8000, 0x0) ioctl$TIOCSTI(r0, 0x5412, 0x7fff) getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, &(0x7f0000000080)={0x0, 0x6}, &(0x7f00000000c0)=0x8) setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f0000000140)={r1, 0x8, 0xffff}, 0x8) ioctl$sock_inet6_tcp_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000040)) msgget(0x2, 0x58) 2018/04/06 11:41:07 executing program 7: r0 = perf_event_open(&(0x7f0000000540)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmmsg$nfc_llcp(0xffffffffffffffff, &(0x7f0000005a00), 0x0, 0x800) getsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000140), &(0x7f0000000180)=0x4) ioprio_set$pid(0x0, 0x0, 0x0) r1 = syz_open_dev$mice(&(0x7f0000000080)='/dev/input/mice\x00', 0x0, 0x4400) ioctl$KVM_REINJECT_CONTROL(r1, 0xae71, &(0x7f00000000c0)={0x3}) r2 = socket$alg(0x26, 0x5, 0x0) r3 = memfd_create(&(0x7f0000000040)='userloppp1ptoc\'\x00', 0x6) fcntl$addseals(r2, 0x409, 0x0) fallocate(r3, 0x3, 0x0, 0x100000001) ftruncate(r0, 0x6) syz_genetlink_get_family_id$ipvs(&(0x7f00000013c0)='IPVS\x00') 2018/04/06 11:41:07 executing program 6: socket$inet_udp(0x2, 0x2, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000095bffc)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) sendto$inet(r1, &(0x7f0000762fff), 0xfdc7, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001, [0x505f]}, 0x10) 2018/04/06 11:41:07 executing program 1: r0 = socket(0x0, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) r1 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x52, r1, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000000200)={0x0, 0x37, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30"}, &(0x7f00000000c0)=0x3f) close(r1) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(r0, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$alg(0x26, 0x5, 0x0) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000640)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000140), &(0x7f0000000180)) close(r3) sendmmsg(0xffffffffffffffff, &(0x7f0000002280)=[{{&(0x7f00000006c0)=@pppoe={0x18, 0x0, {0x3, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, 'ip6tnl0\x00'}}, 0x80, &(0x7f0000000ec0)=[{&(0x7f0000000740)="964616d1dafb11d6d905ea33bd4eaea0dd04eb847bc0a1210ca9456143e31b8ce14caf4a0646bc639707d10aba3e652495977a7a6d3fc41ef6364c47c2266aa410a490f920f407161207ec5352e1ce6c3822d3a2ae063583609298790a58b73fccaac3665dd78ab4a15d4c12a996799f41dc79b9f3d57a627a7517cb0b51c0cecf43519f19db25073246fa0d8e29d209ee94372325d56aa5ae8d45", 0x9b}], 0x1, &(0x7f0000000f40)=[{0x30, 0x103, 0x918, "b9b0597d21d227c112b74fbadc29c742bca992f94f18f93f4a69"}], 0x30, 0x4045}, 0x610}], 0x1, 0x4001) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x13860b96, 0xa0000) fcntl$getownex(r2, 0x10, &(0x7f0000000680)) 2018/04/06 11:41:07 executing program 2: pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) getsockopt$inet6_opts(r0, 0x29, 0x39, &(0x7f0000000100)=""/143, &(0x7f0000000040)=0x8f) tee(r0, r1, 0x8, 0x8) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='setgroups\x00') ioctl$RNDZAPENTCNT(r1, 0x5204, &(0x7f0000000080)=0xff) writev(r2, &(0x7f0000b97000)=[{&(0x7f0000962000)='1', 0x1}], 0x1) 2018/04/06 11:41:07 executing program 4: r0 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000200)={r1}, &(0x7f00000000c0)=0x8) close(r0) setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040), 0x4) perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$rdma_cm(0xffffffffffffffff, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080)}}, 0xfffffe84) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000002c0)={0xffffffffffffe55c, {{0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, [], 0x19}, 0x6c}}, {{0xa, 0x4e20, 0x3f, @remote={0xfe, 0x80, [], 0xbb}}}}, 0x108) 2018/04/06 11:41:07 executing program 5: msgget(0x2, 0x58) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='cmdline\x00') getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000040)={0x0, 0x4}, &(0x7f0000000080)=0x8) getsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f00000000c0)={r1, 0x3f, 0x100000001, 0x8, 0xffff}, &(0x7f0000000100)=0x14) [ 385.689731] FAULT_FLAG_ALLOW_RETRY missing 30 [ 385.694331] CPU: 0 PID: 24469 Comm: syz-executor3 Not tainted 4.16.0+ #3 [ 385.701169] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 385.710529] Call Trace: [ 385.713134] dump_stack+0x1b9/0x294 [ 385.716767] ? dump_stack_print_info.cold.2+0x52/0x52 [ 385.721945] ? kasan_check_write+0x14/0x20 [ 385.726182] ? do_raw_spin_lock+0xc1/0x200 [ 385.730427] handle_userfault.cold.32+0x44/0x57 [ 385.735087] ? handle_userfault+0x16c6/0x2760 [ 385.739576] ? userfaultfd_ioctl+0x4d10/0x4d10 [ 385.744148] ? debug_check_no_locks_freed+0x310/0x310 [ 385.749328] ? find_held_lock+0x36/0x1c0 [ 385.753398] ? print_usage_bug+0xc0/0xc0 [ 385.757466] ? print_usage_bug+0xc0/0xc0 [ 385.761535] ? check_same_owner+0x320/0x320 [ 385.765855] ? do_raw_spin_unlock+0x9e/0x2e0 [ 385.770273] ? __lock_acquire+0x7f5/0x5130 [ 385.774499] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 385.780033] ? graph_lock+0x170/0x170 [ 385.783831] ? debug_check_no_locks_freed+0x310/0x310 [ 385.789016] ? find_held_lock+0x36/0x1c0 [ 385.793074] ? lock_downgrade+0x8e0/0x8e0 [ 385.797217] ? kasan_check_read+0x11/0x20 [ 385.801349] ? do_raw_spin_unlock+0x9e/0x2e0 [ 385.805742] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 385.810309] ? kasan_check_write+0x14/0x20 [ 385.814533] ? do_raw_spin_lock+0xc1/0x200 [ 385.818761] __handle_mm_fault+0x34be/0x4150 [ 385.823162] ? vm_insert_mixed_mkwrite+0x40/0x40 [ 385.827906] ? graph_lock+0x170/0x170 [ 385.831704] ? find_held_lock+0x36/0x1c0 [ 385.835761] ? lock_downgrade+0x8e0/0x8e0 [ 385.839906] ? handle_mm_fault+0x8c0/0xc70 [ 385.844130] handle_mm_fault+0x53a/0xc70 [ 385.848181] ? __handle_mm_fault+0x4150/0x4150 [ 385.852756] ? find_vma+0x34/0x190 [ 385.856285] __do_page_fault+0x60b/0xe40 [ 385.860338] ? mm_fault_error+0x380/0x380 [ 385.864476] ? graph_lock+0x170/0x170 [ 385.868265] do_page_fault+0xee/0x8a7 [ 385.872051] ? vmalloc_sync_all+0x30/0x30 [ 385.876191] ? find_held_lock+0x36/0x1c0 [ 385.880251] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 385.885087] page_fault+0x25/0x50 [ 385.888526] RIP: 0010:copy_user_generic_unrolled+0x86/0xc0 [ 385.894131] RSP: 0018:ffff8801b0ae7ce8 EFLAGS: 00010206 [ 385.899482] RAX: ffffed003615cfae RBX: 0000000000000018 RCX: 0000000000000003 [ 385.906736] RDX: 0000000000000000 RSI: 0000000020013000 RDI: ffff8801b0ae7d58 [ 385.913991] RBP: ffff8801b0ae7d20 R08: ffffed003615cfae R09: ffffed003615cfab [ 385.921269] R10: ffffed003615cfad R11: ffff8801b0ae7d6f R12: 0000000020013018 [ 385.928523] R13: 0000000020013000 R14: ffff8801b0ae7d58 R15: 00007ffffffff000 [ 385.935800] ? _copy_from_user+0x10d/0x150 [ 385.940034] SyS_sigaltstack+0xae/0x320 [ 385.943994] ? do_sigaction+0xa50/0xa50 [ 385.947964] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 385.953487] ? fput+0x130/0x1a0 [ 385.956753] ? ksys_ioctl+0x81/0xd0 [ 385.960368] ? do_syscall_64+0xb7/0x9d0 [ 385.964329] ? do_sigaction+0xa50/0xa50 [ 385.968291] do_syscall_64+0x29e/0x9d0 [ 385.972162] ? vmalloc_sync_all+0x30/0x30 [ 385.976299] ? _raw_spin_unlock_irq+0x27/0x70 [ 385.980781] ? finish_task_switch+0x1ca/0x820 [ 385.985263] ? syscall_return_slowpath+0x5c0/0x5c0 [ 385.990179] ? syscall_return_slowpath+0x30f/0x5c0 [ 385.995096] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 386.000449] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 386.005283] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 386.010461] RIP: 0033:0x4552d9 [ 386.013636] RSP: 002b:00007ff15ecfec68 EFLAGS: 00000246 ORIG_RAX: 0000000000000083 [ 386.021336] RAX: ffffffffffffffda RBX: 00007ff15ecff6d4 RCX: 00000000004552d9 [ 386.028599] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000020013000 [ 386.035859] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 386.043114] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 386.050370] R13: 0000000000000608 R14: 00000000006fc160 R15: 0000000000000000 2018/04/06 11:41:08 executing program 5: capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) msgget(0x2, 0x58) socketpair$inet6(0xa, 0x2, 0x100, &(0x7f0000000000)) 2018/04/06 11:41:08 executing program 2: r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vga_arbiter\x00', 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x3, 0x5000, 0x2000, &(0x7f0000ffe000/0x2000)=nil}) ioctl$KVM_SET_TSS_ADDR(r2, 0xae47, 0xd000) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_CPUID2(r3, 0xc008ae91, &(0x7f0000000240)=ANY=[@ANYBLOB="0300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000006ea3586d899e129764f67cc15ddcec077615ee41ba807d1d3e354b2381e1e62164aa3de6d145c31d7fd0d59570f40de9415b83f81a93751915289322a807afad077ec4bc381e8386b6db3b02d78785325b5087fd10dd2c623a177f01337c048669e37fb43856e28b0d9b5b23f287d91b72841c6c6670c29cf5b9cbbc2c54838d0ebf18853704ceb40000c363de8ffb62949b371aedb1849091"]) ioctl$ASHMEM_PURGE_ALL_CACHES(r0, 0x770a, 0x0) semget(0xffffffffffffffff, 0x3, 0x0) ioctl$DRM_IOCTL_AGP_RELEASE(r0, 0x6431) ioctl$KVM_GET_MSR_INDEX_LIST(r3, 0xc004ae02, &(0x7f0000000100)=ANY=[]) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f0000000040)) 2018/04/06 11:41:08 executing program 6: socket$inet_udp(0x2, 0x2, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000095bffc)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) sendto$inet(r1, &(0x7f0000762fff), 0xfdc7, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001, [0x8f16000000000000]}, 0x10) 2018/04/06 11:41:08 executing program 4: r0 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000200)={r1}, &(0x7f00000000c0)=0x8) close(r0) setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040), 0x4) perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$rdma_cm(0xffffffffffffffff, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080)}}, 0xfffffe84) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000002c0)={0xffffffffffffe55c, {{0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, [], 0x19}, 0x6c}}, {{0xa, 0x4e20, 0x3f, @remote={0xfe, 0x80, [], 0xbb}}}}, 0x108) 2018/04/06 11:41:08 executing program 1: r0 = socket(0x0, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) r1 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x52, r1, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000000200)={0x0, 0x37, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30"}, &(0x7f00000000c0)=0x3f) close(r1) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(r0, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$alg(0x26, 0x5, 0x0) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000640)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000140), &(0x7f0000000180)) close(r3) sendmmsg(0xffffffffffffffff, &(0x7f0000002280)=[{{&(0x7f00000006c0)=@pppoe={0x18, 0x0, {0x3, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, 'ip6tnl0\x00'}}, 0x80, &(0x7f0000000ec0)=[{&(0x7f0000000740)="964616d1dafb11d6d905ea33bd4eaea0dd04eb847bc0a1210ca9456143e31b8ce14caf4a0646bc639707d10aba3e652495977a7a6d3fc41ef6364c47c2266aa410a490f920f407161207ec5352e1ce6c3822d3a2ae063583609298790a58b73fccaac3665dd78ab4a15d4c12a996799f41dc79b9f3d57a627a7517cb0b51c0cecf43519f19db25073246fa0d8e29d209ee94372325d56aa5ae8d45", 0x9b}], 0x1, &(0x7f0000000f40)=[{0x30, 0x103, 0x918, "b9b0597d21d227c112b74fbadc29c742bca992f94f18f93f4a69"}], 0x30, 0x4045}, 0x610}], 0x1, 0x4001) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x13860b96, 0xa0000) fcntl$getownex(r2, 0x10, &(0x7f0000000680)) 2018/04/06 11:41:08 executing program 3: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) fcntl$getownex(0xffffffffffffff9c, 0x10, &(0x7f0000000100)) getpid() fcntl$getown(0xffffffffffffff9c, 0x9) gettid() ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) getpgrp(r0) r1 = memfd_create(&(0x7f0000000080)='em1\x00', 0x2) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000200)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) sigaltstack(&(0x7f0000013000/0x1000)=nil, &(0x7f00000000c0)) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000258f88)) msgsnd(0x0, &(0x7f0000284ff8)={0x3}, 0x0, 0x0) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000240)={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000640)={'\x00', 0x0}) ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f0000000680)=r3) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000b40)={&(0x7f0000011000/0x4000)=nil, 0x4000}) io_setup(0x1000, &(0x7f0000000040)) io_submit(0x0, 0x400000, &(0x7f0000000000)) ioctl$VHOST_RESET_OWNER(r1, 0xaf02, 0x0) 2018/04/06 11:41:08 executing program 0: r0 = socket$inet6(0xa, 0x4, 0xffffffffffffffff) r1 = socket$inet_dccp(0x2, 0x6, 0x0) setsockopt(r1, 0x800000010d, 0x2, &(0x7f0000000000)="fb1842ff2a16f840199948eafa34af0d3affbfcd2f63794116bb011b319d58f867d7249aba57ac12c7f643fabc5403b130ac1e80c267521c2c59bbddb731484168aedf5cb97870a82efa5acd0fef285ee1ca10d78e93c552e4461b15c146b4b3876b1e6dda5cd9bb5ce3ed21d66f8845a9c794540d9889c99cbc146a359a954778", 0x81) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty, 0x1000}, 0x1c) sendmmsg(r0, &(0x7f0000005180)=[{}, {{&(0x7f00000016c0)=@in6={0xa, 0x0, 0x7fffffff}, 0x12, &(0x7f0000001b80), 0x0, &(0x7f0000000040)}}], 0x2, 0x0) r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ppp\x00', 0xc0, 0x0) ioctl$TCSETS(r2, 0x5402, &(0x7f0000000100)={0x7, 0x2, 0x3, 0x2, 0x4, 0x6, 0x1000, 0x4, 0x80000001, 0x2, 0x5, 0x5}) 2018/04/06 11:41:08 executing program 7: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) getsockopt$inet_sctp6_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, &(0x7f0000000300)=ANY=[@ANYBLOB="01050644c5190090000000000001000000000000000042702d6effffc4ef598c0b71bc6801715de8b2792c6e3997009e0d2f8a635940856cd1c5df48eb75f208840969ee1330f5433b01686e7c6362ab62d3d5bd4cca8f7325a17c2510c029501f70193519d7970d8139e796257e5c4adbe773cbf86f2b7e44e144fccbec3631f1068c0baaf0db1fe9bc6ff088963eaf4417ea537cc9a6698b0071a043722357d87cc16ebad7d548046c51dd2ae2c0c57b971da9a333d5045ae762065171722a41d42994aaaf4335094a3cf64c061661779b2f8229797a45e1264b71f6d1f6a43a291764a9e3bcb1b73184db675a1529244b0dccfcc68b8479240b57c191d09a82c7f05f0d9c49a1dca288ea8e60345269c19c20fe4b00000000000000000000000000"], &(0x7f0000000080)=0x1) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2018/04/06 11:41:08 executing program 5: capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x1}) msgget(0x2, 0x58) 2018/04/06 11:41:08 executing program 0: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x840, 0x0) readv(0xffffffffffffffff, &(0x7f00000004c0)=[{&(0x7f0000000200)=""/236, 0xec}], 0x1) readv(r0, &(0x7f0000000080), 0x10bf) close(r0) getsockopt$inet_dccp_buf(r0, 0x21, 0xcf, &(0x7f0000000080)=""/249, &(0x7f0000000000)=0xf9) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000900)={0x0}, &(0x7f0000000940)=0xc) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000000980)={{{@in=@multicast2, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@loopback}, 0x0, @in=@multicast2}}, &(0x7f0000000a80)=0xe8) stat(&(0x7f0000000ac0)='./file0\x00', &(0x7f0000000b00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$TIOCGSID(r0, 0x5429, &(0x7f0000000b80)=0x0) lstat(&(0x7f0000000bc0)='./file0\x00', &(0x7f0000000c00)={0x0, 0x0, 0x0, 0x0, 0x0}) getresgid(&(0x7f0000000c80), &(0x7f0000000cc0)=0x0, &(0x7f0000000d00)) sendmsg$unix(r0, &(0x7f0000000e80)={&(0x7f0000000180)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000000880)=[{&(0x7f0000000300)="341b02fb11b615dfd73ff973dc9215fbd49e100702e1ae093b5474f81ab857f8720f0fbf5bcaaeafece9155bf70ebd49cea231d0bc357b11a0c31655f8140f14d4fcad8d5aa53b02ffa9a8953e1f0e8b5ee47e6118ae2120f6044847c59e3ed3e9a07a925b6af44577d5cf1eedd039fd422c683424351ddac7bdb85ab08618d93e908a2d4dcfd27fa5ab6bfd61eca4f8ddadb85157ef1605f0277a3424406b169b7be044e0fd2d834e997a2666616661d35c189e4f145325fb9651b62ddf5172af2f81f08f903b7edb", 0xc9}, {&(0x7f0000000400)="6e9cae52f9ed501d55aff73c88235ccf6ba851f9b7cced051efa3f17f29ba45f8c9573d5edabeac935c8dac9ea19af492eadd64a33eb44dae6f8849e96e500fa161736ab24035e07b60df6dee9711ec7b77a8ad6d3fef28cbf60ecea17db9391e4676cfe849bf040d23dd78f74fb1ebf1dc804d40312510b28cab6f4f8622fcd719ae846009dff", 0x87}, {&(0x7f0000000500)="7cc6c56cbca82e58f6264305d6fc0995e8787990fbdc04727e01d9cc3acc8aa623a6dc25380d57d7e4f732810e67bf742b813b9ee56cc54ae04bdf43e5f416a20f02d6496180c12f355581a079bf924d1d16e75059b1d05dd55ab445bfa724fa68fdfc15e66712e476ab7a008763a222168523483fe38b97878c0678f5e4e7755483d2844dc0b0ef8dbec8813835419fb53fe52ef8c6240a4b666b45497580", 0x9f}, {&(0x7f00000005c0)="6f089a601e16e182e8bc839f45e136ce4a78058cf8d8c16c8f4a80e44118752df3b9fcbde6f31c4739b641801d2368e43f9e1851087ba806c4dbc2182dbf4a2d3040bf799aa2e332d7f319844aa3d17fb9c5fe83b21701f07b38ca8722b1ea30be3078222e02c81c5fb17a1b9ffb945691a59dacb61c0bea0c2118a4e6030b", 0x7f}, {&(0x7f0000000640)="81b5e570d41e2ad5fa4cdc498be670d255c90e4d694fe5a240012440387ba9a693dc62fbc1be5ff05fb33f928270484b05d5f30916004e44e1e085f721abfb3f36dd55a1f895fb132e9de6393a80655d4274eab68500b4afa9bc2df098c657345feb06f83e3b1ea0654408801135442603772fb9be11db31b7a62ff086998ecb45d65572fa484ab67c07c029ba60e7adf25634db457d43", 0x97}, {&(0x7f0000000700)="8fe0b8e4314a2270739bddae06a1be02f9af6532a805697295be455490ca9a33a4929e72d25f21c8c274207423f9007ca8b01d4cba894523dc63d926375607c49e034d7f6cab49a3de", 0x49}, {&(0x7f0000000780)="e1c4d73baf240e6109aa6fcf5516791c4519ffc883b5d82356088a347b17bb736d9796c1df200a31a564f860ae5c4876543c8a285a953d1d1cc9bdff4751e7cd6b3253baa552522f6802319e9ef60b2f6c5ca6a5f1fcb3c231ff370eb8c17d22620d269249b7dc8e8d092375d032b959147796d5e0686a71df5e2741827b82418e6af7e731b724ec64c34893d34457cb421f87fee34b381f2321381a7064f8f1e8f3675dd13065c23da4af751c9e8826d0d0a3fefc3bafe524235ee4c2d9be47bfbb28bde9d1f383dafab66d", 0xcc}], 0x7, &(0x7f0000000d40)=[@rights={0x20, 0x1, 0x1, [r0, r0, r0]}, @rights={0x30, 0x1, 0x1, [r0, r0, r0, r0, r0, r0, r0]}, @rights={0x20, 0x1, 0x1, [r0, r0, r0]}, @rights={0x18, 0x1, 0x1, [r0]}, @cred={0x20, 0x1, 0x2, r1, r2, r3}, @rights={0x30, 0x1, 0x1, [r0, r0, r0, r0, r0, r0, r0, r0]}, @cred={0x20, 0x1, 0x2, r4, r5, r6}, @rights={0x28, 0x1, 0x1, [r0, r0, r0, r0, r0, r0]}, @rights={0x20, 0x1, 0x1, [r0, r0, r0]}], 0x140, 0x10}, 0x810) 2018/04/06 11:41:08 executing program 4: r0 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000200)={r1}, &(0x7f00000000c0)=0x8) close(r0) setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040), 0x4) perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$rdma_cm(0xffffffffffffffff, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080), 0x2}}, 0xfffffe84) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000002c0)={0x0, {{0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, [], 0x19}, 0x6c}}, {{0xa, 0x4e20, 0x3f, @remote={0xfe, 0x80, [], 0xbb}}}}, 0x108) 2018/04/06 11:41:08 executing program 6: socket$inet_udp(0x2, 0x2, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000095bffc)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) sendto$inet(r1, &(0x7f0000762fff), 0xfdc7, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001, [0x2f8a000000000000]}, 0x10) 2018/04/06 11:41:08 executing program 5: capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) r0 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x7, 0x200000) io_setup(0x5, &(0x7f0000000040)=0x0) io_getevents(r1, 0x2, 0x2, &(0x7f0000000080)=[{}, {}], &(0x7f00000000c0)={0x0, 0x1c9c380}) msgget(0x2, 0x58) setsockopt$inet_sctp_SCTP_HMAC_IDENT(r0, 0x84, 0x16, &(0x7f0000000140)={0x4, [0xffffffff00000001, 0x3d16, 0x63cd, 0x2]}, 0xc) 2018/04/06 11:41:08 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f000031f000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$admmidi(&(0x7f0000000280)='/dev/admmidi#\x00', 0x0, 0x0) ioctl$KVM_S390_VCPU_FAULT(r0, 0x4008ae52, &(0x7f00000002c0)=0x6) r1 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x3, 0x80000) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000180)={0x0, 0x70, &(0x7f0000000100)=[@in6={0xa, 0x4e21, 0x10001, @loopback={0x0, 0x1}, 0x7ff}, @in6={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}, 0x81}, @in6={0xa, 0x4e21, 0x5, @ipv4={[], [0xff, 0xff], @dev={0xac, 0x14, 0x14, 0x1a}}, 0xeb6c}, @in6={0xa, 0x4e22, 0x0, @mcast1={0xff, 0x1, [], 0x1}, 0x3}]}, &(0x7f00000001c0)=0x10) ioctl$DRM_IOCTL_ADD_BUFS(r1, 0xc0206416, &(0x7f0000000400)={0x1ff, 0xd99, 0x2, 0x0, 0x4, 0x1}) getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r1, 0x84, 0x13, &(0x7f0000000200)={r2, 0x10000}, &(0x7f0000000240)=0x8) ioctl$EVIOCGID(r1, 0x80084502, &(0x7f0000000040)=""/152) ioctl$PIO_UNISCRNMAP(r0, 0x4b6a, &(0x7f0000000300)="0fa5f49c9cbb46e37f9667f0324048215623b41d2d99e4297b0410b262a590aeaab1a60573a9809910ce09ee0d9d71a8412c932b11d03c1cfafa2123eb0029349c9e21e745119048c44d70e465988a83f3349cc3b77db609be263b146d5d2b68996cc3a94734beb13905f4da9223bc05d5987a01f7e3da86b39367873f56ac05ec9682c8338e5cfb2de514754f13798976a988c1e59e276852b5ced1eade1c9e707d6d43f214f101723d9a30556fb4d31ca8de67e4050f1065ebfd3450594ef4b2d0a0a32c32ebfe013bc73016d7b4728eaa1f3d90bd6dacf4103cb5ff2378023adef03f01bf999b211adcaaf5479c94741508c0ae") r3 = syz_open_dev$evdev(&(0x7f0000057fee)='/dev/input/event#\x00', 0x0, 0x0) ioctl$EVIOCSABS3F(r1, 0x401845ff, &(0x7f0000000440)={0x3, 0x1, 0x200, 0x5, 0x0, 0xffff}) ioctl$EVIOCSMASK(r3, 0x40104593, &(0x7f0000cfbff0)={0x0, 0x0, &(0x7f0000d8c309)}) fcntl$addseals(r1, 0x409, 0x8) close(r0) fcntl$getflags(r0, 0x40b) setsockopt$l2tp_PPPOL2TP_SO_RECVSEQ(r1, 0x111, 0x2, 0x0, 0x4) 2018/04/06 11:41:08 executing program 1: r0 = socket(0x0, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) r1 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x52, r1, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000000200)={0x0, 0x52, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30445cc3106098c1375dee48494f9360a6dceec8517e675add01d616"}, &(0x7f00000000c0)=0x5a) close(r1) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(r0, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$alg(0x26, 0x5, 0x0) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000640)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000140), &(0x7f0000000180)) close(r3) sendmmsg(0xffffffffffffffff, &(0x7f0000002280)=[{{&(0x7f00000006c0)=@pppoe={0x18, 0x0, {0x3, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, 'ip6tnl0\x00'}}, 0x80, &(0x7f0000000ec0)=[{&(0x7f0000000740)="964616d1dafb11d6d905ea33bd4eaea0dd04eb847bc0a1210ca9456143e31b8ce14caf4a0646bc639707d10aba3e652495977a7a6d3fc41ef6364c47c2266aa410a490f920f407161207ec5352e1ce6c3822d3a2ae063583609298790a58b73fccaac3665dd78ab4a15d4c12a996799f41dc79b9f3d57a627a7517cb0b51c0cecf43519f19db25073246fa0d8e29d209ee94372325d56aa5ae8d45", 0x9b}], 0x1, &(0x7f0000000f40)=[{0x30, 0x103, 0x918, "b9b0597d21d227c112b74fbadc29c742bca992f94f18f93f4a69"}], 0x30, 0x4045}, 0x610}], 0x1, 0x4001) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x13860b96, 0xa0000) fcntl$getownex(r2, 0x10, &(0x7f0000000680)) 2018/04/06 11:41:08 executing program 2: r0 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$inet_buf(r0, 0x0, 0x41, &(0x7f000079e000)=""/24, &(0x7f00002e3000)=0x28) setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r0, 0x6, 0x21, &(0x7f0000000000)="9601b2880c5bdfe6584d9cec28743522", 0x10) r1 = syz_open_dev$vcsa(&(0x7f00000000c0)='/dev/vcsa#\x00', 0x5, 0x0) getsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r1, 0x84, 0xc, &(0x7f0000000100), &(0x7f0000000140)=0x4) socketpair$inet6_tcp(0xa, 0x1, 0x0, &(0x7f0000000040)) 2018/04/06 11:41:08 executing program 0: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) writev(r1, &(0x7f0000a5bc90)=[{&(0x7f000050e000)="2900000018003109da00000000000002021300000000ff0680000c000c00080004000c00000005ff01", 0x29}], 0x1) r2 = dup3(r0, r0, 0x80000) ioctl$sock_inet6_udp_SIOCOUTQ(r2, 0x5411, &(0x7f0000001580)) r3 = dup2(r0, r1) stat(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000140)={0x0, 0x0}, &(0x7f0000000180)=0xc) r6 = getgid() lstat(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setsockopt$EBT_SO_SET_ENTRIES(r3, 0x0, 0x80, &(0x7f0000001500)=@broute={'broute\x00', 0x20, 0x5, 0x1268, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000280], 0x0, &(0x7f0000000040), &(0x7f0000000280)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffe, 0x1, [{{{0x3, 0x0, 0x6006, 'bcsh0\x00', 'syz_tun\x00', 'syzkaller1\x00', 'erspan0\x00', @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, [0xff, 0x0, 0xff, 0x0, 0xff, 0xff], @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, [0xff, 0xff, 0xff, 0xff, 0xff, 0xff], 0x858, 0x8d0, 0x900, [@u32={'u32\x00', 0x7c0, {{[{[{0x0, 0x3}, {0x4, 0x3}, {0xc00000000, 0x2}, {0x2, 0x3}, {0x4, 0x3}, {0x7, 0x2}, {0x6}, {0x3, 0x1}, {0x3, 0x2}, {0x1}, {0x7, 0x1}], [{0x0, 0xffff}, {0x7f, 0x1}, {0x1400, 0x8}, {0xff, 0xa000000000}, {0x4, 0x7f}, {0x7ff, 0x5}, {0x9, 0x66}, {0x80, 0x5}, {0xffffffffffffff09, 0x5}, {0x94b4, 0xffffffffffffff81}, {0x7, 0x735}], 0x5, 0x4}, {[{0x8}, {0x2, 0x3}, {0x2, 0x3}, {0x1, 0x3}, {0x6}, {0x4, 0x4d6165a4e3a4b1fa}, {0x6, 0x1}, {0x20, 0x3}, {0x874, 0x1}, {0x1, 0x2}], [{0x3, 0x100000000}, {0x5, 0x7fe}, {0x1, 0x6}, {0x3ff, 0x4}, {0x1f, 0x18e1}, {0x6, 0x30}, {0xf82, 0xffffffff80000000}, {0xb0, 0x785a987a}, {0x200, 0x2}, {0x400, 0x4}, {0x94a8, 0x5}], 0x7, 0x9}, {[{0x2, 0x3}, {0x7, 0x70860a6116d6a83a}, {0x8, 0x3}, {0x8, 0x3}, {0x35910133, 0x3}, {0x1a}, {0xff}, {0x7a05, 0x3}, {0xffff}, {0x7}, {0x0, 0x3}], [{0x4, 0x7fff}, {0x5}, {0x7, 0xcba}, {0x1, 0x4}, {0x5, 0x80000001}, {0x800, 0xfffffffffffffff9}, {0x9, 0x18d5}, {0x8001, 0x7}, {0x8, 0x9}, {0x2, 0x556}, {0x7, 0x1}], 0xb, 0x5}, {[{0x1}, {0x3f, 0x1}, {0x0, 0x3}, {0x3ff, 0x3}, {0x0, 0x2}, {0x81, 0x1}, {0x3, 0x3}, {0x3ff, 0x2}, {0x100, 0x3}, {0x80000001, 0x3}, {0x5, 0xa628deda1b298793}], [{0x3, 0x81}, {0x8, 0x60de}, {0x5, 0x10001}, {0x2, 0x3}, {0x7, 0x5}, {0x9, 0x2}, {0x3, 0x3}, {0x80, 0x9}, {0xffff, 0x3}, {0x2, 0x100}, {0x800, 0x4}], 0xa, 0x8}, {[{0x6ea2beff, 0x3}, {0x7, 0x3}, {0x3}, {0x4, 0x2}, {0xf10000000000000, 0x1}, {0x1f, 0x1}, {0x4}, {0xd58}, {0x6}, {0x5, 0x1}, {0x2, 0x3}], [{0x7}, {0x2, 0x10000}, {0x0, 0x8}, {0x5c5, 0x1}, {0x20, 0x7}, {0x47cb6976, 0xd749}, {0xfffffffffffff000, 0x1}, {0x7, 0x20}, {0x5, 0x67f}, {0x400, 0x8}, {0x7fffffff, 0xfffffffffffffffb}], 0x0, 0x7}, {[{0x100, 0x3}, {0x9, 0x1}, {0x100, 0x3}, {0x0, 0x1}, {0x1, 0x3}, {0x5, 0x3}, {0xdff, 0x1}, {0xee1c}, {0x100000000, 0x1}, {0x2, 0x3}, {0x400, 0x2}], [{0x0, 0x5}, {0x2, 0x8}, {0x5, 0x3}, {0x2, 0x7ff}, {0x3, 0x10000}, {0x7fb, 0x47}, {0xffffffffffff201c, 0x1}, {0x80000001, 0x8}, {0xfffffffffffffffd, 0xb4}, {0x36}, {0x80000001, 0x3}], 0x8, 0x3}, {[{0x4, 0x3}, {0x81, 0x2}, {0x1}, {0x8bdc, 0x1}, {0x21572d57, 0x3}, {0x7, 0x3}, {0x0, 0x2}, {0x9, 0x3}, {0x46}, {0x3, 0x3}, {0x8, 0x3}], [{0x7ff, 0x1}, {0x7, 0x6a7}, {0x6, 0x7}, {0xf259, 0x6}, {0x8, 0x8}, {0x0, 0x6}, {0x3ff, 0x11f5}, {0xff, 0x8}, {0x0, 0x6}, {0x9, 0x3}, {0x5, 0x2}], 0x2, 0x2}, {[{0x5}, {0x80000000, 0x2}, {0xd3b0, 0x1}, {0x0, 0x2}, {0xfff}, {0x80000001}, {0x400, 0x3}, {0x7fffffff, 0x2}, {0x1, 0x2}, {0x7, 0x2}, {0x9, 0x3}], [{0x7fffffff, 0xffffffffffffa026}, {0x5, 0xffff}, {0x2, 0x4}, {0x4, 0x1}, {0x0, 0x8}, {0x1, 0x20}, {0x3f, 0xff}, {0x80, 0x9bb}, {0x5, 0x81}, {0x7, 0x2}, {0x4, 0x2}], 0x8, 0x2}, {[{0x9, 0x3}, {0x62dc, 0x1}, {0x1}, {0xb3, 0x1}, {0x5}, {0x9, 0x3}, {0x3ff, 0x3}, {0x55, 0x3}, {0xcb, 0x3}, {0x1ff}, {0x4, 0x3}], [{0x9, 0x5}, {0x5, 0x7}, {0x1ff, 0x6e08}, {0x5, 0x400}, {0x9, 0xa7}, {0x28, 0x5}, {0x7f, 0x8}, {0xfffffffffffffffe, 0x4}, {0xee1, 0x45}, {0xfffffffffffffffa, 0x8000}, {0x9, 0xfff}], 0x0, 0x7}, {[{0x7, 0x3}, {0x7c, 0x1}, {0x1}, {0xd727}, {0x34, 0x3}, {0x4, 0x1}, {0x0, 0x3}, {0x2}, {0x800, 0x1}, {0x20, 0x2}, {0x3, 0x3}], [{0x2e94, 0x7}, {0x0, 0x4}, {0x756, 0x5}, {0x400, 0x3}, {0xfff, 0x3}, {0x769f, 0xf}, {0x2, 0x3}, {0x3, 0x101}, {0x9, 0xb113}, {0x0, 0x8}, {0xed}], 0x8, 0x4}, {[{0x1ff, 0x1}, {0xa2b, 0x3}, {0x9}, {0x5, 0x3}, {0x7, 0x2}, {0x3, 0x2}, {0xfffffffffffffff9}, {0x100000000, 0x3}, {0x80, 0x3}, {0x48}, {0x5}], [{0x100, 0x2}, {0x40004000000000, 0xc6}, {0x4, 0x10001}, {0x3ff, 0x6}, {0x1, 0x3bd8}, {0x18ec4406, 0xffffffffffffff04}, {0x4, 0x67d}, {0x17, 0xfffffffffffffffc}, {0x9, 0x6}, {0x0, 0x800}, {0x5, 0x1000}], 0x2, 0x4}], 0x5}}}]}, [@common=@ERROR={'ERROR\x00', 0x20, {"086a27f5d04af1104017f753983a40996a94c05264b86fd778033ddea587"}}, @common=@STANDARD={'\x00', 0x8, {0xffffffffffffffff}}]}, @common=@redirect={'redirect\x00', 0x8, {{0xfffffffffffffffd}}}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffc, 0x2, [{{{0x11, 0x8, 0x9200, 'lo\x00', 'yam0\x00', 'lo\x00', 'bond0\x00', @empty, [0xff, 0xff, 0x0, 0x0, 0xff, 0xff], @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, [0xff, 0xff, 0xff, 0x0, 0xff], 0xb0, 0xf8, 0x228, [@owner={'owner\x00', 0x18, {{r4, r5, r6, r7, 0x4, 0x1}}}]}, [@common=@ERROR={'ERROR\x00', 0x20, {"44d1d12992937b989fff7695d7a8f1b3ed86b882dc5de9193d64010a3008"}}]}, @common=@SECMARK={'SECMARK\x00', 0x108, {{0x1, 0xec26, 'system_u:object_r:random_device_t:s0\x00'}}}}, {{{0x3, 0x11, 0xfbff, 'irlan0\x00', 'ifb0\x00', 'bond0\x00', 'gre0\x00', @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [0x986e545c51097cf3, 0x0, 0xff, 0x0, 0xff], @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, [0xff], 0xb0, 0x1e0, 0x210, [@devgroup={'devgroup\x00', 0x18, {{0x1, 0x75a, 0x8, 0xfffffffffffff95c, 0x8}}}]}, [@common=@SECMARK={'SECMARK\x00', 0x108, {{0x1, 0x0, 'system_u:object_r:sudo_exec_t:s0\x00'}}}]}, @common=@AUDIT={'AUDIT\x00', 0x8, {{0x1}}}}]}, {0x0, '\x00', 0x3, 0xffffffffffffffff, 0x2, [{{{0x5, 0x48, 0x9107, 'syz_tun\x00', 'syz_tun\x00', 'syz_tun\x00', 'bpq0\x00', @random="8b1f0d31a893", [0xff, 0xff, 0xff, 0x0, 0x0, 0xff], @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, [0x0, 0x0, 0x0, 0xff, 0x0, 0xff], 0x120, 0x2a0, 0x2d8, [@helper={'helper\x00', 0x28, {{0x1, 'H.245\x00'}}}, @arp={'arp\x00', 0x38, {{0x13, 0xf8, 0x9, @broadcast=0xffffffff, 0x0, @loopback=0x7f000001, 0xff000000, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [0xff, 0xff, 0xff, 0xff], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [0x0, 0xff, 0xff, 0x0, 0xff, 0xff], 0xe0, 0x94}}}]}, [@common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x1, 'syz0\x00', 0x80000001}}}, @common=@SECMARK={'SECMARK\x00', 0x108, {{0x1, 0x4e48, 'system_u:object_r:pinentry_exec_t:s0\x00'}}}]}, @common=@dnat={'dnat\x00', 0x10, {{@remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, 0xfffffffffffffffd}}}}, {{{0x5, 0x56, 0x93f9, 'teql0\x00', 'sit0\x00', 'ip6tnl0\x00', 'erspan0\x00', @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, [0xff, 0xff, 0x0, 0x0, 0x0, 0xff], @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [0xff, 0xff, 0xff, 0xff, 0xff, 0xff], 0xd0, 0x150, 0x198, [@pkttype={'pkttype\x00', 0x8, {{0x3, 0x1}}}, @vlan={'vlan\x00', 0x8, {{0x200, 0x5, 0x8914, 0x6, 0x2}}}]}, [@common=@ERROR={'ERROR\x00', 0x20, {"cb31fca610363d97e5ae21d41ef5f587bca623df2fd43aa64b4336f8800e"}}, @common=@dnat={'dnat\x00', 0x10, {{@random="6becf831a951", 0x10}}}]}, @common=@RATEEST={'RATEEST\x00', 0x20, {{'syz1\x00', 0x4, 0x49, 0x9}}}}]}]}, 0x12e0) [ 387.083143] FAULT_FLAG_ALLOW_RETRY missing 30 [ 387.087763] CPU: 1 PID: 24538 Comm: syz-executor3 Not tainted 4.16.0+ #3 [ 387.094598] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 387.103941] Call Trace: [ 387.106538] dump_stack+0x1b9/0x294 [ 387.110151] ? dump_stack_print_info.cold.2+0x52/0x52 [ 387.115320] ? kasan_check_write+0x14/0x20 [ 387.119545] ? do_raw_spin_lock+0xc1/0x200 [ 387.123775] handle_userfault.cold.32+0x44/0x57 [ 387.128426] ? handle_userfault+0x16c6/0x2760 [ 387.132906] ? userfaultfd_ioctl+0x4d10/0x4d10 [ 387.137468] ? debug_check_no_locks_freed+0x310/0x310 [ 387.142637] ? rb_erase+0x3530/0x3530 [ 387.146431] ? print_usage_bug+0xc0/0xc0 [ 387.150473] ? match_held_lock+0x801/0x8b0 [ 387.154690] ? print_usage_bug+0xc0/0xc0 [ 387.158745] ? print_usage_bug+0xc0/0xc0 [ 387.162795] ? find_held_lock+0x36/0x1c0 [ 387.166844] ? __lock_acquire+0x7f5/0x5130 [ 387.171058] ? graph_lock+0x170/0x170 [ 387.174842] ? debug_check_no_locks_freed+0x310/0x310 [ 387.180020] ? find_held_lock+0x36/0x1c0 [ 387.184071] ? lock_downgrade+0x8e0/0x8e0 [ 387.188203] ? kasan_check_read+0x11/0x20 [ 387.192333] ? do_raw_spin_unlock+0x9e/0x2e0 [ 387.196726] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 387.201289] ? kasan_check_write+0x14/0x20 [ 387.205506] ? do_raw_spin_lock+0xc1/0x200 [ 387.209723] __handle_mm_fault+0x34be/0x4150 [ 387.214122] ? vm_insert_mixed_mkwrite+0x40/0x40 [ 387.218861] ? graph_lock+0x170/0x170 [ 387.222648] ? find_held_lock+0x36/0x1c0 [ 387.226696] ? lock_downgrade+0x8e0/0x8e0 [ 387.230835] ? handle_mm_fault+0x8c0/0xc70 [ 387.235060] handle_mm_fault+0x53a/0xc70 [ 387.239104] ? __handle_mm_fault+0x4150/0x4150 [ 387.243673] ? find_vma+0x34/0x190 [ 387.247196] __do_page_fault+0x60b/0xe40 [ 387.251249] ? mm_fault_error+0x380/0x380 [ 387.255379] ? __schedule+0x80f/0x1e40 [ 387.259248] ? graph_lock+0x170/0x170 [ 387.263040] do_page_fault+0xee/0x8a7 [ 387.266825] ? vmalloc_sync_all+0x30/0x30 [ 387.270954] ? find_held_lock+0x36/0x1c0 [ 387.275003] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 387.279836] page_fault+0x25/0x50 [ 387.283269] RIP: 0010:copy_user_generic_unrolled+0x86/0xc0 [ 387.288869] RSP: 0018:ffff88017df7fce8 EFLAGS: 00010206 [ 387.294211] RAX: ffffed002fbeffae RBX: 0000000000000018 RCX: 0000000000000003 [ 387.301464] RDX: 0000000000000000 RSI: 0000000020013000 RDI: ffff88017df7fd58 [ 387.308713] RBP: ffff88017df7fd20 R08: ffffed002fbeffae R09: ffffed002fbeffab [ 387.315962] R10: ffffed002fbeffad R11: ffff88017df7fd6f R12: 0000000020013018 [ 387.323210] R13: 0000000020013000 R14: ffff88017df7fd58 R15: 00007ffffffff000 [ 387.330483] ? _copy_from_user+0x10d/0x150 [ 387.334708] SyS_sigaltstack+0xae/0x320 [ 387.338665] ? do_sigaction+0xa50/0xa50 [ 387.342622] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 387.348156] ? exit_to_usermode_loop+0x1ef/0x310 [ 387.352903] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 387.357726] ? ksys_ioctl+0x81/0xd0 [ 387.361332] ? do_syscall_64+0xb7/0x9d0 [ 387.365287] ? do_sigaction+0xa50/0xa50 [ 387.369242] do_syscall_64+0x29e/0x9d0 [ 387.373118] ? vmalloc_sync_all+0x30/0x30 [ 387.377258] ? _raw_spin_unlock_irq+0x27/0x70 [ 387.381735] ? finish_task_switch+0x1ca/0x820 [ 387.386211] ? syscall_return_slowpath+0x5c0/0x5c0 [ 387.391122] ? syscall_return_slowpath+0x30f/0x5c0 [ 387.396045] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 387.401404] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 387.406236] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 387.411409] RIP: 0033:0x4552d9 [ 387.414581] RSP: 002b:00007ff15ecfec68 EFLAGS: 00000246 ORIG_RAX: 0000000000000083 [ 387.422270] RAX: ffffffffffffffda RBX: 00007ff15ecff6d4 RCX: 00000000004552d9 [ 387.429524] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000020013000 [ 387.437222] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 387.444474] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 387.451722] R13: 0000000000000608 R14: 00000000006fc160 R15: 0000000000000000 2018/04/06 11:41:10 executing program 4: r0 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000200)={r1}, &(0x7f00000000c0)=0x8) close(r0) setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040), 0x4) perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$rdma_cm(0xffffffffffffffff, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080), 0x2}}, 0xfffffe84) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000002c0)={0x0, {{0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, [], 0x19}, 0x6c}}, {{0xa, 0x4e20, 0x3f, @remote={0xfe, 0x80, [], 0xbb}}}}, 0x108) 2018/04/06 11:41:10 executing program 5: capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) msgget(0x2, 0x58) pipe2(&(0x7f0000000000)={0xffffffffffffffff}, 0x4000) socket$l2tp(0x18, 0x1, 0x1) ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r0, 0x8008ae9d, &(0x7f0000000040)=""/185) 2018/04/06 11:41:10 executing program 6: socket$inet_udp(0x2, 0x2, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000095bffc)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) sendto$inet(r1, &(0x7f0000762fff), 0xfdc7, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001, [0xf78f000000000000]}, 0x10) 2018/04/06 11:41:10 executing program 2: r0 = perf_event_open(&(0x7f0000b5a000)={0x4000000002, 0xffffffffffffffc7, 0x1e2, 0x7fffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000, 0x2, 0x0, 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x412, 0x1}, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$sg(&(0x7f00003f7ff7)='/dev/sg#\x00', 0x0, 0x2) write$sndseq(r1, &(0x7f0000eeafd7)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @result}], 0x30) dup2(r1, r0) ioctl(r1, 0x2275, &(0x7f00007bc000)) 2018/04/06 11:41:10 executing program 7: r0 = socket$kcm(0x29, 0x5, 0x0) r1 = memfd_create(&(0x7f0000000240)="74086e750000000000000000008c00", 0x0) pwritev(r1, &(0x7f0000f50f90)=[{&(0x7f00001f2000)="aa", 0x1}], 0x1, 0x81003) sendfile(r0, r1, &(0x7f0000000000), 0x102000001) 2018/04/06 11:41:10 executing program 1: r0 = socket(0x0, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) r1 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x52, r1, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000000200)={0x0, 0x52, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30445cc3106098c1375dee48494f9360a6dceec8517e675add01d616"}, &(0x7f00000000c0)=0x5a) close(r1) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(r0, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$alg(0x26, 0x5, 0x0) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000640)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000140), &(0x7f0000000180)) close(r3) sendmmsg(0xffffffffffffffff, &(0x7f0000002280)=[{{&(0x7f00000006c0)=@pppoe={0x18, 0x0, {0x3, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, 'ip6tnl0\x00'}}, 0x80, &(0x7f0000000ec0)=[{&(0x7f0000000740)="964616d1dafb11d6d905ea33bd4eaea0dd04eb847bc0a1210ca9456143e31b8ce14caf4a0646bc639707d10aba3e652495977a7a6d3fc41ef6364c47c2266aa410a490f920f407161207ec5352e1ce6c3822d3a2ae063583609298790a58b73fccaac3665dd78ab4a15d4c12a996799f41dc79b9f3d57a627a7517cb0b51c0cecf43519f19db25073246fa0d8e29d209ee94372325d56aa5ae8d45", 0x9b}], 0x1, &(0x7f0000000f40)=[{0x30, 0x103, 0x918, "b9b0597d21d227c112b74fbadc29c742bca992f94f18f93f4a69"}], 0x30, 0x4045}, 0x610}], 0x1, 0x4001) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x13860b96, 0xa0000) fcntl$getownex(r2, 0x10, &(0x7f0000000680)) 2018/04/06 11:41:10 executing program 3: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) fcntl$getownex(0xffffffffffffff9c, 0x10, &(0x7f0000000100)) getpid() fcntl$getown(0xffffffffffffff9c, 0x9) gettid() ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) getpgrp(r0) r1 = memfd_create(&(0x7f0000000080)='em1\x00', 0x2) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000200)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) sigaltstack(&(0x7f0000013000/0x1000)=nil, &(0x7f00000000c0)) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000258f88)) msgsnd(0x0, &(0x7f0000284ff8)={0x3}, 0x0, 0x0) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000240)={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000640)={'\x00', 0x0}) ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f0000000680)=r3) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000b40)={&(0x7f0000011000/0x4000)=nil, 0x4000}) io_setup(0x1000, &(0x7f0000000040)) io_submit(0x0, 0x930000, &(0x7f0000000000)) ioctl$VHOST_RESET_OWNER(r1, 0xaf02, 0x0) 2018/04/06 11:41:10 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x408400, 0x0) r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vcs\x00', 0x0, 0x0) getsockname$packet(0xffffffffffffff9c, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f00000001c0)=0x14) getsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r1, 0x84, 0xc, &(0x7f0000000140), &(0x7f0000000300)=0x4) r3 = getuid() setsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, &(0x7f0000000200)={{{@in6, @in6, 0x4e24, 0x4, 0x4e23, 0x3b6e, 0xa, 0xa0, 0x20, 0x2b, r2, r3}, {0x7ff, 0x6, 0x4, 0xfff, 0x40, 0x2, 0xe0, 0x5}, {0x8, 0x2, 0x9, 0x100}, 0xfffffffffffffffb, 0x0, 0x0, 0x1, 0x1, 0x2}, {{@in6=@local={0xfe, 0x80, [], 0xaa}, 0x4d4, 0xff}, 0x2, @in6=@dev={0xfe, 0x80, [], 0x18}, 0x3507, 0x4, 0x3, 0x0, 0x2, 0xba9, 0x7}}, 0xe8) ioctl$TCGETS(r0, 0x5401, &(0x7f0000000040)) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000510ffc)=0x1b) accept$inet6(r1, &(0x7f00000018c0)={0x0, 0x0, 0x0, @mcast2}, &(0x7f0000001900)=0x1c) getsockname$packet(r1, &(0x7f00000000c0), &(0x7f0000000100)=0x14) sendmsg(r1, &(0x7f0000001880)={&(0x7f0000000340)=@ipx={0x4, 0x2e, 0x800, "571d97e43556", 0x1ff}, 0x80, &(0x7f0000000500)=[{&(0x7f00000003c0)="98fec7ca8c61c8cd861c2daa1be1b99aa92df0dd248db7378a65117844c665035abf90455540165161a82042548ecbbc0cc90274ad08f25625ea55235f866e0dedd0ea3d4923f234bac8263931313f", 0x4f}, {&(0x7f0000000440)="40ac4c8be1d49bf27cfd372a218ee4adf9502d924126d21811fa5ca7cde9f81b35631ac289b91d4159210e0d0e", 0x2d}, {&(0x7f0000000480)="cd489c6c435140e2c342fbc5d1135b33e2951f939b391ae7f0de26ceb249c370f1ae40f9e9a012fae640a5cd7ca5232d5a14e37fd7be06c8213aef8d5a701448cf49217992b6700c66bdb3576796cab065c164a83d2c9075035dff89f8", 0x5d}], 0x3, &(0x7f0000000540)=[{0x1010, 0x117, 0x2, "8d265d93ece8e3295bf769be9f91bba2fbd3be78b6c34457b320c9a30924954d88d6b3a117394ac1bd5e585cf5231e0d8bb68dde3ed948721254168984b21c9c986c88df41bc2fe5c580d0bb2a3ee2d7e2717eb15765d79b4fa60801fde8ad1cdc3e2973a882302dad34d7c078b2e93b993996538237b8a6b4b307f7c41617f8a2918553eb22bb57b1c383b87b91b25819fbe2d460dcd583a75735253150528a501ccd1bb3b22696e5673b22af9c221efb65af63aa6c3abad5b86678ff1bafec8b28c44cacd803ca3cc5c67bfafff5604de746d511d7378ee6a4f196944126fa050b67c237879b74e0df8183fc5398919101cb7c43177950aa23d6393402513d9f2bff120fd1cabb2a59b2f05c1f104fb57a732e7c73f7b4d6e24e1926e6c875860ee6c3a00661e326cc4935d1ee049af4e8944f142bc64c80199985ea283c48ebfb9cfab5b942eb652b9cf972af40730ff7c02b59969e36705857090bec121c103612637faa6ecaf26c3eed3754b88919894195f890d1c92b75ff6321407f7058c7e3b1343bd161d3a5902b857c4da25db30ac919502516164108d8f892e31401393e37622b99e24da9cbe22d24a67775a6402da222bf1367d0a58446a1d0dde7229fe094e94268fb8105f259d3b6a268895fee6d3abdb1c38cf359bd21d10e724844eda3fbcf52c44abfb41f4d5f6853271a74d0bfe568bd7d4cc4d53c365cd48dc79c8f9e4a5ce6c9b672724eea411bc6fab25cd342bc6a6a529b916f1af7905b47efd39fa151c9ba6126d72cafeaaf759c4134b54f312c4846dceb41fa6a57a83ffbe6dedc2b0de5c2d6b17b9d3fa6eb8595b770c477d3ab6b48df27e2cd9a6c8bad143dbff92ed917f69ac68e0df0ceaec927c30121ebbc104711cca24160cd2b59ce43518f2784d1f487404e0b26e6a5228b7caee4b6ea2f14dea118e60fe6934b864936eb96e7fc3317db69c6857feb969c3ac6e88856abc9cbdb4183b69f1ae8afd34f6d483e901d362fdd6a167d7521174d90f71b0279c90871cb5833eddc4a1128926e7446456eeb6f79ea0a541ca4ca787e77aaf96ff10471d8af842142cd26f756cbd0f8a0fb60f75b31c183f07209ca591f154c42b68d223b7569e012a68a609d7e8130e64d9b87d068ded63059c70b2e88f6ba50f668fd27b4f61637d3c9cf2a2f10aecb432f84d38c6c23248312602f864ee31ef7d903b83d6ba6fd9466822ceed0859cc868ef7698480d9a07200bf296dc7df23ddd633c151cd7914fcf88a728ee34f1e13516669629f41d3f85948fd2a8c10abc1dc3883a06c2e05adbcd68131052e3a1c41e1527decf11ede22580a643edf1081f29f779fc98e26b400b04b955c643e21e84645b0cf7341378809c7be348a2b15eb6a03531f92eaa5de8af639dab2efe465613290c3db7f69b373ea9af7d1f3e00ce837a24488b7fcf635bcc2176dc9d15aae94e56c44ee4efe60bbd9b757de69c31d442536163855c4c3255a11a3e9b8a44c4a3ffc8ce7fe14811600b7589a36e6c9542b123c4d355975ef2d2b66f7043c7667adc108b0893ae38e7ad5c72a18065e0a81934c0b4225dbc164f05559145c344d40365585a67a93e965923212e3782e606f490fd6ea6c25dbc513da3c96a8c4dec8ab818c6041eb9d4703410dd233081be3e69f0041e61c09cb76b97bc38ba032e258b5798cb9f453cbf7c9bc2c8a7ecaf94697c262aa21fae805ae48cceae36e748ab61092e422cef75650e55aec0c5c42838510356ca0fc400b53c29f1acc1c71bd71bb9270bcd654dccc00ca05e3c220f9f893e40d222d590acb036196a9409fa0fde28ba964ce322cc40a778562e9fed70adfdb83e5454fc2b92b316799beabfc9837ad2ec444e581ae4460d569df891dc13e0a873b686a750e37413e8579f97cec78e4cd40e09ec41a773e11c77ea9c1fddb200ea7a08df4d58d398db97a22b0aa6c97f7b7dd16292bce3b48039aeb4160ce3ba0428c0c63f70bcb508ebc5dd25eac47ad44a5476a1340bc791414303c28ce2952f4eca823c784061f7bdede163ec03644de70f80d66271bff0f86fd52320be1af88d16c25c4403b23f4035bd2f709d311d39fb2b7297c1ef0ac352bedafb3192d66a1b246747446b1556efb94577d698e69cb8850a7259ed7ae7c889fc32f6878f1eddb8306e852bb5861af2218c6b63c07865c281b4d06010e491a2dd7b1f33be50a1aa65ae5e2bddb13b972283257e54ba379c9fddf16ab6afcde3ee73e0638150e1fa86182a9d207fa93648d3ae17e71c6603c68ee44296637ce8234e97f1a7a02f7fc8dfbd1eca6acdafea03cd980ba7157d5c33f4046c1eeb048e8f0315b2d11feba12e4627792439778395ee2bcb65333550e3df294a4a9ce8a1f93f5bd8c71c0ae61178d32e0c1d538ecb2091cd16fb27f5ddf8a5429fd722a2180e6121633714d667a83504c5fcd42d7d8868588ee639e38a7c86984634c5ba9d165f8fd98a39cf3c014d3df64d0bd7a0ff504caadb5035446a75ecd49558aa4a9537588254241dc6aa14f1a90d53e194fd95ccccdd5a53f3372c17651a836e47b70e826ff9bfa60d837e96f82c3c03e6a96160aec507b9ba5d1ef0a1da73e825daf08e18baecd8c8cf9e2c7dcaa4ffa89aeb30e69daebb93b889d9438f48bf87138039bcad13b4fda84ed7a05d8cc64b082e3d8bc2fcbf6f57134c69573e5ce8bb0cec5fa4411010496ea057deb4870962f05a002939d0e83b9cc471b5158a633e61e1510c8419c4f6c780eae26ab02f45136ae1b35eb259f3944a19a83c3140cb0a0bd6f6487fc876d43de4cae1c86b978adef2c6c9d0b91c286eb27912e110378c90185526aaa03f84725e2359af7f17ebaae3502c6ddb04938e81f91098b9362f9e172c18c875a56133dab6f945aeafe31f67032a868e869a0c607e3074a0aef523e28e3a9e57a5766c4c2349f40c79d4477e9a6b5768fc8d41e9b7063735797fcc7bd32c4efd267274e05b20eabfbdc08c469dc55e32b54a85f407c6d6f52f2a090e9fce1d40be6e0ff436b1d42bead3f99f7f2ec8845db93368423a07e67fc67edf3628aa1d9b34c5870179c1826710c624fb431e017a001d6d3bcc28676ce3403bfbb052fa855c1c6da7fee9397b257e4755d313fd078d2bfcd205b84720edb499617b3d6f77beff18c89340fed9d6b12053527c74cde3f228e85971cc814a5bfdde68f717e0954da829fda7cf3b02f2c44ea5098ac989cf0e47c453efdaf0b3c6ee363de5ae329facd588dbb84a0445993e21f5c01be7000bfc5811540fd047577cd9922fc38a600834acadfc0807840a1c72c41bde3ebda112dde70b6c09aed1b769a859b53a848ff58ea73785c52aa8cb0870b87312460a38056a80f71643e16bbb8c0846a7f39248e95bd48bfcf7e768f2c2546dd6d32a78a4f98c3a6d43f35f263b4b02f3b15fa44621b147df7543e6efe2083b8cd6a0fae99f9c72f5288111d40ceea0a67ee8113a74c3539dcaddeab6440b835fa0abb66785fcbab5e22b5b09d0bb4cde2d88899951c0755e79769620eb9582c4285656257cfc0ac63656626463c6e36d3ad0dd7062d3bcdb4a8537ae5133b3a50702beb361e5311d54ff48676900524a74b279f8f4990344d26624a090317af84b48e906c8a7c256da3be2beea6c9458cccaecc5c4a9deeec30e214d92ae57323cda1b16bce5899920d930c61203a0509de0fbc25cfff716edfffe2545acec44bb7e9f8d48dd6623dc56c0947d1619a6ecfc037eb31964177e460bf14912a3530772c3bc8a09caafdf8522074a67cbda23f6736db1726081ecdd5eb68e38d943dd6866dc7b9a30145b487035ec087ab06c31c0e5a85d5cff3cc6467006c238259b86afe830a4ee5dac69ac07f702799354d65c8b9270d0b454625a238e2d757f4770c3907fd087f33daf9f403e86ca484b29d018a7e30cd1ea319a8066dec600da759d06d7cfb7fc1746368aa9d68fd013af01a7eddc0bb065a9d25c64708d7d4746b8313f1486b7de34e2620f08ef791014dc2905a27e74772e8e5e33b74f8781b4245e9145f33aeca17619647344a5db65d7c2e5f8e77b5d6e7e3a51db8d6f5fe4a54eb137f0aadddb353c0af3df8cf190067b4593e2abbd1b78b65498fe1ab1e95514d2c3eaab6efa1f9d200d9c035c3c1e70b892114eb9fcf8e62329a6887c36d45b781d7c0f53a447070f44725dd3d2f70d1300605bbc2650e1ee5f1bc1baa5372b66a073a0e0a781d2784d692bb8e36f0abdbca1e544155c6e5c65d94dbdcd7a5517ccdd13a7b389956e912126dfebb6e441c7b0fd37239e82487912a1e846126fb41ad83552fc06a66e068445e9ecb012c92b6d82da02fc7a952c362f7bca1686a3a891eedcc0b3a318b14fbb05d0e009f2b572ff2e7455cdf792cc17cf673958261068b4cad993f124162489575e2586324e213ec02350c74c18194ca8991938a817153c7aa6d5e83aa3260121d8dc99e7b47bc310017bc56d85ec2bd5da96cf2307e9bce7a0da6222e9f1cae59eae19beb1b1adba9048b24c7840d9dd7752db56412b3128eac30aeac379436977f8315a6f33690e51c98cb4fc892ddc735f3feb79243db17dbbcef7070507bebd23ea44cab7f1e6ec99cbe51ca1709e7b9ffa14876b816b671da7d6283ffd44303a2cc8784ec9f1066917ce47d4ff8f45c7327f72dc0b45a7598b8ac32a7fd2a82cbbcc111a15fc996c0d68a62c1fcc98d5e0b7b7881aeb8709f47d0fbf8a05d855a9f7735ce55036e341d18d31962bc96060da7aa9afafcdb59354c2db1840a07fe13c32e153e66559f9cfeb16fffff564fd56e94a3984f6aef99edbe82cfba9400714b4c77ae54d033a59c7206d48d90a1cad6e6b5af7f3648bcd5cfefc3fb1039c71a17b60eb75ff0d197171727f09fc405fb1ec9d4f30a9ac26911e1b3fb53a38d33ebd899fa62414e67732d9270ec6a9684a191145448dd48094897abee2eea5d2cd25e2582a330f67f522b7f013d2f5ad2f7625ec068abad88120feacbcec578c25d5247d634d40d07cb1bb33188bb2494587a26d390e795c41a5a8d28753db32e0cd9832968847eaa685e4240ad3925c40b1fbbc7d6be45bd2d2e4023ca2929c589ccd2f48f66659565d7d58802e6c76d4870499d9cc51d2f3b41082e1ada1278a77e1d34d4ffe0d6763c35f531033fb1568344fec0bc800543100ecb0072d28c46b253b81704326d50b64f61230e3afa6a2a43a98f11beba882263d29e3fcd2206e9acf4cc15c1d9a74cd63780a29acda5546397e6724233efbc8d0a4902e8e81f0acc19ff8f5c53fddc6b458ede350e97a372f758f5eb70c7954b104a7ad5de40d2a13c10afb596cbf5f5454b212acbc8a0d82328c56f958bf07559f2c91a75fdc30b634b8d633195bfe75ff984299b857fd0e406d37034abf1a332c4ae6227dae96f337c5c276e56e821b32c63f55571d7f16ed64804ff0ae43a247f4185d133198e756495001fc42705fa236b71908d907344df0cc8e9854a1ad92acf7e5c59e780b03f19b99a7f244554a132d140395bd882cd8dac237e6366c8b0fdd45162a64cdbbfa746f2c74fd98c291bee5b0de57ac4575ed53e660103d4cbc27570c8bf3da1ed9c2a91c3fadef9d89bd777cd01d6884df151ef9b2b56ee359465c8d2d3cab93773610393efbbd35a1e718d8ba75a36f9997d1ae6cd96ff560029718645f8533afe826d779c22ebb21551bc93f051d774cd7575769fe1158f024b3281c7582813fa6c86aca3f1152df"}, {0x68, 0x19f, 0x7, "42f6a4335453af3623e729f9d5b2303b8ef3da810b4556005f2c650ad7990d7a3a76a94afdcb7671a79f56753da247d3391d9e711021d222faef2d4bfac2ddef2c566b818dc049405488ba3945f63c6d670cb1197d4d"}, {0xb0, 0x0, 0xc, "c7531173c380471c0a40401e6b1df612e7e239a05546411077393b542e17827d0ea0a2abce44b063b8906cb932fcdf1025cca76facb55e2cc18f9d3fb047ee5da46bb783ed7c81bc11087e17555bc4c17d28b75b778b41392aacc563c9ab84fef6f614b3c06cdc1263eba0d90fa83abc9ff7764e9a91a8fdb6eb12b8f4768a640e51ded36a72cc25cc771b819cfe096f56f3eaa562e5c4339be3a181"}, {0x108, 0xd372644026e4b278, 0xa6e, "a1938755fa8e726c33910b5f298bd4ecd1a633973e66a1b4e47c65b21560b481171c84569787bca836a0f6243678fd3e8306e4012404ef525748433b2d2070efc58d937b34ed3b96d8b9910a085a87b404206774eb035b4377dbf4334bc16af792e87a9e2a60b2b4b892c2b32e8abf5134597b7e4f8ef93d2b8aa15189b270196ff26e36f08ab15b906f3a679952114a3d649ef79a571b28be420953a8a2820ba3ca53b4ddabe6d04492452563b7299d185c5c6c86298e38222ccaa4ff3fd2ed3d83487989dbaa3b6b0107a7cced50afa7c7311c342d97bdd138f8b7d056ed5474cf2f7047a7cc9231f4f263248194b0d162de"}, {0x98, 0x10d, 0x0, "9946c7a8e32e64f127548a1e87df53a32ba0ba5913a51b1cb7e2d8ebba900e27c2fdd643831901bcd4bd1b14710c723ccfac720d0a3ee8dc6961ef758a4f1d0f4a77fe4f664f3336b09470c8d42026310deabd2b926eeb2c68c72df084808ab750a203dfdedc4fbd32f493782674ce2cf5f4d8a009fcb18408345bcde1348fd7a14fb86d2d6b4d4d"}, {0x78, 0x11, 0x1f, "47f533e850b87abb210d4b8f34a10b5fa70934a50c1e48a36d6d2c30e9d83551a4fff84407138c416df869bb8479527e6d0bc7d977720cb476780d416c9acaf7987c4de63a46b80b847dbc68dac3102c59fa3e2d7eee56e491e58a9425171ecdeb1284"}], 0x1340, 0x4000000}, 0x80) ioctl$KDSKBSENT(r0, 0x4b49, &(0x7f0000000040)) 2018/04/06 11:41:10 executing program 0: r0 = socket$vsock_dgram(0x28, 0x2, 0x0) fsetxattr(r0, &(0x7f0000000080)=@known='system.advise\x00', &(0x7f00000000c0)=')}cpusetvboxnet1\\user\x00', 0x16, 0x1) r1 = socket(0x15, 0x5, 0x0) ioctl$sock_SIOCOUTQNSD(r1, 0x894b, &(0x7f0000000040)) getsockopt(r1, 0x200000000114, 0x400000002714, &(0x7f000021dfff)=""/1, &(0x7f0000000000)=0x7e9de2e7ea5f1bf) ioctl$TIOCSLCKTRMIOS(r0, 0x5457, &(0x7f0000000100)) sendmsg$kcm(r1, &(0x7f0000001680)={&(0x7f0000000140)=@ax25={0x3, {"a4d955f5ac5abb"}, 0xef}, 0x80, &(0x7f0000001380)=[{&(0x7f00000001c0)="00f68b925302dc5527be4f8f08a594c258b56f485447fa3e9152828d7c9549409da8a83ead590c653b73d8c553a7bf85b491888ae4bd68a549a7ae034c9fdecdec795bc1d543d6126bf6a88c0ebaea8010993f690a0e640014ab8802950358b78a07bb411700bf2cc33603c9e178aa36517ac9fcbe248fe800b0a28b54a9f30cbd20a1df0b1ccfbb2106d25e684882b88136d297f9669d8955e8daf4cab3bc56165b43d42c49d3a36f239345cb7ae290fe0f87ab36a93baa3b7cc8bdf9eff80af9e9cb2bf0b89cb1efe97f8093f31723c2ec6d7db7cde44c9c7972e5f42e77c657dfcf532276985df06b39671d37b26b169ae8e6ed875bddb46bd1e4269beb7eb2cb2edf1334390e19e04e41618cd5b2e2b8d9647d0d93ea7de9bb25d28cbe957f2d728a5cc6536c7a60fff59a87d4321d060997b437a92a7585ead714b9f6f2bb6425f852b8de8fd656926b2fde0ec9fa554189b159c360c9bc99ac6cec963a3e428ed2e23183332c0aa060a39f000a3b933b170ff8354e046485bb360ee4f883ae3e16769de0a31bcf0e06d24adcdc5d759b5d0118685fefc2113105717d27c4a07f75056793ce722d1d2b98c9ab005e29e8854224b38e27e87511b2d742bb08711b3b21afb67d16d547bf56763ddf453fa2d6af6e75058bb3f9acda8e3244a1b143510f9d587871b3973fd006b28de5c854ef8aad895f84ae0e25118b09f74ec292bf345a3e902ce88916a2c592cda310cf96cd1d5bf1726646ab9bb316c9689019b9f455dadced1a361d0a67efac01aece5472e953e17cb5391bbe9a7cb97edf339f220c637ab59203a2942f7a9bcc115ad2530d2e923e5e5e0a9bc6a40fbf86e7948b8eafeb1e194ba25100afefefae8be319dc6f1485af971cf6eddf9db2e4d1e8701c5e71c1dd29d862f69398890b3923d3de42294bc9d35aa5b017c956b83770a1d72ad456984e20ebf0f28dc1040a8a836a67a779fb30b32ef1813608196b0086015177c52ab257895d0d9436d26ed960b198b72db9619b684982fa00e71fadf37f2a960b5e1161f55c46b37b73493db8ac26ad614ba862f38c5dc9e9299d80395e50f88217f4daa0f31c0807d66dc9687004790cf4a683059bd08cb76f3bc04e6acf4bdbf1e6da9eb2d6d9b6d60dd087d8a176555f002a4c822e468cd102f0cb0b46434cb61c57527106925466c521267eea18e58776293e7fae2c66faf06e068c1c48738da0c097717987c798ea65a21f792cd4da3e1e2f10962f1c6138e8a96d48e97585a431a4ca1ffca4bc7c85201946d3f6acb43e9259e84ffdaf048bdcb16d1980dd340339b479121e9742e8ca6537f491ef44bb0d822b31d04fd6ecbb079d94b2195bd3522ffbbcc943307bf9bb5055db4ae6e8656e55904375e8e4774155b3873cbf34e54525e0709b4420c55cde19581d8f17d372830b53fbe94ea44b7b99da7e77412b9f8dbcf3d2aedfa4eced77e1f829a6b1e2ae247a22118f791fed1b4f53b3fcf9437b15cc5946eb2fc36f5bfed49ec168d0f7788bfa271d6edf51132aed9fd031ff10130fe0c08d9d556acaf25bdc2ee35c685554e625fa7c650e16016e9d19efd04c513d3690bd8c627e8faeb9383b73ad3be117e152dfba7cfb66470bf849861ebc98deeab6abd1fc4ec59faea062cc21839ddcd75b9e928393fc65f94f486d0cf4b560578157990b44ab78dfe8d0c9ddc33998062ccd767950560ddd9296bcbc711adf5b32f0c82a1b2343493652c032cdaea09a2ca098572c1232052349def906de9c7c98bcc2ba6ba07c5a9665e4fd0e7c99a70ce5f7f03134b1a73e7b08c500450f5d856db90bf3f4940a31a633acd595d55fd334e0f663b2a2934fb304bf77e4f7e8fc724111d61bd5b0ef1c467c3d7bfceb063a6b59597bb91036931daf8472ebd437e0ca948db25fd350935d8fc9f93dac60faebed4dede2e6367c21ff646f2bc2b08e6a81de1b0aa7f1a3b4bf5d03c179f7de275bad59819594d7ed4986f1b825b1dab85cf351c6473544cbb4654969e1db82b617409b7bbc06f2d3d3b3d704a1f9821d7d9b7983dc238dc71b395bb051c588e4b654b739189f7f4242658bd2826bcfedf0a625304cfbc1a653ec8e7c1744dc5d111491a8e77bda1ce02e716a1d204dbade2a23bfe644b6a2c749038ea108756d30d4ec7db15ecf195e102d13db90d74a2fe4c224f6624bfd33f6d095e6494174569fa50df0de84d52e699ed906dbccf0314b3ffd887cb521594fba5adfcc73b496c55d5794e4d5616c5cae17410bcc974973b19949280905a1bbd76ed423db2c452d6831d6147b32ea4bbccceb8b05e7d8652fe60c8de85fd024df923d5229ad589c2d6fbea4ebe630d4295d076426a297b6ac2e1f56fda8e5c112ece0431fb9096f1e3f66186644dbc875292a6e78d721e233f757eae94f3c2908be2a9b75e72c949ce720f5125e146d7691400f52ea624503717154132c7d247d6c2462264be856ee30299582e063ecca7933c315d9acd6b43f484a48fba07e0a49c6bcb3d04dda901d0e2fb1c2967caa5b0ff8a280b2dc4ccb658227addd97a83340a907519b85f19fb68c1e086e4dd52cc7d6126c907ae2ef43429fb6a2dd0a3906a773241d437e4520d15aaf2838ec36f29c8f2d1f3642b8eefac9d370e8f555242703bcc87e2458d7c430cf05e6ca35f342dce72039c273627c47280780211c9f206cfc4b8b08c236bf92a7d6b51bc78eb0933b847371de5fdaeb6724abd1146342d07ffb1270bd64b274ac2c57ade624c00db447bccef18ff975f60dd506218a255a66240fc51a2dd40be8b4ab55cb6eb806f6c6479f44d9c3aad1bb182eef881f36ad98bcc6980648425cb36fdda21efe1a823f3a1d35666e613746ac56ac54b57a2d1a475170453b1e1baf7882ac4249d9306cc65e6c409cf6cdfbf22cfb2198dd58d46a15646be4c46a13686a2b9f0f96f7f7c0b63e9b783372f4fdcaed70a43423802122ca6a1e5f7fe5134727595361524e40026589d67422f92bc68d3e6709c0020bb4f416bd1428e39dfcd0e5fb7232a18ba31bbb22c163c6d67bb07f35b63287c547b251e6517692a65a27f86c119d488a88913eece1ecf6910ffb9402642901e1cb06c3343c57c4d2c3132030d919f2acabb9e56db8166704c58209ffed53e2afeda4050b2c6041caa2f2ad8f0c33cc54f6d1a81533db0d933e931d98665f93f4b75de9c5a9daa6e5753654afc1ce6445eae6ef03f0271ec55bbde53eb824f15d79834ecdb23cffbbd5811acc8c9c0f4d3ea95a2f8b5a45b836ac48b83106c509ae7e6253fa0b3b72836d0b7382409ed7db86b87e11428f90d48f8dc65b7e4ee5f0dfd31d59965ebf76fdb1867de0fa34616b14b219fffef05d0ee30d24ae2dde5e10943b990b9ea387d686e0e8bc9c4ed71a763e6bf1c08bd13c79ec4c0db8922a5aa7da2a30b19c03438791a146ad69b58af5f19df4539cdf60ce6c902fe0c6cfa963999b0924e3c8029724308460439ab9018c08ac3fb928e73b23eda1981705827e153dbefc3239b9c4e5e70d8da42250204d3334e062e741121a8c57bed4162c913abc0a91285acc43b0d3ead205d21638d42ccd8678fad978242ebde0d5024f9964b01d7ecbac7f7df3f200e1c04e097dc3c3c01205dd60a67533b1abd4676b7d66173f069a83a5654faff74d644d88410d25b6236a610c8d41201bfc6570e1cffadbc5b16c33f28ea7489ab96b1b574e34559f43b46bcab22bb397274ba5a7a732cec978809d9f57bd3e90758b4b9ead8b0995fdcb9fa86e6339bc26b1b342ff3ba97e592ab6714c0fe444ce6ed1c6d3da4c1e2d7b8974e8bcb52268d03420a9547182089bc439b42fbfdf70e32b587fd7bc9435eb70066aa1e4328f1537b17715b4ec4a3b8a0ee3ad568e2c3c32c0a53f79039578e3b8ef7b186ed3d457743772c3c6da3b89dfae24b7d4e2466555187226b39ca024efcea8dad5cc9d0b954a742cf0a04a8c1a09523e216a8c8ee8bd527a1821444eb67f6b46d4afcf655414aa23048bb4f78aefb2a8ff05a1a61081b14225d2442da13dcbae43eb04c1374debe8cc9c99a0b5bb4f0f8560e74b60e5c022f98b0d29183046cc3af832ef69240171545b193586973ec7c2e566f5ffd6328d1381ae2de55889c30399240aadf2a89644078139aa1bf1a4d89402386cc1117d380f2eb94437a88e3229bf4ea4e42c71aadea3793afa659caf57c93c48d2c3546f7365aaa746d8deecbecef4c09419e25a38bcc2f6e7525d8080662faef0e20774781c7804fa2fbb0e215796da9acf702a9f99bc6a4a90c2c6d8885f4d65d5671762ba9b584b3e53989ab2efc8efb47c4b9764a2bc13fe2c3b1866570d2253216baac832c73ef6f3d6396f0f0dfdfa10774a5bfe129b6678d379d21f85a248de046772f60aa47c0a66d31cce374a3ebcd34e2c11715211b58148be1bfa0c79b86e44967219d9ea0cf05a6336e5c495dea0c5378ca70c2347adfb473b6d2de7c1835a3979dbfbcaef72974cd27365ee7193ae0554923408801167e7ac4bba175ebaae688dc6ec3c0ca03d04e308679cd62fa5422047ec7f43479e45169cd939ccb45f496e2b66aefdc4fbfc70e47ba18cccf01005026585695478096da14b9dafe026d765315a210f833233a92fe99961619e2f8dc414df73897df21e69b4e7ee9da6290da426ffb22a960ca808a1d6586fb326f350870a1dc37bc60b6fa0ab49b137076b0c5df830bc505018ce22d73f6ba734d61574958420136c30b44c77fda6ef2d14ee8eb4d54ca8d14657f8660eb93ff152a42f5c50ecad3971e7aa70f25873721cdf192ce6811f5453656f386a59b9d0b07c6b170c767ce94bf3373eaeffe514ed0c1352f7f67c609b501751ec4d3852c4698ea3caf5143d5c5325a71344d8dca6915ee34b6b16291ff937a2e3fa534f1e4915fcc26d888964c9c98996613ccf5b508eb8ba3b7a8daf3a9e4b8e27cd94cf056a2d71e22bf0fc461708b50e7b1df65e8b2988037882b75f49e2e1b6615f828122fef9a3856b9f6a4067d2718f5873c46ca2119d49cb9602962592cd411f63080ac3ae0af4d2557bcbf646cbd55dce3a2966f7db926f879f898306816ef9fd525fbb79b1237ffe08b02a4bb7871f38d14530a3a678a946cb83bca19d3fac985e7e507aadd5071eac2c5f7d7173db499ee283f5eb9e9d02619c26bb89bd162f30de4667fee8766176b990a41521eb98ef735fee45e68bf649ee48b6f85be42689738b2671c89ce63d98f55654c02e5d69e598099e11e375a792e17b6171e94df8a21364942a31242b73ef112791c669f73421ed1dd0bf6f295fa72a5c99c9766773d566b582b6fbdd225fcfe9604770cad05aa0082ffd646135889c6414cfb02a660b3af0eb24ce7176a89d901fee256ebe2f9f37a869730607169677b3af9f5f44afeaafe35f68703c62daf116b04ac9b70787a90664b6d11d58c236dbda6034bf92ba70e4ff11d23c38632d59d32b58746e3fabe5ccaee8a1128beae615e44cb0b9ba21989613fab2725a48c64c51be5e317a11ba7d10c08384cf3198662bd1a9004671b1a90ca20de5d7f39128238c280f02b84e0044844df9fc4b49f7010d84f88001b2164043c0ebeea6266fd2b53e48d8ce430ff3dea3a7ae954512d28cc53584b7d783ca1f17843aefd48dc96725899583e97e979363de48cbf84143d50e409869071cb2a6680da60f7086d58aba6bcbe3151e06122e0ead073c24b0fe6d9b4fb4468b50890948cd7540ba60", 0x1000}, {&(0x7f00000011c0)="b277511a0a1e051459a3f0e03e38", 0xe}, {&(0x7f0000001200)="809d27c10d333c909d78d3470f002d18feeb653d939906bbcb8aa786e6b5b5f728e9b39a02abcdd9d3673e53d138eb5d489632f39c5e5ab51eefc48cdb554e566e12c5178437ef4f74831a425ad951efc25703ec2f99a920443f9c6729555b820d3b6ee410f9dbb6c94fa4", 0x6b}, {&(0x7f0000001280)="a15538a1dbd8e038499625136746ed8f7b8248a1c025384d09f5ae99b0846b82c9473d289ef8aaf8e1c40062882d52bfce5105b9f6add662bc1f3e211821718fb0b510ba202354d9e46645d30ef70503bda7ae8d887dfa4af4502307f36ab69131b635fd867ef5", 0x67}, {&(0x7f0000001300)="a0ee1e0602f4970f4816e1dd9480fb5c9f0784626d35998d959777396098bb33e36a85aa3e5e8eb303227247a2823e3592f5268134b74a356c5d589e6ee6303692e4baf9119cbe7674027fb46e1b3870bb668ab4ebeef7b1860f973118b0fe64e05676377b", 0x65}], 0x5, &(0x7f0000001400)=[{0x60, 0x11f, 0x800, "137ef5a6ba2e8a8b3e05e6eb37cae2b91e01da713b62559fd60cfa36564cb2f30c620ab642d39be1173479ff2b7fef9b61e8f211c0d8f10b85ce8941c01a18e7eff0874da5f2e635ab08"}, {0x60, 0x11f, 0x8001, "7aa37e2c8380cab12be6223fa40e52b0889c615ab5562cd2cd617cf14b1dc69f1f2890e6b6b045d77e3ece424a20533d62b89eb5aeb5fe38953641268cddc42d71c74c4e91eeaf21a473da0047b61a"}, {0x20, 0x84, 0x5, "e362da4a68a4747ecb27f6d98cb7f630"}, {0x88, 0x0, 0x9, "fa1f44adf5c2a58a99d79f9f8bc96997714831e0ce62ca8c224a9fca1491f1109ff51f215e4c77a401876e2924eb78366e120a526fe9538b76c8222fa5438f4debeeb6941b1c67c862c71cdc7db93246ca0fd21dec3fafcefc5c5ba196a2bc3c0267eb354cbd51457e68bbea9bb753fdb8daf8a97e25"}, {0xe0, 0x3a, 0x2, "9c6f663d5d034c642a29d6851f8b54c7f173a1bf3c58fb3665286813d876f71279d0ff0039beefaec125c2d908f3b2e1182af299fb912f0c0b16f7a205b363b32e9aabd88776d67d2488337ddbfaa5bec02bffdbde4cada93177fa4289150b17ec40185107879b8583609319215fd88b3830bd360eec3f83eac8c9201e769c798289cea4671535f07a146bf5a064a9a80ba7b054413474b8a3f03ac6bda68dbe00a7ba5e12be63e2c6e9c252242d81c78b9e348d965abee433d7e4f2f3d3624a06ea71357d99116b92c108bd49"}], 0x248, 0x800}, 0x4000000) 2018/04/06 11:41:10 executing program 2: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000040)={&(0x7f0000db4000)={0x10}, 0xc, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="200000001a00010800000000000000001c000000000000000000000004000100f7c5dcfde12a29d71c7efb07dde81342b167e1b3ed2de76e1e85c0e537f417d3924b68163bba11b82a91d560285dcd4971275a7c1d50bba6969e21d21bce8b0308a364cd02afb014b7205018b9747cfcb8e30771d44aa580ffec956d0c130a14cc2dbe4f57466b2e5010e99e59c4a0ad52197afaea94afee2ccdc26eda100f4ef9b124999bb7ae287f3b6fa87b0ca40000a684cc06b7cab7c53988b11741c31679f213252fa83b9081f3193849c0c371ac60d26b82554e274079e21b434ee5d68b6bc12fa3506579af4714e181e142c4b011c1b0ce8b828e13daf18b0a376f9c4c01009c937878cae7c235bff228b0beada22dbbbb44342e173b43a8cd39787d3cf4e9473eeb22c385af373329d12098a82ec8cd78984e570c289d5f84b7bf77bafbf6b8ebc82de0a3eb2a53ca336ce31816af2bdc0d5c5df5d4ee81e796efd1de5f66c5fd8ac65adc7703d0718cf24c5c0cad085e66ba21efdecff95280d1e559"], 0x20}, 0x1}, 0x0) socket$netlink(0x10, 0x3, 0x1f) 2018/04/06 11:41:10 executing program 5: capset(&(0x7f00000000c0)={0x19980330}, &(0x7f0000000080)={0xfffffffffffffffd, 0xffffffffffffff00, 0xfffffffffffffffd, 0x0, 0x1, 0x1000}) msgget(0x2, 0x58) r0 = getpgrp(0x0) capset(&(0x7f0000000000)={0x19980330, r0}, &(0x7f0000000040)={0x6, 0x5, 0x3, 0x40, 0x7fffffff, 0x1}) 2018/04/06 11:41:10 executing program 6: socket$inet_udp(0x2, 0x2, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000095bffc)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) sendto$inet(r1, &(0x7f0000762fff), 0xfdc7, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001, [0x7f67]}, 0x10) 2018/04/06 11:41:10 executing program 7: r0 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x1, 0x800) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000040)={{{@in6=@mcast1, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6}, 0x0, @in=@rand_addr}}, &(0x7f0000000140)=0xe8) setsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000180)={r1, @dev={0xac, 0x14, 0x14, 0xd}, @loopback=0x7f000001}, 0xc) ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r0, 0x40a85321, &(0x7f00000001c0)={{0xffffffffffff7fff, 0x4f4c}, 'port0\x00', 0x5b, 0x20400, 0x0, 0x7f, 0xabfc, 0x9, 0x9, 0x0, 0x1, 0x6}) r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000280)='/dev/sequencer2\x00', 0x8002, 0x0) ioctl$fiemap(r0, 0xc020660b, &(0x7f00000002c0)={0x45a, 0x18000000000000, 0x7, 0xffff, 0x4, [{0x8, 0x7, 0x400, 0x0, 0x0, 0x82}, {0x9, 0x7, 0x5, 0x0, 0x0, 0x400}, {0x4, 0x6, 0x6, 0x0, 0x0, 0x200}, {0x4, 0x0, 0x0, 0x0, 0x0, 0x2002}]}) getsockname(r0, &(0x7f00000003c0)=@rc, &(0x7f0000000440)=0x80) r3 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000480)='/dev/cuse\x00', 0x68040, 0x0) bind(r0, &(0x7f00000004c0)=@pppol2tpv3in6={0x18, 0x1, {0x0, r2, 0x4, 0x0, 0x3, 0x2, {0xa, 0x4e20, 0xf9c, @dev={0xfe, 0x80, [], 0xd}, 0x8}}}, 0x80) ioctl$EVIOCGPHYS(r0, 0x80404507, &(0x7f0000000540)=""/2) ioctl$VHOST_SET_MEM_TABLE(r3, 0x4008af03, &(0x7f0000000680)={0x3, 0x0, [{0x116004, 0x0, &(0x7f0000000580)}, {0xf000, 0x5d, &(0x7f00000005c0)=""/93}, {0x10d000, 0xa, &(0x7f0000000640)=""/10}]}) ioctl$VHOST_SET_LOG_BASE(r0, 0x4008af04, &(0x7f0000000740)=&(0x7f0000000700)) sendto$ipx(r3, &(0x7f0000000780)="06a50932b5762e5379b5c14e397f5f513a1f48331ed2f0c5d365aef3a91d406b516b4966378f0123fbe9d19a727dd98423", 0x31, 0x4840, &(0x7f00000007c0)={0x4, 0x1, 0x1, "801fb8d4e46d", 0x9}, 0x10) ioctl$DRM_IOCTL_RES_CTX(r0, 0xc0106426, &(0x7f0000000840)={0x3, &(0x7f0000000800)=[{0x0}, {}, {}]}) ioctl$DRM_IOCTL_RM_CTX(r0, 0xc0086421, &(0x7f0000000880)={r4, 0x3}) r5 = semget$private(0x0, 0x7, 0x100) semctl$IPC_STAT(r5, 0x0, 0x2, &(0x7f00000008c0)=""/19) init_module(&(0x7f0000000900)='\x00', 0x1, &(0x7f0000000940)='em0keyringeth0\'{*em1)GPLvboxnet1\x00') setsockopt$inet_dccp_buf(r3, 0x21, 0x8f, &(0x7f0000000980)="a652bae68e455cee3ec0860ba3c319b58051083ac1c47ce5d3b0c4274bafd9caaf74f8ef7369c6b3fde26b37d7f1942c660f72012b37b1b44cb80d34807754707dbd71fd4625019bd1f49c6abe777a1f911f8c6d6928a8c0209b5171836db5d8c4ae672ab5127a74dbcd5c0258b260320f6e5937379061fd32acb72766fdaaa5f7089290fdf0dcbcde0122f2a4a985841db837b6447205d7ee638160c7e8ec59e51bc8a16ecb7e14770acded33ff486c794e1688ee7fd8b8a1e62b10575dc3169711e4dc0e261f389ebd055b56fa9f4bcdb631a12151352e13c48b2bcc7cc481e9c3f10fcef5d5c3baf750c85cb9c92617737a720bc6db398774f4a5d01e385a23c3de3e63e8a5502f96bd7cff506def413ffe3f4996d5691aaabbedef53ff3bc9b19d5dfbf598fc4c7366af89fc613d913c36f7ce585235a4c5ec860241e13093720802ce7a57875bd0319e0b658b87b1ac34026cf1b437ac8144886d12177c31447623d4745c133a2aa7723e5e6e44bb2422c583a01ee8100e1815134469343cb0c73282003177c1a9b36c25c02fb14b003b47062c435572a04f5c7203fac0a465ec55883538d83d9c562b7d08543dc52f8100306fee7afe49a53f6b0c836c88f42e167f99b8a4063ce9c9abfa86c20b158964fbc7fb04a6ed6ab9bbe4f46f720c17a55f170bc911ad0c9998559b41045b3c34da9b77e7a714e02b22ff21fad9c8b70da95874af92e1b3b1d9d787c77d454d7ff49d2731a343224b4773664926ee1265a1f006fe010f084552cbef155a7b8ad8aa035a2da55169bef4a4d13ca0137c8e9853ce6473a4fec181709a47b3002d41879d9741aeee2b9f0256ff31da6c93c348c9e0f2f7328de74b86c898ce3a7e37e8505a2fc3fe51f22217291db9b414952e49531bcb7b45ef07a870cf44afb1f36a34b57e2fcede34e47931ac6ebcfd816d08c814490f0b0dd3ed228cdf30d3567e31f558748f0eda9933e019ec2c5a3712abe3ca475a4bfef2cc3f92dbe22b66a7e196eb50bd6450c6569f7dca9da68754d884da05c9df0e6341691128aac35c1864eefa2c930ed38284af815ccdfcabff58afeef27401132a6b6c9a49ef50a58d81111695bef10a0f9cee1ed861215ca613d6c6efa99f7845e6bf3400589033b7d61f1ac28d3bd5c1174dd9d84b8b59cd7fc61524f619c677becbe9b01a868755748c55d8674acee0b9cabe0b923e91292dedc7d86c6a2bf070464070d9abdc591d33fb9db2207c3b4bc191496b97792d814da6a32aaddbef8455ba5aefabe3ee817ff7e1b7024730e8d804424cb1806dc1bb104e606cea996f01e359a2bf6a73213f74968e977820eb6954d15553a7cbda452f821b014c3907779c3e0ef2ddd73193f4d85f705e425c017c43a215ae67d9585795042a8911f607ea7d05e5adb3982df67b542552115e010d7715ff4c91503d2c9783be8cdbd7c274b1decd2c1aeed2ad3797b46d20aed7f48f7706d03e462517527f879d05955ffa3462c61d23a2187cb359635a5d3956314117fdef4bc3a031c8cf27d32a5d585134158065f444676e2904213bc699b8a5b167282fe0ca231f368c1924a6678148045911322e515f910afab7b29e56b96c2f833e4dcd601c340aa6f872482a601b0dd443417d88aef3f70de9a280c1c1f5ced67e4437bce5f29bdf7884b7cb308c04708e391e04026afe7a006f4198a0db50ec660733531437a72476e2ffe883388e4f8d3cf8250a092ed40e24646225305053a421272a4d5e6f1d4f7707b32b452bf5957fe21c57882673380e0343a375a77b8752b67cad77058662f94034ebe13d4a6b7d7d86a9b1bba55d57bfbcf0aea10b15e0d7feb91a088296a6395f41b2d7bbdeaeb1d43176d5b6d04ef4a4122998dae91af5a87c1d469368c69cc64b7fdc047415543abdccc4d6a2a958dadfb51e30c080bea43359e22b184ca632330194020db6b1f1e0b8de289728c094865aaa25b5b74605174e3ba972fd995e8ab9c4c0b6f524ec7adfc2467bba8a96033867982d11c1449dd3e911d361614baa7110545ed3b8c412be59e6ad593e828a3c1e4201b8660bcbdad769a5f0df87d911b4fcc8bf25664eb2eac7a1b22dc17acda325c9bbbd45ccad33dcb0fda8b91c7f20fc3693a2a6222e1672657f60dfb76e92dd7503409e2ca6e8935ed17d0526fc1867e5fb74f6f043069dff83e5aa89bc3791f13658c3b62ccdbdf2965f36582ebd93e8ec116bf2927979e1d8023bdc8455ec694587092cc67aff40e144fb8f902f7d889db2239ff7726be57a259dd3c394db5005659266545083627e811b4e9094eb5cdb6f91526af1969838fa7e27c2799bd24bfcd708323866c69cbd208fbbbc7043d9595e81caa89e04d036ef8fccd1c1b002b9c41d43aee919a618e3e7374ee8fe215528b2c6d70b4d99fa1af05cd938843e9ddce4494a720a54c0bfca8e952f743009c59dd6d48e1c444798f40994f3499620419b5958e23aeadc8edc87a1e76747436c38c4ba1d7f30bf69aeea569e406e508898be0d8ff61c4b916bbbde2017930742092b20e902a06a1ee176e87e6f194f882d97687c80fe6c68e2170cc4cde95c62cce401dbe156f98467a88162b410175eca62b0c8f1e88b2e800879eb6b4c61df91533ab30e4424e771360bb6d03e1a5f9ba47ed56526ae107e110eff59ce8c0f4321faaddb213a71c9f09ca9cc34da29ab5aed873dd2983b31fe7d574983202d4edde808b4ba41cf492796a68a3981d67cc85d1065a096826e6bd045d7043c7691e21951937280f79806680e69bcc6888195f2ef57f4cc2e1b855ee6ef36307d95c271e19acbe9471974b44ae7bb352014d87f478bb5a2d252b8c94be96e829b205d9fd39cc480e0c7441fcef8288ce03f21d58e7ee07b6adbbe3fb572f9326247f2a4bbe8349ed6cd89fee0d87d9fd31de095c6d9e127432f9673b03e947f9e3a175f092eaebfe635853cd57f8b2f281000c0b1d98a0f150488a5b8f557b6398ce0d4154851c8439c13e5eeefabeb8e867ae699858b494be3899ef1b144340ba3a1427e594ad038ccb5a20035b191433b10dfec443a5892a087848596dd9fccbb25d4ce603f0d74bf87ebe79dd18d4df4c9dd29e9f9b6d06078a51e443d5d20ceef34438a8a3d6a460247214b3d97a2cae2657ccf148dcf882cf2c4e9d84e18f3732c8b285273f4f195213132eb0e39b0cd28377e58eb7802d6e4f7244119b7ebbc778317c2a5329e237a794da233a0decf46b979b4a76818152c1df04e503fa6162c222879fa6cc6b4f7c4f30fd616ab9164ae0fa9f3696463b97310e2433daaf26fb10b207a1b4cc489bc465ed61bf793fa99f40b3c9c6dd76da41cc3f767ecca1d3fe198f4be005b27e62645e04ff89a70cb3294e333ff7b34fc82f6eef5baa764e939efaa2ac2cb080d0a01cd62a30b1ec27cc5b3b24fd87a70ea92145e273cecc1423dbfc03b21e93995ae3c692f6cedc5b7ec6e8e7d39735634feb01fa02e7ceb6d0ee127076b2f755d5e9df8c54cc49969399abc7b5402a1f0d74cdac4c58f409e098557bf24d6bef8c401f973e0fb695dc18ea4f36eed6ab553195c1699d5ddf2bf28349f997c6f31a517967f48ccdd24ae45149e6f69527e8918c582f820da2bf9ac406f802495dab6d7d2d498068416f4a716f2259ae7fb248d6bd91d73ff79f8f00ddd19aea12e450257162939fb67aef2ccd41610722bc9f9f7799766975d74ec03e18da565cca9a33689c2599c205d02cf7c401099df59a727429c5558ffd16ab0bdfd5b0d7a22ca0cd64f6d3dca6033dac0357c46a28a9f077a02154d703cace9388caefafb19ba245ee8edc54c5253c348e0dade904ce7c94a048136177f300aa2622862021f8d369a87c80277b65ac4b1a65ce1b99169419907ca1de4397167721e543853821a87eba3b1d47bf79c26de43aa6c9b9891bd1e47af5ba86b364e2cde568a3b42a00d25f4c2bfd6a89088ad44b7c1ac8ec6e685b38c576762188b17e690b48f152ce3a7e875efeeb8c8356d61450e6e28ceca4501232fd789e898ab1356cdd2095d3d390255f2576470f3e3c110d2e248fced148ead51bd0de191f04f8f5d155e69d8c6c050e04c05dd05190eab96b31ce8494db6e481151ac9c984740504a9b67053b9a64b6502f33acf1377706befbe6074fe4501795e457c809e49f2c3a578a5969b749b0958acd91ac0a530cbbdf280a7ef7c28cf5e4010541e70c60123719ce063bacfb4cafab32f85d65faa59f11547ddfe7101f121e11c90b9b367e286f30c4db8c947e397ecc040ec8e3eca67e042c4d764f4123ab7d748c77d401ad802c0290c0c674816fab3879f348a89ec62413ca2df2fcdb7cf98f3dcb914204a868b334a4df690021e94df1987818cdbf0f0a8362913f9740f885a441f3ed2702242ab416a81f0652edb07997d0b20ec6674d60edf47b27f99108c60314277fade7c36e06bd1ff02227f005aa10ee72d23ecd0e79a7cdaf8464c853da3854d8aefbde2533afb75bd30bcee1f5b0128362249702ca5c45df30018e8c2189fb1f215769e3840692751125197aebc1d8d9f701f2d010cf97e45b0baa7660afc746029096a4818482c61108d952e09a65acb98de7cb913cf8534aa712ce1e3dacd23feeb964b3c3b6225fca1520d0055f1818e6e0f62053a848f81244defe78a58858b3f2bb29db04665fe00b822a50d8c02a14dc5ab4223e678219c16af0137aa1622fcc904a457e6287c803e50be73a68a8b2093fe68312f026a90b23452db03a763db945a0ba40b969aeecc04b1bbd7632d40895b9c13ed26b35ab95e23b94ec0fa8c6898ceb6ef430746554421ddd03ee0632fc237d333188e3966910e31231311cad445d68834a32db4aecb4b12ad1c5535be068311855e55dccf44ec2e0a85735b4bc51ffc28cee6e4d9f994fae7ade029044b89fe7708e202a0260cd17bf67737df7ee258ff5c4ac9c852fdbe195daa76c04fc92e63f62a94029a32b25cca1e5185c71e15c2c003bee89d4cd3982d98fc3198c59a81dea69beb44d1a5ce961829e2aa6c5ee65da941c97dbaa47cd82d7abb5381fcf157ba1c707e23c97f29e30407945f0c1d9aa7a772765a5b28c05d00fb3a069679c7440d3af2b7a0f99a97d8d85d454bc91cc3ab7d40721c42e4e928b3f94e1ddfc26ee2b54944cc93d923564d96c2e52ae7d93afaeee9aca5b002362e48c79b6ebfdbfb230f59422856c913ae7cb8c8d552ac6d53ed129b0c1304ba01fe59d0fd442b87f8ce0a1d82cf5e007629887377b4395d764d500d1a71f9496a2b0dd17cc2df73440a3b0cf5c62a160a701d89019988e35c4235f4ff9fe3481e79fabc5045a9d0066cd74a49091a8dcafa4b3fec94b219b45d9c5be87f148f7e2a8c7c08c3d8ec80003cfdc5aea437357201ecec93303d4aa8625e443eb6462beea3eba3961851a8d47a2f05a5e297c3d49cae5d01e54f4b7a257e9417075fbd1b64e541c80bd4885650277f26abf34c377668bc7568971a3a47a9228808a63bde97cadb4a40109a64cbcaa1ce2315da50aa9583ddc326055b57d1cf3426e9028fbaa85d4c83f0eafc2593c2c8adcb3bd39fadc4eb3f1a4be182ffccb3775c1116aee8ca40e35ea2a5c9164270ef98140ca364669733f78ca989e180af10e75b123c759a2a0ff3bb99079ecd14fd62e138e2fc14830834b866e80b4ad62a59d9424351a18fd3ee746b7358071169b88ef5022f5f7ef9579b527e85669e3ed8944d0cd09d4171825ea0", 0x1000) socket$vsock_stream(0x28, 0x1, 0x0) inotify_init() execve(&(0x7f0000001980)='./file0\x00', &(0x7f0000001a40)=[&(0x7f00000019c0)='\x00', &(0x7f0000001a00)='\x00'], &(0x7f0000001b40)=[&(0x7f0000001a80)='\x00', &(0x7f0000001ac0)="29f500", &(0x7f0000001b00)='em0keyringeth0\'{*em1)GPLvboxnet1\x00']) getsockopt$bt_BT_VOICE(r0, 0x112, 0xb, &(0x7f0000001b80)=0x5, &(0x7f0000001bc0)=0x2) ioctl$GIO_CMAP(r3, 0x4b70, &(0x7f0000001c00)) ioctl$KDDISABIO(r2, 0x4b37) getxattr(&(0x7f0000001c40)='./file0\x00', &(0x7f0000001c80)=@random={'system.', 'port0\x00'}, &(0x7f0000001cc0)=""/69, 0x45) semctl$GETPID(r5, 0x3, 0xb, &(0x7f0000001d40)=""/71) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r3, 0x84, 0x6c, &(0x7f0000001dc0)={0x0, 0x54, "20c9a9064269187408f87a0c03827c9a638b50b9576177048deb619f14c20bfb2c98a29163298227d57ae841d0751dbaa4065d7e1ef8675d746509e2a446ad4fd04b2caaa9d450bbef7e2b4411a8106213ead8d6"}, &(0x7f0000001e40)=0x5c) setsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000001e80)={0x3, 0xdbac538bf09a106d, 0x5, 0x3, r6}, 0x10) syz_open_dev$vcsa(&(0x7f0000001ec0)='/dev/vcsa#\x00', 0x6, 0x100) 2018/04/06 11:41:10 executing program 4: r0 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000200)={r1}, &(0x7f00000000c0)=0x8) close(r0) setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040), 0x4) perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$rdma_cm(0xffffffffffffffff, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080), 0x2}}, 0xfffffe84) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000002c0)={0x0, {{0xa, 0x0, 0x0, @dev={0xfe, 0x80, [], 0x19}, 0x6c}}, {{0xa, 0x4e20, 0x3f, @remote={0xfe, 0x80, [], 0xbb}}}}, 0x108) [ 387.895678] netlink: 'syz-executor2': attribute type 1 has an invalid length. 2018/04/06 11:41:10 executing program 5: capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000000000)={0x0, 0x0, 0x3, 0x0, 0x0, 0x7}) msgget(0x2, 0x58) 2018/04/06 11:41:10 executing program 1: r0 = socket(0x0, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) r1 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x52, r1, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000000200)={0x0, 0x52, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30445cc3106098c1375dee48494f9360a6dceec8517e675add01d616"}, &(0x7f00000000c0)=0x5a) close(r1) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(r0, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$alg(0x26, 0x5, 0x0) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000640)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000140), &(0x7f0000000180)) close(r3) sendmmsg(0xffffffffffffffff, &(0x7f0000002280)=[{{&(0x7f00000006c0)=@pppoe={0x18, 0x0, {0x3, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, 'ip6tnl0\x00'}}, 0x80, &(0x7f0000000ec0)=[{&(0x7f0000000740)="964616d1dafb11d6d905ea33bd4eaea0dd04eb847bc0a1210ca9456143e31b8ce14caf4a0646bc639707d10aba3e652495977a7a6d3fc41ef6364c47c2266aa410a490f920f407161207ec5352e1ce6c3822d3a2ae063583609298790a58b73fccaac3665dd78ab4a15d4c12a996799f41dc79b9f3d57a627a7517cb0b51c0cecf43519f19db25073246fa0d8e29d209ee94372325d56aa5ae8d45", 0x9b}], 0x1, &(0x7f0000000f40)=[{0x30, 0x103, 0x918, "b9b0597d21d227c112b74fbadc29c742bca992f94f18f93f4a69"}], 0x30, 0x4045}, 0x610}], 0x1, 0x4001) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x13860b96, 0xa0000) fcntl$getownex(r2, 0x10, &(0x7f0000000680)) 2018/04/06 11:41:10 executing program 7: r0 = syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0xca3, 0x111840) ioctl$TIOCGSOFTCAR(r0, 0x5419, &(0x7f00000000c0)) pipe(&(0x7f0000000080)={0xffffffffffffffff}) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)=0x4) r2 = socket$netlink(0x10, 0x3, 0x0) writev(r2, &(0x7f000013b000)=[{&(0x7f0000559f24)="580000001400192340834b80040d8c560206f8ff000400000000000000005800004824ca944f64009400050028825a003b7dbe907902008000f0fffefffffe03ed03fff5dd00000010000100000c0900fcff4d00040e05a5", 0x58}], 0x1) recvmmsg(r2, &(0x7f0000005680)=[{{&(0x7f0000005240)=@pppol2tpv3in6, 0x80, &(0x7f0000005580), 0x0, &(0x7f00000055c0)=""/140, 0x8c}}], 0x1, 0x0, &(0x7f00000057c0)={0x0, 0x989680}) 2018/04/06 11:41:10 executing program 4: r0 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000200)={r1}, &(0x7f00000000c0)=0x8) close(r0) setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040), 0x4) perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$rdma_cm(0xffffffffffffffff, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080), 0x2}}, 0xfffffe84) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000002c0)={0x0, {{0xa, 0x0, 0x0, @dev={0xfe, 0x80, [], 0x19}, 0x6c}}, {{0xa, 0x4e20, 0x3f, @remote={0xfe, 0x80, [], 0xbb}}}}, 0x108) [ 388.017994] netlink: 'syz-executor2': attribute type 1 has an invalid length. 2018/04/06 11:41:10 executing program 5: socketpair$inet6_udp(0xa, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) recvfrom$inet6(r0, &(0x7f0000000140)=""/198, 0xc6, 0x40, &(0x7f0000000040)={0xa, 0x4e21, 0x42ef, @local={0xfe, 0x80, [], 0xaa}, 0x30ff}, 0x1c) capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) msgget(0x2, 0x58) 2018/04/06 11:41:10 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) ioctl$KVM_IRQFD(r0, 0x4020ae76, &(0x7f0000000040)={r0, 0x3, 0x80000001, r0}) mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x11, r0, 0x0) mremap(&(0x7f0000045000/0x3000)=nil, 0x3000, 0x12000, 0x3, &(0x7f0000006000/0x12000)=nil) ioctl$KVM_CHECK_EXTENSION_VM(r0, 0xae03, 0x1ff) ioctl$sock_netrom_SIOCGSTAMPNS(r0, 0x8907, &(0x7f0000000080)) [ 388.098095] netlink: 64 bytes leftover after parsing attributes in process `syz-executor7'. [ 388.165221] netlink: 64 bytes leftover after parsing attributes in process `syz-executor7'. [ 388.611561] FAULT_FLAG_ALLOW_RETRY missing 30 [ 388.616176] CPU: 1 PID: 24608 Comm: syz-executor3 Not tainted 4.16.0+ #3 [ 388.623008] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 388.632341] Call Trace: [ 388.634925] dump_stack+0x1b9/0x294 [ 388.638545] ? dump_stack_print_info.cold.2+0x52/0x52 [ 388.643729] ? kasan_check_write+0x14/0x20 [ 388.647963] ? do_raw_spin_lock+0xc1/0x200 [ 388.652188] handle_userfault.cold.32+0x44/0x57 [ 388.656840] ? handle_userfault+0x16c6/0x2760 [ 388.661325] ? userfaultfd_ioctl+0x4d10/0x4d10 [ 388.665903] ? debug_check_no_locks_freed+0x310/0x310 [ 388.671072] ? find_held_lock+0x36/0x1c0 [ 388.675119] ? print_usage_bug+0xc0/0xc0 [ 388.679177] ? print_usage_bug+0xc0/0xc0 [ 388.683230] ? check_same_owner+0x320/0x320 [ 388.687529] ? do_raw_spin_unlock+0x9e/0x2e0 [ 388.691919] ? __lock_acquire+0x7f5/0x5130 [ 388.696135] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 388.701652] ? graph_lock+0x170/0x170 [ 388.705438] ? debug_check_no_locks_freed+0x310/0x310 [ 388.710621] ? find_held_lock+0x36/0x1c0 [ 388.714667] ? lock_downgrade+0x8e0/0x8e0 [ 388.718798] ? kasan_check_read+0x11/0x20 [ 388.722925] ? do_raw_spin_unlock+0x9e/0x2e0 [ 388.727309] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 388.731872] ? kasan_check_write+0x14/0x20 [ 388.736086] ? do_raw_spin_lock+0xc1/0x200 [ 388.740301] __handle_mm_fault+0x34be/0x4150 [ 388.744693] ? vm_insert_mixed_mkwrite+0x40/0x40 [ 388.749431] ? graph_lock+0x170/0x170 [ 388.753216] ? find_held_lock+0x36/0x1c0 [ 388.757258] ? lock_downgrade+0x8e0/0x8e0 [ 388.761390] ? handle_mm_fault+0x8c0/0xc70 [ 388.765605] handle_mm_fault+0x53a/0xc70 [ 388.769646] ? __handle_mm_fault+0x4150/0x4150 [ 388.774209] ? find_vma+0x34/0x190 [ 388.777729] __do_page_fault+0x60b/0xe40 [ 388.781772] ? mm_fault_error+0x380/0x380 [ 388.785904] ? graph_lock+0x170/0x170 [ 388.789687] do_page_fault+0xee/0x8a7 [ 388.793468] ? vmalloc_sync_all+0x30/0x30 [ 388.797597] ? find_held_lock+0x36/0x1c0 [ 388.801644] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 388.806473] page_fault+0x25/0x50 [ 388.809918] RIP: 0010:copy_user_generic_unrolled+0x86/0xc0 [ 388.815514] RSP: 0018:ffff8801b03cfce8 EFLAGS: 00010206 [ 388.820854] RAX: ffffed0036079fae RBX: 0000000000000018 RCX: 0000000000000003 [ 388.828107] RDX: 0000000000000000 RSI: 0000000020013000 RDI: ffff8801b03cfd58 [ 388.835363] RBP: ffff8801b03cfd20 R08: ffffed0036079fae R09: ffffed0036079fab [ 388.842612] R10: ffffed0036079fad R11: ffff8801b03cfd6f R12: 0000000020013018 [ 388.849860] R13: 0000000020013000 R14: ffff8801b03cfd58 R15: 00007ffffffff000 [ 388.857137] ? _copy_from_user+0x10d/0x150 [ 388.861363] SyS_sigaltstack+0xae/0x320 [ 388.865324] ? do_sigaction+0xa50/0xa50 [ 388.869282] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 388.874802] ? fput+0x130/0x1a0 [ 388.878062] ? ksys_ioctl+0x81/0xd0 [ 388.881669] ? do_syscall_64+0xb7/0x9d0 [ 388.885627] ? do_sigaction+0xa50/0xa50 [ 388.889579] do_syscall_64+0x29e/0x9d0 [ 388.893448] ? vmalloc_sync_all+0x30/0x30 [ 388.897610] ? _raw_spin_unlock_irq+0x27/0x70 [ 388.902087] ? finish_task_switch+0x1ca/0x820 [ 388.906571] ? syscall_return_slowpath+0x5c0/0x5c0 [ 388.911479] ? syscall_return_slowpath+0x30f/0x5c0 [ 388.916390] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 388.921746] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 388.926589] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 388.931755] RIP: 0033:0x4552d9 [ 388.934923] RSP: 002b:00007ff15ecfec68 EFLAGS: 00000246 ORIG_RAX: 0000000000000083 [ 388.942610] RAX: ffffffffffffffda RBX: 00007ff15ecff6d4 RCX: 00000000004552d9 [ 388.949859] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000020013000 [ 388.957111] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 388.964362] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 388.971612] R13: 0000000000000608 R14: 00000000006fc160 R15: 0000000000000000 [ 389.115625] FAULT_FLAG_ALLOW_RETRY missing 30 [ 389.120218] CPU: 1 PID: 24669 Comm: syz-executor3 Not tainted 4.16.0+ #3 [ 389.127038] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 389.136373] Call Trace: [ 389.138960] dump_stack+0x1b9/0x294 [ 389.142577] ? dump_stack_print_info.cold.2+0x52/0x52 [ 389.147752] ? kasan_check_write+0x14/0x20 [ 389.151971] ? do_raw_spin_lock+0xc1/0x200 [ 389.156202] handle_userfault.cold.32+0x44/0x57 [ 389.160860] ? handle_userfault+0x16c6/0x2760 [ 389.165340] ? userfaultfd_ioctl+0x4d10/0x4d10 [ 389.169902] ? debug_check_no_locks_freed+0x310/0x310 [ 389.175084] ? find_held_lock+0x36/0x1c0 [ 389.179154] ? print_usage_bug+0xc0/0xc0 [ 389.183210] ? print_usage_bug+0xc0/0xc0 [ 389.187274] ? kasan_check_read+0x11/0x20 [ 389.191435] ? check_same_owner+0x320/0x320 [ 389.195736] ? do_raw_spin_unlock+0x9e/0x2e0 [ 389.200129] ? __lock_acquire+0x7f5/0x5130 [ 389.204346] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 389.209862] ? graph_lock+0x170/0x170 [ 389.213649] ? debug_check_no_locks_freed+0x310/0x310 [ 389.218826] ? find_held_lock+0x36/0x1c0 [ 389.222885] ? lock_downgrade+0x8e0/0x8e0 [ 389.227034] ? kasan_check_read+0x11/0x20 [ 389.231164] ? do_raw_spin_unlock+0x9e/0x2e0 [ 389.235552] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 389.240117] ? kasan_check_write+0x14/0x20 [ 389.244332] ? do_raw_spin_lock+0xc1/0x200 [ 389.248550] __handle_mm_fault+0x34be/0x4150 [ 389.252942] ? vm_insert_mixed_mkwrite+0x40/0x40 [ 389.257678] ? graph_lock+0x170/0x170 [ 389.261457] ? graph_lock+0x170/0x170 [ 389.265244] ? find_held_lock+0x36/0x1c0 [ 389.269289] ? lock_downgrade+0x8e0/0x8e0 [ 389.273421] ? handle_mm_fault+0x8c0/0xc70 [ 389.277650] handle_mm_fault+0x53a/0xc70 [ 389.281702] ? __handle_mm_fault+0x4150/0x4150 [ 389.286266] ? find_vma+0x34/0x190 [ 389.289790] __do_page_fault+0x60b/0xe40 [ 389.293832] ? mm_fault_error+0x380/0x380 [ 389.297959] ? graph_lock+0x170/0x170 [ 389.301740] do_page_fault+0xee/0x8a7 [ 389.305517] ? vmalloc_sync_all+0x30/0x30 [ 389.309643] ? __fget+0x40c/0x650 [ 389.313081] ? find_held_lock+0x36/0x1c0 [ 389.317130] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 389.321955] page_fault+0x25/0x50 [ 389.325387] RIP: 0010:copy_user_generic_unrolled+0x86/0xc0 [ 389.330983] RSP: 0018:ffff880183d97ce8 EFLAGS: 00010206 [ 389.336327] RAX: ffffed00307b2fae RBX: 0000000000000018 RCX: 0000000000000003 [ 389.343573] RDX: 0000000000000000 RSI: 0000000020013000 RDI: ffff880183d97d58 [ 389.350823] RBP: ffff880183d97d20 R08: ffffed00307b2fae R09: ffffed00307b2fab [ 389.358072] R10: ffffed00307b2fad R11: ffff880183d97d6f R12: 0000000020013018 [ 389.365319] R13: 0000000020013000 R14: ffff880183d97d58 R15: 00007ffffffff000 [ 389.372588] ? _copy_from_user+0x10d/0x150 [ 389.376808] SyS_sigaltstack+0xae/0x320 [ 389.380761] ? do_sigaction+0xa50/0xa50 [ 389.384731] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 389.390255] ? fput+0x130/0x1a0 [ 389.393516] ? ksys_ioctl+0x81/0xd0 [ 389.397124] ? do_syscall_64+0xb7/0x9d0 [ 389.401082] ? do_sigaction+0xa50/0xa50 [ 389.405041] do_syscall_64+0x29e/0x9d0 [ 389.408909] ? _raw_spin_unlock_irq+0x27/0x70 [ 389.413385] ? finish_task_switch+0x1ca/0x820 [ 389.417858] ? syscall_return_slowpath+0x5c0/0x5c0 [ 389.422770] ? syscall_return_slowpath+0x30f/0x5c0 [ 389.427678] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 389.433032] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 389.437857] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 389.443029] RIP: 0033:0x4552d9 [ 389.446199] RSP: 002b:00007ff15ecbcc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000083 [ 389.453884] RAX: ffffffffffffffda RBX: 00007ff15ecbd6d4 RCX: 00000000004552d9 2018/04/06 11:41:11 executing program 2: setsockopt$packet_tx_ring(0xffffffffffffffff, 0x107, 0xd, &(0x7f00000000c0)=@req3={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x1c) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='oom_adj\x00') write$binfmt_script(r0, &(0x7f0000000100)={'#! ', './file0', [{0x20}], 0xa, "b5071e1eea1c31281f04014c360292e7ea7bfe536a848531d892b45daf2fb53b43905d129a19af8e1d365df21f4fd16d8cd61a01bbfec4ebb8da50975e98c6a015fc9e0166d8bc4a049cbcadda0a1dbd711dd33b0f61987217352ba5278cac57526ca019ed6d423740a98e5ef4354eb1be6db0a3b5b04051788a88a93205d49ea8312fd5debcfc20b6cf229a232f7a6557b1e35dcbdf7c997ab7454c4efb0bcbaacbc82ab7f718fc21"}, 0xb5) preadv(r0, &(0x7f0000000040)=[{&(0x7f0000000080)=""/1, 0x1}], 0x2000000000000021, 0x0) 2018/04/06 11:41:11 executing program 6: socket$inet_udp(0x2, 0x2, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000095bffc)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) sendto$inet(r1, &(0x7f0000762fff), 0xfdc7, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001, [0xafe6000000000000]}, 0x10) 2018/04/06 11:41:11 executing program 4: r0 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000200)={r1}, &(0x7f00000000c0)=0x8) close(r0) setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040), 0x4) perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$rdma_cm(0xffffffffffffffff, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080), 0x2}}, 0xfffffe84) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000002c0)={0x0, {{0xa, 0x0, 0x0, @dev={0xfe, 0x80, [], 0x19}, 0x6c}}, {{0xa, 0x4e20, 0x3f, @remote={0xfe, 0x80, [], 0xbb}}}}, 0x108) 2018/04/06 11:41:11 executing program 5: r0 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0x0, 0x40000) setsockopt$inet_int(r0, 0x0, 0x1f, &(0x7f0000000040)=0x1, 0x4) capset(&(0x7f0000000100)={0x19980333}, &(0x7f0000292000)) msgget(0x2, 0x58) 2018/04/06 11:41:11 executing program 1: r0 = socket(0x0, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) r1 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x52, r1, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000000200)={0x0, 0x37, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30"}, &(0x7f00000000c0)=0x3f) close(r1) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(r0, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$alg(0x26, 0x5, 0x0) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000640)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000140), &(0x7f0000000180)) close(r3) sendmmsg(0xffffffffffffffff, &(0x7f0000002280)=[{{&(0x7f00000006c0)=@pppoe={0x18, 0x0, {0x3, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, 'ip6tnl0\x00'}}, 0x80, &(0x7f0000000ec0)=[{&(0x7f0000000740)="964616d1dafb11d6d905ea33bd4eaea0dd04eb847bc0a1210ca9456143e31b8ce14caf4a0646bc639707d10aba3e652495977a7a6d3fc41ef6364c47c2266aa410a490f920f407161207ec5352e1ce6c3822d3a2ae063583609298790a58b73fccaac3665dd78ab4a15d4c12a996799f41dc79b9f3d57a627a7517cb0b51c0cecf43519f19db25073246fa0d8e29d209ee94372325d56aa5ae8d45", 0x9b}], 0x1, &(0x7f0000000f40)=[{0x30, 0x103, 0x918, "b9b0597d21d227c112b74fbadc29c742bca992f94f18f93f4a69"}], 0x30, 0x4045}, 0x610}], 0x1, 0x4001) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x13860b96, 0xa0000) fcntl$getownex(r2, 0x10, &(0x7f0000000680)) 2018/04/06 11:41:11 executing program 0: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000100)='lo\x00', 0x10) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/rfkill\x00', 0x0, 0x0) r2 = dup2(r0, r0) socket$nl_generic(0x10, 0x3, 0x10) bind$llc(r2, &(0x7f00000000c0)={0x1a, 0x0, 0x0, 0x4000000000000, 0x0, 0x0, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x10) r3 = accept4$netrom(0xffffffffffffffff, &(0x7f0000000040)=@full, &(0x7f0000000140)=0x48, 0x800) ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000000200)={0x3, r1}) setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000180)='rose0\x00', 0x10) 2018/04/06 11:41:11 executing program 3: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) fcntl$getownex(0xffffffffffffff9c, 0x10, &(0x7f0000000100)) getpid() fcntl$getown(0xffffffffffffff9c, 0x9) gettid() ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) getpgrp(r0) r1 = memfd_create(&(0x7f0000000080)='em1\x00', 0x2) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000200)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) sigaltstack(&(0x7f0000013000/0x1000)=nil, &(0x7f00000000c0)) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000258f88)) msgsnd(0x0, &(0x7f0000284ff8)={0x3}, 0x0, 0x0) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000240)={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000640)={'\x00', 0x0}) ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f0000000680)=r3) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000b40)={&(0x7f0000011000/0x4000)=nil, 0x4000}) io_setup(0x1000, &(0x7f0000000040)) io_submit(0x0, 0x7300, &(0x7f0000000000)) ioctl$VHOST_RESET_OWNER(r1, 0xaf02, 0x0) 2018/04/06 11:41:11 executing program 7: r0 = socket$inet(0x2, 0x2, 0x0) fgetxattr(r0, &(0x7f0000000080)=@known='user.syz\x00', &(0x7f00000000c0)=""/37, 0x25) setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000000)=@broute={'broute\x00', 0x20, 0x2, 0x330, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000680], 0x0, &(0x7f0000000180), &(0x7f0000000680)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x5, 0x0, 0x0, 'gretap0\x00', 'ifb0\x00', 'syz_tun\x00', 'vlan0\x00', @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, [], 0xa0, 0x100, 0x130, [@m802_3={'802_3\x00', 0x8, {{0x0, 0x0, 0x53058eadeb668ea5}}}]}, [@common=@CONNSECMARK={'CONNSECMARK\x00', 0x8}, @common=@STANDARD={'\x00', 0x8}]}, @common=@STANDARD={'\x00', 0x8}}]}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{{{0x5, 0x0, 0x0, 'rose0\x00', 'gre0\x00', 'ip6_vti0\x00', 'dummy0\x00', @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [], @random="00294e7e57ba", [], 0xa8, 0x108, 0x140, [@cluster={'cluster\x00', 0x10}]}, [@common=@AUDIT={'AUDIT\x00', 0x8}, @common=@CLASSIFY={'CLASSIFY\x00', 0x8}]}, @common=@dnat={'dnat\x00', 0x10, {{@broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}}}}]}, {0x0, '\x00', 0x2, 0xfffffffffffffffe}]}, 0x3a8) [ 389.461132] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000020013000 [ 389.468378] RBP: 000000000072c010 R08: 0000000000000000 R09: 0000000000000000 [ 389.475625] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 389.482875] R13: 0000000000000608 R14: 00000000006fc160 R15: 0000000000000002 2018/04/06 11:41:12 executing program 2: mkdir(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$GIO_SCRNMAP(0xffffffffffffffff, 0x4b40, &(0x7f0000000040)=""/234) ioctl$TCSETA(0xffffffffffffffff, 0x4030582a, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}) 2018/04/06 11:41:12 executing program 5: capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) msgget(0x2, 0x58) socket$inet_icmp_raw(0x2, 0x3, 0x1) 2018/04/06 11:41:12 executing program 4: r0 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000200)={r1}, &(0x7f00000000c0)=0x8) close(r0) setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040), 0x4) perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$rdma_cm(0xffffffffffffffff, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080), 0x2}}, 0xfffffe84) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000002c0)={0x0, {{0xa, 0x4e23, 0x0, @dev={0xfe, 0x80}, 0x6c}}, {{0xa, 0x4e20, 0x3f, @remote={0xfe, 0x80, [], 0xbb}}}}, 0x108) 2018/04/06 11:41:12 executing program 7: r0 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x440002, 0x44) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000616ff8)={0xffffffffffffffff, 0xffffffffffffffff}) recvmmsg(r1, &(0x7f0000003ec0)=[{{&(0x7f0000001200)=@generic, 0x80, &(0x7f0000001440), 0x0, &(0x7f0000001480)=""/163, 0xa3}}, {{&(0x7f0000002ac0)=@l2, 0xe, &(0x7f0000003dc0), 0x0, &(0x7f0000003e00)=""/170, 0xaa}}], 0x2, 0x0, &(0x7f0000004000)={0x77359400}) sendmsg$unix(r2, &(0x7f0000d1d000)={&(0x7f0000b6b000)=@abs, 0x8, &(0x7f0000eeafb0), 0x0, &(0x7f0000072fd8)}, 0x0) r3 = syz_open_dev$sndpcmc(&(0x7f0000000040)='/dev/snd/pcmC#D#c\x00', 0x10001, 0x80000) fsetxattr(r0, &(0x7f0000000100)=@known='trusted.syz\x00', &(0x7f0000000140)='\x00', 0x1, 0x2) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000080)={&(0x7f0000000000)='.\x00', r3}, 0x10) sendmsg$unix(r1, &(0x7f000062e000)={&(0x7f0000690ff6)=@abs, 0x8, &(0x7f000000d000), 0x0, &(0x7f0000096fd8)}, 0x0) ioctl$TIOCGSID(r3, 0x5429, &(0x7f0000000440)=0x0) r5 = getuid() stat(&(0x7f0000000380)='./file0\x00', &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r7 = fcntl$getown(r0, 0x9) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000000880)={{{@in6=@dev, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6}, 0x0, @in=@local}}, &(0x7f0000000540)=0xe8) r9 = getegid() sendmsg$unix(r3, &(0x7f0000000680)={&(0x7f0000000180)=@abs={0x1, 0x0, 0x4e23}, 0x6e, &(0x7f0000000300)=[{&(0x7f0000000200)="857bd55987ac9fcca59d49f05ca4e076594b2c97a783939baf87f1b066acfbc73e915bae94ca5a80d74c7bbc153c877d6d5e83277f5f1b54a62b6bc6142f95255cf1ea01e46c265d86f2528be6f1938911ef2a16e2495ab9cc01567adb7fd133aa02683005d900ecd12dba71dbbd9886df68a4289331161deed37e936fa2d217bf06f48e204804b1761ca0e1ca8b45ea2197dcce752279da719c10be0a294d98b604af3334b977c5db4df16e578e39d37a09ee2328414b51769fc1ee99dca027b373f2889d317cff9469ecdfb68e5a6e6bce4ac14d4f2bdacfb2833323feaad040d7e6ea5b1fa1a8696f9cf68b0f", 0xee}], 0x1, &(0x7f0000000700)=ANY=[@ANYBLOB="38000000000000000100000001000000", @ANYRES32=r2, @ANYRES32=r3, @ANYRES32=r0, @ANYRES32=r3, @ANYRES32=r1, @ANYRES32=r3, @ANYRES32=r2, @ANYRES32=r0, @ANYRES32=r1, @ANYRES32=r2, @ANYBLOB="18000000000000000100000001000000", @ANYRES32=r2, @ANYBLOB="0000000020000000000000000100000001000000", @ANYRES32=r2, @ANYRES32=r0, @ANYRES32=r3, @ANYRES32=r3, @ANYBLOB="20000000000000000100000002000000", @ANYRES32=r4, @ANYRES32=r5, @ANYRES32=r6, @ANYBLOB="0000000020000000000004000100000002000000", @ANYRES32=r7, @ANYRES32=r8, @ANYRES32=r9, @ANYBLOB="0000370018000000000000000100000001000000534f6031187240125b9efbf09ad8e65e9a05b5b980cd8ddc70f5ca4d39b7fbf0c67f64a59907d57ffffe9ef14f4fb14046ed2db3f46d553134f9236436ba3df22b2d2672fe6a28f82dba4ab9bee26093684f024ce38a97812e345edea0099a2fb1afdbeb75b877a2cd6c50235d9e088258eeb268b158342324810034cd8c3d55871e748eefaa41482a6a7b34474fe216597b758dbec5014baeb6", @ANYRES32=r2, @ANYRES32=r1], 0xc8, 0x20008005}, 0x24048800) fcntl$setsig(r1, 0xa, 0x2d) close(r1) [ 390.414735] FAULT_FLAG_ALLOW_RETRY missing 30 [ 390.419367] CPU: 0 PID: 24694 Comm: syz-executor3 Not tainted 4.16.0+ #3 [ 390.426202] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 390.435537] Call Trace: [ 390.438118] dump_stack+0x1b9/0x294 [ 390.441729] ? dump_stack_print_info.cold.2+0x52/0x52 [ 390.446902] ? kasan_check_write+0x14/0x20 [ 390.451126] ? do_raw_spin_lock+0xc1/0x200 [ 390.455348] handle_userfault.cold.32+0x44/0x57 [ 390.459997] ? handle_userfault+0x16c6/0x2760 [ 390.464496] ? userfaultfd_ioctl+0x4d10/0x4d10 [ 390.469071] ? debug_check_no_locks_freed+0x310/0x310 [ 390.474250] ? find_held_lock+0x36/0x1c0 [ 390.478295] ? print_usage_bug+0xc0/0xc0 [ 390.482346] ? print_usage_bug+0xc0/0xc0 [ 390.486399] ? perf_trace_lock+0xd6/0x900 [ 390.490532] ? check_same_owner+0x320/0x320 [ 390.494848] ? do_raw_spin_unlock+0x9e/0x2e0 [ 390.499261] ? __lock_acquire+0x7f5/0x5130 [ 390.503486] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 390.509012] ? graph_lock+0x170/0x170 [ 390.512812] ? debug_check_no_locks_freed+0x310/0x310 [ 390.517984] ? find_held_lock+0x36/0x1c0 [ 390.522048] ? lock_downgrade+0x8e0/0x8e0 [ 390.526194] ? kasan_check_read+0x11/0x20 [ 390.530324] ? do_raw_spin_unlock+0x9e/0x2e0 [ 390.534713] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 390.539277] ? kasan_check_write+0x14/0x20 [ 390.543489] ? do_raw_spin_lock+0xc1/0x200 [ 390.547707] __handle_mm_fault+0x34be/0x4150 [ 390.552100] ? vm_insert_mixed_mkwrite+0x40/0x40 [ 390.556843] ? graph_lock+0x170/0x170 [ 390.560634] ? find_held_lock+0x36/0x1c0 [ 390.564679] ? lock_downgrade+0x8e0/0x8e0 [ 390.568824] ? handle_mm_fault+0x8c0/0xc70 [ 390.573050] handle_mm_fault+0x53a/0xc70 [ 390.577099] ? __handle_mm_fault+0x4150/0x4150 [ 390.581664] ? find_vma+0x34/0x190 [ 390.585190] __do_page_fault+0x60b/0xe40 [ 390.589233] ? mm_fault_error+0x380/0x380 [ 390.593363] ? graph_lock+0x170/0x170 [ 390.597518] do_page_fault+0xee/0x8a7 [ 390.601306] ? vmalloc_sync_all+0x30/0x30 [ 390.605440] ? find_held_lock+0x36/0x1c0 [ 390.609490] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 390.614314] page_fault+0x25/0x50 [ 390.617747] RIP: 0010:copy_user_generic_unrolled+0x86/0xc0 [ 390.623346] RSP: 0018:ffff88018dd9fce8 EFLAGS: 00010206 [ 390.628697] RAX: ffffed0031bb3fae RBX: 0000000000000018 RCX: 0000000000000003 [ 390.635950] RDX: 0000000000000000 RSI: 0000000020013000 RDI: ffff88018dd9fd58 [ 390.643208] RBP: ffff88018dd9fd20 R08: ffffed0031bb3fae R09: ffffed0031bb3fab [ 390.650462] R10: ffffed0031bb3fad R11: ffff88018dd9fd6f R12: 0000000020013018 [ 390.657717] R13: 0000000020013000 R14: ffff88018dd9fd58 R15: 00007ffffffff000 [ 390.664997] ? _copy_from_user+0x10d/0x150 [ 390.669228] SyS_sigaltstack+0xae/0x320 [ 390.673195] ? do_sigaction+0xa50/0xa50 [ 390.677166] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 390.682698] ? fput+0x130/0x1a0 [ 390.685980] ? ksys_ioctl+0x81/0xd0 [ 390.689603] ? do_syscall_64+0xb7/0x9d0 [ 390.693563] ? do_sigaction+0xa50/0xa50 [ 390.697521] do_syscall_64+0x29e/0x9d0 [ 390.701396] ? vmalloc_sync_all+0x30/0x30 [ 390.705544] ? _raw_spin_unlock_irq+0x27/0x70 [ 390.710031] ? finish_task_switch+0x1ca/0x820 [ 390.714514] ? syscall_return_slowpath+0x5c0/0x5c0 [ 390.719427] ? syscall_return_slowpath+0x30f/0x5c0 [ 390.724344] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 390.729688] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 390.734517] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 390.739693] RIP: 0033:0x4552d9 [ 390.742861] RSP: 002b:00007ff15ecfec68 EFLAGS: 00000246 ORIG_RAX: 0000000000000083 [ 390.750547] RAX: ffffffffffffffda RBX: 00007ff15ecff6d4 RCX: 00000000004552d9 [ 390.757793] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000020013000 [ 390.765044] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 390.772294] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 390.779557] R13: 0000000000000608 R14: 00000000006fc160 R15: 0000000000000000 [ 390.924075] FAULT_FLAG_ALLOW_RETRY missing 30 [ 390.928699] CPU: 1 PID: 24717 Comm: syz-executor3 Not tainted 4.16.0+ #3 [ 390.935527] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 390.944868] Call Trace: [ 390.947445] dump_stack+0x1b9/0x294 [ 390.951055] ? dump_stack_print_info.cold.2+0x52/0x52 [ 390.956227] ? kasan_check_write+0x14/0x20 [ 390.960445] ? do_raw_spin_lock+0xc1/0x200 [ 390.964666] handle_userfault.cold.32+0x44/0x57 [ 390.969319] ? handle_userfault+0x16c6/0x2760 [ 390.973799] ? userfaultfd_ioctl+0x4d10/0x4d10 [ 390.978368] ? debug_check_no_locks_freed+0x310/0x310 [ 390.983552] ? find_held_lock+0x36/0x1c0 [ 390.987601] ? print_usage_bug+0xc0/0xc0 [ 390.991644] ? print_usage_bug+0xc0/0xc0 [ 390.995687] ? kasan_check_read+0x11/0x20 [ 390.999817] ? check_same_owner+0x320/0x320 [ 391.004116] ? do_raw_spin_unlock+0x9e/0x2e0 [ 391.008508] ? __lock_acquire+0x7f5/0x5130 [ 391.012725] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 391.018241] ? graph_lock+0x170/0x170 [ 391.022027] ? debug_check_no_locks_freed+0x310/0x310 [ 391.027197] ? find_held_lock+0x36/0x1c0 [ 391.031250] ? lock_downgrade+0x8e0/0x8e0 [ 391.035382] ? kasan_check_read+0x11/0x20 [ 391.039512] ? do_raw_spin_unlock+0x9e/0x2e0 [ 391.043903] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 391.048465] ? kasan_check_write+0x14/0x20 [ 391.052682] ? do_raw_spin_lock+0xc1/0x200 [ 391.056913] __handle_mm_fault+0x34be/0x4150 [ 391.061308] ? vm_insert_mixed_mkwrite+0x40/0x40 [ 391.066051] ? graph_lock+0x170/0x170 [ 391.069834] ? graph_lock+0x170/0x170 [ 391.073616] ? find_held_lock+0x36/0x1c0 [ 391.077660] ? lock_downgrade+0x8e0/0x8e0 [ 391.081794] ? handle_mm_fault+0x8c0/0xc70 [ 391.086014] handle_mm_fault+0x53a/0xc70 [ 391.090065] ? __handle_mm_fault+0x4150/0x4150 [ 391.094629] ? find_vma+0x34/0x190 [ 391.098149] __do_page_fault+0x60b/0xe40 [ 391.102194] ? mm_fault_error+0x380/0x380 [ 391.106320] ? graph_lock+0x170/0x170 [ 391.110103] do_page_fault+0xee/0x8a7 [ 391.113893] ? vmalloc_sync_all+0x30/0x30 [ 391.118037] ? __fget+0x40c/0x650 [ 391.121474] ? find_held_lock+0x36/0x1c0 [ 391.125522] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 391.130350] page_fault+0x25/0x50 [ 391.133782] RIP: 0010:copy_user_generic_unrolled+0x86/0xc0 [ 391.139379] RSP: 0018:ffff8801c0487ce8 EFLAGS: 00010206 [ 391.144722] RAX: ffffed0038090fae RBX: 0000000000000018 RCX: 0000000000000003 [ 391.151969] RDX: 0000000000000000 RSI: 0000000020013000 RDI: ffff8801c0487d58 [ 391.159219] RBP: ffff8801c0487d20 R08: ffffed0038090fae R09: ffffed0038090fab [ 391.166464] R10: ffffed0038090fad R11: ffff8801c0487d6f R12: 0000000020013018 [ 391.173709] R13: 0000000020013000 R14: ffff8801c0487d58 R15: 00007ffffffff000 [ 391.180976] ? _copy_from_user+0x10d/0x150 [ 391.185206] SyS_sigaltstack+0xae/0x320 [ 391.189172] ? do_sigaction+0xa50/0xa50 [ 391.193126] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 391.198643] ? fput+0x130/0x1a0 [ 391.201902] ? ksys_ioctl+0x81/0xd0 [ 391.205510] ? do_syscall_64+0xb7/0x9d0 [ 391.209466] ? do_sigaction+0xa50/0xa50 [ 391.213426] do_syscall_64+0x29e/0x9d0 [ 391.217293] ? _raw_spin_unlock_irq+0x27/0x70 [ 391.221767] ? finish_task_switch+0x1ca/0x820 [ 391.226241] ? syscall_return_slowpath+0x5c0/0x5c0 [ 391.231150] ? syscall_return_slowpath+0x30f/0x5c0 [ 391.236061] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 391.241407] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 391.246229] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 391.251402] RIP: 0033:0x4552d9 [ 391.254573] RSP: 002b:00007ff15ecbcc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000083 [ 391.262262] RAX: ffffffffffffffda RBX: 00007ff15ecbd6d4 RCX: 00000000004552d9 2018/04/06 11:41:13 executing program 0: perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_mount_image$gfs2(&(0x7f0000000040)='gfs2\x00', &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, &(0x7f0000000380), 0x0, &(0x7f0000000400)={[{@lockproto_nolock='lockproto=lock_nolock', 0x2c}, {@barrier='barrier', 0x2c}, {@statfs_percent={'statfs_percent', 0x3d}, 0x2c}]}) r0 = creat(&(0x7f0000000080)='./bus\x00', 0x8c) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffff9c, 0x8933, &(0x7f00000001c0)={'ip6tnl0\x00', 0x0}) clock_gettime(0x0, &(0x7f0000000240)={0x0, 0x0}) sendmsg$can_bcm(r0, &(0x7f0000000340)={&(0x7f0000000200)={0x1d, r1}, 0x10, &(0x7f0000000300)={&(0x7f0000000280)={0x7, 0x800, 0x4, {r2, r3/1000+10000}, {0x0, 0x2710}, {0x4, 0x1, 0x10000, 0xdfa}, 0x1, @can={{0x0, 0xe0e6, 0x4, 0x1}, 0x8, 0x2, 0x0, 0x0, "77479230a90daad5"}}, 0x48}, 0x1, 0x0, 0x0, 0x4}, 0x4000) 2018/04/06 11:41:13 executing program 1: r0 = socket(0x0, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) r1 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x52, r1, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000000200)={0x0, 0x37, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30"}, &(0x7f00000000c0)=0x3f) close(r1) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(r0, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$alg(0x26, 0x5, 0x0) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000640)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000140), &(0x7f0000000180)) close(r3) sendmmsg(0xffffffffffffffff, &(0x7f0000002280)=[{{&(0x7f00000006c0)=@pppoe={0x18, 0x0, {0x3, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, 'ip6tnl0\x00'}}, 0x80, &(0x7f0000000ec0)=[{&(0x7f0000000740)="964616d1dafb11d6d905ea33bd4eaea0dd04eb847bc0a1210ca9456143e31b8ce14caf4a0646bc639707d10aba3e652495977a7a6d3fc41ef6364c47c2266aa410a490f920f407161207ec5352e1ce6c3822d3a2ae063583609298790a58b73fccaac3665dd78ab4a15d4c12a996799f41dc79b9f3d57a627a7517cb0b51c0cecf43519f19db25073246fa0d8e29d209ee94372325d56aa5ae8d45", 0x9b}], 0x1, &(0x7f0000000f40)=[{0x30, 0x103, 0x918, "b9b0597d21d227c112b74fbadc29c742bca992f94f18f93f4a69"}], 0x30, 0x4045}, 0x610}], 0x1, 0x4001) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x13860b96, 0xa0000) fcntl$getownex(r2, 0x10, &(0x7f0000000680)) 2018/04/06 11:41:13 executing program 6: socket$inet_udp(0x2, 0x2, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000095bffc)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) sendto$inet(r1, &(0x7f0000762fff), 0xfdc7, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001, [0x4fa10000]}, 0x10) 2018/04/06 11:41:13 executing program 2: r0 = socket(0x2, 0x3, 0x6) write(r0, &(0x7f0000000000)="2400000058001f0014b2f407000904000201071008000100ffffffff0800020001000000", 0x24) 2018/04/06 11:41:13 executing program 5: capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) msgget(0x2, 0x58) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpu.stat\x00', 0x0, 0x0) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000040)={0x0, 0x3}, &(0x7f0000000080)=0x8) getsockopt$inet_sctp6_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f00000000c0)={r1, 0x8, 0xa59, 0xa3f}, &(0x7f0000000140)=0x10) 2018/04/06 11:41:13 executing program 4: r0 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000200)={r1}, &(0x7f00000000c0)=0x8) close(r0) setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040), 0x4) perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$rdma_cm(0xffffffffffffffff, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080), 0x2}}, 0xfffffe84) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000002c0)={0x0, {{0xa, 0x4e23, 0x0, @dev={0xfe, 0x80}, 0x6c}}, {{0xa, 0x4e20, 0x3f, @remote={0xfe, 0x80, [], 0xbb}}}}, 0x108) 2018/04/06 11:41:13 executing program 3: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) fcntl$getownex(0xffffffffffffff9c, 0x10, &(0x7f0000000100)) getpid() fcntl$getown(0xffffffffffffff9c, 0x9) gettid() ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) getpgrp(r0) r1 = memfd_create(&(0x7f0000000080)='em1\x00', 0x2) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000200)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) sigaltstack(&(0x7f0000013000/0x1000)=nil, &(0x7f00000000c0)) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000258f88)) msgsnd(0x0, &(0x7f0000284ff8)={0x3}, 0x0, 0x0) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000240)={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000640)={'\x00', 0x0}) ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f0000000680)=r3) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000b40)={&(0x7f0000011000/0x4000)=nil, 0x4000}) io_setup(0x1000, &(0x7f0000000040)) io_submit(0x0, 0x7fffffffefff, &(0x7f0000000000)) ioctl$VHOST_RESET_OWNER(r1, 0xaf02, 0x0) 2018/04/06 11:41:13 executing program 7: r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0xfffffffffffffffe, 0x0) ioctl$EVIOCGMASK(r0, 0x80104592, &(0x7f0000000140)={0x2000000015, 0x6, &(0x7f00000000c0)="eb375d06e0aa9f807a121e879bac"}) dup3(r0, r0, 0x80000) [ 391.269511] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000020013000 [ 391.276762] RBP: 000000000072c010 R08: 0000000000000000 R09: 0000000000000000 [ 391.284011] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 391.291265] R13: 0000000000000608 R14: 00000000006fc160 R15: 0000000000000002 2018/04/06 11:41:13 executing program 2: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000780)='/dev/kvm\x00', 0x10, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000900)='/dev/rfkill\x00', 0x80000, 0x0) ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f00000006c0)={0x0}) ioctl$DRM_IOCTL_NEW_CTX(r2, 0x40086425, &(0x7f0000000700)={r3, 0x3}) socket$inet_smc(0x2b, 0x1, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000040)={0x79}) ioctl$TUNDETACHFILTER(r2, 0x401054d6, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_GET_IRQCHIP(r2, 0xc208ae62, &(0x7f00000007c0)=@ioapic) getsockopt$IPT_SO_GET_REVISION_TARGET(r1, 0x0, 0x43, &(0x7f00000000c0)={'icmp\x00'}, &(0x7f00000005c0)=0x1e) ioctl$KVM_SET_LAPIC(r4, 0x4400ae8f, &(0x7f0000001680)={"8a927799b01a029f25061eda96dd379385fc78b28fcbf8eb8455a6fb67a8de46d4d40000a01a47191dc792f414ac8437036bb34b6632c980073c4cdc084a1966c440f15811d016f5b50e90810603f10a2c83eb8c062194269ab67e4bb4b3c5199cadd60d3f6fc72a7eb011b622072532229fbc9d9c4d1e045191ee2b0d584c8fd736ee3e7d73d5267b67a69251b101000000692d30ecfb80632608000a7a24aa58b111193c88181907d958cb00807d63dfb58775215937ae2b62b46c6d5816f2fc52eeab0000000000000003252929e628ad2c34a0ef717fb2504d9bd66eabce002faf0512145c072f3087a5566c38fda729442c3ebd62e970a9a3eb242747993601a1a186b8376d39c69c4ce503cf638feeae79436a3c00000000000000380fa7b4c9c2d674b80ef220109f8fa8200de4794547b4da6430ac512116d358949a298812c5d54017aa2fc8b814ecf28c41d4c83474ba93a8ad32b16371b42359bf984abb465228cfd848e54abc383d21d0a3315f1b8599efa1bf10bd30a1371757b13aed4a19db7c777995fd42ad446d9d2755f8552563c7639ce00da8ee3ece9ded52625aa3f0a1d7b76b32536d39eeae1582710632a79bddf1032b6e6ac794f37ec9d0c3b44923cc7b631c6df64f28d75d99443d665bdb3c6b7961190e8f82a233000001002ce4f47168ef93f01aef51c60000000000000006af34b21ed8437a371c0b427cd8c95f3952ee752b758ea9fa443debf5a2d7cdbaf1a2a23d68cb0886925599fbc1361b8ce27b41d79027894b6c0003cc97a64088edf383a51eef947915369bdd4fc3cced2663d17515838f8fa1a284c5b6ffc5251019eaee59d117d34c73e50fbd33ceb4508cfa0100000000000000114a13542dee77b2651783f6a5d9260036ccc70d695101d1ddb56f1ac26584547d8d5cecb3c672068cc7ab31ddc5ae0a253b587d712c6110acdf49fa0100de0f7b3717280d35b7e70733538a8eec8fb17616d2198d02ba4e7690fab7933b676deddb27755d6a8f29c643dfff0e4bd7c2b13b7a57a3120cb2cbb70200339dc0862dafad481a63e5f90d14c54803d8b100e0ad5cae9a0a7b2f329c3b0000000000000002f4b2eebf781ec7ed16d988d46575a31f81121c13c7cb674ff41cb3c7f6896d41e86bda845164825e28b9fb719e695a9eb9710f924aefde1c96bebe4274594038347691a088f90400000000000000fc24388cc15dffeda1bd610582c5b74fa6c6e789ce440f71871a5e8b85000000005806743e8e075b8624686feb21dbdb9afd74dd0067d82a72c099a2d52a599494388cb56cdb5ef9190980f9128e689e07e98b2ed59e1537fc7de144dc2030374b0f5fcfd8f2ef242803f7bcbc07145f65b8912a4a335b858de8acf080852c49d353a00a5aac3d6a33e0075506a1fd25799f1637b1bafaf09954ef"}) epoll_wait(0xffffffffffffffff, &(0x7f0000000640)=[{}], 0x1, 0x7fff) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000000)=[@text32={0x20, &(0x7f0000000540)="3e0f0d3ec4c289b6955179000065660f3814e90fc75e0bc4c34949cd5eb9800000c00f3235010000000f302e660f38826217c4c38d7f1c3a86b8010000000f01c10f2004", 0x44}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_SET_LAPIC(r4, 0x4400ae8f, &(0x7f0000000140)={"ae27525bcad6af5378d0bff56f89a6d028597da2602133513db90828f4e54c9ccd00b1c0de9845a280f9cf7b39c2227e4ba6b87ec15f51486176e985f08b6308995cd11e77e44e21bd3ab4301639489cd883b79a801e0b64adcad31ea4f1ad5ceed182d39857942ba21385b7d509351f8b3ad3ee1e69b6f29aac53e4048522c6b96c2b48a5ae464bd0fffb695fe61f9b039302505c2379fd2aab0a8e8216add60c37cf592cc2499d6870fb2f9aa40da36fee92f54d4ba817e4a7edd8ba2f9ca8c0725b2bb9a4effe4759ab5b9a94d3a8919eb2501a528b71e9ab0c507cc183d8111cb36bbaa19d8cad34ce20f04cdd4bfb346e3432aad7d6a5a0b550788ed184c5a8fd25944d378cc895d6392dfad6670e0af3a4033729509607cff059a0177a2423549a42c19622537f8c46f76f4ab16fa3500136dac198b8b41e3d40647ebde2e7b5a15002443e694dbb07d14ff7f1e35a52546841f3c6f27190c8341bc89a1b65ed2fabebcf4cb4590c8f7a90a0966a878b77ba71ae1f8b173fb7f53a25b840354f13e40b9c8f2b81702faf93da9342f06d68660f2893ef6c55da7094b878b8fb8ce5bcd90fc0fb4e384914ca6fa8c25283e61ea4de089567620ed0eec40129cac3640561e6ff1273d0ed1866856051b5ad7778496cadf156a1c9d7b5d8cbe155400fa761204427f364afe6e4b006862b8d62423912f36c0b28deb952d3d5e90fb74dd22d8764a5a00b2a3cee98d80d67afe96e6d987a03f61786b69862243e5fe42f8fbcae38ee7084da6fc3405a84d3c436a7069b1323db8d0782a5d027714dad98c4dd50f276b552326010982e3ff42e4f4fd88e668c771dadbcc488a51836b51d2b17946c96b2660052daebf1f398084e50de3c0c06bc820074c72c6e961c476a10ff142f185b93797a17b8715ff8b410733553fe06140661bb139b73f0130fe44cb530e5cda49d6c14b93190fb70950c03c73ebc8bcf6ddd3bc2275e7945261b3eb2d0801b1b1e3818050d4f3cfdb9e1cebb5381ab6657d5723b2c3fcc7cfe5326be943cadecbf01aff750db5fe3a69c33215f4af03281e7c693bbbd3d5685b9258bd67b63683ac382c7f643c37c0504987a446c0c9378c659d997584b6992688d5d6ce0d3ae51b11b8a41f3c2f0b0fe811b2d98e4fac1009bf29c5276373e7ed744924847f2fc7d5360f0cc5bdf81df439bb3f5932c05cbc031955dd63c19c39c866557fb63b14ba8932b96b00cdab95454672a7465a2c0a069540f1547324a10e7008f8b93037a6fbf789b11e61d7e45d198cce33798d3ddf8d59a58149a0413b774bd4cc11bd8b0b2047fce43687725407b23565d6dd187dc534cf6e99f40f8d214f216975fe76edc5892e505bce08dedd25b985ad213733dbe4e858c109eec6a4b7f031b9607684dcf6e2f39e564634e5184a902c73096676f08"}) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r1, 0x4010ae68, &(0x7f0000000100)={0x2000, 0x8000}) 2018/04/06 11:41:13 executing program 7: mkdir(&(0x7f00001d4ff8)='./file0\x00', 0x0) r0 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0x20, 0x400600) readlinkat(r0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=""/27, 0x1b) symlink(&(0x7f0000192000)='./file0\x00', &(0x7f0000044ff2)='./control\x00') name_to_handle_at(r0, &(0x7f00000000c0)='./control\x00', &(0x7f0000000100)={0x7a, 0x2, "ef67a9ba4192b52d4256d2f8a18cda997f749a20c1236669dd7d3b9267168ddbbd48bed46714fedd3d85c54abf4e0b152da57e691726aeb561cd34492437987c9f383ecca24daa31302b3c74ea6f00a7fff9020cc3f9393f8b59aa92558a2f8c943f49adeb4acb921a002b88236a14063052"}, &(0x7f0000000180), 0x1400) mount(&(0x7f000000a000)='./file0\x00', &(0x7f0000179ff8)='./control\x00', &(0x7f0000014000)='anon_inodefs\x00', 0x9002, &(0x7f0000fcb000)) mount(&(0x7f000000a000)='./file0\x00', &(0x7f0000014ff8)='./file0\x00', &(0x7f0000014000)='ramfs\x00', 0xb3b9, &(0x7f0000005000)) r1 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./control\x00', 0x0, 0x0) getdents(r1, &(0x7f0000a30000)=""/4096, 0x1000) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000240)='IPVS\x00') sendmsg$IPVS_CMD_SET_SERVICE(r0, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x1c, r2, 0x4, 0x70bd2c, 0x25dfdbff, {0x2}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x4000000) 2018/04/06 11:41:13 executing program 4: r0 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000200)={r1}, &(0x7f00000000c0)=0x8) close(r0) setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040), 0x4) perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$rdma_cm(0xffffffffffffffff, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080), 0x2}}, 0xfffffe84) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000002c0)={0x0, {{0xa, 0x4e23, 0x0, @dev={0xfe, 0x80}, 0x6c}}, {{0xa, 0x4e20, 0x3f, @remote={0xfe, 0x80, [], 0xbb}}}}, 0x108) 2018/04/06 11:41:13 executing program 5: ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000000)) r0 = getpgrp(0xffffffffffffffff) capset(&(0x7f0000000100)={0x20080522, r0}, &(0x7f0000292000)={0x0, 0x0, 0x4000000000000, 0xffffffffffffffff}) msgget(0x2, 0x58) 2018/04/06 11:41:13 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) ioctl$sock_ifreq(r0, 0x8b35, &(0x7f0000000140)={"6970365f767469300000000000f700", @ifru_mtu}) r1 = syz_open_dev$adsp(&(0x7f0000000000)='/dev/adsp#\x00', 0x9, 0x40080) ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffff9c, 0xc0086420, &(0x7f0000000040)={0x0}) ioctl$DRM_IOCTL_UNLOCK(r1, 0x4008642b, &(0x7f0000000080)={r2, 0x4}) 2018/04/06 11:41:13 executing program 1: r0 = socket(0x0, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) r1 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x52, r1, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000000200)={0x0, 0x37, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30"}, &(0x7f00000000c0)=0x3f) close(r1) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(r0, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$alg(0x26, 0x5, 0x0) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000640)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000140), &(0x7f0000000180)) close(r3) sendmmsg(0xffffffffffffffff, &(0x7f0000002280)=[{{&(0x7f00000006c0)=@pppoe={0x18, 0x0, {0x3, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, 'ip6tnl0\x00'}}, 0x80, &(0x7f0000000ec0)=[{&(0x7f0000000740)="964616d1dafb11d6d905ea33bd4eaea0dd04eb847bc0a1210ca9456143e31b8ce14caf4a0646bc639707d10aba3e652495977a7a6d3fc41ef6364c47c2266aa410a490f920f407161207ec5352e1ce6c3822d3a2ae063583609298790a58b73fccaac3665dd78ab4a15d4c12a996799f41dc79b9f3d57a627a7517cb0b51c0cecf43519f19db25073246fa0d8e29d209ee94372325d56aa5ae8d45", 0x9b}], 0x1, &(0x7f0000000f40)=[{0x30, 0x103, 0x918, "b9b0597d21d227c112b74fbadc29c742bca992f94f18f93f4a69"}], 0x30, 0x4045}, 0x610}], 0x1, 0x4001) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x13860b96, 0xa0000) fcntl$getownex(r2, 0x10, &(0x7f0000000680)) [ 391.532417] kvm: vcpu 0: requested 68374 ns lapic timer period limited to 500000 ns [ 391.631231] kvm: vcpu 0: requested 68374 ns lapic timer period limited to 500000 ns [ 392.221527] FAULT_FLAG_ALLOW_RETRY missing 30 [ 392.226153] CPU: 1 PID: 24748 Comm: syz-executor3 Not tainted 4.16.0+ #3 [ 392.232993] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 392.242329] Call Trace: [ 392.244909] dump_stack+0x1b9/0x294 [ 392.248518] ? dump_stack_print_info.cold.2+0x52/0x52 [ 392.253696] ? kasan_check_write+0x14/0x20 [ 392.257915] ? do_raw_spin_lock+0xc1/0x200 [ 392.262137] handle_userfault.cold.32+0x44/0x57 [ 392.266788] ? handle_userfault+0x16c6/0x2760 [ 392.271286] ? userfaultfd_ioctl+0x4d10/0x4d10 [ 392.275858] ? debug_check_no_locks_freed+0x310/0x310 [ 392.281030] ? find_held_lock+0x36/0x1c0 [ 392.285073] ? print_usage_bug+0xc0/0xc0 [ 392.289113] ? print_usage_bug+0xc0/0xc0 [ 392.293160] ? perf_trace_lock_acquire+0xe3/0x980 [ 392.297985] ? __lock_acquire+0x7f5/0x5130 [ 392.302200] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 392.307718] ? graph_lock+0x170/0x170 [ 392.311499] ? debug_check_no_locks_freed+0x310/0x310 [ 392.316671] ? find_held_lock+0x36/0x1c0 [ 392.320715] ? lock_downgrade+0x8e0/0x8e0 [ 392.324847] ? kasan_check_read+0x11/0x20 [ 392.328975] ? do_raw_spin_unlock+0x9e/0x2e0 [ 392.333361] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 392.337926] ? kasan_check_write+0x14/0x20 [ 392.342141] ? do_raw_spin_lock+0xc1/0x200 [ 392.346359] __handle_mm_fault+0x34be/0x4150 [ 392.350761] ? vm_insert_mixed_mkwrite+0x40/0x40 [ 392.355498] ? graph_lock+0x170/0x170 [ 392.359280] ? find_held_lock+0x36/0x1c0 [ 392.363323] ? lock_downgrade+0x8e0/0x8e0 [ 392.367461] ? handle_mm_fault+0x8c0/0xc70 [ 392.371678] handle_mm_fault+0x53a/0xc70 [ 392.375729] ? __handle_mm_fault+0x4150/0x4150 [ 392.380295] ? find_vma+0x34/0x190 [ 392.383817] __do_page_fault+0x60b/0xe40 [ 392.387871] ? mm_fault_error+0x380/0x380 [ 392.392004] ? graph_lock+0x170/0x170 [ 392.395785] do_page_fault+0xee/0x8a7 [ 392.399564] ? vmalloc_sync_all+0x30/0x30 [ 392.403691] ? find_held_lock+0x36/0x1c0 [ 392.407741] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 392.412567] page_fault+0x25/0x50 [ 392.416014] RIP: 0010:copy_user_generic_unrolled+0x86/0xc0 [ 392.421613] RSP: 0018:ffff8801cfaf7ce8 EFLAGS: 00010206 [ 392.426954] RAX: ffffed0039f5efae RBX: 0000000000000018 RCX: 0000000000000003 [ 392.434208] RDX: 0000000000000000 RSI: 0000000020013000 RDI: ffff8801cfaf7d58 [ 392.441461] RBP: ffff8801cfaf7d20 R08: ffffed0039f5efae R09: ffffed0039f5efab [ 392.448708] R10: ffffed0039f5efad R11: ffff8801cfaf7d6f R12: 0000000020013018 [ 392.455959] R13: 0000000020013000 R14: ffff8801cfaf7d58 R15: 00007ffffffff000 [ 392.463222] ? _copy_from_user+0x10d/0x150 [ 392.467444] SyS_sigaltstack+0xae/0x320 [ 392.471397] ? do_sigaction+0xa50/0xa50 [ 392.475351] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 392.480866] ? fput+0x130/0x1a0 [ 392.484128] ? ksys_ioctl+0x81/0xd0 [ 392.487734] ? do_syscall_64+0xb7/0x9d0 [ 392.491689] ? do_sigaction+0xa50/0xa50 [ 392.495642] do_syscall_64+0x29e/0x9d0 [ 392.499507] ? vmalloc_sync_all+0x30/0x30 [ 392.503643] ? _raw_spin_unlock_irq+0x27/0x70 [ 392.508127] ? finish_task_switch+0x1ca/0x820 [ 392.512604] ? syscall_return_slowpath+0x5c0/0x5c0 [ 392.517512] ? syscall_return_slowpath+0x30f/0x5c0 [ 392.522428] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 392.527772] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 392.532596] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 392.537765] RIP: 0033:0x4552d9 [ 392.540932] RSP: 002b:00007ff15ecfec68 EFLAGS: 00000246 ORIG_RAX: 0000000000000083 [ 392.548617] RAX: ffffffffffffffda RBX: 00007ff15ecff6d4 RCX: 00000000004552d9 [ 392.555863] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000020013000 [ 392.563113] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 392.570359] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 392.577604] R13: 0000000000000608 R14: 00000000006fc160 R15: 0000000000000000 [ 392.720179] FAULT_FLAG_ALLOW_RETRY missing 30 [ 392.724809] CPU: 0 PID: 24786 Comm: syz-executor3 Not tainted 4.16.0+ #3 [ 392.731636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 392.740969] Call Trace: [ 392.743547] dump_stack+0x1b9/0x294 [ 392.747160] ? dump_stack_print_info.cold.2+0x52/0x52 [ 392.752337] ? kasan_check_write+0x14/0x20 [ 392.756552] ? do_raw_spin_lock+0xc1/0x200 [ 392.760774] handle_userfault.cold.32+0x44/0x57 [ 392.765428] ? handle_userfault+0x16c6/0x2760 [ 392.769911] ? userfaultfd_ioctl+0x4d10/0x4d10 [ 392.774475] ? debug_check_no_locks_freed+0x310/0x310 [ 392.779648] ? find_held_lock+0x36/0x1c0 [ 392.783694] ? print_usage_bug+0xc0/0xc0 [ 392.787737] ? print_usage_bug+0xc0/0xc0 [ 392.791780] ? kasan_check_read+0x11/0x20 [ 392.795913] ? check_same_owner+0x320/0x320 [ 392.800213] ? do_raw_spin_unlock+0x9e/0x2e0 [ 392.804604] ? __lock_acquire+0x7f5/0x5130 [ 392.808822] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 392.814338] ? graph_lock+0x170/0x170 [ 392.818138] ? debug_check_no_locks_freed+0x310/0x310 [ 392.823318] ? find_held_lock+0x36/0x1c0 [ 392.827374] ? lock_downgrade+0x8e0/0x8e0 [ 392.831505] ? kasan_check_read+0x11/0x20 [ 392.835637] ? do_raw_spin_unlock+0x9e/0x2e0 [ 392.840033] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 392.844596] ? kasan_check_write+0x14/0x20 [ 392.848817] ? do_raw_spin_lock+0xc1/0x200 [ 392.853046] __handle_mm_fault+0x34be/0x4150 [ 392.857439] ? vm_insert_mixed_mkwrite+0x40/0x40 [ 392.862176] ? graph_lock+0x170/0x170 [ 392.865955] ? graph_lock+0x170/0x170 [ 392.869737] ? find_held_lock+0x36/0x1c0 [ 392.873783] ? lock_downgrade+0x8e0/0x8e0 [ 392.877928] ? handle_mm_fault+0x8c0/0xc70 [ 392.882144] handle_mm_fault+0x53a/0xc70 [ 392.886188] ? __handle_mm_fault+0x4150/0x4150 [ 392.890750] ? find_vma+0x34/0x190 [ 392.894271] __do_page_fault+0x60b/0xe40 [ 392.898314] ? mm_fault_error+0x380/0x380 [ 392.902441] ? graph_lock+0x170/0x170 [ 392.906224] do_page_fault+0xee/0x8a7 [ 392.910005] ? vmalloc_sync_all+0x30/0x30 [ 392.914141] ? __fget+0x40c/0x650 [ 392.917575] ? find_held_lock+0x36/0x1c0 [ 392.921623] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 392.926450] page_fault+0x25/0x50 [ 392.929886] RIP: 0010:copy_user_generic_unrolled+0x86/0xc0 [ 392.935485] RSP: 0018:ffff8801b707fce8 EFLAGS: 00010206 [ 392.940828] RAX: ffffed0036e0ffae RBX: 0000000000000018 RCX: 0000000000000003 [ 392.948075] RDX: 0000000000000000 RSI: 0000000020013000 RDI: ffff8801b707fd58 [ 392.955322] RBP: ffff8801b707fd20 R08: ffffed0036e0ffae R09: ffffed0036e0ffab [ 392.962569] R10: ffffed0036e0ffad R11: ffff8801b707fd6f R12: 0000000020013018 [ 392.969816] R13: 0000000020013000 R14: ffff8801b707fd58 R15: 00007ffffffff000 [ 392.977083] ? _copy_from_user+0x10d/0x150 [ 392.981300] SyS_sigaltstack+0xae/0x320 [ 392.985254] ? do_sigaction+0xa50/0xa50 [ 392.989213] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 392.994731] ? fput+0x130/0x1a0 [ 392.997993] ? ksys_ioctl+0x81/0xd0 [ 393.001603] ? do_syscall_64+0xb7/0x9d0 [ 393.005556] ? do_sigaction+0xa50/0xa50 [ 393.009512] do_syscall_64+0x29e/0x9d0 [ 393.013382] ? _raw_spin_unlock_irq+0x27/0x70 [ 393.017858] ? finish_task_switch+0x1ca/0x820 [ 393.022335] ? syscall_return_slowpath+0x5c0/0x5c0 [ 393.027244] ? syscall_return_slowpath+0x30f/0x5c0 [ 393.032156] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 393.037510] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 393.042344] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 393.047512] RIP: 0033:0x4552d9 [ 393.050680] RSP: 002b:00007ff15ecbcc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000083 [ 393.058379] RAX: ffffffffffffffda RBX: 00007ff15ecbd6d4 RCX: 00000000004552d9 2018/04/06 11:41:15 executing program 7: r0 = socket$inet6(0xa, 0x2, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000080)={'ip_vti0\x00', &(0x7f0000000200)=ANY=[@ANYBLOB='O\x00\x00\x00\x00\x00\x00\x00\x00\x00']}) 2018/04/06 11:41:15 executing program 0: bind$alg(0xffffffffffffffff, &(0x7f0000000280)={0x26, 'aead\x00', 0x0, 0x0, 'gcm(aes)\x00'}, 0x58) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000002bc0)="ad56b6c5820faeb995298992ea54c7beef9f5d56534c90c2", 0x18) r0 = accept$alg(0xffffffffffffffff, 0x0, 0x0) sendmsg$can_raw(r0, &(0x7f0000477000)={&(0x7f0000000080)={0x1d}, 0x10, &(0x7f0000000240)={&(0x7f00000001c0)=@canfd={{}, 0x0, 0x0, 0x0, 0x0, "b5a419fb5df128c83ad9430362a22a5abf1e4123efccc641602c2da3630b58d04766c58b254ff2a965ccb226c8c7355c33306c99adaa0aa59006f8dc9b01b737"}, 0xff89}, 0x1}, 0x0) r1 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x0, 0x101200) ioctl$KVM_SET_GUEST_DEBUG(r1, 0x4048ae9b, &(0x7f0000000380)={0x10000, 0x0, [0x3f, 0x84, 0x2e64, 0x7, 0x6, 0xfffffffffffff803, 0x7fff, 0x7ff]}) ioctl$sock_bt_cmtp_CMTPGETCONNINFO(r1, 0x800443d3, &(0x7f0000000040)={{0x3, 0x4, 0x3, 0x1, 0xffffffff, 0x6}, 0x40, 0x1ff, 0x9}) recvmmsg(r0, &(0x7f0000002a00)=[{{&(0x7f0000000300)=@hci, 0x80, &(0x7f0000001880)=[{&(0x7f0000000540)=""/4096, 0x1000}], 0x1, &(0x7f0000001940)=""/187, 0xbb}}], 0x1, 0x0, &(0x7f0000002b80)={0x77359400}) recvmmsg(r0, &(0x7f0000003340)=[{{&(0x7f00000000c0)=@sco, 0x8, &(0x7f0000000100), 0x0, &(0x7f0000000140)=""/94, 0xfffffef9}}, {{&(0x7f0000002f40)=@pptp={0x0, 0x0, {0x0, @dev}}, 0x20, &(0x7f0000003200)=[{&(0x7f0000001540)=""/226, 0xfffffffffffffd61}], 0x1, &(0x7f0000000440)=""/239, 0xef}}], 0x2, 0x0, 0x0) ioctl$sock_SIOCADDDLCI(r1, 0x8980, &(0x7f0000000400)={'dummy0\x00', 0x80}) 2018/04/06 11:41:15 executing program 5: capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) msgget(0x2, 0x58) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$sock_inet_SIOCRTMSG(r0, 0x890d, &(0x7f0000000040)={0x3, {0x2, 0x4e22, @multicast2=0xe0000002}, {0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x12}}, {0x2, 0x4e21, @multicast1=0xe0000001}, 0x4, 0x4, 0xb520, 0x0, 0x0, &(0x7f0000000000)='bridge0\x00', 0x1000, 0x8, 0x8}) 2018/04/06 11:41:15 executing program 6: socket$inet_udp(0x2, 0x2, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000095bffc)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) sendto$inet(r1, &(0x7f0000762fff), 0xfdc7, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001, [0xdfac]}, 0x10) 2018/04/06 11:41:15 executing program 4: r0 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000200)={r1}, &(0x7f00000000c0)=0x8) close(r0) setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040), 0x4) perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$rdma_cm(0xffffffffffffffff, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080), 0x2}}, 0xfffffe84) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000002c0)={0x0, {{0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, [], 0x19}}}, {{0xa, 0x4e20, 0x3f, @remote={0xfe, 0x80, [], 0xbb}}}}, 0x108) 2018/04/06 11:41:15 executing program 1: r0 = socket(0x0, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) r1 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x52, r1, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000000200)={0x0, 0x45, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30445cc3106098c1375dee48494f93"}, &(0x7f00000000c0)=0x4d) close(r1) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(r0, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$alg(0x26, 0x5, 0x0) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000640)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000140), &(0x7f0000000180)) close(r3) sendmmsg(0xffffffffffffffff, &(0x7f0000002280)=[{{&(0x7f00000006c0)=@pppoe={0x18, 0x0, {0x3, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, 'ip6tnl0\x00'}}, 0x80, &(0x7f0000000ec0)=[{&(0x7f0000000740)="964616d1dafb11d6d905ea33bd4eaea0dd04eb847bc0a1210ca9456143e31b8ce14caf4a0646bc639707d10aba3e652495977a7a6d3fc41ef6364c47c2266aa410a490f920f407161207ec5352e1ce6c3822d3a2ae063583609298790a58b73fccaac3665dd78ab4a15d4c12a996799f41dc79b9f3d57a627a7517cb0b51c0cecf43519f19db25073246fa0d8e29d209ee94372325d56aa5ae8d45", 0x9b}], 0x1, &(0x7f0000000f40)=[{0x30, 0x103, 0x918, "b9b0597d21d227c112b74fbadc29c742bca992f94f18f93f4a69"}], 0x30, 0x4045}, 0x610}], 0x1, 0x4001) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x13860b96, 0xa0000) fcntl$getownex(r2, 0x10, &(0x7f0000000680)) 2018/04/06 11:41:15 executing program 3: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) fcntl$getownex(0xffffffffffffff9c, 0x10, &(0x7f0000000100)) getpid() fcntl$getown(0xffffffffffffff9c, 0x9) gettid() ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) getpgrp(r0) r1 = memfd_create(&(0x7f0000000080)='em1\x00', 0x2) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000200)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) sigaltstack(&(0x7f0000013000/0x1000)=nil, &(0x7f00000000c0)) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000258f88)) msgsnd(0x0, &(0x7f0000284ff8)={0x3}, 0x0, 0x0) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000240)={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000640)={'\x00', 0x0}) ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f0000000680)=r3) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000b40)={&(0x7f0000011000/0x4000)=nil, 0x4000}) io_setup(0x1000, &(0x7f0000000040)) io_submit(0x0, 0x50700000000000, &(0x7f0000000000)) ioctl$VHOST_RESET_OWNER(r1, 0xaf02, 0x0) 2018/04/06 11:41:15 executing program 2: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000400)={&(0x7f0000000040)={0x10}, 0xc, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c0000002200010000000000000000000400000008000c00ac141400740010727e84903fb42d94cbe4270f8c3b4e34b66800c6bb281b0083ca0812b94a3ec968cf45b6bde6f81ea74a0e424d26e2a9a17d604b52a2412607164d399f549baf5fd9f6f50754b86912a0db"], 0x1c}, 0x1}, 0x0) [ 393.065629] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000020013000 [ 393.072876] RBP: 000000000072c010 R08: 0000000000000000 R09: 0000000000000000 [ 393.080125] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 393.087382] R13: 0000000000000608 R14: 00000000006fc160 R15: 0000000000000002 2018/04/06 11:41:15 executing program 7: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt(r1, 0x401, 0xfe, &(0x7f0000000340)=""/176, &(0x7f0000000100)=0xb0) r2 = syz_open_dev$sndpcmc(&(0x7f0000000040)='/dev/snd/pcmC#D#c\x00', 0xffffffff, 0x84080) sendto$unix(r2, &(0x7f0000000200)="a38d028af548f718826a1c4b8c42310ecba49471c382e708ac334367aca9341d0626ed0a26989bf9672b0d4d91f42971ee069b099043f5742f8486ec0ee10bce7897ff577c6159950ba3ae91d13f8509789278924a7491468c88112d4ae68d4361045d0920c0dd6710a81fbeddaf3a4a0c89622940562d8a1edea42542a323cb80f937d950368fc7a9ce3982", 0x8c, 0x0, &(0x7f0000000180)=@file={0x0, './file0\x00'}, 0x1032a) r3 = openat$cgroup_int(r0, &(0x7f0000000080)='cpuset.sched_relax_domain_level\x00', 0x2, 0x0) write(r3, &(0x7f0000000300)='5', 0x1) setsockopt$inet_sctp_SCTP_ADD_STREAMS(r2, 0x84, 0x79, &(0x7f00000000c0)=0x7f, 0x4) 2018/04/06 11:41:15 executing program 2: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r0, 0x40085112, &(0x7f0000ea9fb0)={{0x4000001ff, 0x80000c}}) ioctl$TIOCOUTQ(r0, 0x5411, &(0x7f00000000c0)) fgetxattr(r0, &(0x7f0000000080)=ANY=[@ANYBLOB="732be76976e20f3a6efe9f3b58f659cc656375726974792e2f00"], &(0x7f0000000080), 0x0) ioctl$sock_inet_sctp_SIOCINQ(r0, 0x541b, &(0x7f0000000040)) 2018/04/06 11:41:15 executing program 0: mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = syz_open_dev$adsp(&(0x7f00000004c0)='/dev/adsp#\x00', 0x4, 0x58001) ioctl$KDGETLED(r0, 0x4b31, &(0x7f0000000500)) pipe2(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4000) setsockopt$llc_int(r1, 0x10c, 0x2, &(0x7f0000000300)=0xfff, 0x4) mount(&(0x7f0000879ff8)='./file0\x00', &(0x7f0000000000)='./file0\x00', &(0x7f00008d2ffa)='ramfs\x00', 0x0, &(0x7f00000000c0)) mount(&(0x7f0000037000)='./file0\x00', &(0x7f0000c4fff8)='./file0\x00', &(0x7f000002effa)='ramfs\x00', 0x100000, &(0x7f0000ce3000)) open(&(0x7f0000000480)='./file0\x00', 0x2, 0x80) mount(&(0x7f0000442ff8)='./file0\x00', &(0x7f000039cff8)='./file0\x00', &(0x7f0000ff6000)='9p\x00', 0x1001, 0x0) pivot_root(&(0x7f0000000100)='./file0\x00', &(0x7f0000000040)='.') ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r3 = open(&(0x7f00000000c0)='./file0\x00', 0x101100, 0x100) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffff9c, 0x84, 0x6f, &(0x7f00000001c0)={0x0, 0x48, &(0x7f0000000140)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in6={0xa, 0x4e22, 0x4, @loopback={0x0, 0x1}, 0x2}, @in6={0xa, 0x4e24, 0x8, @dev={0xfe, 0x80, [], 0x11}, 0x64}]}, &(0x7f0000000200)=0x10) io_setup(0x3, &(0x7f0000000340)=0x0) io_cancel(r5, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, r2, &(0x7f0000000380)="e1c0a135063c206559e0ea4ccc18f58f6a6f9f7e9242f9c0f2dc6259622ff450c28c19c4d44135532bac3a70ce0dafb3080922e17f7a43f2a7bcff763babf62dbd24256c26d8", 0x46, 0x0, 0x0, 0x0, r2}, &(0x7f0000000440)) getsockopt$inet_sctp6_SCTP_RESET_STREAMS(r3, 0x84, 0x77, &(0x7f0000000240)={r4, 0xfffffffffffffffe, 0x6, [0x6, 0x100000000, 0x0, 0x40, 0x3, 0x6]}, &(0x7f0000000280)=0x14) 2018/04/06 11:41:15 executing program 5: capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) umount2(&(0x7f0000002600)='./file0\x00', 0x4) msgget(0x3, 0x52) r0 = memfd_create(&(0x7f0000002640)='&#\x00', 0x2) sendmsg$nl_generic(r0, &(0x7f0000003740)={&(0x7f0000002680)={0x10}, 0xc, &(0x7f0000003700)={&(0x7f00000026c0)=ANY=[@ANYBLOB="14100000220001032abd7000fedbdf2502000000e2b65264bc112cd14e94f3cfed2e8c3a82eeae18f08c03731ef1763365ce6b5cf8d191a9255297646d561df0d5b21873d961e51c2279cbdd82adf52de14a408a6632fd9fcb192b9442a04293da0142fccb5a75ad8cf985397ec23e361eaf96d34153c8d6cab6f13f903d6fc1ab94ce69dcc1b577d8aecae4d775a8fc509fb62b08642c1b598fcefd3a2fa180f9745696f8f66d32c48cb128c094ad8ca30001603cad3e2c14118752b03a59967fb546a2b7ea90d71bb0fd3cb3adcf34038970a3b906d45ca0c931808e011d63582c76250a64a7bb4a42f68f8f05da85dfaf30a34f28c5412e137ea1b8ccda186c0fcd21e5d3da8d88e446438f186872e5aa3c26b3259978d0c08d7444aaa8c9b092ef78e46d18e4dfd63fb78deb558da9693978a06b917b616b450849395a5317230fc2d30b5afee9d8fe097c46e5a13816e0edb4df43496eb80aab93fbd1f1042c2e81d1d8190d8bf45b49bf6c3727f7b872e0701dce8eeef55d551caee10aeecca767fdc3b41344973c0cfd142f95ecfe9e5a3a4ebe1102d5e61440839609f962c9e16e769c855fe6b860be3c56d35a9779639ee6151cc094fcff951c1e37353d5df3c8618547a9a9aa7db205a8883b501e6e5fa6bdf122479c2b07549066e868f4cc3290233b2edcc58a2fdc3103617828f824d83114e9359cc886e67d1837f048b16395a76cdd84ee4321cca36b97cee97bd2a4921bb25222f9b5e246e3ff1c9d7327b49609df32db433a36394d9e6599b6063e3828831cec8ccd1a8b933f80fff825f6cfa746967f02f385016f07dbd0f81d555b03c3002a40a78c9a6011c40bf046b1b4362c3829364383fac116fbffffffff608fbec859ac46e97719dd491c2ef29dee1c22e1c44b83a9e963f99de598f30036d305bacaa2da687128667ea8c4add1b32c6820c5bcc659f66f6bdf7eec5a3a541f3254149aabfec6bc065836447cc97a57bc0327d601d819e991abebeaec4d9b03fd9be93aba21c6541c09b9fb30141e95a0ed2b74a1af51e1069f94fc305fac7dcbfdd900bad15c2b78b70e20ee920bf6a09a5d5c5d337321183951855fa1c2bc7d64d69f7e7a632321de70a165627badcbb08fd6a68416496d70c0567afb1037d311b36a4558999179158ba31aadf9836b7aab7b91a89f6b426f234f21ea37febac53737cecd9d6e7ed5fcb6ccf7e3e4e70943ba580fff7f0a4deabe15df2a84f6b9ad6ee1ec4cab530574da340f913f65fe7fe6989b77218317c2bc9983184f8768e90e84defc00870860b9a44eff20ac04c447e8bf0abb3e476b5ca4f01a22e472cc59b7984afa9b996050c47448df148e9ed406e226bd747838a6614a58684c1a584485e2e307b63912e8ada161df9b3aa7e64feab6b353bb63f44aee26216b87016cf737b94a43d0800373cce40b64845d983d10a4b6c2f11aac0604afcb8a9d9af3797b6aa85e762c19e7e4e96b6627e289a427029e743f4cd04722549ef468db962b37ebffb2613cf3e69e373f13999ce246765cfb09a10db07b4cc2e3b8074232620ec0d65b8b2087e4c8561482a90958037239353c6750ce5a5e1396360a03f89c9ef3fe9ca8c11273abe909b7d2fde8a41a3aeb10ecbb7a186d38145c518a4d00242eb6a1830fe7b3682b5fe6076adc93864d04dc58017d0f0051c220d6446bd3821f1b7f4a37b20e5826465a0da910dcb15960f6916057fd250306a86d3be4bd7efc030791a72a434f677b491165dbed6f46dca59cd106e9e475679965dc814fc0121d31fb7f10c5fe1a8f413143c8c5eda72429c2bcdb3ec8ec1760781e099703cdab0ff8359676805b6ccfb2749ccb9365fb544a60196782e7e6074f629cab6b7c1fa82e3b7ce566b8f58c20dc7d457c19f29e465e6c53921b023ced9956b3a2a1d4b318c2fc428642637d16649f66d530d90fad117f29a785d479594887d367965a13ad08b631d60cde46c5e0aa7db3e8606e5dfe3b0e83e2bc1a6a3c42403eabb4009b8fd62812f1a38f08cd1cf5a08f7125c5d230d2ea67e6241d3e39aa31f4ccd9d80ecd75f2e439cc64909d7ad2022a696a094d9238dd1d00077b8afc295cac666a6b94668e6568052854d37f35a0801bca4e40ae5b9fefe3331feabae970cde405557655e904216b5eadc440597b51649d572301df20ff020d8afb610fe842bd8a13804f86a700a5fe4c25ebbdc14223479e96e1cee9a88627f6f97eae9b1c3466330ebbc8618320ae35b186611ecfdb0c22856a0b87237c8d8cd3b5fec65dc21f4ad239389e7f879a86d667585963c5cec4c800f252cc001809de1bd17e8e4f3cc6f8631213ebfb5be3ecafd6050a9a5f7d50d986750146225b0be269b39ac2ab51e5d945c2f655b74d82b99c39b5560d4b0b22eaf5aaabd13b2f2bb676ebfd464cb7f929ffe98f2d7642abe46630342aa6692c88881b44cf5c2d3b6ed19fd22b7c7cf87b4294effeef20a537146d9822e484029ea3c1ba907555f7aeeb41032ab201a9d9bb85f64e10b37008ee4c26e5836476a6ab25f8afc980476075fb9b9c4f657c28267b0cab1d66acba70dfd41de110a5538d506ee0e30aa4e8c1c9d3cb71e2e6484933baeb03e469c58a40b9066d1cf3302ffbe8fd2f8471997f50ca5a1ce783859bc855c05652c15c23f01f7efa889a254ffff8a5a31dda3403685c7e74b4d47181cdd2d9b0562d7b4bf91a3a5df88e572bf6ae38d5db62b6927b0122239fa187fc5b52e02118a478f548ffe4ef0d01255a71edcd180a8e92644d73c01071a1045b9086980ec6755e7ffd7843d8b54aa9423f79de3ce0d8403867cee1247adae123ce40fdd1678a00db385dff2c40305e50eb140828f90c96f44132c987ac6bf586201107d65b84eb11c0dfa23587bbe565d4c72435b3f8575be07789894c4453498bdf66a4e9e19e5946268288361a8f0966d7493fb2479f0abb9278c2b4633f4468dc93220c203d85f5b166dad6bdced9936f450f7dc206f7529b5996c170deedeae4ed217e1ec6a3849dd6dfbbb761aa9fe07a33fe490e4226f5fe44cb8eda9b7727b0fb92460a3205e449756e33820c9e02390cbe11f6ddcf1ac86f0f7ff076fad1ba5b5a466d3db6f88faff654a04e591d712bf351dd1775cf996ac6745a7ebe37bb92e00a80e4314d8bc9ee8d7283eadfc35e062a88726af9d426c56421af4dd9d95b8dba5eb53aaef03c2f5d4394be91eb4eb641d0c3d28e144caffacd9706412254331cf78b9eed0404b7d7226c711d57538d55aeebfb500c1977339f4b9609f1cb9edf81e0762447e6b788b225e95d0be321e25de1ee362472a9db51a376fff92ec4b5e643cb7622ed18ab112a866c064523b5f9f80a2e7b768d47c6bc25b955c874f469b11d4b4a23ba08d154e985813c87fb47ed1e9149f4456872d28973fe5b43a49c9b9294d6e14f6f779b654bf221dd788f5465bfd04c59d7f80d4c5709a629b14226d8b817f8f381186fc7c42cd742decb08060bb9e501b8b1c33e799c6bb38e772c166d753c87a1a95ee71b3220ce2966df06afc23f9d600e4056c390198c8276828ca456ccb51d8f175d86afb5bd444cdab65cd190deb7599fe69eb203f32e3619c2b77e224dd4543e85d4592ce3c58144ff5efd75a6bc32b2f30a2b1ec9ecd4ab633e28c2632175dfc57445d2a3df17e8af5749c2c098ac8165e62e726e21be963eed6265a3072c3db87f27f33b5aa9287695fece590d32313c8d4262ca0fc7bad8ad63023272ac9a8349ee08c1cb4f4929a6d497686a525c34502a6b1d25548d13a11a7f0fd572d9a9d3b3b0a2e3ae582e0a578a448eb3df77f86dfe421bfdc781cc99a70a27b08b7d926686682fa994c1324ed969d16f0254b4e6abf509824fa6ddea749d636351a3b8ac9bb5c1d09e2214b240cb623d21859716c467d85c6cc44f243072206dac428fcf4e2b825f459c5513664ba59389e818e10afb2b8202d3460cc8e57e05b2bd57caa655d045abe95b214597a85313754067393664aab2918a27ec02193f1c92b6683249525e3ea43865ed2684d0c2b89ecfd38d029452979f94791f042d6a125134e5b33ee59125533a115f709f327edad45b0f32e647157a9ab5a67b79a400000100b878fac20ae5c7db36d1be42a375158de742abc66e708d8c1f1a903cba3f334c4e7b0743c33814c35b6079e9d8a202776689267acf51f86f3556b9394b7e3e91b43c1408f6fc4327eed0e3d645d25ada7ad1e1c7df0b5665e13b255888d6f16da63cf6a1e0efd130dd1035ecc5a213ef3f515d6332f8f601af42fda26c78b9f33df72cc12b949c7e086b2dba034b36f9006ea837fdb44e07e763155a4e15ef23e8c734880e8c2c0d809641432b59c37d34cdfd5c195e98a9e640063b2ea86135639d43b06253c9c44c115995df22d0f4b4bfd4ebe3fb041a0ab59c2e4868548c17d9dd4bae6830733078a31309c5552713ea58a748a37588e5b4ae2407d706b7209176e5a512f04171d82d6dae7ab2abbd8c235e0132a72afcabb184b7e948b96cff2b5a1db7334e24cb9cf622e9b2a26e0c114531259eb7ca879d316900963dd20fb19c10cd1f517c6888f5c78ee008a07cf6ecb559ff759a9a6b672033db1ca6ca1b0a6eb4a2bed0349859a9b3410f93fbca0a43fa6ee0054fe9dec07852b6d3edaa8c6d89833a9063eab9ed2ac30ab89cbfad8dc53ca6a5b9f6ab4c6ad29e29aa02696a4b8db7d956666a0f34c0e42d6a16da66f801c970e3e8e5fcd8f4783f056b1f70cb9f630b23628cd2446dc90dbf09070087843ce5b9bd9b25af71fc7713057141f76150bf9e3f85462a724fb899dcb091bb3015f1362b616bd36babf7599641036ae90c3039c824646e113d1bca43086fccfff25ab1f4bf2316adfcfd1ccbc8976620cdafcd6e692386bdd5bb0152c2fab23052525236ae4857ce66e0539e36986b37fe286aba1c0b3d5ba670b956c617ab83c5ccf60cd789a85f98809b3e00d17c35354758dd0fdc35c1c35f5190897bfb41c2d960705299ddff8f8a9a3e8d4357bec9417f38c281c2f0b93ff96879dd66f9b9914a9c6df3d86b2c372243b5aad1ec2a76888f3b7da7444c700a71e275c1b16ff2ffafee4000a16621240bf7c93728ded9a6d0ad8710c733ca9d689d1866cd4ea609c5ce058c37aac03981359c9c058ca71373c1e75ba9726a1f4b03268fff48b4d5f98d9a354e5b16ec22ea3dbdc8b0ac337a57ba2e50a078f4b5afa09c13cf4d3674f7ccc6a375da5f7ba65c39914b04b347d4e1f40b62bbd207afc39b812b834bfcb7d27713d4ae994d002b2b2561cbf6653f749d7ee25039fbe6da0ef31db3d68ec1f412f57c37e79efcd907ecf49ef963ba523c531c25a4fa3f3378a731e1f8dc94f824ee2dc38aacad41ae49668e7557933c4b7f6e9c9be06fb3e20f8851dfb0a1c21700c3c8f1967847fdb77521194064fcd3e10ca82e0ef90fa94686c5e1efb06f58c3ea168c14df97187f81a48b5958a1810f3562eb2e4ef238182e2dc3849126dac69a217529d6279ba15eb2c77e60a87c8846e580e70ffad842aa459ebec02cb9fad21c6d89b64fb347d89e1a3f08c15a1a7bc52dc688e23e8739949419762faea690a5e414267b3fff1ff3afc3473b398fb035e4667c2de0767705c14f6c8353f18276c14449a625ec41c9c2d043e144c6cb6e8b4adfbb5b401798f757d112e049763ce67aff50c31a24567bfbf32f064f11477bef0ec9d8fa46a692b887d1ff385138f16c91a5534657ff4f62ff1bb6f9aa2f153f5d37ba671a0e"], 0x1014}, 0x1, 0x0, 0x0, 0x4000004}, 0x8004) r1 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x7fff, 0x8000) recvmmsg(0xffffffffffffff9c, &(0x7f0000002440)=[{{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000040)=""/17, 0x11}, {&(0x7f0000000080)=""/43, 0x2b}, {&(0x7f0000000140)=""/110, 0x6e}, {&(0x7f00000001c0)=""/88, 0x58}, {&(0x7f0000000240)=""/140, 0x8c}], 0x5, &(0x7f0000000380)=""/193, 0xc1, 0x7ff00000}, 0xb4e}, {{&(0x7f0000000480)=@ipx, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000500)=""/241, 0xf1}], 0x1, &(0x7f0000000600)=""/215, 0xd7, 0x1f}, 0xef4d}, {{&(0x7f0000000700)=@ethernet={0x0, @link_local}, 0x80, &(0x7f0000000880)=[{&(0x7f0000000780)=""/236, 0xec}], 0x1, &(0x7f00000008c0)=""/161, 0xa1, 0x8001}, 0x7}, {{&(0x7f0000000980)=@can={0x0, 0x0}, 0x80, &(0x7f0000001dc0)=[{&(0x7f0000000a00)=""/175, 0xaf}, {&(0x7f0000000ac0)=""/4096, 0x1000}, {&(0x7f0000001ac0)=""/254, 0xfe}, {&(0x7f0000001bc0)=""/251, 0xfb}, {&(0x7f0000001cc0)=""/255, 0xff}], 0x5, &(0x7f0000001e40)=""/108, 0x6c, 0x5}, 0x7f}, {{&(0x7f0000001ec0)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @local}, 0x80, &(0x7f0000002300)=[{&(0x7f0000001f40)=""/85, 0x55}, {&(0x7f0000001fc0)=""/197, 0xc5}, {&(0x7f00000020c0)=""/20, 0x14}, {&(0x7f0000002100)=""/144, 0x90}, {&(0x7f00000021c0)=""/97, 0x61}, {&(0x7f0000002240)=""/174, 0xae}], 0x6, &(0x7f0000002380)=""/190, 0xbe, 0x8}}], 0x5, 0x21, &(0x7f0000002580)={0x0, 0x1c9c380}) sendmsg(r1, &(0x7f0000004980)={&(0x7f0000003780)=@ethernet={0x6, @random="5b6c61a7e72e"}, 0x80, &(0x7f0000004940)=[{&(0x7f0000003800)="df8ddfa3f0cce5301c223ca71590dad8da59e215ddf235a11199cfa07972a6b0025aad658505531693069489ee063c205432a84e35713913a9c068283591e0e603b933d4da3b6771066bdc8d50fe7700233ad74e097f0863c13c9fd12590c00b1c61df6441a186f7e2712d0e822c8c488ea529b97ec8d373e450eab6190318326c1e8a798336c82cc55ba2c2c46ad8a56ea116c34f6b782fa0ddb79175879d840ced4a124e11ff6380c26bf2951a9b6493685bcb72c7b9d37b2970c2214b485b24fefaed679a7cdd62f42440a0302d277fc9a2fb0734762f8aa8437c1578d285d4cc921d03983d69ee0299bd20ad86cf08940e81cdf0ced49af4571b1c91b40fbf617cd0e9420760789206a22662591d75c085bb38e9f0d45edfade954573f243f69cf39a81a3db40fad35af102d54b639533a5e06471d54da5cf82a023603f396764be9b332451a2052ee7721443a266dc89b238549942b5c1df7f16ce717f782c7c530a6ab0118982328ce2017c8d93a4a2464f6677c4d9203e656e4a9c82ea7406da71926455cbac9d0d1c514dc5bddb1bc4839b0f0c2ffe1c82c78131e1f7d0dbb55cc11c693ab650a7e1958c624bea08164897dc0a6f326a68018115a9a8486171e12ae014984b10ed73f4f2cbfd229c0495aeaed6d60d8b5688946551968498c733ee9793dfaf9338e5cd1d4139d6cc3e9ef167886df2ae813bc7170a1f35f100a74fdf61de5e2704729e56aae5665f43558bb423fb2b0837233ccb5a0747510e7bb539fea7f8df4fb90b5c940bff72df3d89225ef14d1e80828eb1834ee2c5f361be566dbc4577cafd72501c67703a43cb3bf8eb27bc7391d5797881ab44c6c8bef6a7ab04d98c40c8147c0f25164dca222db4c12b267c4a140c7c8cb33e8afa96a497e1054268dd55c21ca1d60508fa319523aee1c22f10563a6fadf1510869784a121f62edb6f182bf0134159555bc5d5d47487d04a372f0eda64e2869e05c3050f75a318203428aca55ae840ad3f96e6e622e5996e6728da578198dd5ca344802217b2c8039a7ad261ecc3ba7f0cdcdeb719191ab28aa915f956e000e87e12fbef79f9484b1c7e2e57d5040a4e2a83d12ed0724755a5919272408eac50535bcfd498a434d6f023a361f3346a1770171c32832a92c30a0a74633b9d0d5215318c15fb13f1ad8e09b5afbb20c9fdad2c26e9b900d01c7298418c35c027f4d38e7eba200644826a5f7fb1b4feda3908a475e03fd890fb821964c06bff5b209e85bd608f5cc0e717d5ce947d021f6d46b6f1879e596c4c518f0b5f156093ac3942d65e6c5b410a9a124a9ecc68a8b0330be019cc7d1425ccdc0042e895091e850170d6ed0cabf8185847d6b39e2dab02fb2b815d07a7fe7719d275d30129ae5459bd2b42dcaf6a402d3cb7b35f4a9aa5dcf470e51694912f138df0816ad176d4d8eda44bc47f2530a402dc1d1580824c0790bc956d1fefcb358f88f2598a226d3d32d3775523562ce4e0bf3113b86d9aad46bd41f97dea3e796af87b5c7ef68bae0195707d24c65166dc4876d809d13c0447059cdb3edac14a7a2651ae7fd907222a1d079ee240639c7dab3a8c261b292b49c1fad3b6c8f49d2c35512973ea21c3f815cabe6684f612ce2d012bf688147717e250a42ea9ef3fc0e6c96c2e7ea3629c576263b0e9fc29b50d268c6438e8ed026410e8227a27f2a9d3b880b4143b23765bca1a15d8324e23c13439fae6c1a8ddbde99f746f9a591f10a1e687dc546c45aa91b22e34d3d33b9c923451b8526eacf81a5fffa06fa3d33797c86fd1312a7e156713f203aa5a03a131dbbf2c3caaad622c1b0fb7553e7e67bfa4b386465217055fae8e541778dae9713307cab8532454b911c38b7e073c62580f6f5bb11bd05d6f0afc176410db56bc36db8ad369661aaf8b30ae70675f322876c088e337f3c1fee5265a58efa2502a5bfdaa5cd950fa904ff487d2f60ebe3ae7dd7a77f900e2652ea9a7ec97fe2069bb41e4023ef67b405d81708e6a7609cb0e7e0bb9a08d13f64251bcb2a5ee7c079269dcabca4c5658327f22813eb5eace4d8037c767a7236a556b8cdaa7a35ed192babcb8b103b6335a1598f1960f8fc08f59996b7e096d1aa9868b4469ed9d12c054ce9346f3e304fefe7fc4df3350fd26e08bfa28cc18535b6999b3ba419f9f3f78a3dd12444a927b39bfdfaa9deb373bf9452dac809a6ed714280f9d153206ec4fb68172d3740c07ac056ee9edadeb9ae15c23757f6631687b04b8babeefc1a2a91538a58cb574039c2c2bf1015dc18dacb063c00eb1df2eb0605373437d48a9f90d8f73f4892e1ed4f190e87894aab57d6ae88eadc74fb4a5206cb2b540d1f3547727bdb641dbe218e8215690797ce8b1cc9303d366f86423d3d76ab2ece2d5e0ba1000a529ee341c12072dcb3f2a876c71fed5e853f53b72e3bfffeaf077f569a9621028a2f6211d5f2a07dcf488457ddc80b1c6cd7499de0cabc0c410bbb7186d1083615a11485276ca0550b609403ff830309e5646b4e7fba879ec59dc615fc978fd8ddd0176d6918b5d8dfa205354b4c6536d0f65a8546b0d036bd1253121bbee0a6a693ae247ae812eadb7198dc9a422c71c65263a3b80d8a9867fe13d5334cacf6d99c53009eba88cf155b83174db40b6baf3c9660746862e92333880bae85a10223bcdeee6069fd2da0222fb2f3f5fa7795437bc72ec6a6ad1e9c7b18035be0ce366d8133f2328a8150d4f414e0692f81a264cd8fa7cf8fcad4daf57728436f91e83f12813943a379ddb63a25dc4f203c2a40e148f7402a97df59b2831c84a4fd078a3e9c344dacdbe24d8546fe0a362f28ed09fc809f7292746b0c9297f1a762c062bf60a6d7721ca8f1f39c3d10e9d96579c6205051cb9815749731deac27c86f688c6d769395e64bba75d9926302020f7336c03b1382fbc5f8cdb100d66ca0aa1697b4046021d922c617eca8d3af8778413c16e8c176ecbbf776d5b5dea16aa206425ba005f0cfa84a6c2c84e5c97e8c1f52fcabda5ea2c909531d451ed85014d6f0225e6f1241aca6e32c6e795dbab9112e116f5a3b404e0ee71b2b1b1331c855be3c1e1d65718bd84a90da3ab3d7214cf5418f8dee697d7b0f95787ab1ead8f2ae804256ef95a6edb5c07d54545abfdb2a28966077db5e5845cb0ed37e68df0c2e3061f5c7a3e27ab18931957f8171f2c490a2ff7900e8f172ccb979d59a4ce71e988e96088a3a32e6295bc83eedc246b4fc9e1d7290dac64fff3d3d2b3c6848cb8750c32e7f9acdeb5e41cc0aad07c31fbaa9668234edbb01006fb3759c2161951cc2db9152344a409b790be2c977f3a4887eb06c62d4ee379ecdb109b5289cc663739926825d400b7658b8d886df1d54b2163794c65d6e5058b404be974ea37ccc1561a32e44ce4eae59ba55b9466f5c36e33ea5df53ffc90edb4f2ff45e5745a8f9723506b1d6db815d578ce9843c097649a8b5cd7fafad7ddd87318d73845d93fc084d03c500824d4983e661277f6312f8b54012c92ef954562e6688078eb98a82838e180d7e1b49b0f94b13ac4ad35cf708a2e6405d92b4d51263a5ef0336c6d32d70d9e5ed166325e8fb87ff1a66b6580e60dd653fba0e7ccb5a271cd4d7ee304187505704fc2c3e5d79457d5991b2d77b6b0dd94d5107d2f6b90227365f54084642748262f1ff1aa5e29e892b6e15bc457e05bd30dcd89d106ea33c37545b6fe0dd0564d87a74bfa78a7f3eeecd26b53f314bf6e481da22808147ff6b8acb45ac1de080c337e2cbc606ce1a7573a7efa85d6927128f4f74c65affcfee1360970507c8957bec71e28ad6a8458a6e2e6a706ef0fe38bc91500ec23effc687a97c4a685e07dbcc2253a6f5cdacc681096e4abb060d281dd76c11d3fb3827a1b1720af6fcb9bc4b57dda3d91fa9259028d4bdd3dc26f4893654c42b03696a86f16a5c8a2ebe8afe7cff88f984f2e444c644b196fe44e5729eede7d3d48a9daab91d47a407cb1af03762c11609f236fd7e4ea81cd5a8acdffaffbcb64851ab9a03a89f2f4d788ad682ad52782b04fbd6f24381472b66053fbb68f0303f8597b3ecbbb4dfa848935a38a0dbfe20f9e123f268d281a7dba4c7a7a1ead3f2c7fa762de9e3becc19e232c3962d2d890b1f162421d7e10bab81d3a7a63162282faf92468370fa91b367bdf84b679fd2e3747692210377ecb6dd1aaa22fc4fff350bfde1b790f2cc4109af055a2895915c4488add11110c5cc68348037124e34711982966b11790fd45bc67791b1cb1a6a946e84f017da5aec72bb16a6fda82776eede99ab19c485a30275e69dd1adbf3f72d0c09a2029f9ce5c08cbf431166d19407830de91b56bfed732bc12c4490b43edb0936e5d5a7d36b46f5655c9591d98bbc18ff1dcc02a53c3e680f43ac0628324f8911c4b856fab1b3faba500f8672e4bb2aa2fb45b3d088c6865a454783f59fc5e1bfb2c9234d7f2a1c6f40af31b05d1df5433f022d8bcc7c106052b30514c59bd4d9954e188196afa15ca4f3f54cf6a632e7a644c737ead70ee5d98dfeb539dc54e9bf176a7d280404b18ba1acc0a47cfd672fe18dcb52141da41ad6b7eee0232a320e8dcf9a0c2d3d185db6094fcd70fde49ff019189044b00463dd068b9f4b1723ec87a901253ab4b3decb18b088df50599f7e07fd6d8e4ada17da5edb1d51d491a1a0ac2ce5f93c5f55010ad85c71c5d0b027e21d59a8e6c72e9feb3239a59e67b8997c2840cbeaedde6cf8122f59f22ae654a1439721c3d0a3ed8f24328e4a63dd5a8f72eed0a3b552f3e39cd1a1662ed967a33fa99882f349e95fb4b6302075bb6b2a0128b1b464d7828f2dcf4a56b53af346d4fd82a04981a04f551f3402e0c50d5db758cc2c0c2cb6391fce66d65ecc8926a12effd9768327a3440966cb6afc19fb278ae58e9de9dd85583178a80f36ba9cf3b3cc8e11706db04bd2e3a38a90495e4718cd8f3c52590237954201c86efb4e6ebe38679feb3647ba4130b21a63afaad135cbbf141a86600084c4b44e3395a2e07c04be6b2cdbfa4ff7f10160901e4974ce1731799e17ceaf9afc6d4da1cd64bcc7d64fdfe8ae16ce20e64fd7e1bc84a9a1a1ab57eb12e7fdcb620b4f7f4897c1e5a744060a9012a15818a9f4a78c03696f498b33ab2664fe111b28fb0026b5bf994c3981d02de7dacaddab0831790489003557c505afbaf4bc393d0991122a18755473e1a96837cd08d8813c8be2c6b11bf3e8fcdf1279db1138341facc7b399f6c1dc6fb932df6b6f57779b162383d75429b92a86099988003308c7b0afea84ee1140d3e56cd2241e12385bd959081b1dd03bcec1a21e0d69c727e38dbdd52bc4292de1ef586ec8d36a1c9717867de51d60950b93e0833d617317595f2ae694a844b099a1193b9addd9ad73669d12cbe480b54a0cd99c9fccf45831421de99c88ebbc4b4f5506aed2c52e7cdb706771ea04eead96f2fee43e1dcbeec7fad414ee52a60e34f19e8749e286f7d7284abcfb9a5b22d223419a80a8714973af8970f8b923a30d09018250e5adca9cac529ab9d6ac8e83da05434c8fad5b3014975d31e6fc8665f0e2f4995aa1f5a30d3b6be36041524da17b6627fb0368912d255ed2dfc38cea6f36ac695b9b117a3b3aa1699a762e639ccfb00dd5855102ba632c70d71d0214e6be50b821a9c432dbb11236a3761856759aa16e75c8734e1f2e069ebe19bc6f10f73e426ba8ecf0eb752ef8f035599828783c2ea9c8e8203d27ace4f7d7", 0x1000}, {&(0x7f0000004800)="37258da32cde14725a51717a37e2997626726c1385e8e42d0291c697729226b8bc256e826f7fe97aa065016918270ea5528d9b", 0x33}, {&(0x7f0000004840)="8e9c782adf26aa51a4d9e3ddac3f15f1382e9e72cb0ae0ad66c09595f2224bfd31b98d7a08c6c1ba0587fecc73388b82090267bd2358872932c1bbdcb99c7ebd334e970169197108b6953c99a826299b668f17b4bd39ffdc3ee8984dedad57a5aa213e3acf201328664ce35f42d37ed1f0abf4949694a75e136eb24f6d48c892579c372ffbd3eea31b465c4a779a8eb8ddb7cb06436362c79c22b1ceda7b89f52b3ad65df32766a9841f808d43a37af0b1545515d14af987baf9cfe9eb0976768a55b4a3846cefd460ee8c7894e793a644de0ba4", 0xd4}], 0x3, 0x0, 0x0, 0x40000}, 0x800) setsockopt$packet_add_memb(r1, 0x107, 0x1, &(0x7f00000025c0)={r2, 0x1, 0x6, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}}, 0x10) 2018/04/06 11:41:15 executing program 1: r0 = socket(0x0, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) r1 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x52, r1, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000000200)={0x0, 0x45, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30445cc3106098c1375dee48494f93"}, &(0x7f00000000c0)=0x4d) close(r1) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(r0, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$alg(0x26, 0x5, 0x0) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000640)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000140), &(0x7f0000000180)) close(r3) sendmmsg(0xffffffffffffffff, &(0x7f0000002280)=[{{&(0x7f00000006c0)=@pppoe={0x18, 0x0, {0x3, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, 'ip6tnl0\x00'}}, 0x80, &(0x7f0000000ec0)=[{&(0x7f0000000740)="964616d1dafb11d6d905ea33bd4eaea0dd04eb847bc0a1210ca9456143e31b8ce14caf4a0646bc639707d10aba3e652495977a7a6d3fc41ef6364c47c2266aa410a490f920f407161207ec5352e1ce6c3822d3a2ae063583609298790a58b73fccaac3665dd78ab4a15d4c12a996799f41dc79b9f3d57a627a7517cb0b51c0cecf43519f19db25073246fa0d8e29d209ee94372325d56aa5ae8d45", 0x9b}], 0x1, &(0x7f0000000f40)=[{0x30, 0x103, 0x918, "b9b0597d21d227c112b74fbadc29c742bca992f94f18f93f4a69"}], 0x30, 0x4045}, 0x610}], 0x1, 0x4001) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x13860b96, 0xa0000) fcntl$getownex(r2, 0x10, &(0x7f0000000680)) 2018/04/06 11:41:15 executing program 4: r0 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000200)={r1}, &(0x7f00000000c0)=0x8) close(r0) setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040), 0x4) perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$rdma_cm(0xffffffffffffffff, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080), 0x2}}, 0xfffffe84) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000002c0)={0x0, {{0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, [], 0x19}}}, {{0xa, 0x4e20, 0x3f, @remote={0xfe, 0x80, [], 0xbb}}}}, 0x108) 2018/04/06 11:41:15 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = getuid() r1 = getegid() lchown(&(0x7f0000000680)='./file0\x00', r0, r1) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_inet_SIOCGIFADDR(r2, 0x8915, &(0x7f00000008c0)={'syzkaller1\x00', {0x2, 0x4e24, @remote={0xac, 0x14, 0x14, 0xbb}}}) r3 = getpid() r4 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_ifreq(r4, 0x80000089a6, &(0x7f0000000940)={"62707130000000000000000200", @ifru_names='ip6gretap0\x00'}) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000500)={0xffffffffffffffff, 0xffffffffffffffff}) connect$inet(r5, &(0x7f0000000540)={0x2, 0x4e22}, 0x10) r7 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$inet_int(r6, 0x0, 0x14, &(0x7f0000000400)=0x8, 0x4) getuid() getpeername(r4, &(0x7f0000000840)=@sco, &(0x7f00000007c0)=0x80) r8 = creat(&(0x7f0000000440)='./file0\x00', 0xbff5b3a32572026e) execve(&(0x7f0000000580)='./file0\x00', &(0x7f0000000700)=[&(0x7f00000005c0)='securityvboxnet1/security\\em1\',self@\x00', &(0x7f00000006c0)="6272696467653000e7ffffff00"], &(0x7f0000000780)=[&(0x7f0000000740)='nfs\x00']) getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(0xffffffffffffff9c, 0x84, 0x66, &(0x7f0000000480)={0x0, 0x5}, &(0x7f00000004c0)=0x8) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r8, 0x84, 0x72, &(0x7f0000000800)={r9, 0x7, 0x20}, &(0x7f0000000640)=0xffffffffffffff19) ioctl$VT_RESIZE(r8, 0x5609, &(0x7f0000000600)={0x80000001, 0x1f, 0x2}) gettid() sendmsg$nl_netfilter(r7, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000900)=ANY=[@ANYBLOB="3c1400000000082eadf4d1fabebd7001e8b9ce21d9c79fbf180a020008003300"], 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x14) readv(r5, &(0x7f0000000380)=[{&(0x7f0000000140)=""/126, 0x7e}, {&(0x7f00000001c0)=""/101, 0x65}, {&(0x7f0000000240)=""/39, 0x27}, {&(0x7f0000000280)=""/183, 0xb7}, {&(0x7f0000000340)=""/12, 0xc}], 0x5) fcntl$setown(r6, 0x8, r3) r10 = gettid() perf_event_open(&(0x7f000000a000)={0x6, 0x70, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, @perf_bp, 0x8000000200000000, 0x7e}, 0x0, 0x0, 0xffffffffffffffff, 0x0) setpgid(r10, r10) mount(&(0x7f000091dff8)='./file0\x00', &(0x7f0000343ff8)='./file0\x00', &(0x7f0000fb5ffc)='nfs\x00', 0x0, &(0x7f000000a000)) socket$can_raw(0x1d, 0x3, 0x1) ioctl$TIOCMBIS(r8, 0x5416, &(0x7f0000000040)=0x2) 2018/04/06 11:41:15 executing program 2: r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$KVM_DIRTY_TLB(r0, 0x4010aeaa, &(0x7f0000000180)={0x1, 0x1}) r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio\x00', 0x0, 0x0) ioctl$TCSETA(r1, 0x5406, &(0x7f0000000140)={0x5, 0xfffffffffffffff7, 0x7, 0xffffffff, 0x100, 0x8, 0x3, 0x1, 0xfffffffffffffffc, 0x4}) perf_event_open(&(0x7f0000223000)={0x2, 0x70, 0xe3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syslog(0x3, &(0x7f0000000080)=""/164, 0xa4) 2018/04/06 11:41:15 executing program 6: socket$inet_udp(0x2, 0x2, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000095bffc)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) sendto$inet(r1, &(0x7f0000762fff), 0xfdc7, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001, [0xffc3000000000000]}, 0x10) [ 394.035136] FAULT_FLAG_ALLOW_RETRY missing 30 [ 394.039722] CPU: 0 PID: 24811 Comm: syz-executor3 Not tainted 4.16.0+ #3 [ 394.046551] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 394.055909] Call Trace: [ 394.058487] dump_stack+0x1b9/0x294 [ 394.062099] ? dump_stack_print_info.cold.2+0x52/0x52 [ 394.067284] ? kasan_check_write+0x14/0x20 [ 394.071502] ? do_raw_spin_lock+0xc1/0x200 [ 394.075720] handle_userfault.cold.32+0x44/0x57 [ 394.080368] ? handle_userfault+0x16c6/0x2760 [ 394.084857] ? userfaultfd_ioctl+0x4d10/0x4d10 [ 394.089419] ? debug_check_no_locks_freed+0x310/0x310 [ 394.094587] ? find_held_lock+0x36/0x1c0 [ 394.098634] ? print_usage_bug+0xc0/0xc0 [ 394.102676] ? print_usage_bug+0xc0/0xc0 [ 394.106728] ? check_same_owner+0x320/0x320 [ 394.111038] ? do_raw_spin_unlock+0x9e/0x2e0 [ 394.115432] ? __lock_acquire+0x7f5/0x5130 [ 394.119660] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 394.125178] ? graph_lock+0x170/0x170 [ 394.128964] ? debug_check_no_locks_freed+0x310/0x310 [ 394.134136] ? find_held_lock+0x36/0x1c0 [ 394.138180] ? lock_downgrade+0x8e0/0x8e0 [ 394.142309] ? kasan_check_read+0x11/0x20 [ 394.146434] ? do_raw_spin_unlock+0x9e/0x2e0 [ 394.150824] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 394.155386] ? kasan_check_write+0x14/0x20 [ 394.159599] ? do_raw_spin_lock+0xc1/0x200 [ 394.163819] __handle_mm_fault+0x34be/0x4150 [ 394.168209] ? vm_insert_mixed_mkwrite+0x40/0x40 [ 394.172943] ? graph_lock+0x170/0x170 [ 394.176724] ? find_held_lock+0x36/0x1c0 [ 394.180769] ? lock_downgrade+0x8e0/0x8e0 [ 394.184903] ? handle_mm_fault+0x8c0/0xc70 [ 394.189120] handle_mm_fault+0x53a/0xc70 [ 394.193161] ? __handle_mm_fault+0x4150/0x4150 [ 394.197721] ? find_vma+0x34/0x190 [ 394.201243] __do_page_fault+0x60b/0xe40 [ 394.205286] ? mm_fault_error+0x380/0x380 [ 394.209413] ? graph_lock+0x170/0x170 [ 394.213194] do_page_fault+0xee/0x8a7 [ 394.216974] ? vmalloc_sync_all+0x30/0x30 [ 394.221105] ? find_held_lock+0x36/0x1c0 [ 394.225153] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 394.229981] page_fault+0x25/0x50 [ 394.233414] RIP: 0010:copy_user_generic_unrolled+0x86/0xc0 [ 394.239017] RSP: 0018:ffff8801b7687ce8 EFLAGS: 00010206 [ 394.244366] RAX: ffffed0036ed0fae RBX: 0000000000000018 RCX: 0000000000000003 [ 394.251613] RDX: 0000000000000000 RSI: 0000000020013000 RDI: ffff8801b7687d58 [ 394.258861] RBP: ffff8801b7687d20 R08: ffffed0036ed0fae R09: ffffed0036ed0fab [ 394.266112] R10: ffffed0036ed0fad R11: ffff8801b7687d6f R12: 0000000020013018 [ 394.273359] R13: 0000000020013000 R14: ffff8801b7687d58 R15: 00007ffffffff000 [ 394.280625] ? _copy_from_user+0x10d/0x150 [ 394.284845] SyS_sigaltstack+0xae/0x320 [ 394.288804] ? do_sigaction+0xa50/0xa50 [ 394.292760] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 394.298278] ? fput+0x130/0x1a0 [ 394.301540] ? ksys_ioctl+0x81/0xd0 [ 394.305146] ? do_syscall_64+0xb7/0x9d0 [ 394.309104] ? do_sigaction+0xa50/0xa50 [ 394.313059] do_syscall_64+0x29e/0x9d0 [ 394.316928] ? vmalloc_sync_all+0x30/0x30 [ 394.321061] ? _raw_spin_unlock_irq+0x27/0x70 [ 394.325539] ? finish_task_switch+0x1ca/0x820 [ 394.330020] ? syscall_return_slowpath+0x5c0/0x5c0 [ 394.334944] ? syscall_return_slowpath+0x30f/0x5c0 [ 394.339858] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 394.345201] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 394.350035] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 394.355204] RIP: 0033:0x4552d9 [ 394.358371] RSP: 002b:00007ff15ecfec68 EFLAGS: 00000246 ORIG_RAX: 0000000000000083 [ 394.366058] RAX: ffffffffffffffda RBX: 00007ff15ecff6d4 RCX: 00000000004552d9 [ 394.373306] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000020013000 [ 394.380559] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 394.387815] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 394.395061] R13: 0000000000000608 R14: 00000000006fc160 R15: 0000000000000000 [ 394.538570] FAULT_FLAG_ALLOW_RETRY missing 30 [ 394.543201] CPU: 0 PID: 24855 Comm: syz-executor3 Not tainted 4.16.0+ #3 [ 394.550032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 394.559364] Call Trace: [ 394.561964] dump_stack+0x1b9/0x294 [ 394.565587] ? dump_stack_print_info.cold.2+0x52/0x52 [ 394.570761] ? kasan_check_write+0x14/0x20 [ 394.574985] ? do_raw_spin_lock+0xc1/0x200 [ 394.579203] handle_userfault.cold.32+0x44/0x57 [ 394.583854] ? handle_userfault+0x16c6/0x2760 [ 394.588332] ? userfaultfd_ioctl+0x4d10/0x4d10 [ 394.592895] ? debug_check_no_locks_freed+0x310/0x310 [ 394.598413] ? find_held_lock+0x36/0x1c0 [ 394.602459] ? print_usage_bug+0xc0/0xc0 [ 394.606502] ? print_usage_bug+0xc0/0xc0 [ 394.610550] ? kasan_check_read+0x11/0x20 [ 394.614680] ? check_same_owner+0x320/0x320 [ 394.618979] ? do_raw_spin_unlock+0x9e/0x2e0 [ 394.623371] ? __lock_acquire+0x7f5/0x5130 [ 394.627588] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 394.633105] ? graph_lock+0x170/0x170 [ 394.636891] ? debug_check_no_locks_freed+0x310/0x310 [ 394.642062] ? find_held_lock+0x36/0x1c0 [ 394.646107] ? lock_downgrade+0x8e0/0x8e0 [ 394.650248] ? kasan_check_read+0x11/0x20 [ 394.654414] ? do_raw_spin_unlock+0x9e/0x2e0 [ 394.658806] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 394.663369] ? kasan_check_write+0x14/0x20 [ 394.667583] ? do_raw_spin_lock+0xc1/0x200 [ 394.671808] __handle_mm_fault+0x34be/0x4150 [ 394.676215] ? vm_insert_mixed_mkwrite+0x40/0x40 [ 394.680950] ? graph_lock+0x170/0x170 [ 394.684731] ? graph_lock+0x170/0x170 [ 394.688513] ? find_held_lock+0x36/0x1c0 [ 394.692557] ? lock_downgrade+0x8e0/0x8e0 [ 394.696691] ? handle_mm_fault+0x8c0/0xc70 [ 394.700911] handle_mm_fault+0x53a/0xc70 [ 394.704953] ? __handle_mm_fault+0x4150/0x4150 [ 394.709517] ? find_vma+0x34/0x190 [ 394.713042] __do_page_fault+0x60b/0xe40 [ 394.717086] ? mm_fault_error+0x380/0x380 [ 394.721214] ? graph_lock+0x170/0x170 [ 394.724997] do_page_fault+0xee/0x8a7 [ 394.728793] ? vmalloc_sync_all+0x30/0x30 [ 394.732920] ? __fget+0x40c/0x650 [ 394.736356] ? find_held_lock+0x36/0x1c0 [ 394.740401] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 394.745226] page_fault+0x25/0x50 [ 394.748658] RIP: 0010:copy_user_generic_unrolled+0x86/0xc0 [ 394.754254] RSP: 0018:ffff8801b7f57ce8 EFLAGS: 00010206 [ 394.759596] RAX: ffffed0036feafae RBX: 0000000000000018 RCX: 0000000000000003 [ 394.766845] RDX: 0000000000000000 RSI: 0000000020013000 RDI: ffff8801b7f57d58 [ 394.774093] RBP: ffff8801b7f57d20 R08: ffffed0036feafae R09: ffffed0036feafab [ 394.781341] R10: ffffed0036feafad R11: ffff8801b7f57d6f R12: 0000000020013018 [ 394.788588] R13: 0000000020013000 R14: ffff8801b7f57d58 R15: 00007ffffffff000 [ 394.795856] ? _copy_from_user+0x10d/0x150 [ 394.800078] SyS_sigaltstack+0xae/0x320 [ 394.804039] ? do_sigaction+0xa50/0xa50 [ 394.807996] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 394.813517] ? fput+0x130/0x1a0 [ 394.816777] ? ksys_ioctl+0x81/0xd0 [ 394.820382] ? do_syscall_64+0xb7/0x9d0 [ 394.824335] ? do_sigaction+0xa50/0xa50 [ 394.828298] do_syscall_64+0x29e/0x9d0 [ 394.832176] ? _raw_spin_unlock_irq+0x27/0x70 [ 394.836653] ? finish_task_switch+0x1ca/0x820 [ 394.841132] ? syscall_return_slowpath+0x5c0/0x5c0 [ 394.846042] ? syscall_return_slowpath+0x30f/0x5c0 [ 394.850955] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 394.856300] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 394.861123] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 394.866293] RIP: 0033:0x4552d9 [ 394.869461] RSP: 002b:00007ff15ecbcc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000083 [ 394.877150] RAX: ffffffffffffffda RBX: 00007ff15ecbd6d4 RCX: 00000000004552d9 2018/04/06 11:41:17 executing program 5: capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) r0 = msgget(0x2, 0x1b4) socketpair$inet6_sctp(0xa, 0x5, 0x84, &(0x7f0000000600)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, &(0x7f0000000500)={{{@in6=@local, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@remote}, 0x0, @in6=@mcast1}}, &(0x7f0000000140)=0xe8) getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f0000000180)={0x0, 0x0, 0x0}, &(0x7f00000001c0)=0xc) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000200)={{{@in, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@dev}, 0x0, @in6=@dev}}, &(0x7f0000000300)=0xe8) fstat(0xffffffffffffff9c, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r6 = getpid() socketpair$inet6(0xa, 0x6, 0x8, &(0x7f0000000440)) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000480)={0x0, 0x5}, &(0x7f00000004c0)=0x8) r7 = gettid() msgctl$IPC_SET(r0, 0x1, &(0x7f00000003c0)={{0x2, r2, r3, r4, r5, 0x1, 0x100000000}, 0x7, 0xbd2, 0x8, 0x10000, 0x3, 0x6, r6, r7}) msgget(0x2, 0x58) 2018/04/06 11:41:17 executing program 4: r0 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000200)={r1}, &(0x7f00000000c0)=0x8) close(r0) setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040), 0x4) perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$rdma_cm(0xffffffffffffffff, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080), 0x2}}, 0xfffffe84) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000002c0)={0x0, {{0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, [], 0x19}}}, {{0xa, 0x4e20, 0x3f, @remote={0xfe, 0x80, [], 0xbb}}}}, 0x108) 2018/04/06 11:41:17 executing program 6: socket$inet_udp(0x2, 0x2, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000095bffc)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) sendto$inet(r1, &(0x7f0000762fff), 0xfdc7, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001, [0x571c0000]}, 0x10) 2018/04/06 11:41:17 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000007ffc), 0x4) r1 = socket$packet(0x11, 0x3, 0x300) getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000640)={{{@in=@remote, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@loopback}, 0x0, @in6}}, &(0x7f0000000740)=0xe8) bind$packet(r0, &(0x7f0000000780)={0x11, 0x5, r2, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}, 0x14) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000007ffc)={0x0, 0x0, 0x1}, 0x4) 2018/04/06 11:41:17 executing program 1: r0 = socket(0x0, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) r1 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x52, r1, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000000200)={0x0, 0x45, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30445cc3106098c1375dee48494f93"}, &(0x7f00000000c0)=0x4d) close(r1) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(r0, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$alg(0x26, 0x5, 0x0) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000640)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000140), &(0x7f0000000180)) close(r3) sendmmsg(0xffffffffffffffff, &(0x7f0000002280)=[{{&(0x7f00000006c0)=@pppoe={0x18, 0x0, {0x3, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, 'ip6tnl0\x00'}}, 0x80, &(0x7f0000000ec0)=[{&(0x7f0000000740)="964616d1dafb11d6d905ea33bd4eaea0dd04eb847bc0a1210ca9456143e31b8ce14caf4a0646bc639707d10aba3e652495977a7a6d3fc41ef6364c47c2266aa410a490f920f407161207ec5352e1ce6c3822d3a2ae063583609298790a58b73fccaac3665dd78ab4a15d4c12a996799f41dc79b9f3d57a627a7517cb0b51c0cecf43519f19db25073246fa0d8e29d209ee94372325d56aa5ae8d45", 0x9b}], 0x1, &(0x7f0000000f40)=[{0x30, 0x103, 0x918, "b9b0597d21d227c112b74fbadc29c742bca992f94f18f93f4a69"}], 0x30, 0x4045}, 0x610}], 0x1, 0x4001) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x13860b96, 0xa0000) fcntl$getownex(r2, 0x10, &(0x7f0000000680)) 2018/04/06 11:41:17 executing program 3: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) fcntl$getownex(0xffffffffffffff9c, 0x10, &(0x7f0000000100)) getpid() fcntl$getown(0xffffffffffffff9c, 0x9) gettid() ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) getpgrp(r0) r1 = memfd_create(&(0x7f0000000080)='em1\x00', 0x2) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000200)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) sigaltstack(&(0x7f0000013000/0x1000)=nil, &(0x7f00000000c0)) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000258f88)) msgsnd(0x0, &(0x7f0000284ff8)={0x3}, 0x0, 0x0) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000240)={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000640)={'\x00', 0x0}) ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f0000000680)=r3) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000b40)={&(0x7f0000011000/0x4000)=nil, 0x4000}) io_setup(0x1000, &(0x7f0000000040)) io_submit(0x0, 0x90e10000000000, &(0x7f0000000000)) ioctl$VHOST_RESET_OWNER(r1, 0xaf02, 0x0) 2018/04/06 11:41:17 executing program 7: perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) r0 = getuid() r1 = getegid() lchown(&(0x7f0000000680)='./file0\x00', r0, r1) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_inet_SIOCGIFADDR(r2, 0x8915, &(0x7f00000008c0)={'syzkaller1\x00', {0x2, 0x4e24, @remote={0xac, 0x14, 0x14, 0xbb}}}) r3 = getpid() r4 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_ifreq(r4, 0x80000089a6, &(0x7f0000000940)={"62707130000000000000000200", @ifru_names='ip6gretap0\x00'}) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000500)={0xffffffffffffffff, 0xffffffffffffffff}) connect$inet(r5, &(0x7f0000000540)={0x2, 0x4e22}, 0x10) r7 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$inet_int(r6, 0x0, 0x14, &(0x7f0000000400)=0x8, 0x4) getuid() getpeername(r4, &(0x7f0000000840)=@sco, &(0x7f00000007c0)=0x80) r8 = creat(&(0x7f0000000440)='./file0\x00', 0xbff5b3a32572026e) execve(&(0x7f0000000580)='./file0\x00', &(0x7f0000000700)=[&(0x7f00000005c0)='securityvboxnet1/security\\em1\',self@\x00', &(0x7f00000006c0)="6272696467653000e7ffffff00"], &(0x7f0000000780)=[&(0x7f0000000740)='nfs\x00']) getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(0xffffffffffffff9c, 0x84, 0x66, &(0x7f0000000480)={0x0, 0x5}, &(0x7f00000004c0)=0x8) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r8, 0x84, 0x72, &(0x7f0000000800)={r9, 0x7, 0x20}, &(0x7f0000000640)=0xffffffffffffff19) ioctl$VT_RESIZE(r8, 0x5609, &(0x7f0000000600)={0x80000001, 0x1f, 0x2}) gettid() sendmsg$nl_netfilter(r7, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000900)=ANY=[@ANYBLOB="3c1400000000082eadf4d1fabebd7001e8b9ce21d9c79fbf180a020008003300"], 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x14) readv(r5, &(0x7f0000000380)=[{&(0x7f0000000140)=""/126, 0x7e}, {&(0x7f00000001c0)=""/101, 0x65}, {&(0x7f0000000240)=""/39, 0x27}, {&(0x7f0000000280)=""/183, 0xb7}, {&(0x7f0000000340)=""/12, 0xc}], 0x5) fcntl$setown(r6, 0x8, r3) r10 = gettid() perf_event_open(&(0x7f000000a000)={0x6, 0x70, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x0, @perf_bp, 0x8000000200000000, 0x7e}, 0x0, 0x0, 0xffffffffffffffff, 0x0) setpgid(r10, r10) mount(&(0x7f000091dff8)='./file0\x00', &(0x7f0000343ff8)='./file0\x00', &(0x7f0000fb5ffc)='nfs\x00', 0x0, &(0x7f000000a000)) socket$can_raw(0x1d, 0x3, 0x1) ioctl$TIOCMBIS(r8, 0x5416, &(0x7f0000000040)=0x2) 2018/04/06 11:41:17 executing program 2: r0 = openat$vcs(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/vcs\x00', 0x2000, 0x0) setsockopt$IP_VS_SO_SET_TIMEOUT(r0, 0x0, 0x48a, &(0x7f00000000c0)={0xe7, 0x3, 0x100}, 0xc) fstatfs(r0, &(0x7f0000000100)=""/158) r1 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x82) fcntl$getflags(r1, 0x401) socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000240)=0x0) r3 = syz_open_procfs(r2, &(0x7f0000000280)='net/ip6_tables_targets\x00') set_mempolicy(0x3, &(0x7f0000000300)=0x7, 0x5) r4 = memfd_create(&(0x7f0000000480)='}ppp0\x00', 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x20000}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r5 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x1, 0x0) pwrite64(r5, &(0x7f00000001c0)="c064c372b43c7e7294000bfff3d40060", 0x10, 0x5e) close(r5) request_key(&(0x7f0000000340)='trusted\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a}, &(0x7f00000003c0)="74086e750000000000000000008c00", 0x0) socket$key(0xf, 0x3, 0x2) pwritev(r4, &(0x7f0000000200)=[{&(0x7f00001f2000)="aa", 0x1}], 0x1, 0x0) ioctl$PPPIOCGL2TPSTATS(r4, 0x80487436, &(0x7f0000000000)="78bd2150542e39df3ef4e0fa8ac16fe096021e7dcb842c27a006574d0e571bde1498b4c046") sendfile(r1, r4, &(0x7f0000000040), 0x102000001) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r3, 0x84, 0x6d, &(0x7f00000004c0)={0x0, 0xed, "88c2e351af3f2a60aaa289753aba391c65d38d6365719b4b6e8eb07379dfb262a612b08d44dc801141e14e9aef0716e9f87ca1d6b488bb281e791c668a6c689f8584f58f98f04ac9e506f104e01cb84bbad5af4a9bdd4194844d864b214b6f599b3b3c13269740cf6a519c70cf3f0e8d0ecde9e8c469535bf8a42c0bc31bf2c4ea81a50602d3d54c36686b67ddcf5b7f7e4d883a3e40dd3eeb0f9aaa4de73710944b3c887bc0b5ed178c3b5c8be76b7fe45e08a128b5cf758e770806498bc4b99d7dd820ac31c7dcb771c825228fc8ac7e8ce69f293274065e0f792ba0d76375bd82cfcd633387ec65bef6f3c9"}, &(0x7f0000000400)=0xf5) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f0000000440)={r6, 0x29c, 0x1f}, &(0x7f00000005c0)=0x8) [ 394.884400] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000020013000 [ 394.891646] RBP: 000000000072c010 R08: 0000000000000000 R09: 0000000000000000 [ 394.898895] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 394.906142] R13: 0000000000000608 R14: 00000000006fc160 R15: 0000000000000002 2018/04/06 11:41:17 executing program 4: r0 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000200)={r1}, &(0x7f00000000c0)=0x8) close(r0) setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040), 0x4) perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$rdma_cm(0xffffffffffffffff, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080), 0x2}}, 0xfffffe84) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000002c0)={0x0, {{0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, [], 0x19}, 0x6c}}, {{0xa, 0x0, 0x3f, @remote={0xfe, 0x80, [], 0xbb}}}}, 0x108) 2018/04/06 11:41:17 executing program 0: r0 = syz_open_procfs(0x0, &(0x7f0000531000)='numa_maps\x00') mbind(&(0x7f0000d5b000/0x1000)=nil, 0x1000, 0x4001, &(0x7f0000000000)=0x9, 0x9, 0x0) sendfile(r0, r0, &(0x7f00000000c0), 0x400000ff) r1 = add_key$keyring(&(0x7f0000000180)='keyring\x00', &(0x7f00000001c0)={0x73, 0x79, 0x7a, 0x3}, 0x0, 0x0, 0xfffffffffffffff8) keyctl$update(0x2, r1, &(0x7f0000000200)="c7a10b4e45629454842c1a4026b7ad5b52cb5e85a251eff64f15ec046f83b2059fa5c6ab7fa05da799dec7ffb627f31a7da1f4fe8445dbfc1050d95ea87f0e5e6800f73213869c14842ea8bc9f31149e17311cb67e715c95320ba9bf42d5a3265c68d84178ba59edca5c3c577d71caf732f29a7d95fadc3a3b75efdc7ebee0736b9266ef899960aebe7f3a52c765a69f7f1e4e2ba6947727b04580b131b4e7222e5d43e0941ef2b48bf6efc12a4ca955aa06bd", 0xb3) syz_open_dev$adsp(&(0x7f0000000040)='/dev/adsp#\x00', 0xfde9, 0x0) chdir(&(0x7f0000000080)='./file0\x00') setsockopt(r0, 0x100000001, 0x1, &(0x7f0000000100)="f7d3894d4d71a5040391b90025ae1b4d0e98acc889f9055fe8ca49c1678abac7ab6f41bdbb28c0185920fa6fc1591b1f8b0d965395314e079ce187b24dbcd6a3cf0cdb42033482751a09c7e4ed0ebf1d45d2d31fc223021012f655cf572aa1e1e7a66790b0103244", 0x68) 2018/04/06 11:41:17 executing program 7: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000307ff7)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000840)='net/netlink\x00') ioctl$EVIOCSCLOCKID(r2, 0x400445a0, &(0x7f0000000880)=0x7) unshare(0x3fffefd) write$binfmt_elf32(r0, &(0x7f0000000080)={{0x7f, 0x45, 0x4c, 0x46, 0x80000000, 0x2, 0x4, 0x9, 0x26d, 0x3, 0x6, 0x8000, 0xdf, 0x38, 0x1f, 0x0, 0x7000000000000, 0x20, 0x1, 0x3, 0x1, 0x2}, [{0x4, 0x1, 0x8, 0x9, 0x2, 0x634, 0x4, 0x7ff}, {0x6474e551, 0x2, 0x3ed, 0x401, 0x8, 0x0, 0x1ff, 0x4}], "c9884c6044b0f19f8b6867e0f7f234517c01b819ebc51af99e5132ab1efabcf84fef5d72aab8d55b7a9fa8ebec64ed528890bf8e5a4385171d586e07ccb60b5b0b94690172ab", [[], [], [], [], [], [], []]}, 0x7be) r3 = eventfd2(0x0, 0x801) ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000000)={0x0, &(0x7f000002d000), 0x0, r3}) ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000040)={0x0, &(0x7f000002d000), 0x0, r3, 0x4}) 2018/04/06 11:41:17 executing program 6: socket$inet_udp(0x2, 0x2, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000095bffc)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) sendto$inet(r1, &(0x7f0000762fff), 0xfdc7, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001, [0x1f22]}, 0x10) 2018/04/06 11:41:17 executing program 2: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0xfffffffffffffffb, 0x0) getpeername$inet6(r0, &(0x7f0000000040)={0x0, 0x0, 0x0, @loopback}, &(0x7f0000000080)=0x1c) syz_emit_ethernet(0xfffffffffffffd6a, &(0x7f0000006200)=ANY=[@ANYBLOB="0180c2000000012c1942430f8906"], 0x0) 2018/04/06 11:41:17 executing program 1: r0 = socket(0x0, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) r1 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x52, r1, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000000200)={0x0, 0x4c, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30445cc3106098c1375dee48494f9360a6dceec8517e"}, &(0x7f00000000c0)=0x54) close(r1) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(r0, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$alg(0x26, 0x5, 0x0) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000640)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000140), &(0x7f0000000180)) close(r3) sendmmsg(0xffffffffffffffff, &(0x7f0000002280)=[{{&(0x7f00000006c0)=@pppoe={0x18, 0x0, {0x3, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, 'ip6tnl0\x00'}}, 0x80, &(0x7f0000000ec0)=[{&(0x7f0000000740)="964616d1dafb11d6d905ea33bd4eaea0dd04eb847bc0a1210ca9456143e31b8ce14caf4a0646bc639707d10aba3e652495977a7a6d3fc41ef6364c47c2266aa410a490f920f407161207ec5352e1ce6c3822d3a2ae063583609298790a58b73fccaac3665dd78ab4a15d4c12a996799f41dc79b9f3d57a627a7517cb0b51c0cecf43519f19db25073246fa0d8e29d209ee94372325d56aa5ae8d45", 0x9b}], 0x1, &(0x7f0000000f40)=[{0x30, 0x103, 0x918, "b9b0597d21d227c112b74fbadc29c742bca992f94f18f93f4a69"}], 0x30, 0x4045}, 0x610}], 0x1, 0x4001) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x13860b96, 0xa0000) fcntl$getownex(r2, 0x10, &(0x7f0000000680)) 2018/04/06 11:41:17 executing program 5: capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) r0 = accept$inet6(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000040)=0x1c) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(0xffffffffffffff9c, 0x84, 0x22, &(0x7f0000000080)={0xffffffffffffffc1, 0x1, 0x0, 0x5, 0x0}, &(0x7f00000000c0)=0x10) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000100)=@sack_info={r1, 0x80, 0xffffffffffff7fff}, &(0x7f0000000140)=0xc) r2 = socket$inet6(0xa, 0x80001, 0x0) setsockopt$inet6_group_source_req(r2, 0x29, 0x2e, &(0x7f0000cde000)={0x0, {{0xa, 0x4e20, 0x0, @mcast1={0xff, 0x1, [], 0x1}}}, {{0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}}}, 0x108) setsockopt$inet6_MCAST_JOIN_GROUP(r2, 0x29, 0x2a, &(0x7f0000fca000)={0x100000001, {{0xa, 0x4e20, 0x0, @mcast1={0xff, 0x1, [], 0x1}}}}, 0x88) setsockopt$inet6_MCAST_MSFILTER(r2, 0x29, 0x30, &(0x7f0000892000)={0x1, {{0xa, 0x4e20, 0x0, @mcast1={0xff, 0x1, [], 0x1}}}, 0x0, 0x1, [{{0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}}]}, 0x110) setsockopt$inet6_group_source_req(r2, 0x29, 0x2c, &(0x7f0000a83000)={0x0, {{0xa, 0x4e20, 0x0, @mcast1={0xff, 0x1, [], 0x1}}}, {{0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}}}, 0x108) r3 = syz_open_dev$sndmidi(&(0x7f0000000000)='/dev/snd/midiC#D#\x00', 0x6b75, 0x10000) ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffff9c, 0xc0106426, &(0x7f0000000080)={0x6, &(0x7f0000000040)=[{}, {}, {}, {0x0}, {}, {}]}) ioctl$DRM_IOCTL_DMA(r3, 0xc0406429, &(0x7f0000000200)={r4, 0x2, &(0x7f00000000c0)=[0x5, 0x7ff], &(0x7f0000000140)=[0xfff, 0x100, 0xe6, 0x1f, 0x3, 0x7fffffff], 0x2, 0x2, 0x8000, &(0x7f0000000180)=[0x8001, 0x6], &(0x7f00000001c0)=[0x0, 0x4, 0x7f]}) msgget(0x2, 0x58) 2018/04/06 11:41:17 executing program 2: open(&(0x7f0000000000)='./bus\x00', 0x100000141842, 0x0) syz_mount_image$ntfs(&(0x7f0000000440)='ntfs\x00', &(0x7f0000000480)='./bus\x00', 0x0, 0x0, &(0x7f00000006c0), 0x1000, &(0x7f0000000740)=ANY=[]) r0 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) syz_mount_image$hfs(&(0x7f0000001780)='hfs\x00', &(0x7f0000000100)='./bus\x00', 0x0, 0xccf, &(0x7f0000001a40)=[{&(0x7f0000001c00)="c3109cfc6f65b837063b7bbc3d4a7d202d2b9984a215c7b7bd25480c1babe9aadb78e3c53ec529cb288497a5ff7386ab50bc1a8c89", 0x0, 0x401}, {&(0x7f0000001800)="2ddea5d98171285eddea030c82c3ebbbe9ef0086979c4d89f51697a723698cc79f113fca18d8ec8bb4942cb405ffaeeeafc6b09a0aa44324f534c9b7f57352f0c6be30573567dee6adbbdffa5bc32a5b00201e68181092887cf576f0703f060812cd5047561a4c92d2fe195c21c60625c482c212ec431a19596ad1012108999bc75ae3480f0e76a36376ac63a8", 0x0, 0x5}, {&(0x7f00000018c0)="c5530d8833354b18ef6baebf606c24f24d221ae3c07931be7198141ec53fd728927e5f00e021449a33baca2a22cf99667bb62ad1c43215e3f08aaced4246a353f263c0b7595b47c7a50af4436c372f265f8434d31934351c965767c877bce2ca431539e8a01395cb17c6c5e7c94ccf3bafb07d8b5e8c8a7c931e0d769db9d35a00cb5aa0044e6a6a561fd1afe1", 0x0, 0x5}, {&(0x7f0000001ac0)="a6c3452050343eb065584cf53ea65ae330a5f6fabf78091e23a81fecb3775e4b4b863ad23c978b4d06569e6a36869f4d6ab49a561ec1407526f64751bf75483fb2755e3dd399f154e42b71bf2ba4b06f84d08c82013cccce8d83cc8522875560acd751f4f33688881c070e6ef463499ee9e91f792ae72561196b6ba9dc495e6762dbb6f5c913a4aeab57f7ff1fec996193598848aca0c65638fffb8af2141e66a90fe4ae167772c4c599843c560c877e454fdb686a3b7df3bc64de67f0ab300a68bb0beb5a6e2c52ef9e161399bf3a9939b04d804247cd6b3c9682eaf9ba0fdf8721b778b0f8e7905b17a1210b17ce35b1fb4f78497d438165b2019a31462ffaad8347218795323dd876bfaa1f6f7eec0187f0b9e41c54ba73230f635b3f4c2fd658e725afc3135bbb160347c72457a5da34344443b7f7c8ab479f9e63", 0x0, 0x7}], 0x10000, &(0x7f0000000780)=ANY=[]) ioctl$LOOP_SET_CAPACITY(r0, 0x4c07) write$cgroup_pid(r0, &(0x7f0000000040)={[0x0]}, 0x1) r1 = add_key(&(0x7f00000000c0)='asymmetric\x00', &(0x7f0000000140)={0x73, 0x79, 0x7a, 0x0}, &(0x7f0000000180)="9e659466cbfbd5240d0324e75025024532163aa8770fe16f3a330ab59d341cd33efdf6be1071e0b18c129e0c9d16583537249b43ca89e0f22a9f2399e2c55eea1f4f6fa74bfedc0436a59cadd999ab6cc4a762f1aae4bbe5d64bed429655e3f9768d8a1c7b7987b156c14c970375762cc4e2eb17a0410521887bf27312ab3d65f483d880191303124d0b6f81a44b05c5", 0x90, 0xfffffffffffffffc) ioctl$KVM_SIGNAL_MSI(r0, 0x4020aea5, &(0x7f00000003c0)={0x0, 0x3000, 0x10001, 0x0, 0x2}) r2 = add_key$user(&(0x7f0000000300)='user\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a, 0x2}, &(0x7f00000004c0)="89e091874dc1c14eb3c0c7ad2256c243164ce397fa79b52d14204b90ae1887c9aa09b475c126d28053b14102ce36f17f78af94b232d31028cf2641748867b627bf0c54e649b6db3ff0122ead12f6531581128800682d95b363c829fbebba8815bf24ab345b6dc9d225690ff7dabb33c90b0a20f876e581899c5def3f5de86f83909a93aabfe52843b1cf16966d721989a951cc04a4ff601aec658e86602db6195495c9cfda64e14725bfc70e0dbc97c7d0f608100791d35a9820c2c56e063cc274ff781b3041d19e50a80ff57c64bbdf4c98adba9c8134194f9f4e53ff0616f6d1f3eed32e719e5c59818f0cdef7e5b1621170be3f86daae4afd9eaec0be6ce5b53a9de108bde2cfaf93e9817b7513d8e50bdf9712c2bf62b25605e12162f19dc2bee25d2d510f817d1f69697153dd85abc12da05ab8fbb48b1bccdbc9a4f6fd61243ba08f0463ae8d648c0c705d8bc32be3f3a40c4cfb0d562bbaa5bdf4668e488cc726358401d4b059873a6dcc6c15275e30494ab4a200f7c1acda80bbad5e682ea303bed5cfa1d90c043a3d39eca5282c486c446b51edeb13c0c07b2958f0d59693625988f8d7a777810900e7df0ddaa02dcd455191a62a11d6674f12dd2043c26a1abc44f7c7dd70a1dbd9711889cee4811d673607901a3bc79ad7f679c16fc8c1eb65c9570c6c7a74949e99764db700a49de40109e61b6146c0dfec2a5ee1516cd0cabe6889a8ea491522d7b5df783141ac3ea0af7b65796f76dae40529b6d2452d443faca1ba128bcc431302c358a2b34b9ed7870963d31ed34eafab8100838e83314196b3d3c1ec7303a1693dcb262278eb97369eef7c6e2d92a44f15a4bc6b4066cd9aafce1ed8ddfc7f377cda2b24c2a0eab215f4fcea3553f595161edbd4f16f1c34f5b238c47a11723a250dfde1d5d6cefe9fc71b808ca2f461acb17d13912320ab42ff1ac1d3b7ce3ed9025e96fc90ef3b5b9fd1726dc488fc9f3186d4893a0f24b70f3908b12283dce82a64bbe0003dce9425ccb0fec348f5a924628e4102907ab86030d2340cf17f23133bcd66eac6e44472fa01d4c255b2cae381d07f02c6482ea5e26f537c77b4fb55ea6274629d1801a96aafb71c5e9a29dff04d72ed0f3eff23746fecda96c351c2638ce1af7859fc4108658ad35a09d4b64675e2bd3c33e18bf2dffccb33610d927141ce0a0bf0e0b1716fad326f871e7868082a35ce67e631d9feeaa3a67d342084547d03252f4c05d4fffa3fee1dfa3bbd895113b06c30355e655b89307a41d84c7c2ea96ad1bf117f138d1f07709c4a499e71da397d8c035427f1ea2eb78c8fa5221fdd1e2e016dbabf7ec71d5d8666ca84cc8191c3ebb5270ce039319d24fe62cf1f3ddd0f1b78bb13896cd0e14517cd6779b6cfdea8a02a07ee38b0ee1ed56ccfd3ac537d66cc20f14d5d64e254b9a69e27eee39d8bbbf30401bba1638d6a104e16d0936c733f7c49bf665997f8bebf051eb85a65f6724a45882935e8690e600eb4a9f4a0593beb0f47e25457321a834ef2ab0785c576b59d042349a8c1d45be45ae3c6224e42d2b3bfe9f692435fff410b8c729498cbfa869285e74fff50b91546cbe549cd60a14fd9cea8cf330665b298bdafc6e95f91a0430d41b2759cee0927299bbacf035331b30b35b27ac466cfae70401ea481fdf2162f89443bc26dc1890910d86d097282ba9539435c49fae688ec78cdfc1f4697bcfeff9938b28a8c25b633a7b7e7a05c5fd5cf48bc00d2543e3c71d3c2533c3624fca7f6ef43f8a33d48b46ea6c321b6a9e2995ca09ce9fef2f357967d808df4a81c9c3ee4b250a32f16293e3c5d2e61c88ab84094133f998925f44a7bac482d6c424342c25c79a0055c87ee8bc2234909d11ede0ccb9da2104524ad008a0e201c3861776b6ee8ea39b88f4cf7c077895f59d6148b42a4dbe6202cf5c830b1252f379ef1e72dc173a4a9a4743e027ab1a3f020112ff09e2c03550ae56d42cf8d296f92fa92969347621016ab07f2c51c739d171669bc11d1c7635d7d46c2e350fde76d4344eb0534dab96021cf15f1ab2586b6a7bca4ca98f75870f70a46075d2560136e64e09d77e9ae1cc4d3d01f41d6ab1bf9d5f53bdca0d52364dc154dfce58f4f1120087d00fea80d31e44166ca562c6c434138e16a7d77c54072faeb13a1d79a25eb45be08db1121590437400cbcc67922a5af371c24c1da14f463690e9bfa27dc3ef7e25fd766350fc337c0d29a3c24885a8fc3f356d43a308fb5c91181b9c03db4799a704f64c28a79217b5b7e801ab630110d10d81c551b07eac4784500bc637f9c90bbac7a8d9f34447a708c89cf96afa732e02cfe0f9ae7894703dad8d9891f8ffe53d5f7f563205851166f7ec7c51516e585f36995db21bd8fc940bd46d8ebc5a06cb58d86acbf1876a339f379b0a2442d11c04d4ef8ecca9c83300cd6b5f876ba1063dca23e57ab95e12bcd304674ca923535987506246571624e185d9196c3ff62053c8ff368304701071b41cad586d82b713ec7b1b3e2347df9df71a805aefa6b738e503249e57da5a9db1bf66ee62c47f554de1e794acffd0bbc60b1d42f3b5cd3586892fc95c0c8e46a42e3dd104b209b4839f763ff6ee5cf413313cc5233013b0b43e1f3b16c73f41a1560d99d778d64a6fa400b071624771abfff6980b43c26015b9278364b8d02fd415176be3619e0a0c5094c7d72e6b3cfcb91f22947373cb4ed9a5d0ad250d5f9b7e554bd320e98f9a5f6ed2e796d4fd1f53234fd001e3e82b58c9b9846ee2316d1d11a90a0868de1824edd713ea5dad7e561dd64b7d1bb65c18dfb677b3f74501e05a597a2bd656dc10f802639bf50bec7c2dc0812f4464b447cf9e981e500662fc74da895c6c662b9d5b64b8045e8745e86b5dbbbb2e4d26097c6a58d5904b0872e4dcf47f1c3e4855a785142a206bc4980d70c5e15f51219b2ef988ba6a827b535a70f0bdc31f6bc45a74a91a658337c62ec5a114ac9a87a1e39cacac4123c84754cadbcb079004bb6dbdfc40d4b8e4001a698a6539e8600ff784b14d2eaf13c65aea19dd9fd011650f5e245e6872ada7f49581e0d8015b088410d500c23d7582520b61c9e0c77e47c50271b540a95366b5fef2d81735b841f17698af7ee69882644410dd83a939ebd7760118befe079506eab4b4c001a81b79257e2ca2eaa6e95081045e4d0cbffa816426b56184dda3e95a3ea78b55bd0e268d23da93d1884dcd8c18e055edc27663a88b3c1a2463e1a8ced144a544c0e78ed2cefba38622501cbe2ed7b0033ca4c616328be66da667fa407e0aace6522dc060e326e6f3702be4a6a4293ae6a183d1760fbdabe05b84cf8a6721118c1e92475ef4b99c19afd51e9c5858389905a2e006d47c4a483e48a244618303fc933959c59856de86685afe7d2df9ca77da4794a47481f8e4ba21194eafd7031669313e5b6ab2951ca0eb7909579b956ba0d1388aff31f4e56eb247854b858a95058d82ebc9a106f20f51009d67d92286d9c8f272d8d0211ae69f2a7f97e34da962517f4c3ee14893031f00fa4c42bedc623cd35053d959afa3b60be50488298bd665db3e993404fd0332ffbc7b283715a51be11e13f8c7b334ab8dad8e0cc881469c3fe8077d6d8741858aa2c73a12bd79aebea2bd1ca921ec4036582b4a9e0c2c0c6b3dca39d0f84e00b1747c446189075a30340cd832d37f9dfc65c5f88dff3e712269946fc40edcc05f48d6d3974d2969f70f634340e1f21b32da5786a55e92721d38dc64c742bb1315a6b37dc14c424abe6dffb8b2932e65dbb45e8d4aec02f9312d6eef14644804a21a0c72f66edab3b5d765c035dcd2dfb11a2df4262d1d846dd5274055bd2cc38d135043159f50734b7f2c9e69eaf219ca8af2a1b18286d14db3bff78f34e13189344d27b35f0e61bf939aa753e64b07b492db245419e4e64db8511606df2205c17dbef55fa7c39b684ce3e9ed6863b931f294825def67969279bd92ef603598efae8b11a5f26d1e024100c66b652c58703f57974bcac8f2d43ccf6007400b3cd13ab678474e06ad7081f32bbebe9c275af01bf79a2e973de7540e90b9bb114d2a05462bd640659219ad95be8437f0859f208d7c285834a84cc60b16d963320ec961b20789d20358984fc4b2d27daab56383a16064237a12aba194d6bc22cf031c7fdd9963fc7fd47f40eb0acf6ff9079f193b2dff05012212aa80f1d9e5a1f17c0972568d3bdffd8b3251619883f5df07eea6643fa8c8aa38d3c60b24d245e096e874cd198bca2b75c245b8ec3965fa80391b403e1c804cbd2a463fc404c1c4110c2e709ff4eb1d714cea45fb7591799b0cf3498a5535467731fdeadbecb9745699cbb71937a85a096b59eeadc60f50087781d8bb0853ec5a412249697e842d42cc821673adf7ac432806290fab061721e5c2dff41db3e1ec19c5f828b1f18be3d628431d3f3a784bfb4cd643ee56aefaa8121ead1cdca58a212b0335d5bd8b28666aa0399206e35af9e2a448c5b36866f4ac4013a5ee6e965279a5bb107e6c29dfd812e96b7daa46a879c7ba3bc0bb78e2686b88a26d924e03a0bf19ac30484075ecd26b187f083185fdd1d3dbf0d4dbc38017b51fbded3667a718b443a71b75bb6c67a081e38708289c78ae433811a4f575cfa91c850b58d4a15a2d243e08148cac01bf18d0361422ea8c0c96d472de3ef0549dad8948f2a89d4ff328391e9cfb5018d8dac880b5a3c067d5ce0683ff494b7d399008e60dc962d9139f07889445af4527b97a037ff4e8762fa47638b02de0e62058944564944e1d0831b0c794e0db1277b7b92c3ed003b3509c7b237e7868763284d5ccf2098e3c368977465d75b9c8011a3aeee68ae79668522e2dba8ffdb66b0284eb202a59e9e453f284a32d6cf39e2a536ef0998e38544747d95c45d76231809964fe45492382db78eab0cf0e4eabfe34874fe3b234e70a21cf78ddf2153a9fc0bbce3c9cd73515eaca368ddb19f9b878462d0b2a79965f090aaf271bc08b2a949f38ad0f48ab6d565491828ee9bc28f0f44c43ef70ca163bcd115faaab16b03af2e0a514c461be98408c50958d806dab048b540a25d3f90730fd335f9fb1a17501548bbef53a2bbe9d7c7406550903cb8eb843824f12899987b1af95dd61b7f6273dc634ac8af1788734ee9e70eb0b6605924eda399299ab4bd4982a5577ad0e305e2ccadf901a00c1cd4a3f71bddadeef384be83bf235e98fcdef4e74d064f6952008c45104fc8f60ea4ca6616462bec81326436994ea6b246a75fd5111420c3f88c681b6ea45d32baf7488f4a16c08e5504b2b9d11d98a7392d2ddbb5b8893bea87ae6e80a94855a35e37e2ba731832bb5a0d0e59cf87e41bee2cdeecfd8271ea8a6a0d59a04bb22da773a053c08c4db47a274b9746c18df3709ee178c19cb4ef7ecf2f91cfa6e7c330e2215c395c86c78ee76f890628364141c685a9d3e5ad17c326cce797b147cfc69ab0011a5388d29f1045d48724d6392e233bf718e0f245359adaf735081ae046db144e631fe1a4a185231435f7446c635333c2e645468be2f9edd61cba8483724a10330402dc3e41e9490ad96adf01b08c77911c6c0ecb89b250bdaf9ce7dd56d24762e4a78768a188ef4057b353f9edb32c6ca08b8136c51434b9b45b2001535987518ca6e3b0f8c79e243657941a407fabb798738faeeee775216992fd7f95c9aeec596677a3980015f4a28c24fea2399e92e3c2ca3460f9ac5399f7d216f2", 0x1000, 0xfffffffffffffffe) keyctl$instantiate_iov(0x14, r1, &(0x7f00000002c0)=[{&(0x7f0000000240)="15058f7c283eab2cd5d8522ad4454b996f37c12eb1ae11d29748be07c430d30e337930ef5b600c7ee1aef9a04b777416f673927c070e5c98f19895cadc8c58698f16dded394eac2de9e1586035c662f1a0d1badff56840a936fae256fe69e53e58a37bd7cc5590e7deb81e36d1a628d8c447cdc4fd3c4b0732", 0x79}], 0x1, r2) write$cgroup_pid(r0, &(0x7f0000000180), 0x1d2) 2018/04/06 11:41:17 executing program 4: r0 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000200)={r1}, &(0x7f00000000c0)=0x8) close(r0) setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040), 0x4) perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$rdma_cm(0xffffffffffffffff, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080), 0x2}}, 0xfffffe84) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000002c0)={0x0, {{0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, [], 0x19}, 0x6c}}, {{0xa, 0x0, 0x3f, @remote={0xfe, 0x80, [], 0xbb}}}}, 0x108) 2018/04/06 11:41:17 executing program 0: r0 = socket(0xa, 0x2, 0x0) setsockopt$inet_int(r0, 0x0, 0xb, &(0x7f0000ab2000)=0x1002, 0x4) sendto$inet(r0, &(0x7f0000000000)="18a3c5065a6299c9fd7fe7019bd559f9c956daaafceb292f", 0x18, 0x0, &(0x7f0000000180)={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10) recvmsg(r0, &(0x7f0000001500)={&(0x7f0000000100)=@hci, 0xc, &(0x7f0000001400), 0x0, &(0x7f0000001480)=""/115, 0x73}, 0x2060) [ 395.833536] FAULT_FLAG_ALLOW_RETRY missing 30 [ 395.838142] CPU: 1 PID: 24878 Comm: syz-executor3 Not tainted 4.16.0+ #3 [ 395.844972] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 395.854310] Call Trace: [ 395.856896] dump_stack+0x1b9/0x294 [ 395.860510] ? dump_stack_print_info.cold.2+0x52/0x52 [ 395.865692] ? kasan_check_write+0x14/0x20 [ 395.869913] ? do_raw_spin_lock+0xc1/0x200 [ 395.874219] handle_userfault.cold.32+0x44/0x57 [ 395.878878] ? handle_userfault+0x16c6/0x2760 [ 395.883363] ? userfaultfd_ioctl+0x4d10/0x4d10 [ 395.887927] ? debug_check_no_locks_freed+0x310/0x310 [ 395.893104] ? find_held_lock+0x36/0x1c0 [ 395.897148] ? print_usage_bug+0xc0/0xc0 [ 395.901196] ? print_usage_bug+0xc0/0xc0 [ 395.905239] ? perf_trace_lock_acquire+0xe3/0x980 [ 395.910063] ? __lock_acquire+0x7f5/0x5130 [ 395.914293] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 395.919820] ? graph_lock+0x170/0x170 [ 395.923603] ? debug_check_no_locks_freed+0x310/0x310 [ 395.928773] ? find_held_lock+0x36/0x1c0 [ 395.932822] ? lock_downgrade+0x8e0/0x8e0 [ 395.936955] ? kasan_check_read+0x11/0x20 [ 395.941082] ? do_raw_spin_unlock+0x9e/0x2e0 [ 395.945472] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 395.950036] ? kasan_check_write+0x14/0x20 [ 395.954256] ? do_raw_spin_lock+0xc1/0x200 [ 395.958487] __handle_mm_fault+0x34be/0x4150 [ 395.962896] ? vm_insert_mixed_mkwrite+0x40/0x40 [ 395.967636] ? graph_lock+0x170/0x170 [ 395.971418] ? find_held_lock+0x36/0x1c0 [ 395.975464] ? lock_downgrade+0x8e0/0x8e0 [ 395.979601] ? handle_mm_fault+0x8c0/0xc70 [ 395.983817] handle_mm_fault+0x53a/0xc70 [ 395.987864] ? __handle_mm_fault+0x4150/0x4150 [ 395.992425] ? find_vma+0x34/0x190 [ 395.995947] __do_page_fault+0x60b/0xe40 [ 395.999993] ? mm_fault_error+0x380/0x380 [ 396.004123] ? graph_lock+0x170/0x170 [ 396.007905] do_page_fault+0xee/0x8a7 [ 396.011685] ? vmalloc_sync_all+0x30/0x30 [ 396.015823] ? find_held_lock+0x36/0x1c0 [ 396.019869] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 396.024695] page_fault+0x25/0x50 [ 396.028131] RIP: 0010:copy_user_generic_unrolled+0x86/0xc0 [ 396.033729] RSP: 0018:ffff88018979fce8 EFLAGS: 00010206 [ 396.039076] RAX: ffffed00312f3fae RBX: 0000000000000018 RCX: 0000000000000003 [ 396.046335] RDX: 0000000000000000 RSI: 0000000020013000 RDI: ffff88018979fd58 [ 396.053582] RBP: ffff88018979fd20 R08: ffffed00312f3fae R09: ffffed00312f3fab [ 396.060828] R10: ffffed00312f3fad R11: ffff88018979fd6f R12: 0000000020013018 [ 396.068075] R13: 0000000020013000 R14: ffff88018979fd58 R15: 00007ffffffff000 [ 396.075344] ? _copy_from_user+0x10d/0x150 [ 396.079564] SyS_sigaltstack+0xae/0x320 [ 396.083516] ? do_sigaction+0xa50/0xa50 [ 396.087474] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 396.092992] ? fput+0x130/0x1a0 [ 396.096256] ? ksys_ioctl+0x81/0xd0 [ 396.099872] ? do_syscall_64+0xb7/0x9d0 [ 396.103834] ? do_sigaction+0xa50/0xa50 [ 396.107791] do_syscall_64+0x29e/0x9d0 [ 396.111658] ? vmalloc_sync_all+0x30/0x30 [ 396.115793] ? _raw_spin_unlock_irq+0x27/0x70 [ 396.120269] ? finish_task_switch+0x1ca/0x820 [ 396.124745] ? syscall_return_slowpath+0x5c0/0x5c0 [ 396.129743] ? syscall_return_slowpath+0x30f/0x5c0 [ 396.134656] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 396.140001] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 396.144836] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 396.150008] RIP: 0033:0x4552d9 [ 396.153184] RSP: 002b:00007ff15ecfec68 EFLAGS: 00000246 ORIG_RAX: 0000000000000083 [ 396.160870] RAX: ffffffffffffffda RBX: 00007ff15ecff6d4 RCX: 00000000004552d9 [ 396.168116] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000020013000 [ 396.175362] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 396.182608] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 396.189857] R13: 0000000000000608 R14: 00000000006fc160 R15: 0000000000000000 [ 396.334084] FAULT_FLAG_ALLOW_RETRY missing 30 [ 396.338688] CPU: 1 PID: 24941 Comm: syz-executor3 Not tainted 4.16.0+ #3 [ 396.345524] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 396.354857] Call Trace: [ 396.357433] dump_stack+0x1b9/0x294 [ 396.361046] ? dump_stack_print_info.cold.2+0x52/0x52 [ 396.366215] ? kasan_check_write+0x14/0x20 [ 396.370453] ? do_raw_spin_lock+0xc1/0x200 [ 396.374677] handle_userfault.cold.32+0x44/0x57 [ 396.379328] ? handle_userfault+0x16c6/0x2760 [ 396.383807] ? userfaultfd_ioctl+0x4d10/0x4d10 [ 396.388369] ? debug_check_no_locks_freed+0x310/0x310 [ 396.393546] ? find_held_lock+0x36/0x1c0 [ 396.397593] ? print_usage_bug+0xc0/0xc0 [ 396.401636] ? print_usage_bug+0xc0/0xc0 [ 396.405678] ? kasan_check_read+0x11/0x20 [ 396.409810] ? check_same_owner+0x320/0x320 [ 396.414120] ? do_raw_spin_unlock+0x9e/0x2e0 [ 396.418524] ? __lock_acquire+0x7f5/0x5130 [ 396.422743] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 396.428357] ? graph_lock+0x170/0x170 [ 396.432230] ? debug_check_no_locks_freed+0x310/0x310 [ 396.437402] ? find_held_lock+0x36/0x1c0 [ 396.441446] ? lock_downgrade+0x8e0/0x8e0 [ 396.445586] ? kasan_check_read+0x11/0x20 [ 396.449716] ? do_raw_spin_unlock+0x9e/0x2e0 [ 396.454105] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 396.458669] ? kasan_check_write+0x14/0x20 [ 396.462883] ? do_raw_spin_lock+0xc1/0x200 [ 396.467103] __handle_mm_fault+0x34be/0x4150 [ 396.471492] ? vm_insert_mixed_mkwrite+0x40/0x40 [ 396.476229] ? graph_lock+0x170/0x170 [ 396.480015] ? graph_lock+0x170/0x170 [ 396.483808] ? find_held_lock+0x36/0x1c0 [ 396.487854] ? lock_downgrade+0x8e0/0x8e0 [ 396.491991] ? handle_mm_fault+0x8c0/0xc70 [ 396.496214] handle_mm_fault+0x53a/0xc70 [ 396.500257] ? __handle_mm_fault+0x4150/0x4150 [ 396.504821] ? find_vma+0x34/0x190 [ 396.508345] __do_page_fault+0x60b/0xe40 [ 396.512387] ? mm_fault_error+0x380/0x380 [ 396.516515] ? graph_lock+0x170/0x170 [ 396.520304] do_page_fault+0xee/0x8a7 [ 396.524090] ? vmalloc_sync_all+0x30/0x30 [ 396.528217] ? __fget+0x40c/0x650 [ 396.531654] ? find_held_lock+0x36/0x1c0 [ 396.535714] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 396.540550] page_fault+0x25/0x50 [ 396.543985] RIP: 0010:copy_user_generic_unrolled+0x86/0xc0 [ 396.549583] RSP: 0018:ffff88017df7fce8 EFLAGS: 00010206 [ 396.554928] RAX: ffffed002fbeffae RBX: 0000000000000018 RCX: 0000000000000003 [ 396.562173] RDX: 0000000000000000 RSI: 0000000020013000 RDI: ffff88017df7fd58 [ 396.569420] RBP: ffff88017df7fd20 R08: ffffed002fbeffae R09: ffffed002fbeffab [ 396.576669] R10: ffffed002fbeffad R11: ffff88017df7fd6f R12: 0000000020013018 [ 396.583918] R13: 0000000020013000 R14: ffff88017df7fd58 R15: 00007ffffffff000 [ 396.591185] ? _copy_from_user+0x10d/0x150 [ 396.595405] SyS_sigaltstack+0xae/0x320 [ 396.599370] ? do_sigaction+0xa50/0xa50 [ 396.603326] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 396.608843] ? fput+0x130/0x1a0 [ 396.612104] ? ksys_ioctl+0x81/0xd0 [ 396.615715] ? do_syscall_64+0xb7/0x9d0 [ 396.619671] ? do_sigaction+0xa50/0xa50 [ 396.623623] do_syscall_64+0x29e/0x9d0 [ 396.627497] ? _raw_spin_unlock_irq+0x27/0x70 [ 396.631970] ? finish_task_switch+0x1ca/0x820 [ 396.636450] ? syscall_return_slowpath+0x5c0/0x5c0 [ 396.641366] ? syscall_return_slowpath+0x30f/0x5c0 [ 396.646275] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 396.651625] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 396.656457] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 396.661624] RIP: 0033:0x4552d9 [ 396.664791] RSP: 002b:00007ff15ecbcc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000083 [ 396.672479] RAX: ffffffffffffffda RBX: 00007ff15ecbd6d4 RCX: 00000000004552d9 2018/04/06 11:41:19 executing program 7: perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0xe2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$sndpcmc(&(0x7f00000000c0)='/dev/snd/pcmC#D#c\x00', 0x0, 0x2100) connect$vsock_stream(r0, &(0x7f0000000100)={0x28, 0x0, 0x0, @my=0x0}, 0x10) sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000000600)={&(0x7f0000000040)={0x10}, 0xc, &(0x7f00000005c0)={&(0x7f0000000080)={0x14, 0x3, 0x2, 0x4a59abc11ef89507}, 0x14}, 0x1}, 0x0) 2018/04/06 11:41:19 executing program 6: socket$inet_udp(0x2, 0x2, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000095bffc)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) sendto$inet(r1, &(0x7f0000762fff), 0xfdc7, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001, [0x77ec]}, 0x10) 2018/04/06 11:41:19 executing program 1: r0 = socket(0x0, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) r1 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x52, r1, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000000200)={0x0, 0x4c, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30445cc3106098c1375dee48494f9360a6dceec8517e"}, &(0x7f00000000c0)=0x54) close(r1) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(r0, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$alg(0x26, 0x5, 0x0) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000640)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000140), &(0x7f0000000180)) close(r3) sendmmsg(0xffffffffffffffff, &(0x7f0000002280)=[{{&(0x7f00000006c0)=@pppoe={0x18, 0x0, {0x3, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, 'ip6tnl0\x00'}}, 0x80, &(0x7f0000000ec0)=[{&(0x7f0000000740)="964616d1dafb11d6d905ea33bd4eaea0dd04eb847bc0a1210ca9456143e31b8ce14caf4a0646bc639707d10aba3e652495977a7a6d3fc41ef6364c47c2266aa410a490f920f407161207ec5352e1ce6c3822d3a2ae063583609298790a58b73fccaac3665dd78ab4a15d4c12a996799f41dc79b9f3d57a627a7517cb0b51c0cecf43519f19db25073246fa0d8e29d209ee94372325d56aa5ae8d45", 0x9b}], 0x1, &(0x7f0000000f40)=[{0x30, 0x103, 0x918, "b9b0597d21d227c112b74fbadc29c742bca992f94f18f93f4a69"}], 0x30, 0x4045}, 0x610}], 0x1, 0x4001) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x13860b96, 0xa0000) fcntl$getownex(r2, 0x10, &(0x7f0000000680)) 2018/04/06 11:41:19 executing program 5: capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)={0x1, 0xff}) msgget(0x2, 0x58) 2018/04/06 11:41:19 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'lo\x00', 0x204}) pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$DRM_IOCTL_AGP_ENABLE(r1, 0x40086432, &(0x7f00000000c0)) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000080)={'teql0\x00', 0x141}) 2018/04/06 11:41:19 executing program 4: r0 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000200)={r1}, &(0x7f00000000c0)=0x8) close(r0) setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040), 0x4) perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$rdma_cm(0xffffffffffffffff, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080), 0x2}}, 0xfffffe84) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000002c0)={0x0, {{0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, [], 0x19}, 0x6c}}, {{0xa, 0x0, 0x3f, @remote={0xfe, 0x80, [], 0xbb}}}}, 0x108) 2018/04/06 11:41:19 executing program 3: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) fcntl$getownex(0xffffffffffffff9c, 0x10, &(0x7f0000000100)) getpid() fcntl$getown(0xffffffffffffff9c, 0x9) gettid() ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) getpgrp(r0) r1 = memfd_create(&(0x7f0000000080)='em1\x00', 0x2) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000200)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) sigaltstack(&(0x7f0000013000/0x1000)=nil, &(0x7f00000000c0)) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000258f88)) msgsnd(0x0, &(0x7f0000284ff8)={0x3}, 0x0, 0x0) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000240)={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000640)={'\x00', 0x0}) ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f0000000680)=r3) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000b40)={&(0x7f0000011000/0x4000)=nil, 0x4000}) io_setup(0x1000, &(0x7f0000000040)) io_submit(0x0, 0x206f00, &(0x7f0000000000)) ioctl$VHOST_RESET_OWNER(r1, 0xaf02, 0x0) 2018/04/06 11:41:19 executing program 2: open(&(0x7f0000000000)='./bus\x00', 0x100000141842, 0x0) syz_mount_image$ntfs(&(0x7f0000000440)='ntfs\x00', &(0x7f0000000480)='./bus\x00', 0x0, 0x0, &(0x7f00000006c0), 0x1000, &(0x7f0000000740)=ANY=[]) r0 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) syz_mount_image$hfs(&(0x7f0000001780)='hfs\x00', &(0x7f0000000100)='./bus\x00', 0x0, 0xccf, &(0x7f0000001a40)=[{&(0x7f0000001c00)="c3109cfc6f65b837063b7bbc3d4a7d202d2b9984a215c7b7bd25480c1babe9aadb78e3c53ec529cb288497a5ff7386ab50bc1a8c89", 0x0, 0x401}, {&(0x7f0000001800)="2ddea5d98171285eddea030c82c3ebbbe9ef0086979c4d89f51697a723698cc79f113fca18d8ec8bb4942cb405ffaeeeafc6b09a0aa44324f534c9b7f57352f0c6be30573567dee6adbbdffa5bc32a5b00201e68181092887cf576f0703f060812cd5047561a4c92d2fe195c21c60625c482c212ec431a19596ad1012108999bc75ae3480f0e76a36376ac63a8", 0x0, 0x5}, {&(0x7f00000018c0)="c5530d8833354b18ef6baebf606c24f24d221ae3c07931be7198141ec53fd728927e5f00e021449a33baca2a22cf99667bb62ad1c43215e3f08aaced4246a353f263c0b7595b47c7a50af4436c372f265f8434d31934351c965767c877bce2ca431539e8a01395cb17c6c5e7c94ccf3bafb07d8b5e8c8a7c931e0d769db9d35a00cb5aa0044e6a6a561fd1afe1", 0x0, 0x5}, {&(0x7f0000001ac0)="a6c3452050343eb065584cf53ea65ae330a5f6fabf78091e23a81fecb3775e4b4b863ad23c978b4d06569e6a36869f4d6ab49a561ec1407526f64751bf75483fb2755e3dd399f154e42b71bf2ba4b06f84d08c82013cccce8d83cc8522875560acd751f4f33688881c070e6ef463499ee9e91f792ae72561196b6ba9dc495e6762dbb6f5c913a4aeab57f7ff1fec996193598848aca0c65638fffb8af2141e66a90fe4ae167772c4c599843c560c877e454fdb686a3b7df3bc64de67f0ab300a68bb0beb5a6e2c52ef9e161399bf3a9939b04d804247cd6b3c9682eaf9ba0fdf8721b778b0f8e7905b17a1210b17ce35b1fb4f78497d438165b2019a31462ffaad8347218795323dd876bfaa1f6f7eec0187f0b9e41c54ba73230f635b3f4c2fd658e725afc3135bbb160347c72457a5da34344443b7f7c8ab479f9e63", 0x0, 0x7}], 0x10000, &(0x7f0000000780)=ANY=[]) ioctl$LOOP_SET_CAPACITY(r0, 0x4c07) write$cgroup_pid(r0, &(0x7f0000000040)={[0x0]}, 0x1) r1 = add_key(&(0x7f00000000c0)='asymmetric\x00', &(0x7f0000000140)={0x73, 0x79, 0x7a, 0x0}, &(0x7f0000000180)="9e659466cbfbd5240d0324e75025024532163aa8770fe16f3a330ab59d341cd33efdf6be1071e0b18c129e0c9d16583537249b43ca89e0f22a9f2399e2c55eea1f4f6fa74bfedc0436a59cadd999ab6cc4a762f1aae4bbe5d64bed429655e3f9768d8a1c7b7987b156c14c970375762cc4e2eb17a0410521887bf27312ab3d65f483d880191303124d0b6f81a44b05c5", 0x90, 0xfffffffffffffffc) ioctl$KVM_SIGNAL_MSI(r0, 0x4020aea5, &(0x7f00000003c0)={0x0, 0x3000, 0x10001, 0x0, 0x2}) r2 = add_key$user(&(0x7f0000000300)='user\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a, 0x2}, &(0x7f00000004c0)="89e091874dc1c14eb3c0c7ad2256c243164ce397fa79b52d14204b90ae1887c9aa09b475c126d28053b14102ce36f17f78af94b232d31028cf2641748867b627bf0c54e649b6db3ff0122ead12f6531581128800682d95b363c829fbebba8815bf24ab345b6dc9d225690ff7dabb33c90b0a20f876e581899c5def3f5de86f83909a93aabfe52843b1cf16966d721989a951cc04a4ff601aec658e86602db6195495c9cfda64e14725bfc70e0dbc97c7d0f608100791d35a9820c2c56e063cc274ff781b3041d19e50a80ff57c64bbdf4c98adba9c8134194f9f4e53ff0616f6d1f3eed32e719e5c59818f0cdef7e5b1621170be3f86daae4afd9eaec0be6ce5b53a9de108bde2cfaf93e9817b7513d8e50bdf9712c2bf62b25605e12162f19dc2bee25d2d510f817d1f69697153dd85abc12da05ab8fbb48b1bccdbc9a4f6fd61243ba08f0463ae8d648c0c705d8bc32be3f3a40c4cfb0d562bbaa5bdf4668e488cc726358401d4b059873a6dcc6c15275e30494ab4a200f7c1acda80bbad5e682ea303bed5cfa1d90c043a3d39eca5282c486c446b51edeb13c0c07b2958f0d59693625988f8d7a777810900e7df0ddaa02dcd455191a62a11d6674f12dd2043c26a1abc44f7c7dd70a1dbd9711889cee4811d673607901a3bc79ad7f679c16fc8c1eb65c9570c6c7a74949e99764db700a49de40109e61b6146c0dfec2a5ee1516cd0cabe6889a8ea491522d7b5df783141ac3ea0af7b65796f76dae40529b6d2452d443faca1ba128bcc431302c358a2b34b9ed7870963d31ed34eafab8100838e83314196b3d3c1ec7303a1693dcb262278eb97369eef7c6e2d92a44f15a4bc6b4066cd9aafce1ed8ddfc7f377cda2b24c2a0eab215f4fcea3553f595161edbd4f16f1c34f5b238c47a11723a250dfde1d5d6cefe9fc71b808ca2f461acb17d13912320ab42ff1ac1d3b7ce3ed9025e96fc90ef3b5b9fd1726dc488fc9f3186d4893a0f24b70f3908b12283dce82a64bbe0003dce9425ccb0fec348f5a924628e4102907ab86030d2340cf17f23133bcd66eac6e44472fa01d4c255b2cae381d07f02c6482ea5e26f537c77b4fb55ea6274629d1801a96aafb71c5e9a29dff04d72ed0f3eff23746fecda96c351c2638ce1af7859fc4108658ad35a09d4b64675e2bd3c33e18bf2dffccb33610d927141ce0a0bf0e0b1716fad326f871e7868082a35ce67e631d9feeaa3a67d342084547d03252f4c05d4fffa3fee1dfa3bbd895113b06c30355e655b89307a41d84c7c2ea96ad1bf117f138d1f07709c4a499e71da397d8c035427f1ea2eb78c8fa5221fdd1e2e016dbabf7ec71d5d8666ca84cc8191c3ebb5270ce039319d24fe62cf1f3ddd0f1b78bb13896cd0e14517cd6779b6cfdea8a02a07ee38b0ee1ed56ccfd3ac537d66cc20f14d5d64e254b9a69e27eee39d8bbbf30401bba1638d6a104e16d0936c733f7c49bf665997f8bebf051eb85a65f6724a45882935e8690e600eb4a9f4a0593beb0f47e25457321a834ef2ab0785c576b59d042349a8c1d45be45ae3c6224e42d2b3bfe9f692435fff410b8c729498cbfa869285e74fff50b91546cbe549cd60a14fd9cea8cf330665b298bdafc6e95f91a0430d41b2759cee0927299bbacf035331b30b35b27ac466cfae70401ea481fdf2162f89443bc26dc1890910d86d097282ba9539435c49fae688ec78cdfc1f4697bcfeff9938b28a8c25b633a7b7e7a05c5fd5cf48bc00d2543e3c71d3c2533c3624fca7f6ef43f8a33d48b46ea6c321b6a9e2995ca09ce9fef2f357967d808df4a81c9c3ee4b250a32f16293e3c5d2e61c88ab84094133f998925f44a7bac482d6c424342c25c79a0055c87ee8bc2234909d11ede0ccb9da2104524ad008a0e201c3861776b6ee8ea39b88f4cf7c077895f59d6148b42a4dbe6202cf5c830b1252f379ef1e72dc173a4a9a4743e027ab1a3f020112ff09e2c03550ae56d42cf8d296f92fa92969347621016ab07f2c51c739d171669bc11d1c7635d7d46c2e350fde76d4344eb0534dab96021cf15f1ab2586b6a7bca4ca98f75870f70a46075d2560136e64e09d77e9ae1cc4d3d01f41d6ab1bf9d5f53bdca0d52364dc154dfce58f4f1120087d00fea80d31e44166ca562c6c434138e16a7d77c54072faeb13a1d79a25eb45be08db1121590437400cbcc67922a5af371c24c1da14f463690e9bfa27dc3ef7e25fd766350fc337c0d29a3c24885a8fc3f356d43a308fb5c91181b9c03db4799a704f64c28a79217b5b7e801ab630110d10d81c551b07eac4784500bc637f9c90bbac7a8d9f34447a708c89cf96afa732e02cfe0f9ae7894703dad8d9891f8ffe53d5f7f563205851166f7ec7c51516e585f36995db21bd8fc940bd46d8ebc5a06cb58d86acbf1876a339f379b0a2442d11c04d4ef8ecca9c83300cd6b5f876ba1063dca23e57ab95e12bcd304674ca923535987506246571624e185d9196c3ff62053c8ff368304701071b41cad586d82b713ec7b1b3e2347df9df71a805aefa6b738e503249e57da5a9db1bf66ee62c47f554de1e794acffd0bbc60b1d42f3b5cd3586892fc95c0c8e46a42e3dd104b209b4839f763ff6ee5cf413313cc5233013b0b43e1f3b16c73f41a1560d99d778d64a6fa400b071624771abfff6980b43c26015b9278364b8d02fd415176be3619e0a0c5094c7d72e6b3cfcb91f22947373cb4ed9a5d0ad250d5f9b7e554bd320e98f9a5f6ed2e796d4fd1f53234fd001e3e82b58c9b9846ee2316d1d11a90a0868de1824edd713ea5dad7e561dd64b7d1bb65c18dfb677b3f74501e05a597a2bd656dc10f802639bf50bec7c2dc0812f4464b447cf9e981e500662fc74da895c6c662b9d5b64b8045e8745e86b5dbbbb2e4d26097c6a58d5904b0872e4dcf47f1c3e4855a785142a206bc4980d70c5e15f51219b2ef988ba6a827b535a70f0bdc31f6bc45a74a91a658337c62ec5a114ac9a87a1e39cacac4123c84754cadbcb079004bb6dbdfc40d4b8e4001a698a6539e8600ff784b14d2eaf13c65aea19dd9fd011650f5e245e6872ada7f49581e0d8015b088410d500c23d7582520b61c9e0c77e47c50271b540a95366b5fef2d81735b841f17698af7ee69882644410dd83a939ebd7760118befe079506eab4b4c001a81b79257e2ca2eaa6e95081045e4d0cbffa816426b56184dda3e95a3ea78b55bd0e268d23da93d1884dcd8c18e055edc27663a88b3c1a2463e1a8ced144a544c0e78ed2cefba38622501cbe2ed7b0033ca4c616328be66da667fa407e0aace6522dc060e326e6f3702be4a6a4293ae6a183d1760fbdabe05b84cf8a6721118c1e92475ef4b99c19afd51e9c5858389905a2e006d47c4a483e48a244618303fc933959c59856de86685afe7d2df9ca77da4794a47481f8e4ba21194eafd7031669313e5b6ab2951ca0eb7909579b956ba0d1388aff31f4e56eb247854b858a95058d82ebc9a106f20f51009d67d92286d9c8f272d8d0211ae69f2a7f97e34da962517f4c3ee14893031f00fa4c42bedc623cd35053d959afa3b60be50488298bd665db3e993404fd0332ffbc7b283715a51be11e13f8c7b334ab8dad8e0cc881469c3fe8077d6d8741858aa2c73a12bd79aebea2bd1ca921ec4036582b4a9e0c2c0c6b3dca39d0f84e00b1747c446189075a30340cd832d37f9dfc65c5f88dff3e712269946fc40edcc05f48d6d3974d2969f70f634340e1f21b32da5786a55e92721d38dc64c742bb1315a6b37dc14c424abe6dffb8b2932e65dbb45e8d4aec02f9312d6eef14644804a21a0c72f66edab3b5d765c035dcd2dfb11a2df4262d1d846dd5274055bd2cc38d135043159f50734b7f2c9e69eaf219ca8af2a1b18286d14db3bff78f34e13189344d27b35f0e61bf939aa753e64b07b492db245419e4e64db8511606df2205c17dbef55fa7c39b684ce3e9ed6863b931f294825def67969279bd92ef603598efae8b11a5f26d1e024100c66b652c58703f57974bcac8f2d43ccf6007400b3cd13ab678474e06ad7081f32bbebe9c275af01bf79a2e973de7540e90b9bb114d2a05462bd640659219ad95be8437f0859f208d7c285834a84cc60b16d963320ec961b20789d20358984fc4b2d27daab56383a16064237a12aba194d6bc22cf031c7fdd9963fc7fd47f40eb0acf6ff9079f193b2dff05012212aa80f1d9e5a1f17c0972568d3bdffd8b3251619883f5df07eea6643fa8c8aa38d3c60b24d245e096e874cd198bca2b75c245b8ec3965fa80391b403e1c804cbd2a463fc404c1c4110c2e709ff4eb1d714cea45fb7591799b0cf3498a5535467731fdeadbecb9745699cbb71937a85a096b59eeadc60f50087781d8bb0853ec5a412249697e842d42cc821673adf7ac432806290fab061721e5c2dff41db3e1ec19c5f828b1f18be3d628431d3f3a784bfb4cd643ee56aefaa8121ead1cdca58a212b0335d5bd8b28666aa0399206e35af9e2a448c5b36866f4ac4013a5ee6e965279a5bb107e6c29dfd812e96b7daa46a879c7ba3bc0bb78e2686b88a26d924e03a0bf19ac30484075ecd26b187f083185fdd1d3dbf0d4dbc38017b51fbded3667a718b443a71b75bb6c67a081e38708289c78ae433811a4f575cfa91c850b58d4a15a2d243e08148cac01bf18d0361422ea8c0c96d472de3ef0549dad8948f2a89d4ff328391e9cfb5018d8dac880b5a3c067d5ce0683ff494b7d399008e60dc962d9139f07889445af4527b97a037ff4e8762fa47638b02de0e62058944564944e1d0831b0c794e0db1277b7b92c3ed003b3509c7b237e7868763284d5ccf2098e3c368977465d75b9c8011a3aeee68ae79668522e2dba8ffdb66b0284eb202a59e9e453f284a32d6cf39e2a536ef0998e38544747d95c45d76231809964fe45492382db78eab0cf0e4eabfe34874fe3b234e70a21cf78ddf2153a9fc0bbce3c9cd73515eaca368ddb19f9b878462d0b2a79965f090aaf271bc08b2a949f38ad0f48ab6d565491828ee9bc28f0f44c43ef70ca163bcd115faaab16b03af2e0a514c461be98408c50958d806dab048b540a25d3f90730fd335f9fb1a17501548bbef53a2bbe9d7c7406550903cb8eb843824f12899987b1af95dd61b7f6273dc634ac8af1788734ee9e70eb0b6605924eda399299ab4bd4982a5577ad0e305e2ccadf901a00c1cd4a3f71bddadeef384be83bf235e98fcdef4e74d064f6952008c45104fc8f60ea4ca6616462bec81326436994ea6b246a75fd5111420c3f88c681b6ea45d32baf7488f4a16c08e5504b2b9d11d98a7392d2ddbb5b8893bea87ae6e80a94855a35e37e2ba731832bb5a0d0e59cf87e41bee2cdeecfd8271ea8a6a0d59a04bb22da773a053c08c4db47a274b9746c18df3709ee178c19cb4ef7ecf2f91cfa6e7c330e2215c395c86c78ee76f890628364141c685a9d3e5ad17c326cce797b147cfc69ab0011a5388d29f1045d48724d6392e233bf718e0f245359adaf735081ae046db144e631fe1a4a185231435f7446c635333c2e645468be2f9edd61cba8483724a10330402dc3e41e9490ad96adf01b08c77911c6c0ecb89b250bdaf9ce7dd56d24762e4a78768a188ef4057b353f9edb32c6ca08b8136c51434b9b45b2001535987518ca6e3b0f8c79e243657941a407fabb798738faeeee775216992fd7f95c9aeec596677a3980015f4a28c24fea2399e92e3c2ca3460f9ac5399f7d216f2", 0x1000, 0xfffffffffffffffe) keyctl$instantiate_iov(0x14, r1, &(0x7f00000002c0)=[{&(0x7f0000000240)="15058f7c283eab2cd5d8522ad4454b996f37c12eb1ae11d29748be07c430d30e337930ef5b600c7ee1aef9a04b777416f673927c070e5c98f19895cadc8c58698f16dded394eac2de9e1586035c662f1a0d1badff56840a936fae256fe69e53e58a37bd7cc5590e7deb81e36d1a628d8c447cdc4fd3c4b0732", 0x79}], 0x1, r2) write$cgroup_pid(r0, &(0x7f0000000180), 0x1d2) [ 396.679725] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000020013000 [ 396.686971] RBP: 000000000072c010 R08: 0000000000000000 R09: 0000000000000000 [ 396.694216] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 396.701469] R13: 0000000000000608 R14: 00000000006fc160 R15: 0000000000000002 2018/04/06 11:41:19 executing program 7: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'xcbc(aes)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000400)="d556b6c5820faeb895298992ea54d60004002c5b534c90c2", 0x18) r1 = accept4(r0, 0x0, &(0x7f0000000080), 0x0) sendmsg$TEAM_CMD_OPTIONS_SET(r1, &(0x7f0000001300)={&(0x7f00000008c0)={0x10}, 0xc, &(0x7f00000012c0)={&(0x7f0000001100)=ANY=[@ANYBLOB='\x00\x00\x00C', @ANYRES16=0x0, @ANYBLOB="00000000000000000000010000001400030008000300000000000800040000000000"], 0x28}, 0x1}, 0x0) recvfrom$inet(r1, &(0x7f00000000c0)=""/230, 0xe6, 0x10020, &(0x7f00000001c0)={0x2, 0x4e20, @rand_addr=0x6ff}, 0x10) 2018/04/06 11:41:19 executing program 5: capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) msgget(0x2, 0x58) r0 = syz_open_dev$adsp(&(0x7f0000000080)='/dev/adsp#\x00', 0xffffffff, 0x20000) ioctl$SNDRV_SEQ_IOCTL_SYSTEM_INFO(r0, 0xc0305302, &(0x7f00000000c0)={0x2, 0x8000, 0x6, 0xa49, 0x3, 0x3}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000000140)={{0xffff, 0x61}, 'port1\x00', 0x0, 0x180003, 0x5, 0x8, 0x100, 0x1da, 0x0, 0x0, 0x7, 0x7}) r1 = gettid() capset(&(0x7f0000000000)={0x20071026, r1}, &(0x7f0000000040)={0x0, 0x5, 0x1, 0x401, 0x80000001, 0x100000001}) 2018/04/06 11:41:19 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'lo\x00', 0x204}) pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$DRM_IOCTL_AGP_ENABLE(r1, 0x40086432, &(0x7f00000000c0)) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000080)={'teql0\x00', 0x141}) 2018/04/06 11:41:19 executing program 4: r0 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000200)={r1}, &(0x7f00000000c0)=0x8) close(r0) setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040), 0x4) perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$rdma_cm(0xffffffffffffffff, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080), 0x2}}, 0xfffffe84) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000002c0)={0x0, {{0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, [], 0x19}, 0x6c}}, {{0xa, 0x4e20, 0x0, @remote={0xfe, 0x80, [], 0xbb}}}}, 0x108) 2018/04/06 11:41:19 executing program 2: open(&(0x7f0000000000)='./bus\x00', 0x100000141842, 0x0) syz_mount_image$ntfs(&(0x7f0000000440)='ntfs\x00', &(0x7f0000000480)='./bus\x00', 0x0, 0x0, &(0x7f00000006c0), 0x1000, &(0x7f0000000740)=ANY=[]) r0 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) syz_mount_image$hfs(&(0x7f0000001780)='hfs\x00', &(0x7f0000000100)='./bus\x00', 0x0, 0xccf, &(0x7f0000001a40)=[{&(0x7f0000001c00)="c3109cfc6f65b837063b7bbc3d4a7d202d2b9984a215c7b7bd25480c1babe9aadb78e3c53ec529cb288497a5ff7386ab50bc1a8c89", 0x0, 0x401}, {&(0x7f0000001800)="2ddea5d98171285eddea030c82c3ebbbe9ef0086979c4d89f51697a723698cc79f113fca18d8ec8bb4942cb405ffaeeeafc6b09a0aa44324f534c9b7f57352f0c6be30573567dee6adbbdffa5bc32a5b00201e68181092887cf576f0703f060812cd5047561a4c92d2fe195c21c60625c482c212ec431a19596ad1012108999bc75ae3480f0e76a36376ac63a8", 0x0, 0x5}, {&(0x7f00000018c0)="c5530d8833354b18ef6baebf606c24f24d221ae3c07931be7198141ec53fd728927e5f00e021449a33baca2a22cf99667bb62ad1c43215e3f08aaced4246a353f263c0b7595b47c7a50af4436c372f265f8434d31934351c965767c877bce2ca431539e8a01395cb17c6c5e7c94ccf3bafb07d8b5e8c8a7c931e0d769db9d35a00cb5aa0044e6a6a561fd1afe1", 0x0, 0x5}, {&(0x7f0000001ac0)="a6c3452050343eb065584cf53ea65ae330a5f6fabf78091e23a81fecb3775e4b4b863ad23c978b4d06569e6a36869f4d6ab49a561ec1407526f64751bf75483fb2755e3dd399f154e42b71bf2ba4b06f84d08c82013cccce8d83cc8522875560acd751f4f33688881c070e6ef463499ee9e91f792ae72561196b6ba9dc495e6762dbb6f5c913a4aeab57f7ff1fec996193598848aca0c65638fffb8af2141e66a90fe4ae167772c4c599843c560c877e454fdb686a3b7df3bc64de67f0ab300a68bb0beb5a6e2c52ef9e161399bf3a9939b04d804247cd6b3c9682eaf9ba0fdf8721b778b0f8e7905b17a1210b17ce35b1fb4f78497d438165b2019a31462ffaad8347218795323dd876bfaa1f6f7eec0187f0b9e41c54ba73230f635b3f4c2fd658e725afc3135bbb160347c72457a5da34344443b7f7c8ab479f9e63", 0x0, 0x7}], 0x10000, &(0x7f0000000780)=ANY=[]) ioctl$LOOP_SET_CAPACITY(r0, 0x4c07) write$cgroup_pid(r0, &(0x7f0000000040)={[0x0]}, 0x1) r1 = add_key(&(0x7f00000000c0)='asymmetric\x00', &(0x7f0000000140)={0x73, 0x79, 0x7a, 0x0}, &(0x7f0000000180)="9e659466cbfbd5240d0324e75025024532163aa8770fe16f3a330ab59d341cd33efdf6be1071e0b18c129e0c9d16583537249b43ca89e0f22a9f2399e2c55eea1f4f6fa74bfedc0436a59cadd999ab6cc4a762f1aae4bbe5d64bed429655e3f9768d8a1c7b7987b156c14c970375762cc4e2eb17a0410521887bf27312ab3d65f483d880191303124d0b6f81a44b05c5", 0x90, 0xfffffffffffffffc) ioctl$KVM_SIGNAL_MSI(r0, 0x4020aea5, &(0x7f00000003c0)={0x0, 0x3000, 0x10001, 0x0, 0x2}) r2 = add_key$user(&(0x7f0000000300)='user\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a, 0x2}, &(0x7f00000004c0)="89e091874dc1c14eb3c0c7ad2256c243164ce397fa79b52d14204b90ae1887c9aa09b475c126d28053b14102ce36f17f78af94b232d31028cf2641748867b627bf0c54e649b6db3ff0122ead12f6531581128800682d95b363c829fbebba8815bf24ab345b6dc9d225690ff7dabb33c90b0a20f876e581899c5def3f5de86f83909a93aabfe52843b1cf16966d721989a951cc04a4ff601aec658e86602db6195495c9cfda64e14725bfc70e0dbc97c7d0f608100791d35a9820c2c56e063cc274ff781b3041d19e50a80ff57c64bbdf4c98adba9c8134194f9f4e53ff0616f6d1f3eed32e719e5c59818f0cdef7e5b1621170be3f86daae4afd9eaec0be6ce5b53a9de108bde2cfaf93e9817b7513d8e50bdf9712c2bf62b25605e12162f19dc2bee25d2d510f817d1f69697153dd85abc12da05ab8fbb48b1bccdbc9a4f6fd61243ba08f0463ae8d648c0c705d8bc32be3f3a40c4cfb0d562bbaa5bdf4668e488cc726358401d4b059873a6dcc6c15275e30494ab4a200f7c1acda80bbad5e682ea303bed5cfa1d90c043a3d39eca5282c486c446b51edeb13c0c07b2958f0d59693625988f8d7a777810900e7df0ddaa02dcd455191a62a11d6674f12dd2043c26a1abc44f7c7dd70a1dbd9711889cee4811d673607901a3bc79ad7f679c16fc8c1eb65c9570c6c7a74949e99764db700a49de40109e61b6146c0dfec2a5ee1516cd0cabe6889a8ea491522d7b5df783141ac3ea0af7b65796f76dae40529b6d2452d443faca1ba128bcc431302c358a2b34b9ed7870963d31ed34eafab8100838e83314196b3d3c1ec7303a1693dcb262278eb97369eef7c6e2d92a44f15a4bc6b4066cd9aafce1ed8ddfc7f377cda2b24c2a0eab215f4fcea3553f595161edbd4f16f1c34f5b238c47a11723a250dfde1d5d6cefe9fc71b808ca2f461acb17d13912320ab42ff1ac1d3b7ce3ed9025e96fc90ef3b5b9fd1726dc488fc9f3186d4893a0f24b70f3908b12283dce82a64bbe0003dce9425ccb0fec348f5a924628e4102907ab86030d2340cf17f23133bcd66eac6e44472fa01d4c255b2cae381d07f02c6482ea5e26f537c77b4fb55ea6274629d1801a96aafb71c5e9a29dff04d72ed0f3eff23746fecda96c351c2638ce1af7859fc4108658ad35a09d4b64675e2bd3c33e18bf2dffccb33610d927141ce0a0bf0e0b1716fad326f871e7868082a35ce67e631d9feeaa3a67d342084547d03252f4c05d4fffa3fee1dfa3bbd895113b06c30355e655b89307a41d84c7c2ea96ad1bf117f138d1f07709c4a499e71da397d8c035427f1ea2eb78c8fa5221fdd1e2e016dbabf7ec71d5d8666ca84cc8191c3ebb5270ce039319d24fe62cf1f3ddd0f1b78bb13896cd0e14517cd6779b6cfdea8a02a07ee38b0ee1ed56ccfd3ac537d66cc20f14d5d64e254b9a69e27eee39d8bbbf30401bba1638d6a104e16d0936c733f7c49bf665997f8bebf051eb85a65f6724a45882935e8690e600eb4a9f4a0593beb0f47e25457321a834ef2ab0785c576b59d042349a8c1d45be45ae3c6224e42d2b3bfe9f692435fff410b8c729498cbfa869285e74fff50b91546cbe549cd60a14fd9cea8cf330665b298bdafc6e95f91a0430d41b2759cee0927299bbacf035331b30b35b27ac466cfae70401ea481fdf2162f89443bc26dc1890910d86d097282ba9539435c49fae688ec78cdfc1f4697bcfeff9938b28a8c25b633a7b7e7a05c5fd5cf48bc00d2543e3c71d3c2533c3624fca7f6ef43f8a33d48b46ea6c321b6a9e2995ca09ce9fef2f357967d808df4a81c9c3ee4b250a32f16293e3c5d2e61c88ab84094133f998925f44a7bac482d6c424342c25c79a0055c87ee8bc2234909d11ede0ccb9da2104524ad008a0e201c3861776b6ee8ea39b88f4cf7c077895f59d6148b42a4dbe6202cf5c830b1252f379ef1e72dc173a4a9a4743e027ab1a3f020112ff09e2c03550ae56d42cf8d296f92fa92969347621016ab07f2c51c739d171669bc11d1c7635d7d46c2e350fde76d4344eb0534dab96021cf15f1ab2586b6a7bca4ca98f75870f70a46075d2560136e64e09d77e9ae1cc4d3d01f41d6ab1bf9d5f53bdca0d52364dc154dfce58f4f1120087d00fea80d31e44166ca562c6c434138e16a7d77c54072faeb13a1d79a25eb45be08db1121590437400cbcc67922a5af371c24c1da14f463690e9bfa27dc3ef7e25fd766350fc337c0d29a3c24885a8fc3f356d43a308fb5c91181b9c03db4799a704f64c28a79217b5b7e801ab630110d10d81c551b07eac4784500bc637f9c90bbac7a8d9f34447a708c89cf96afa732e02cfe0f9ae7894703dad8d9891f8ffe53d5f7f563205851166f7ec7c51516e585f36995db21bd8fc940bd46d8ebc5a06cb58d86acbf1876a339f379b0a2442d11c04d4ef8ecca9c83300cd6b5f876ba1063dca23e57ab95e12bcd304674ca923535987506246571624e185d9196c3ff62053c8ff368304701071b41cad586d82b713ec7b1b3e2347df9df71a805aefa6b738e503249e57da5a9db1bf66ee62c47f554de1e794acffd0bbc60b1d42f3b5cd3586892fc95c0c8e46a42e3dd104b209b4839f763ff6ee5cf413313cc5233013b0b43e1f3b16c73f41a1560d99d778d64a6fa400b071624771abfff6980b43c26015b9278364b8d02fd415176be3619e0a0c5094c7d72e6b3cfcb91f22947373cb4ed9a5d0ad250d5f9b7e554bd320e98f9a5f6ed2e796d4fd1f53234fd001e3e82b58c9b9846ee2316d1d11a90a0868de1824edd713ea5dad7e561dd64b7d1bb65c18dfb677b3f74501e05a597a2bd656dc10f802639bf50bec7c2dc0812f4464b447cf9e981e500662fc74da895c6c662b9d5b64b8045e8745e86b5dbbbb2e4d26097c6a58d5904b0872e4dcf47f1c3e4855a785142a206bc4980d70c5e15f51219b2ef988ba6a827b535a70f0bdc31f6bc45a74a91a658337c62ec5a114ac9a87a1e39cacac4123c84754cadbcb079004bb6dbdfc40d4b8e4001a698a6539e8600ff784b14d2eaf13c65aea19dd9fd011650f5e245e6872ada7f49581e0d8015b088410d500c23d7582520b61c9e0c77e47c50271b540a95366b5fef2d81735b841f17698af7ee69882644410dd83a939ebd7760118befe079506eab4b4c001a81b79257e2ca2eaa6e95081045e4d0cbffa816426b56184dda3e95a3ea78b55bd0e268d23da93d1884dcd8c18e055edc27663a88b3c1a2463e1a8ced144a544c0e78ed2cefba38622501cbe2ed7b0033ca4c616328be66da667fa407e0aace6522dc060e326e6f3702be4a6a4293ae6a183d1760fbdabe05b84cf8a6721118c1e92475ef4b99c19afd51e9c5858389905a2e006d47c4a483e48a244618303fc933959c59856de86685afe7d2df9ca77da4794a47481f8e4ba21194eafd7031669313e5b6ab2951ca0eb7909579b956ba0d1388aff31f4e56eb247854b858a95058d82ebc9a106f20f51009d67d92286d9c8f272d8d0211ae69f2a7f97e34da962517f4c3ee14893031f00fa4c42bedc623cd35053d959afa3b60be50488298bd665db3e993404fd0332ffbc7b283715a51be11e13f8c7b334ab8dad8e0cc881469c3fe8077d6d8741858aa2c73a12bd79aebea2bd1ca921ec4036582b4a9e0c2c0c6b3dca39d0f84e00b1747c446189075a30340cd832d37f9dfc65c5f88dff3e712269946fc40edcc05f48d6d3974d2969f70f634340e1f21b32da5786a55e92721d38dc64c742bb1315a6b37dc14c424abe6dffb8b2932e65dbb45e8d4aec02f9312d6eef14644804a21a0c72f66edab3b5d765c035dcd2dfb11a2df4262d1d846dd5274055bd2cc38d135043159f50734b7f2c9e69eaf219ca8af2a1b18286d14db3bff78f34e13189344d27b35f0e61bf939aa753e64b07b492db245419e4e64db8511606df2205c17dbef55fa7c39b684ce3e9ed6863b931f294825def67969279bd92ef603598efae8b11a5f26d1e024100c66b652c58703f57974bcac8f2d43ccf6007400b3cd13ab678474e06ad7081f32bbebe9c275af01bf79a2e973de7540e90b9bb114d2a05462bd640659219ad95be8437f0859f208d7c285834a84cc60b16d963320ec961b20789d20358984fc4b2d27daab56383a16064237a12aba194d6bc22cf031c7fdd9963fc7fd47f40eb0acf6ff9079f193b2dff05012212aa80f1d9e5a1f17c0972568d3bdffd8b3251619883f5df07eea6643fa8c8aa38d3c60b24d245e096e874cd198bca2b75c245b8ec3965fa80391b403e1c804cbd2a463fc404c1c4110c2e709ff4eb1d714cea45fb7591799b0cf3498a5535467731fdeadbecb9745699cbb71937a85a096b59eeadc60f50087781d8bb0853ec5a412249697e842d42cc821673adf7ac432806290fab061721e5c2dff41db3e1ec19c5f828b1f18be3d628431d3f3a784bfb4cd643ee56aefaa8121ead1cdca58a212b0335d5bd8b28666aa0399206e35af9e2a448c5b36866f4ac4013a5ee6e965279a5bb107e6c29dfd812e96b7daa46a879c7ba3bc0bb78e2686b88a26d924e03a0bf19ac30484075ecd26b187f083185fdd1d3dbf0d4dbc38017b51fbded3667a718b443a71b75bb6c67a081e38708289c78ae433811a4f575cfa91c850b58d4a15a2d243e08148cac01bf18d0361422ea8c0c96d472de3ef0549dad8948f2a89d4ff328391e9cfb5018d8dac880b5a3c067d5ce0683ff494b7d399008e60dc962d9139f07889445af4527b97a037ff4e8762fa47638b02de0e62058944564944e1d0831b0c794e0db1277b7b92c3ed003b3509c7b237e7868763284d5ccf2098e3c368977465d75b9c8011a3aeee68ae79668522e2dba8ffdb66b0284eb202a59e9e453f284a32d6cf39e2a536ef0998e38544747d95c45d76231809964fe45492382db78eab0cf0e4eabfe34874fe3b234e70a21cf78ddf2153a9fc0bbce3c9cd73515eaca368ddb19f9b878462d0b2a79965f090aaf271bc08b2a949f38ad0f48ab6d565491828ee9bc28f0f44c43ef70ca163bcd115faaab16b03af2e0a514c461be98408c50958d806dab048b540a25d3f90730fd335f9fb1a17501548bbef53a2bbe9d7c7406550903cb8eb843824f12899987b1af95dd61b7f6273dc634ac8af1788734ee9e70eb0b6605924eda399299ab4bd4982a5577ad0e305e2ccadf901a00c1cd4a3f71bddadeef384be83bf235e98fcdef4e74d064f6952008c45104fc8f60ea4ca6616462bec81326436994ea6b246a75fd5111420c3f88c681b6ea45d32baf7488f4a16c08e5504b2b9d11d98a7392d2ddbb5b8893bea87ae6e80a94855a35e37e2ba731832bb5a0d0e59cf87e41bee2cdeecfd8271ea8a6a0d59a04bb22da773a053c08c4db47a274b9746c18df3709ee178c19cb4ef7ecf2f91cfa6e7c330e2215c395c86c78ee76f890628364141c685a9d3e5ad17c326cce797b147cfc69ab0011a5388d29f1045d48724d6392e233bf718e0f245359adaf735081ae046db144e631fe1a4a185231435f7446c635333c2e645468be2f9edd61cba8483724a10330402dc3e41e9490ad96adf01b08c77911c6c0ecb89b250bdaf9ce7dd56d24762e4a78768a188ef4057b353f9edb32c6ca08b8136c51434b9b45b2001535987518ca6e3b0f8c79e243657941a407fabb798738faeeee775216992fd7f95c9aeec596677a3980015f4a28c24fea2399e92e3c2ca3460f9ac5399f7d216f2", 0x1000, 0xfffffffffffffffe) keyctl$instantiate_iov(0x14, r1, &(0x7f00000002c0)=[{&(0x7f0000000240)="15058f7c283eab2cd5d8522ad4454b996f37c12eb1ae11d29748be07c430d30e337930ef5b600c7ee1aef9a04b777416f673927c070e5c98f19895cadc8c58698f16dded394eac2de9e1586035c662f1a0d1badff56840a936fae256fe69e53e58a37bd7cc5590e7deb81e36d1a628d8c447cdc4fd3c4b0732", 0x79}], 0x1, r2) write$cgroup_pid(r0, &(0x7f0000000180), 0x1d2) 2018/04/06 11:41:19 executing program 1: r0 = socket(0x0, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) r1 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x52, r1, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000000200)={0x0, 0x4c, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30445cc3106098c1375dee48494f9360a6dceec8517e"}, &(0x7f00000000c0)=0x54) close(r1) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(r0, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$alg(0x26, 0x5, 0x0) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000640)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000140), &(0x7f0000000180)) close(r3) sendmmsg(0xffffffffffffffff, &(0x7f0000002280)=[{{&(0x7f00000006c0)=@pppoe={0x18, 0x0, {0x3, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, 'ip6tnl0\x00'}}, 0x80, &(0x7f0000000ec0)=[{&(0x7f0000000740)="964616d1dafb11d6d905ea33bd4eaea0dd04eb847bc0a1210ca9456143e31b8ce14caf4a0646bc639707d10aba3e652495977a7a6d3fc41ef6364c47c2266aa410a490f920f407161207ec5352e1ce6c3822d3a2ae063583609298790a58b73fccaac3665dd78ab4a15d4c12a996799f41dc79b9f3d57a627a7517cb0b51c0cecf43519f19db25073246fa0d8e29d209ee94372325d56aa5ae8d45", 0x9b}], 0x1, &(0x7f0000000f40)=[{0x30, 0x103, 0x918, "b9b0597d21d227c112b74fbadc29c742bca992f94f18f93f4a69"}], 0x30, 0x4045}, 0x610}], 0x1, 0x4001) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x13860b96, 0xa0000) fcntl$getownex(r2, 0x10, &(0x7f0000000680)) 2018/04/06 11:41:19 executing program 0: pipe(&(0x7f00005dcff8)={0xffffffffffffffff, 0xffffffffffffffff}) ppoll(&(0x7f00000000c0)=[{r0}], 0x0, &(0x7f0000000100)={0x77359400}, &(0x7f0000000040), 0x8) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f00005dff57)=';', 0x1}], 0x1, 0x0) mlockall(0x2) sched_setaffinity(0x0, 0x8, &(0x7f0000000080)=0x800) accept$unix(r1, &(0x7f0000000140)=@abs, &(0x7f00000001c0)=0x6e) write(r1, &(0x7f0000335000), 0xfc94) readv(r0, &(0x7f0000119ff0)=[{&(0x7f000061e000)=""/4096, 0xfc74}], 0x3d) [ 397.587584] FAULT_FLAG_ALLOW_RETRY missing 30 [ 397.592202] CPU: 0 PID: 24948 Comm: syz-executor3 Not tainted 4.16.0+ #3 [ 397.599039] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 397.608376] Call Trace: [ 397.610960] dump_stack+0x1b9/0x294 [ 397.614577] ? dump_stack_print_info.cold.2+0x52/0x52 [ 397.619752] ? kasan_check_write+0x14/0x20 [ 397.623970] ? do_raw_spin_lock+0xc1/0x200 [ 397.628203] handle_userfault.cold.32+0x44/0x57 [ 397.632863] ? handle_userfault+0x16c6/0x2760 [ 397.637343] ? userfaultfd_ioctl+0x4d10/0x4d10 [ 397.641908] ? debug_check_no_locks_freed+0x310/0x310 [ 397.647080] ? rb_erase+0x3530/0x3530 [ 397.650867] ? print_usage_bug+0xc0/0xc0 [ 397.654911] ? match_held_lock+0x801/0x8b0 [ 397.659128] ? print_usage_bug+0xc0/0xc0 [ 397.663174] ? print_usage_bug+0xc0/0xc0 [ 397.667217] ? lock_downgrade+0x8e0/0x8e0 [ 397.671350] ? lock_downgrade+0x8e0/0x8e0 [ 397.675481] ? __lock_acquire+0x7f5/0x5130 [ 397.679700] ? graph_lock+0x170/0x170 [ 397.683482] ? debug_check_no_locks_freed+0x310/0x310 [ 397.688654] ? find_held_lock+0x36/0x1c0 [ 397.692703] ? lock_downgrade+0x8e0/0x8e0 [ 397.696834] ? kasan_check_read+0x11/0x20 [ 397.700961] ? do_raw_spin_unlock+0x9e/0x2e0 [ 397.705353] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 397.709916] ? kasan_check_write+0x14/0x20 [ 397.714143] ? do_raw_spin_lock+0xc1/0x200 [ 397.718369] __handle_mm_fault+0x34be/0x4150 [ 397.722760] ? vm_insert_mixed_mkwrite+0x40/0x40 [ 397.727511] ? graph_lock+0x170/0x170 [ 397.731319] ? find_held_lock+0x36/0x1c0 [ 397.735364] ? lock_downgrade+0x8e0/0x8e0 [ 397.739501] ? handle_mm_fault+0x8c0/0xc70 [ 397.743719] handle_mm_fault+0x53a/0xc70 [ 397.747759] ? __handle_mm_fault+0x4150/0x4150 [ 397.752337] ? find_vma+0x34/0x190 [ 397.755867] __do_page_fault+0x60b/0xe40 [ 397.759910] ? mm_fault_error+0x380/0x380 [ 397.764037] ? __schedule+0x80f/0x1e40 [ 397.767911] ? graph_lock+0x170/0x170 [ 397.771704] do_page_fault+0xee/0x8a7 [ 397.775486] ? vmalloc_sync_all+0x30/0x30 [ 397.779617] ? find_held_lock+0x36/0x1c0 [ 397.783680] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 397.788510] page_fault+0x25/0x50 [ 397.791942] RIP: 0010:copy_user_generic_unrolled+0x86/0xc0 [ 397.797543] RSP: 0018:ffff880183d97ce8 EFLAGS: 00010206 [ 397.802884] RAX: ffffed00307b2fae RBX: 0000000000000018 RCX: 0000000000000003 [ 397.810135] RDX: 0000000000000000 RSI: 0000000020013000 RDI: ffff880183d97d58 [ 397.817386] RBP: ffff880183d97d20 R08: ffffed00307b2fae R09: ffffed00307b2fab [ 397.824635] R10: ffffed00307b2fad R11: ffff880183d97d6f R12: 0000000020013018 [ 397.831889] R13: 0000000020013000 R14: ffff880183d97d58 R15: 00007ffffffff000 [ 397.839164] ? _copy_from_user+0x10d/0x150 [ 397.843385] SyS_sigaltstack+0xae/0x320 [ 397.847354] ? do_sigaction+0xa50/0xa50 [ 397.851314] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 397.856840] ? exit_to_usermode_loop+0x1ef/0x310 [ 397.861581] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 397.866405] ? ksys_ioctl+0x81/0xd0 [ 397.870018] ? do_syscall_64+0xb7/0x9d0 [ 397.873981] ? do_sigaction+0xa50/0xa50 [ 397.877941] do_syscall_64+0x29e/0x9d0 [ 397.881811] ? vmalloc_sync_all+0x30/0x30 [ 397.885943] ? _raw_spin_unlock_irq+0x27/0x70 [ 397.890422] ? finish_task_switch+0x1ca/0x820 [ 397.894901] ? syscall_return_slowpath+0x5c0/0x5c0 [ 397.899812] ? syscall_return_slowpath+0x30f/0x5c0 [ 397.904725] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 397.910072] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 397.914899] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 397.920071] RIP: 0033:0x4552d9 [ 397.923241] RSP: 002b:00007ff15ecfec68 EFLAGS: 00000246 ORIG_RAX: 0000000000000083 [ 397.930931] RAX: ffffffffffffffda RBX: 00007ff15ecff6d4 RCX: 00000000004552d9 [ 397.938182] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000020013000 [ 397.945431] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 397.952681] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 397.959930] R13: 0000000000000608 R14: 00000000006fc160 R15: 0000000000000000 2018/04/06 11:41:20 executing program 7: r0 = socket$inet_dccp(0x2, 0x6, 0x0) getsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000000c0), 0x10) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_MRT6_DEL_MFC_PROXY(r1, 0x29, 0xd3, &(0x7f0000000100)={{0xa, 0x4e21, 0x2, @remote={0xfe, 0x80, [], 0xbb}, 0x6}, {0xa, 0x4e22, 0x101, @loopback={0x0, 0x1}, 0x80000000}, 0x3, [0xbf8a, 0x8000, 0x0, 0x2a, 0x7, 0x9, 0x0, 0x101]}, 0x5c) r2 = syz_open_dev$sndmidi(&(0x7f0000000180)='/dev/snd/midiC#D#\x00', 0x20, 0x101000) ioctl$sock_inet6_tcp_SIOCINQ(r2, 0x541b, &(0x7f00000001c0)) ioctl$sock_SIOCGIFBR(r2, 0x8940, &(0x7f00000002c0)=@get={0x1, &(0x7f0000000200)=""/186, 0x3}) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f0000000300)={@ipv4={[], [0xff, 0xff], @broadcast=0xffffffff}, 0x9eb4, 0x0, 0xff, 0x0, 0x5, 0x3, 0xea6ae7}, 0x20) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r2, 0x84, 0x6, &(0x7f0000001f80)={0x0, @in={{0x2, 0x4e22, @loopback=0x7f000001}}}, &(0x7f0000001ec0)=0x84) getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(r2, 0x84, 0x1b, &(0x7f00000020c0)={r3, 0xab, "be9126ba2c1ce5bac1323f024ddb6dea3d0c7310dfd60362925b9c079851dc022e86d14f58b84a73fa45a728251fb4123e94360a26a3d4c8cb9e7b872367e9e8819d3a74d9c1506685ea8a32a2a26fba2c2f364d2658b21dcb4ab92f7515fe19609729276376e50824f836e14510fbf2f830a085a22bee86d63e096913407c0f5d3407f3610eee1fa399da0600a883872703aa313d3a137d7eff9c7d62ddeab37e1d453e220274c8bb1931"}, &(0x7f0000000080)=0xb3) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r2, 0x84, 0x72, &(0x7f0000000400)={r4, 0x4, 0x30}, &(0x7f0000000440)=0xc) setsockopt$SO_VM_SOCKETS_BUFFER_MAX_SIZE(r2, 0x28, 0x2, &(0x7f0000000480)=0xffffffffffffd5fd, 0x8) setsockopt$inet_sctp_SCTP_CONTEXT(r2, 0x84, 0x11, &(0x7f00000004c0)={r5, 0x3}, 0x8) ioctl$sock_inet_tcp_SIOCOUTQ(r2, 0x5411, &(0x7f0000000500)) connect(r1, &(0x7f0000000540)=@generic={0xb, "d9bbca744f797a7a252955ecd91700db1d300c5327527e55f079985bf35cebf3ae6658ca6757d2aa8ca33d12ef981ecf7747661309de48b0e85e83de4607d72be09916fa02639804de1ee1d9fe50c4145b2e0d47fa3afafaf4bef8aa5406e40e38417ea3e56c6b0e8cf89db3edc188369c180b3bab1c7d146ea70719848e"}, 0x80) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f00000005c0)={"bebd1f16ab8eb2d6858a96138f28b9b9490272260a62abe64e9b0a50f9a8c33c3fd0528b000a1b5ac8a48c733bb908ce0ae5dad2ec3a6105170bd605ae2d5c87e4af45eb2b514d804d209a2130f1dff93ff44ecbd7900c850ec006072c79163e73c04e3e85c259c6c09777180439c27743c06bef29870411616f40e226a8ff2f1ee41c4d9410143ef31d7cdf774ec69085d99a50c3c790b7301a1f696b8f921b57f2684b88b5719684441f05276fc84f722a66918213104ccb979a7617400001bdfe4dd37fb3bdcc90f9647906056f6dd095942a8ab3fa2bccc178abb649113bedf5f2c0a676184a67a2a23a57b07a5d343f8df779f565ccbd0f5de25bf698151f78a3c2c9323b83fb808f5cbf1c2570e615c6cbc63f5f6389f9d429174bb9928632ef84e6ae0661437529728dc8c3c84a08c98b0872997f4dd6bffac57acc1d089943bef3a60f0881cc86eabb4a761b180a696a5c78502a5581bc26faa4eb0b1525aec1dcd36610e8a11ca30fc5caf340a2471f8ddd7aa439bbdd1e402a56778a8155a1fa4f2ad9d92d0dbc6a490fe8189f8273c26dd265bfe72c019015cd4c0dc5fd77747af9359add1b3a22ddbe3154343c9df2a333463fc86318d80253629a38603e7bc547941b4e14917ad346122bb613378c616597885a6eb4f28180949626816d428b8e175bd9159ffe359e02b48651e51c9269c7b1c06d09912a5b060071517c8f98c5dd13242267c0a4a78074a256e9c9a15d1c1d117b92bf5820038ec8efc41c8a53ba919741cf631246ae507fdd448bcbbd3ea2c2180edff9d750c1e8bbb64c91a8359759126b17428e3bc510b3c84d62a4aa2249a7259747a135d8382015f80e4ed5b4eb954b4fb35d340d884cb92488bab4acf2f2164cd3010ac3932e482aa9384348c62e19d748f8615d645341dc5b5541e4b033bbe9c7d0f3975d8aaec50fee1f8559095cf3700f0d405b91d408800007f6a0e547b4391c32f2a272c15f4c6af3ddb6e067519a7a9723052889c57fd7a9045b313a39790365f74804a748a19f58b4043ae502b812066e30774535d242be327b42802f9050f6f41dd2da9a8d28ee0bd0c695785979cd316703d390a0e49075ad9b3aa7c1a6647fc176d69d866eee15818a81982fc5f19822f2797716b5207c0a43f718754d34a4433f83bba41625e144fc70bf59570b8f4edf35acb25d6644f53b6e62af57adb369d37dfb88e69f2ab2a66742bcb7884b9f03e7545771d8cf8914ac970845e467fd0d32672ae9fe2ad56580de109c4b138d1e37bac328851a08c1f393a46501faa02347e7ec64d60e6b9aee065fe2e9fe01c7e726153a43a1417f0301de7b2533ef1c6ea86e91e8a81344f50c7f2c5cd539c2009fdaf0a4afbbd52192a812041878a722d9f058b1d711179b8448621b0479bcc6151a065f40e006cbfbcf051f"}) ioctl$sock_netrom_SIOCADDRT(r1, 0x890b, &(0x7f00000009c0)) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000000a00)={{{@in=@rand_addr, @in6=@remote}}, {{@in6=@loopback}, 0x0, @in6=@mcast1}}, &(0x7f0000000b00)=0xe8) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000b40)={0x5f, @multicast1=0xe0000001, 0x4e24, 0x4, 'lc\x00', 0x23, 0x90e0, 0x4}, 0x2c) setsockopt$inet6_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f0000000b80)='hybla\x00', 0x6) socket$inet(0x2, 0x807, 0x6) ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000bc0)=0x81) ioctl$TIOCLINUX3(r2, 0x541c, &(0x7f0000000c00)=0x3) socketpair$inet_udp(0x2, 0x2, 0x0, &(0x7f0000000c40)={0xffffffffffffffff, 0xffffffffffffffff}) syz_extract_tcp_res(&(0x7f0000000c80), 0x2, 0x2) ioctl$LOOP_GET_STATUS64(r2, 0x4c05, &(0x7f0000000cc0)) sendto$inet(r6, &(0x7f0000000dc0)="d93621df2b12ae6970a98c96861fb6913235a795bb211f16bff575ebef2e368dceb65f1389ad7fa841f662233dda9a2990c80d89efef0481eca9d71d396bded4ad698a096f686bb9847e2e323c620acd0063553bf9798f2781d6033a8bb84a3cf93b0add457a5d3fb06cc036fe7d82946a9e7a21b4489cf31a11e7c2b11f97d63a391263e01a2e1b6bfd7180385a10c3788f1153ca19203a41a4d75cd1fb82693736151f328c8f5fc50747c5608c3d12d9d27dad6c1f8dcfc3e93e137697ace4c6e714e891bf80b55b10b102051f25a203bdb96daf8dc7e0f0238d47ba853b28dd958654586743b4dc3627c98e0db20772ed0b125cd9a4c8fd3c144a4ad0bcb3a39ed1c1f0ab1304f01d26ca3eb51a9bd6888dcf9394e52b64f88f2bc138c61ed3eeec30e05a25066b17674dba7943e225d7fc447b86bbb20f6bdf604d12401a08a064599c7d0e3b3cb0d25d37422cd26851cf8c04108bb3a170e30540a8fdf8d360453e39fb40764e971046dbcd384e3ed8b630103597cce81efda8df11c177a0eacbd7f7ed0a9d92f4018c716df4b868e34b167c58c250f55c5522574a72ab48c0f12d5844d6e74f5cab369db2014d65073b34eb9e347b1ff40f2361ad42a271c79422d89ddb524d91bda6c9e5804a7c93a429ee2365fe4f3244b0e18e5e3bb0f1908b894286ca17f441848f3ebab92bf759e26c72f877b9e26539c320b7f43429640dcd520200de22a8dc309a1e4a4ebfff293dd17683d261ae9854a61116aedfb959209de7824abd9d93dc677d2cde36ae32801abe457814296abdcbd2bba1038f92a8c0c953b034d46b2191f68594be01c28d6bc07904a0a9933c64b606088a31fb9fb279fb5d2d066925f7392f2e7bf501605812006cc3820075125a07049eeb3fdd8fddd8c24a423a83793b5240ae73bbc6fb6ff74769123bf74f41a122f3ecba7fe81246cf238e92846218720f9dfceba6e76c57bd529636efe7effb8970e581af49dee4e7df2a0da0e442ac41ebe8486a7590f56335536fc561bbbb838ef784431c3fd1fcc0b37d0bf152d6cbc2445ba5a97cc86fee50137f12a8f2ef41168c6ffbd1be7e00a7c6c5013391c6b1d7d02d5a22c5e91d351e73dc7ee53163a790e9bd86d1938464b3b77a4814d4674d68e6e77dd8a5d8045818188f5bc1658a069ac3ce9b7ba0deb8786fd244a8ac15eb6c4c88c690c57e1f3cdd459a24667ff16da170b1972a6ae84857008c8f9559c48f85deddf4ec59c8a2eb150d1e1babd55b855f7d18d4113d79b8f57fde01e267c69842ed44a2ab904dc39443f3a5081038d436aca819c74a7d2421aaf3f280f0cb0a9bb4b6b229cf3a815aecd354dc35e6e75ebaeece99720327352dd33fa0f5b64715c603e5880a1f615be2960dc3e036751222ea65c1c4dcba1a249ecfa573dd066d342d51e20bc87d9d9a97bdf09c9f7b90cc241a25edc580600dfa2b75022ba377f1b28d23097307a3a4585bd4b06d08ac6f56a7c3ff04f426fb78d68c96b44fbcd504d735464116b6f90664f2d6aa6cb194cce65c9497d3d1ba521b47f779923b877de1d9a2d83064076e0cbae23e6e4d67e938a1afb95a2893592390bdc3e424421245c2bf8e5a6dae6c48ef79617707299b9280362f2017f343cd4d2cf01acad792413fce084b7396836e938b2790ecf222180ecc2143492902f467957cf94e3a4d52ad03af332a293425ed1fa34406f8e2bd1c4ec674b18868c9563c8ef8e8cb7e71ce0e845e2e3acbbf7f7e859420d81146200b835ab49b910ac889dba56d598cfca0b8141e5c3d178b8a245cef4c3c58bce4676de0f0ac3793a897840bd24e1fbb5014d5b47be97edfac254c09885ed0dd9bc3edb6b3e59041a43e25fdfe0fa5aa178961c0b0aa8a705ad0b2f320b896b755403793ed81bb4bbf9880273521831df9dba73fc5c1fc69a8b6f34a50ba8824a79ea30cc12bb846dce73d603337851e57158b373f5af701b4797b49b6b7c677f87a3ad66f4216b9b0d560de4fad01a0eb984fbf7bd958ced3e8f0bfb5467871f9b73edb901c42985a00d8b0567db8a1374aaa66de6d8f81e6d537ecaae565b73af55aafc0b9bf8ee97da58122fbe53b86be3adb81cfa3149eb2c2ed76009f8faf48c779de0d3bae264617c781647abcd66dce189ea741991b005e1152157353471ddd35c84f2f987b552ff8a403ef818c1fe9c7ccc30114c98f7ee3c6c11db82d543b0be24f291ed5626c61d08c4358e7bb2549994af25321dab43720e874676ff3437be44f7a2fe437d61f284e0a78c31dbed52d843face85f1311f4593ba80abf5c074dc0ec716bd35a6a3b0348ab2e1ba547b01a868df64aefe9cf8ade491e5b0ab233b830849769c9371fba8ffbbd3a90f1cf75a609905b4212731c945e34826b217acef5a0c54d7a2c4733275113d2e7a2e2ff28fc7b986e25173fb55950f0a5d2fa3791203ea9b95b2ebd2b2777c84fc85d2c01ae084bf5acaabd8e6572b6de51cfc59cf1408fcd8cc50941de5db7943b0f617bcf394dd604baa47d8889f7b11842a09ca82f97faad4c9f672057f651075ffc741db81e9935f086c10bd053939a50348c5750578866af4432ecc7b1b26946ad0ea99d5af78c3ae1d263646b16d9e52a55bbddfd802190ace515208312a0b8fcda04544027235c800befe030fdae826518e8436c6ae66013148cbde073d8f1cb9f9997b7dde3c80ce0e46f1bd1592d415c2acc1b48eef97534f5d27f1bba5cbd288b544a5ceaf0b572e53cf5cd7e738bc066a111837733f7398e39dcc231e276379d57b997cbe6cf58cff0b6dea8cd9b4605e4b8f8a25c9c5e0d6edb28e42cf138469abaf36f13f53423a2b19ebe0a73e6b283692a445aac5d79fec1755a2b289470d9314e83d33d7a3b969b93245752f9d5d012fd2d817245b5d3335e8f86d222827d6683a492b157a115b1a512c11f8b5e9b5da0bc31d6c247c90a2f1569f4482b0a1245ff664fd3e1348f2b9177815c34f0b42279f1b49ea9d13384b48026c470bc3c0ed23703002c32fdb9daefe89455598338cb264b02980ec9f8ca728379e178c15030a77dcc41e1f8eb55281bea74fc0319ad6f0c65c89f95656aa41f957e05805369d66edca4e916fb0009d6ed0cc32b6a8438fb2e3502facafb03b237a8c5b42377d06fa0444d96e30ff1cfe8a271b123d3ce2f7b86ea96fe8fc354283c50d4a2c82d3be57d68788d5c9d5d75d0af63f1132aa3f1f15d33a26e34b17c770ec67b9d61ee0a92fb69e2ef2820c859bd545d95b6fb8e8e0d7d3d7524804f746d3e37146d36cb96a6780558c617f2602b37c2b261bed9ce6a657a033fc2cd93a9900a4b79bf3c34fda85bfedb06e689bad79f0a09a82e3199c8ca3bf2f2519681c7b8dc1d6e3d27a0824bc6551dcff307b6e95b729e245722840418d764054d74f3b92952e757d2eba26348ffffdbca3900280075da6a94f39462310336c488cff390538f4270c934b66e4a94fada737b85a2e415bb83fc27fbb6b3fde3db424dea4ec60544ea0e6500a94c601b9a7a15309b838ae5fb5d24c06fd5db91687f5a4e95ece0af13eaa2bbf02bd11f7ff45898c29c3d6231b8fd8433ea1ac6e8ca1a0c4de2c89d892de72bb115f9f4181e88923daf949a7c446ebd9bc5655fbd2012551f44640eca7f45ec260b116a86332d65e194b1cc433a72ce5d3249ff5e8c1a1fa7d6a796e17b8008248476257551fcd3d564f7d7383af6730387276f76bfba095a724784e4c4cc2ced228eebc721a87ef5394e6323105afe11d199779f4d5a8a5a7c0cc9403a09c896c53762c3a1aa14afea00142f21dc1ab8cc3d472be6dc7e008f4f48bc9e231f25d9b35f6ab53cf16c81082deb41fcb86aef70596a96b08a58d9e816e8b6f9e1d6a69b923934c586b6751207dcf9d75dcb1cd0dafd123c666142015727dd55101697f0c606658373fc05f94677b27f0725944b679d8475ac01980a1a061bcff8853dc107d2abf6849186ddf7d28c28b126b4c8309dded2ac090d1f34dec9db52cd8d954d022ed23628ee73df95b415437be96039a7d707d02d0ed0974aacb3ff2bfa8fbfcf0def0c32d27a99883fae23765836f39d841778713653026934a4d9622ca7f0c93314189e116dd612f2420aa212a3dd603560e09362701af9c9886057d8e98bd8cb841d3dbc3ae597aa9f83cbd58805f56d32b46029aa3c492dc9381993d323d1e6bd7c890a377d795567ee5b17cb05f5ec7cf5ce89ef45558cc4487fc00c3f4d714c99e5ca780c6d0a3afefaad0ba1dfad287faf095d69d9c89b3ba6ca1caca437136466d61d6beb1a71b84219ceb54ed65813c78b476910ac69ee52ba8e25da190a189017548e162e1685ab82209c4a2096454b96cac806388dd2fe87cf62aab30e6e2f94f21b91038a4a27a81efecd5c7d6722099d86ca3870056e4d09df2e006fc96c6b70014f4731e7ea45c07789ea193deefb6f03c76f6b5f39704d4e112616542706d1cf46d8f13f9fc88b6510dc89335c021f385557de6816b37c2a118e9b4274452fb4556b98e692a0d84718f3ea2cf4e5521c6118b3c40742fbfe57f24007195800e27640a0cdbf400349e28cef17eed08e1c4146825511e90393279d6b712f1ced1256b08bd5191837ac8ca7fca715f293b94676d2d0c43210ce4389c2d86aaf1d8d8ab6e25408e312479281b614f3b51fd90a0e3a9691f678386a8bc7c494cfb933ab0d64d3dec213f9bc8aa362f1782d3c44100fec2c47155ad110a64dba5d9ea7c1de9658efcf61cd75e71970b030eb19f8e714a0e2186e256350d0796c1b4f15394940969ab9b4a764a4ac71627785771c1f3fb624ab4d9323806eaac3ccf3428ff021921301a0eb2ce4d21f62463bb099212abecc34168e93e212b121cfe2b5ec6a9b5a5276ed2401185ec95044dd7961086bc3e0225fa85407001dfe6e7eda5c0f3b2a1d3e3698826e6ab23e6c5a6a171a1903f96730cc7df7a48d285ca6a00e84512467b5c763c9877effd4a037e7dcdf10e2ad03a4107711c53a6350d82b64e6f99ea64c37063b753e220114ec67ba54effce8db06e32e50fd3f1e2b33992e72fd95ad5dfb6e25e780954e84150fc06f55e494eb02616b0924892c6a859b477e0e099a37e9f408f98f555617c6776f5d193c230b7c0504884b8046ce9cd634699f56b9b0cebdfbbb639705b48560c1a238925028df8ec06ebc3d89b7059ca533a4ea39454897b3b9c5b9418e94f97a1cc21f19e3644b9f3b5201b45561cdb4236c5267eb33e4eb114a34bbbf55acee5d6f09a75c551b2571e2cb34c1462dc092ef5608a19ae9926e45ee186e72454ac76f759a6b8c48be99c391b8103ba143085ab8cc85cc41a9062a00904894fbf8eced67d7e4dfd8f264c9f24404548c5274c5a383854abc03623eb91fb66c394317aa01e0a14b8ef87c7c577a02f762a75b21ae3ceb24e96f1d68ec0fac4775dfb0c70e7fb0f1220c9058b0b23c976bbf4b456ffdcb978f0868b1397bbf23cb121a4fd23baa062c7dcad1fa0574a4512e52b1222035530f87ba9c3f3665a7a7e56fff314c32e93848c380f866bfe8306d2676165564219c1963d0aeb6b7f349acb420d0324e9f19a75a077f17df3555d71075b2ef7bb1d933b8ab03329f6f5ab5c8c44e6ad6109634bb8ab7500bd48ff62ef309c35b03b9c0d1e24542ba38634cff4914025535bd69001808bb0bb002356b5983763b56b82c90b926d8f4c0d5c36dc726ede3136024bbb84cd073fe816693473fddc409e0", 0x1000, 0x20044840, &(0x7f0000001dc0)={0x2, 0x4e24, @multicast1=0xe0000001}, 0xfffffffffffffd2c) ioctl$PPPIOCGFLAGS(r2, 0x8004745a, &(0x7f0000001e00)) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000001e40)=0x8) getsockopt$inet_sctp6_SCTP_HMAC_IDENT(r2, 0x84, 0x16, &(0x7f0000001e80)=ANY=[@ANYBLOB="043b00677a49e000000091bc"], &(0x7f0000000000)=0xc) getsockopt$netrom_NETROM_N2(r2, 0x103, 0x3, &(0x7f0000001f00)=0x2, &(0x7f0000001f40)=0xfffffffffffffec6) 2018/04/06 11:41:20 executing program 4: r0 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000200)={r1}, &(0x7f00000000c0)=0x8) close(r0) setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040), 0x4) perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$rdma_cm(0xffffffffffffffff, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080), 0x2}}, 0xfffffe84) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000002c0)={0x0, {{0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, [], 0x19}, 0x6c}}, {{0xa, 0x4e20, 0x0, @remote={0xfe, 0x80, [], 0xbb}}}}, 0x108) 2018/04/06 11:41:20 executing program 5: capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)={0x0, 0xfffffffffffffffc, 0x0, 0x0, 0xfffffffffffffffc}) msgget(0x2, 0x58) 2018/04/06 11:41:20 executing program 6: socket$inet_udp(0x2, 0x2, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000095bffc)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) sendto$inet(r1, &(0x7f0000762fff), 0xfdc7, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001, [0x5627]}, 0x10) 2018/04/06 11:41:20 executing program 2: open(&(0x7f0000000000)='./bus\x00', 0x100000141842, 0x0) syz_mount_image$ntfs(&(0x7f0000000440)='ntfs\x00', &(0x7f0000000480)='./bus\x00', 0x0, 0x0, &(0x7f00000006c0), 0x1000, &(0x7f0000000740)=ANY=[]) r0 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) syz_mount_image$hfs(&(0x7f0000001780)='hfs\x00', &(0x7f0000000100)='./bus\x00', 0x0, 0xccf, &(0x7f0000001a40)=[{&(0x7f0000001c00)="c3109cfc6f65b837063b7bbc3d4a7d202d2b9984a215c7b7bd25480c1babe9aadb78e3c53ec529cb288497a5ff7386ab50bc1a8c89", 0x0, 0x401}, {&(0x7f0000001800)="2ddea5d98171285eddea030c82c3ebbbe9ef0086979c4d89f51697a723698cc79f113fca18d8ec8bb4942cb405ffaeeeafc6b09a0aa44324f534c9b7f57352f0c6be30573567dee6adbbdffa5bc32a5b00201e68181092887cf576f0703f060812cd5047561a4c92d2fe195c21c60625c482c212ec431a19596ad1012108999bc75ae3480f0e76a36376ac63a8", 0x0, 0x5}, {&(0x7f00000018c0)="c5530d8833354b18ef6baebf606c24f24d221ae3c07931be7198141ec53fd728927e5f00e021449a33baca2a22cf99667bb62ad1c43215e3f08aaced4246a353f263c0b7595b47c7a50af4436c372f265f8434d31934351c965767c877bce2ca431539e8a01395cb17c6c5e7c94ccf3bafb07d8b5e8c8a7c931e0d769db9d35a00cb5aa0044e6a6a561fd1afe1", 0x0, 0x5}, {&(0x7f0000001ac0)="a6c3452050343eb065584cf53ea65ae330a5f6fabf78091e23a81fecb3775e4b4b863ad23c978b4d06569e6a36869f4d6ab49a561ec1407526f64751bf75483fb2755e3dd399f154e42b71bf2ba4b06f84d08c82013cccce8d83cc8522875560acd751f4f33688881c070e6ef463499ee9e91f792ae72561196b6ba9dc495e6762dbb6f5c913a4aeab57f7ff1fec996193598848aca0c65638fffb8af2141e66a90fe4ae167772c4c599843c560c877e454fdb686a3b7df3bc64de67f0ab300a68bb0beb5a6e2c52ef9e161399bf3a9939b04d804247cd6b3c9682eaf9ba0fdf8721b778b0f8e7905b17a1210b17ce35b1fb4f78497d438165b2019a31462ffaad8347218795323dd876bfaa1f6f7eec0187f0b9e41c54ba73230f635b3f4c2fd658e725afc3135bbb160347c72457a5da34344443b7f7c8ab479f9e63", 0x0, 0x7}], 0x10000, &(0x7f0000000780)=ANY=[]) ioctl$LOOP_SET_CAPACITY(r0, 0x4c07) write$cgroup_pid(r0, &(0x7f0000000040)={[0x0]}, 0x1) r1 = add_key(&(0x7f00000000c0)='asymmetric\x00', &(0x7f0000000140)={0x73, 0x79, 0x7a, 0x0}, &(0x7f0000000180)="9e659466cbfbd5240d0324e75025024532163aa8770fe16f3a330ab59d341cd33efdf6be1071e0b18c129e0c9d16583537249b43ca89e0f22a9f2399e2c55eea1f4f6fa74bfedc0436a59cadd999ab6cc4a762f1aae4bbe5d64bed429655e3f9768d8a1c7b7987b156c14c970375762cc4e2eb17a0410521887bf27312ab3d65f483d880191303124d0b6f81a44b05c5", 0x90, 0xfffffffffffffffc) ioctl$KVM_SIGNAL_MSI(r0, 0x4020aea5, &(0x7f00000003c0)={0x0, 0x3000, 0x10001, 0x0, 0x2}) r2 = add_key$user(&(0x7f0000000300)='user\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a, 0x2}, &(0x7f00000004c0)="89e091874dc1c14eb3c0c7ad2256c243164ce397fa79b52d14204b90ae1887c9aa09b475c126d28053b14102ce36f17f78af94b232d31028cf2641748867b627bf0c54e649b6db3ff0122ead12f6531581128800682d95b363c829fbebba8815bf24ab345b6dc9d225690ff7dabb33c90b0a20f876e581899c5def3f5de86f83909a93aabfe52843b1cf16966d721989a951cc04a4ff601aec658e86602db6195495c9cfda64e14725bfc70e0dbc97c7d0f608100791d35a9820c2c56e063cc274ff781b3041d19e50a80ff57c64bbdf4c98adba9c8134194f9f4e53ff0616f6d1f3eed32e719e5c59818f0cdef7e5b1621170be3f86daae4afd9eaec0be6ce5b53a9de108bde2cfaf93e9817b7513d8e50bdf9712c2bf62b25605e12162f19dc2bee25d2d510f817d1f69697153dd85abc12da05ab8fbb48b1bccdbc9a4f6fd61243ba08f0463ae8d648c0c705d8bc32be3f3a40c4cfb0d562bbaa5bdf4668e488cc726358401d4b059873a6dcc6c15275e30494ab4a200f7c1acda80bbad5e682ea303bed5cfa1d90c043a3d39eca5282c486c446b51edeb13c0c07b2958f0d59693625988f8d7a777810900e7df0ddaa02dcd455191a62a11d6674f12dd2043c26a1abc44f7c7dd70a1dbd9711889cee4811d673607901a3bc79ad7f679c16fc8c1eb65c9570c6c7a74949e99764db700a49de40109e61b6146c0dfec2a5ee1516cd0cabe6889a8ea491522d7b5df783141ac3ea0af7b65796f76dae40529b6d2452d443faca1ba128bcc431302c358a2b34b9ed7870963d31ed34eafab8100838e83314196b3d3c1ec7303a1693dcb262278eb97369eef7c6e2d92a44f15a4bc6b4066cd9aafce1ed8ddfc7f377cda2b24c2a0eab215f4fcea3553f595161edbd4f16f1c34f5b238c47a11723a250dfde1d5d6cefe9fc71b808ca2f461acb17d13912320ab42ff1ac1d3b7ce3ed9025e96fc90ef3b5b9fd1726dc488fc9f3186d4893a0f24b70f3908b12283dce82a64bbe0003dce9425ccb0fec348f5a924628e4102907ab86030d2340cf17f23133bcd66eac6e44472fa01d4c255b2cae381d07f02c6482ea5e26f537c77b4fb55ea6274629d1801a96aafb71c5e9a29dff04d72ed0f3eff23746fecda96c351c2638ce1af7859fc4108658ad35a09d4b64675e2bd3c33e18bf2dffccb33610d927141ce0a0bf0e0b1716fad326f871e7868082a35ce67e631d9feeaa3a67d342084547d03252f4c05d4fffa3fee1dfa3bbd895113b06c30355e655b89307a41d84c7c2ea96ad1bf117f138d1f07709c4a499e71da397d8c035427f1ea2eb78c8fa5221fdd1e2e016dbabf7ec71d5d8666ca84cc8191c3ebb5270ce039319d24fe62cf1f3ddd0f1b78bb13896cd0e14517cd6779b6cfdea8a02a07ee38b0ee1ed56ccfd3ac537d66cc20f14d5d64e254b9a69e27eee39d8bbbf30401bba1638d6a104e16d0936c733f7c49bf665997f8bebf051eb85a65f6724a45882935e8690e600eb4a9f4a0593beb0f47e25457321a834ef2ab0785c576b59d042349a8c1d45be45ae3c6224e42d2b3bfe9f692435fff410b8c729498cbfa869285e74fff50b91546cbe549cd60a14fd9cea8cf330665b298bdafc6e95f91a0430d41b2759cee0927299bbacf035331b30b35b27ac466cfae70401ea481fdf2162f89443bc26dc1890910d86d097282ba9539435c49fae688ec78cdfc1f4697bcfeff9938b28a8c25b633a7b7e7a05c5fd5cf48bc00d2543e3c71d3c2533c3624fca7f6ef43f8a33d48b46ea6c321b6a9e2995ca09ce9fef2f357967d808df4a81c9c3ee4b250a32f16293e3c5d2e61c88ab84094133f998925f44a7bac482d6c424342c25c79a0055c87ee8bc2234909d11ede0ccb9da2104524ad008a0e201c3861776b6ee8ea39b88f4cf7c077895f59d6148b42a4dbe6202cf5c830b1252f379ef1e72dc173a4a9a4743e027ab1a3f020112ff09e2c03550ae56d42cf8d296f92fa92969347621016ab07f2c51c739d171669bc11d1c7635d7d46c2e350fde76d4344eb0534dab96021cf15f1ab2586b6a7bca4ca98f75870f70a46075d2560136e64e09d77e9ae1cc4d3d01f41d6ab1bf9d5f53bdca0d52364dc154dfce58f4f1120087d00fea80d31e44166ca562c6c434138e16a7d77c54072faeb13a1d79a25eb45be08db1121590437400cbcc67922a5af371c24c1da14f463690e9bfa27dc3ef7e25fd766350fc337c0d29a3c24885a8fc3f356d43a308fb5c91181b9c03db4799a704f64c28a79217b5b7e801ab630110d10d81c551b07eac4784500bc637f9c90bbac7a8d9f34447a708c89cf96afa732e02cfe0f9ae7894703dad8d9891f8ffe53d5f7f563205851166f7ec7c51516e585f36995db21bd8fc940bd46d8ebc5a06cb58d86acbf1876a339f379b0a2442d11c04d4ef8ecca9c83300cd6b5f876ba1063dca23e57ab95e12bcd304674ca923535987506246571624e185d9196c3ff62053c8ff368304701071b41cad586d82b713ec7b1b3e2347df9df71a805aefa6b738e503249e57da5a9db1bf66ee62c47f554de1e794acffd0bbc60b1d42f3b5cd3586892fc95c0c8e46a42e3dd104b209b4839f763ff6ee5cf413313cc5233013b0b43e1f3b16c73f41a1560d99d778d64a6fa400b071624771abfff6980b43c26015b9278364b8d02fd415176be3619e0a0c5094c7d72e6b3cfcb91f22947373cb4ed9a5d0ad250d5f9b7e554bd320e98f9a5f6ed2e796d4fd1f53234fd001e3e82b58c9b9846ee2316d1d11a90a0868de1824edd713ea5dad7e561dd64b7d1bb65c18dfb677b3f74501e05a597a2bd656dc10f802639bf50bec7c2dc0812f4464b447cf9e981e500662fc74da895c6c662b9d5b64b8045e8745e86b5dbbbb2e4d26097c6a58d5904b0872e4dcf47f1c3e4855a785142a206bc4980d70c5e15f51219b2ef988ba6a827b535a70f0bdc31f6bc45a74a91a658337c62ec5a114ac9a87a1e39cacac4123c84754cadbcb079004bb6dbdfc40d4b8e4001a698a6539e8600ff784b14d2eaf13c65aea19dd9fd011650f5e245e6872ada7f49581e0d8015b088410d500c23d7582520b61c9e0c77e47c50271b540a95366b5fef2d81735b841f17698af7ee69882644410dd83a939ebd7760118befe079506eab4b4c001a81b79257e2ca2eaa6e95081045e4d0cbffa816426b56184dda3e95a3ea78b55bd0e268d23da93d1884dcd8c18e055edc27663a88b3c1a2463e1a8ced144a544c0e78ed2cefba38622501cbe2ed7b0033ca4c616328be66da667fa407e0aace6522dc060e326e6f3702be4a6a4293ae6a183d1760fbdabe05b84cf8a6721118c1e92475ef4b99c19afd51e9c5858389905a2e006d47c4a483e48a244618303fc933959c59856de86685afe7d2df9ca77da4794a47481f8e4ba21194eafd7031669313e5b6ab2951ca0eb7909579b956ba0d1388aff31f4e56eb247854b858a95058d82ebc9a106f20f51009d67d92286d9c8f272d8d0211ae69f2a7f97e34da962517f4c3ee14893031f00fa4c42bedc623cd35053d959afa3b60be50488298bd665db3e993404fd0332ffbc7b283715a51be11e13f8c7b334ab8dad8e0cc881469c3fe8077d6d8741858aa2c73a12bd79aebea2bd1ca921ec4036582b4a9e0c2c0c6b3dca39d0f84e00b1747c446189075a30340cd832d37f9dfc65c5f88dff3e712269946fc40edcc05f48d6d3974d2969f70f634340e1f21b32da5786a55e92721d38dc64c742bb1315a6b37dc14c424abe6dffb8b2932e65dbb45e8d4aec02f9312d6eef14644804a21a0c72f66edab3b5d765c035dcd2dfb11a2df4262d1d846dd5274055bd2cc38d135043159f50734b7f2c9e69eaf219ca8af2a1b18286d14db3bff78f34e13189344d27b35f0e61bf939aa753e64b07b492db245419e4e64db8511606df2205c17dbef55fa7c39b684ce3e9ed6863b931f294825def67969279bd92ef603598efae8b11a5f26d1e024100c66b652c58703f57974bcac8f2d43ccf6007400b3cd13ab678474e06ad7081f32bbebe9c275af01bf79a2e973de7540e90b9bb114d2a05462bd640659219ad95be8437f0859f208d7c285834a84cc60b16d963320ec961b20789d20358984fc4b2d27daab56383a16064237a12aba194d6bc22cf031c7fdd9963fc7fd47f40eb0acf6ff9079f193b2dff05012212aa80f1d9e5a1f17c0972568d3bdffd8b3251619883f5df07eea6643fa8c8aa38d3c60b24d245e096e874cd198bca2b75c245b8ec3965fa80391b403e1c804cbd2a463fc404c1c4110c2e709ff4eb1d714cea45fb7591799b0cf3498a5535467731fdeadbecb9745699cbb71937a85a096b59eeadc60f50087781d8bb0853ec5a412249697e842d42cc821673adf7ac432806290fab061721e5c2dff41db3e1ec19c5f828b1f18be3d628431d3f3a784bfb4cd643ee56aefaa8121ead1cdca58a212b0335d5bd8b28666aa0399206e35af9e2a448c5b36866f4ac4013a5ee6e965279a5bb107e6c29dfd812e96b7daa46a879c7ba3bc0bb78e2686b88a26d924e03a0bf19ac30484075ecd26b187f083185fdd1d3dbf0d4dbc38017b51fbded3667a718b443a71b75bb6c67a081e38708289c78ae433811a4f575cfa91c850b58d4a15a2d243e08148cac01bf18d0361422ea8c0c96d472de3ef0549dad8948f2a89d4ff328391e9cfb5018d8dac880b5a3c067d5ce0683ff494b7d399008e60dc962d9139f07889445af4527b97a037ff4e8762fa47638b02de0e62058944564944e1d0831b0c794e0db1277b7b92c3ed003b3509c7b237e7868763284d5ccf2098e3c368977465d75b9c8011a3aeee68ae79668522e2dba8ffdb66b0284eb202a59e9e453f284a32d6cf39e2a536ef0998e38544747d95c45d76231809964fe45492382db78eab0cf0e4eabfe34874fe3b234e70a21cf78ddf2153a9fc0bbce3c9cd73515eaca368ddb19f9b878462d0b2a79965f090aaf271bc08b2a949f38ad0f48ab6d565491828ee9bc28f0f44c43ef70ca163bcd115faaab16b03af2e0a514c461be98408c50958d806dab048b540a25d3f90730fd335f9fb1a17501548bbef53a2bbe9d7c7406550903cb8eb843824f12899987b1af95dd61b7f6273dc634ac8af1788734ee9e70eb0b6605924eda399299ab4bd4982a5577ad0e305e2ccadf901a00c1cd4a3f71bddadeef384be83bf235e98fcdef4e74d064f6952008c45104fc8f60ea4ca6616462bec81326436994ea6b246a75fd5111420c3f88c681b6ea45d32baf7488f4a16c08e5504b2b9d11d98a7392d2ddbb5b8893bea87ae6e80a94855a35e37e2ba731832bb5a0d0e59cf87e41bee2cdeecfd8271ea8a6a0d59a04bb22da773a053c08c4db47a274b9746c18df3709ee178c19cb4ef7ecf2f91cfa6e7c330e2215c395c86c78ee76f890628364141c685a9d3e5ad17c326cce797b147cfc69ab0011a5388d29f1045d48724d6392e233bf718e0f245359adaf735081ae046db144e631fe1a4a185231435f7446c635333c2e645468be2f9edd61cba8483724a10330402dc3e41e9490ad96adf01b08c77911c6c0ecb89b250bdaf9ce7dd56d24762e4a78768a188ef4057b353f9edb32c6ca08b8136c51434b9b45b2001535987518ca6e3b0f8c79e243657941a407fabb798738faeeee775216992fd7f95c9aeec596677a3980015f4a28c24fea2399e92e3c2ca3460f9ac5399f7d216f2", 0x1000, 0xfffffffffffffffe) keyctl$instantiate_iov(0x14, r1, &(0x7f00000002c0)=[{&(0x7f0000000240)="15058f7c283eab2cd5d8522ad4454b996f37c12eb1ae11d29748be07c430d30e337930ef5b600c7ee1aef9a04b777416f673927c070e5c98f19895cadc8c58698f16dded394eac2de9e1586035c662f1a0d1badff56840a936fae256fe69e53e58a37bd7cc5590e7deb81e36d1a628d8c447cdc4fd3c4b0732", 0x79}], 0x1, r2) write$cgroup_pid(r0, &(0x7f0000000180), 0x1d2) 2018/04/06 11:41:20 executing program 1: r0 = socket(0x0, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) r1 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x52, r1, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000000200)={0x0, 0x4f, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30445cc3106098c1375dee48494f9360a6dceec8517e675add"}, &(0x7f00000000c0)=0x57) close(r1) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(r0, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$alg(0x26, 0x5, 0x0) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000640)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000140), &(0x7f0000000180)) close(r3) sendmmsg(0xffffffffffffffff, &(0x7f0000002280)=[{{&(0x7f00000006c0)=@pppoe={0x18, 0x0, {0x3, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, 'ip6tnl0\x00'}}, 0x80, &(0x7f0000000ec0)=[{&(0x7f0000000740)="964616d1dafb11d6d905ea33bd4eaea0dd04eb847bc0a1210ca9456143e31b8ce14caf4a0646bc639707d10aba3e652495977a7a6d3fc41ef6364c47c2266aa410a490f920f407161207ec5352e1ce6c3822d3a2ae063583609298790a58b73fccaac3665dd78ab4a15d4c12a996799f41dc79b9f3d57a627a7517cb0b51c0cecf43519f19db25073246fa0d8e29d209ee94372325d56aa5ae8d45", 0x9b}], 0x1, &(0x7f0000000f40)=[{0x30, 0x103, 0x918, "b9b0597d21d227c112b74fbadc29c742bca992f94f18f93f4a69"}], 0x30, 0x4045}, 0x610}], 0x1, 0x4001) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x13860b96, 0xa0000) fcntl$getownex(r2, 0x10, &(0x7f0000000680)) 2018/04/06 11:41:20 executing program 3: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) fcntl$getownex(0xffffffffffffff9c, 0x10, &(0x7f0000000100)) getpid() fcntl$getown(0xffffffffffffff9c, 0x9) gettid() ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) getpgrp(r0) r1 = memfd_create(&(0x7f0000000080)='em1\x00', 0x2) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000200)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) sigaltstack(&(0x7f0000013000/0x1000)=nil, &(0x7f00000000c0)) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000258f88)) msgsnd(0x0, &(0x7f0000284ff8)={0x3}, 0x0, 0x0) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000240)={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000640)={'\x00', 0x0}) ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f0000000680)=r3) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000b40)={&(0x7f0000011000/0x4000)=nil, 0x4000}) io_setup(0x1000, &(0x7f0000000040)) io_submit(0x0, 0x507000, &(0x7f0000000000)) ioctl$VHOST_RESET_OWNER(r1, 0xaf02, 0x0) 2018/04/06 11:41:20 executing program 0: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000ff7)='/dev/ppp\x00', 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000001000)=[{&(0x7f0000007ffe)='0\x00', 0x2}], 0x1, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000001000)=""/246) ioctl$EVIOCGREP(r0, 0x4010744d, &(0x7f0000000000)=""/174) openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ppp\x00', 0x10000, 0x0) [ 398.287861] IPVS: set_ctl: invalid protocol: 95 224.0.0.1:20004 lc 2018/04/06 11:41:20 executing program 4: r0 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000200)={r1}, &(0x7f00000000c0)=0x8) close(r0) setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040), 0x4) perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$rdma_cm(0xffffffffffffffff, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080), 0x2}}, 0xfffffe84) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000002c0)={0x0, {{0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, [], 0x19}, 0x6c}}, {{0xa, 0x4e20, 0x0, @remote={0xfe, 0x80, [], 0xbb}}}}, 0x108) 2018/04/06 11:41:20 executing program 5: capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) prctl$intptr(0xe, 0x8) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000000)=0x0) ptrace$setsig(0x4203, r0, 0x4, &(0x7f0000000040)={0x2a, 0x1f, 0xfff}) msgget(0x2, 0x58) r1 = socket$packet(0x11, 0x3, 0x300) close(r1) 2018/04/06 11:41:20 executing program 0: modify_ldt$write(0x1, &(0x7f00007a7ff0)={0xd1f}, 0x10) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0x301040, 0x0) perf_event_open(&(0x7f000025c000)={0x0, 0x70, 0x3e2, 0x0, 0x0, 0x10000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x1, 0x0, 0x0, 0x0, 0x543}, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff) r0 = syz_open_dev$sndpcmp(&(0x7f0000000040)='/dev/snd/pcmC#D#p\x00', 0x8, 0x10200) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r0, 0x4058534c, &(0x7f0000000080)={0x7fffffff, 0x0, 0x6, 0x6, 0x4, 0x7}) openat$ppp(0xffffffffffffff9c, &(0x7f0000000340)='/dev/ppp\x00', 0x80, 0x0) ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f00000001c0)) getsockopt$IPT_SO_GET_INFO(r0, 0x0, 0x40, &(0x7f0000000240)={'mangle\x00'}, &(0x7f00000002c0)=0x54) modify_ldt$write2(0x11, &(0x7f0000000000), 0x10) write$evdev(r0, &(0x7f0000000100)=[{{0x77359400}, 0x10001, 0xffffffffffffff21, 0x8b}, {{}, 0x1, 0x4f39}, {{}, 0x1000, 0x719f0, 0xfff}, {{0x0, 0x2710}, 0x5, 0x10000000000000, 0x9}, {{}, 0xffffffffffff856b, 0xc750, 0x9}, {{0x77359400}, 0xffff, 0x5, 0x8}], 0x90) ioctl$sock_inet6_tcp_SIOCATMARK(r0, 0x8905, &(0x7f0000000200)) 2018/04/06 11:41:20 executing program 6: socket$inet_udp(0x2, 0x2, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000095bffc)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) sendto$inet(r1, &(0x7f0000762fff), 0xfdc7, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001, [0x677f]}, 0x10) 2018/04/06 11:41:20 executing program 2: open(&(0x7f0000000000)='./bus\x00', 0x100000141842, 0x0) syz_mount_image$ntfs(&(0x7f0000000440)='ntfs\x00', &(0x7f0000000480)='./bus\x00', 0x0, 0x0, &(0x7f00000006c0), 0x1000, &(0x7f0000000740)=ANY=[]) r0 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) syz_mount_image$hfs(&(0x7f0000001780)='hfs\x00', &(0x7f0000000100)='./bus\x00', 0x0, 0xccf, &(0x7f0000001a40)=[{&(0x7f0000001c00)="c3109cfc6f65b837063b7bbc3d4a7d202d2b9984a215c7b7bd25480c1babe9aadb78e3c53ec529cb288497a5ff7386ab50bc1a8c89", 0x0, 0x401}, {&(0x7f0000001800)="2ddea5d98171285eddea030c82c3ebbbe9ef0086979c4d89f51697a723698cc79f113fca18d8ec8bb4942cb405ffaeeeafc6b09a0aa44324f534c9b7f57352f0c6be30573567dee6adbbdffa5bc32a5b00201e68181092887cf576f0703f060812cd5047561a4c92d2fe195c21c60625c482c212ec431a19596ad1012108999bc75ae3480f0e76a36376ac63a8", 0x0, 0x5}, {&(0x7f00000018c0)="c5530d8833354b18ef6baebf606c24f24d221ae3c07931be7198141ec53fd728927e5f00e021449a33baca2a22cf99667bb62ad1c43215e3f08aaced4246a353f263c0b7595b47c7a50af4436c372f265f8434d31934351c965767c877bce2ca431539e8a01395cb17c6c5e7c94ccf3bafb07d8b5e8c8a7c931e0d769db9d35a00cb5aa0044e6a6a561fd1afe1", 0x0, 0x5}, {&(0x7f0000001ac0)="a6c3452050343eb065584cf53ea65ae330a5f6fabf78091e23a81fecb3775e4b4b863ad23c978b4d06569e6a36869f4d6ab49a561ec1407526f64751bf75483fb2755e3dd399f154e42b71bf2ba4b06f84d08c82013cccce8d83cc8522875560acd751f4f33688881c070e6ef463499ee9e91f792ae72561196b6ba9dc495e6762dbb6f5c913a4aeab57f7ff1fec996193598848aca0c65638fffb8af2141e66a90fe4ae167772c4c599843c560c877e454fdb686a3b7df3bc64de67f0ab300a68bb0beb5a6e2c52ef9e161399bf3a9939b04d804247cd6b3c9682eaf9ba0fdf8721b778b0f8e7905b17a1210b17ce35b1fb4f78497d438165b2019a31462ffaad8347218795323dd876bfaa1f6f7eec0187f0b9e41c54ba73230f635b3f4c2fd658e725afc3135bbb160347c72457a5da34344443b7f7c8ab479f9e63", 0x0, 0x7}], 0x10000, &(0x7f0000000780)=ANY=[]) ioctl$LOOP_SET_CAPACITY(r0, 0x4c07) write$cgroup_pid(r0, &(0x7f0000000040)={[0x0]}, 0x1) add_key(&(0x7f00000000c0)='asymmetric\x00', &(0x7f0000000140)={0x73, 0x79, 0x7a, 0x0}, &(0x7f0000000180)="9e659466cbfbd5240d0324e75025024532163aa8770fe16f3a330ab59d341cd33efdf6be1071e0b18c129e0c9d16583537249b43ca89e0f22a9f2399e2c55eea1f4f6fa74bfedc0436a59cadd999ab6cc4a762f1aae4bbe5d64bed429655e3f9768d8a1c7b7987b156c14c970375762cc4e2eb17a0410521887bf27312ab3d65f483d880191303124d0b6f81a44b05c5", 0x90, 0xfffffffffffffffc) ioctl$KVM_SIGNAL_MSI(r0, 0x4020aea5, &(0x7f00000003c0)={0x0, 0x3000, 0x10001, 0x0, 0x2}) add_key$user(&(0x7f0000000300)='user\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a, 0x2}, &(0x7f00000004c0)="89e091874dc1c14eb3c0c7ad2256c243164ce397fa79b52d14204b90ae1887c9aa09b475c126d28053b14102ce36f17f78af94b232d31028cf2641748867b627bf0c54e649b6db3ff0122ead12f6531581128800682d95b363c829fbebba8815bf24ab345b6dc9d225690ff7dabb33c90b0a20f876e581899c5def3f5de86f83909a93aabfe52843b1cf16966d721989a951cc04a4ff601aec658e86602db6195495c9cfda64e14725bfc70e0dbc97c7d0f608100791d35a9820c2c56e063cc274ff781b3041d19e50a80ff57c64bbdf4c98adba9c8134194f9f4e53ff0616f6d1f3eed32e719e5c59818f0cdef7e5b1621170be3f86daae4afd9eaec0be6ce5b53a9de108bde2cfaf93e9817b7513d8e50bdf9712c2bf62b25605e12162f19dc2bee25d2d510f817d1f69697153dd85abc12da05ab8fbb48b1bccdbc9a4f6fd61243ba08f0463ae8d648c0c705d8bc32be3f3a40c4cfb0d562bbaa5bdf4668e488cc726358401d4b059873a6dcc6c15275e30494ab4a200f7c1acda80bbad5e682ea303bed5cfa1d90c043a3d39eca5282c486c446b51edeb13c0c07b2958f0d59693625988f8d7a777810900e7df0ddaa02dcd455191a62a11d6674f12dd2043c26a1abc44f7c7dd70a1dbd9711889cee4811d673607901a3bc79ad7f679c16fc8c1eb65c9570c6c7a74949e99764db700a49de40109e61b6146c0dfec2a5ee1516cd0cabe6889a8ea491522d7b5df783141ac3ea0af7b65796f76dae40529b6d2452d443faca1ba128bcc431302c358a2b34b9ed7870963d31ed34eafab8100838e83314196b3d3c1ec7303a1693dcb262278eb97369eef7c6e2d92a44f15a4bc6b4066cd9aafce1ed8ddfc7f377cda2b24c2a0eab215f4fcea3553f595161edbd4f16f1c34f5b238c47a11723a250dfde1d5d6cefe9fc71b808ca2f461acb17d13912320ab42ff1ac1d3b7ce3ed9025e96fc90ef3b5b9fd1726dc488fc9f3186d4893a0f24b70f3908b12283dce82a64bbe0003dce9425ccb0fec348f5a924628e4102907ab86030d2340cf17f23133bcd66eac6e44472fa01d4c255b2cae381d07f02c6482ea5e26f537c77b4fb55ea6274629d1801a96aafb71c5e9a29dff04d72ed0f3eff23746fecda96c351c2638ce1af7859fc4108658ad35a09d4b64675e2bd3c33e18bf2dffccb33610d927141ce0a0bf0e0b1716fad326f871e7868082a35ce67e631d9feeaa3a67d342084547d03252f4c05d4fffa3fee1dfa3bbd895113b06c30355e655b89307a41d84c7c2ea96ad1bf117f138d1f07709c4a499e71da397d8c035427f1ea2eb78c8fa5221fdd1e2e016dbabf7ec71d5d8666ca84cc8191c3ebb5270ce039319d24fe62cf1f3ddd0f1b78bb13896cd0e14517cd6779b6cfdea8a02a07ee38b0ee1ed56ccfd3ac537d66cc20f14d5d64e254b9a69e27eee39d8bbbf30401bba1638d6a104e16d0936c733f7c49bf665997f8bebf051eb85a65f6724a45882935e8690e600eb4a9f4a0593beb0f47e25457321a834ef2ab0785c576b59d042349a8c1d45be45ae3c6224e42d2b3bfe9f692435fff410b8c729498cbfa869285e74fff50b91546cbe549cd60a14fd9cea8cf330665b298bdafc6e95f91a0430d41b2759cee0927299bbacf035331b30b35b27ac466cfae70401ea481fdf2162f89443bc26dc1890910d86d097282ba9539435c49fae688ec78cdfc1f4697bcfeff9938b28a8c25b633a7b7e7a05c5fd5cf48bc00d2543e3c71d3c2533c3624fca7f6ef43f8a33d48b46ea6c321b6a9e2995ca09ce9fef2f357967d808df4a81c9c3ee4b250a32f16293e3c5d2e61c88ab84094133f998925f44a7bac482d6c424342c25c79a0055c87ee8bc2234909d11ede0ccb9da2104524ad008a0e201c3861776b6ee8ea39b88f4cf7c077895f59d6148b42a4dbe6202cf5c830b1252f379ef1e72dc173a4a9a4743e027ab1a3f020112ff09e2c03550ae56d42cf8d296f92fa92969347621016ab07f2c51c739d171669bc11d1c7635d7d46c2e350fde76d4344eb0534dab96021cf15f1ab2586b6a7bca4ca98f75870f70a46075d2560136e64e09d77e9ae1cc4d3d01f41d6ab1bf9d5f53bdca0d52364dc154dfce58f4f1120087d00fea80d31e44166ca562c6c434138e16a7d77c54072faeb13a1d79a25eb45be08db1121590437400cbcc67922a5af371c24c1da14f463690e9bfa27dc3ef7e25fd766350fc337c0d29a3c24885a8fc3f356d43a308fb5c91181b9c03db4799a704f64c28a79217b5b7e801ab630110d10d81c551b07eac4784500bc637f9c90bbac7a8d9f34447a708c89cf96afa732e02cfe0f9ae7894703dad8d9891f8ffe53d5f7f563205851166f7ec7c51516e585f36995db21bd8fc940bd46d8ebc5a06cb58d86acbf1876a339f379b0a2442d11c04d4ef8ecca9c83300cd6b5f876ba1063dca23e57ab95e12bcd304674ca923535987506246571624e185d9196c3ff62053c8ff368304701071b41cad586d82b713ec7b1b3e2347df9df71a805aefa6b738e503249e57da5a9db1bf66ee62c47f554de1e794acffd0bbc60b1d42f3b5cd3586892fc95c0c8e46a42e3dd104b209b4839f763ff6ee5cf413313cc5233013b0b43e1f3b16c73f41a1560d99d778d64a6fa400b071624771abfff6980b43c26015b9278364b8d02fd415176be3619e0a0c5094c7d72e6b3cfcb91f22947373cb4ed9a5d0ad250d5f9b7e554bd320e98f9a5f6ed2e796d4fd1f53234fd001e3e82b58c9b9846ee2316d1d11a90a0868de1824edd713ea5dad7e561dd64b7d1bb65c18dfb677b3f74501e05a597a2bd656dc10f802639bf50bec7c2dc0812f4464b447cf9e981e500662fc74da895c6c662b9d5b64b8045e8745e86b5dbbbb2e4d26097c6a58d5904b0872e4dcf47f1c3e4855a785142a206bc4980d70c5e15f51219b2ef988ba6a827b535a70f0bdc31f6bc45a74a91a658337c62ec5a114ac9a87a1e39cacac4123c84754cadbcb079004bb6dbdfc40d4b8e4001a698a6539e8600ff784b14d2eaf13c65aea19dd9fd011650f5e245e6872ada7f49581e0d8015b088410d500c23d7582520b61c9e0c77e47c50271b540a95366b5fef2d81735b841f17698af7ee69882644410dd83a939ebd7760118befe079506eab4b4c001a81b79257e2ca2eaa6e95081045e4d0cbffa816426b56184dda3e95a3ea78b55bd0e268d23da93d1884dcd8c18e055edc27663a88b3c1a2463e1a8ced144a544c0e78ed2cefba38622501cbe2ed7b0033ca4c616328be66da667fa407e0aace6522dc060e326e6f3702be4a6a4293ae6a183d1760fbdabe05b84cf8a6721118c1e92475ef4b99c19afd51e9c5858389905a2e006d47c4a483e48a244618303fc933959c59856de86685afe7d2df9ca77da4794a47481f8e4ba21194eafd7031669313e5b6ab2951ca0eb7909579b956ba0d1388aff31f4e56eb247854b858a95058d82ebc9a106f20f51009d67d92286d9c8f272d8d0211ae69f2a7f97e34da962517f4c3ee14893031f00fa4c42bedc623cd35053d959afa3b60be50488298bd665db3e993404fd0332ffbc7b283715a51be11e13f8c7b334ab8dad8e0cc881469c3fe8077d6d8741858aa2c73a12bd79aebea2bd1ca921ec4036582b4a9e0c2c0c6b3dca39d0f84e00b1747c446189075a30340cd832d37f9dfc65c5f88dff3e712269946fc40edcc05f48d6d3974d2969f70f634340e1f21b32da5786a55e92721d38dc64c742bb1315a6b37dc14c424abe6dffb8b2932e65dbb45e8d4aec02f9312d6eef14644804a21a0c72f66edab3b5d765c035dcd2dfb11a2df4262d1d846dd5274055bd2cc38d135043159f50734b7f2c9e69eaf219ca8af2a1b18286d14db3bff78f34e13189344d27b35f0e61bf939aa753e64b07b492db245419e4e64db8511606df2205c17dbef55fa7c39b684ce3e9ed6863b931f294825def67969279bd92ef603598efae8b11a5f26d1e024100c66b652c58703f57974bcac8f2d43ccf6007400b3cd13ab678474e06ad7081f32bbebe9c275af01bf79a2e973de7540e90b9bb114d2a05462bd640659219ad95be8437f0859f208d7c285834a84cc60b16d963320ec961b20789d20358984fc4b2d27daab56383a16064237a12aba194d6bc22cf031c7fdd9963fc7fd47f40eb0acf6ff9079f193b2dff05012212aa80f1d9e5a1f17c0972568d3bdffd8b3251619883f5df07eea6643fa8c8aa38d3c60b24d245e096e874cd198bca2b75c245b8ec3965fa80391b403e1c804cbd2a463fc404c1c4110c2e709ff4eb1d714cea45fb7591799b0cf3498a5535467731fdeadbecb9745699cbb71937a85a096b59eeadc60f50087781d8bb0853ec5a412249697e842d42cc821673adf7ac432806290fab061721e5c2dff41db3e1ec19c5f828b1f18be3d628431d3f3a784bfb4cd643ee56aefaa8121ead1cdca58a212b0335d5bd8b28666aa0399206e35af9e2a448c5b36866f4ac4013a5ee6e965279a5bb107e6c29dfd812e96b7daa46a879c7ba3bc0bb78e2686b88a26d924e03a0bf19ac30484075ecd26b187f083185fdd1d3dbf0d4dbc38017b51fbded3667a718b443a71b75bb6c67a081e38708289c78ae433811a4f575cfa91c850b58d4a15a2d243e08148cac01bf18d0361422ea8c0c96d472de3ef0549dad8948f2a89d4ff328391e9cfb5018d8dac880b5a3c067d5ce0683ff494b7d399008e60dc962d9139f07889445af4527b97a037ff4e8762fa47638b02de0e62058944564944e1d0831b0c794e0db1277b7b92c3ed003b3509c7b237e7868763284d5ccf2098e3c368977465d75b9c8011a3aeee68ae79668522e2dba8ffdb66b0284eb202a59e9e453f284a32d6cf39e2a536ef0998e38544747d95c45d76231809964fe45492382db78eab0cf0e4eabfe34874fe3b234e70a21cf78ddf2153a9fc0bbce3c9cd73515eaca368ddb19f9b878462d0b2a79965f090aaf271bc08b2a949f38ad0f48ab6d565491828ee9bc28f0f44c43ef70ca163bcd115faaab16b03af2e0a514c461be98408c50958d806dab048b540a25d3f90730fd335f9fb1a17501548bbef53a2bbe9d7c7406550903cb8eb843824f12899987b1af95dd61b7f6273dc634ac8af1788734ee9e70eb0b6605924eda399299ab4bd4982a5577ad0e305e2ccadf901a00c1cd4a3f71bddadeef384be83bf235e98fcdef4e74d064f6952008c45104fc8f60ea4ca6616462bec81326436994ea6b246a75fd5111420c3f88c681b6ea45d32baf7488f4a16c08e5504b2b9d11d98a7392d2ddbb5b8893bea87ae6e80a94855a35e37e2ba731832bb5a0d0e59cf87e41bee2cdeecfd8271ea8a6a0d59a04bb22da773a053c08c4db47a274b9746c18df3709ee178c19cb4ef7ecf2f91cfa6e7c330e2215c395c86c78ee76f890628364141c685a9d3e5ad17c326cce797b147cfc69ab0011a5388d29f1045d48724d6392e233bf718e0f245359adaf735081ae046db144e631fe1a4a185231435f7446c635333c2e645468be2f9edd61cba8483724a10330402dc3e41e9490ad96adf01b08c77911c6c0ecb89b250bdaf9ce7dd56d24762e4a78768a188ef4057b353f9edb32c6ca08b8136c51434b9b45b2001535987518ca6e3b0f8c79e243657941a407fabb798738faeeee775216992fd7f95c9aeec596677a3980015f4a28c24fea2399e92e3c2ca3460f9ac5399f7d216f2", 0x1000, 0xfffffffffffffffe) write$cgroup_pid(r0, &(0x7f0000000180), 0x1d2) 2018/04/06 11:41:20 executing program 1: r0 = socket(0x0, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) r1 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x52, r1, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000000200)={0x0, 0x4c, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30445cc3106098c1375dee48494f9360a6dceec8517e"}, &(0x7f00000000c0)=0x54) close(r1) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(r0, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$alg(0x26, 0x5, 0x0) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000640)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000140), &(0x7f0000000180)) close(r3) sendmmsg(0xffffffffffffffff, &(0x7f0000002280)=[{{&(0x7f00000006c0)=@pppoe={0x18, 0x0, {0x3, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, 'ip6tnl0\x00'}}, 0x80, &(0x7f0000000ec0)=[{&(0x7f0000000740)="964616d1dafb11d6d905ea33bd4eaea0dd04eb847bc0a1210ca9456143e31b8ce14caf4a0646bc639707d10aba3e652495977a7a6d3fc41ef6364c47c2266aa410a490f920f407161207ec5352e1ce6c3822d3a2ae063583609298790a58b73fccaac3665dd78ab4a15d4c12a996799f41dc79b9f3d57a627a7517cb0b51c0cecf43519f19db25073246fa0d8e29d209ee94372325d56aa5ae8d45", 0x9b}], 0x1, &(0x7f0000000f40)=[{0x30, 0x103, 0x918, "b9b0597d21d227c112b74fbadc29c742bca992f94f18f93f4a69"}], 0x30, 0x4045}, 0x610}], 0x1, 0x4001) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x13860b96, 0xa0000) fcntl$getownex(r2, 0x10, &(0x7f0000000680)) [ 398.441150] IPVS: set_ctl: invalid protocol: 95 224.0.0.1:20004 lc [ 399.124720] FAULT_FLAG_ALLOW_RETRY missing 30 [ 399.129341] CPU: 0 PID: 25033 Comm: syz-executor3 Not tainted 4.16.0+ #3 [ 399.136178] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 399.145518] Call Trace: [ 399.148104] dump_stack+0x1b9/0x294 [ 399.151714] ? dump_stack_print_info.cold.2+0x52/0x52 [ 399.156889] ? kasan_check_write+0x14/0x20 [ 399.161107] ? do_raw_spin_lock+0xc1/0x200 [ 399.165327] handle_userfault.cold.32+0x44/0x57 [ 399.169975] ? handle_userfault+0x16c6/0x2760 [ 399.174459] ? userfaultfd_ioctl+0x4d10/0x4d10 [ 399.179035] ? debug_check_no_locks_freed+0x310/0x310 [ 399.184206] ? find_held_lock+0x36/0x1c0 [ 399.188250] ? print_usage_bug+0xc0/0xc0 [ 399.192306] ? print_usage_bug+0xc0/0xc0 [ 399.196353] ? check_same_owner+0x320/0x320 [ 399.200658] ? do_raw_spin_unlock+0x9e/0x2e0 [ 399.205051] ? __lock_acquire+0x7f5/0x5130 [ 399.209270] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 399.214787] ? graph_lock+0x170/0x170 [ 399.218572] ? debug_check_no_locks_freed+0x310/0x310 [ 399.223747] ? find_held_lock+0x36/0x1c0 [ 399.227792] ? lock_downgrade+0x8e0/0x8e0 [ 399.231930] ? kasan_check_read+0x11/0x20 [ 399.236062] ? do_raw_spin_unlock+0x9e/0x2e0 [ 399.240460] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 399.245033] ? kasan_check_write+0x14/0x20 [ 399.249249] ? do_raw_spin_lock+0xc1/0x200 [ 399.253469] __handle_mm_fault+0x34be/0x4150 [ 399.257859] ? vm_insert_mixed_mkwrite+0x40/0x40 [ 399.262595] ? graph_lock+0x170/0x170 [ 399.266376] ? find_held_lock+0x36/0x1c0 [ 399.270422] ? lock_downgrade+0x8e0/0x8e0 [ 399.274560] ? handle_mm_fault+0x8c0/0xc70 [ 399.278777] handle_mm_fault+0x53a/0xc70 [ 399.282817] ? __handle_mm_fault+0x4150/0x4150 [ 399.287380] ? find_vma+0x34/0x190 [ 399.290902] __do_page_fault+0x60b/0xe40 [ 399.294947] ? mm_fault_error+0x380/0x380 [ 399.299075] ? graph_lock+0x170/0x170 [ 399.302857] do_page_fault+0xee/0x8a7 [ 399.306640] ? vmalloc_sync_all+0x30/0x30 [ 399.310768] ? find_held_lock+0x36/0x1c0 [ 399.314818] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 399.319643] page_fault+0x25/0x50 [ 399.323077] RIP: 0010:copy_user_generic_unrolled+0x86/0xc0 [ 399.328674] RSP: 0018:ffff8801b4127ce8 EFLAGS: 00010206 [ 399.334019] RAX: ffffed0036824fae RBX: 0000000000000018 RCX: 0000000000000003 [ 399.341275] RDX: 0000000000000000 RSI: 0000000020013000 RDI: ffff8801b4127d58 [ 399.348522] RBP: ffff8801b4127d20 R08: ffffed0036824fae R09: ffffed0036824fab [ 399.355769] R10: ffffed0036824fad R11: ffff8801b4127d6f R12: 0000000020013018 [ 399.363026] R13: 0000000020013000 R14: ffff8801b4127d58 R15: 00007ffffffff000 [ 399.370299] ? _copy_from_user+0x10d/0x150 [ 399.374518] SyS_sigaltstack+0xae/0x320 [ 399.378474] ? do_sigaction+0xa50/0xa50 [ 399.382435] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 399.387950] ? fput+0x130/0x1a0 [ 399.391224] ? ksys_ioctl+0x81/0xd0 [ 399.394837] ? do_syscall_64+0xb7/0x9d0 [ 399.398790] ? do_sigaction+0xa50/0xa50 [ 399.402753] do_syscall_64+0x29e/0x9d0 [ 399.406620] ? vmalloc_sync_all+0x30/0x30 [ 399.410746] ? _raw_spin_unlock_irq+0x27/0x70 [ 399.415220] ? finish_task_switch+0x1ca/0x820 [ 399.419694] ? syscall_return_slowpath+0x5c0/0x5c0 [ 399.424604] ? syscall_return_slowpath+0x30f/0x5c0 [ 399.429513] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 399.434858] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 399.439694] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 399.444862] RIP: 0033:0x4552d9 [ 399.448039] RSP: 002b:00007ff15ecfec68 EFLAGS: 00000246 ORIG_RAX: 0000000000000083 [ 399.455726] RAX: ffffffffffffffda RBX: 00007ff15ecff6d4 RCX: 00000000004552d9 [ 399.462977] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000020013000 [ 399.470222] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 399.477470] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 399.484718] R13: 0000000000000608 R14: 00000000006fc160 R15: 0000000000000000 [ 399.626665] FAULT_FLAG_ALLOW_RETRY missing 30 [ 399.631269] CPU: 0 PID: 25087 Comm: syz-executor3 Not tainted 4.16.0+ #3 [ 399.638093] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 399.647424] Call Trace: [ 399.650010] dump_stack+0x1b9/0x294 [ 399.653630] ? dump_stack_print_info.cold.2+0x52/0x52 [ 399.658800] ? kasan_check_write+0x14/0x20 [ 399.663015] ? do_raw_spin_lock+0xc1/0x200 [ 399.667234] handle_userfault.cold.32+0x44/0x57 [ 399.671883] ? handle_userfault+0x16c6/0x2760 [ 399.676362] ? userfaultfd_ioctl+0x4d10/0x4d10 [ 399.680927] ? debug_check_no_locks_freed+0x310/0x310 [ 399.686097] ? find_held_lock+0x36/0x1c0 [ 399.690140] ? print_usage_bug+0xc0/0xc0 [ 399.694183] ? print_usage_bug+0xc0/0xc0 [ 399.698229] ? kasan_check_read+0x11/0x20 [ 399.702358] ? check_same_owner+0x320/0x320 [ 399.706657] ? do_raw_spin_unlock+0x9e/0x2e0 [ 399.711053] ? __lock_acquire+0x7f5/0x5130 [ 399.715270] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 399.720785] ? graph_lock+0x170/0x170 [ 399.724569] ? debug_check_no_locks_freed+0x310/0x310 [ 399.729743] ? find_held_lock+0x36/0x1c0 [ 399.733796] ? lock_downgrade+0x8e0/0x8e0 [ 399.737929] ? kasan_check_read+0x11/0x20 [ 399.742058] ? do_raw_spin_unlock+0x9e/0x2e0 [ 399.746446] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 399.751015] ? kasan_check_write+0x14/0x20 [ 399.755235] ? do_raw_spin_lock+0xc1/0x200 [ 399.759453] __handle_mm_fault+0x34be/0x4150 [ 399.763843] ? vm_insert_mixed_mkwrite+0x40/0x40 [ 399.768577] ? graph_lock+0x170/0x170 [ 399.772368] ? graph_lock+0x170/0x170 [ 399.776163] ? find_held_lock+0x36/0x1c0 [ 399.780207] ? lock_downgrade+0x8e0/0x8e0 [ 399.784347] ? handle_mm_fault+0x8c0/0xc70 [ 399.788563] handle_mm_fault+0x53a/0xc70 [ 399.792602] ? __handle_mm_fault+0x4150/0x4150 [ 399.797168] ? find_vma+0x34/0x190 [ 399.800693] __do_page_fault+0x60b/0xe40 [ 399.804736] ? mm_fault_error+0x380/0x380 [ 399.808867] ? graph_lock+0x170/0x170 [ 399.812648] do_page_fault+0xee/0x8a7 [ 399.816429] ? vmalloc_sync_all+0x30/0x30 [ 399.820558] ? __fget+0x40c/0x650 [ 399.823991] ? find_held_lock+0x36/0x1c0 [ 399.828045] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 399.832873] page_fault+0x25/0x50 [ 399.836305] RIP: 0010:copy_user_generic_unrolled+0x86/0xc0 [ 399.841902] RSP: 0018:ffff8801d9b7fce8 EFLAGS: 00010206 [ 399.847243] RAX: ffffed003b36ffae RBX: 0000000000000018 RCX: 0000000000000003 [ 399.854500] RDX: 0000000000000000 RSI: 0000000020013000 RDI: ffff8801d9b7fd58 [ 399.861748] RBP: ffff8801d9b7fd20 R08: ffffed003b36ffae R09: ffffed003b36ffab [ 399.869004] R10: ffffed003b36ffad R11: ffff8801d9b7fd6f R12: 0000000020013018 [ 399.876261] R13: 0000000020013000 R14: ffff8801d9b7fd58 R15: 00007ffffffff000 [ 399.883524] ? _copy_from_user+0x10d/0x150 [ 399.887741] SyS_sigaltstack+0xae/0x320 [ 399.891695] ? do_sigaction+0xa50/0xa50 [ 399.895650] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 399.901165] ? fput+0x130/0x1a0 [ 399.904423] ? ksys_ioctl+0x81/0xd0 [ 399.908035] ? do_syscall_64+0xb7/0x9d0 [ 399.911989] ? do_sigaction+0xa50/0xa50 [ 399.915945] do_syscall_64+0x29e/0x9d0 [ 399.919815] ? _raw_spin_unlock_irq+0x27/0x70 [ 399.924289] ? finish_task_switch+0x1ca/0x820 [ 399.928763] ? syscall_return_slowpath+0x5c0/0x5c0 [ 399.933673] ? syscall_return_slowpath+0x30f/0x5c0 [ 399.938585] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 399.943929] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 399.948752] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 399.953920] RIP: 0033:0x4552d9 [ 399.957086] RSP: 002b:00007ff15ecbcc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000083 [ 399.964772] RAX: ffffffffffffffda RBX: 00007ff15ecbd6d4 RCX: 00000000004552d9 2018/04/06 11:41:22 executing program 5: capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) r0 = open(&(0x7f0000000000)='./file0\x00', 0x4041, 0x50) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffff9c, 0x84, 0x7c, &(0x7f0000000040)={0x0, 0x46d7}, &(0x7f0000000080)=0x8) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f00000000c0)={r1, 0x9, 0x6}, &(0x7f0000000140)=0x8) msgget(0x2, 0x58) 2018/04/06 11:41:22 executing program 4 (fault-call:5 fault-nth:0): r0 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000200)={r1}, &(0x7f00000000c0)=0x8) close(r0) setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040), 0x4) perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$rdma_cm(0xffffffffffffffff, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080), 0x2}}, 0xfffffe84) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000002c0)={0x0, {{0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, [], 0x19}, 0x6c}}, {{0xa, 0x4e20, 0x0, @remote={0xfe, 0x80, [], 0xbb}}}}, 0x108) 2018/04/06 11:41:22 executing program 0: mmap(&(0x7f0000000000/0xf9a000)=nil, 0xf9a000, 0x3, 0x34, 0xffffffffffffffff, 0x0) r0 = socket$rds(0x15, 0x5, 0x0) setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f0000002b80), 0x4) 2018/04/06 11:41:22 executing program 7: r0 = socket$inet_dccp(0x2, 0x6, 0x0) getsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000000c0), 0x10) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_MRT6_DEL_MFC_PROXY(r1, 0x29, 0xd3, &(0x7f0000000100)={{0xa, 0x4e21, 0x2, @remote={0xfe, 0x80, [], 0xbb}, 0x6}, {0xa, 0x4e22, 0x101, @loopback={0x0, 0x1}, 0x80000000}, 0x3, [0xbf8a, 0x8000, 0x0, 0x2a, 0x7, 0x9, 0x0, 0x101]}, 0x5c) r2 = syz_open_dev$sndmidi(&(0x7f0000000180)='/dev/snd/midiC#D#\x00', 0x20, 0x101000) ioctl$sock_inet6_tcp_SIOCINQ(r2, 0x541b, &(0x7f00000001c0)) ioctl$sock_SIOCGIFBR(r2, 0x8940, &(0x7f00000002c0)=@get={0x1, &(0x7f0000000200)=""/186, 0x3}) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f0000000300)={@ipv4={[], [0xff, 0xff], @broadcast=0xffffffff}, 0x9eb4, 0x0, 0xff, 0x0, 0x5, 0x3, 0xea6ae7}, 0x20) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r2, 0x84, 0x6, &(0x7f0000001f80)={0x0, @in={{0x2, 0x4e22, @loopback=0x7f000001}}}, &(0x7f0000001ec0)=0x84) getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(r2, 0x84, 0x1b, &(0x7f00000020c0)={r3, 0xab, "be9126ba2c1ce5bac1323f024ddb6dea3d0c7310dfd60362925b9c079851dc022e86d14f58b84a73fa45a728251fb4123e94360a26a3d4c8cb9e7b872367e9e8819d3a74d9c1506685ea8a32a2a26fba2c2f364d2658b21dcb4ab92f7515fe19609729276376e50824f836e14510fbf2f830a085a22bee86d63e096913407c0f5d3407f3610eee1fa399da0600a883872703aa313d3a137d7eff9c7d62ddeab37e1d453e220274c8bb1931"}, &(0x7f0000000080)=0xb3) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r2, 0x84, 0x72, &(0x7f0000000400)={r4, 0x4, 0x30}, &(0x7f0000000440)=0xc) setsockopt$SO_VM_SOCKETS_BUFFER_MAX_SIZE(r2, 0x28, 0x2, &(0x7f0000000480)=0xffffffffffffd5fd, 0x8) setsockopt$inet_sctp_SCTP_CONTEXT(r2, 0x84, 0x11, &(0x7f00000004c0)={r5, 0x3}, 0x8) ioctl$sock_inet_tcp_SIOCOUTQ(r2, 0x5411, &(0x7f0000000500)) connect(r1, &(0x7f0000000540)=@generic={0xb, "d9bbca744f797a7a252955ecd91700db1d300c5327527e55f079985bf35cebf3ae6658ca6757d2aa8ca33d12ef981ecf7747661309de48b0e85e83de4607d72be09916fa02639804de1ee1d9fe50c4145b2e0d47fa3afafaf4bef8aa5406e40e38417ea3e56c6b0e8cf89db3edc188369c180b3bab1c7d146ea70719848e"}, 0x80) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f00000005c0)={"bebd1f16ab8eb2d6858a96138f28b9b9490272260a62abe64e9b0a50f9a8c33c3fd0528b000a1b5ac8a48c733bb908ce0ae5dad2ec3a6105170bd605ae2d5c87e4af45eb2b514d804d209a2130f1dff93ff44ecbd7900c850ec006072c79163e73c04e3e85c259c6c09777180439c27743c06bef29870411616f40e226a8ff2f1ee41c4d9410143ef31d7cdf774ec69085d99a50c3c790b7301a1f696b8f921b57f2684b88b5719684441f05276fc84f722a66918213104ccb979a7617400001bdfe4dd37fb3bdcc90f9647906056f6dd095942a8ab3fa2bccc178abb649113bedf5f2c0a676184a67a2a23a57b07a5d343f8df779f565ccbd0f5de25bf698151f78a3c2c9323b83fb808f5cbf1c2570e615c6cbc63f5f6389f9d429174bb9928632ef84e6ae0661437529728dc8c3c84a08c98b0872997f4dd6bffac57acc1d089943bef3a60f0881cc86eabb4a761b180a696a5c78502a5581bc26faa4eb0b1525aec1dcd36610e8a11ca30fc5caf340a2471f8ddd7aa439bbdd1e402a56778a8155a1fa4f2ad9d92d0dbc6a490fe8189f8273c26dd265bfe72c019015cd4c0dc5fd77747af9359add1b3a22ddbe3154343c9df2a333463fc86318d80253629a38603e7bc547941b4e14917ad346122bb613378c616597885a6eb4f28180949626816d428b8e175bd9159ffe359e02b48651e51c9269c7b1c06d09912a5b060071517c8f98c5dd13242267c0a4a78074a256e9c9a15d1c1d117b92bf5820038ec8efc41c8a53ba919741cf631246ae507fdd448bcbbd3ea2c2180edff9d750c1e8bbb64c91a8359759126b17428e3bc510b3c84d62a4aa2249a7259747a135d8382015f80e4ed5b4eb954b4fb35d340d884cb92488bab4acf2f2164cd3010ac3932e482aa9384348c62e19d748f8615d645341dc5b5541e4b033bbe9c7d0f3975d8aaec50fee1f8559095cf3700f0d405b91d408800007f6a0e547b4391c32f2a272c15f4c6af3ddb6e067519a7a9723052889c57fd7a9045b313a39790365f74804a748a19f58b4043ae502b812066e30774535d242be327b42802f9050f6f41dd2da9a8d28ee0bd0c695785979cd316703d390a0e49075ad9b3aa7c1a6647fc176d69d866eee15818a81982fc5f19822f2797716b5207c0a43f718754d34a4433f83bba41625e144fc70bf59570b8f4edf35acb25d6644f53b6e62af57adb369d37dfb88e69f2ab2a66742bcb7884b9f03e7545771d8cf8914ac970845e467fd0d32672ae9fe2ad56580de109c4b138d1e37bac328851a08c1f393a46501faa02347e7ec64d60e6b9aee065fe2e9fe01c7e726153a43a1417f0301de7b2533ef1c6ea86e91e8a81344f50c7f2c5cd539c2009fdaf0a4afbbd52192a812041878a722d9f058b1d711179b8448621b0479bcc6151a065f40e006cbfbcf051f"}) ioctl$sock_netrom_SIOCADDRT(r1, 0x890b, &(0x7f00000009c0)) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000000a00)={{{@in=@rand_addr, @in6=@remote}}, {{@in6=@loopback}, 0x0, @in6=@mcast1}}, &(0x7f0000000b00)=0xe8) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000b40)={0x5f, @multicast1=0xe0000001, 0x4e24, 0x4, 'lc\x00', 0x23, 0x90e0, 0x4}, 0x2c) setsockopt$inet6_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f0000000b80)='hybla\x00', 0x6) socket$inet(0x2, 0x807, 0x6) ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000bc0)=0x81) ioctl$TIOCLINUX3(r2, 0x541c, &(0x7f0000000c00)=0x3) socketpair$inet_udp(0x2, 0x2, 0x0, &(0x7f0000000c40)={0xffffffffffffffff, 0xffffffffffffffff}) syz_extract_tcp_res(&(0x7f0000000c80), 0x2, 0x2) ioctl$LOOP_GET_STATUS64(r2, 0x4c05, &(0x7f0000000cc0)) sendto$inet(r6, &(0x7f0000000dc0)="d93621df2b12ae6970a98c96861fb6913235a795bb211f16bff575ebef2e368dceb65f1389ad7fa841f662233dda9a2990c80d89efef0481eca9d71d396bded4ad698a096f686bb9847e2e323c620acd0063553bf9798f2781d6033a8bb84a3cf93b0add457a5d3fb06cc036fe7d82946a9e7a21b4489cf31a11e7c2b11f97d63a391263e01a2e1b6bfd7180385a10c3788f1153ca19203a41a4d75cd1fb82693736151f328c8f5fc50747c5608c3d12d9d27dad6c1f8dcfc3e93e137697ace4c6e714e891bf80b55b10b102051f25a203bdb96daf8dc7e0f0238d47ba853b28dd958654586743b4dc3627c98e0db20772ed0b125cd9a4c8fd3c144a4ad0bcb3a39ed1c1f0ab1304f01d26ca3eb51a9bd6888dcf9394e52b64f88f2bc138c61ed3eeec30e05a25066b17674dba7943e225d7fc447b86bbb20f6bdf604d12401a08a064599c7d0e3b3cb0d25d37422cd26851cf8c04108bb3a170e30540a8fdf8d360453e39fb40764e971046dbcd384e3ed8b630103597cce81efda8df11c177a0eacbd7f7ed0a9d92f4018c716df4b868e34b167c58c250f55c5522574a72ab48c0f12d5844d6e74f5cab369db2014d65073b34eb9e347b1ff40f2361ad42a271c79422d89ddb524d91bda6c9e5804a7c93a429ee2365fe4f3244b0e18e5e3bb0f1908b894286ca17f441848f3ebab92bf759e26c72f877b9e26539c320b7f43429640dcd520200de22a8dc309a1e4a4ebfff293dd17683d261ae9854a61116aedfb959209de7824abd9d93dc677d2cde36ae32801abe457814296abdcbd2bba1038f92a8c0c953b034d46b2191f68594be01c28d6bc07904a0a9933c64b606088a31fb9fb279fb5d2d066925f7392f2e7bf501605812006cc3820075125a07049eeb3fdd8fddd8c24a423a83793b5240ae73bbc6fb6ff74769123bf74f41a122f3ecba7fe81246cf238e92846218720f9dfceba6e76c57bd529636efe7effb8970e581af49dee4e7df2a0da0e442ac41ebe8486a7590f56335536fc561bbbb838ef784431c3fd1fcc0b37d0bf152d6cbc2445ba5a97cc86fee50137f12a8f2ef41168c6ffbd1be7e00a7c6c5013391c6b1d7d02d5a22c5e91d351e73dc7ee53163a790e9bd86d1938464b3b77a4814d4674d68e6e77dd8a5d8045818188f5bc1658a069ac3ce9b7ba0deb8786fd244a8ac15eb6c4c88c690c57e1f3cdd459a24667ff16da170b1972a6ae84857008c8f9559c48f85deddf4ec59c8a2eb150d1e1babd55b855f7d18d4113d79b8f57fde01e267c69842ed44a2ab904dc39443f3a5081038d436aca819c74a7d2421aaf3f280f0cb0a9bb4b6b229cf3a815aecd354dc35e6e75ebaeece99720327352dd33fa0f5b64715c603e5880a1f615be2960dc3e036751222ea65c1c4dcba1a249ecfa573dd066d342d51e20bc87d9d9a97bdf09c9f7b90cc241a25edc580600dfa2b75022ba377f1b28d23097307a3a4585bd4b06d08ac6f56a7c3ff04f426fb78d68c96b44fbcd504d735464116b6f90664f2d6aa6cb194cce65c9497d3d1ba521b47f779923b877de1d9a2d83064076e0cbae23e6e4d67e938a1afb95a2893592390bdc3e424421245c2bf8e5a6dae6c48ef79617707299b9280362f2017f343cd4d2cf01acad792413fce084b7396836e938b2790ecf222180ecc2143492902f467957cf94e3a4d52ad03af332a293425ed1fa34406f8e2bd1c4ec674b18868c9563c8ef8e8cb7e71ce0e845e2e3acbbf7f7e859420d81146200b835ab49b910ac889dba56d598cfca0b8141e5c3d178b8a245cef4c3c58bce4676de0f0ac3793a897840bd24e1fbb5014d5b47be97edfac254c09885ed0dd9bc3edb6b3e59041a43e25fdfe0fa5aa178961c0b0aa8a705ad0b2f320b896b755403793ed81bb4bbf9880273521831df9dba73fc5c1fc69a8b6f34a50ba8824a79ea30cc12bb846dce73d603337851e57158b373f5af701b4797b49b6b7c677f87a3ad66f4216b9b0d560de4fad01a0eb984fbf7bd958ced3e8f0bfb5467871f9b73edb901c42985a00d8b0567db8a1374aaa66de6d8f81e6d537ecaae565b73af55aafc0b9bf8ee97da58122fbe53b86be3adb81cfa3149eb2c2ed76009f8faf48c779de0d3bae264617c781647abcd66dce189ea741991b005e1152157353471ddd35c84f2f987b552ff8a403ef818c1fe9c7ccc30114c98f7ee3c6c11db82d543b0be24f291ed5626c61d08c4358e7bb2549994af25321dab43720e874676ff3437be44f7a2fe437d61f284e0a78c31dbed52d843face85f1311f4593ba80abf5c074dc0ec716bd35a6a3b0348ab2e1ba547b01a868df64aefe9cf8ade491e5b0ab233b830849769c9371fba8ffbbd3a90f1cf75a609905b4212731c945e34826b217acef5a0c54d7a2c4733275113d2e7a2e2ff28fc7b986e25173fb55950f0a5d2fa3791203ea9b95b2ebd2b2777c84fc85d2c01ae084bf5acaabd8e6572b6de51cfc59cf1408fcd8cc50941de5db7943b0f617bcf394dd604baa47d8889f7b11842a09ca82f97faad4c9f672057f651075ffc741db81e9935f086c10bd053939a50348c5750578866af4432ecc7b1b26946ad0ea99d5af78c3ae1d263646b16d9e52a55bbddfd802190ace515208312a0b8fcda04544027235c800befe030fdae826518e8436c6ae66013148cbde073d8f1cb9f9997b7dde3c80ce0e46f1bd1592d415c2acc1b48eef97534f5d27f1bba5cbd288b544a5ceaf0b572e53cf5cd7e738bc066a111837733f7398e39dcc231e276379d57b997cbe6cf58cff0b6dea8cd9b4605e4b8f8a25c9c5e0d6edb28e42cf138469abaf36f13f53423a2b19ebe0a73e6b283692a445aac5d79fec1755a2b289470d9314e83d33d7a3b969b93245752f9d5d012fd2d817245b5d3335e8f86d222827d6683a492b157a115b1a512c11f8b5e9b5da0bc31d6c247c90a2f1569f4482b0a1245ff664fd3e1348f2b9177815c34f0b42279f1b49ea9d13384b48026c470bc3c0ed23703002c32fdb9daefe89455598338cb264b02980ec9f8ca728379e178c15030a77dcc41e1f8eb55281bea74fc0319ad6f0c65c89f95656aa41f957e05805369d66edca4e916fb0009d6ed0cc32b6a8438fb2e3502facafb03b237a8c5b42377d06fa0444d96e30ff1cfe8a271b123d3ce2f7b86ea96fe8fc354283c50d4a2c82d3be57d68788d5c9d5d75d0af63f1132aa3f1f15d33a26e34b17c770ec67b9d61ee0a92fb69e2ef2820c859bd545d95b6fb8e8e0d7d3d7524804f746d3e37146d36cb96a6780558c617f2602b37c2b261bed9ce6a657a033fc2cd93a9900a4b79bf3c34fda85bfedb06e689bad79f0a09a82e3199c8ca3bf2f2519681c7b8dc1d6e3d27a0824bc6551dcff307b6e95b729e245722840418d764054d74f3b92952e757d2eba26348ffffdbca3900280075da6a94f39462310336c488cff390538f4270c934b66e4a94fada737b85a2e415bb83fc27fbb6b3fde3db424dea4ec60544ea0e6500a94c601b9a7a15309b838ae5fb5d24c06fd5db91687f5a4e95ece0af13eaa2bbf02bd11f7ff45898c29c3d6231b8fd8433ea1ac6e8ca1a0c4de2c89d892de72bb115f9f4181e88923daf949a7c446ebd9bc5655fbd2012551f44640eca7f45ec260b116a86332d65e194b1cc433a72ce5d3249ff5e8c1a1fa7d6a796e17b8008248476257551fcd3d564f7d7383af6730387276f76bfba095a724784e4c4cc2ced228eebc721a87ef5394e6323105afe11d199779f4d5a8a5a7c0cc9403a09c896c53762c3a1aa14afea00142f21dc1ab8cc3d472be6dc7e008f4f48bc9e231f25d9b35f6ab53cf16c81082deb41fcb86aef70596a96b08a58d9e816e8b6f9e1d6a69b923934c586b6751207dcf9d75dcb1cd0dafd123c666142015727dd55101697f0c606658373fc05f94677b27f0725944b679d8475ac01980a1a061bcff8853dc107d2abf6849186ddf7d28c28b126b4c8309dded2ac090d1f34dec9db52cd8d954d022ed23628ee73df95b415437be96039a7d707d02d0ed0974aacb3ff2bfa8fbfcf0def0c32d27a99883fae23765836f39d841778713653026934a4d9622ca7f0c93314189e116dd612f2420aa212a3dd603560e09362701af9c9886057d8e98bd8cb841d3dbc3ae597aa9f83cbd58805f56d32b46029aa3c492dc9381993d323d1e6bd7c890a377d795567ee5b17cb05f5ec7cf5ce89ef45558cc4487fc00c3f4d714c99e5ca780c6d0a3afefaad0ba1dfad287faf095d69d9c89b3ba6ca1caca437136466d61d6beb1a71b84219ceb54ed65813c78b476910ac69ee52ba8e25da190a189017548e162e1685ab82209c4a2096454b96cac806388dd2fe87cf62aab30e6e2f94f21b91038a4a27a81efecd5c7d6722099d86ca3870056e4d09df2e006fc96c6b70014f4731e7ea45c07789ea193deefb6f03c76f6b5f39704d4e112616542706d1cf46d8f13f9fc88b6510dc89335c021f385557de6816b37c2a118e9b4274452fb4556b98e692a0d84718f3ea2cf4e5521c6118b3c40742fbfe57f24007195800e27640a0cdbf400349e28cef17eed08e1c4146825511e90393279d6b712f1ced1256b08bd5191837ac8ca7fca715f293b94676d2d0c43210ce4389c2d86aaf1d8d8ab6e25408e312479281b614f3b51fd90a0e3a9691f678386a8bc7c494cfb933ab0d64d3dec213f9bc8aa362f1782d3c44100fec2c47155ad110a64dba5d9ea7c1de9658efcf61cd75e71970b030eb19f8e714a0e2186e256350d0796c1b4f15394940969ab9b4a764a4ac71627785771c1f3fb624ab4d9323806eaac3ccf3428ff021921301a0eb2ce4d21f62463bb099212abecc34168e93e212b121cfe2b5ec6a9b5a5276ed2401185ec95044dd7961086bc3e0225fa85407001dfe6e7eda5c0f3b2a1d3e3698826e6ab23e6c5a6a171a1903f96730cc7df7a48d285ca6a00e84512467b5c763c9877effd4a037e7dcdf10e2ad03a4107711c53a6350d82b64e6f99ea64c37063b753e220114ec67ba54effce8db06e32e50fd3f1e2b33992e72fd95ad5dfb6e25e780954e84150fc06f55e494eb02616b0924892c6a859b477e0e099a37e9f408f98f555617c6776f5d193c230b7c0504884b8046ce9cd634699f56b9b0cebdfbbb639705b48560c1a238925028df8ec06ebc3d89b7059ca533a4ea39454897b3b9c5b9418e94f97a1cc21f19e3644b9f3b5201b45561cdb4236c5267eb33e4eb114a34bbbf55acee5d6f09a75c551b2571e2cb34c1462dc092ef5608a19ae9926e45ee186e72454ac76f759a6b8c48be99c391b8103ba143085ab8cc85cc41a9062a00904894fbf8eced67d7e4dfd8f264c9f24404548c5274c5a383854abc03623eb91fb66c394317aa01e0a14b8ef87c7c577a02f762a75b21ae3ceb24e96f1d68ec0fac4775dfb0c70e7fb0f1220c9058b0b23c976bbf4b456ffdcb978f0868b1397bbf23cb121a4fd23baa062c7dcad1fa0574a4512e52b1222035530f87ba9c3f3665a7a7e56fff314c32e93848c380f866bfe8306d2676165564219c1963d0aeb6b7f349acb420d0324e9f19a75a077f17df3555d71075b2ef7bb1d933b8ab03329f6f5ab5c8c44e6ad6109634bb8ab7500bd48ff62ef309c35b03b9c0d1e24542ba38634cff4914025535bd69001808bb0bb002356b5983763b56b82c90b926d8f4c0d5c36dc726ede3136024bbb84cd073fe816693473fddc409e0", 0x1000, 0x20044840, &(0x7f0000001dc0)={0x2, 0x4e24, @multicast1=0xe0000001}, 0xfffffffffffffd2c) ioctl$PPPIOCGFLAGS(r2, 0x8004745a, &(0x7f0000001e00)) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000001e40)=0x8) getsockopt$inet_sctp6_SCTP_HMAC_IDENT(r2, 0x84, 0x16, &(0x7f0000001e80)=ANY=[@ANYBLOB="043b00677a49e000000091bc"], &(0x7f0000000000)=0xc) getsockopt$netrom_NETROM_N2(r2, 0x103, 0x3, &(0x7f0000001f00)=0x2, &(0x7f0000001f40)=0xfffffffffffffec6) 2018/04/06 11:41:22 executing program 2: open(&(0x7f0000000000)='./bus\x00', 0x100000141842, 0x0) syz_mount_image$ntfs(&(0x7f0000000440)='ntfs\x00', &(0x7f0000000480)='./bus\x00', 0x0, 0x0, &(0x7f00000006c0), 0x1000, &(0x7f0000000740)=ANY=[]) r0 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) syz_mount_image$hfs(&(0x7f0000001780)='hfs\x00', &(0x7f0000000100)='./bus\x00', 0x0, 0xccf, &(0x7f0000001a40)=[{&(0x7f0000001c00)="c3109cfc6f65b837063b7bbc3d4a7d202d2b9984a215c7b7bd25480c1babe9aadb78e3c53ec529cb288497a5ff7386ab50bc1a8c89", 0x0, 0x401}, {&(0x7f0000001800)="2ddea5d98171285eddea030c82c3ebbbe9ef0086979c4d89f51697a723698cc79f113fca18d8ec8bb4942cb405ffaeeeafc6b09a0aa44324f534c9b7f57352f0c6be30573567dee6adbbdffa5bc32a5b00201e68181092887cf576f0703f060812cd5047561a4c92d2fe195c21c60625c482c212ec431a19596ad1012108999bc75ae3480f0e76a36376ac63a8", 0x0, 0x5}, {&(0x7f00000018c0)="c5530d8833354b18ef6baebf606c24f24d221ae3c07931be7198141ec53fd728927e5f00e021449a33baca2a22cf99667bb62ad1c43215e3f08aaced4246a353f263c0b7595b47c7a50af4436c372f265f8434d31934351c965767c877bce2ca431539e8a01395cb17c6c5e7c94ccf3bafb07d8b5e8c8a7c931e0d769db9d35a00cb5aa0044e6a6a561fd1afe1", 0x0, 0x5}, {&(0x7f0000001ac0)="a6c3452050343eb065584cf53ea65ae330a5f6fabf78091e23a81fecb3775e4b4b863ad23c978b4d06569e6a36869f4d6ab49a561ec1407526f64751bf75483fb2755e3dd399f154e42b71bf2ba4b06f84d08c82013cccce8d83cc8522875560acd751f4f33688881c070e6ef463499ee9e91f792ae72561196b6ba9dc495e6762dbb6f5c913a4aeab57f7ff1fec996193598848aca0c65638fffb8af2141e66a90fe4ae167772c4c599843c560c877e454fdb686a3b7df3bc64de67f0ab300a68bb0beb5a6e2c52ef9e161399bf3a9939b04d804247cd6b3c9682eaf9ba0fdf8721b778b0f8e7905b17a1210b17ce35b1fb4f78497d438165b2019a31462ffaad8347218795323dd876bfaa1f6f7eec0187f0b9e41c54ba73230f635b3f4c2fd658e725afc3135bbb160347c72457a5da34344443b7f7c8ab479f9e63", 0x0, 0x7}], 0x10000, &(0x7f0000000780)=ANY=[]) ioctl$LOOP_SET_CAPACITY(r0, 0x4c07) write$cgroup_pid(r0, &(0x7f0000000040)={[0x0]}, 0x1) add_key(&(0x7f00000000c0)='asymmetric\x00', &(0x7f0000000140)={0x73, 0x79, 0x7a, 0x0}, &(0x7f0000000180)="9e659466cbfbd5240d0324e75025024532163aa8770fe16f3a330ab59d341cd33efdf6be1071e0b18c129e0c9d16583537249b43ca89e0f22a9f2399e2c55eea1f4f6fa74bfedc0436a59cadd999ab6cc4a762f1aae4bbe5d64bed429655e3f9768d8a1c7b7987b156c14c970375762cc4e2eb17a0410521887bf27312ab3d65f483d880191303124d0b6f81a44b05c5", 0x90, 0xfffffffffffffffc) ioctl$KVM_SIGNAL_MSI(r0, 0x4020aea5, &(0x7f00000003c0)={0x0, 0x3000, 0x10001, 0x0, 0x2}) write$cgroup_pid(r0, &(0x7f0000000180), 0x1d2) 2018/04/06 11:41:22 executing program 1: r0 = socket(0x0, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) r1 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x52, r1, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000000200)={0x0, 0x4c, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30445cc3106098c1375dee48494f9360a6dceec8517e"}, &(0x7f00000000c0)=0x54) close(r1) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(r0, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$alg(0x26, 0x5, 0x0) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000640)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000140), &(0x7f0000000180)) close(r3) sendmmsg(0xffffffffffffffff, &(0x7f0000002280)=[{{&(0x7f00000006c0)=@pppoe={0x18, 0x0, {0x3, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, 'ip6tnl0\x00'}}, 0x80, &(0x7f0000000ec0)=[{&(0x7f0000000740)="964616d1dafb11d6d905ea33bd4eaea0dd04eb847bc0a1210ca9456143e31b8ce14caf4a0646bc639707d10aba3e652495977a7a6d3fc41ef6364c47c2266aa410a490f920f407161207ec5352e1ce6c3822d3a2ae063583609298790a58b73fccaac3665dd78ab4a15d4c12a996799f41dc79b9f3d57a627a7517cb0b51c0cecf43519f19db25073246fa0d8e29d209ee94372325d56aa5ae8d45", 0x9b}], 0x1, &(0x7f0000000f40)=[{0x30, 0x103, 0x918, "b9b0597d21d227c112b74fbadc29c742bca992f94f18f93f4a69"}], 0x30, 0x4045}, 0x610}], 0x1, 0x4001) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x13860b96, 0xa0000) fcntl$getownex(r2, 0x10, &(0x7f0000000680)) 2018/04/06 11:41:22 executing program 3: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) fcntl$getownex(0xffffffffffffff9c, 0x10, &(0x7f0000000100)) getpid() fcntl$getown(0xffffffffffffff9c, 0x9) gettid() ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) getpgrp(r0) r1 = memfd_create(&(0x7f0000000080)='em1\x00', 0x2) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000200)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) sigaltstack(&(0x7f0000013000/0x1000)=nil, &(0x7f00000000c0)) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000258f88)) msgsnd(0x0, &(0x7f0000284ff8)={0x3}, 0x0, 0x0) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000240)={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000640)={'\x00', 0x0}) ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f0000000680)=r3) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000b40)={&(0x7f0000011000/0x4000)=nil, 0x4000}) io_setup(0x1000, &(0x7f0000000040)) io_submit(0x0, 0x20000000, &(0x7f0000000000)) ioctl$VHOST_RESET_OWNER(r1, 0xaf02, 0x0) 2018/04/06 11:41:22 executing program 6: socket$inet_udp(0x2, 0x2, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000095bffc)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) sendto$inet(r1, &(0x7f0000762fff), 0xfdc7, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001, [0x3f07]}, 0x10) [ 399.972027] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000020013000 [ 399.979278] RBP: 000000000072c010 R08: 0000000000000000 R09: 0000000000000000 [ 399.986538] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 399.993786] R13: 0000000000000608 R14: 00000000006fc160 R15: 0000000000000002 [ 400.062041] FAULT_INJECTION: forcing a failure. [ 400.062041] name failslab, interval 1, probability 0, space 0, times 0 [ 400.067417] IPVS: set_ctl: invalid protocol: 95 224.0.0.1:20004 lc [ 400.073819] CPU: 1 PID: 25106 Comm: syz-executor4 Not tainted 4.16.0+ #3 [ 400.086960] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 400.096316] Call Trace: [ 400.098919] dump_stack+0x1b9/0x294 [ 400.102562] ? dump_stack_print_info.cold.2+0x52/0x52 [ 400.107765] ? print_usage_bug+0xc0/0xc0 [ 400.111836] should_fail.cold.4+0xa/0x1a [ 400.115913] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 400.121029] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 400.126234] ? graph_lock+0x170/0x170 [ 400.130053] ? find_held_lock+0x36/0x1c0 [ 400.134134] ? __lock_is_held+0xb5/0x140 [ 400.138218] ? check_same_owner+0x320/0x320 [ 400.142565] ? rcu_note_context_switch+0x710/0x710 [ 400.147501] ? __mutex_lock+0x7d9/0x17f0 [ 400.151570] should_failslab+0x124/0x180 [ 400.155649] kmem_cache_alloc_trace+0x2cb/0x780 [ 400.160328] ? mutex_trylock+0x2a0/0x2a0 [ 400.164398] ? graph_lock+0x170/0x170 [ 400.168205] ? print_usage_bug+0xc0/0xc0 [ 400.172273] ? _raw_spin_unlock+0x22/0x30 [ 400.176437] snd_pcm_oss_change_params_locked+0x1f9/0x3ce0 [ 400.182072] ? graph_lock+0x170/0x170 [ 400.185890] ? __lock_acquire+0x7f5/0x5130 [ 400.190138] ? snd_pcm_hw_param_near.constprop.35+0xb10/0xb10 [ 400.196034] ? debug_check_no_locks_freed+0x310/0x310 [ 400.201230] ? debug_check_no_locks_freed+0x310/0x310 [ 400.206427] ? check_same_owner+0x320/0x320 2018/04/06 11:41:22 executing program 5: r0 = msgget(0x1, 0x410) msgsnd(r0, &(0x7f0000001200)=ANY=[@ANYBLOB="0300000000000000f228e5c89132d25940ee584c35227eba39d94fe3ebe3e203fa1d8eb957e1f257cc116530a52e9d0a8ac53a2c6c8fd49b3fdad8347784fce6964670017d1b6c324cff5b79a54d20da548b7888e6cf700f1736d1f034e2044c658988107504ac42529226a7a50f1f3044b391fe7dcbde4951c4997d380f317d5878b94a3c8f08b49268d3f5027dc001e10628a2297578655d288c8f7af13af843f3d73120a070cc48a1dfee5fd0383928be98253cef862346d748dc031ea24968a8211785aa84d50dd7ea23498948d0125faa10358c196ebe04ee77456b938fe0fee902b76aae41942c465fb20dd256d81301a1695edc74c35cd6ca1710dc9838a7aaec3bfecdfc31f997485426b0bd9c6b23c116a5a5da81432927e3aab21f8349068b28351073996bdd1e5727720b4fd2359cd55a1f1f1dc1e7b38e8deb4bc9bf51fd5ffeb181fa4dddceebd21fcda9e4234234c90b8184521db81f12bfc521d8ea135ea536886307b61655df9aa160aa3c4046b92c56a2ece2f0322794537c2b301a6c16472dc55c996060285ddf7f887081c3cea6c32fef96d9ab6cace105fad7141b662b719563a2694b0827e11418ac6e2ed2419e33dc39f42ff9d1f3aea77748a395ad09dc73c74e3f8bea38b710f1bdc3e1ad7fc90e1c2d510aad5c4dbf077357702c12ae103c8bcc6010ed7eab412998e6f68199799d68ea1d07a368ab8d2bbb3a8ade1842e4957d15c64c1b2a0fb0aed6727ab3dbaf481501106f12b5f757e91fe3a0fc9f6861f9db60b5b53649ea79737f37d89c97a46aba7e658f1aaedcf9bc5f7ec497877b2f63d19d4312be926a2dc1714fbbeaa4eedd42c868ce97765fc664feaa6a1aafeaf26c00b379241f36dd607061b2eba1f938e294beee6493213910f967081d871fcf321e18b6589daa41b287079e9010e45d0ef426ef89ed9c2f00f3c38b683b27cc46006d7e83bee38b7643a76754d74c50548d6a9d292173db1594305984df044f2916a640a5f41481deffcd76f1ff5d710943b1715b2d4ccc963fe79d041eab120b8f62766230e9cfd58a3b3b9fb67d075954e055dd61c909b33e227867fd3822572f6201d0c91a415dd1b6611ee8b3205e2ef53d42955b33ab80519efff9d25dd222cfbcc52de4028da1a4eb16aecc8d6b41b39f38005427b414641efc49b23c10567990bb183ad53022da9b629e8b0cfb0944eefff991372af36be7043eca9e9bde338c90ae1b04a0e641d391fe599d11ef4aba054c554750f9db3ed142c96c443266f48b39ed40582dba4ebcac140a1bfbdd6ab4b89b5bc2add4e46c7be3032bb8d84a32beb7a7b1e79167d95792e1641a13d94a5d7eaab6e6f1b538a7dd70da9f31b881124ab60698a2a542d75b120b5caea45b67d65228bb5088cc21f31efcf290c52e7e76b08b57f311893a8a7d9715416beedda5ebbea5e86d6d8dc40c340ba7e61a5c6d97f60a1605d7d94a745fc84b3a447daf5e739e58163ee6fb067708b2748e6dcc510480b91fe1d6301d9d11153cb2e176e30edd7aeaecf5c9d1e74aa94e8d0287e667b9e0790106bc7752c5b44964bf30dfb451591734539eaed004b2dece1b2f1940da0eae932ae479cdfea59d85a9348bd9ba52c72693a47ec0d57f299572e33cfc47d2d34d15d184f64dbe1cc442caeb0fe5a75e0e9cfd1ee55ccd1268bf885a5925cb948770c091841ca65bef608f2d7abae845e1fd77c8bec48a758c35ff77e2997bb0a39c3affa9ea9999c09e9a698638b6bb5c9a740553bee3b642ec77baaf36af7778560f8f4dfce6535096b99e7cd258618f0df86e090d58e8d342b4f13c1332530b96ae37e8499fd8409f3b72e62020bc457dcd5ef53dc719b0357d0ccf7de20988991447d20d479a12938c7763100f1c9644071aed739b50785197f4ea67325b3fca5792da9a89ccc7f500bf09bee9427ad2d0d7b8af966aaa83a7e4ff137f4e5577e8fae27b84047ccd15017612fcde6b5957c87b5ba049889c57011844fb05665e94f9a675e9e34791bc95780d9d4b64092d0b59277099b727e155f80befeb4c0d968f560f5038f96cfe53f9f503ff21171fdc952503e72e805ee9ca8baa3200e74acd100fbe66b35d77c8e427cbe2a52ed5283f021854e77d4aae73a134942610520f60166bb89aae675abedbef88c1aa14c737fe812b33931f08850e3a31b921ee5d881ce7a34651ec6ad82dc86afae90689d71a0120eb8a55420a89c56294a08fd9bba4e123808687a5c82006ae2b7bb8103a62d37618894318ce5721995621c29f2f2ede892e1d3d5599d3d59fe804d78b9e8281a428358cf7ca1fc4c11cc4462f9f04e9dbe759e11b825829be35507d600295f01372481e19823032deb49b76f5d99198522bff7f66df932ee8fb2f307b444fc376e6cf78244f59879e52208080d00e70d458e80695a75123243febbc669309ed1e5329853e2d07a396290590eddb3ac28890630c37a41c52d1c5a4650aa28f3853d9969a740fb6fb18f776b2cb76fe1edd96b1695a941b004230232f386c2d29d3772309c1808a6f76f9813c98e4dd5a708bc3c199c36d541c2e31eaad22139274d946c9cf0453de6b0635e8b07370b3c2bf85f3dc7bc14422fd08a6e3979e5a230ff84137dc77977e043b0b060d20b5230dd227c0ea26b8b0a64f8fcbac8716b1cce20f7969cc26e035973bbfd53e5ac14364a77317eadc093ee9233b6d671d9a106466b1986561b2584a98506d4a3002a6ffc08229914cc823bcb6636875e111a4c2f369cd11ef6eb252c20a16ce1b8b6ce68e82e3399c017023f8382f67781a57ffcc06a926a0789b28e59ee2180d6aec682bfc502ae50fef81cd0c497c844a25e865257c9f22b9305a9e0b7f8b7380e5962c1282ad025f2125820cf3e697d6047807616684074d50c6b28548bc66223f757602b68389908d185ed2bee7c588f1e9ac8c256d9f540379fefabce07945d2510eadf7cf35839adc5e28b28cc49b3f0a34677eaf556a32501806f90256f5d27752ff12cb005829180342048f4ce9b72cdbacce255772d295ac18e7942b5d03b94de7a6313621c93c2012d9d75f464c99a7b1fcdc4d70aacdc3dfdf4f8b9e20980a2ed19f138d2d105bd3b240c1498bea178ed94a2aa3eae55be59146ff0f2ee1188c3ca3b0d7728add608c977244c0f9dd59a2a7fab8c6b753973c19426074391a4f5fd2e5d5c91988e833d22b80b30b82ad2d83089aab6676a79de2cfaf49a44e45b8ab881de960d5e25b4302594f5dba7b6c094b5480a1a6531a63bbf0be0b0eaeb389a847390c2c468e35dbb94bc5b3a40a5a1ab3951e05390d806f56ecfd2150a9783e65f86883a18af53353dc6cc51e64f2e82dfa4da8d426d1695b4ca965c9837ff2858e6288843422d5ce18db38d28a8241f9da66b1e7205e00d7ac79c59e1a224186a4bc42ce2b7a0804a3cc89513b859d3d57b2ec94838d991ecc4076227241ff4a7950b05a7d39739a9662d0e6a6691d18c9381669f46864ce1bb3ab02b492fbd1f27ab0086da8f8cbf23e5a81586384e66eae49b39fe759b6a8676cf4437eb038a2eaf2c0ff5ab353c5daeab3b4c1853e206269f63363d5d27f738dab3f7a4b2b5761c9df1c7ff373723d0e1c56a71a3b70ab6aecb076ce6f40dee09db4090bbc7778dad5ba937e13ef8a11b7d5530244701fab0e5e9ca0c72277c104cef0690a34632a4fb692cb943e52239ef0cb316ebf9774032dfd7619e9097f48cb66520a537c599bbbbea86dd3540acb4e8acc434b41e7d0419a4514438fdeef561312cf1239386fcee5e7f1c15905eb0cba7745ffa3b7ffafa5c0da55b279802170093719b5da9f204728d92901a7f4d2c8ac319a9257aa5cd42e4512e962e3b1a6c24731cc7b1bf840511cfaf65f7a280c05ce669e92989d9806fb853f2501b38f854e238fc1238afe2ea550501969d191ef5b0665c9d20f8af8d4eccf08bc52c84eb24e7b351c37f5ad61bd970167f66a1d3611b3465b251b8e22558aca4bc0077f8cc54d0cf78323ba8e681d378244aec2d174ca1017effcf3f24c0ad9718aba29cb5ef807dfe18a1c53d3a524ef87d78b1470ab0ac731854215398d97db4a78e91acf9579cf463057c577a384eb5117bad2acf9cf74fe76ae6679e102bd54f7d20650788776061c5491daf734e94970c7a8ed187245f03e3cd4efe3aaae634a1f70ae834441f5e2f89c461bd0dd72099e0385c18a01708aa375828eca2a73c54d3b9423178bcd32a247214bbcec66f3a09dade2b39b7af818fd95c0957a9d6a92a98ba96dbe12a59ca9c80e91618750cddc00102344b0241cfbe5c6728cabd0dc69abb7c0470c82258e36bcb5af2570e017ea65e429849bc3c814689ab6f9f23b0fb0c1bcb3031ee78060af0c23ae44eeee3b0e01abdfddda63f6d5127b01f5e764bc678b1072a250b8cd36be8e320ff8492ec8ef3b43b75d9bc660516369d302e375398a274624f9b45247a9ee8364b359c639812a46159f97a4574139f55cd4324b87cf89077d899ef18a99d711563b4225fb87e613a6e477089bfb02d9b37afc0c186729d7bbd37b2712829a7a95b9df072286723f6bfce1a6c5639c43c413f280df5d45bf19f776c98d5919b54008997c7bf358261247e6d7003a120078c3b2d6e652818162eada579aaba13414af924c43a81c63d27ff25c418eb2d29088e692dbaf438cd8fd45fc8dbb4554570277fb02611c1b3bc8387898a06755e8b811e36581dd6ad6b7bebf74e2c2c3fec1a2ae4359594b091a6cc086b1bfb23393127dfc318ba90e832bb4103fe30cf050edca85399a9a6a773c88d5f2115680c147c563e42630f0191a33c8c747cd86091496bb94b042d5464e3e1c926af602f178a7d231054e01a408b4dbd985e8b72e48fd5c9ebe86fb6fd5a8cbfc23913a229a3b2ddb69712ffab71c2c8a83d965c7eba717df98ae19d00c08beeecc1363af887580f2cda2963073852ab1b5b3fe97c0ec50535cbb6e807058cb4bad108846591203f2fa757ba421dd0be98483c721b0ca492b42bfbd36dabd01490fec53845d1591849dff5c6fc60e2c1f01bc70940da81cdc20cd2f4d80d4c7b82e0aa293969a138e2f4fbe83ea833485065bf58566f39601fbd582d44d7e55ee7f2c56a74c4b1c016bfee8b3e27b52e7380f7f109422a140e2afc60969f1269deab4e85afca58acd461dc0f9adf93d8418813698acada98d69c1f4b92d83cd7fc13a0995bad5526f98ce2a56a6fe4a3f41aee5f02c87a87e11e328659bddc657da7acf1cebaf886c1061d6b43c0c67592e328a8450622a681e21cecbc1186d90f356dc483d24323e26bca7cd2353b2ad7130c7bd76c2f7ab38e3412ed5cac664a6118730e347bbda5bd9450c71fbf1a35c044bca6b559ae905a159f3acbcd90ec338fec32dc8317203fe92395ded3f9cc3a4a6338b809c03c309fb3d158c71c863c5cf6315ec05629c39c5a6160d2de06e6f133c0f128e6cb54296a45beabe47857f1ea85b4c4618825ec05c2be82af62294dce8f490f439653d7edb0f240904b9c99866a26fd2e4cdbaad0c05f6ac6bf242b76056ff06a7e881e6f8714699a5da003a477c122e87f73f79b278a2668f42bffcab44fd2eabbaa1e896172daf0af27442f76e28b934281f665319ab1caa64cbcbbde770e923077bd8123c12ff78b0aef4d249b44750990e3ae8fe8ae0b55e7a60f0def9b9e381fc03f50c40e61ca47421406549f4fcf939874ae2b1a44b4c5e40cf2d40e57a6056491bb55ce728ffe96b45a8ca201dcf9f411cdb0cb027532ea90c7269a55a396fc23f3d277c625d904f6540611e0bb936fee259dbf0f6b66d4e120588e130e6b78166d443ca4ca1cf72a47789d840959a1a2d3139e2761839fd86149238c1ad45e93c440bc02a5ea60ebf4cf3b2fc082de0ccafdb7695d54dfa698e36f6a605d17ba6cba000d086a03b12132a5c7913c730ce91e6bc996749f660ff9aaaa354cb116915e81a7285d61a0f699be4ee29cf453f49075f4d25c862713e2f41"], 0x1008, 0x800) capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) msgget(0x2, 0x58) 2018/04/06 11:41:22 executing program 0: r0 = eventfd2(0x10000000080003, 0x80001) read$eventfd(r0, &(0x7f0000354000), 0x8) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ppp\x00', 0x400, 0x0) r2 = getpgid(0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(r1, 0xc1105518, &(0x7f0000000180)={{0x7, 0x0, 0x7, 0x6da7, "ed2bd2b8bd95793743ace3ac5143cd9a2daa8f7d53c3d6c0d9a7589c12be903b4285940c008ccf243b2e28e7", 0x1}, 0x0, 0x0, 0x8, r2, 0xff, 0x3, "8d0241c0c141472bcac601b0e4aedb269f938a85030b66062ae0db1467d6222ac722dc601ee75d90fe5bfd25add03ebe5927c3022a135ae65adf5e944c387f24", &(0x7f0000000140)='vmnet0\x00', 0x7, [], [0x100000000, 0x9, 0x80000001, 0x3]}) r3 = getpid() socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setparam(r3, &(0x7f0000000040)=0x3ff) ioctl$int_in(r4, 0x5452, &(0x7f00005ebff8)=0x3f) fcntl$setsig(r4, 0xa, 0x12) fcntl$setownex(r4, 0xf, &(0x7f0000704000)={0x0, r3}) recvmsg(r5, &(0x7f000095cfc8)={&(0x7f0000893ff8)=@sco, 0x8, &(0x7f00000a4fb0), 0x0, &(0x7f0000b30000)}, 0x0) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f00000002c0)={0xb43f, 0x9}) r6 = dup2(r4, r5) tkill(r3, 0x15) write$eventfd(r0, &(0x7f0000951ff8)=0x3ff, 0x8) setsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(r6, 0x84, 0x12, &(0x7f0000000080)=0x3ff, 0x4) ioctl$KVM_IRQ_LINE(r6, 0x4008ae61, &(0x7f0000000000)={0x2, 0x7}) 2018/04/06 11:41:22 executing program 5: r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x100, 0x0) capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) msgget(0x2, 0x58) ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000040)={0x0}) ioctl$DRM_IOCTL_GET_CTX(r0, 0xc0086423, &(0x7f0000000080)={r1, 0x2}) [ 400.210758] ? find_held_lock+0x36/0x1c0 [ 400.214827] ? graph_lock+0x170/0x170 [ 400.218644] ? lock_downgrade+0x8e0/0x8e0 [ 400.222798] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 400.228342] ? locks_remove_posix+0x489/0x890 [ 400.232845] ? do_lock_file_wait.part.32+0x240/0x240 [ 400.237962] snd_pcm_oss_change_params+0x80/0xe0 [ 400.242724] snd_pcm_oss_make_ready+0xbe/0x170 [ 400.247312] snd_pcm_oss_sync.isra.29+0x27f/0x980 [ 400.252157] ? snd_pcm_oss_sync1+0x5a0/0x5a0 [ 400.256567] ? fsnotify_first_mark+0x330/0x330 2018/04/06 11:41:22 executing program 5: r0 = open(&(0x7f0000000080)='./file0\x00', 0x0, 0x52) pipe(&(0x7f0000000140)={0xffffffffffffffff}) linkat(r0, &(0x7f00000000c0)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00', 0x400) capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) msgget(0x2, 0x58) r2 = syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0x2, 0x40) bind$can_raw(r2, &(0x7f0000000040)={0x1d}, 0x10) [ 400.261154] snd_pcm_oss_release+0x214/0x290 [ 400.265565] ? snd_pcm_oss_sync.isra.29+0x980/0x980 [ 400.270588] __fput+0x34d/0x890 [ 400.273884] ? fput+0x1a0/0x1a0 [ 400.277171] ? _raw_spin_unlock_irq+0x27/0x70 [ 400.281675] ____fput+0x15/0x20 [ 400.284956] task_work_run+0x1e4/0x290 [ 400.288856] ? task_work_cancel+0x240/0x240 [ 400.293183] ? exit_to_usermode_loop+0x87/0x310 [ 400.297864] exit_to_usermode_loop+0x2bd/0x310 [ 400.302455] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 400.307309] do_syscall_64+0x792/0x9d0 [ 400.311199] ? vmalloc_sync_all+0x30/0x30 [ 400.315354] ? _raw_spin_unlock_irq+0x27/0x70 [ 400.319864] ? finish_task_switch+0x1ca/0x820 [ 400.324363] ? syscall_return_slowpath+0x5c0/0x5c0 [ 400.329299] ? syscall_return_slowpath+0x30f/0x5c0 [ 400.334232] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 400.339604] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 400.344455] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 400.349647] RIP: 0033:0x4552d9 2018/04/06 11:41:22 executing program 6: socket$inet_udp(0x2, 0x2, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000095bffc)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) sendto$inet(r1, &(0x7f0000762fff), 0xfdc7, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001, [0xcf44]}, 0x10) 2018/04/06 11:41:22 executing program 1: r0 = socket(0x0, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) r1 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x52, r1, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000000200)={0x0, 0x4c, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30445cc3106098c1375dee48494f9360a6dceec8517e"}, &(0x7f00000000c0)=0x54) close(r1) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(r0, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$alg(0x26, 0x5, 0x0) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000640)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000140), &(0x7f0000000180)) close(r3) sendmmsg(0xffffffffffffffff, &(0x7f0000002280)=[{{&(0x7f00000006c0)=@pppoe={0x18, 0x0, {0x3, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, 'ip6tnl0\x00'}}, 0x80, &(0x7f0000000ec0)=[{&(0x7f0000000740)="964616d1dafb11d6d905ea33bd4eaea0dd04eb847bc0a1210ca9456143e31b8ce14caf4a0646bc639707d10aba3e652495977a7a6d3fc41ef6364c47c2266aa410a490f920f407161207ec5352e1ce6c3822d3a2ae063583609298790a58b73fccaac3665dd78ab4a15d4c12a996799f41dc79b9f3d57a627a7517cb0b51c0cecf43519f19db25073246fa0d8e29d209ee94372325d56aa5ae8d45", 0x9b}], 0x1, &(0x7f0000000f40)=[{0x30, 0x103, 0x918, "b9b0597d21d227c112b74fbadc29c742bca992f94f18f93f4a69"}], 0x30, 0x4045}, 0x610}], 0x1, 0x4001) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x13860b96, 0xa0000) fcntl$getownex(r2, 0x10, &(0x7f0000000680)) [ 400.353511] RSP: 002b:00007ff8a6ac2c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000003 2018/04/06 11:41:22 executing program 4 (fault-call:5 fault-nth:1): r0 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000200)={r1}, &(0x7f00000000c0)=0x8) close(r0) setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040), 0x4) perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$rdma_cm(0xffffffffffffffff, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080), 0x2}}, 0xfffffe84) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000002c0)={0x0, {{0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, [], 0x19}, 0x6c}}, {{0xa, 0x4e20, 0x0, @remote={0xfe, 0x80, [], 0xbb}}}}, 0x108) 2018/04/06 11:41:22 executing program 7: r0 = socket$inet6_sctp(0xa, 0x80000000000001, 0x84) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000444ff8)={0x0, 0x7}, 0x8) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}], 0x1c) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000107ff8)={0x0, 0x10040000}, 0x8) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x8000, 0x0) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0)='IPVS\x00') sendmsg$IPVS_CMD_GET_DAEMON(r1, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x34, r2, 0x400, 0x70bd2a, 0x25dfdbfe, {0xb}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3ff}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x2}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x1886}]}, 0x34}, 0x1, 0x0, 0x0, 0x4000}, 0xc0) connect$inet6(r0, &(0x7f00008c0000)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c) sendmmsg(r0, &(0x7f000060d000)=[{{0x0, 0x0, &(0x7f0000c38ff0)=[{&(0x7f0000000080)='\x00', 0x1}], 0x1, &(0x7f0000299000)}}], 0x1, 0x8000) setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f000081e000)=ANY=[@ANYRES32=0x0, @ANYBLOB], 0x8) 2018/04/06 11:41:22 executing program 2: open(&(0x7f0000000000)='./bus\x00', 0x100000141842, 0x0) syz_mount_image$ntfs(&(0x7f0000000440)='ntfs\x00', &(0x7f0000000480)='./bus\x00', 0x0, 0x0, &(0x7f00000006c0), 0x1000, &(0x7f0000000740)=ANY=[]) r0 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) syz_mount_image$hfs(&(0x7f0000001780)='hfs\x00', &(0x7f0000000100)='./bus\x00', 0x0, 0xccf, &(0x7f0000001a40)=[{&(0x7f0000001c00)="c3109cfc6f65b837063b7bbc3d4a7d202d2b9984a215c7b7bd25480c1babe9aadb78e3c53ec529cb288497a5ff7386ab50bc1a8c89", 0x0, 0x401}, {&(0x7f0000001800)="2ddea5d98171285eddea030c82c3ebbbe9ef0086979c4d89f51697a723698cc79f113fca18d8ec8bb4942cb405ffaeeeafc6b09a0aa44324f534c9b7f57352f0c6be30573567dee6adbbdffa5bc32a5b00201e68181092887cf576f0703f060812cd5047561a4c92d2fe195c21c60625c482c212ec431a19596ad1012108999bc75ae3480f0e76a36376ac63a8", 0x0, 0x5}, {&(0x7f00000018c0)="c5530d8833354b18ef6baebf606c24f24d221ae3c07931be7198141ec53fd728927e5f00e021449a33baca2a22cf99667bb62ad1c43215e3f08aaced4246a353f263c0b7595b47c7a50af4436c372f265f8434d31934351c965767c877bce2ca431539e8a01395cb17c6c5e7c94ccf3bafb07d8b5e8c8a7c931e0d769db9d35a00cb5aa0044e6a6a561fd1afe1", 0x0, 0x5}, {&(0x7f0000001ac0)="a6c3452050343eb065584cf53ea65ae330a5f6fabf78091e23a81fecb3775e4b4b863ad23c978b4d06569e6a36869f4d6ab49a561ec1407526f64751bf75483fb2755e3dd399f154e42b71bf2ba4b06f84d08c82013cccce8d83cc8522875560acd751f4f33688881c070e6ef463499ee9e91f792ae72561196b6ba9dc495e6762dbb6f5c913a4aeab57f7ff1fec996193598848aca0c65638fffb8af2141e66a90fe4ae167772c4c599843c560c877e454fdb686a3b7df3bc64de67f0ab300a68bb0beb5a6e2c52ef9e161399bf3a9939b04d804247cd6b3c9682eaf9ba0fdf8721b778b0f8e7905b17a1210b17ce35b1fb4f78497d438165b2019a31462ffaad8347218795323dd876bfaa1f6f7eec0187f0b9e41c54ba73230f635b3f4c2fd658e725afc3135bbb160347c72457a5da34344443b7f7c8ab479f9e63", 0x0, 0x7}], 0x10000, &(0x7f0000000780)=ANY=[]) ioctl$LOOP_SET_CAPACITY(r0, 0x4c07) write$cgroup_pid(r0, &(0x7f0000000040)={[0x0]}, 0x1) add_key(&(0x7f00000000c0)='asymmetric\x00', &(0x7f0000000140)={0x73, 0x79, 0x7a, 0x0}, &(0x7f0000000180)="9e659466cbfbd5240d0324e75025024532163aa8770fe16f3a330ab59d341cd33efdf6be1071e0b18c129e0c9d16583537249b43ca89e0f22a9f2399e2c55eea1f4f6fa74bfedc0436a59cadd999ab6cc4a762f1aae4bbe5d64bed429655e3f9768d8a1c7b7987b156c14c970375762cc4e2eb17a0410521887bf27312ab3d65f483d880191303124d0b6f81a44b05c5", 0x90, 0xfffffffffffffffc) write$cgroup_pid(r0, &(0x7f0000000180), 0x1d2) [ 400.353527] RAX: 0000000000000000 RBX: 00007ff8a6ac36d4 RCX: 00000000004552d9 [ 400.353536] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000013 [ 400.353544] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 400.353552] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014 [ 400.353560] R13: 0000000000000052 R14: 00000000006f3850 R15: 0000000000000000 2018/04/06 11:41:23 executing program 4 (fault-call:5 fault-nth:2): r0 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000200)={r1}, &(0x7f00000000c0)=0x8) close(r0) setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040), 0x4) perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$rdma_cm(0xffffffffffffffff, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080), 0x2}}, 0xfffffe84) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000002c0)={0x0, {{0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, [], 0x19}, 0x6c}}, {{0xa, 0x4e20, 0x0, @remote={0xfe, 0x80, [], 0xbb}}}}, 0x108) 2018/04/06 11:41:23 executing program 1: r0 = socket(0x0, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) r1 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x52, r1, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000000200)={0x0, 0x49, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30445cc3106098c1375dee48494f9360a6dcee"}, &(0x7f00000000c0)=0x51) close(r1) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(r0, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$alg(0x26, 0x5, 0x0) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000640)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000140), &(0x7f0000000180)) close(r3) sendmmsg(0xffffffffffffffff, &(0x7f0000002280)=[{{&(0x7f00000006c0)=@pppoe={0x18, 0x0, {0x3, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, 'ip6tnl0\x00'}}, 0x80, &(0x7f0000000ec0)=[{&(0x7f0000000740)="964616d1dafb11d6d905ea33bd4eaea0dd04eb847bc0a1210ca9456143e31b8ce14caf4a0646bc639707d10aba3e652495977a7a6d3fc41ef6364c47c2266aa410a490f920f407161207ec5352e1ce6c3822d3a2ae063583609298790a58b73fccaac3665dd78ab4a15d4c12a996799f41dc79b9f3d57a627a7517cb0b51c0cecf43519f19db25073246fa0d8e29d209ee94372325d56aa5ae8d45", 0x9b}], 0x1, &(0x7f0000000f40)=[{0x30, 0x103, 0x918, "b9b0597d21d227c112b74fbadc29c742bca992f94f18f93f4a69"}], 0x30, 0x4045}, 0x610}], 0x1, 0x4001) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x13860b96, 0xa0000) fcntl$getownex(r2, 0x10, &(0x7f0000000680)) 2018/04/06 11:41:23 executing program 6: socket$inet_udp(0x2, 0x2, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000095bffc)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) sendto$inet(r1, &(0x7f0000762fff), 0xfdc7, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001, [0xe6af]}, 0x10) [ 400.493501] FAULT_INJECTION: forcing a failure. [ 400.493501] name failslab, interval 1, probability 0, space 0, times 0 [ 400.493519] CPU: 1 PID: 25143 Comm: syz-executor4 Not tainted 4.16.0+ #3 2018/04/06 11:41:23 executing program 7: r0 = socket$inet6(0x10, 0x3, 0x0) r1 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x8, 0x4000) write$tun(r1, &(0x7f0000000040)={@void, @hdr={0x1, 0x81, 0x80, 0x8, 0x7, 0x1}, @llc={@snap={0xaa, 0xaa, "08bd", "0dfd31", 0x99be, "a75bdd23475d2338994dd46c1a4d3850ef82a14ee3cf36cff1b690f5c05582fa8173bb938762279922a9e328dcceace82bfb80c65707227d8564159b292e87d23980b4f082873f036bde316b4d"}}}, 0x60) sendmsg(r0, &(0x7f0000000100)={&(0x7f0000000140)=@nl=@kern={0x10}, 0x80, &(0x7f00000001c0)=[{&(0x7f0000000200)="5500000018007fafb72d1cb2a4a2f9930a06000000a8430891052369390007000000000000000000191c80e400050000000000000000dc1338d5440700000000000000fb83de4407aa7227c43ab8220000060cec4f", 0x55}], 0x1, &(0x7f0000000080)}, 0x0) 2018/04/06 11:41:23 executing program 2: open(&(0x7f0000000000)='./bus\x00', 0x100000141842, 0x0) syz_mount_image$ntfs(&(0x7f0000000440)='ntfs\x00', &(0x7f0000000480)='./bus\x00', 0x0, 0x0, &(0x7f00000006c0), 0x1000, &(0x7f0000000740)=ANY=[]) r0 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) syz_mount_image$hfs(&(0x7f0000001780)='hfs\x00', &(0x7f0000000100)='./bus\x00', 0x0, 0xccf, &(0x7f0000001a40)=[{&(0x7f0000001c00)="c3109cfc6f65b837063b7bbc3d4a7d202d2b9984a215c7b7bd25480c1babe9aadb78e3c53ec529cb288497a5ff7386ab50bc1a8c89", 0x0, 0x401}, {&(0x7f0000001800)="2ddea5d98171285eddea030c82c3ebbbe9ef0086979c4d89f51697a723698cc79f113fca18d8ec8bb4942cb405ffaeeeafc6b09a0aa44324f534c9b7f57352f0c6be30573567dee6adbbdffa5bc32a5b00201e68181092887cf576f0703f060812cd5047561a4c92d2fe195c21c60625c482c212ec431a19596ad1012108999bc75ae3480f0e76a36376ac63a8", 0x0, 0x5}, {&(0x7f00000018c0)="c5530d8833354b18ef6baebf606c24f24d221ae3c07931be7198141ec53fd728927e5f00e021449a33baca2a22cf99667bb62ad1c43215e3f08aaced4246a353f263c0b7595b47c7a50af4436c372f265f8434d31934351c965767c877bce2ca431539e8a01395cb17c6c5e7c94ccf3bafb07d8b5e8c8a7c931e0d769db9d35a00cb5aa0044e6a6a561fd1afe1", 0x0, 0x5}, {&(0x7f0000001ac0)="a6c3452050343eb065584cf53ea65ae330a5f6fabf78091e23a81fecb3775e4b4b863ad23c978b4d06569e6a36869f4d6ab49a561ec1407526f64751bf75483fb2755e3dd399f154e42b71bf2ba4b06f84d08c82013cccce8d83cc8522875560acd751f4f33688881c070e6ef463499ee9e91f792ae72561196b6ba9dc495e6762dbb6f5c913a4aeab57f7ff1fec996193598848aca0c65638fffb8af2141e66a90fe4ae167772c4c599843c560c877e454fdb686a3b7df3bc64de67f0ab300a68bb0beb5a6e2c52ef9e161399bf3a9939b04d804247cd6b3c9682eaf9ba0fdf8721b778b0f8e7905b17a1210b17ce35b1fb4f78497d438165b2019a31462ffaad8347218795323dd876bfaa1f6f7eec0187f0b9e41c54ba73230f635b3f4c2fd658e725afc3135bbb160347c72457a5da34344443b7f7c8ab479f9e63", 0x0, 0x7}], 0x10000, &(0x7f0000000780)=ANY=[]) ioctl$LOOP_SET_CAPACITY(r0, 0x4c07) write$cgroup_pid(r0, &(0x7f0000000040)={[0x0]}, 0x1) write$cgroup_pid(r0, &(0x7f0000000180), 0x1d2) [ 400.493527] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 400.493533] Call Trace: [ 400.493554] dump_stack+0x1b9/0x294 [ 400.493573] ? dump_stack_print_info.cold.2+0x52/0x52 [ 400.493588] ? __save_stack_trace+0x7e/0xd0 [ 400.493612] should_fail.cold.4+0xa/0x1a [ 400.493630] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 400.493646] ? kasan_kmalloc+0xc4/0xe0 [ 400.493665] ? kmem_cache_alloc_trace+0x152/0x780 [ 400.493684] ? snd_pcm_oss_change_params_locked+0x1f9/0x3ce0 [ 400.493696] ? snd_pcm_oss_change_params+0x80/0xe0 [ 400.493709] ? snd_pcm_oss_make_ready+0xbe/0x170 [ 400.493723] ? snd_pcm_oss_sync.isra.29+0x27f/0x980 [ 400.493739] ? graph_lock+0x170/0x170 [ 400.493751] ? task_work_run+0x1e4/0x290 [ 400.493766] ? exit_to_usermode_loop+0x2bd/0x310 [ 400.493779] ? do_syscall_64+0x792/0x9d0 [ 400.493790] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 400.493804] ? find_held_lock+0x36/0x1c0 [ 400.493820] ? __lock_is_held+0xb5/0x140 [ 400.493856] ? check_same_owner+0x320/0x320 [ 400.493876] ? rcu_note_context_switch+0x710/0x710 [ 400.493894] should_failslab+0x124/0x180 [ 400.493912] kmem_cache_alloc_trace+0x2cb/0x780 [ 400.493926] ? mutex_trylock+0x2a0/0x2a0 [ 400.493940] ? graph_lock+0x170/0x170 [ 400.493957] ? print_usage_bug+0xc0/0xc0 [ 400.493971] ? _raw_spin_unlock+0x22/0x30 [ 400.493991] snd_pcm_oss_change_params_locked+0x231/0x3ce0 [ 400.494009] ? graph_lock+0x170/0x170 [ 400.494036] ? snd_pcm_hw_param_near.constprop.35+0xb10/0xb10 [ 400.494055] ? debug_check_no_locks_freed+0x310/0x310 [ 400.494072] ? debug_check_no_locks_freed+0x310/0x310 [ 400.494086] ? check_same_owner+0x320/0x320 [ 400.494103] ? find_held_lock+0x36/0x1c0 [ 400.494119] ? graph_lock+0x170/0x170 [ 400.494136] ? lock_downgrade+0x8e0/0x8e0 [ 400.494152] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 400.494169] ? locks_remove_posix+0x489/0x890 [ 400.494188] ? do_lock_file_wait.part.32+0x240/0x240 [ 400.494210] snd_pcm_oss_change_params+0x80/0xe0 [ 400.494226] snd_pcm_oss_make_ready+0xbe/0x170 [ 400.494243] snd_pcm_oss_sync.isra.29+0x27f/0x980 [ 400.494260] ? snd_pcm_oss_sync1+0x5a0/0x5a0 [ 400.494279] ? fsnotify_first_mark+0x330/0x330 [ 400.494296] snd_pcm_oss_release+0x214/0x290 [ 400.494312] ? snd_pcm_oss_sync.isra.29+0x980/0x980 [ 400.494328] __fput+0x34d/0x890 [ 400.494348] ? fput+0x1a0/0x1a0 [ 400.494366] ? _raw_spin_unlock_irq+0x27/0x70 [ 400.494386] ____fput+0x15/0x20 [ 400.494400] task_work_run+0x1e4/0x290 [ 400.494416] ? task_work_cancel+0x240/0x240 [ 400.494432] ? exit_to_usermode_loop+0x87/0x310 [ 400.494452] exit_to_usermode_loop+0x2bd/0x310 [ 400.494469] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 400.494492] do_syscall_64+0x792/0x9d0 [ 400.494506] ? vmalloc_sync_all+0x30/0x30 [ 400.494521] ? _raw_spin_unlock_irq+0x27/0x70 [ 400.494534] ? finish_task_switch+0x1ca/0x820 [ 400.494551] ? syscall_return_slowpath+0x5c0/0x5c0 [ 400.494567] ? syscall_return_slowpath+0x30f/0x5c0 [ 400.494585] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 400.494605] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 400.494624] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 400.494635] RIP: 0033:0x4552d9 [ 400.494642] RSP: 002b:00007ff8a6ac2c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000003 [ 400.494657] RAX: 0000000000000000 RBX: 00007ff8a6ac36d4 RCX: 00000000004552d9 [ 400.494666] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000013 [ 400.494674] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 400.494682] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014 [ 400.494690] R13: 0000000000000052 R14: 00000000006f3850 R15: 0000000000000001 [ 400.660738] FAULT_INJECTION: forcing a failure. [ 400.660738] name failslab, interval 1, probability 0, space 0, times 0 [ 400.660759] CPU: 0 PID: 25159 Comm: syz-executor4 Not tainted 4.16.0+ #3 [ 400.660767] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 400.660772] Call Trace: [ 400.660796] dump_stack+0x1b9/0x294 [ 400.660815] ? dump_stack_print_info.cold.2+0x52/0x52 [ 400.660833] ? __save_stack_trace+0x7e/0xd0 [ 400.660859] should_fail.cold.4+0xa/0x1a [ 400.660877] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 400.660894] ? kasan_kmalloc+0xc4/0xe0 [ 400.660912] ? kmem_cache_alloc_trace+0x152/0x780 [ 400.660930] ? snd_pcm_oss_change_params_locked+0x231/0x3ce0 [ 400.660943] ? snd_pcm_oss_change_params+0x80/0xe0 [ 400.660956] ? snd_pcm_oss_make_ready+0xbe/0x170 [ 400.660970] ? snd_pcm_oss_sync.isra.29+0x27f/0x980 [ 400.660987] ? graph_lock+0x170/0x170 [ 400.661000] ? task_work_run+0x1e4/0x290 [ 400.661022] ? exit_to_usermode_loop+0x2bd/0x310 [ 400.661037] ? do_syscall_64+0x792/0x9d0 [ 400.661053] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 400.661072] ? find_held_lock+0x36/0x1c0 [ 400.661091] ? __lock_is_held+0xb5/0x140 [ 400.661116] ? check_same_owner+0x320/0x320 [ 400.661134] ? rcu_note_context_switch+0x710/0x710 [ 400.661154] should_failslab+0x124/0x180 [ 400.661171] kmem_cache_alloc_trace+0x2cb/0x780 [ 400.661186] ? mutex_trylock+0x2a0/0x2a0 [ 400.661200] ? graph_lock+0x170/0x170 [ 400.661216] ? print_usage_bug+0xc0/0xc0 [ 400.661231] ? _raw_spin_unlock+0x22/0x30 [ 400.661251] snd_pcm_oss_change_params_locked+0x269/0x3ce0 [ 400.661266] ? graph_lock+0x170/0x170 [ 400.661293] ? snd_pcm_hw_param_near.constprop.35+0xb10/0xb10 [ 400.661312] ? debug_check_no_locks_freed+0x310/0x310 [ 400.661335] ? debug_check_no_locks_freed+0x310/0x310 [ 400.661351] ? check_same_owner+0x320/0x320 [ 400.661371] ? find_held_lock+0x36/0x1c0 [ 400.661389] ? graph_lock+0x170/0x170 [ 400.661408] ? lock_downgrade+0x8e0/0x8e0 [ 400.661427] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 400.661444] ? locks_remove_posix+0x489/0x890 [ 400.661464] ? do_lock_file_wait.part.32+0x240/0x240 [ 400.661487] snd_pcm_oss_change_params+0x80/0xe0 [ 400.661502] snd_pcm_oss_make_ready+0xbe/0x170 [ 400.661520] snd_pcm_oss_sync.isra.29+0x27f/0x980 [ 400.661538] ? snd_pcm_oss_sync1+0x5a0/0x5a0 [ 400.661556] ? fsnotify_first_mark+0x330/0x330 [ 400.661574] snd_pcm_oss_release+0x214/0x290 [ 400.661591] ? snd_pcm_oss_sync.isra.29+0x980/0x980 [ 400.661607] __fput+0x34d/0x890 [ 400.661626] ? fput+0x1a0/0x1a0 [ 400.661644] ? _raw_spin_unlock_irq+0x27/0x70 [ 400.661664] ____fput+0x15/0x20 [ 400.661677] task_work_run+0x1e4/0x290 [ 400.661693] ? task_work_cancel+0x240/0x240 [ 400.661710] ? exit_to_usermode_loop+0x87/0x310 [ 400.661730] exit_to_usermode_loop+0x2bd/0x310 [ 400.661747] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 400.661771] do_syscall_64+0x792/0x9d0 [ 400.661784] ? vmalloc_sync_all+0x30/0x30 [ 400.661799] ? _raw_spin_unlock_irq+0x27/0x70 [ 400.661814] ? finish_task_switch+0x1ca/0x820 [ 400.661830] ? syscall_return_slowpath+0x5c0/0x5c0 [ 400.661847] ? syscall_return_slowpath+0x30f/0x5c0 [ 400.661864] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 400.661884] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 400.661903] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 400.661915] RIP: 0033:0x4552d9 [ 400.661924] RSP: 002b:00007ff8a6ac2c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000003 [ 400.661939] RAX: 0000000000000000 RBX: 00007ff8a6ac36d4 RCX: 00000000004552d9 [ 400.661948] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000013 [ 400.661956] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 400.661964] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014 [ 400.661973] R13: 0000000000000052 R14: 00000000006f3850 R15: 0000000000000002 [ 400.920549] FAULT_FLAG_ALLOW_RETRY missing 30 [ 401.506495] CPU: 1 PID: 25112 Comm: syz-executor3 Not tainted 4.16.0+ #3 [ 401.506508] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 401.522672] Call Trace: [ 401.525267] dump_stack+0x1b9/0x294 [ 401.528902] ? dump_stack_print_info.cold.2+0x52/0x52 [ 401.534096] ? kasan_check_write+0x14/0x20 [ 401.538339] ? do_raw_spin_lock+0xc1/0x200 [ 401.542575] handle_userfault.cold.32+0x44/0x57 [ 401.547230] ? handle_userfault+0x16c6/0x2760 [ 401.551724] ? userfaultfd_ioctl+0x4d10/0x4d10 [ 401.556297] ? debug_check_no_locks_freed+0x310/0x310 [ 401.561468] ? find_held_lock+0x36/0x1c0 [ 401.565509] ? print_usage_bug+0xc0/0xc0 [ 401.569553] ? print_usage_bug+0xc0/0xc0 [ 401.573601] ? check_same_owner+0x320/0x320 [ 401.577900] ? do_raw_spin_unlock+0x9e/0x2e0 [ 401.582291] ? __lock_acquire+0x7f5/0x5130 [ 401.586504] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 401.592027] ? graph_lock+0x170/0x170 [ 401.595819] ? debug_check_no_locks_freed+0x310/0x310 [ 401.600991] ? find_held_lock+0x36/0x1c0 [ 401.605049] ? lock_downgrade+0x8e0/0x8e0 [ 401.609185] ? kasan_check_read+0x11/0x20 [ 401.613315] ? do_raw_spin_unlock+0x9e/0x2e0 [ 401.617702] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 401.622267] ? kasan_check_write+0x14/0x20 [ 401.626480] ? do_raw_spin_lock+0xc1/0x200 [ 401.630696] __handle_mm_fault+0x34be/0x4150 [ 401.635084] ? vm_insert_mixed_mkwrite+0x40/0x40 [ 401.639819] ? graph_lock+0x170/0x170 [ 401.643600] ? find_held_lock+0x36/0x1c0 [ 401.647641] ? lock_downgrade+0x8e0/0x8e0 [ 401.651776] ? handle_mm_fault+0x8c0/0xc70 [ 401.655989] handle_mm_fault+0x53a/0xc70 [ 401.660043] ? __handle_mm_fault+0x4150/0x4150 [ 401.664624] ? find_vma+0x34/0x190 [ 401.668146] __do_page_fault+0x60b/0xe40 [ 401.672189] ? mm_fault_error+0x380/0x380 [ 401.676319] ? graph_lock+0x170/0x170 [ 401.680102] do_page_fault+0xee/0x8a7 [ 401.683881] ? vmalloc_sync_all+0x30/0x30 [ 401.688016] ? find_held_lock+0x36/0x1c0 [ 401.692072] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 401.696896] page_fault+0x25/0x50 [ 401.700334] RIP: 0010:copy_user_generic_unrolled+0x86/0xc0 [ 401.705938] RSP: 0018:ffff88018ea9fce8 EFLAGS: 00010206 [ 401.711280] RAX: ffffed0031d53fae RBX: 0000000000000018 RCX: 0000000000000003 [ 401.718527] RDX: 0000000000000000 RSI: 0000000020013000 RDI: ffff88018ea9fd58 [ 401.725776] RBP: ffff88018ea9fd20 R08: ffffed0031d53fae R09: ffffed0031d53fab [ 401.733032] R10: ffffed0031d53fad R11: ffff88018ea9fd6f R12: 0000000020013018 [ 401.740286] R13: 0000000020013000 R14: ffff88018ea9fd58 R15: 00007ffffffff000 [ 401.747553] ? _copy_from_user+0x10d/0x150 [ 401.751773] SyS_sigaltstack+0xae/0x320 [ 401.755726] ? do_sigaction+0xa50/0xa50 [ 401.759688] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 401.765204] ? fput+0x130/0x1a0 [ 401.768465] ? ksys_ioctl+0x81/0xd0 [ 401.772070] ? do_syscall_64+0xb7/0x9d0 [ 401.776033] ? do_sigaction+0xa50/0xa50 [ 401.779990] do_syscall_64+0x29e/0x9d0 [ 401.783860] ? vmalloc_sync_all+0x30/0x30 [ 401.787990] ? _raw_spin_unlock_irq+0x27/0x70 [ 401.792466] ? finish_task_switch+0x1ca/0x820 [ 401.796940] ? syscall_return_slowpath+0x5c0/0x5c0 [ 401.801849] ? syscall_return_slowpath+0x30f/0x5c0 [ 401.806766] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 401.812111] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 401.816934] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 401.822099] RIP: 0033:0x4552d9 [ 401.825266] RSP: 002b:00007ff15ecfec68 EFLAGS: 00000246 ORIG_RAX: 0000000000000083 2018/04/06 11:41:24 executing program 5: capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) msgget(0x2, 0x58) r0 = openat$rtc(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/rtc\x00', 0x404000, 0x0) getsockopt$nfc_llcp(r0, 0x118, 0x1, &(0x7f0000000440)=""/240, 0xf0) ioctl$sock_bt_cmtp_CMTPGETCONNINFO(r0, 0x800443d3, &(0x7f0000000200)={{0x0, 0x0, 0x6930f572, 0x0, 0x698, 0x1}, 0x8b, 0xffffffff, 0x69b}) openat$dsp(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/dsp\x00', 0x483, 0x0) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x0, 0x0) ioctl$RNDGETENTCNT(r1, 0x80045200, &(0x7f0000000240)) ioctl$DRM_IOCTL_MARK_BUFS(r1, 0x40206417, &(0x7f0000000180)={0x2a4, 0x80, 0x5, 0x2, 0x4, 0x80000000}) sendfile(r1, r0, &(0x7f00000002c0), 0x8) getsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000340), &(0x7f0000000380)=0xb) getsockopt$inet6_mtu(r0, 0x29, 0x17, &(0x7f0000000300), &(0x7f0000000400)=0x4) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x800443d2, &(0x7f0000000140)={0x9, &(0x7f0000000040)=[{}, {}, {}, {}, {}, {}, {}, {}, {}]}) setsockopt$bt_l2cap_L2CAP_CONNINFO(r1, 0x6, 0x2, &(0x7f0000000280)={0xc08f, 0x4, 0xfffffffffffffff9, 0x583}, 0x6) 2018/04/06 11:41:24 executing program 7: r0 = gettid() syz_mount_image$hfs(&(0x7f00000000c0)='hfs\x00', &(0x7f0000000100)='./file0\x00', 0x8001, 0x4, &(0x7f00000003c0)=[{&(0x7f0000000140)="4d199e998a322440aab906aef18da9775151fcf1b8adab9e68dbd2fdd7210fc83b5a34c424ce8c009b3440b41ab2f44297584703cf3e3bacfbbf4bda30a40176d23f92fedffd61d8f7456f6410f9a0d5c59f10681366004f8a9bb6acf68e5449d63881e0e6e25efce737991488acaea37951e7566383c00563bf54", 0x7b, 0x8001}, {&(0x7f00000001c0)="0f04f27ff4ab32f82903e61f5b78cfbca0849a5849ad606938d5c3dbbbfd912c20811ad07f63b741b2f19d18ba3daeb5584f36f0120de034", 0x38, 0x3ff}, {&(0x7f0000000200)="4fbf1662abf22a039f4a7624aab16cc6e123e6b9d73bacdd56549379eb6428b24807fc6d5e863caec4d71c857a8318eed7bdfd70ab58e668e25690bd694fcb36a7817be0b60b7997d3090135f41a3c08ab4be28e4528f9874f1b1e6aea839f75f73d116b1a8d4c7d9b5bfeeaf0f291b687f38ebccd2f6e2f21e2997a825a06cd3afcf260621dcc94bd1ba26c2d7b6409bbca10b2a78e59a54c76ea60eeb1ecebd45b5e6fbdedf09dc3a92745c792c31909", 0xb1, 0x8}, {&(0x7f00000002c0)="5be071ace447f14dbd01a39cd4b087050d38114f301d521679f96487ec016866c57f8c2b8041055cf8996e318284452e26c03ff741611f132c554e08ec0aff18a8c33930a084986f1902381089b47456c8f5dcf0ebdb630ad49966a1811794bef9e2cb44e00547ae57869829ec96b94c7ef600d257f79b06aa309c24833aebba10059f6f57bf67204ef3a137ad876f7109ebd9b9fe324cb67e40207bb5d990fef8e9ceb5638dd6386d7a3eca78ded5cb521d8808e690d7386778af44d84ed3d82c7e461f", 0xc4, 0x100000001}], 0x8000, &(0x7f0000000440)={[{@quiet='quiet', 0x2c}, {@umask={'umask', 0x3d, [0x34]}, 0x2c}, {@iocharset={'iocharset', 0x3d, 'iso8859-4'}, 0x2c}, {@uid={'uid', 0x3d, [0x3d, 0x36]}, 0x2c}, {@dir_umask={'dir_umask', 0x3d, [0x36, 0x33, 0x33]}, 0x2c}, {@umask={'umask', 0x3d, [0x30, 0x35, 0x33, 0x37, 0x37, 0x35, 0x33]}, 0x2c}, {@session={'session', 0x3d, [0x35, 0x0, 0x3d]}, 0x2c}]}) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x6, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x400, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_open_procfs(r0, &(0x7f0000000040)='stat\x00') ioctl$sock_SIOCSPGRP(r1, 0x8902, &(0x7f0000000080)=r0) preadv(r1, &(0x7f00000013c0)=[{&(0x7f0000001400)=""/4096, 0x1000}, {&(0x7f00000010c0)=""/204, 0x39c}, {&(0x7f00000011c0)=""/223, 0xdf}, {&(0x7f00000012c0)=""/250, 0xfffffffffffffcf4}], 0x4, 0x3) 2018/04/06 11:41:24 executing program 6: socket$inet_udp(0x2, 0x2, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000095bffc)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) sendto$inet(r1, &(0x7f0000762fff), 0xfdc7, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001, [0xe00000000000000]}, 0x10) 2018/04/06 11:41:24 executing program 2: open(&(0x7f0000000000)='./bus\x00', 0x100000141842, 0x0) syz_mount_image$ntfs(&(0x7f0000000440)='ntfs\x00', &(0x7f0000000480)='./bus\x00', 0x0, 0x0, &(0x7f00000006c0), 0x1000, &(0x7f0000000740)=ANY=[]) r0 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) syz_mount_image$hfs(&(0x7f0000001780)='hfs\x00', &(0x7f0000000100)='./bus\x00', 0x0, 0xccf, &(0x7f0000001a40)=[{&(0x7f0000001c00)="c3109cfc6f65b837063b7bbc3d4a7d202d2b9984a215c7b7bd25480c1babe9aadb78e3c53ec529cb288497a5ff7386ab50bc1a8c89", 0x0, 0x401}, {&(0x7f0000001800)="2ddea5d98171285eddea030c82c3ebbbe9ef0086979c4d89f51697a723698cc79f113fca18d8ec8bb4942cb405ffaeeeafc6b09a0aa44324f534c9b7f57352f0c6be30573567dee6adbbdffa5bc32a5b00201e68181092887cf576f0703f060812cd5047561a4c92d2fe195c21c60625c482c212ec431a19596ad1012108999bc75ae3480f0e76a36376ac63a8", 0x0, 0x5}, {&(0x7f00000018c0)="c5530d8833354b18ef6baebf606c24f24d221ae3c07931be7198141ec53fd728927e5f00e021449a33baca2a22cf99667bb62ad1c43215e3f08aaced4246a353f263c0b7595b47c7a50af4436c372f265f8434d31934351c965767c877bce2ca431539e8a01395cb17c6c5e7c94ccf3bafb07d8b5e8c8a7c931e0d769db9d35a00cb5aa0044e6a6a561fd1afe1", 0x0, 0x5}, {&(0x7f0000001ac0)="a6c3452050343eb065584cf53ea65ae330a5f6fabf78091e23a81fecb3775e4b4b863ad23c978b4d06569e6a36869f4d6ab49a561ec1407526f64751bf75483fb2755e3dd399f154e42b71bf2ba4b06f84d08c82013cccce8d83cc8522875560acd751f4f33688881c070e6ef463499ee9e91f792ae72561196b6ba9dc495e6762dbb6f5c913a4aeab57f7ff1fec996193598848aca0c65638fffb8af2141e66a90fe4ae167772c4c599843c560c877e454fdb686a3b7df3bc64de67f0ab300a68bb0beb5a6e2c52ef9e161399bf3a9939b04d804247cd6b3c9682eaf9ba0fdf8721b778b0f8e7905b17a1210b17ce35b1fb4f78497d438165b2019a31462ffaad8347218795323dd876bfaa1f6f7eec0187f0b9e41c54ba73230f635b3f4c2fd658e725afc3135bbb160347c72457a5da34344443b7f7c8ab479f9e63", 0x0, 0x7}], 0x10000, &(0x7f0000000780)=ANY=[]) ioctl$LOOP_SET_CAPACITY(r0, 0x4c07) write$cgroup_pid(r0, &(0x7f0000000180), 0x1d2) 2018/04/06 11:41:24 executing program 0: perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000389000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$amidi(&(0x7f0000000040)='/dev/amidi#\x00', 0xe0, 0x8000) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000080)={0x0, @rand_addr, 0x4e21, 0x3, 'sh\x00', 0x2, 0x2, 0x66}, 0x2c) sendto$inet(0xffffffffffffffff, &(0x7f0000eda000), 0x0, 0x0, &(0x7f0000de5ff0)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}, 0x10) creat(&(0x7f00008b2000)='./file0\x00', 0x0) lsetxattr(&(0x7f0000712ff8)='./file0\x00', &(0x7f0000faffe7)=@known='security.capability\x00', &(0x7f0000d9ffec)="0000000201000000000000010400000000000000", 0x14, 0x0) listxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)=""/229, 0x6) dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$inet6_buf(0xffffffffffffffff, 0x29, 0x0, &(0x7f0000068fe8), 0x0) sendto$inet6(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local={0xfe, 0x80, [], 0xaa}}, 0x1c) 2018/04/06 11:41:24 executing program 3: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) fcntl$getownex(0xffffffffffffff9c, 0x10, &(0x7f0000000100)) getpid() fcntl$getown(0xffffffffffffff9c, 0x9) gettid() ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) getpgrp(r0) r1 = memfd_create(&(0x7f0000000080)='em1\x00', 0x2) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000200)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) sigaltstack(&(0x7f0000013000/0x1000)=nil, &(0x7f00000000c0)) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000258f88)) msgsnd(0x0, &(0x7f0000284ff8)={0x3}, 0x0, 0x0) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000240)={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000640)={'\x00', 0x0}) ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f0000000680)=r3) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000b40)={&(0x7f0000011000/0x4000)=nil, 0x4000}) io_setup(0x1000, &(0x7f0000000040)) io_submit(0x0, 0xe19000, &(0x7f0000000000)) ioctl$VHOST_RESET_OWNER(r1, 0xaf02, 0x0) 2018/04/06 11:41:24 executing program 1: r0 = socket(0x0, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) r1 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x52, r1, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000000200)={0x0, 0x49, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30445cc3106098c1375dee48494f9360a6dcee"}, &(0x7f00000000c0)=0x51) close(r1) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(r0, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$alg(0x26, 0x5, 0x0) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000640)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000140), &(0x7f0000000180)) close(r3) sendmmsg(0xffffffffffffffff, &(0x7f0000002280)=[{{&(0x7f00000006c0)=@pppoe={0x18, 0x0, {0x3, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, 'ip6tnl0\x00'}}, 0x80, &(0x7f0000000ec0)=[{&(0x7f0000000740)="964616d1dafb11d6d905ea33bd4eaea0dd04eb847bc0a1210ca9456143e31b8ce14caf4a0646bc639707d10aba3e652495977a7a6d3fc41ef6364c47c2266aa410a490f920f407161207ec5352e1ce6c3822d3a2ae063583609298790a58b73fccaac3665dd78ab4a15d4c12a996799f41dc79b9f3d57a627a7517cb0b51c0cecf43519f19db25073246fa0d8e29d209ee94372325d56aa5ae8d45", 0x9b}], 0x1, &(0x7f0000000f40)=[{0x30, 0x103, 0x918, "b9b0597d21d227c112b74fbadc29c742bca992f94f18f93f4a69"}], 0x30, 0x4045}, 0x610}], 0x1, 0x4001) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x13860b96, 0xa0000) fcntl$getownex(r2, 0x10, &(0x7f0000000680)) 2018/04/06 11:41:24 executing program 4 (fault-call:5 fault-nth:3): r0 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000200)={r1}, &(0x7f00000000c0)=0x8) close(r0) setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040), 0x4) perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$rdma_cm(0xffffffffffffffff, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080), 0x2}}, 0xfffffe84) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000002c0)={0x0, {{0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, [], 0x19}, 0x6c}}, {{0xa, 0x4e20, 0x0, @remote={0xfe, 0x80, [], 0xbb}}}}, 0x108) [ 401.832951] RAX: ffffffffffffffda RBX: 00007ff15ecff6d4 RCX: 00000000004552d9 [ 401.840198] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000020013000 [ 401.847450] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 401.854697] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 401.861942] R13: 0000000000000608 R14: 00000000006fc160 R15: 0000000000000000 [ 401.923985] FAULT_INJECTION: forcing a failure. [ 401.923985] name failslab, interval 1, probability 0, space 0, times 0 [ 401.935364] CPU: 0 PID: 25211 Comm: syz-executor4 Not tainted 4.16.0+ #3 [ 401.942222] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 401.951593] Call Trace: [ 401.954201] dump_stack+0x1b9/0x294 [ 401.957853] ? dump_stack_print_info.cold.2+0x52/0x52 [ 401.963051] ? __lock_acquire+0x7f5/0x5130 [ 401.967307] should_fail.cold.4+0xa/0x1a [ 401.971385] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 401.976505] ? debug_check_no_locks_freed+0x310/0x310 [ 401.981745] ? lock_acquire+0x1dc/0x520 [ 401.985733] ? graph_lock+0x170/0x170 [ 401.989551] ? find_held_lock+0x36/0x1c0 [ 401.993626] ? __lock_is_held+0xb5/0x140 [ 401.997711] ? check_same_owner+0x320/0x320 [ 402.002042] ? rcu_note_context_switch+0x710/0x710 [ 402.006982] ? graph_lock+0x170/0x170 [ 402.010797] should_failslab+0x124/0x180 [ 402.014870] __kmalloc+0x2c8/0x760 [ 402.018427] ? constrain_params_by_rules+0x141/0x1360 [ 402.023626] ? find_held_lock+0x36/0x1c0 [ 402.027705] constrain_params_by_rules+0x141/0x1360 [ 402.032736] ? lock_downgrade+0x8e0/0x8e0 [ 402.036907] ? snd_pcm_mmap_control_fault+0x3e0/0x3e0 [ 402.042109] ? rcu_is_watching+0x85/0x140 [ 402.046274] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 402.051477] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 402.056680] ? is_bpf_text_address+0xd7/0x170 [ 402.061186] ? kernel_text_address+0x79/0xf0 [ 402.065606] ? __unwind_start+0x166/0x330 [ 402.069765] ? graph_lock+0x170/0x170 2018/04/06 11:41:24 executing program 5: capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) msgget(0x2, 0x58) r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/backup_only\x00', 0x2, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000000040)={{0x81, 0x5}, 'port0\x00', 0x45, 0x4, 0x9a9, 0x10000, 0x4, 0x8, 0x7, 0x0, 0x7, 0x101}) [ 402.073579] ? unwind_get_return_address+0x61/0xa0 [ 402.078518] ? __save_stack_trace+0x7e/0xd0 [ 402.082859] ? __lock_is_held+0xb5/0x140 [ 402.086933] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 402.091954] ? snd_interval_refine+0x428/0x700 [ 402.096550] snd_pcm_hw_refine+0x8e9/0x1180 [ 402.100884] ? constrain_params_by_rules+0x1360/0x1360 [ 402.106167] ? graph_lock+0x170/0x170 [ 402.109962] ? __lock_is_held+0xb5/0x140 [ 402.114027] ? __lock_is_held+0xb5/0x140 [ 402.118080] ? snd_pcm_oss_change_params_locked+0x269/0x3ce0 [ 402.123865] ? rcu_read_lock_sched_held+0x108/0x120 [ 402.128866] ? _snd_pcm_hw_param_min+0x330/0x570 [ 402.133609] snd_pcm_oss_change_params_locked+0x901/0x3ce0 [ 402.139231] ? snd_pcm_hw_param_near.constprop.35+0xb10/0xb10 [ 402.145101] ? debug_check_no_locks_freed+0x310/0x310 [ 402.150278] ? debug_check_no_locks_freed+0x310/0x310 [ 402.155454] ? find_held_lock+0x36/0x1c0 [ 402.159501] ? graph_lock+0x170/0x170 [ 402.163290] ? perf_trace_lock_acquire+0xe3/0x980 [ 402.168116] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 402.173648] snd_pcm_oss_change_params+0x80/0xe0 [ 402.178387] snd_pcm_oss_make_ready+0xbe/0x170 [ 402.182957] snd_pcm_oss_sync.isra.29+0x27f/0x980 [ 402.187784] ? snd_pcm_oss_sync1+0x5a0/0x5a0 [ 402.192177] ? fsnotify_first_mark+0x330/0x330 [ 402.196744] snd_pcm_oss_release+0x214/0x290 [ 402.201137] ? snd_pcm_oss_sync.isra.29+0x980/0x980 [ 402.206136] __fput+0x34d/0x890 [ 402.209402] ? fput+0x1a0/0x1a0 [ 402.212668] ? _raw_spin_unlock_irq+0x27/0x70 [ 402.217149] ____fput+0x15/0x20 [ 402.220414] task_work_run+0x1e4/0x290 [ 402.224286] ? task_work_cancel+0x240/0x240 [ 402.228595] ? exit_to_usermode_loop+0x87/0x310 [ 402.233251] exit_to_usermode_loop+0x2bd/0x310 [ 402.237816] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 402.242649] do_syscall_64+0x792/0x9d0 [ 402.246521] ? vmalloc_sync_all+0x30/0x30 [ 402.250655] ? _raw_spin_unlock_irq+0x27/0x70 [ 402.255133] ? finish_task_switch+0x1ca/0x820 [ 402.259614] ? syscall_return_slowpath+0x5c0/0x5c0 [ 402.264527] ? syscall_return_slowpath+0x30f/0x5c0 [ 402.269442] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 402.274792] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 402.279622] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 402.284793] RIP: 0033:0x4552d9 [ 402.287964] RSP: 002b:00007ff8a6ac2c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000003 [ 402.295653] RAX: 0000000000000000 RBX: 00007ff8a6ac36d4 RCX: 00000000004552d9 [ 402.302905] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000013 [ 402.310156] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 402.317405] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014 2018/04/06 11:41:24 executing program 6: socket$inet_udp(0x2, 0x2, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000095bffc)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) sendto$inet(r1, &(0x7f0000762fff), 0xfdc7, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001, [0xf73000000000000]}, 0x10) 2018/04/06 11:41:24 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = accept$inet(0xffffffffffffff9c, &(0x7f0000000000)={0x0, 0x0, @remote}, &(0x7f0000000080)=0x10) getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, &(0x7f00000001c0)={0x0, 0xfa, "23d099f5acfa7b4b85b66f47d3b8bcbe6f55a32d3c2098443d5861ef13a857bf9340cd6d3f5dfe1d08419f70d7d4480a029cec4480f55bdea50bd5e02418526d0cb15ff512aacab395499748f951cfef665e5f7f759442177c0a9bf64394874bea58ec81736e758256d3129fce9e76d0cdebf3e92c402fb8d9db6423b5cf98083ee7f490c5a83dae9792b836aab32591e99a4eba79e272ce6ebe0cb490c208f9b94a99a1e14299ac4204698e58f4d2eb8f1541923a238b98e037bf401259dfbfc60136daabe20605a79a344df23923aea6dfd298c0280e956e9fd4cd8f5b23612b2fdddab1423bc0402a66b21424b7f68b7323e109901661a8fa"}, &(0x7f00000000c0)=0x102) getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r2, 0x84, 0x66, &(0x7f0000000100)={r3, 0x7}, &(0x7f0000000140)=0x8) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000040)={0x3b3, 0x4000000}) [ 402.324655] R13: 0000000000000052 R14: 00000000006f3850 R15: 0000000000000003 2018/04/06 11:41:24 executing program 1: r0 = socket(0x0, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) r1 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x52, r1, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000000200)={0x0, 0x49, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30445cc3106098c1375dee48494f9360a6dcee"}, &(0x7f00000000c0)=0x51) close(r1) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(r0, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$alg(0x26, 0x5, 0x0) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000640)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000140), &(0x7f0000000180)) close(r3) sendmmsg(0xffffffffffffffff, &(0x7f0000002280)=[{{&(0x7f00000006c0)=@pppoe={0x18, 0x0, {0x3, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, 'ip6tnl0\x00'}}, 0x80, &(0x7f0000000ec0)=[{&(0x7f0000000740)="964616d1dafb11d6d905ea33bd4eaea0dd04eb847bc0a1210ca9456143e31b8ce14caf4a0646bc639707d10aba3e652495977a7a6d3fc41ef6364c47c2266aa410a490f920f407161207ec5352e1ce6c3822d3a2ae063583609298790a58b73fccaac3665dd78ab4a15d4c12a996799f41dc79b9f3d57a627a7517cb0b51c0cecf43519f19db25073246fa0d8e29d209ee94372325d56aa5ae8d45", 0x9b}], 0x1, &(0x7f0000000f40)=[{0x30, 0x103, 0x918, "b9b0597d21d227c112b74fbadc29c742bca992f94f18f93f4a69"}], 0x30, 0x4045}, 0x610}], 0x1, 0x4001) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x13860b96, 0xa0000) fcntl$getownex(r2, 0x10, &(0x7f0000000680)) 2018/04/06 11:41:24 executing program 4 (fault-call:5 fault-nth:4): r0 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000200)={r1}, &(0x7f00000000c0)=0x8) close(r0) setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040), 0x4) perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$rdma_cm(0xffffffffffffffff, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080), 0x2}}, 0xfffffe84) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000002c0)={0x0, {{0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, [], 0x19}, 0x6c}}, {{0xa, 0x4e20, 0x0, @remote={0xfe, 0x80, [], 0xbb}}}}, 0x108) 2018/04/06 11:41:24 executing program 7: perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = accept4$ax25(0xffffffffffffffff, &(0x7f0000000100), &(0x7f0000000140)=0x10, 0x80800) r1 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000340)='/dev/qat_adf_ctl\x00', 0x84100, 0x0) setsockopt$IP_VS_SO_SET_ADD(r1, 0x0, 0x482, &(0x7f0000000380)={0x73, @rand_addr=0x100000000, 0x4e22, 0x3, 'nq\x00', 0xc, 0x2, 0x75}, 0x2c) ioctl$sock_SIOCOUTQ(r0, 0x5411, &(0x7f0000000180)) r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) sendto(r2, &(0x7f00000001c0)="228453b9dc8d5488c8262b4b6ca4e7f12c6d01a3b729956e1c799e2a924aba67a3a7007d206acf41fd053d578226a704949d425ff36015fa9d1a9160f8a1b48ab222a6b102f44bb98a806e751ca25f8b819d039bcc9ae0448c767bf6abce78389524a78e0354872f5435de7ff97c687054ad68fb99a338f64ec549777c357856e7e423b4430ae551b5a51bb5ee228a24175b4973d0a9e313d84f7acc935d513a69ba5c0f0de849836d724e809f42669b0491fbe1493f406866a0df68aa6ced3deb2441c0d91cb232ccea206a6f2c6efebdbf8444945bd4dab3a9f63368b25e999c7a9edc552fc568928169195aa99df38200a92f8726", 0xf6, 0x40000, &(0x7f00000002c0)=@vsock={0x28, 0x0, 0xffffffff, @my=0x0}, 0x80) getsockopt(r2, 0x400000000000003a, 0x20000000000001, &(0x7f0000000040)=""/188, &(0x7f0000000000)=0x4509630b) 2018/04/06 11:41:24 executing program 5: r0 = dup2(0xffffffffffffffff, 0xffffffffffffff9c) ioctl$sock_SIOCBRDELBR(r0, 0x89a1, &(0x7f0000000000)='tunl0\x00') capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) msgget(0x2, 0x58) fdatasync(r0) 2018/04/06 11:41:24 executing program 0: setsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(0xffffffffffffffff, 0x84, 0x7, &(0x7f0000000000)={0x2}, 0x4) r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={0x2, 0x18, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, [@sadb_x_kmaddress={0x8, 0x19, 0x0, @in6={0xa, 0x4e20, 0x0, @local={0xfe, 0x80, [], 0xaa}}, @in6={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}}, @sadb_lifetime={0x4, 0x6, 0xa0d, 0x2}]}, 0x70}, 0x1}, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f00001a7fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}], 0x1c) ioctl$DRM_IOCTL_IRQ_BUSID(0xffffffffffffffff, 0xc0106403, &(0x7f0000000040)={0x800, 0x7, 0x0, 0x2}) sendto$inet6(0xffffffffffffffff, &(0x7f0000aaff09)="b8", 0x1, 0x0, &(0x7f0000ab0000)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c) r1 = dup(0xffffffffffffffff) ioctl$DRM_IOCTL_MODE_GETCRTC(r1, 0xc06864a1, &(0x7f0000000100)={&(0x7f0000000080)=[0x1, 0x6f, 0x101], 0x3, 0x4, 0x5, 0x2, 0x0, 0x1000, {0x0, 0x3ff, 0x0, 0x1ff, 0x7f, 0x5, 0x1000, 0x1, 0x4, 0xc93, 0x0, 0x2, 0x3, 0x6, "1de9be386c3eec4731bf5a1ed78d3edaa781c895f93c58d4e70b6e87aba72cfa"}}) r2 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f00000000c0)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}) 2018/04/06 11:41:24 executing program 7: clone(0x0, &(0x7f0000000140), &(0x7f00002b7ffc), &(0x7f000029e000), &(0x7f0000000040)) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000440)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c81, 0x0) r1 = accept$unix(0xffffffffffffffff, &(0x7f0000000080)=@abs, &(0x7f0000000100)=0x6e) ioctl$sock_SIOCBRADDBR(r1, 0x89a0, &(0x7f0000000140)='ipddp0\x00') r2 = open(&(0x7f0000000500)='./file0\x00', 0x610000, 0x38) accept4(r1, &(0x7f00000020c0)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000002140)=0x80, 0x800) ioctl$LOOP_CTL_REMOVE(r0, 0x4c80, 0x0) r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000280)='io.stat\x00', 0x0, 0x0) getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r4, 0x84, 0x22, &(0x7f00000003c0)={0x7f}, &(0x7f0000000400)=0x10) setsockopt$packet_drop_memb(r2, 0x107, 0x2, &(0x7f0000000180)={r3, 0x1, 0x6}, 0x10) mknodat(0xffffffffffffffff, &(0x7f0000000540)='./file0\x00', 0x8000, 0x200) getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(r4, 0x84, 0x1a, &(0x7f0000000340)=ANY=[@ANYBLOB="1e5e277a7163c80413f05b0a43a8056d2c9bd4e11eb82d545f8e3cb82a5bb7a269d0fc4781d1d18a9dece589938b670146477105d6e0718a13dd96ff3ffafef4ab0002865a65fb8eceb907cc824581"], &(0x7f00000015c0)=0x1) getsockopt$inet6_IPV6_IPSEC_POLICY(r2, 0x29, 0x22, &(0x7f0000000580)={{{@in=@dev, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{}, 0x0, @in=@rand_addr}}, &(0x7f0000000480)=0xe8) r6 = request_key(&(0x7f00000004c0)='rxrpc_s\x00', &(0x7f0000000680)={0x73, 0x79, 0x7a, 0x0}, &(0x7f00000006c0)=')\x00', 0xffffffffffffffff) keyctl$get_persistent(0x16, r5, r6) getsockopt$inet_mreqn(r4, 0x0, 0x0, &(0x7f00000002c0)={@rand_addr, @remote}, &(0x7f0000000300)=0xc) r7 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) getsockname(r7, &(0x7f00000001c0)=@nl=@proc, &(0x7f0000000240)=0x80) ioctl$EVIOCRMFF(r7, 0x40044581, &(0x7f0000000040)) clone(0x0, &(0x7f0000000080)="595781df5b683c4966614fc86952405ba9abf6698173a95d3e95733728c6", &(0x7f0000000100), &(0x7f0000000000), &(0x7f0000000040)) 2018/04/06 11:41:25 executing program 1: r0 = socket(0x0, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) r1 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x52, r1, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000000200)={0x0, 0x4b, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30445cc3106098c1375dee48494f9360a6dceec851"}, &(0x7f00000000c0)=0x53) close(r1) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(r0, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$alg(0x26, 0x5, 0x0) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000640)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000140), &(0x7f0000000180)) close(r3) sendmmsg(0xffffffffffffffff, &(0x7f0000002280)=[{{&(0x7f00000006c0)=@pppoe={0x18, 0x0, {0x3, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, 'ip6tnl0\x00'}}, 0x80, &(0x7f0000000ec0)=[{&(0x7f0000000740)="964616d1dafb11d6d905ea33bd4eaea0dd04eb847bc0a1210ca9456143e31b8ce14caf4a0646bc639707d10aba3e652495977a7a6d3fc41ef6364c47c2266aa410a490f920f407161207ec5352e1ce6c3822d3a2ae063583609298790a58b73fccaac3665dd78ab4a15d4c12a996799f41dc79b9f3d57a627a7517cb0b51c0cecf43519f19db25073246fa0d8e29d209ee94372325d56aa5ae8d45", 0x9b}], 0x1, &(0x7f0000000f40)=[{0x30, 0x103, 0x918, "b9b0597d21d227c112b74fbadc29c742bca992f94f18f93f4a69"}], 0x30, 0x4045}, 0x610}], 0x1, 0x4001) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x13860b96, 0xa0000) fcntl$getownex(r2, 0x10, &(0x7f0000000680)) 2018/04/06 11:41:25 executing program 6: socket$inet_udp(0x2, 0x2, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000095bffc)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) sendto$inet(r1, &(0x7f0000762fff), 0xfdc7, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001, [0x4fa1000000000000]}, 0x10) [ 402.620685] FAULT_INJECTION: forcing a failure. [ 402.620685] name failslab, interval 1, probability 0, space 0, times 0 [ 402.631988] CPU: 0 PID: 25262 Comm: syz-executor4 Not tainted 4.16.0+ #3 [ 402.638836] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 402.648195] Call Trace: [ 402.650795] dump_stack+0x1b9/0x294 [ 402.654435] ? dump_stack_print_info.cold.2+0x52/0x52 [ 402.659632] ? __save_stack_trace+0x7e/0xd0 [ 402.663966] should_fail.cold.4+0xa/0x1a [ 402.668031] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 402.673144] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 402.678170] ? snd_interval_refine+0x428/0x700 [ 402.682763] ? graph_lock+0x170/0x170 [ 402.686574] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 402.692119] ? snd_pcm_hw_refine+0x362/0x1180 [ 402.696627] ? find_held_lock+0x36/0x1c0 [ 402.700698] ? __lock_is_held+0xb5/0x140 [ 402.704779] ? check_same_owner+0x320/0x320 [ 402.709113] ? rcu_note_context_switch+0x710/0x710 [ 402.714056] should_failslab+0x124/0x180 [ 402.718131] kmem_cache_alloc_trace+0x2cb/0x780 [ 402.722812] ? _snd_pcm_hw_param_min+0x330/0x570 [ 402.727579] snd_pcm_oss_change_params_locked+0x99b/0x3ce0 [ 402.733213] ? snd_pcm_hw_param_near.constprop.35+0xb10/0xb10 [ 402.739086] ? debug_check_no_locks_freed+0x310/0x310 [ 402.744263] ? debug_check_no_locks_freed+0x310/0x310 [ 402.749444] ? check_same_owner+0x320/0x320 [ 402.753762] ? find_held_lock+0x36/0x1c0 [ 402.757827] ? graph_lock+0x170/0x170 [ 402.761631] ? lock_downgrade+0x8e0/0x8e0 [ 402.765773] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 402.771299] ? do_lock_file_wait.part.32+0x240/0x240 [ 402.776402] snd_pcm_oss_change_params+0x80/0xe0 [ 402.781142] snd_pcm_oss_make_ready+0xbe/0x170 [ 402.785707] snd_pcm_oss_sync.isra.29+0x27f/0x980 [ 402.790532] ? snd_pcm_oss_sync1+0x5a0/0x5a0 [ 402.794922] ? fsnotify_first_mark+0x330/0x330 [ 402.799496] snd_pcm_oss_release+0x214/0x290 [ 402.803904] ? snd_pcm_oss_sync.isra.29+0x980/0x980 [ 402.808915] __fput+0x34d/0x890 [ 402.812180] ? fput+0x1a0/0x1a0 [ 402.815443] ? _raw_spin_unlock_irq+0x27/0x70 [ 402.819922] ____fput+0x15/0x20 [ 402.823198] task_work_run+0x1e4/0x290 [ 402.827066] ? task_work_cancel+0x240/0x240 [ 402.831379] ? exit_to_usermode_loop+0x87/0x310 [ 402.836048] exit_to_usermode_loop+0x2bd/0x310 [ 402.840626] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 402.845454] do_syscall_64+0x792/0x9d0 [ 402.846760] FAULT_FLAG_ALLOW_RETRY missing 30 [ 402.849331] ? vmalloc_sync_all+0x30/0x30 [ 402.849348] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 402.849365] ? syscall_return_slowpath+0x5c0/0x5c0 [ 402.849382] ? syscall_return_slowpath+0x30f/0x5c0 [ 402.849402] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 402.849420] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 402.882841] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 402.888023] RIP: 0033:0x4552d9 [ 402.891200] RSP: 002b:00007ff8a6ac2c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000003 [ 402.898898] RAX: 0000000000000000 RBX: 00007ff8a6ac36d4 RCX: 00000000004552d9 [ 402.906154] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000013 [ 402.913414] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 402.920673] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014 [ 402.927931] R13: 0000000000000052 R14: 00000000006f3850 R15: 0000000000000004 [ 402.935210] CPU: 1 PID: 25215 Comm: syz-executor3 Not tainted 4.16.0+ #3 [ 402.942056] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 402.951407] Call Trace: [ 402.954014] dump_stack+0x1b9/0x294 [ 402.957661] ? dump_stack_print_info.cold.2+0x52/0x52 [ 402.962861] ? kasan_check_write+0x14/0x20 [ 402.967102] ? do_raw_spin_lock+0xc1/0x200 [ 402.971347] handle_userfault.cold.32+0x44/0x57 [ 402.976023] ? handle_userfault+0x16c6/0x2760 [ 402.980531] ? userfaultfd_ioctl+0x4d10/0x4d10 [ 402.985122] ? debug_check_no_locks_freed+0x310/0x310 [ 402.990328] ? find_held_lock+0x36/0x1c0 [ 402.994395] ? print_usage_bug+0xc0/0xc0 [ 402.998457] ? print_usage_bug+0xc0/0xc0 [ 403.002529] ? perf_trace_lock_acquire+0xe3/0x980 [ 403.007383] ? __lock_acquire+0x7f5/0x5130 [ 403.011614] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 403.017132] ? graph_lock+0x170/0x170 [ 403.020917] ? debug_check_no_locks_freed+0x310/0x310 [ 403.026090] ? find_held_lock+0x36/0x1c0 [ 403.030137] ? lock_downgrade+0x8e0/0x8e0 [ 403.034269] ? kasan_check_read+0x11/0x20 [ 403.038406] ? do_raw_spin_unlock+0x9e/0x2e0 [ 403.042818] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 403.047393] ? kasan_check_write+0x14/0x20 [ 403.051620] ? do_raw_spin_lock+0xc1/0x200 [ 403.055851] __handle_mm_fault+0x34be/0x4150 [ 403.060243] ? vm_insert_mixed_mkwrite+0x40/0x40 [ 403.064978] ? graph_lock+0x170/0x170 [ 403.068761] ? find_held_lock+0x36/0x1c0 [ 403.072805] ? lock_downgrade+0x8e0/0x8e0 [ 403.076938] ? handle_mm_fault+0x8c0/0xc70 [ 403.081154] handle_mm_fault+0x53a/0xc70 [ 403.085201] ? __handle_mm_fault+0x4150/0x4150 [ 403.089775] ? find_vma+0x34/0x190 [ 403.093299] __do_page_fault+0x60b/0xe40 [ 403.097354] ? mm_fault_error+0x380/0x380 [ 403.101499] ? graph_lock+0x170/0x170 [ 403.105290] do_page_fault+0xee/0x8a7 [ 403.109076] ? vmalloc_sync_all+0x30/0x30 [ 403.113211] ? find_held_lock+0x36/0x1c0 [ 403.117271] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 403.122110] page_fault+0x25/0x50 [ 403.125552] RIP: 0010:copy_user_generic_unrolled+0x86/0xc0 [ 403.131150] RSP: 0018:ffff8801b90f7ce8 EFLAGS: 00010206 [ 403.136497] RAX: ffffed003721efae RBX: 0000000000000018 RCX: 0000000000000003 [ 403.143763] RDX: 0000000000000000 RSI: 0000000020013000 RDI: ffff8801b90f7d58 [ 403.151030] RBP: ffff8801b90f7d20 R08: ffffed003721efae R09: ffffed003721efab [ 403.158291] R10: ffffed003721efad R11: ffff8801b90f7d6f R12: 0000000020013018 [ 403.165541] R13: 0000000020013000 R14: ffff8801b90f7d58 R15: 00007ffffffff000 [ 403.172807] ? _copy_from_user+0x10d/0x150 [ 403.177036] SyS_sigaltstack+0xae/0x320 [ 403.181009] ? do_sigaction+0xa50/0xa50 [ 403.184976] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 403.190493] ? fput+0x130/0x1a0 [ 403.193754] ? ksys_ioctl+0x81/0xd0 [ 403.197365] ? do_syscall_64+0xb7/0x9d0 [ 403.201324] ? do_sigaction+0xa50/0xa50 [ 403.205281] do_syscall_64+0x29e/0x9d0 [ 403.209153] ? vmalloc_sync_all+0x30/0x30 [ 403.213294] ? _raw_spin_unlock_irq+0x27/0x70 [ 403.217780] ? finish_task_switch+0x1ca/0x820 [ 403.222259] ? syscall_return_slowpath+0x5c0/0x5c0 [ 403.227172] ? syscall_return_slowpath+0x30f/0x5c0 [ 403.232085] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 403.237443] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 403.242280] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 403.247457] RIP: 0033:0x4552d9 [ 403.250630] RSP: 002b:00007ff15ecfec68 EFLAGS: 00000246 ORIG_RAX: 0000000000000083 [ 403.258334] RAX: ffffffffffffffda RBX: 00007ff15ecff6d4 RCX: 00000000004552d9 [ 403.265591] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000020013000 [ 403.272850] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 403.280102] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 403.287349] R13: 0000000000000608 R14: 00000000006fc160 R15: 0000000000000000 [ 403.435589] FAULT_FLAG_ALLOW_RETRY missing 30 [ 403.440214] CPU: 0 PID: 25276 Comm: syz-executor3 Not tainted 4.16.0+ #3 [ 403.447047] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 403.456381] Call Trace: [ 403.458957] dump_stack+0x1b9/0x294 [ 403.462572] ? dump_stack_print_info.cold.2+0x52/0x52 [ 403.467754] ? kasan_check_write+0x14/0x20 [ 403.471974] ? do_raw_spin_lock+0xc1/0x200 [ 403.476192] handle_userfault.cold.32+0x44/0x57 [ 403.480845] ? handle_userfault+0x16c6/0x2760 [ 403.485326] ? userfaultfd_ioctl+0x4d10/0x4d10 [ 403.489900] ? debug_check_no_locks_freed+0x310/0x310 [ 403.495083] ? find_held_lock+0x36/0x1c0 [ 403.499142] ? print_usage_bug+0xc0/0xc0 [ 403.503183] ? print_usage_bug+0xc0/0xc0 [ 403.507229] ? kasan_check_read+0x11/0x20 [ 403.511357] ? check_same_owner+0x320/0x320 [ 403.515657] ? do_raw_spin_unlock+0x9e/0x2e0 [ 403.520053] ? __lock_acquire+0x7f5/0x5130 [ 403.524273] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 403.529789] ? graph_lock+0x170/0x170 [ 403.533572] ? debug_check_no_locks_freed+0x310/0x310 [ 403.538744] ? find_held_lock+0x36/0x1c0 [ 403.542797] ? lock_downgrade+0x8e0/0x8e0 [ 403.546928] ? kasan_check_read+0x11/0x20 [ 403.551054] ? do_raw_spin_unlock+0x9e/0x2e0 [ 403.555440] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 403.560010] ? kasan_check_write+0x14/0x20 [ 403.564238] ? do_raw_spin_lock+0xc1/0x200 [ 403.568457] __handle_mm_fault+0x34be/0x4150 [ 403.572845] ? vm_insert_mixed_mkwrite+0x40/0x40 [ 403.577579] ? graph_lock+0x170/0x170 [ 403.581362] ? graph_lock+0x170/0x170 [ 403.585142] ? find_held_lock+0x36/0x1c0 [ 403.589185] ? lock_downgrade+0x8e0/0x8e0 [ 403.593328] ? handle_mm_fault+0x8c0/0xc70 [ 403.597545] handle_mm_fault+0x53a/0xc70 [ 403.601586] ? __handle_mm_fault+0x4150/0x4150 [ 403.606150] ? find_vma+0x34/0x190 [ 403.609673] __do_page_fault+0x60b/0xe40 [ 403.613715] ? mm_fault_error+0x380/0x380 [ 403.617841] ? graph_lock+0x170/0x170 [ 403.621623] do_page_fault+0xee/0x8a7 [ 403.625408] ? vmalloc_sync_all+0x30/0x30 [ 403.629539] ? __fget+0x40c/0x650 [ 403.632973] ? find_held_lock+0x36/0x1c0 [ 403.637031] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 403.641870] page_fault+0x25/0x50 [ 403.645305] RIP: 0010:copy_user_generic_unrolled+0x86/0xc0 [ 403.650901] RSP: 0018:ffff88018cc6fce8 EFLAGS: 00010206 [ 403.656242] RAX: ffffed003198dfae RBX: 0000000000000018 RCX: 0000000000000003 [ 403.663489] RDX: 0000000000000000 RSI: 0000000020013000 RDI: ffff88018cc6fd58 [ 403.670751] RBP: ffff88018cc6fd20 R08: ffffed003198dfae R09: ffffed003198dfab [ 403.678003] R10: ffffed003198dfad R11: ffff88018cc6fd6f R12: 0000000020013018 [ 403.685524] R13: 0000000020013000 R14: ffff88018cc6fd58 R15: 00007ffffffff000 [ 403.692787] ? _copy_from_user+0x10d/0x150 [ 403.697007] SyS_sigaltstack+0xae/0x320 [ 403.700968] ? do_sigaction+0xa50/0xa50 [ 403.704922] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 403.710437] ? fput+0x130/0x1a0 [ 403.713699] ? ksys_ioctl+0x81/0xd0 [ 403.717309] ? do_syscall_64+0xb7/0x9d0 [ 403.721265] ? do_sigaction+0xa50/0xa50 [ 403.725218] do_syscall_64+0x29e/0x9d0 [ 403.729089] ? _raw_spin_unlock_irq+0x27/0x70 [ 403.733566] ? finish_task_switch+0x1ca/0x820 [ 403.738043] ? syscall_return_slowpath+0x5c0/0x5c0 [ 403.742951] ? syscall_return_slowpath+0x30f/0x5c0 [ 403.747868] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 403.753219] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 403.758045] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 403.763222] RIP: 0033:0x4552d9 [ 403.766389] RSP: 002b:00007ff15ecbcc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000083 [ 403.774080] RAX: ffffffffffffffda RBX: 00007ff15ecbd6d4 RCX: 00000000004552d9 2018/04/06 11:41:26 executing program 2: open(&(0x7f0000000000)='./bus\x00', 0x100000141842, 0x0) syz_mount_image$ntfs(&(0x7f0000000440)='ntfs\x00', &(0x7f0000000480)='./bus\x00', 0x0, 0x0, &(0x7f00000006c0), 0x1000, &(0x7f0000000740)=ANY=[]) r0 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) syz_mount_image$hfs(&(0x7f0000001780)='hfs\x00', &(0x7f0000000100)='./bus\x00', 0x0, 0xccf, &(0x7f0000001a40)=[{&(0x7f0000001c00)="c3109cfc6f65b837063b7bbc3d4a7d202d2b9984a215c7b7bd25480c1babe9aadb78e3c53ec529cb288497a5ff7386ab50bc1a8c89", 0x0, 0x401}, {&(0x7f0000001800)="2ddea5d98171285eddea030c82c3ebbbe9ef0086979c4d89f51697a723698cc79f113fca18d8ec8bb4942cb405ffaeeeafc6b09a0aa44324f534c9b7f57352f0c6be30573567dee6adbbdffa5bc32a5b00201e68181092887cf576f0703f060812cd5047561a4c92d2fe195c21c60625c482c212ec431a19596ad1012108999bc75ae3480f0e76a36376ac63a8", 0x0, 0x5}, {&(0x7f00000018c0)="c5530d8833354b18ef6baebf606c24f24d221ae3c07931be7198141ec53fd728927e5f00e021449a33baca2a22cf99667bb62ad1c43215e3f08aaced4246a353f263c0b7595b47c7a50af4436c372f265f8434d31934351c965767c877bce2ca431539e8a01395cb17c6c5e7c94ccf3bafb07d8b5e8c8a7c931e0d769db9d35a00cb5aa0044e6a6a561fd1afe1", 0x0, 0x5}, {&(0x7f0000001ac0)="a6c3452050343eb065584cf53ea65ae330a5f6fabf78091e23a81fecb3775e4b4b863ad23c978b4d06569e6a36869f4d6ab49a561ec1407526f64751bf75483fb2755e3dd399f154e42b71bf2ba4b06f84d08c82013cccce8d83cc8522875560acd751f4f33688881c070e6ef463499ee9e91f792ae72561196b6ba9dc495e6762dbb6f5c913a4aeab57f7ff1fec996193598848aca0c65638fffb8af2141e66a90fe4ae167772c4c599843c560c877e454fdb686a3b7df3bc64de67f0ab300a68bb0beb5a6e2c52ef9e161399bf3a9939b04d804247cd6b3c9682eaf9ba0fdf8721b778b0f8e7905b17a1210b17ce35b1fb4f78497d438165b2019a31462ffaad8347218795323dd876bfaa1f6f7eec0187f0b9e41c54ba73230f635b3f4c2fd658e725afc3135bbb160347c72457a5da34344443b7f7c8ab479f9e63", 0x0, 0x7}], 0x10000, &(0x7f0000000780)=ANY=[]) ioctl$LOOP_SET_CAPACITY(r0, 0x4c07) write$cgroup_pid(r0, &(0x7f0000000180), 0x1d2) 2018/04/06 11:41:26 executing program 5: r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio\x00', 0x8000, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000140)=[@in={0x2, 0x4e20, @multicast1=0xe0000001}, @in={0x2, 0x4e20}, @in={0x2, 0x4e23, @loopback=0x7f000001}, @in={0x2, 0x4e22, @local={0xac, 0x14, 0x14, 0xaa}}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x19}}, @in6={0xa, 0x4e23, 0x1, @ipv4={[], [0xff, 0xff], @rand_addr=0x6}, 0x9}, @in6={0xa, 0x4e21, 0x6, @mcast2={0xff, 0x2, [], 0x1}, 0x4}, @in6={0xa, 0x4e23, 0xc82e, @mcast2={0xff, 0x2, [], 0x1}, 0x10000}], 0xa4) getpid() fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000000)={0x0, 0x0}) capset(&(0x7f0000000100)={0x39980732, r1}, &(0x7f0000292000)={0x1000000, 0x0, 0xfffffffffffffffc, 0x0, 0x40, 0x7f}) msgget(0x2, 0x58) 2018/04/06 11:41:26 executing program 4 (fault-call:5 fault-nth:5): r0 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000200)={r1}, &(0x7f00000000c0)=0x8) close(r0) setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040), 0x4) perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$rdma_cm(0xffffffffffffffff, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080), 0x2}}, 0xfffffe84) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000002c0)={0x0, {{0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, [], 0x19}, 0x6c}}, {{0xa, 0x4e20, 0x0, @remote={0xfe, 0x80, [], 0xbb}}}}, 0x108) 2018/04/06 11:41:26 executing program 6: socket$inet_udp(0x2, 0x2, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000095bffc)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) sendto$inet(r1, &(0x7f0000762fff), 0xfdc7, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001, [0x9f7e0000]}, 0x10) 2018/04/06 11:41:26 executing program 1: r0 = socket(0x0, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) r1 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x52, r1, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000000200)={0x0, 0x4b, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30445cc3106098c1375dee48494f9360a6dceec851"}, &(0x7f00000000c0)=0x53) close(r1) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(r0, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$alg(0x26, 0x5, 0x0) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000640)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000140), &(0x7f0000000180)) close(r3) sendmmsg(0xffffffffffffffff, &(0x7f0000002280)=[{{&(0x7f00000006c0)=@pppoe={0x18, 0x0, {0x3, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, 'ip6tnl0\x00'}}, 0x80, &(0x7f0000000ec0)=[{&(0x7f0000000740)="964616d1dafb11d6d905ea33bd4eaea0dd04eb847bc0a1210ca9456143e31b8ce14caf4a0646bc639707d10aba3e652495977a7a6d3fc41ef6364c47c2266aa410a490f920f407161207ec5352e1ce6c3822d3a2ae063583609298790a58b73fccaac3665dd78ab4a15d4c12a996799f41dc79b9f3d57a627a7517cb0b51c0cecf43519f19db25073246fa0d8e29d209ee94372325d56aa5ae8d45", 0x9b}], 0x1, &(0x7f0000000f40)=[{0x30, 0x103, 0x918, "b9b0597d21d227c112b74fbadc29c742bca992f94f18f93f4a69"}], 0x30, 0x4045}, 0x610}], 0x1, 0x4001) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x13860b96, 0xa0000) fcntl$getownex(r2, 0x10, &(0x7f0000000680)) 2018/04/06 11:41:26 executing program 0: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x0, 0x0) setsockopt$IP_VS_SO_SET_STARTDAEMON(r0, 0x0, 0x48b, &(0x7f00000000c0)={0x0, "697064600500", 0x3}, 0x18) mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x0, 0x18071, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000080)='task\x00') getdents64(r1, &(0x7f0000ceffd4)=""/44, 0xc4) 2018/04/06 11:41:26 executing program 3: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) fcntl$getownex(0xffffffffffffff9c, 0x10, &(0x7f0000000100)) getpid() fcntl$getown(0xffffffffffffff9c, 0x9) gettid() ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) getpgrp(r0) r1 = memfd_create(&(0x7f0000000080)='em1\x00', 0x2) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000200)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) sigaltstack(&(0x7f0000013000/0x1000)=nil, &(0x7f00000000c0)) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000258f88)) msgsnd(0x0, &(0x7f0000284ff8)={0x3}, 0x0, 0x0) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000240)={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000640)={'\x00', 0x0}) ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f0000000680)=r3) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000b40)={&(0x7f0000011000/0x4000)=nil, 0x4000}) io_setup(0x1000, &(0x7f0000000040)) io_submit(0x0, 0x9300, &(0x7f0000000000)) ioctl$VHOST_RESET_OWNER(r1, 0xaf02, 0x0) 2018/04/06 11:41:26 executing program 7: clone(0x0, &(0x7f0000000140), &(0x7f00002b7ffc), &(0x7f000029e000), &(0x7f0000000040)) r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000440)='/dev/loop-control\x00', 0x0, 0x0) ioctl$LOOP_CTL_ADD(r0, 0x4c81, 0x0) r1 = accept$unix(0xffffffffffffffff, &(0x7f0000000080)=@abs, &(0x7f0000000100)=0x6e) ioctl$sock_SIOCBRADDBR(r1, 0x89a0, &(0x7f0000000140)='ipddp0\x00') r2 = open(&(0x7f0000000500)='./file0\x00', 0x610000, 0x38) accept4(r1, &(0x7f00000020c0)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000002140)=0x80, 0x800) ioctl$LOOP_CTL_REMOVE(r0, 0x4c80, 0x0) r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000280)='io.stat\x00', 0x0, 0x0) getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r4, 0x84, 0x22, &(0x7f00000003c0)={0x7f}, &(0x7f0000000400)=0x10) setsockopt$packet_drop_memb(r2, 0x107, 0x2, &(0x7f0000000180)={r3, 0x1, 0x6}, 0x10) mknodat(0xffffffffffffffff, &(0x7f0000000540)='./file0\x00', 0x8000, 0x200) getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(r4, 0x84, 0x1a, &(0x7f0000000340)=ANY=[@ANYBLOB="1e5e277a7163c80413f05b0a43a8056d2c9bd4e11eb82d545f8e3cb82a5bb7a269d0fc4781d1d18a9dece589938b670146477105d6e0718a13dd96ff3ffafef4ab0002865a65fb8eceb907cc824581"], &(0x7f00000015c0)=0x1) getsockopt$inet6_IPV6_IPSEC_POLICY(r2, 0x29, 0x22, &(0x7f0000000580)={{{@in=@dev, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{}, 0x0, @in=@rand_addr}}, &(0x7f0000000480)=0xe8) r6 = request_key(&(0x7f00000004c0)='rxrpc_s\x00', &(0x7f0000000680)={0x73, 0x79, 0x7a, 0x0}, &(0x7f00000006c0)=')\x00', 0xffffffffffffffff) keyctl$get_persistent(0x16, r5, r6) getsockopt$inet_mreqn(r4, 0x0, 0x0, &(0x7f00000002c0)={@rand_addr, @remote}, &(0x7f0000000300)=0xc) r7 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) getsockname(r7, &(0x7f00000001c0)=@nl=@proc, &(0x7f0000000240)=0x80) ioctl$EVIOCRMFF(r7, 0x40044581, &(0x7f0000000040)) clone(0x0, &(0x7f0000000080)="595781df5b683c4966614fc86952405ba9abf6698173a95d3e95733728c6", &(0x7f0000000100), &(0x7f0000000000), &(0x7f0000000040)) [ 403.781341] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000020013000 [ 403.788591] RBP: 000000000072c010 R08: 0000000000000000 R09: 0000000000000000 [ 403.795844] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 403.803098] R13: 0000000000000608 R14: 00000000006fc160 R15: 0000000000000002 [ 403.877390] FAULT_INJECTION: forcing a failure. [ 403.877390] name failslab, interval 1, probability 0, space 0, times 0 [ 403.888713] CPU: 1 PID: 25302 Comm: syz-executor4 Not tainted 4.16.0+ #3 [ 403.895560] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 403.904923] Call Trace: [ 403.907529] dump_stack+0x1b9/0x294 [ 403.911166] ? dump_stack_print_info.cold.2+0x52/0x52 [ 403.916363] ? __lock_acquire+0x7f5/0x5130 [ 403.920615] should_fail.cold.4+0xa/0x1a [ 403.924687] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 403.929801] ? debug_check_no_locks_freed+0x310/0x310 [ 403.934998] ? graph_lock+0x170/0x170 [ 403.938809] ? save_stack+0x43/0xd0 [ 403.942436] ? __kasan_slab_free+0x11a/0x170 [ 403.946849] ? kasan_slab_free+0xe/0x10 [ 403.950836] ? find_held_lock+0x36/0x1c0 [ 403.954904] ? __lock_is_held+0xb5/0x140 [ 403.958970] ? check_same_owner+0x320/0x320 [ 403.963282] ? debug_check_no_obj_freed+0x2ff/0x584 [ 403.968287] ? rcu_note_context_switch+0x710/0x710 [ 403.973202] ? graph_lock+0x170/0x170 [ 403.976992] should_failslab+0x124/0x180 [ 403.981048] __kmalloc+0x2c8/0x760 [ 403.984581] ? constrain_params_by_rules+0x141/0x1360 [ 403.989753] ? find_held_lock+0x36/0x1c0 [ 403.993799] constrain_params_by_rules+0x141/0x1360 [ 403.998798] ? lock_downgrade+0x8e0/0x8e0 [ 404.002931] ? snd_pcm_mmap_control_fault+0x3e0/0x3e0 [ 404.008105] ? rcu_is_watching+0x85/0x140 [ 404.012240] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 404.017411] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 404.022594] ? is_bpf_text_address+0xd7/0x170 [ 404.027074] ? kernel_text_address+0x79/0xf0 [ 404.031470] ? __unwind_start+0x166/0x330 [ 404.035603] ? __kernel_text_address+0xd/0x40 [ 404.040083] ? unwind_get_return_address+0x61/0xa0 [ 404.044995] ? __save_stack_trace+0x7e/0xd0 [ 404.049311] ? save_stack+0xa9/0xd0 [ 404.052920] ? save_stack+0x43/0xd0 [ 404.056533] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 404.062056] ? snd_interval_refine+0x428/0x700 [ 404.066621] snd_pcm_hw_refine+0x8e9/0x1180 [ 404.070930] ? constrain_params_by_rules+0x1360/0x1360 [ 404.076191] ? graph_lock+0x170/0x170 [ 404.079972] ? __lock_is_held+0xb5/0x140 [ 404.084030] ? __lock_is_held+0xb5/0x140 [ 404.088077] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 404.093598] ? snd_interval_refine+0x428/0x700 [ 404.098166] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 404.103689] ? _snd_pcm_hw_param_set.constprop.34+0x259/0x610 [ 404.109559] ? rcu_read_lock_sched_held+0x108/0x120 [ 404.114559] ? snd_pcm_hw_param_max+0x730/0x730 [ 404.119213] ? _snd_pcm_hw_param_min+0x330/0x570 [ 404.123954] snd_pcm_oss_change_params_locked+0x2883/0x3ce0 [ 404.129655] ? snd_pcm_hw_param_near.constprop.35+0xb10/0xb10 [ 404.135525] ? debug_check_no_locks_freed+0x310/0x310 [ 404.140695] ? debug_check_no_locks_freed+0x310/0x310 [ 404.145867] ? check_same_owner+0x320/0x320 [ 404.150176] ? find_held_lock+0x36/0x1c0 [ 404.154222] ? graph_lock+0x170/0x170 [ 404.158010] ? lock_downgrade+0x8e0/0x8e0 [ 404.162143] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 404.167667] ? do_lock_file_wait.part.32+0x240/0x240 [ 404.172756] snd_pcm_oss_change_params+0x80/0xe0 [ 404.177494] snd_pcm_oss_make_ready+0xbe/0x170 [ 404.182059] snd_pcm_oss_sync.isra.29+0x27f/0x980 [ 404.186887] ? snd_pcm_oss_sync1+0x5a0/0x5a0 [ 404.191280] ? fsnotify_first_mark+0x330/0x330 [ 404.195848] snd_pcm_oss_release+0x214/0x290 [ 404.200241] ? snd_pcm_oss_sync.isra.29+0x980/0x980 [ 404.205242] __fput+0x34d/0x890 [ 404.208508] ? fput+0x1a0/0x1a0 [ 404.211777] ? _raw_spin_unlock_irq+0x27/0x70 [ 404.216260] ____fput+0x15/0x20 [ 404.219524] task_work_run+0x1e4/0x290 [ 404.223394] ? task_work_cancel+0x240/0x240 [ 404.227702] ? exit_to_usermode_loop+0x87/0x310 [ 404.232356] exit_to_usermode_loop+0x2bd/0x310 [ 404.236921] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 404.241750] do_syscall_64+0x792/0x9d0 [ 404.245622] ? vmalloc_sync_all+0x30/0x30 [ 404.249753] ? _raw_spin_unlock_irq+0x27/0x70 [ 404.254230] ? finish_task_switch+0x1ca/0x820 [ 404.258707] ? syscall_return_slowpath+0x5c0/0x5c0 [ 404.263619] ? syscall_return_slowpath+0x30f/0x5c0 [ 404.268532] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 404.273880] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 404.278710] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 404.283879] RIP: 0033:0x4552d9 [ 404.287051] RSP: 002b:00007ff8a6ac2c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000003 [ 404.294744] RAX: 0000000000000000 RBX: 00007ff8a6ac36d4 RCX: 00000000004552d9 [ 404.301998] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000013 [ 404.309252] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 404.316502] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014 2018/04/06 11:41:26 executing program 6: socket$inet_udp(0x2, 0x2, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000095bffc)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) sendto$inet(r1, &(0x7f0000762fff), 0xfdc7, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001, [0xff0a]}, 0x10) 2018/04/06 11:41:26 executing program 5: capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) msgget(0x3, 0x58) [ 404.323751] R13: 0000000000000052 R14: 00000000006f3850 R15: 0000000000000005 2018/04/06 11:41:26 executing program 2: open(&(0x7f0000000000)='./bus\x00', 0x100000141842, 0x0) syz_mount_image$ntfs(&(0x7f0000000440)='ntfs\x00', &(0x7f0000000480)='./bus\x00', 0x0, 0x0, &(0x7f00000006c0), 0x1000, &(0x7f0000000740)=ANY=[]) r0 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) syz_mount_image$hfs(&(0x7f0000001780)='hfs\x00', &(0x7f0000000100)='./bus\x00', 0x0, 0xccf, &(0x7f0000001a40)=[{&(0x7f0000001c00)="c3109cfc6f65b837063b7bbc3d4a7d202d2b9984a215c7b7bd25480c1babe9aadb78e3c53ec529cb288497a5ff7386ab50bc1a8c89", 0x0, 0x401}, {&(0x7f0000001800)="2ddea5d98171285eddea030c82c3ebbbe9ef0086979c4d89f51697a723698cc79f113fca18d8ec8bb4942cb405ffaeeeafc6b09a0aa44324f534c9b7f57352f0c6be30573567dee6adbbdffa5bc32a5b00201e68181092887cf576f0703f060812cd5047561a4c92d2fe195c21c60625c482c212ec431a19596ad1012108999bc75ae3480f0e76a36376ac63a8", 0x0, 0x5}, {&(0x7f00000018c0)="c5530d8833354b18ef6baebf606c24f24d221ae3c07931be7198141ec53fd728927e5f00e021449a33baca2a22cf99667bb62ad1c43215e3f08aaced4246a353f263c0b7595b47c7a50af4436c372f265f8434d31934351c965767c877bce2ca431539e8a01395cb17c6c5e7c94ccf3bafb07d8b5e8c8a7c931e0d769db9d35a00cb5aa0044e6a6a561fd1afe1", 0x0, 0x5}, {&(0x7f0000001ac0)="a6c3452050343eb065584cf53ea65ae330a5f6fabf78091e23a81fecb3775e4b4b863ad23c978b4d06569e6a36869f4d6ab49a561ec1407526f64751bf75483fb2755e3dd399f154e42b71bf2ba4b06f84d08c82013cccce8d83cc8522875560acd751f4f33688881c070e6ef463499ee9e91f792ae72561196b6ba9dc495e6762dbb6f5c913a4aeab57f7ff1fec996193598848aca0c65638fffb8af2141e66a90fe4ae167772c4c599843c560c877e454fdb686a3b7df3bc64de67f0ab300a68bb0beb5a6e2c52ef9e161399bf3a9939b04d804247cd6b3c9682eaf9ba0fdf8721b778b0f8e7905b17a1210b17ce35b1fb4f78497d438165b2019a31462ffaad8347218795323dd876bfaa1f6f7eec0187f0b9e41c54ba73230f635b3f4c2fd658e725afc3135bbb160347c72457a5da34344443b7f7c8ab479f9e63", 0x0, 0x7}], 0x10000, &(0x7f0000000780)=ANY=[]) ioctl$LOOP_SET_CAPACITY(r0, 0x4c07) write$cgroup_pid(r0, &(0x7f0000000180), 0x1d2) 2018/04/06 11:41:27 executing program 4 (fault-call:5 fault-nth:6): r0 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000200)={r1}, &(0x7f00000000c0)=0x8) close(r0) setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040), 0x4) perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$rdma_cm(0xffffffffffffffff, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080), 0x2}}, 0xfffffe84) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000002c0)={0x0, {{0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, [], 0x19}, 0x6c}}, {{0xa, 0x4e20, 0x0, @remote={0xfe, 0x80, [], 0xbb}}}}, 0x108) 2018/04/06 11:41:27 executing program 0: open(&(0x7f0000000000)='./bus\x00', 0x100000141842, 0x0) syz_mount_image$ntfs(&(0x7f0000000440)='ntfs\x00', &(0x7f0000000480)='./bus\x00', 0x0, 0x0, &(0x7f00000006c0), 0x1000, &(0x7f0000000740)=ANY=[]) r0 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) syz_mount_image$hfs(&(0x7f0000001780)='hfs\x00', &(0x7f0000000100)='./bus\x00', 0x0, 0xccf, &(0x7f0000001a40)=[{&(0x7f0000001c00)="c3109cfc6f65b837063b7bbc3d4a7d202d2b9984a215c7b7bd25480c1babe9aadb78e3c53ec529cb288497a5ff7386ab50bc1a8c89", 0x0, 0x401}, {&(0x7f0000001800)="2ddea5d98171285eddea030c82c3ebbbe9ef0086979c4d89f51697a723698cc79f113fca18d8ec8bb4942cb405ffaeeeafc6b09a0aa44324f534c9b7f57352f0c6be30573567dee6adbbdffa5bc32a5b00201e68181092887cf576f0703f060812cd5047561a4c92d2fe195c21c60625c482c212ec431a19596ad1012108999bc75ae3480f0e76a36376ac63a8", 0x0, 0x5}, {&(0x7f00000018c0)="c5530d8833354b18ef6baebf606c24f24d221ae3c07931be7198141ec53fd728927e5f00e021449a33baca2a22cf99667bb62ad1c43215e3f08aaced4246a353f263c0b7595b47c7a50af4436c372f265f8434d31934351c965767c877bce2ca431539e8a01395cb17c6c5e7c94ccf3bafb07d8b5e8c8a7c931e0d769db9d35a00cb5aa0044e6a6a561fd1afe1", 0x0, 0x5}, {&(0x7f0000001ac0)="a6c3452050343eb065584cf53ea65ae330a5f6fabf78091e23a81fecb3775e4b4b863ad23c978b4d06569e6a36869f4d6ab49a561ec1407526f64751bf75483fb2755e3dd399f154e42b71bf2ba4b06f84d08c82013cccce8d83cc8522875560acd751f4f33688881c070e6ef463499ee9e91f792ae72561196b6ba9dc495e6762dbb6f5c913a4aeab57f7ff1fec996193598848aca0c65638fffb8af2141e66a90fe4ae167772c4c599843c560c877e454fdb686a3b7df3bc64de67f0ab300a68bb0beb5a6e2c52ef9e161399bf3a9939b04d804247cd6b3c9682eaf9ba0fdf8721b778b0f8e7905b17a1210b17ce35b1fb4f78497d438165b2019a31462ffaad8347218795323dd876bfaa1f6f7eec0187f0b9e41c54ba73230f635b3f4c2fd658e725afc3135bbb160347c72457a5da34344443b7f7c8ab479f9e63", 0x0, 0x7}], 0x10000, &(0x7f0000000780)=ANY=[]) ioctl$LOOP_SET_CAPACITY(r0, 0x4c07) write$cgroup_pid(r0, &(0x7f0000000180), 0x1d2) 2018/04/06 11:41:27 executing program 1: r0 = socket(0x0, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) r1 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x52, r1, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000000200)={0x0, 0x4b, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30445cc3106098c1375dee48494f9360a6dceec851"}, &(0x7f00000000c0)=0x53) close(r1) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(r0, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$alg(0x26, 0x5, 0x0) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000640)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000140), &(0x7f0000000180)) close(r3) sendmmsg(0xffffffffffffffff, &(0x7f0000002280)=[{{&(0x7f00000006c0)=@pppoe={0x18, 0x0, {0x3, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, 'ip6tnl0\x00'}}, 0x80, &(0x7f0000000ec0)=[{&(0x7f0000000740)="964616d1dafb11d6d905ea33bd4eaea0dd04eb847bc0a1210ca9456143e31b8ce14caf4a0646bc639707d10aba3e652495977a7a6d3fc41ef6364c47c2266aa410a490f920f407161207ec5352e1ce6c3822d3a2ae063583609298790a58b73fccaac3665dd78ab4a15d4c12a996799f41dc79b9f3d57a627a7517cb0b51c0cecf43519f19db25073246fa0d8e29d209ee94372325d56aa5ae8d45", 0x9b}], 0x1, &(0x7f0000000f40)=[{0x30, 0x103, 0x918, "b9b0597d21d227c112b74fbadc29c742bca992f94f18f93f4a69"}], 0x30, 0x4045}, 0x610}], 0x1, 0x4001) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x13860b96, 0xa0000) fcntl$getownex(r2, 0x10, &(0x7f0000000680)) 2018/04/06 11:41:27 executing program 5: r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x4, 0x40000) setsockopt$l2tp_PPPOL2TP_SO_SENDSEQ(r0, 0x111, 0x3, 0x0, 0x4) capset(&(0x7f0000000100)={0x19980331}, &(0x7f0000292000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000}) msgget(0x3, 0x50) getsockname(0xffffffffffffffff, &(0x7f0000000300)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @dev}}}, &(0x7f00000002c0)=0x80) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000380)={0x0, 0x93, "410981e59ead7dd47eee889a9cdb7fbd7b7dd7c2487001a94b0e909017bb254927a4bd1e973635575ff0b56cb8613523da7c0c984296cffc9cdfacf54bb0003ecc5d74dd98e7733228a4c6ffd378ea790e21a1b0aff3a2e828e6b91d9bf9eeace54a4e4626e525df645dbf71496ff6cf787f8fd346a71ba4c2fa2942710d76e2e3de45f23286252da70626f6053580ac7aafe5"}, &(0x7f00000000c0)=0x9b) setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000140)={r2, 0x80, 0x20}, 0xc) r3 = syz_genetlink_get_family_id$fou(&(0x7f00000001c0)='fou\x00') sendmsg$FOU_CMD_GET(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="280628bd7000ffdbdf2503000000048005000800040002ff030004000500"], 0x24}, 0x1, 0x0, 0x0, 0x4040000}, 0x4000) r4 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sloppy_sctp\x00', 0x2, 0x0) setsockopt$netrom_NETROM_T4(r4, 0x103, 0x6, &(0x7f0000000040)=0x1, 0x4) 2018/04/06 11:41:27 executing program 6: socket$inet_udp(0x2, 0x2, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000095bffc)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) sendto$inet(r1, &(0x7f0000762fff), 0xfdc7, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001, [0x6784]}, 0x10) 2018/04/06 11:41:27 executing program 7: socketpair$unix(0x1, 0x1, 0x0, &(0x7f000002dff8)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = syz_open_dev$tun(&(0x7f00000d4000)='/dev/net/tun\x00', 0x0, 0x0) fsetxattr(r2, &(0x7f0000af1fe8)=@known='system.posix_acl_access\x00', &(0x7f0000c56000)="020000000400000090746e00", 0xc, 0x0) writev(r1, &(0x7f0000001340)=[{&(0x7f0000001240)="1d", 0x1}], 0x1) r3 = getpgrp(0xffffffffffffffff) r4 = getpgrp(r3) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000000)={0x0, 0x0}, &(0x7f0000000080)=0xc) getgroups(0x7, &(0x7f00000000c0)=[0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x0]) fchown(r0, r5, r6) fcntl$setown(r0, 0x8, r4) setsockopt$sock_timeval(r0, 0x1, 0x15, &(0x7f0000000040)={0x0, 0x2710}, 0x10) socketpair(0x18, 0x800, 0xde53, &(0x7f0000000100)={0xffffffffffffffff}) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r7, 0x402c5342, &(0x7f0000000140)={0x200, 0x2, 0x4, {}, 0x1, 0x1ff}) 2018/04/06 11:41:27 executing program 3: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) fcntl$getownex(0xffffffffffffff9c, 0x10, &(0x7f0000000100)) getpid() fcntl$getown(0xffffffffffffff9c, 0x9) gettid() ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) getpgrp(r0) r1 = memfd_create(&(0x7f0000000080)='em1\x00', 0x2) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000200)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) sigaltstack(&(0x7f0000013000/0x1000)=nil, &(0x7f00000000c0)) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000258f88)) msgsnd(0x0, &(0x7f0000284ff8)={0x3}, 0x0, 0x0) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000240)={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000640)={'\x00', 0x0}) ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f0000000680)=r3) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000b40)={&(0x7f0000011000/0x4000)=nil, 0x4000}) io_setup(0x1000, &(0x7f0000000040)) io_submit(0x0, 0x705000, &(0x7f0000000000)) ioctl$VHOST_RESET_OWNER(r1, 0xaf02, 0x0) 2018/04/06 11:41:27 executing program 2: open(&(0x7f0000000000)='./bus\x00', 0x100000141842, 0x0) syz_mount_image$ntfs(&(0x7f0000000440)='ntfs\x00', &(0x7f0000000480)='./bus\x00', 0x0, 0x0, &(0x7f00000006c0), 0x1000, &(0x7f0000000740)=ANY=[]) r0 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) syz_mount_image$hfs(&(0x7f0000001780)='hfs\x00', &(0x7f0000000100)='./bus\x00', 0x0, 0xccf, &(0x7f0000001a40)=[{&(0x7f0000001c00)="c3109cfc6f65b837063b7bbc3d4a7d202d2b9984a215c7b7bd25480c1babe9aadb78e3c53ec529cb288497a5ff7386ab50bc1a8c89", 0x0, 0x401}, {&(0x7f0000001800)="2ddea5d98171285eddea030c82c3ebbbe9ef0086979c4d89f51697a723698cc79f113fca18d8ec8bb4942cb405ffaeeeafc6b09a0aa44324f534c9b7f57352f0c6be30573567dee6adbbdffa5bc32a5b00201e68181092887cf576f0703f060812cd5047561a4c92d2fe195c21c60625c482c212ec431a19596ad1012108999bc75ae3480f0e76a36376ac63a8", 0x0, 0x5}, {&(0x7f00000018c0)="c5530d8833354b18ef6baebf606c24f24d221ae3c07931be7198141ec53fd728927e5f00e021449a33baca2a22cf99667bb62ad1c43215e3f08aaced4246a353f263c0b7595b47c7a50af4436c372f265f8434d31934351c965767c877bce2ca431539e8a01395cb17c6c5e7c94ccf3bafb07d8b5e8c8a7c931e0d769db9d35a00cb5aa0044e6a6a561fd1afe1", 0x0, 0x5}, {&(0x7f0000001ac0)="a6c3452050343eb065584cf53ea65ae330a5f6fabf78091e23a81fecb3775e4b4b863ad23c978b4d06569e6a36869f4d6ab49a561ec1407526f64751bf75483fb2755e3dd399f154e42b71bf2ba4b06f84d08c82013cccce8d83cc8522875560acd751f4f33688881c070e6ef463499ee9e91f792ae72561196b6ba9dc495e6762dbb6f5c913a4aeab57f7ff1fec996193598848aca0c65638fffb8af2141e66a90fe4ae167772c4c599843c560c877e454fdb686a3b7df3bc64de67f0ab300a68bb0beb5a6e2c52ef9e161399bf3a9939b04d804247cd6b3c9682eaf9ba0fdf8721b778b0f8e7905b17a1210b17ce35b1fb4f78497d438165b2019a31462ffaad8347218795323dd876bfaa1f6f7eec0187f0b9e41c54ba73230f635b3f4c2fd658e725afc3135bbb160347c72457a5da34344443b7f7c8ab479f9e63", 0x0, 0x7}], 0x10000, &(0x7f0000000780)=ANY=[]) write$cgroup_pid(r0, &(0x7f0000000040)={[0x0]}, 0x1) write$cgroup_pid(r0, &(0x7f0000000180), 0x1d2) [ 404.899779] FAULT_INJECTION: forcing a failure. [ 404.899779] name failslab, interval 1, probability 0, space 0, times 0 [ 404.911115] CPU: 0 PID: 25357 Comm: syz-executor4 Not tainted 4.16.0+ #3 [ 404.917964] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 404.927324] Call Trace: [ 404.929922] dump_stack+0x1b9/0x294 [ 404.933568] ? dump_stack_print_info.cold.2+0x52/0x52 [ 404.938776] ? lock_downgrade+0x8e0/0x8e0 [ 404.942941] should_fail.cold.4+0xa/0x1a [ 404.947024] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 404.952149] ? graph_lock+0x170/0x170 [ 404.955961] ? is_bpf_text_address+0xd7/0x170 [ 404.960461] ? kernel_text_address+0x79/0xf0 [ 404.964881] ? __unwind_start+0x166/0x330 [ 404.969044] ? find_held_lock+0x36/0x1c0 [ 404.973116] ? __lock_is_held+0xb5/0x140 [ 404.977199] ? check_same_owner+0x320/0x320 [ 404.981528] ? snd_pcm_oss_change_params+0x80/0xe0 [ 404.986464] ? snd_pcm_oss_make_ready+0xbe/0x170 [ 404.991224] ? snd_pcm_oss_sync.isra.29+0x27f/0x980 2018/04/06 11:41:27 executing program 5: capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) r0 = syz_open_dev$sndseq(&(0x7f0000000000)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r0, 0x40505331, &(0x7f0000000280)={{}, {0xe}, 0x0, 0x1, 0x3}) msgget(0x2, 0x58) r1 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x81, 0x0) ioctl$LOOP_SET_CAPACITY(r1, 0x4c07) syz_open_dev$dmmidi(&(0x7f0000000140)='/dev/dmmidi#\x00', 0xfe, 0x80) ioctl$LOOP_GET_STATUS(r1, 0x4c03, &(0x7f0000000040)) ioctl$TIOCOUTQ(r1, 0x5411, &(0x7f0000000180)) 2018/04/06 11:41:27 executing program 7: r0 = socket$inet_udp(0x2, 0x2, 0x0) io_setup(0x2, &(0x7f0000000000)=0x0) io_submit(r1, 0x1, &(0x7f00000005c0)=[&(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000780)}]) [ 404.996255] ? rcu_note_context_switch+0x710/0x710 [ 405.001186] ? task_work_run+0x1e4/0x290 [ 405.005253] ? exit_to_usermode_loop+0x2bd/0x310 [ 405.010014] ? do_syscall_64+0x792/0x9d0 [ 405.014088] should_failslab+0x124/0x180 [ 405.018158] kmem_cache_alloc_trace+0x2cb/0x780 [ 405.022833] ? do_raw_spin_lock+0xc1/0x200 [ 405.027074] ? trace_hardirqs_off+0xd/0x10 [ 405.031318] snd_pcm_hw_param_near.constprop.35+0x15c/0xb10 [ 405.037043] ? _snd_pcm_hw_param_min+0x570/0x570 [ 405.041800] ? mark_held_locks+0xc9/0x160 [ 405.045952] ? kfree+0x111/0x260 [ 405.049327] ? snd_pcm_oss_change_params_locked+0x2c1e/0x3ce0 [ 405.055223] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 405.060243] ? trace_hardirqs_on+0xd/0x10 [ 405.064405] snd_pcm_oss_change_params_locked+0xc4d/0x3ce0 [ 405.070059] ? snd_pcm_hw_param_near.constprop.35+0xb10/0xb10 [ 405.075956] ? debug_check_no_locks_freed+0x310/0x310 [ 405.081152] ? debug_check_no_locks_freed+0x310/0x310 [ 405.086348] ? check_same_owner+0x320/0x320 [ 405.090681] ? find_held_lock+0x36/0x1c0 [ 405.094754] ? graph_lock+0x170/0x170 2018/04/06 11:41:27 executing program 5: capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)={0x0, 0x0, 0x0, 0x0, 0x2}) getpeername(0xffffffffffffff9c, &(0x7f0000000000)=@pppol2tpv3={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @dev}}}, &(0x7f0000000080)=0x80) getsockopt$inet_sctp_SCTP_MAXSEG(0xffffffffffffffff, 0x84, 0xd, &(0x7f0000000300)=@assoc_value={0x0, 0x5}, &(0x7f0000000340)=0x8) getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000380)={0x0, 0x36, "757e74ed95b28c7595af759277e3c91e0ebd7ad6aa7facba1748b40da030321282a66f6e99ce0072678db01689b11a83fe1dd57ecaf5"}, &(0x7f00000003c0)=0x3e) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffff9c, 0x84, 0x6, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e21}}}, &(0x7f00000004c0)=0x84) sendmsg$inet_sctp(r0, &(0x7f00000005c0)={&(0x7f00000000c0)=@in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0xa}}, 0x10, &(0x7f00000002c0)=[{&(0x7f0000000140)="73ab4eff8ca3cd4df9b470ca31d99f3f96ad29a4e87c0dea3d1ca33d6d1bb8a4f3daa9d61e69cd8f5f40cac57c5ce6bcfe4d68939cee06ccf122b57e346c47b8172af3423bd6f5d3fb3577befa5153a1f59d911b4d906eb2b5d38a2ff04102aa8395d74b752e23ed7b09b10b07d99b207c3f5dcaed997e64a5679b0a1a6deab333b5b337a20689738791ebc5e5bbd2aa4ffc100073c38b2ac5355e73f1638e2e3cd373a03937799f204e719f21e69572c7b7f1408c105e9ce616f1edd889a540a1795bb1b7b6fa9ee77b78a748", 0xcd}, {&(0x7f0000000240)="f18afc563f20d96595ce0288b79cb4215bc609f99eb41b8e7882dfb6b0d33180e75707a8cae11e9aae9bdd5772e67768d4d120f8dbf7c3712dec2b0b", 0x3c}, {&(0x7f0000000280)="373b1b0f8ef1bd5c4db19b4081c0c67b56778ab890d1293eb38fd03276e242a7a3c5e58b131c63270190e2b0a3e39946c48170c7cb", 0x35}], 0x3, &(0x7f0000000500)=[@init={0x18, 0x84, 0x0, {0x4, 0xfffffffffffffff9, 0xffffffff, 0x9}}, @sndinfo={0x20, 0x84, 0x2, {0xdc, 0x0, 0xfffffffffffffff9, 0x14000000000, r1}}, @sndinfo={0x20, 0x84, 0x2, {0x9, 0x1, 0x7, 0x7fff, r2}}, @sndinfo={0x20, 0x84, 0x2, {0x4, 0x200, 0x7, 0x8, r3}}], 0xc0, 0x800}, 0x24000011) msgget(0x2, 0x58) 2018/04/06 11:41:27 executing program 5: capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) r0 = openat$cuse(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/cuse\x00', 0x40, 0x0) vmsplice(r0, &(0x7f0000000300)=[{&(0x7f0000000200)='t', 0x1}, {&(0x7f0000000240)="9eb94f89b09e19e663062b6b12acb9a4f785bdef98db1c03198a056eb884abbaf9c6053ba158f0f97c2f6b6c88d99e95502c4879a96454addec837a5122492315a8cc1724e60da6feebcc2cc49e5eba661357021791fa4d6d90e8809f074539fb40162c33c1ad40fa4cabe4280218022883230740c36271119db6d87ff857178173e6d3f8712f14174dc3aa544560c73ec82d386", 0x94}], 0x2, 0x6) socketpair(0x13, 0x0, 0x400, &(0x7f0000000340)) msgget(0x2, 0x58) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x100, 0x0) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffff9c, 0x84, 0xf, &(0x7f0000000040)={0x0, @in={{0x2, 0x4e22, @broadcast=0xffffffff}}, 0x7fff, 0x6, 0x4, 0x40, 0x7}, &(0x7f0000000140)=0x98) setsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f0000000180)={0x1, 0xffffffff, 0x0, 0xffffffff80000001, 0x2, 0x5, 0x6, 0x3bd, r2}, 0x20) [ 405.098560] ? lock_downgrade+0x8e0/0x8e0 [ 405.102711] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 405.108261] ? do_lock_file_wait.part.32+0x240/0x240 [ 405.113380] snd_pcm_oss_change_params+0x80/0xe0 [ 405.118147] snd_pcm_oss_make_ready+0xbe/0x170 [ 405.122734] snd_pcm_oss_sync.isra.29+0x27f/0x980 [ 405.127574] ? snd_pcm_oss_sync1+0x5a0/0x5a0 [ 405.131989] ? fsnotify_first_mark+0x330/0x330 [ 405.136584] snd_pcm_oss_release+0x214/0x290 [ 405.140998] ? snd_pcm_oss_sync.isra.29+0x980/0x980 [ 405.146021] __fput+0x34d/0x890 2018/04/06 11:41:27 executing program 5: r0 = dup(0xffffffffffffff9c) r1 = gettid() ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x1, 0x7, 0x2, 0x1ff, "e9c6bc3a9faa3be8d39e24472e8981ff93e1c18929ebb67e2f0fe1a687686e937c7462c89bfacd39b0e9b8af", 0x2ee4}, 0x0, 0x0, 0x4, r1, 0x9, 0x1, "463e96a520bc4fc6a827f766f4c4aecf73a4d4f18e817800dd481f4979a4210e7e13d8fd800535022abdc1f928a59fda9cb79706a61d0abec29da7c85000fee2", &(0x7f0000000080)='/dev/vhost-net\x00', 0xf, [], [0x1, 0x5, 0x76, 0x8]}) restart_syscall() capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) msgget(0x2, 0x58) accept$packet(r0, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000280)=0x14) ioctl$sock_inet6_SIOCSIFADDR(r0, 0x8916, &(0x7f00000002c0)={@ipv4={[], [0xff, 0xff], @rand_addr=0xd30}, 0x3b, r2}) ioctl$KVM_RUN(r0, 0xae80, 0x0) r3 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0) r4 = getpgid(0x0) fcntl$lock(r3, 0x0, &(0x7f0000000040)={0x0, 0x4, 0x20, 0x8, r4}) [ 405.149310] ? fput+0x1a0/0x1a0 [ 405.152599] ? _raw_spin_unlock_irq+0x27/0x70 [ 405.157105] ____fput+0x15/0x20 [ 405.160388] task_work_run+0x1e4/0x290 [ 405.164278] ? task_work_cancel+0x240/0x240 [ 405.168607] ? exit_to_usermode_loop+0x87/0x310 [ 405.173287] exit_to_usermode_loop+0x2bd/0x310 [ 405.177877] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 405.182732] do_syscall_64+0x792/0x9d0 [ 405.186621] ? vmalloc_sync_all+0x30/0x30 [ 405.190774] ? _raw_spin_unlock_irq+0x27/0x70 [ 405.195270] ? finish_task_switch+0x1ca/0x820 [ 405.199771] ? syscall_return_slowpath+0x5c0/0x5c0 [ 405.204705] ? syscall_return_slowpath+0x30f/0x5c0 [ 405.209638] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 405.215021] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 405.219878] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 405.225072] RIP: 0033:0x4552d9 [ 405.228258] RSP: 002b:00007ff8a6ac2c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000003 [ 405.235960] RAX: 0000000000000000 RBX: 00007ff8a6ac36d4 RCX: 00000000004552d9 [ 405.243217] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000013 2018/04/06 11:41:27 executing program 1: r0 = socket(0x0, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) r1 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x52, r1, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000000200)={0x0, 0x4c, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30445cc3106098c1375dee48494f9360a6dceec8517e"}, &(0x7f00000000c0)=0x54) close(0xffffffffffffffff) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(r0, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$alg(0x26, 0x5, 0x0) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000640)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000140), &(0x7f0000000180)) close(r3) sendmmsg(0xffffffffffffffff, &(0x7f0000002280)=[{{&(0x7f00000006c0)=@pppoe={0x18, 0x0, {0x3, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, 'ip6tnl0\x00'}}, 0x80, &(0x7f0000000ec0)=[{&(0x7f0000000740)="964616d1dafb11d6d905ea33bd4eaea0dd04eb847bc0a1210ca9456143e31b8ce14caf4a0646bc639707d10aba3e652495977a7a6d3fc41ef6364c47c2266aa410a490f920f407161207ec5352e1ce6c3822d3a2ae063583609298790a58b73fccaac3665dd78ab4a15d4c12a996799f41dc79b9f3d57a627a7517cb0b51c0cecf43519f19db25073246fa0d8e29d209ee94372325d56aa5ae8d45", 0x9b}], 0x1, &(0x7f0000000f40)=[{0x30, 0x103, 0x918, "b9b0597d21d227c112b74fbadc29c742bca992f94f18f93f4a69"}], 0x30, 0x4045}, 0x610}], 0x1, 0x4001) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x13860b96, 0xa0000) fcntl$getownex(r2, 0x10, &(0x7f0000000680)) 2018/04/06 11:41:27 executing program 6: socket$inet_udp(0x2, 0x2, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000095bffc)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) sendto$inet(r1, &(0x7f0000762fff), 0xfdc7, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001, [0xaf2d0000]}, 0x10) [ 405.250475] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 405.257730] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014 [ 405.265000] R13: 0000000000000052 R14: 00000000006f3850 R15: 0000000000000006 2018/04/06 11:41:27 executing program 5: capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) r0 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0xff, 0x0) ioctl$TUNSETVNETLE(r0, 0x400454dc, &(0x7f0000000040)=0x1) msgget(0x2, 0x58) 2018/04/06 11:41:27 executing program 4 (fault-call:5 fault-nth:7): r0 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000200)={r1}, &(0x7f00000000c0)=0x8) close(r0) setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040), 0x4) perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$rdma_cm(0xffffffffffffffff, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080), 0x2}}, 0xfffffe84) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000002c0)={0x0, {{0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, [], 0x19}, 0x6c}}, {{0xa, 0x4e20, 0x0, @remote={0xfe, 0x80, [], 0xbb}}}}, 0x108) [ 405.555682] FAULT_INJECTION: forcing a failure. [ 405.555682] name failslab, interval 1, probability 0, space 0, times 0 [ 405.566978] CPU: 0 PID: 25421 Comm: syz-executor4 Not tainted 4.16.0+ #3 [ 405.573816] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 405.583157] Call Trace: [ 405.585732] dump_stack+0x1b9/0x294 [ 405.589343] ? dump_stack_print_info.cold.2+0x52/0x52 [ 405.594523] should_fail.cold.4+0xa/0x1a [ 405.598574] ? __lock_acquire+0x7f5/0x5130 [ 405.602790] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 405.607875] ? __lock_acquire+0x7f5/0x5130 [ 405.612093] ? graph_lock+0x170/0x170 [ 405.615882] ? debug_check_no_locks_freed+0x310/0x310 [ 405.621069] ? find_held_lock+0x36/0x1c0 [ 405.625133] ? __lock_is_held+0xb5/0x140 [ 405.629186] ? check_same_owner+0x320/0x320 [ 405.633488] ? rcu_note_context_switch+0x710/0x710 [ 405.638403] should_failslab+0x124/0x180 [ 405.642446] __kmalloc+0x2c8/0x760 [ 405.645973] ? __lock_acquire+0x7f5/0x5130 [ 405.650198] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 405.654770] ? constrain_params_by_rules+0x141/0x1360 [ 405.659948] constrain_params_by_rules+0x141/0x1360 [ 405.664970] ? snd_pcm_mmap_control_fault+0x3e0/0x3e0 [ 405.670145] ? lock_downgrade+0x8e0/0x8e0 [ 405.674277] ? kasan_check_read+0x11/0x20 [ 405.678412] ? rcu_is_watching+0x85/0x140 [ 405.682544] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 405.687715] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 405.692889] ? is_bpf_text_address+0xd7/0x170 [ 405.697370] ? kernel_text_address+0x79/0xf0 [ 405.701776] ? __unwind_start+0x166/0x330 [ 405.705918] ? __kernel_text_address+0xd/0x40 [ 405.710413] ? unwind_get_return_address+0x61/0xa0 [ 405.715336] ? __save_stack_trace+0x7e/0xd0 [ 405.719640] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 405.725160] ? snd_interval_refine+0x428/0x700 [ 405.728999] FAULT_FLAG_ALLOW_RETRY missing 30 [ 405.729731] snd_pcm_hw_refine+0x8e9/0x1180 [ 405.738526] ? constrain_params_by_rules+0x1360/0x1360 [ 405.743801] ? snd_pcm_oss_change_params+0x80/0xe0 [ 405.748720] ? snd_pcm_oss_make_ready+0xbe/0x170 [ 405.753465] ? snd_pcm_oss_sync.isra.29+0x27f/0x980 [ 405.758472] ? snd_pcm_oss_release+0x214/0x290 [ 405.763046] ? __fput+0x34d/0x890 [ 405.766490] ? ____fput+0x15/0x20 [ 405.769931] ? task_work_run+0x1e4/0x290 [ 405.773988] ? exit_to_usermode_loop+0x2bd/0x310 [ 405.778735] ? do_syscall_64+0x792/0x9d0 [ 405.782790] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 405.788147] ? do_raw_spin_unlock+0x9e/0x2e0 [ 405.792546] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 405.797125] ? print_usage_bug+0xc0/0xc0 [ 405.801179] ? kasan_check_write+0x14/0x20 [ 405.805405] ? do_raw_spin_lock+0xc1/0x200 [ 405.809633] ? trace_hardirqs_off+0xd/0x10 [ 405.813859] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 405.818961] ? debug_check_no_obj_freed+0x2ff/0x584 [ 405.823978] ? mark_held_locks+0xc9/0x160 [ 405.828117] ? quarantine_put+0xeb/0x190 [ 405.832176] snd_pcm_hw_param_first+0x30e/0x680 [ 405.836841] snd_pcm_hw_param_near.constprop.35+0x6e2/0xb10 [ 405.842549] ? _snd_pcm_hw_param_min+0x570/0x570 [ 405.847294] ? mark_held_locks+0xc9/0x160 [ 405.851435] ? kfree+0x111/0x260 [ 405.854795] ? snd_pcm_oss_change_params_locked+0x2c1e/0x3ce0 [ 405.860669] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 405.865674] ? trace_hardirqs_on+0xd/0x10 [ 405.869817] snd_pcm_oss_change_params_locked+0xc4d/0x3ce0 [ 405.875445] ? snd_pcm_hw_param_near.constprop.35+0xb10/0xb10 [ 405.881325] ? debug_check_no_locks_freed+0x310/0x310 [ 405.886508] ? debug_check_no_locks_freed+0x310/0x310 [ 405.891697] ? check_same_owner+0x320/0x320 [ 405.896014] ? find_held_lock+0x36/0x1c0 [ 405.900068] ? graph_lock+0x170/0x170 [ 405.903863] ? lock_downgrade+0x8e0/0x8e0 [ 405.908003] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 405.913547] ? do_lock_file_wait.part.32+0x240/0x240 [ 405.918646] snd_pcm_oss_change_params+0x80/0xe0 [ 405.923393] snd_pcm_oss_make_ready+0xbe/0x170 [ 405.927970] snd_pcm_oss_sync.isra.29+0x27f/0x980 [ 405.932808] ? snd_pcm_oss_sync1+0x5a0/0x5a0 [ 405.937211] ? fsnotify_first_mark+0x330/0x330 [ 405.941785] snd_pcm_oss_release+0x214/0x290 [ 405.946184] ? snd_pcm_oss_sync.isra.29+0x980/0x980 [ 405.951191] __fput+0x34d/0x890 [ 405.954470] ? fput+0x1a0/0x1a0 [ 405.957743] ? _raw_spin_unlock_irq+0x27/0x70 [ 405.962232] ____fput+0x15/0x20 [ 405.965505] task_work_run+0x1e4/0x290 [ 405.969383] ? task_work_cancel+0x240/0x240 [ 405.973699] ? exit_to_usermode_loop+0x87/0x310 [ 405.978366] exit_to_usermode_loop+0x2bd/0x310 [ 405.982943] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 405.987784] do_syscall_64+0x792/0x9d0 [ 405.991664] ? vmalloc_sync_all+0x30/0x30 [ 405.995805] ? _raw_spin_unlock_irq+0x27/0x70 [ 406.000294] ? finish_task_switch+0x1ca/0x820 [ 406.004782] ? syscall_return_slowpath+0x5c0/0x5c0 [ 406.009705] ? syscall_return_slowpath+0x30f/0x5c0 [ 406.014626] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 406.019983] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 406.024824] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 406.030000] RIP: 0033:0x4552d9 [ 406.033179] RSP: 002b:00007ff8a6ac2c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000003 [ 406.040881] RAX: 0000000000000000 RBX: 00007ff8a6ac36d4 RCX: 00000000004552d9 [ 406.048136] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000013 [ 406.055394] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 406.062650] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014 [ 406.069907] R13: 0000000000000052 R14: 00000000006f3850 R15: 0000000000000007 [ 406.077191] CPU: 1 PID: 25347 Comm: syz-executor3 Not tainted 4.16.0+ #3 [ 406.084040] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 406.093393] Call Trace: [ 406.095991] dump_stack+0x1b9/0x294 [ 406.099621] ? dump_stack_print_info.cold.2+0x52/0x52 [ 406.104812] ? kasan_check_write+0x14/0x20 [ 406.109048] ? do_raw_spin_lock+0xc1/0x200 [ 406.113289] handle_userfault.cold.32+0x44/0x57 [ 406.117959] ? handle_userfault+0x16c6/0x2760 [ 406.122454] ? userfaultfd_ioctl+0x4d10/0x4d10 [ 406.127024] ? debug_check_no_locks_freed+0x310/0x310 [ 406.132201] ? rb_erase+0x3530/0x3530 [ 406.135987] ? print_usage_bug+0xc0/0xc0 [ 406.140043] ? print_usage_bug+0xc0/0xc0 [ 406.144096] ? match_held_lock+0x801/0x8b0 [ 406.148310] ? print_usage_bug+0xc0/0xc0 [ 406.152350] ? print_usage_bug+0xc0/0xc0 [ 406.156398] ? lock_downgrade+0x8e0/0x8e0 [ 406.160538] ? lock_downgrade+0x8e0/0x8e0 [ 406.164667] ? mark_held_locks+0xc9/0x160 [ 406.168798] ? retint_kernel+0x10/0x10 [ 406.172667] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 406.177663] ? graph_lock+0x170/0x170 [ 406.181446] ? retint_kernel+0x10/0x10 [ 406.185317] ? find_held_lock+0x36/0x1c0 [ 406.189363] ? lock_downgrade+0x8e0/0x8e0 [ 406.193510] ? kasan_check_read+0x11/0x20 [ 406.197652] ? do_raw_spin_unlock+0x9e/0x2e0 [ 406.202044] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 406.206614] ? kasan_check_write+0x14/0x20 [ 406.210830] ? do_raw_spin_lock+0xc1/0x200 [ 406.215055] __handle_mm_fault+0x34be/0x4150 [ 406.219450] ? vm_insert_mixed_mkwrite+0x40/0x40 [ 406.224188] ? graph_lock+0x170/0x170 [ 406.227973] ? find_held_lock+0x36/0x1c0 [ 406.232026] ? lock_downgrade+0x8e0/0x8e0 [ 406.236171] ? handle_mm_fault+0x8c0/0xc70 [ 406.240390] handle_mm_fault+0x53a/0xc70 [ 406.244444] ? __handle_mm_fault+0x4150/0x4150 [ 406.249012] ? find_vma+0x34/0x190 [ 406.252546] __do_page_fault+0x60b/0xe40 [ 406.256589] ? mm_fault_error+0x380/0x380 [ 406.260722] ? __schedule+0x80f/0x1e40 [ 406.264591] ? graph_lock+0x170/0x170 [ 406.268388] do_page_fault+0xee/0x8a7 [ 406.272182] ? vmalloc_sync_all+0x30/0x30 [ 406.276312] ? find_held_lock+0x36/0x1c0 [ 406.280358] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 406.285193] page_fault+0x25/0x50 [ 406.288630] RIP: 0010:copy_user_generic_unrolled+0x86/0xc0 [ 406.294227] RSP: 0018:ffff88018ecd7ce8 EFLAGS: 00010206 [ 406.299571] RAX: ffffed0031d9afae RBX: 0000000000000018 RCX: 0000000000000003 [ 406.306820] RDX: 0000000000000000 RSI: 0000000020013000 RDI: ffff88018ecd7d58 [ 406.314068] RBP: ffff88018ecd7d20 R08: ffffed0031d9afae R09: ffffed0031d9afab [ 406.321317] R10: ffffed0031d9afad R11: ffff88018ecd7d6f R12: 0000000020013018 [ 406.328564] R13: 0000000020013000 R14: ffff88018ecd7d58 R15: 00007ffffffff000 [ 406.335841] ? _copy_from_user+0x10d/0x150 [ 406.340074] SyS_sigaltstack+0xae/0x320 [ 406.344043] ? do_sigaction+0xa50/0xa50 [ 406.348012] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 406.353544] ? exit_to_usermode_loop+0x1ef/0x310 [ 406.358282] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 406.363108] ? ksys_ioctl+0x81/0xd0 [ 406.366716] ? do_syscall_64+0xb7/0x9d0 [ 406.370676] ? do_sigaction+0xa50/0xa50 [ 406.374632] do_syscall_64+0x29e/0x9d0 [ 406.378501] ? vmalloc_sync_all+0x30/0x30 [ 406.382637] ? _raw_spin_unlock_irq+0x27/0x70 [ 406.387117] ? finish_task_switch+0x1ca/0x820 [ 406.391595] ? syscall_return_slowpath+0x5c0/0x5c0 [ 406.396503] ? syscall_return_slowpath+0x30f/0x5c0 [ 406.401417] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 406.406763] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 406.411590] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 406.416760] RIP: 0033:0x4552d9 [ 406.419929] RSP: 002b:00007ff15ecfec68 EFLAGS: 00000246 ORIG_RAX: 0000000000000083 [ 406.427615] RAX: ffffffffffffffda RBX: 00007ff15ecff6d4 RCX: 00000000004552d9 [ 406.434865] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000020013000 [ 406.442129] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 406.449380] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 406.456632] R13: 0000000000000608 R14: 00000000006fc160 R15: 0000000000000000 [ 406.599675] FAULT_FLAG_ALLOW_RETRY missing 30 [ 406.604321] CPU: 0 PID: 25423 Comm: syz-executor3 Not tainted 4.16.0+ #3 [ 406.611157] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 406.620492] Call Trace: [ 406.623075] dump_stack+0x1b9/0x294 [ 406.626688] ? dump_stack_print_info.cold.2+0x52/0x52 [ 406.631862] ? kasan_check_write+0x14/0x20 [ 406.636086] ? do_raw_spin_lock+0xc1/0x200 [ 406.640303] handle_userfault.cold.32+0x44/0x57 [ 406.644951] ? handle_userfault+0x16c6/0x2760 [ 406.649449] ? userfaultfd_ioctl+0x4d10/0x4d10 [ 406.654030] ? debug_check_no_locks_freed+0x310/0x310 [ 406.659219] ? find_held_lock+0x36/0x1c0 [ 406.663299] ? print_usage_bug+0xc0/0xc0 [ 406.667341] ? print_usage_bug+0xc0/0xc0 [ 406.671385] ? kasan_check_read+0x11/0x20 [ 406.675516] ? check_same_owner+0x320/0x320 [ 406.679817] ? do_raw_spin_unlock+0x9e/0x2e0 [ 406.684210] ? __lock_acquire+0x7f5/0x5130 [ 406.688426] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 406.693943] ? graph_lock+0x170/0x170 [ 406.697727] ? debug_check_no_locks_freed+0x310/0x310 [ 406.702914] ? find_held_lock+0x36/0x1c0 [ 406.706962] ? lock_downgrade+0x8e0/0x8e0 [ 406.711105] ? kasan_check_read+0x11/0x20 [ 406.715234] ? do_raw_spin_unlock+0x9e/0x2e0 [ 406.719622] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 406.724183] ? kasan_check_write+0x14/0x20 [ 406.728397] ? do_raw_spin_lock+0xc1/0x200 [ 406.732613] __handle_mm_fault+0x34be/0x4150 [ 406.737007] ? vm_insert_mixed_mkwrite+0x40/0x40 [ 406.741764] ? graph_lock+0x170/0x170 [ 406.745546] ? graph_lock+0x170/0x170 [ 406.749418] ? find_held_lock+0x36/0x1c0 [ 406.753460] ? lock_downgrade+0x8e0/0x8e0 [ 406.757591] ? handle_mm_fault+0x8c0/0xc70 [ 406.761809] handle_mm_fault+0x53a/0xc70 [ 406.765851] ? __handle_mm_fault+0x4150/0x4150 [ 406.770412] ? find_vma+0x34/0x190 [ 406.773935] __do_page_fault+0x60b/0xe40 [ 406.777977] ? mm_fault_error+0x380/0x380 [ 406.782109] ? graph_lock+0x170/0x170 [ 406.785896] do_page_fault+0xee/0x8a7 [ 406.789677] ? vmalloc_sync_all+0x30/0x30 [ 406.793803] ? __fget+0x40c/0x650 [ 406.797245] ? find_held_lock+0x36/0x1c0 [ 406.801291] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 406.806119] page_fault+0x25/0x50 [ 406.809553] RIP: 0010:copy_user_generic_unrolled+0x86/0xc0 [ 406.815153] RSP: 0018:ffff88018ea9fce8 EFLAGS: 00010206 [ 406.820495] RAX: ffffed0031d53fae RBX: 0000000000000018 RCX: 0000000000000003 [ 406.827743] RDX: 0000000000000000 RSI: 0000000020013000 RDI: ffff88018ea9fd58 [ 406.834993] RBP: ffff88018ea9fd20 R08: ffffed0031d53fae R09: ffffed0031d53fab [ 406.842246] R10: ffffed0031d53fad R11: ffff88018ea9fd6f R12: 0000000020013018 [ 406.849493] R13: 0000000020013000 R14: ffff88018ea9fd58 R15: 00007ffffffff000 [ 406.856761] ? _copy_from_user+0x10d/0x150 [ 406.860979] SyS_sigaltstack+0xae/0x320 [ 406.864944] ? do_sigaction+0xa50/0xa50 [ 406.868911] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 406.874432] ? fput+0x130/0x1a0 [ 406.877690] ? ksys_ioctl+0x81/0xd0 [ 406.881298] ? do_syscall_64+0xb7/0x9d0 [ 406.885264] ? do_sigaction+0xa50/0xa50 [ 406.889220] do_syscall_64+0x29e/0x9d0 [ 406.893090] ? _raw_spin_unlock_irq+0x27/0x70 [ 406.897563] ? finish_task_switch+0x1ca/0x820 [ 406.902041] ? syscall_return_slowpath+0x5c0/0x5c0 [ 406.906953] ? syscall_return_slowpath+0x30f/0x5c0 [ 406.911868] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 406.917215] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 406.922043] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 406.927211] RIP: 0033:0x4552d9 [ 406.930377] RSP: 002b:00007ff15ecbcc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000083 [ 406.938066] RAX: ffffffffffffffda RBX: 00007ff15ecbd6d4 RCX: 00000000004552d9 2018/04/06 11:41:29 executing program 2: open(&(0x7f0000000000)='./bus\x00', 0x100000141842, 0x0) syz_mount_image$ntfs(&(0x7f0000000440)='ntfs\x00', &(0x7f0000000480)='./bus\x00', 0x0, 0x0, &(0x7f00000006c0), 0x1000, &(0x7f0000000740)=ANY=[]) r0 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) syz_mount_image$hfs(&(0x7f0000001780)='hfs\x00', &(0x7f0000000100)='./bus\x00', 0x0, 0xccf, &(0x7f0000001a40)=[{&(0x7f0000001c00)="c3109cfc6f65b837063b7bbc3d4a7d202d2b9984a215c7b7bd25480c1babe9aadb78e3c53ec529cb288497a5ff7386ab50bc1a8c89", 0x0, 0x401}, {&(0x7f0000001800)="2ddea5d98171285eddea030c82c3ebbbe9ef0086979c4d89f51697a723698cc79f113fca18d8ec8bb4942cb405ffaeeeafc6b09a0aa44324f534c9b7f57352f0c6be30573567dee6adbbdffa5bc32a5b00201e68181092887cf576f0703f060812cd5047561a4c92d2fe195c21c60625c482c212ec431a19596ad1012108999bc75ae3480f0e76a36376ac63a8", 0x0, 0x5}, {&(0x7f00000018c0)="c5530d8833354b18ef6baebf606c24f24d221ae3c07931be7198141ec53fd728927e5f00e021449a33baca2a22cf99667bb62ad1c43215e3f08aaced4246a353f263c0b7595b47c7a50af4436c372f265f8434d31934351c965767c877bce2ca431539e8a01395cb17c6c5e7c94ccf3bafb07d8b5e8c8a7c931e0d769db9d35a00cb5aa0044e6a6a561fd1afe1", 0x0, 0x5}, {&(0x7f0000001ac0)="a6c3452050343eb065584cf53ea65ae330a5f6fabf78091e23a81fecb3775e4b4b863ad23c978b4d06569e6a36869f4d6ab49a561ec1407526f64751bf75483fb2755e3dd399f154e42b71bf2ba4b06f84d08c82013cccce8d83cc8522875560acd751f4f33688881c070e6ef463499ee9e91f792ae72561196b6ba9dc495e6762dbb6f5c913a4aeab57f7ff1fec996193598848aca0c65638fffb8af2141e66a90fe4ae167772c4c599843c560c877e454fdb686a3b7df3bc64de67f0ab300a68bb0beb5a6e2c52ef9e161399bf3a9939b04d804247cd6b3c9682eaf9ba0fdf8721b778b0f8e7905b17a1210b17ce35b1fb4f78497d438165b2019a31462ffaad8347218795323dd876bfaa1f6f7eec0187f0b9e41c54ba73230f635b3f4c2fd658e725afc3135bbb160347c72457a5da34344443b7f7c8ab479f9e63", 0x0, 0x7}], 0x10000, &(0x7f0000000780)=ANY=[]) write$cgroup_pid(r0, &(0x7f0000000040)={[0x0]}, 0x1) write$cgroup_pid(r0, &(0x7f0000000180), 0x1d2) 2018/04/06 11:41:29 executing program 1: r0 = socket(0x0, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) r1 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x52, r1, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000000200)={0x0, 0x4c, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30445cc3106098c1375dee48494f9360a6dceec8517e"}, &(0x7f00000000c0)=0x54) close(r1) setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(r0, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$alg(0x26, 0x5, 0x0) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000640)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000140), &(0x7f0000000180)) close(r3) sendmmsg(0xffffffffffffffff, &(0x7f0000002280)=[{{&(0x7f00000006c0)=@pppoe={0x18, 0x0, {0x3, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, 'ip6tnl0\x00'}}, 0x80, &(0x7f0000000ec0)=[{&(0x7f0000000740)="964616d1dafb11d6d905ea33bd4eaea0dd04eb847bc0a1210ca9456143e31b8ce14caf4a0646bc639707d10aba3e652495977a7a6d3fc41ef6364c47c2266aa410a490f920f407161207ec5352e1ce6c3822d3a2ae063583609298790a58b73fccaac3665dd78ab4a15d4c12a996799f41dc79b9f3d57a627a7517cb0b51c0cecf43519f19db25073246fa0d8e29d209ee94372325d56aa5ae8d45", 0x9b}], 0x1, &(0x7f0000000f40)=[{0x30, 0x103, 0x918, "b9b0597d21d227c112b74fbadc29c742bca992f94f18f93f4a69"}], 0x30, 0x4045}, 0x610}], 0x1, 0x4001) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x13860b96, 0xa0000) fcntl$getownex(r2, 0x10, &(0x7f0000000680)) 2018/04/06 11:41:29 executing program 0: pipe(&(0x7f0000c58ff8)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(r1, &(0x7f00004e8000)=[{&(0x7f00005dff57)=';', 0x1}], 0x1, 0x0) write(r1, &(0x7f00000000c0), 0x0) ppoll(&(0x7f0000000000)=[{r1}], 0x1, &(0x7f0000000040)={0x0, 0x1c9c380}, &(0x7f0000000080), 0x8) readv(r0, &(0x7f0000119ff0)=[{&(0x7f000061e000)=""/4096, 0xfffffe1a}], 0x3d) syz_open_dev$audion(&(0x7f00000000c0)='/dev/audio#\x00', 0x8001, 0x20000) 2018/04/06 11:41:29 executing program 6: socket$inet_udp(0x2, 0x2, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000095bffc)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) sendto$inet(r1, &(0x7f0000762fff), 0xfdc7, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001, [0x17a70000]}, 0x10) 2018/04/06 11:41:29 executing program 3: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) fcntl$getownex(0xffffffffffffff9c, 0x10, &(0x7f0000000100)) getpid() fcntl$getown(0xffffffffffffff9c, 0x9) gettid() ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) getpgrp(r0) r1 = memfd_create(&(0x7f0000000080)='em1\x00', 0x2) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000200)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) sigaltstack(&(0x7f0000013000/0x1000)=nil, &(0x7f00000000c0)) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000258f88)) msgsnd(0x0, &(0x7f0000284ff8)={0x3}, 0x0, 0x0) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000240)={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000640)={'\x00', 0x0}) ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f0000000680)=r3) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000b40)={&(0x7f0000011000/0x4000)=nil, 0x4000}) io_setup(0x1000, &(0x7f0000000040)) io_submit(0x0, 0xb0e30000000000, &(0x7f0000000000)) ioctl$VHOST_RESET_OWNER(r1, 0xaf02, 0x0) 2018/04/06 11:41:29 executing program 4 (fault-call:5 fault-nth:8): r0 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000200)={r1}, &(0x7f00000000c0)=0x8) close(r0) setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040), 0x4) perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$rdma_cm(0xffffffffffffffff, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080), 0x2}}, 0xfffffe84) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000002c0)={0x0, {{0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, [], 0x19}, 0x6c}}, {{0xa, 0x4e20, 0x0, @remote={0xfe, 0x80, [], 0xbb}}}}, 0x108) 2018/04/06 11:41:29 executing program 7: capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) r0 = syz_open_dev$sndseq(&(0x7f0000000000)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r0, 0x40505331, &(0x7f0000000280)={{}, {0xe}, 0x0, 0x1, 0x3}) msgget(0x2, 0x58) r1 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x81, 0x0) ioctl$LOOP_SET_CAPACITY(r1, 0x4c07) syz_open_dev$dmmidi(&(0x7f0000000140)='/dev/dmmidi#\x00', 0xfe, 0x80) ioctl$LOOP_GET_STATUS(r1, 0x4c03, &(0x7f0000000040)) ioctl$TIOCOUTQ(r1, 0x5411, &(0x7f0000000180)) [ 406.945313] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000020013000 [ 406.952569] RBP: 000000000072c010 R08: 0000000000000000 R09: 0000000000000000 [ 406.959824] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 406.967071] R13: 0000000000000608 R14: 00000000006fc160 R15: 0000000000000002 2018/04/06 11:41:29 executing program 5: capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) msgget(0x2, 0x58) ioctl$EVIOCGNAME(0xffffffffffffffff, 0x80404506, &(0x7f0000000040)=""/22) [ 407.023821] FAULT_INJECTION: forcing a failure. [ 407.023821] name failslab, interval 1, probability 0, space 0, times 0 [ 407.035133] CPU: 0 PID: 25430 Comm: syz-executor4 Not tainted 4.16.0+ #3 [ 407.041976] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 407.051331] Call Trace: [ 407.053935] dump_stack+0x1b9/0x294 [ 407.057579] ? dump_stack_print_info.cold.2+0x52/0x52 [ 407.062776] ? lock_downgrade+0x8e0/0x8e0 [ 407.066935] should_fail.cold.4+0xa/0x1a [ 407.071011] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 407.076123] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 407.081335] ? graph_lock+0x170/0x170 [ 407.085151] ? is_bpf_text_address+0xd7/0x170 [ 407.089658] ? find_held_lock+0x36/0x1c0 [ 407.093732] ? __lock_is_held+0xb5/0x140 [ 407.097809] ? check_same_owner+0x320/0x320 [ 407.102139] ? rcu_note_context_switch+0x710/0x710 [ 407.107076] ? snd_pcm_oss_sync.isra.29+0x27f/0x980 [ 407.112100] ? snd_pcm_oss_release+0x214/0x290 [ 407.116686] ? __fput+0x34d/0x890 [ 407.120150] should_failslab+0x124/0x180 [ 407.124219] __kmalloc+0x2c8/0x760 [ 407.127760] ? print_usage_bug+0xc0/0xc0 [ 407.131823] ? kasan_check_write+0x14/0x20 [ 407.136068] ? do_raw_spin_lock+0xc1/0x200 [ 407.140308] ? snd_pcm_plugin_build+0x64/0x670 [ 407.144897] snd_pcm_plugin_build+0x64/0x670 [ 407.149312] snd_pcm_plugin_build_linear+0x29d/0x900 [ 407.154422] ? linear_transfer+0xa20/0xa20 [ 407.158673] snd_pcm_plug_format_plugins+0x7c8/0x1a60 [ 407.163877] ? snd_pcm_plug_slave_format+0x760/0x760 [ 407.169006] ? snd_interval_refine+0x428/0x700 [ 407.173598] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 407.179144] ? snd_pcm_hw_param_max+0x730/0x730 [ 407.183822] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 407.189030] snd_pcm_oss_change_params_locked+0x11bd/0x3ce0 [ 407.194772] ? snd_pcm_hw_param_near.constprop.35+0xb10/0xb10 [ 407.200697] ? debug_check_no_locks_freed+0x310/0x310 [ 407.205889] ? debug_check_no_locks_freed+0x310/0x310 [ 407.211078] ? check_same_owner+0x320/0x320 [ 407.215410] ? find_held_lock+0x36/0x1c0 [ 407.219475] ? graph_lock+0x170/0x170 [ 407.223284] ? lock_downgrade+0x8e0/0x8e0 [ 407.227439] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 407.232988] ? do_lock_file_wait.part.32+0x240/0x240 [ 407.238106] snd_pcm_oss_change_params+0x80/0xe0 [ 407.242860] snd_pcm_oss_make_ready+0xbe/0x170 [ 407.247458] snd_pcm_oss_sync.isra.29+0x27f/0x980 [ 407.252292] ? snd_pcm_oss_sync1+0x5a0/0x5a0 [ 407.256691] ? fsnotify_first_mark+0x330/0x330 [ 407.261273] snd_pcm_oss_release+0x214/0x290 [ 407.265687] ? snd_pcm_oss_sync.isra.29+0x980/0x980 [ 407.270702] __fput+0x34d/0x890 [ 407.273968] ? fput+0x1a0/0x1a0 [ 407.277232] ? _raw_spin_unlock_irq+0x27/0x70 [ 407.281713] ____fput+0x15/0x20 [ 407.284981] task_work_run+0x1e4/0x290 [ 407.288860] ? task_work_cancel+0x240/0x240 [ 407.293165] ? exit_to_usermode_loop+0x87/0x310 [ 407.297826] exit_to_usermode_loop+0x2bd/0x310 [ 407.302404] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 407.307238] do_syscall_64+0x792/0x9d0 [ 407.311117] ? vmalloc_sync_all+0x30/0x30 [ 407.315258] ? _raw_spin_unlock_irq+0x27/0x70 [ 407.319738] ? finish_task_switch+0x1ca/0x820 [ 407.324216] ? syscall_return_slowpath+0x5c0/0x5c0 [ 407.329129] ? syscall_return_slowpath+0x30f/0x5c0 [ 407.334054] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 407.339401] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 407.344233] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 407.349401] RIP: 0033:0x4552d9 [ 407.352572] RSP: 002b:00007ff8a6ac2c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000003 [ 407.360263] RAX: 0000000000000000 RBX: 00007ff8a6ac36d4 RCX: 00000000004552d9 [ 407.367513] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000013 [ 407.374763] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 407.382022] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014 [ 407.389278] R13: 0000000000000052 R14: 00000000006f3850 R15: 0000000000000008 [ 407.933576] FAULT_FLAG_ALLOW_RETRY missing 30 [ 407.938175] CPU: 0 PID: 25449 Comm: syz-executor3 Not tainted 4.16.0+ #3 [ 407.945006] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 407.954338] Call Trace: [ 407.956912] dump_stack+0x1b9/0x294 [ 407.960519] ? dump_stack_print_info.cold.2+0x52/0x52 [ 407.965696] ? kasan_check_write+0x14/0x20 [ 407.969916] ? do_raw_spin_lock+0xc1/0x200 [ 407.974135] handle_userfault.cold.32+0x44/0x57 [ 407.978783] ? handle_userfault+0x16c6/0x2760 [ 407.983267] ? userfaultfd_ioctl+0x4d10/0x4d10 [ 407.987831] ? debug_check_no_locks_freed+0x310/0x310 [ 407.993002] ? find_held_lock+0x36/0x1c0 [ 407.997061] ? print_usage_bug+0xc0/0xc0 [ 408.001113] ? print_usage_bug+0xc0/0xc0 [ 408.005186] ? check_same_owner+0x320/0x320 [ 408.009489] ? do_raw_spin_unlock+0x9e/0x2e0 [ 408.013880] ? __lock_acquire+0x7f5/0x5130 [ 408.018098] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 408.023616] ? graph_lock+0x170/0x170 [ 408.027399] ? debug_check_no_locks_freed+0x310/0x310 [ 408.032585] ? find_held_lock+0x36/0x1c0 [ 408.036631] ? lock_downgrade+0x8e0/0x8e0 [ 408.040765] ? kasan_check_read+0x11/0x20 [ 408.044898] ? do_raw_spin_unlock+0x9e/0x2e0 [ 408.049283] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 408.053848] ? kasan_check_write+0x14/0x20 [ 408.058062] ? do_raw_spin_lock+0xc1/0x200 [ 408.062279] __handle_mm_fault+0x34be/0x4150 [ 408.066668] ? vm_insert_mixed_mkwrite+0x40/0x40 [ 408.071404] ? graph_lock+0x170/0x170 [ 408.075187] ? find_held_lock+0x36/0x1c0 [ 408.079232] ? lock_downgrade+0x8e0/0x8e0 [ 408.083367] ? handle_mm_fault+0x8c0/0xc70 [ 408.087580] handle_mm_fault+0x53a/0xc70 [ 408.091621] ? __handle_mm_fault+0x4150/0x4150 [ 408.096185] ? find_vma+0x34/0x190 [ 408.099710] __do_page_fault+0x60b/0xe40 [ 408.103753] ? mm_fault_error+0x380/0x380 [ 408.107879] ? graph_lock+0x170/0x170 [ 408.111673] do_page_fault+0xee/0x8a7 [ 408.115459] ? vmalloc_sync_all+0x30/0x30 [ 408.119589] ? find_held_lock+0x36/0x1c0 [ 408.123638] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 408.128462] page_fault+0x25/0x50 [ 408.131894] RIP: 0010:copy_user_generic_unrolled+0x86/0xc0 [ 408.137491] RSP: 0018:ffff88018cc6fce8 EFLAGS: 00010206 [ 408.142832] RAX: ffffed003198dfae RBX: 0000000000000018 RCX: 0000000000000003 [ 408.150080] RDX: 0000000000000000 RSI: 0000000020013000 RDI: ffff88018cc6fd58 [ 408.157328] RBP: ffff88018cc6fd20 R08: ffffed003198dfae R09: ffffed003198dfab [ 408.164573] R10: ffffed003198dfad R11: ffff88018cc6fd6f R12: 0000000020013018 [ 408.171821] R13: 0000000020013000 R14: ffff88018cc6fd58 R15: 00007ffffffff000 [ 408.179084] ? _copy_from_user+0x10d/0x150 [ 408.183305] SyS_sigaltstack+0xae/0x320 [ 408.187259] ? do_sigaction+0xa50/0xa50 [ 408.191216] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 408.196733] ? fput+0x130/0x1a0 [ 408.199992] ? ksys_ioctl+0x81/0xd0 [ 408.203598] ? do_syscall_64+0xb7/0x9d0 [ 408.207554] ? do_sigaction+0xa50/0xa50 [ 408.211509] do_syscall_64+0x29e/0x9d0 [ 408.215375] ? vmalloc_sync_all+0x30/0x30 [ 408.219503] ? _raw_spin_unlock_irq+0x27/0x70 [ 408.223986] ? finish_task_switch+0x1ca/0x820 [ 408.228470] ? syscall_return_slowpath+0x5c0/0x5c0 [ 408.233381] ? syscall_return_slowpath+0x30f/0x5c0 [ 408.238301] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 408.243653] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 408.248476] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 408.253650] RIP: 0033:0x4552d9 [ 408.256825] RSP: 002b:00007ff15ecfec68 EFLAGS: 00000246 ORIG_RAX: 0000000000000083 [ 408.264512] RAX: ffffffffffffffda RBX: 00007ff15ecff6d4 RCX: 00000000004552d9 [ 408.271760] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000020013000 [ 408.279010] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 408.286255] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 408.293499] R13: 0000000000000608 R14: 00000000006fc160 R15: 0000000000000000 [ 408.434192] FAULT_FLAG_ALLOW_RETRY missing 30 [ 408.438767] CPU: 1 PID: 25465 Comm: syz-executor3 Not tainted 4.16.0+ #3 [ 408.445589] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 408.454921] Call Trace: [ 408.457497] dump_stack+0x1b9/0x294 [ 408.461119] ? dump_stack_print_info.cold.2+0x52/0x52 [ 408.466292] ? kasan_check_write+0x14/0x20 [ 408.470530] ? do_raw_spin_lock+0xc1/0x200 [ 408.474752] handle_userfault.cold.32+0x44/0x57 [ 408.479401] ? handle_userfault+0x16c6/0x2760 [ 408.483895] ? userfaultfd_ioctl+0x4d10/0x4d10 [ 408.488458] ? debug_check_no_locks_freed+0x310/0x310 [ 408.493627] ? find_held_lock+0x36/0x1c0 [ 408.497673] ? print_usage_bug+0xc0/0xc0 [ 408.501722] ? print_usage_bug+0xc0/0xc0 [ 408.505765] ? kasan_check_read+0x11/0x20 [ 408.509895] ? check_same_owner+0x320/0x320 [ 408.514213] ? do_raw_spin_unlock+0x9e/0x2e0 [ 408.518617] ? __lock_acquire+0x7f5/0x5130 [ 408.522845] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 408.528364] ? graph_lock+0x170/0x170 [ 408.532150] ? debug_check_no_locks_freed+0x310/0x310 [ 408.537320] ? find_held_lock+0x36/0x1c0 [ 408.541381] ? lock_downgrade+0x8e0/0x8e0 [ 408.545538] ? kasan_check_read+0x11/0x20 [ 408.549673] ? do_raw_spin_unlock+0x9e/0x2e0 [ 408.554063] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 408.558624] ? kasan_check_write+0x14/0x20 [ 408.562841] ? do_raw_spin_lock+0xc1/0x200 [ 408.567059] __handle_mm_fault+0x34be/0x4150 [ 408.571461] ? vm_insert_mixed_mkwrite+0x40/0x40 [ 408.576195] ? graph_lock+0x170/0x170 [ 408.579975] ? graph_lock+0x170/0x170 [ 408.583759] ? find_held_lock+0x36/0x1c0 [ 408.587801] ? lock_downgrade+0x8e0/0x8e0 [ 408.591935] ? handle_mm_fault+0x8c0/0xc70 [ 408.596161] handle_mm_fault+0x53a/0xc70 [ 408.600217] ? __handle_mm_fault+0x4150/0x4150 [ 408.604788] ? find_vma+0x34/0x190 [ 408.608308] __do_page_fault+0x60b/0xe40 [ 408.612351] ? mm_fault_error+0x380/0x380 [ 408.616492] ? graph_lock+0x170/0x170 [ 408.620276] do_page_fault+0xee/0x8a7 [ 408.624057] ? vmalloc_sync_all+0x30/0x30 [ 408.628186] ? __fget+0x40c/0x650 [ 408.631621] ? find_held_lock+0x36/0x1c0 [ 408.635667] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 408.640491] page_fault+0x25/0x50 [ 408.643925] RIP: 0010:copy_user_generic_unrolled+0x86/0xc0 [ 408.649524] RSP: 0018:ffff88018a67fce8 EFLAGS: 00010206 [ 408.654868] RAX: ffffed00314cffae RBX: 0000000000000018 RCX: 0000000000000003 [ 408.662114] RDX: 0000000000000000 RSI: 0000000020013000 RDI: ffff88018a67fd58 [ 408.669360] RBP: ffff88018a67fd20 R08: ffffed00314cffae R09: ffffed00314cffab [ 408.676609] R10: ffffed00314cffad R11: ffff88018a67fd6f R12: 0000000020013018 [ 408.683856] R13: 0000000020013000 R14: ffff88018a67fd58 R15: 00007ffffffff000 [ 408.691118] ? _copy_from_user+0x10d/0x150 [ 408.695337] SyS_sigaltstack+0xae/0x320 [ 408.699290] ? do_sigaction+0xa50/0xa50 [ 408.703246] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 408.708772] ? fput+0x130/0x1a0 [ 408.712041] ? ksys_ioctl+0x81/0xd0 [ 408.715649] ? do_syscall_64+0xb7/0x9d0 [ 408.719602] ? do_sigaction+0xa50/0xa50 [ 408.723555] do_syscall_64+0x29e/0x9d0 [ 408.727422] ? kasan_check_write+0x14/0x20 [ 408.731637] ? syscall_return_slowpath+0x5c0/0x5c0 [ 408.736544] ? syscall_return_slowpath+0x30f/0x5c0 [ 408.741456] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 408.746800] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 408.751622] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 408.756791] RIP: 0033:0x4552d9 [ 408.759955] RSP: 002b:00007ff15ecbcc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000083 [ 408.767640] RAX: ffffffffffffffda RBX: 00007ff15ecbd6d4 RCX: 00000000004552d9 [ 408.774891] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000020013000 2018/04/06 11:41:31 executing program 7: r0 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x0, 0x2000000000008009) write(r0, &(0x7f00000000c0)="b63db85e1e8d00000200000000000000ffffffffed5ed29c7018ce0200000021914d872c678ce22c9b160e96aa1fae1ac8c067d8616e15e9ad1878bd657d8fe5acb991824947669ad976a1b21ed5da3a2fe49e50a3861ae5c1577680111d2fcce795adae6ae77522dc5161be7ca80875de4338f098da5cf52ed2f16612f8e99dcd997bb0e300f780ef2f44b055ae7944784ee611b97dd234808b505a177cbed78074ca0868c5269a97df827d54a02e38b4315b0075dab3073023ddec0d145af8", 0xc0) r1 = socket$inet(0xa, 0x800801, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000180)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000000000000000000000000000000e000060020000ffffffff00000000300100009800a4b4bd9affffffffffffc8010000c8010000c8019be8ffffffff04000000000000000008dc11042c255b4af16bde8935a574e7172956eaddbe15e3a66e55b26e2219ed14553d6f07a0618ac8c61e02cfa227a555b7caa7b5fb35f2ea647a9936b0ae9918fba1a65ebedbc2daa69a420c5afbae5173277ec6b3"], 0x1) write(r0, &(0x7f0000000380)="4a2448e920fb3eb3bc53ce2c", 0xc) fcntl$getownex(r1, 0x10, &(0x7f0000000040)={0x0, 0x0}) ptrace(0x421f, r2) r3 = socket$inet(0x2, 0x3, 0x2) getsockopt$inet_sctp_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f0000000080), &(0x7f0000000240)=0x8) setsockopt$inet_opts(r3, 0x0, 0x4, &(0x7f0000000fe3)="441f08f10000000000ffff00000302781305004ca600e211a100000101", 0x1d) sendto$inet(r3, &(0x7f0000000080), 0x0, 0x0, &(0x7f0000000140)={0x2, 0x4e20}, 0x10) 2018/04/06 11:41:31 executing program 5: ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000000)={0x4, 0xffffffffffffff9c, 0x1}) ioctl$SNDRV_TIMER_IOCTL_TREAD(r0, 0x40045402, &(0x7f0000000040)=0x1) capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) msgget(0x2, 0x58) 2018/04/06 11:41:31 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000851ff7)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffff9c, 0x89e2, &(0x7f0000000000)={r1}) getsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(r2, 0x84, 0x7, &(0x7f0000000080), &(0x7f00000000c0)=0x4) r3 = eventfd2(0x0, 0x0) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000fe0)={r3}) read$eventfd(r3, &(0x7f00006e8ff8), 0x8) setsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r2, 0x84, 0x1e, &(0x7f0000000100)=0x4, 0x4) write$eventfd(r3, &(0x7f0000000040)=0x3, 0x8) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f0000000140)={0x0, 0x80000000, 0x400}, &(0x7f0000000180)=0x8) getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r2, 0x84, 0x1a, &(0x7f00000001c0)={r4, 0x64, "4da79cf4ff961d051f1eac18de5adb437fe40d4760bd35aebbc23148adfe00cba66278df11f7195feae71d9a6e82ff6fa51f5ed98fa5a2d59ee14fa89a7e2b121d9527d1b7215930e37ad87dc312938458c955eca6a7d0784e7657526b9e41d5ada488b4"}, &(0x7f0000000240)=0x6c) 2018/04/06 11:41:31 executing program 1: r0 = socket(0x0, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) r1 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x52, r1, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000000200)={0x0, 0x4c, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30445cc3106098c1375dee48494f9360a6dceec8517e"}, &(0x7f00000000c0)=0x54) close(r1) setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(r0, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$alg(0x26, 0x5, 0x0) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000640)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000140), &(0x7f0000000180)) close(r3) sendmmsg(0xffffffffffffffff, &(0x7f0000002280)=[{{&(0x7f00000006c0)=@pppoe={0x18, 0x0, {0x3, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, 'ip6tnl0\x00'}}, 0x80, &(0x7f0000000ec0)=[{&(0x7f0000000740)="964616d1dafb11d6d905ea33bd4eaea0dd04eb847bc0a1210ca9456143e31b8ce14caf4a0646bc639707d10aba3e652495977a7a6d3fc41ef6364c47c2266aa410a490f920f407161207ec5352e1ce6c3822d3a2ae063583609298790a58b73fccaac3665dd78ab4a15d4c12a996799f41dc79b9f3d57a627a7517cb0b51c0cecf43519f19db25073246fa0d8e29d209ee94372325d56aa5ae8d45", 0x9b}], 0x1, &(0x7f0000000f40)=[{0x30, 0x103, 0x918, "b9b0597d21d227c112b74fbadc29c742bca992f94f18f93f4a69"}], 0x30, 0x4045}, 0x610}], 0x1, 0x4001) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x13860b96, 0xa0000) fcntl$getownex(r2, 0x10, &(0x7f0000000680)) 2018/04/06 11:41:31 executing program 6: socket$inet_udp(0x2, 0x2, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000095bffc)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) sendto$inet(r1, &(0x7f0000762fff), 0xfdc7, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001, [0x974a0000]}, 0x10) 2018/04/06 11:41:31 executing program 4 (fault-call:5 fault-nth:9): r0 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000200)={r1}, &(0x7f00000000c0)=0x8) close(r0) setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040), 0x4) perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$rdma_cm(0xffffffffffffffff, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080), 0x2}}, 0xfffffe84) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000002c0)={0x0, {{0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, [], 0x19}, 0x6c}}, {{0xa, 0x4e20, 0x0, @remote={0xfe, 0x80, [], 0xbb}}}}, 0x108) 2018/04/06 11:41:31 executing program 3: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) fcntl$getownex(0xffffffffffffff9c, 0x10, &(0x7f0000000100)) getpid() fcntl$getown(0xffffffffffffff9c, 0x9) gettid() ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) getpgrp(r0) r1 = memfd_create(&(0x7f0000000080)='em1\x00', 0x2) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000200)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) sigaltstack(&(0x7f0000013000/0x1000)=nil, &(0x7f00000000c0)) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000258f88)) msgsnd(0x0, &(0x7f0000284ff8)={0x3}, 0x0, 0x0) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000240)={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000640)={'\x00', 0x0}) ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f0000000680)=r3) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000b40)={&(0x7f0000011000/0x4000)=nil, 0x4000}) io_setup(0x1000, &(0x7f0000000040)) io_submit(0x0, 0x206f0000000000, &(0x7f0000000000)) ioctl$VHOST_RESET_OWNER(r1, 0xaf02, 0x0) 2018/04/06 11:41:31 executing program 2: open(&(0x7f0000000000)='./bus\x00', 0x100000141842, 0x0) syz_mount_image$ntfs(&(0x7f0000000440)='ntfs\x00', &(0x7f0000000480)='./bus\x00', 0x0, 0x0, &(0x7f00000006c0), 0x1000, &(0x7f0000000740)=ANY=[]) r0 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) syz_mount_image$hfs(&(0x7f0000001780)='hfs\x00', &(0x7f0000000100)='./bus\x00', 0x0, 0xccf, &(0x7f0000001a40)=[{&(0x7f0000001c00)="c3109cfc6f65b837063b7bbc3d4a7d202d2b9984a215c7b7bd25480c1babe9aadb78e3c53ec529cb288497a5ff7386ab50bc1a8c89", 0x0, 0x401}, {&(0x7f0000001800)="2ddea5d98171285eddea030c82c3ebbbe9ef0086979c4d89f51697a723698cc79f113fca18d8ec8bb4942cb405ffaeeeafc6b09a0aa44324f534c9b7f57352f0c6be30573567dee6adbbdffa5bc32a5b00201e68181092887cf576f0703f060812cd5047561a4c92d2fe195c21c60625c482c212ec431a19596ad1012108999bc75ae3480f0e76a36376ac63a8", 0x0, 0x5}, {&(0x7f00000018c0)="c5530d8833354b18ef6baebf606c24f24d221ae3c07931be7198141ec53fd728927e5f00e021449a33baca2a22cf99667bb62ad1c43215e3f08aaced4246a353f263c0b7595b47c7a50af4436c372f265f8434d31934351c965767c877bce2ca431539e8a01395cb17c6c5e7c94ccf3bafb07d8b5e8c8a7c931e0d769db9d35a00cb5aa0044e6a6a561fd1afe1", 0x0, 0x5}, {&(0x7f0000001ac0)="a6c3452050343eb065584cf53ea65ae330a5f6fabf78091e23a81fecb3775e4b4b863ad23c978b4d06569e6a36869f4d6ab49a561ec1407526f64751bf75483fb2755e3dd399f154e42b71bf2ba4b06f84d08c82013cccce8d83cc8522875560acd751f4f33688881c070e6ef463499ee9e91f792ae72561196b6ba9dc495e6762dbb6f5c913a4aeab57f7ff1fec996193598848aca0c65638fffb8af2141e66a90fe4ae167772c4c599843c560c877e454fdb686a3b7df3bc64de67f0ab300a68bb0beb5a6e2c52ef9e161399bf3a9939b04d804247cd6b3c9682eaf9ba0fdf8721b778b0f8e7905b17a1210b17ce35b1fb4f78497d438165b2019a31462ffaad8347218795323dd876bfaa1f6f7eec0187f0b9e41c54ba73230f635b3f4c2fd658e725afc3135bbb160347c72457a5da34344443b7f7c8ab479f9e63", 0x0, 0x7}], 0x10000, &(0x7f0000000780)=ANY=[]) write$cgroup_pid(r0, &(0x7f0000000040)={[0x0]}, 0x1) write$cgroup_pid(r0, &(0x7f0000000180), 0x1d2) [ 408.782148] RBP: 000000000072c010 R08: 0000000000000000 R09: 0000000000000000 [ 408.789393] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 408.796639] R13: 0000000000000608 R14: 00000000006fc160 R15: 0000000000000002 [ 408.845541] sg_write: data in/out 36090/144 bytes for SCSI command 0x67-- guessing data in; [ 408.845541] program syz-executor7 not setting count and/or reply_len properly [ 408.877334] FAULT_INJECTION: forcing a failure. [ 408.877334] name failslab, interval 1, probability 0, space 0, times 0 [ 408.888680] CPU: 1 PID: 25482 Comm: syz-executor4 Not tainted 4.16.0+ #3 [ 408.895533] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 408.904894] Call Trace: [ 408.907490] dump_stack+0x1b9/0x294 [ 408.911136] ? dump_stack_print_info.cold.2+0x52/0x52 [ 408.915006] sg_write: data in/out 36090/144 bytes for SCSI command 0x67-- guessing data in; [ 408.915006] program syz-executor7 not setting count and/or reply_len properly [ 408.916330] ? __save_stack_trace+0x7e/0xd0 [ 408.916366] should_fail.cold.4+0xa/0x1a [ 408.940581] ? fault_create_debugfs_attr+0x1f0/0x1f0 2018/04/06 11:41:31 executing program 5: r0 = add_key$keyring(&(0x7f0000000080)='keyring\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a, 0x2}, 0x0, 0x0, 0xfffffffffffffffa) r1 = add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a, 0x3}, 0x0, 0x0, 0xffffffffffffffff) keyctl$link(0x8, r0, r1) capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) removexattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)=@known='com.apple.system.Security\x00') msgget(0x3, 0x54) [ 408.945690] ? kasan_kmalloc+0xc4/0xe0 [ 408.949587] ? __kmalloc+0x14e/0x760 [ 408.953307] ? snd_pcm_plugin_build+0x64/0x670 [ 408.957890] ? snd_pcm_plugin_build_linear+0x29d/0x900 [ 408.963169] ? snd_pcm_plug_format_plugins+0x7c8/0x1a60 [ 408.968538] ? snd_pcm_oss_change_params_locked+0x11bd/0x3ce0 [ 408.974436] ? graph_lock+0x170/0x170 [ 408.978240] ? snd_pcm_oss_release+0x214/0x290 [ 408.982822] ? __fput+0x34d/0x890 [ 408.986277] ? ____fput+0x15/0x20 [ 408.989733] ? task_work_run+0x1e4/0x290 2018/04/06 11:41:31 executing program 5: capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) msgget(0x2, 0x58) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000000)=0x0) ptrace$setopts(0x4206, r0, 0x5, 0x20) [ 408.993799] ? exit_to_usermode_loop+0x2bd/0x310 [ 408.998554] ? do_syscall_64+0x792/0x9d0 [ 409.002620] ? find_held_lock+0x36/0x1c0 [ 409.006691] ? __lock_is_held+0xb5/0x140 [ 409.010767] ? check_same_owner+0x320/0x320 [ 409.015096] ? rcu_note_context_switch+0x710/0x710 [ 409.020036] should_failslab+0x124/0x180 [ 409.024103] __kmalloc+0x2c8/0x760 [ 409.027644] ? print_usage_bug+0xc0/0xc0 [ 409.031703] ? kasan_check_write+0x14/0x20 [ 409.035940] ? do_raw_spin_lock+0xc1/0x200 [ 409.040178] ? snd_pcm_plugin_build+0x448/0x670 2018/04/06 11:41:31 executing program 5: capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) msgget(0x0, 0x205) 2018/04/06 11:41:31 executing program 5: capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) msgget(0x2, 0x58) r0 = fcntl$dupfd(0xffffffffffffffff, 0x406, 0xffffffffffffffff) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000280)='/dev/autofs\x00', 0x4000, 0x0) ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f0000000040)={0x3, r1}) [ 409.044853] snd_pcm_plugin_build+0x448/0x670 [ 409.049350] snd_pcm_plugin_build_linear+0x29d/0x900 [ 409.054458] ? linear_transfer+0xa20/0xa20 [ 409.058699] snd_pcm_plug_format_plugins+0x7c8/0x1a60 [ 409.063904] ? snd_pcm_plug_slave_format+0x760/0x760 [ 409.069010] ? snd_interval_refine+0x428/0x700 [ 409.073598] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 409.079141] ? snd_pcm_hw_param_max+0x730/0x730 [ 409.083811] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 409.089008] snd_pcm_oss_change_params_locked+0x11bd/0x3ce0 2018/04/06 11:41:31 executing program 7: r0 = syz_open_dev$sndpcmp(&(0x7f00000001c0)='/dev/snd/pcmC#D#p\x00', 0x100000001, 0x800) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000200)={0x0, 0x2, 0x8, 0x8, 0x401, 0x4d, 0x4, 0x2, 0x269, 0xffffffffffffffff}) r1 = perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = socket(0xa, 0x5, 0x1) getsockopt$inet6_mreq(r2, 0x29, 0x18, &(0x7f0000000200)={@loopback, 0x0}, &(0x7f0000000080)=0x14) r4 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000180)='/selinux/enforce\x00', 0x400800, 0x0) connect$can_bcm(r2, &(0x7f0000000040)={0x1d, r3}, 0x10) getsockopt$inet_sctp6_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f00000000c0)=@assoc_value={0x0}, &(0x7f0000000100)=0x8) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f00000002c0)={r5, @in6={{0xa, 0x4e22, 0x7b, @local={0xfe, 0x80, [], 0xaa}, 0x2000000000000000}}, 0x9, 0x100}, 0x90) fallocate(r4, 0x8, 0x0, 0x1000) r6 = socket(0x200000000010, 0x2, 0x0) write(r6, &(0x7f0000000000)="2400000024007fee40001200000001000d0ff6ff010000000000f300f1ffffff1300ff10", 0x24) ioctl$LOOP_SET_DIRECT_IO(r0, 0x4c08, 0x6) sendfile(r1, r4, 0x0, 0x400) 2018/04/06 11:41:31 executing program 5: capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) msgget(0x2, 0x58) r0 = accept$packet(0xffffffffffffffff, 0x0, &(0x7f0000000140)) pipe2(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f0000000180)={0x1, r0, 0x1}) setsockopt$inet_buf(r3, 0x0, 0x2c, &(0x7f0000000040)="0f3969c1185675779ab99d82f0939e2146bd3306f26edf6dc114b703a1242ecd642fe40c43a171119aa2198a58aaa82150934d1e3ec66e893a476df8dab4a1ee7c7ba0afe0f295f19a1381682e643d2a36341ada513580481af1910074a2d1f6cb93ccf2f2e2128679ff1842a6eeec79c83de1256853d5b9dcee85ba70ad35345d408261", 0x84) getpeername$packet(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000200)=0x14) setsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f0000000240)={r4, @multicast2=0xe0000002}, 0xc) [ 409.094737] ? snd_pcm_hw_param_near.constprop.35+0xb10/0xb10 [ 409.100627] ? debug_check_no_locks_freed+0x310/0x310 [ 409.105819] ? debug_check_no_locks_freed+0x310/0x310 [ 409.111014] ? check_same_owner+0x320/0x320 [ 409.115340] ? find_held_lock+0x36/0x1c0 [ 409.119402] ? graph_lock+0x170/0x170 [ 409.123210] ? lock_downgrade+0x8e0/0x8e0 [ 409.127362] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 409.132908] ? do_lock_file_wait.part.32+0x240/0x240 [ 409.138021] snd_pcm_oss_change_params+0x80/0xe0 [ 409.142780] snd_pcm_oss_make_ready+0xbe/0x170 [ 409.147365] snd_pcm_oss_sync.isra.29+0x27f/0x980 [ 409.152218] ? snd_pcm_oss_sync1+0x5a0/0x5a0 [ 409.156630] ? fsnotify_first_mark+0x330/0x330 [ 409.161225] snd_pcm_oss_release+0x214/0x290 [ 409.165635] ? snd_pcm_oss_sync.isra.29+0x980/0x980 [ 409.170655] __fput+0x34d/0x890 [ 409.173943] ? fput+0x1a0/0x1a0 [ 409.177234] ? _raw_spin_unlock_irq+0x27/0x70 [ 409.181736] ____fput+0x15/0x20 [ 409.185022] task_work_run+0x1e4/0x290 [ 409.188906] ? task_work_cancel+0x240/0x240 [ 409.193225] ? exit_to_usermode_loop+0x87/0x310 [ 409.197889] exit_to_usermode_loop+0x2bd/0x310 [ 409.202550] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 409.207390] do_syscall_64+0x792/0x9d0 [ 409.211263] ? vmalloc_sync_all+0x30/0x30 [ 409.215401] ? _raw_spin_unlock_irq+0x27/0x70 [ 409.219884] ? finish_task_switch+0x1ca/0x820 [ 409.224367] ? syscall_return_slowpath+0x5c0/0x5c0 [ 409.229282] ? syscall_return_slowpath+0x30f/0x5c0 [ 409.234203] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 409.239557] ? trace_hardirqs_off_thunk+0x1a/0x1c 2018/04/06 11:41:31 executing program 1: r0 = socket(0x0, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) r1 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x52, r1, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000000200)={0x0, 0x4c, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30445cc3106098c1375dee48494f9360a6dceec8517e"}, &(0x7f00000000c0)=0x54) close(r1) setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(r0, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$alg(0x26, 0x5, 0x0) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000640)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000140), &(0x7f0000000180)) close(r3) sendmmsg(0xffffffffffffffff, &(0x7f0000002280)=[{{&(0x7f00000006c0)=@pppoe={0x18, 0x0, {0x3, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, 'ip6tnl0\x00'}}, 0x80, &(0x7f0000000ec0)=[{&(0x7f0000000740)="964616d1dafb11d6d905ea33bd4eaea0dd04eb847bc0a1210ca9456143e31b8ce14caf4a0646bc639707d10aba3e652495977a7a6d3fc41ef6364c47c2266aa410a490f920f407161207ec5352e1ce6c3822d3a2ae063583609298790a58b73fccaac3665dd78ab4a15d4c12a996799f41dc79b9f3d57a627a7517cb0b51c0cecf43519f19db25073246fa0d8e29d209ee94372325d56aa5ae8d45", 0x9b}], 0x1, &(0x7f0000000f40)=[{0x30, 0x103, 0x918, "b9b0597d21d227c112b74fbadc29c742bca992f94f18f93f4a69"}], 0x30, 0x4045}, 0x610}], 0x1, 0x4001) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x13860b96, 0xa0000) fcntl$getownex(r2, 0x10, &(0x7f0000000680)) 2018/04/06 11:41:31 executing program 6: socket$inet_udp(0x2, 0x2, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000095bffc)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) sendto$inet(r1, &(0x7f0000762fff), 0xfdc7, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001, [0x700]}, 0x10) [ 409.244390] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 409.249565] RIP: 0033:0x4552d9 [ 409.252738] RSP: 002b:00007ff8a6ac2c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000003 [ 409.260435] RAX: 0000000000000000 RBX: 00007ff8a6ac36d4 RCX: 00000000004552d9 [ 409.267687] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000013 [ 409.274940] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 409.282199] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014 [ 409.289450] R13: 0000000000000052 R14: 00000000006f3850 R15: 0000000000000009 2018/04/06 11:41:31 executing program 5: capset(&(0x7f0000000100), &(0x7f0000000000)={0x2}) msgget(0x2, 0x58) 2018/04/06 11:41:31 executing program 4 (fault-call:5 fault-nth:10): r0 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000200)={r1}, &(0x7f00000000c0)=0x8) close(r0) setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040), 0x4) perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$rdma_cm(0xffffffffffffffff, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080), 0x2}}, 0xfffffe84) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000002c0)={0x0, {{0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, [], 0x19}, 0x6c}}, {{0xa, 0x4e20, 0x0, @remote={0xfe, 0x80, [], 0xbb}}}}, 0x108) [ 409.488888] FAULT_INJECTION: forcing a failure. [ 409.488888] name failslab, interval 1, probability 0, space 0, times 0 [ 409.500198] CPU: 0 PID: 25539 Comm: syz-executor4 Not tainted 4.16.0+ #3 [ 409.507048] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 409.516402] Call Trace: [ 409.519002] dump_stack+0x1b9/0x294 [ 409.522647] ? dump_stack_print_info.cold.2+0x52/0x52 [ 409.527852] ? ____fput+0x15/0x20 [ 409.531310] ? task_work_run+0x1e4/0x290 [ 409.535385] should_fail.cold.4+0xa/0x1a [ 409.539457] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 409.544578] ? graph_lock+0x170/0x170 [ 409.548384] ? find_held_lock+0x36/0x1c0 [ 409.552442] ? __lock_is_held+0xb5/0x140 [ 409.556501] ? check_same_owner+0x320/0x320 [ 409.560815] ? rcu_note_context_switch+0x710/0x710 [ 409.565742] should_failslab+0x124/0x180 [ 409.569792] __kmalloc+0x2c8/0x760 [ 409.573318] ? linear_transfer+0xa20/0xa20 [ 409.577544] ? snd_pcm_plugin_build+0x64/0x670 [ 409.582115] snd_pcm_plugin_build+0x64/0x670 [ 409.586514] snd_pcm_plugin_build_io+0x28c/0x720 [ 409.591260] ? io_playback_transfer+0x310/0x310 [ 409.595917] ? snd_pcm_hw_param_max+0x730/0x730 [ 409.600578] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 409.605762] snd_pcm_oss_change_params_locked+0x1247/0x3ce0 [ 409.611472] ? snd_pcm_hw_param_near.constprop.35+0xb10/0xb10 [ 409.617349] ? debug_check_no_locks_freed+0x310/0x310 [ 409.622526] ? debug_check_no_locks_freed+0x310/0x310 [ 409.627708] ? find_held_lock+0x36/0x1c0 [ 409.631756] ? graph_lock+0x170/0x170 [ 409.635549] ? perf_trace_lock+0xd6/0x900 [ 409.639689] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 409.645215] ? zap_class+0x720/0x720 [ 409.648917] ? do_lock_file_wait.part.32+0x240/0x240 [ 409.654024] snd_pcm_oss_change_params+0x80/0xe0 [ 409.658769] snd_pcm_oss_make_ready+0xbe/0x170 [ 409.663511] snd_pcm_oss_sync.isra.29+0x27f/0x980 [ 409.668343] ? snd_pcm_oss_sync1+0x5a0/0x5a0 [ 409.672740] ? fsnotify_first_mark+0x330/0x330 [ 409.677310] snd_pcm_oss_release+0x214/0x290 [ 409.681707] ? snd_pcm_oss_sync.isra.29+0x980/0x980 [ 409.686709] __fput+0x34d/0x890 [ 409.689981] ? fput+0x1a0/0x1a0 [ 409.693253] ? _raw_spin_unlock_irq+0x27/0x70 [ 409.697740] ____fput+0x15/0x20 [ 409.701005] task_work_run+0x1e4/0x290 [ 409.704886] ? task_work_cancel+0x240/0x240 [ 409.709199] ? exit_to_usermode_loop+0x87/0x310 [ 409.713859] exit_to_usermode_loop+0x2bd/0x310 [ 409.718428] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 409.723269] do_syscall_64+0x792/0x9d0 [ 409.727140] ? vmalloc_sync_all+0x30/0x30 [ 409.731274] ? _raw_spin_unlock_irq+0x27/0x70 [ 409.735755] ? finish_task_switch+0x1ca/0x820 [ 409.740238] ? syscall_return_slowpath+0x5c0/0x5c0 [ 409.745153] ? syscall_return_slowpath+0x30f/0x5c0 [ 409.750075] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 409.755431] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 409.760266] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 409.765446] RIP: 0033:0x4552d9 [ 409.768624] RSP: 002b:00007ff8a6ac2c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000003 [ 409.776326] RAX: 0000000000000000 RBX: 00007ff8a6ac36d4 RCX: 00000000004552d9 [ 409.783583] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000013 [ 409.790840] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 409.798092] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014 [ 409.805348] R13: 0000000000000052 R14: 00000000006f3850 R15: 000000000000000a [ 409.858970] FAULT_FLAG_ALLOW_RETRY missing 30 [ 409.863593] CPU: 0 PID: 25476 Comm: syz-executor3 Not tainted 4.16.0+ #3 [ 409.870437] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 409.879795] Call Trace: [ 409.882398] dump_stack+0x1b9/0x294 [ 409.886042] ? dump_stack_print_info.cold.2+0x52/0x52 [ 409.891243] ? kasan_check_write+0x14/0x20 [ 409.895490] ? do_raw_spin_lock+0xc1/0x200 [ 409.899740] handle_userfault.cold.32+0x44/0x57 [ 409.904420] ? handle_userfault+0x16c6/0x2760 [ 409.908919] ? userfaultfd_ioctl+0x4d10/0x4d10 [ 409.913486] ? debug_check_no_locks_freed+0x310/0x310 [ 409.918659] ? rb_erase+0x3530/0x3530 [ 409.922445] ? print_usage_bug+0xc0/0xc0 [ 409.926485] ? match_held_lock+0x801/0x8b0 [ 409.930704] ? print_usage_bug+0xc0/0xc0 [ 409.934752] ? print_usage_bug+0xc0/0xc0 [ 409.938803] ? lock_downgrade+0x8e0/0x8e0 [ 409.942931] ? lock_downgrade+0x8e0/0x8e0 [ 409.947069] ? __lock_acquire+0x7f5/0x5130 [ 409.951287] ? graph_lock+0x170/0x170 [ 409.955073] ? debug_check_no_locks_freed+0x310/0x310 [ 409.960243] ? find_held_lock+0x36/0x1c0 [ 409.964298] ? lock_downgrade+0x8e0/0x8e0 [ 409.968443] ? kasan_check_read+0x11/0x20 [ 409.972573] ? do_raw_spin_unlock+0x9e/0x2e0 [ 409.976965] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 409.981531] ? kasan_check_write+0x14/0x20 [ 409.985747] ? do_raw_spin_lock+0xc1/0x200 [ 409.989968] __handle_mm_fault+0x34be/0x4150 [ 409.994361] ? vm_insert_mixed_mkwrite+0x40/0x40 [ 409.999097] ? graph_lock+0x170/0x170 [ 410.002881] ? find_held_lock+0x36/0x1c0 [ 410.006925] ? lock_downgrade+0x8e0/0x8e0 [ 410.011060] ? handle_mm_fault+0x8c0/0xc70 [ 410.015278] handle_mm_fault+0x53a/0xc70 [ 410.019319] ? __handle_mm_fault+0x4150/0x4150 [ 410.023884] ? find_vma+0x34/0x190 [ 410.027407] __do_page_fault+0x60b/0xe40 [ 410.031450] ? mm_fault_error+0x380/0x380 [ 410.035575] ? __schedule+0x80f/0x1e40 [ 410.039443] ? graph_lock+0x170/0x170 [ 410.043224] do_page_fault+0xee/0x8a7 [ 410.047008] ? vmalloc_sync_all+0x30/0x30 [ 410.051149] ? find_held_lock+0x36/0x1c0 [ 410.055199] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 410.060032] page_fault+0x25/0x50 [ 410.063474] RIP: 0010:copy_user_generic_unrolled+0x86/0xc0 [ 410.069072] RSP: 0018:ffff8801b39bfce8 EFLAGS: 00010206 [ 410.074412] RAX: ffffed0036737fae RBX: 0000000000000018 RCX: 0000000000000003 [ 410.081658] RDX: 0000000000000000 RSI: 0000000020013000 RDI: ffff8801b39bfd58 [ 410.088911] RBP: ffff8801b39bfd20 R08: ffffed0036737fae R09: ffffed0036737fab [ 410.096166] R10: ffffed0036737fad R11: ffff8801b39bfd6f R12: 0000000020013018 [ 410.103416] R13: 0000000020013000 R14: ffff8801b39bfd58 R15: 00007ffffffff000 [ 410.110704] ? _copy_from_user+0x10d/0x150 [ 410.114932] SyS_sigaltstack+0xae/0x320 [ 410.118887] ? do_sigaction+0xa50/0xa50 [ 410.122844] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 410.128361] ? exit_to_usermode_loop+0x1ef/0x310 [ 410.133098] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 410.137920] ? ksys_ioctl+0x81/0xd0 [ 410.141525] ? do_syscall_64+0xb7/0x9d0 [ 410.145479] ? do_sigaction+0xa50/0xa50 [ 410.149434] do_syscall_64+0x29e/0x9d0 [ 410.153300] ? vmalloc_sync_all+0x30/0x30 [ 410.157435] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 410.162256] ? syscall_return_slowpath+0x5c0/0x5c0 [ 410.167165] ? syscall_return_slowpath+0x30f/0x5c0 [ 410.172077] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 410.177430] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 410.182264] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 410.187432] RIP: 0033:0x4552d9 [ 410.190601] RSP: 002b:00007ff15ecfec68 EFLAGS: 00000246 ORIG_RAX: 0000000000000083 [ 410.198294] RAX: ffffffffffffffda RBX: 00007ff15ecff6d4 RCX: 00000000004552d9 [ 410.205542] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000020013000 [ 410.212790] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 410.220043] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 410.227300] R13: 0000000000000608 R14: 00000000006fc160 R15: 0000000000000000 [ 410.369736] FAULT_FLAG_ALLOW_RETRY missing 30 [ 410.374356] CPU: 0 PID: 25547 Comm: syz-executor3 Not tainted 4.16.0+ #3 [ 410.381183] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 410.390518] Call Trace: [ 410.393103] dump_stack+0x1b9/0x294 [ 410.396718] ? dump_stack_print_info.cold.2+0x52/0x52 [ 410.401902] ? kasan_check_write+0x14/0x20 [ 410.406130] ? do_raw_spin_lock+0xc1/0x200 [ 410.410351] handle_userfault.cold.32+0x44/0x57 [ 410.415001] ? handle_userfault+0x16c6/0x2760 [ 410.419482] ? userfaultfd_ioctl+0x4d10/0x4d10 [ 410.424059] ? debug_check_no_locks_freed+0x310/0x310 [ 410.429232] ? find_held_lock+0x36/0x1c0 [ 410.433275] ? print_usage_bug+0xc0/0xc0 [ 410.437316] ? print_usage_bug+0xc0/0xc0 [ 410.441361] ? kasan_check_read+0x11/0x20 [ 410.445491] ? check_same_owner+0x320/0x320 [ 410.449795] ? do_raw_spin_unlock+0x9e/0x2e0 [ 410.454189] ? __lock_acquire+0x7f5/0x5130 [ 410.458411] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 410.463935] ? graph_lock+0x170/0x170 [ 410.467720] ? debug_check_no_locks_freed+0x310/0x310 [ 410.472895] ? find_held_lock+0x36/0x1c0 [ 410.476951] ? lock_downgrade+0x8e0/0x8e0 [ 410.481097] ? kasan_check_read+0x11/0x20 [ 410.485226] ? do_raw_spin_unlock+0x9e/0x2e0 [ 410.489620] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 410.494183] ? kasan_check_write+0x14/0x20 [ 410.498395] ? do_raw_spin_lock+0xc1/0x200 [ 410.502617] __handle_mm_fault+0x34be/0x4150 [ 410.507016] ? vm_insert_mixed_mkwrite+0x40/0x40 [ 410.511769] ? graph_lock+0x170/0x170 [ 410.515551] ? graph_lock+0x170/0x170 [ 410.519343] ? find_held_lock+0x36/0x1c0 [ 410.523390] ? lock_downgrade+0x8e0/0x8e0 [ 410.527527] ? handle_mm_fault+0x8c0/0xc70 [ 410.531741] handle_mm_fault+0x53a/0xc70 [ 410.535785] ? __handle_mm_fault+0x4150/0x4150 [ 410.540345] ? find_vma+0x34/0x190 [ 410.543867] __do_page_fault+0x60b/0xe40 [ 410.547911] ? mm_fault_error+0x380/0x380 [ 410.552049] ? graph_lock+0x170/0x170 [ 410.555832] do_page_fault+0xee/0x8a7 [ 410.559616] ? vmalloc_sync_all+0x30/0x30 [ 410.563752] ? __fget+0x40c/0x650 [ 410.567188] ? find_held_lock+0x36/0x1c0 [ 410.571234] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 410.576062] page_fault+0x25/0x50 [ 410.579499] RIP: 0010:copy_user_generic_unrolled+0x86/0xc0 [ 410.585096] RSP: 0018:ffff8801c8837ce8 EFLAGS: 00010206 [ 410.590438] RAX: ffffed0039106fae RBX: 0000000000000018 RCX: 0000000000000003 [ 410.598044] RDX: 0000000000000000 RSI: 0000000020013000 RDI: ffff8801c8837d58 [ 410.605295] RBP: ffff8801c8837d20 R08: ffffed0039106fae R09: ffffed0039106fab [ 410.612543] R10: ffffed0039106fad R11: ffff8801c8837d6f R12: 0000000020013018 [ 410.619794] R13: 0000000020013000 R14: ffff8801c8837d58 R15: 00007ffffffff000 [ 410.627071] ? _copy_from_user+0x10d/0x150 [ 410.631290] SyS_sigaltstack+0xae/0x320 [ 410.635244] ? do_sigaction+0xa50/0xa50 [ 410.639201] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 410.644717] ? fput+0x130/0x1a0 [ 410.647979] ? ksys_ioctl+0x81/0xd0 [ 410.651593] ? do_syscall_64+0xb7/0x9d0 [ 410.655558] ? do_sigaction+0xa50/0xa50 [ 410.659516] do_syscall_64+0x29e/0x9d0 [ 410.663384] ? _raw_spin_unlock_irq+0x27/0x70 [ 410.667862] ? finish_task_switch+0x1ca/0x820 [ 410.672339] ? syscall_return_slowpath+0x5c0/0x5c0 [ 410.677248] ? syscall_return_slowpath+0x30f/0x5c0 [ 410.682162] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 410.687509] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 410.692336] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 410.697510] RIP: 0033:0x4552d9 [ 410.700678] RSP: 002b:00007ff15ecbcc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000083 [ 410.708366] RAX: ffffffffffffffda RBX: 00007ff15ecbd6d4 RCX: 00000000004552d9 2018/04/06 11:41:33 executing program 1: r0 = socket(0x0, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) r1 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x52, r1, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000000200)={0x0, 0x4c, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30445cc3106098c1375dee48494f9360a6dceec8517e"}, &(0x7f00000000c0)=0x54) close(r1) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x65, 0x5, &(0x7f0000000000), 0x4) setsockopt$sock_int(r0, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$alg(0x26, 0x5, 0x0) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000640)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000140), &(0x7f0000000180)) close(r3) sendmmsg(0xffffffffffffffff, &(0x7f0000002280)=[{{&(0x7f00000006c0)=@pppoe={0x18, 0x0, {0x3, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, 'ip6tnl0\x00'}}, 0x80, &(0x7f0000000ec0)=[{&(0x7f0000000740)="964616d1dafb11d6d905ea33bd4eaea0dd04eb847bc0a1210ca9456143e31b8ce14caf4a0646bc639707d10aba3e652495977a7a6d3fc41ef6364c47c2266aa410a490f920f407161207ec5352e1ce6c3822d3a2ae063583609298790a58b73fccaac3665dd78ab4a15d4c12a996799f41dc79b9f3d57a627a7517cb0b51c0cecf43519f19db25073246fa0d8e29d209ee94372325d56aa5ae8d45", 0x9b}], 0x1, &(0x7f0000000f40)=[{0x30, 0x103, 0x918, "b9b0597d21d227c112b74fbadc29c742bca992f94f18f93f4a69"}], 0x30, 0x4045}, 0x610}], 0x1, 0x4001) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x13860b96, 0xa0000) fcntl$getownex(r2, 0x10, &(0x7f0000000680)) 2018/04/06 11:41:33 executing program 2: open(&(0x7f0000000000)='./bus\x00', 0x100000141842, 0x0) syz_mount_image$ntfs(&(0x7f0000000440)='ntfs\x00', &(0x7f0000000480)='./bus\x00', 0x0, 0x0, &(0x7f00000006c0), 0x1000, &(0x7f0000000740)=ANY=[]) r0 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) ioctl$LOOP_SET_CAPACITY(r0, 0x4c07) write$cgroup_pid(r0, &(0x7f0000000040)={[0x0]}, 0x1) write$cgroup_pid(r0, &(0x7f0000000180), 0x1d2) 2018/04/06 11:41:33 executing program 5: msgget(0x2, 0x58) 2018/04/06 11:41:33 executing program 6: socket$inet_udp(0x2, 0x2, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000095bffc)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) sendto$inet(r1, &(0x7f0000762fff), 0xfdc7, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001, [0x57d5]}, 0x10) 2018/04/06 11:41:33 executing program 7: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000360000)={0x0, 0x0, &(0x7f000035d000)={&(0x7f0000000000)=ANY=[@ANYBLOB="020d000010000000000000000000000003000600000000000200000031ebf8c7000000000000000003000500000000000200000000000000000000000000000008001200020001000000000000000000100000000303000000000000000000001d00000100000000000000000000ffffe00000010000deffffffffffffff00006fca7a1633671a98358d34b0cbc4713c42d4196d32dc672638723b3db0768a10a5ee6488c8bf69b037f226bbb99bc78f0663ff3cc824fa05b2d4550fff6b68a94f5fa0b792833b3a0d4fee601925569dab6f92688158b5caaa5c9d24c363"], 0x80}, 0x1}, 0x0) r1 = syz_open_dev$usbmon(&(0x7f0000000100)='/dev/usbmon#\x00', 0x6, 0x4000) getsockopt$inet6_mreq(r1, 0x29, 0x1c, &(0x7f0000000140)={@mcast2, 0x0}, &(0x7f0000000180)=0x14) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000001c0)={'syzkaller0\x00', r2}) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000700)={{{@in=@broadcast, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@remote}, 0x0, @in6}}, &(0x7f0000000800)=0xe8) bind$can_raw(r1, &(0x7f0000000840)={0x1d, r3}, 0xba48) 2018/04/06 11:41:33 executing program 4 (fault-call:5 fault-nth:11): r0 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000200)={r1}, &(0x7f00000000c0)=0x8) close(r0) setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040), 0x4) perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$rdma_cm(0xffffffffffffffff, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080), 0x2}}, 0xfffffe84) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000002c0)={0x0, {{0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, [], 0x19}, 0x6c}}, {{0xa, 0x4e20, 0x0, @remote={0xfe, 0x80, [], 0xbb}}}}, 0x108) 2018/04/06 11:41:33 executing program 3: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) fcntl$getownex(0xffffffffffffff9c, 0x10, &(0x7f0000000100)) getpid() fcntl$getown(0xffffffffffffff9c, 0x9) gettid() ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) getpgrp(r0) r1 = memfd_create(&(0x7f0000000080)='em1\x00', 0x2) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000200)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) sigaltstack(&(0x7f0000013000/0x1000)=nil, &(0x7f00000000c0)) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000258f88)) msgsnd(0x0, &(0x7f0000284ff8)={0x3}, 0x0, 0x0) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000240)={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000640)={'\x00', 0x0}) ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f0000000680)=r3) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000b40)={&(0x7f0000011000/0x4000)=nil, 0x4000}) io_setup(0x1000, &(0x7f0000000040)) io_submit(0x0, 0x90e100, &(0x7f0000000000)) ioctl$VHOST_RESET_OWNER(r1, 0xaf02, 0x0) 2018/04/06 11:41:33 executing program 0: r0 = socket$kcm(0x29, 0x5, 0x0) mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x0, 0x32, 0xffffffffffffffff, 0x0) syz_open_dev$vcsn(&(0x7f0000000080)='/dev/vcs#\x00', 0x1affccd0, 0x80000) fsetxattr(r0, &(0x7f0000256feb)=@known='system.sockprotoname\x00', &(0x7f0000484ff1)='\nproc/system(-\x00', 0xf, 0x0) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x101001, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x10003, 0x2, 0xd000, 0x2000, &(0x7f0000cd0000/0x2000)=nil}) [ 410.715615] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000020013000 [ 410.722864] RBP: 000000000072c010 R08: 0000000000000000 R09: 0000000000000000 [ 410.730112] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 410.737360] R13: 0000000000000608 R14: 00000000006fc160 R15: 0000000000000002 [ 410.803492] FAULT_INJECTION: forcing a failure. [ 410.803492] name failslab, interval 1, probability 0, space 0, times 0 [ 410.814806] CPU: 0 PID: 25566 Comm: syz-executor4 Not tainted 4.16.0+ #3 [ 410.821657] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 410.831019] Call Trace: [ 410.833626] dump_stack+0x1b9/0x294 [ 410.837270] ? dump_stack_print_info.cold.2+0x52/0x52 [ 410.842478] ? __save_stack_trace+0x7e/0xd0 [ 410.846819] should_fail.cold.4+0xa/0x1a [ 410.850894] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 410.856013] ? kasan_kmalloc+0xc4/0xe0 [ 410.859916] ? __kmalloc+0x14e/0x760 [ 410.863655] ? snd_pcm_plugin_build+0x64/0x670 [ 410.868250] ? snd_pcm_plugin_build_io+0x28c/0x720 [ 410.873190] ? snd_pcm_oss_change_params_locked+0x1247/0x3ce0 [ 410.879083] ? snd_pcm_oss_change_params+0x80/0xe0 [ 410.884017] ? graph_lock+0x170/0x170 [ 410.887824] ? __fput+0x34d/0x890 [ 410.891284] ? ____fput+0x15/0x20 [ 410.894741] ? task_work_run+0x1e4/0x290 [ 410.898810] ? exit_to_usermode_loop+0x2bd/0x310 [ 410.903575] ? do_syscall_64+0x792/0x9d0 [ 410.907647] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 410.913028] ? find_held_lock+0x36/0x1c0 [ 410.917103] ? __lock_is_held+0xb5/0x140 [ 410.921180] ? check_same_owner+0x320/0x320 [ 410.925512] ? rcu_note_context_switch+0x710/0x710 [ 410.930455] should_failslab+0x124/0x180 [ 410.934531] __kmalloc+0x2c8/0x760 [ 410.938078] ? linear_transfer+0xa20/0xa20 [ 410.942323] ? snd_pcm_plugin_build+0x448/0x670 [ 410.947007] snd_pcm_plugin_build+0x448/0x670 [ 410.951514] snd_pcm_plugin_build_io+0x28c/0x720 [ 410.956280] ? io_playback_transfer+0x310/0x310 [ 410.960963] ? snd_pcm_hw_param_max+0x730/0x730 [ 410.965642] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 410.966419] netlink: 8 bytes leftover after parsing attributes in process `syz-executor0'. [ 410.970843] snd_pcm_oss_change_params_locked+0x1247/0x3ce0 [ 410.970876] ? snd_pcm_hw_param_near.constprop.35+0xb10/0xb10 [ 410.970901] ? debug_check_no_locks_freed+0x310/0x310 [ 410.970918] ? debug_check_no_locks_freed+0x310/0x310 2018/04/06 11:41:33 executing program 0: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f00000003c0)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000380)={&(0x7f0000000040)=ANY=[@ANYBLOB="f80000001a0001020000000000000000e00000010000000000000000000000000000000000000000000000000000000100000000000000000000000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="7f0000010000000000000000008000000000000000000000000000bb0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000002779c700000000000000000800160000000000000000000000000000000000"], 0xf8}, 0x1}, 0x0) 2018/04/06 11:41:33 executing program 5: capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)={0x0, 0xffffffffffbffffe, 0x0, 0x1, 0x0, 0xfffffffffffffffc}) r0 = msgget(0x1, 0x86) r1 = accept4(0xffffffffffffffff, 0x0, &(0x7f00000000c0), 0x800) getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffff9c, 0x84, 0x6c, &(0x7f0000000140)={0x0, 0x66, "de7eed5ee834a5d7b520ca61f18df28253e0f5cdcfcf88bc528654f66fbe4fdd0a64761e96eb2421aa1fe581f2e09845e947649044074e7f4bce5ea40be5d0b3523cc87201f11169654abdd86afb2ead3532b3c02348bef7fe09e45a30e11f445f597525b851"}, &(0x7f00000001c0)=0x6e) msgctl$MSG_INFO(r0, 0xc, &(0x7f00000002c0)=""/147) setsockopt$inet_sctp6_SCTP_EVENTS(r1, 0x84, 0xb, &(0x7f0000000000)={0xfffffffffffffffe, 0x5683, 0xffff, 0x80000000, 0x3, 0x558d, 0x5, 0x122, 0x5, 0x2000000000000000, 0x100000001}, 0xb) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000200)={r2, @in={{0x2, 0x4e22, @loopback=0x7f000001}}, 0x200, 0xff}, 0x90) bind$nfc_llcp(0xffffffffffffffff, &(0x7f0000000040)={0x27, 0x1, 0x0, 0x6, 0x5, 0x80, "4ce0709c5094a1ef1029d039a15822744fc8917d0d60007b591a91e763519f1d0bff81bb0844c06f36df973d0338743b8ce8f40dcf2b6c7fe51ba3158601b0", 0x32}, 0x60) 2018/04/06 11:41:33 executing program 0: r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x7, 0x200000) ioctl$TUNGETIFF(r0, 0x800454d2, &(0x7f0000000080)) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0xe}) syz_open_dev$usbmon(&(0x7f0000000140)='/dev/usbmon#\x00', 0x6, 0x3c000) prlimit64(0x0, 0x7, &(0x7f00000000c0), &(0x7f0000000100)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000911000)={{&(0x7f0000004000/0x1000)=nil, 0x1000}, 0x1}) clone(0x0, &(0x7f0000001f37), &(0x7f0000001ffc), &(0x7f0000001000), &(0x7f0000001000)) read(r1, &(0x7f0000000300)=""/100, 0x64) [ 410.970934] ? check_same_owner+0x320/0x320 [ 410.970957] ? find_held_lock+0x36/0x1c0 [ 411.009616] ? graph_lock+0x170/0x170 [ 411.013431] ? lock_downgrade+0x8e0/0x8e0 [ 411.017600] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 411.023152] ? do_lock_file_wait.part.32+0x240/0x240 [ 411.028276] snd_pcm_oss_change_params+0x80/0xe0 [ 411.033048] snd_pcm_oss_make_ready+0xbe/0x170 [ 411.037643] snd_pcm_oss_sync.isra.29+0x27f/0x980 [ 411.042497] ? snd_pcm_oss_sync1+0x5a0/0x5a0 [ 411.046921] ? fsnotify_first_mark+0x330/0x330 2018/04/06 11:41:33 executing program 5: capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) msgget(0x1, 0x400) socketpair$inet_tcp(0x2, 0x1, 0x0, &(0x7f0000000000)) [ 411.051516] snd_pcm_oss_release+0x214/0x290 [ 411.055933] ? snd_pcm_oss_sync.isra.29+0x980/0x980 [ 411.060949] __fput+0x34d/0x890 [ 411.064231] ? fput+0x1a0/0x1a0 [ 411.067608] ? _raw_spin_unlock_irq+0x27/0x70 [ 411.072110] ____fput+0x15/0x20 [ 411.075391] task_work_run+0x1e4/0x290 [ 411.079285] ? task_work_cancel+0x240/0x240 [ 411.083612] ? exit_to_usermode_loop+0x87/0x310 [ 411.088290] exit_to_usermode_loop+0x2bd/0x310 [ 411.092884] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 411.097744] do_syscall_64+0x792/0x9d0 2018/04/06 11:41:33 executing program 5: capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) socket$vsock_stream(0x28, 0x1, 0x0) r0 = socket(0x10, 0x4, 0x1000001) r1 = accept4(r0, &(0x7f0000000000)=@l2, &(0x7f0000000080)=0x23c, 0x80080000) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000140)=[@in6={0xa, 0x4e22, 0x1, @remote={0xfe, 0x80, [], 0xbb}, 0x6}, @in6={0xa, 0x4e21, 0x1, @mcast1={0xff, 0x1, [], 0x1}, 0x7fff}, @in={0x2, 0x4e20, @local={0xac, 0x14, 0x14, 0xaa}}, @in6={0xa, 0x4e24, 0x1, @mcast1={0xff, 0x1, [], 0x1}, 0x1f}, @in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e20, @multicast1=0xe0000001}, @in={0x2, 0x4e23, @multicast1=0xe0000001}], 0x94) fcntl$setlease(r0, 0x400, 0x2) [ 411.101636] ? vmalloc_sync_all+0x30/0x30 [ 411.105792] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 411.110640] ? syscall_return_slowpath+0x5c0/0x5c0 [ 411.115580] ? syscall_return_slowpath+0x30f/0x5c0 [ 411.120521] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 411.125914] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 411.130769] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 411.135968] RIP: 0033:0x4552d9 [ 411.139155] RSP: 002b:00007ff8a6ac2c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000003 [ 411.146869] RAX: 0000000000000000 RBX: 00007ff8a6ac36d4 RCX: 00000000004552d9 [ 411.154137] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000013 [ 411.161405] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 411.168680] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014 [ 411.175955] R13: 0000000000000052 R14: 00000000006f3850 R15: 000000000000000b [ 411.632538] FAULT_FLAG_ALLOW_RETRY missing 30 [ 411.637164] CPU: 1 PID: 25557 Comm: syz-executor3 Not tainted 4.16.0+ #3 [ 411.644007] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 411.653358] Call Trace: [ 411.655934] dump_stack+0x1b9/0x294 [ 411.659547] ? dump_stack_print_info.cold.2+0x52/0x52 [ 411.664725] ? kasan_check_write+0x14/0x20 [ 411.668944] ? do_raw_spin_lock+0xc1/0x200 [ 411.673167] handle_userfault.cold.32+0x44/0x57 [ 411.677819] ? handle_userfault+0x16c6/0x2760 [ 411.682301] ? userfaultfd_ioctl+0x4d10/0x4d10 [ 411.686866] ? debug_check_no_locks_freed+0x310/0x310 [ 411.692046] ? rb_erase+0x3530/0x3530 [ 411.695836] ? print_usage_bug+0xc0/0xc0 [ 411.699877] ? match_held_lock+0x801/0x8b0 [ 411.704092] ? print_usage_bug+0xc0/0xc0 [ 411.708134] ? print_usage_bug+0xc0/0xc0 [ 411.712175] ? lock_downgrade+0x8e0/0x8e0 [ 411.716302] ? lock_downgrade+0x8e0/0x8e0 [ 411.720432] ? __lock_acquire+0x7f5/0x5130 [ 411.724647] ? graph_lock+0x170/0x170 [ 411.728433] ? debug_check_no_locks_freed+0x310/0x310 [ 411.733604] ? find_held_lock+0x36/0x1c0 [ 411.737665] ? lock_downgrade+0x8e0/0x8e0 [ 411.741809] ? kasan_check_read+0x11/0x20 [ 411.745947] ? do_raw_spin_unlock+0x9e/0x2e0 [ 411.750338] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 411.754906] ? kasan_check_write+0x14/0x20 [ 411.759125] ? do_raw_spin_lock+0xc1/0x200 [ 411.763344] __handle_mm_fault+0x34be/0x4150 [ 411.767736] ? vm_insert_mixed_mkwrite+0x40/0x40 [ 411.772474] ? graph_lock+0x170/0x170 [ 411.776269] ? find_held_lock+0x36/0x1c0 [ 411.780324] ? lock_downgrade+0x8e0/0x8e0 [ 411.784457] ? handle_mm_fault+0x8c0/0xc70 [ 411.788673] handle_mm_fault+0x53a/0xc70 [ 411.792716] ? __handle_mm_fault+0x4150/0x4150 [ 411.797288] ? find_vma+0x34/0x190 [ 411.800809] __do_page_fault+0x60b/0xe40 [ 411.804853] ? mm_fault_error+0x380/0x380 [ 411.808990] ? __schedule+0x80f/0x1e40 [ 411.812862] ? graph_lock+0x170/0x170 [ 411.816641] do_page_fault+0xee/0x8a7 [ 411.820426] ? vmalloc_sync_all+0x30/0x30 [ 411.824559] ? find_held_lock+0x36/0x1c0 [ 411.828606] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 411.833437] page_fault+0x25/0x50 [ 411.836875] RIP: 0010:copy_user_generic_unrolled+0x86/0xc0 [ 411.842474] RSP: 0018:ffff8801c98cfce8 EFLAGS: 00010206 [ 411.847817] RAX: ffffed0039319fae RBX: 0000000000000018 RCX: 0000000000000003 [ 411.855071] RDX: 0000000000000000 RSI: 0000000020013000 RDI: ffff8801c98cfd58 [ 411.862320] RBP: ffff8801c98cfd20 R08: ffffed0039319fae R09: ffffed0039319fab [ 411.869574] R10: ffffed0039319fad R11: ffff8801c98cfd6f R12: 0000000020013018 [ 411.876822] R13: 0000000020013000 R14: ffff8801c98cfd58 R15: 00007ffffffff000 [ 411.884100] ? _copy_from_user+0x10d/0x150 [ 411.888319] SyS_sigaltstack+0xae/0x320 [ 411.892273] ? do_sigaction+0xa50/0xa50 [ 411.896229] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 411.901750] ? exit_to_usermode_loop+0x1ef/0x310 [ 411.906488] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 411.911314] ? ksys_ioctl+0x81/0xd0 [ 411.914919] ? do_syscall_64+0xb7/0x9d0 [ 411.918875] ? do_sigaction+0xa50/0xa50 [ 411.922834] do_syscall_64+0x29e/0x9d0 [ 411.926702] ? vmalloc_sync_all+0x30/0x30 [ 411.930867] ? _raw_spin_unlock_irq+0x27/0x70 [ 411.935352] ? finish_task_switch+0x1ca/0x820 [ 411.939846] ? syscall_return_slowpath+0x5c0/0x5c0 [ 411.944768] ? syscall_return_slowpath+0x30f/0x5c0 [ 411.949696] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 411.955070] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 411.959906] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 411.965076] RIP: 0033:0x4552d9 [ 411.968252] RSP: 002b:00007ff15ecfec68 EFLAGS: 00000246 ORIG_RAX: 0000000000000083 [ 411.975949] RAX: ffffffffffffffda RBX: 00007ff15ecff6d4 RCX: 00000000004552d9 [ 411.983198] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000020013000 [ 411.990463] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 411.997722] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 412.004982] R13: 0000000000000608 R14: 00000000006fc160 R15: 0000000000000000 [ 412.145792] FAULT_FLAG_ALLOW_RETRY missing 30 [ 412.150407] CPU: 0 PID: 25603 Comm: syz-executor3 Not tainted 4.16.0+ #3 [ 412.157242] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 412.166590] Call Trace: [ 412.169189] dump_stack+0x1b9/0x294 [ 412.172825] ? dump_stack_print_info.cold.2+0x52/0x52 [ 412.178026] ? kasan_check_write+0x14/0x20 [ 412.182268] ? do_raw_spin_lock+0xc1/0x200 [ 412.186518] handle_userfault.cold.32+0x44/0x57 [ 412.191193] ? handle_userfault+0x16c6/0x2760 [ 412.195705] ? userfaultfd_ioctl+0x4d10/0x4d10 [ 412.200293] ? debug_check_no_locks_freed+0x310/0x310 [ 412.205495] ? find_held_lock+0x36/0x1c0 [ 412.209571] ? print_usage_bug+0xc0/0xc0 [ 412.213639] ? print_usage_bug+0xc0/0xc0 [ 412.217712] ? check_same_owner+0x320/0x320 [ 412.222039] ? do_raw_spin_unlock+0x9e/0x2e0 [ 412.226457] ? __lock_acquire+0x7f5/0x5130 [ 412.230706] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 412.236254] ? graph_lock+0x170/0x170 [ 412.240064] ? debug_check_no_locks_freed+0x310/0x310 [ 412.245262] ? find_held_lock+0x36/0x1c0 [ 412.249333] ? lock_downgrade+0x8e0/0x8e0 [ 412.253493] ? kasan_check_read+0x11/0x20 [ 412.257644] ? do_raw_spin_unlock+0x9e/0x2e0 [ 412.262054] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 412.266642] ? kasan_check_write+0x14/0x20 [ 412.270877] ? do_raw_spin_lock+0xc1/0x200 [ 412.275120] __handle_mm_fault+0x34be/0x4150 [ 412.279526] ? vm_insert_mixed_mkwrite+0x40/0x40 [ 412.284266] ? graph_lock+0x170/0x170 [ 412.288060] ? find_held_lock+0x36/0x1c0 [ 412.292106] ? lock_downgrade+0x8e0/0x8e0 [ 412.296239] ? handle_mm_fault+0x8c0/0xc70 [ 412.300457] handle_mm_fault+0x53a/0xc70 [ 412.304508] ? __handle_mm_fault+0x4150/0x4150 [ 412.309071] ? find_vma+0x34/0x190 [ 412.312619] __do_page_fault+0x60b/0xe40 [ 412.316668] ? mm_fault_error+0x380/0x380 [ 412.320797] ? graph_lock+0x170/0x170 [ 412.324580] do_page_fault+0xee/0x8a7 [ 412.328359] ? vmalloc_sync_all+0x30/0x30 [ 412.332492] ? find_held_lock+0x36/0x1c0 [ 412.336555] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 412.341392] page_fault+0x25/0x50 [ 412.344838] RIP: 0010:copy_user_generic_unrolled+0x86/0xc0 [ 412.350447] RSP: 0018:ffff8801b7687ce8 EFLAGS: 00010206 [ 412.355799] RAX: ffffed0036ed0fae RBX: 0000000000000018 RCX: 0000000000000003 [ 412.363047] RDX: 0000000000000000 RSI: 0000000020013000 RDI: ffff8801b7687d58 [ 412.370298] RBP: ffff8801b7687d20 R08: ffffed0036ed0fae R09: ffffed0036ed0fab [ 412.377547] R10: ffffed0036ed0fad R11: ffff8801b7687d6f R12: 0000000020013018 [ 412.384799] R13: 0000000020013000 R14: ffff8801b7687d58 R15: 00007ffffffff000 [ 412.392068] ? _copy_from_user+0x10d/0x150 [ 412.396286] SyS_sigaltstack+0xae/0x320 [ 412.400240] ? do_sigaction+0xa50/0xa50 [ 412.404206] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 412.409732] ? fput+0x130/0x1a0 [ 412.412992] ? ksys_ioctl+0x81/0xd0 [ 412.416605] ? do_syscall_64+0xb7/0x9d0 [ 412.420575] ? do_sigaction+0xa50/0xa50 [ 412.424531] do_syscall_64+0x29e/0x9d0 [ 412.428401] ? kasan_check_write+0x14/0x20 [ 412.432620] ? syscall_return_slowpath+0x5c0/0x5c0 [ 412.437532] ? syscall_return_slowpath+0x30f/0x5c0 [ 412.442450] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 412.447803] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 412.452633] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 412.457802] RIP: 0033:0x4552d9 [ 412.460968] RSP: 002b:00007ff15ecbcc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000083 [ 412.468659] RAX: ffffffffffffffda RBX: 00007ff15ecbd6d4 RCX: 00000000004552d9 [ 412.475909] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000020013000 [ 412.483158] RBP: 000000000072c010 R08: 0000000000000000 R09: 0000000000000000 2018/04/06 11:41:34 executing program 5: capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) getresgid(&(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000080)=0x0) setgid(r0) 2018/04/06 11:41:34 executing program 7: fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000140)={0x0, 0x0}) r1 = socket(0x5, 0xc, 0xfffffffff733109a) getsockopt$ARPT_SO_GET_INFO(r1, 0x0, 0x60, &(0x7f0000000280)={'filter\x00'}, &(0x7f0000000300)=0x44) setsockopt$bt_BT_DEFER_SETUP(r1, 0x112, 0x7, &(0x7f00000001c0)=0x1, 0x4) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000180)={0x2, 0xffffffffffffffff, 0x1}) perf_event_open(&(0x7f00000000c0)={0x1, 0x70, 0xfffffffffffffffa, 0x100000001, 0x1ff, 0x8, 0x0, 0x100000001, 0x80, 0x0, 0x845, 0x2, 0x100, 0x264e, 0x80000001000000, 0x9, 0x9, 0x9465, 0x1ff, 0x3, 0x2, 0x2, 0xf08, 0x8, 0x4, 0x8000008c9, 0x7, 0x81, 0x6, 0x7, 0x860, 0xc8b9, 0x80000000800008, 0xb5c4, 0x5, 0xd88, 0x9, 0x80000001, 0x0, 0x4, 0x0, @perf_bp={&(0x7f0000000080), 0x4}, 0xc, 0x7, 0x8001, 0x7, 0x6, 0xfc2, 0x4}, r0, 0x0, r2, 0x2) r3 = perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x40082406, &(0x7f0000000040)='authencesn(sha384-avx,pcbc-aes-aesni)\x00') 2018/04/06 11:41:34 executing program 1: r0 = socket(0x0, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) r1 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x52, r1, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000000200)={0x0, 0x4c, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30445cc3106098c1375dee48494f9360a6dceec8517e"}, &(0x7f00000000c0)=0x54) close(r1) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x65, 0x5, &(0x7f0000000000), 0x4) setsockopt$sock_int(r0, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$alg(0x26, 0x5, 0x0) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000640)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000140), &(0x7f0000000180)) close(r3) sendmmsg(0xffffffffffffffff, &(0x7f0000002280)=[{{&(0x7f00000006c0)=@pppoe={0x18, 0x0, {0x3, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, 'ip6tnl0\x00'}}, 0x80, &(0x7f0000000ec0)=[{&(0x7f0000000740)="964616d1dafb11d6d905ea33bd4eaea0dd04eb847bc0a1210ca9456143e31b8ce14caf4a0646bc639707d10aba3e652495977a7a6d3fc41ef6364c47c2266aa410a490f920f407161207ec5352e1ce6c3822d3a2ae063583609298790a58b73fccaac3665dd78ab4a15d4c12a996799f41dc79b9f3d57a627a7517cb0b51c0cecf43519f19db25073246fa0d8e29d209ee94372325d56aa5ae8d45", 0x9b}], 0x1, &(0x7f0000000f40)=[{0x30, 0x103, 0x918, "b9b0597d21d227c112b74fbadc29c742bca992f94f18f93f4a69"}], 0x30, 0x4045}, 0x610}], 0x1, 0x4001) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x13860b96, 0xa0000) fcntl$getownex(r2, 0x10, &(0x7f0000000680)) 2018/04/06 11:41:34 executing program 6: socket$inet_udp(0x2, 0x2, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000095bffc)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) sendto$inet(r1, &(0x7f0000762fff), 0xfdc7, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001, [0xb2a7]}, 0x10) 2018/04/06 11:41:34 executing program 4 (fault-call:5 fault-nth:12): r0 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000200)={r1}, &(0x7f00000000c0)=0x8) close(r0) setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040), 0x4) perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$rdma_cm(0xffffffffffffffff, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080), 0x2}}, 0xfffffe84) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000002c0)={0x0, {{0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, [], 0x19}, 0x6c}}, {{0xa, 0x4e20, 0x0, @remote={0xfe, 0x80, [], 0xbb}}}}, 0x108) 2018/04/06 11:41:34 executing program 2: open(&(0x7f0000000000)='./bus\x00', 0x100000141842, 0x0) syz_mount_image$ntfs(&(0x7f0000000440)='ntfs\x00', &(0x7f0000000480)='./bus\x00', 0x0, 0x0, &(0x7f00000006c0), 0x1000, &(0x7f0000000740)=ANY=[]) r0 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) ioctl$LOOP_SET_CAPACITY(r0, 0x4c07) write$cgroup_pid(r0, &(0x7f0000000040)={[0x0]}, 0x1) write$cgroup_pid(r0, &(0x7f0000000180), 0x1d2) 2018/04/06 11:41:34 executing program 3: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) fcntl$getownex(0xffffffffffffff9c, 0x10, &(0x7f0000000100)) getpid() fcntl$getown(0xffffffffffffff9c, 0x9) gettid() ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) getpgrp(r0) r1 = memfd_create(&(0x7f0000000080)='em1\x00', 0x2) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000200)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) sigaltstack(&(0x7f0000013000/0x1000)=nil, &(0x7f00000000c0)) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000258f88)) msgsnd(0x0, &(0x7f0000284ff8)={0x3}, 0x0, 0x0) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000240)={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000640)={'\x00', 0x0}) ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f0000000680)=r3) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000b40)={&(0x7f0000011000/0x4000)=nil, 0x4000}) io_setup(0x1000, &(0x7f0000000040)) io_submit(0x0, 0xe3b000, &(0x7f0000000000)) ioctl$VHOST_RESET_OWNER(r1, 0xaf02, 0x0) 2018/04/06 11:41:34 executing program 0: mkdir(&(0x7f0000cb3ff8)='./file0\x00', 0x0) r0 = getpgid(0x0) perf_event_open(&(0x7f000001d000)={0x3, 0x70, 0x3f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x40000000}, r0, 0x0, 0xffffffffffffffff, 0x0) chroot(&(0x7f000009a000)='./file0\x00') r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/rfkill\x00', 0x80000, 0x0) ioctl$VHOST_SET_FEATURES(r1, 0x4008af00, &(0x7f0000000100)=0x9000000) mount(&(0x7f00005b9ff8)='./file0\x00', &(0x7f0000edaff8)='./file0\x00', &(0x7f0000d9fffa)='msdos\x00', 0x1002, 0x0) chdir(&(0x7f0000cd2ff8)='./file0\x00') umount2(&(0x7f0000000140)='..', 0x2) symlink(&(0x7f0000ed6ffe)='..', &(0x7f0000000040)='../file0\x00') umount2(&(0x7f0000000080)='../file0\x00', 0x0) [ 412.490408] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 412.497657] R13: 0000000000000608 R14: 00000000006fc160 R15: 0000000000000002 [ 412.572339] FAULT_INJECTION: forcing a failure. [ 412.572339] name failslab, interval 1, probability 0, space 0, times 0 [ 412.583899] CPU: 0 PID: 25626 Comm: syz-executor4 Not tainted 4.16.0+ #3 [ 412.590754] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 412.600644] Call Trace: [ 412.603252] dump_stack+0x1b9/0x294 [ 412.606899] ? dump_stack_print_info.cold.2+0x52/0x52 [ 412.612110] should_fail.cold.4+0xa/0x1a [ 412.616179] ? save_stack+0xa9/0xd0 [ 412.619821] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 412.624932] ? snd_pcm_plugin_build+0x448/0x670 [ 412.629615] ? snd_pcm_oss_change_params_locked+0x1247/0x3ce0 [ 412.635519] ? snd_pcm_oss_change_params+0x80/0xe0 [ 412.640471] ? snd_pcm_oss_make_ready+0xbe/0x170 [ 412.645237] ? snd_pcm_oss_sync.isra.29+0x27f/0x980 [ 412.650263] ? snd_pcm_oss_release+0x214/0x290 [ 412.654852] ? __fput+0x34d/0x890 [ 412.658315] ? graph_lock+0x170/0x170 [ 412.662123] ? do_syscall_64+0x792/0x9d0 [ 412.666190] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 412.671572] ? find_held_lock+0x36/0x1c0 [ 412.675652] ? __lock_is_held+0xb5/0x140 [ 412.679739] ? check_same_owner+0x320/0x320 [ 412.684077] ? rcu_note_context_switch+0x710/0x710 [ 412.689019] should_failslab+0x124/0x180 [ 412.693092] kmem_cache_alloc_trace+0x2cb/0x780 [ 412.697776] ? snd_pcm_plugin_build+0x448/0x670 [ 412.702461] snd_pcm_hw_param_near.constprop.35+0x15c/0xb10 [ 412.708192] ? _snd_pcm_hw_param_min+0x570/0x570 [ 412.712968] ? snd_pcm_hw_param_max+0x730/0x730 [ 412.717667] ? __sanitizer_cov_trace_switch+0x53/0x90 2018/04/06 11:41:35 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ppp\x00', 0x400080, 0x0) ioctl$KVM_GET_MSRS(r1, 0xc008ae88, &(0x7f0000000340)={0x1, 0x0, [{}]}) io_setup(0x2, &(0x7f0000000080)=0x0) io_setup(0x5, &(0x7f0000000380)) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)}, &(0x7f0000000100)=0x10) r4 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc\x00', 0x34000, 0x0) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r4, 0x84, 0xf, &(0x7f0000000240)={r3, @in6={{0xa, 0x4e21, 0x8, @dev={0xfe, 0x80, [], 0xb}, 0xe050}}, 0x1, 0x6, 0x10001, 0x0, 0x81}, &(0x7f0000000140)=0x98) accept$packet(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, &(0x7f00000001c0)=0x14) ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000200)={'rose0\x00', r5}) setsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r4, 0x84, 0x6, &(0x7f0000000440)={r3, @in={{0x2, 0x4e22, @multicast1=0xe0000001}}}, 0x84) ioctl$sock_bt_cmtp_CMTPGETCONNINFO(0xffffffffffffffff, 0x800443d3, &(0x7f0000000040)={{}, 0x0, 0xb}) io_submit(r2, 0x1, &(0x7f00000000c0)=[&(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0xb3db, r0, &(0x7f0000001000), 0x0, 0x1d3d}]) 2018/04/06 11:41:35 executing program 5: capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) r0 = msgget(0x2, 0x100) msgsnd(r0, &(0x7f0000000140)={0x3, "1e2b89e16152317e7a6a0e886ac2c2846402fbcad7b4cda55407f8c4126fe18753d3f8118dc5fff99e1e514b7b425e2c1194a8147fe93eacaf9c1e7fadf96ef3f088e2f996f68084199801c28fedee84ed445e32a35fa9b0b3f32277eb032c62e77c2e28dc75e0dec6ac4d0dd668104bb4c260c5bf91a15b496967fd649adc0db947d87827f3c160fd88ca5398711b7ecd0edb60be24fce3f18a4578cd2cc48097b80e7cd26caed2244f2a084ab597a3423e7bfe23eaf8ceb94c8f52ab5b68d6d02f6007484fcce6418312e2d2df590176a890e16b0b5846594c816e0e04ffed558a685f0d976fd815d31ef3a2b171e386a608c8d329dbd14837cca4b441353af829e3384fbf14c9cf6adedef28eb4e97fdf3756054db52f7e98552549ffbfe691aa9151365827147f3e481a027134837c887125b1f2cee5c1675f62c75505c056fd260ddfcf0211cf95efcde788c3cebc1f83a23bbcc51489f642742e4d90a057c34b743be147c3085082954df0d7e75e61fe8e5b03d66e75aa49117ea5916f4ef28c283a0a4faf8747c380778bba9567f68a48a4b59d9b12e30e53cbfec874b7de071b24ede60e6c238c01409fcf3a604048b5fe0c26754f7dd45650246868f29e98c2e2a6c96608097bf67cf8f267f051594ae44d1c749251bc2a882cf31618582a964974c7a375a5d96cc16369073c5c2961828c1bb29a9348403ddc7cab28f45d66f721c9947287d4c5c29065f3fdd3bea5d0cac8ff09ca05c0a671d5b063a80f7902c1761c66f2f1ce2400a18b360a6f05c445ef205b0816c9a1352b133e40de34e83a1edd090fd0f9e79f72143c1164c59cb944ef19e489f38d9b9fe1fa4600e4f56c3a407f977fac36f0d2f5a3528e222909879bcb011595042f782abb56728c545bfd748cc7f6c453dcd1a304f7060b1279b6ff4ba5c77179e67eaa1d49ef213e2539b73414a59d40ba82b6b91610aa7acd9e9a028e9b78056c01b6b68e68242adfeaec229d8aabbf616f1c2b52645854830112d07007e0905806acaec9c9813ea5ae1afd5da5549ca3aac025f4b8e9ba4557b82dba1ea69986e400bf4ad9fbcd305e3f02c49c93f6d480bfeaa3f28051eff083e101da7f212b6735235ddb06f49db009821cadd79fff734c58f3897a855b07d069e761ffd224edf6159f697d9c341d04f479fbb87a1218b1b94609b15ec30b6615d6b3853a1dda6a3d204ab485b083135af7c37b8241851fc0329c0531aa9cb9d8d5bcc9abf6d663a034a4c47a501d06d9131b170739b2f4b32d7c237e2241bedceb29bd19589c28a12b04e6db148a85953b73aefa3cb43bc9a0ec2add0439c3ae7688d4ebd15bd979048a4c8cc191a6ea8424e969dc545f18b51dc428004d60976bae085051d1be0eb77b9e63a432885993f07e6b4bee6da239116e36db41c0fd0bb070526518629e2d0fdcd7a054c4dcbabb5e4568c0444108ffd808f4a6adbdd61bedb75e3d735d8366d4261a56f88c5df85678139257877da8bf541112425a3f47350392168ca4838ad3ee4cfe7c75425423633c2b29533f00eb09b8e6b8983dba3895f7be40a517ad00d228587eeee99b76169f10d73efcc51a7e4db08dde5fb769ed57f2e8c7cfab9ec6a8c602acc9a3e1c94c810d6d0f39690a6971790fefddbd4c324cf1359162655e9c004bcdade4115d8c6cd93a05f0a0a01f04a36a1e2e004a9a1eaf81ca85e1971844b95a2d22bfc4bec7fe2c0826b456145c5ca8ff1a2818e20610b68a41721f2575d9288e3001e422f4d5b515c38d171aa47e2e20056a64eaf50bb7925a5093709375d4a3a9f12bd41bd178afd889aa753a56537733c0ca471f77d3aa2c29b7f3e1c84b4782db4e277b68c5c2dbba57272c2668933e89af7ebf412151fee665022b0fa0ff93e3d9ae533c805d6d441946052c3793e9edaa483deb742d3bce1c67f7e97c34d0b00d16b7a8e49897fff0c2ab3980c869bca17dd533341903bab82e5632a98b37566960a44bdc514a30face792fea0dc97606b64397acd78dd69d286e66f20ba858cf65e306383f42c1286903162181321e2e37f7aaf984b9755124335e9a2e99b042cfb9dee11dcfb68c33d11c8e17f6cdb59b216733d1cda005741b3670c3172161cbd7ba3d33aebf9560e451c5514c4a59814b9500bafc9ea2a2a039b9a1cfffa61925bfaca4bd3754cd3341eb5d7794c386ae95d503fc644b3c1c25db77609d9c1fa7372cf06e552a04547934f950d32c1fe5891f41603f5f8ab086b95912a9d49deb627a33bf35c2a6c3291b5070e648f111f2698f3a44e56e0ae1e6f2f12f566b8d7ef3730543c2c215b4c09821870f4a89152b4a6cbe1946bb3897781ee2d034d45cb0dcd957cbca71b172f1c13be980ec49ce6624397df84aee723e312db232e097d7adc2978e84e006a3ac443e508da5891de54015e981e7f100bdf748be3e0f36a6be9f38c301b111be5298860835b780ae8cbc965f53367de632f8bf1a37a98f776d3ad70a77ed2a254d816353aebc0c4c9f980c5c95abb1ffaa63a9d7c65a859bf15a9cbea7450a57e8a21999c5c8a7893186545099878e6f0e1c3b528a84db9dfcb75279a799c425f69f797fa32f5ec26e638d7aa0de7c0765fa35f520f49b9fe3ce78590308dfa6bec37694caa9a3f4d58353a5551b97cdc4429bbb63c28aa14219e4ba20c55d591ab3bc7676e26028209dbc36a38b60fc427370ae8ab24ed70705c4e5466c24cbd501ce608f75f6aeafc33e5af7da11b005d49ae93cbd6ca63bab3e7f832481825b2cdb75ef1d54c4127bdefe866d5d3b735d515407368a22b5e530d894ba68ba6a7999c59472434fa978586719345b9df5a801e6ad8094d2f8bdb664d883218bb0a9ff765dcf55660543d7ff78dddf36cea650c837b4f44c8e60c1765faccd3331c992e1ce70530a5566acc1f106e038f099e5e852a3a9c459e8128822b515a565dcd2d774f2b8ac6a9cbdc694de09883c170144565e6c91702ef8ee5ef2a3ce53b054b641b6f4559b81711af93dc18175be6a8fba8a5547b20dd821d99707f44459062269f9988e9da66421d746a0d5b9b750db1ead0f519775c8c18a1cc05a4c15a08f9414d28f3846654f96cd267ede7fd66b4cf2f0296de485e41e21f56221eb1d8cfb2e27fce08090ac8a640b74748b8246026e10c8ca553ea1143b2df55dfb6c9cdd1c61d48f73ff7793cc52e0d94c49cd9af1232029004422d8caa64c5e309282d3f64ffaf7323bafafc7f55fbcdd5b3156f5a603299cd25be07f808c7a0cf6de6ec1d2da8ca34a425e51ac8a2a7988d1f0041612aa8d2aae7203c432d177a11ba0d3523581ef4766bf9f9c489e25f60a80046925e742a734b3bf03570aa06baf0163aa0c297c8a8e9a10f14e31fc871b11c651e6b0383f18600494a9248f582f58611387ce065d71a86706151180ac90a745969446f0200cba9c6b97743337f30a7c707db424f0699f06242555810bc0832fb4b55eb09f69577674e5415413a014efe7c5adc18adb00b5eebaa5bda7804f85d06916c53bb071e7bd25273101f82963973165878ce22c75376f69cda9f74e2cf468da545945e3b89827e2a7acd943909fd2e3675b3bfcea7bac20f91acf3f409d8ba535b1bed33049518c97534b4fabbab87f079b58c93dbbf4e9cb60fd14f8e487bfbd7cdefcc60b1604c43f1c433454c08b02f443e2cda0b9dbd25e4f9b34a64bf3385320e9e02b4df19d9c54d9d66a6e68be42201193f5d2fd5a69a363f5af396cebf3e93a67432317c3de558c65d0a64d5cf9311e403d85420978abd301266c6fe08f7f27be0c6cf2e35720835ff1013103b6b4eac325a8ae75778d52770ee0abac134e5b43d477d6aa384c7778844f37cfcb98a619f7e9a3ace4cd2a6a3799d385e2637207aa3213abdf107ae7136d0f7be613f712bd77dd770c20a639b42ea62e4817ffeccf8485095c3d0c21bb2cae3fa3f0130a3676a6b812f8cb34ba0db7694c795cf24d9d983d8515fe663c7e0b36e23b23dfa4bedc0fde56ba6073840ebda8af94f63318ef56673e1a76cd73fbbf340fab4ea6e4624e92da0d67557dc0cf24cd0e8919feea6e543146eb2f9d7d2ee702e7df40e72b4dcff24a80da930b3b1a229f921f6fdff339d86435d03bddb62d513ae7f16e9d9f94ce59a3777a34770a6b34e3730efde425187e2637a75cb7474f1fc406aa92e8eed824ed84d843d8376a74ee1b2f491a2479f0fc83385d363bad5f4d9206745dc54913c95f348877e82c9d3bc31b79fbdc3c2f3ef105a030f78aca791dbcb2bf3c8756107c5a5e2f87a1af62a931aa146b179d16b669539797e81d2312240691cae06dc0d71add4ea8fa6687ef78cbba5927e8b2fa67ce41444c2f4aacf25b3fbed49bcecf524347e65423e105ccefde0808ba5191d90c9ba0d525cc669de6994db66a0edea8c7550518c84476888b0f27d66aac3939e51c0b21b88a363af8043d9471e376d4d32fedba333131cc7f7e991e9d0439599ba694e3605a86093b3ff14ed149bd90f859952a1746fdf532dcbcd802ae63037d29baed39d49c4fe05b34c14d25712adfb0d7312f4b11f8482e3dc7ae8f5ced9786f849fe6ac1198ab2bd886ea035ef2350207514a270a9c953b251afe470ac9081a8076cdac10625f1a6af3e55ab61e62fb01e48d7e60fa00ae0bfe64812ad5d14e47265d50b58a722a2bd8eabf7621666e5f22cf29be8ce3fde4259f10f0eeaa8e74f145e719325b08884911f4ccdecb1a4b754da7dc09e3b5038bcaf3cdfcd2a5ade66e058e244fcffaf416e7f380754b29fc2f550eca743d659d8253a8de86a451822febb1d419e08f30a24baf0a2319667130528ce787d1a3bfaae61820ab66a1099d8f00edb5ed5537f11884717445628da9473765fa37d0cc49fbcb94f2c684179be2a6043c4b6c93f582b24d2a1f6c97653d387bd358c7aac7cc3ef59c6b3bf116f323c461821874888236728b2a998db1ed9a00dc48a22be3fdb12a650a25b5c06110d495e210cf4265fa4239beddceae0e8beea4a0925d575fc07182d7ed0e34f8278f88ee205ac6b215686957f596180055472cc9b93ba12e4559851144540bef80f469488f10bb8259885d2d4848ad779ea8e01edb7c28324ecfee33b6f307196307fdac2a64938099a0f55cb0a40101203f7b0149cc6f7d8d2cf9e3dcfc2d519577d71244319af4018dc9165ac9f117787d89bc5f0a6058b8832e77dc6b2c0f8830e3752b509c901a4c9f10a8df29fa4e0ece3668fa410ea94e2b7197bf44132590fad59e81aa347830e54443186ef47b5706b9a217679911140dec3ae54ad8dcc8bfacafe5d2351961e4781e6f1423bb2bbdf36bf8c81e2bf0dbc9609f3622715e0fe125b6b7ccfd46b3c7bb9a15afb43ea053624bb572adccdde8827b1872fc9191f0c574a47a0dcb7f05fae1bf447cba7355691950858b8dc7fde7ec323998f062f550a33f00207a5b8c628e8b168c262f9e638d57b65b6192dd9415e4cdd9fdb35b12b0d6ee40b1cae0284471780363b609aa9ee5be566aef3c830df4c68ba25996da348bd5aee39b5916ac25dbee8965bb37d3529be2ac0c3e0790a10a49c37601f570ff2d3783ad69ed1a0308096be5e700e6445a9cecf24cf706e4a81e9dcec92a7fe2449f1e99556dc70452dd99ce606320e55312fee536d6730410d8853785fa546306a3342d745d7b47c7b0649a535c4acbea55b4c88581bbee15017109032b6d015c8f90364e5709e66d887b85e0ad7fa2735"}, 0x1008, 0x800) msgget(0x2, 0x58) 2018/04/06 11:41:35 executing program 5: capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) msgget(0x3, 0x57) [ 412.722871] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 412.728421] ? snd_pcm_plug_slave_size+0x1d0/0x350 [ 412.733362] snd_pcm_oss_change_params_locked+0x1b46/0x3ce0 [ 412.739100] ? snd_pcm_hw_param_near.constprop.35+0xb10/0xb10 [ 412.745002] ? debug_check_no_locks_freed+0x310/0x310 [ 412.750205] ? debug_check_no_locks_freed+0x310/0x310 [ 412.755405] ? find_held_lock+0x36/0x1c0 [ 412.759478] ? graph_lock+0x170/0x170 [ 412.763299] ? perf_trace_lock_acquire+0xe3/0x980 2018/04/06 11:41:35 executing program 5: bpf$OBJ_GET_MAP(0x7, &(0x7f0000000080)={&(0x7f0000000040)='./file0\x00', 0x0, 0x8}, 0x10) capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) msgget(0x2, 0x58) r0 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x4, 0x0) r1 = socket$inet(0x2, 0x80002, 0x0) r2 = dup2(r0, r1) ioctl$KIOCSOUND(r2, 0x4b2f, 0xffffffff) [ 412.768151] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 412.773714] snd_pcm_oss_change_params+0x80/0xe0 [ 412.778487] snd_pcm_oss_make_ready+0xbe/0x170 [ 412.783079] snd_pcm_oss_sync.isra.29+0x27f/0x980 [ 412.787925] ? snd_pcm_oss_sync1+0x5a0/0x5a0 [ 412.792338] ? fsnotify_first_mark+0x330/0x330 [ 412.796929] snd_pcm_oss_release+0x214/0x290 [ 412.801343] ? snd_pcm_oss_sync.isra.29+0x980/0x980 [ 412.806363] __fput+0x34d/0x890 [ 412.809655] ? fput+0x1a0/0x1a0 [ 412.812946] ? _raw_spin_unlock_irq+0x27/0x70 [ 412.817463] ____fput+0x15/0x20 2018/04/06 11:41:35 executing program 5: syz_mount_image$jfs(&(0x7f0000000000)='jfs\x00', &(0x7f0000000040)='./file0\x00', 0x1, 0x2, &(0x7f0000000140)=[{&(0x7f0000000080)="4d2ab0e4a0db86c12c28b52c12f33f4dfad128ba6d047d1f4dbe365bc143fc95476b5183fb339d2418e2da34dfd1", 0x2e, 0x2c}, {&(0x7f00000000c0), 0x0, 0x5}], 0x20, &(0x7f0000000200)=ANY=[@ANYBLOB="6572726f72733d636f6e74696e75652c6e6f71756f74612c67727071756f74612d005b3f8ead636f4d57164aba63c13dfb7720d7c6baaaabb11ddfd9b2d0c0e834124625"]) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f00000000c0)=0x0) capset(&(0x7f0000000100)={0x19980330, r0}, &(0x7f00000001c0)={0x3}) msgget(0x1, 0x100) [ 412.820752] task_work_run+0x1e4/0x290 [ 412.824653] ? task_work_cancel+0x240/0x240 [ 412.828979] ? exit_to_usermode_loop+0x87/0x310 [ 412.833665] exit_to_usermode_loop+0x2bd/0x310 [ 412.838259] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 412.843119] do_syscall_64+0x792/0x9d0 [ 412.847009] ? vmalloc_sync_all+0x30/0x30 [ 412.851165] ? _raw_spin_unlock_irq+0x27/0x70 [ 412.855669] ? finish_task_switch+0x1ca/0x820 [ 412.860170] ? syscall_return_slowpath+0x5c0/0x5c0 [ 412.865107] ? syscall_return_slowpath+0x30f/0x5c0 [ 412.870041] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 412.875394] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 412.880236] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 412.885420] RIP: 0033:0x4552d9 [ 412.888609] RSP: 002b:00007ff8a6ac2c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000003 [ 412.896309] RAX: 0000000000000000 RBX: 00007ff8a6ac36d4 RCX: 00000000004552d9 [ 412.903567] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000013 [ 412.910838] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 2018/04/06 11:41:35 executing program 1: r0 = socket(0x0, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) r1 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x52, r1, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000000200)={0x0, 0x4c, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30445cc3106098c1375dee48494f9360a6dceec8517e"}, &(0x7f00000000c0)=0x54) close(r1) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x65, 0x5, &(0x7f0000000000), 0x4) setsockopt$sock_int(r0, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$alg(0x26, 0x5, 0x0) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000640)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000140), &(0x7f0000000180)) close(r3) sendmmsg(0xffffffffffffffff, &(0x7f0000002280)=[{{&(0x7f00000006c0)=@pppoe={0x18, 0x0, {0x3, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, 'ip6tnl0\x00'}}, 0x80, &(0x7f0000000ec0)=[{&(0x7f0000000740)="964616d1dafb11d6d905ea33bd4eaea0dd04eb847bc0a1210ca9456143e31b8ce14caf4a0646bc639707d10aba3e652495977a7a6d3fc41ef6364c47c2266aa410a490f920f407161207ec5352e1ce6c3822d3a2ae063583609298790a58b73fccaac3665dd78ab4a15d4c12a996799f41dc79b9f3d57a627a7517cb0b51c0cecf43519f19db25073246fa0d8e29d209ee94372325d56aa5ae8d45", 0x9b}], 0x1, &(0x7f0000000f40)=[{0x30, 0x103, 0x918, "b9b0597d21d227c112b74fbadc29c742bca992f94f18f93f4a69"}], 0x30, 0x4045}, 0x610}], 0x1, 0x4001) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x13860b96, 0xa0000) fcntl$getownex(r2, 0x10, &(0x7f0000000680)) 2018/04/06 11:41:35 executing program 6: socket$inet_udp(0x2, 0x2, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000095bffc)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) sendto$inet(r1, &(0x7f0000762fff), 0xfdc7, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001, [0x8000000000000000]}, 0x10) [ 412.918100] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014 [ 412.925358] R13: 0000000000000052 R14: 00000000006f3850 R15: 000000000000000c 2018/04/06 11:41:35 executing program 4 (fault-call:5 fault-nth:13): r0 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000200)={r1}, &(0x7f00000000c0)=0x8) close(r0) setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040), 0x4) perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$rdma_cm(0xffffffffffffffff, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080), 0x2}}, 0xfffffe84) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000002c0)={0x0, {{0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, [], 0x19}, 0x6c}}, {{0xa, 0x4e20, 0x0, @remote={0xfe, 0x80, [], 0xbb}}}}, 0x108) 2018/04/06 11:41:35 executing program 7: mount(&(0x7f0000000100)='.', &(0x7f0000000140)='.', &(0x7f0000000180)='devpts\x00', 0x0, 0x0) umount2(&(0x7f0000000000)='.', 0x2) ioctl$sock_SIOCGPGRP(0xffffffffffffff9c, 0x8904, &(0x7f0000000040)=0x0) getpriority(0x0, r0) connect$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2}, 0x10) readv(0xffffffffffffffff, &(0x7f0000000200), 0x0) syz_open_dev$admmidi(&(0x7f00000002c0)='/dev/admmidi#\x00', 0x0, 0x0) 2018/04/06 11:41:35 executing program 0: mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = dup(0xffffffffffffff9c) r1 = gettid() getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000c60000)={{{@in, @in6=@local}}, {{@in6=@ipv4={[], [], @loopback}}, 0x0, @in6=@local}}, &(0x7f0000d94000)=0xe8) getgid() getpgid(r1) getresgid(&(0x7f00000002c0), &(0x7f0000000200), &(0x7f0000000280)) getresuid(&(0x7f0000e8e000), &(0x7f0000657ffc), &(0x7f00008cbffc)) lstat(&(0x7f00000b4000)='./file0\x00', &(0x7f0000ea5fbc)) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f00004c2000)) lstat(&(0x7f0000000140)='./file0\x00', &(0x7f0000000000)) gettid() lstat(&(0x7f0000589ff8)='./file0\x00', &(0x7f000093bfbc)) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000021ff7)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x3, 0x64031, 0xffffffffffffffff, 0x0) setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000d22000)=ANY=[@ANYBLOB="726177000000000000000000000000000000000000000000000000004261000009000000030900005002000000010000ffffffffffffffff00000000ffffffffb8010000ab08000000000000b8010000ffffffff03000000"], 0x1) ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r3, r4, &(0x7f0000268000/0x18000)=nil, &(0x7f0000000080)=[@textreal={0x8, &(0x7f0000000000)="baf80c66b8d4d9f78d66efbafc0ced66b9800000c00f326635002000000f300f35dbe23e0fe3e40f20c06635040000000f22c0f3ab660f3a600474baf80c66b860489e8666efbafc0ced440f20c066350a000000440f22c0", 0x58}], 0x1, 0x0, &(0x7f00000000c0)=[@flags={0x3}], 0x1) r5 = dup3(r4, r2, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) mq_unlink(&(0x7f0000000180)='/dev/kvm\x00') ioctl$KVM_RUN(r5, 0xae80, 0x0) r6 = open(&(0x7f0000a46000)='./bus\x00', 0x8000400141042, 0x0) setsockopt$IP_VS_SO_SET_STARTDAEMON(r6, 0x0, 0x48b, &(0x7f0000000100)={0x0, 'ip6gre0\x00', 0x2}, 0x18) truncate(&(0x7f0000bec000)='./bus\x00', 0xda) ioctl$ION_IOC_HEAP_QUERY(r0, 0xc0184908, &(0x7f00000001c0)={0xb600000000000000, 0x23, 0x1, r0}) mmap(&(0x7f0000000000/0x11000)=nil, 0x11000, 0x3, 0x11, r6, 0x0) getegid() 2018/04/06 11:41:35 executing program 2: open(&(0x7f0000000000)='./bus\x00', 0x100000141842, 0x0) syz_mount_image$ntfs(&(0x7f0000000440)='ntfs\x00', &(0x7f0000000480)='./bus\x00', 0x0, 0x0, &(0x7f00000006c0), 0x1000, &(0x7f0000000740)=ANY=[]) r0 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) ioctl$LOOP_SET_CAPACITY(r0, 0x4c07) write$cgroup_pid(r0, &(0x7f0000000040)={[0x0]}, 0x1) write$cgroup_pid(r0, &(0x7f0000000180), 0x1d2) [ 413.091872] FAULT_INJECTION: forcing a failure. [ 413.091872] name failslab, interval 1, probability 0, space 0, times 0 [ 413.103219] CPU: 0 PID: 25671 Comm: syz-executor4 Not tainted 4.16.0+ #3 [ 413.110072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 413.119442] Call Trace: [ 413.122055] dump_stack+0x1b9/0x294 [ 413.125706] ? dump_stack_print_info.cold.2+0x52/0x52 [ 413.130944] ? __lock_acquire+0x7f5/0x5130 [ 413.135177] should_fail.cold.4+0xa/0x1a [ 413.139230] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 413.144325] ? debug_check_no_locks_freed+0x310/0x310 [ 413.149503] ? kfree+0xd9/0x260 [ 413.152768] ? constrain_params_by_rules+0xa38/0x1360 [ 413.157942] ? graph_lock+0x170/0x170 [ 413.161724] ? snd_pcm_oss_change_params_locked+0xc4d/0x3ce0 [ 413.167501] ? snd_pcm_oss_change_params+0x80/0xe0 [ 413.172415] ? snd_pcm_oss_make_ready+0xbe/0x170 [ 413.177152] ? snd_pcm_oss_sync.isra.29+0x27f/0x980 [ 413.182149] ? snd_pcm_oss_release+0x214/0x290 [ 413.186711] ? __fput+0x34d/0x890 [ 413.190152] ? find_held_lock+0x36/0x1c0 [ 413.194201] ? __lock_is_held+0xb5/0x140 [ 413.198252] ? check_same_owner+0x320/0x320 [ 413.202557] ? rcu_note_context_switch+0x710/0x710 [ 413.207468] ? graph_lock+0x170/0x170 [ 413.211256] should_failslab+0x124/0x180 [ 413.215302] __kmalloc+0x2c8/0x760 [ 413.218829] ? constrain_params_by_rules+0x141/0x1360 [ 413.224001] ? find_held_lock+0x36/0x1c0 [ 413.228053] constrain_params_by_rules+0x141/0x1360 [ 413.233056] ? lock_downgrade+0x8e0/0x8e0 [ 413.237200] ? snd_pcm_mmap_control_fault+0x3e0/0x3e0 [ 413.242371] ? rcu_is_watching+0x85/0x140 [ 413.246505] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 413.251680] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 413.256860] ? is_bpf_text_address+0xd7/0x170 [ 413.261339] ? kernel_text_address+0x79/0xf0 [ 413.265731] ? __unwind_start+0x166/0x330 [ 413.269859] ? __kernel_text_address+0xd/0x40 [ 413.274339] ? unwind_get_return_address+0x61/0xa0 [ 413.279251] ? __save_stack_trace+0x7e/0xd0 [ 413.283561] ? save_stack+0xa9/0xd0 [ 413.287168] ? save_stack+0x43/0xd0 [ 413.290780] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 413.295777] ? snd_interval_refine+0x428/0x700 [ 413.300341] snd_pcm_hw_refine+0x8e9/0x1180 [ 413.304648] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 413.310000] ? constrain_params_by_rules+0x1360/0x1360 [ 413.315267] ? graph_lock+0x170/0x170 [ 413.319048] ? __lock_is_held+0xb5/0x140 [ 413.323098] ? __lock_is_held+0xb5/0x140 [ 413.327147] ? snd_pcm_hw_param_near.constprop.35+0x15c/0xb10 [ 413.333024] ? rcu_read_lock_sched_held+0x108/0x120 [ 413.338028] ? kmem_cache_alloc_trace+0x616/0x780 [ 413.342853] ? _snd_pcm_hw_param_min+0x330/0x570 [ 413.347594] snd_pcm_hw_param_near.constprop.35+0x2cf/0xb10 [ 413.353290] ? _snd_pcm_hw_param_min+0x570/0x570 [ 413.358031] ? snd_pcm_hw_param_max+0x730/0x730 [ 413.362685] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 413.367856] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 413.373374] ? snd_pcm_plug_slave_size+0x1d0/0x350 [ 413.378289] snd_pcm_oss_change_params_locked+0x1b46/0x3ce0 [ 413.383990] ? snd_pcm_hw_param_near.constprop.35+0xb10/0xb10 [ 413.389864] ? debug_check_no_locks_freed+0x310/0x310 [ 413.395041] ? debug_check_no_locks_freed+0x310/0x310 [ 413.400212] ? check_same_owner+0x320/0x320 [ 413.404517] ? find_held_lock+0x36/0x1c0 [ 413.408560] ? graph_lock+0x170/0x170 [ 413.412345] ? lock_downgrade+0x8e0/0x8e0 [ 413.416477] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 413.422001] ? do_lock_file_wait.part.32+0x240/0x240 [ 413.427107] snd_pcm_oss_change_params+0x80/0xe0 [ 413.431864] snd_pcm_oss_make_ready+0xbe/0x170 [ 413.436435] snd_pcm_oss_sync.isra.29+0x27f/0x980 [ 413.441261] ? snd_pcm_oss_sync1+0x5a0/0x5a0 [ 413.445657] ? fsnotify_first_mark+0x330/0x330 [ 413.450226] snd_pcm_oss_release+0x214/0x290 [ 413.454617] ? snd_pcm_oss_sync.isra.29+0x980/0x980 [ 413.459615] __fput+0x34d/0x890 [ 413.462880] ? fput+0x1a0/0x1a0 [ 413.466149] ? _raw_spin_unlock_irq+0x27/0x70 [ 413.470635] ____fput+0x15/0x20 [ 413.473898] task_work_run+0x1e4/0x290 [ 413.477768] ? task_work_cancel+0x240/0x240 [ 413.482077] ? exit_to_usermode_loop+0x87/0x310 [ 413.486731] exit_to_usermode_loop+0x2bd/0x310 [ 413.491296] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 413.496126] do_syscall_64+0x792/0x9d0 [ 413.499994] ? vmalloc_sync_all+0x30/0x30 [ 413.504128] ? _raw_spin_unlock_irq+0x27/0x70 [ 413.508611] ? finish_task_switch+0x1ca/0x820 [ 413.513091] ? syscall_return_slowpath+0x5c0/0x5c0 [ 413.518003] ? syscall_return_slowpath+0x30f/0x5c0 [ 413.522919] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 413.528267] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 413.533092] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 413.538261] RIP: 0033:0x4552d9 2018/04/06 11:41:36 executing program 5: capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000292000)={0x0, 0x0, 0x0, 0x2000000000000000}) msgget(0x2, 0x82) [ 413.541430] RSP: 002b:00007ff8a6ac2c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000003 [ 413.549119] RAX: 0000000000000000 RBX: 00007ff8a6ac36d4 RCX: 00000000004552d9 [ 413.556369] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000013 [ 413.563621] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 413.570874] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014 [ 413.578123] R13: 0000000000000052 R14: 00000000006f3850 R15: 000000000000000d 2018/04/06 11:41:36 executing program 2: open(&(0x7f0000000000)='./bus\x00', 0x100000141842, 0x0) syz_mount_image$ntfs(&(0x7f0000000440)='ntfs\x00', &(0x7f0000000480)='./bus\x00', 0x0, 0x0, &(0x7f00000006c0), 0x1000, &(0x7f0000000740)=ANY=[]) syz_mount_image$hfs(&(0x7f0000001780)='hfs\x00', &(0x7f0000000100)='./bus\x00', 0x0, 0xccf, &(0x7f0000001a40)=[{&(0x7f0000001c00)="c3109cfc6f65b837063b7bbc3d4a7d202d2b9984a215c7b7bd25480c1babe9aadb78e3c53ec529cb288497a5ff7386ab50bc1a8c89", 0x0, 0x401}, {&(0x7f0000001800)="2ddea5d98171285eddea030c82c3ebbbe9ef0086979c4d89f51697a723698cc79f113fca18d8ec8bb4942cb405ffaeeeafc6b09a0aa44324f534c9b7f57352f0c6be30573567dee6adbbdffa5bc32a5b00201e68181092887cf576f0703f060812cd5047561a4c92d2fe195c21c60625c482c212ec431a19596ad1012108999bc75ae3480f0e76a36376ac63a8", 0x0, 0x5}, {&(0x7f00000018c0)="c5530d8833354b18ef6baebf606c24f24d221ae3c07931be7198141ec53fd728927e5f00e021449a33baca2a22cf99667bb62ad1c43215e3f08aaced4246a353f263c0b7595b47c7a50af4436c372f265f8434d31934351c965767c877bce2ca431539e8a01395cb17c6c5e7c94ccf3bafb07d8b5e8c8a7c931e0d769db9d35a00cb5aa0044e6a6a561fd1afe1", 0x0, 0x5}, {&(0x7f0000001ac0)="a6c3452050343eb065584cf53ea65ae330a5f6fabf78091e23a81fecb3775e4b4b863ad23c978b4d06569e6a36869f4d6ab49a561ec1407526f64751bf75483fb2755e3dd399f154e42b71bf2ba4b06f84d08c82013cccce8d83cc8522875560acd751f4f33688881c070e6ef463499ee9e91f792ae72561196b6ba9dc495e6762dbb6f5c913a4aeab57f7ff1fec996193598848aca0c65638fffb8af2141e66a90fe4ae167772c4c599843c560c877e454fdb686a3b7df3bc64de67f0ab300a68bb0beb5a6e2c52ef9e161399bf3a9939b04d804247cd6b3c9682eaf9ba0fdf8721b778b0f8e7905b17a1210b17ce35b1fb4f78497d438165b2019a31462ffaad8347218795323dd876bfaa1f6f7eec0187f0b9e41c54ba73230f635b3f4c2fd658e725afc3135bbb160347c72457a5da34344443b7f7c8ab479f9e63", 0x0, 0x7}], 0x10000, &(0x7f0000000780)=ANY=[]) ioctl$LOOP_SET_CAPACITY(0xffffffffffffffff, 0x4c07) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000040)={[0x0]}, 0x1) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000180), 0x1d2) 2018/04/06 11:41:36 executing program 7: r0 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x1, 0x4000000) ioctl$LOOP_SET_DIRECT_IO(r0, 0x40101283, 0x0) r1 = creat(&(0x7f0000000040)='./file0\x00', 0x1a0) ioctl$KDGKBSENT(r1, 0x4b48, &(0x7f0000000080)={0x10000, 0x20, 0x9}) recvmsg$kcm(r0, &(0x7f0000000640)={&(0x7f00000000c0)=@un=@abs, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000140)=""/90, 0x5a}, {&(0x7f00000001c0)=""/153, 0x99}, {&(0x7f0000000280)=""/34, 0x22}, {&(0x7f00000002c0)=""/79, 0x4f}, {&(0x7f0000000340)=""/123, 0x7b}, {&(0x7f00000003c0)=""/224, 0xe0}], 0x6, &(0x7f0000000540)=""/254, 0xfe, 0x42aa38d}, 0x41) fanotify_mark(r1, 0x0, 0x10008, r1, &(0x7f00000006c0)='./file0/file0\x00') ioctl$TTUNGETFILTER(r1, 0x801054db, &(0x7f0000000840)=""/3) getsockopt$sock_buf(r1, 0x1, 0x3b, &(0x7f0000000880)=""/78, &(0x7f0000000900)=0x4e) syz_open_dev$loop(&(0x7f0000000680)='/dev/loop#\x00', 0x1, 0x8000) ioctl$TIOCGPGRP(r1, 0x540f, &(0x7f0000000700)=0x0) waitid(0x0, r2, &(0x7f0000000740), 0x20000003, &(0x7f0000000780)) 2018/04/06 11:41:36 executing program 3: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) fcntl$getownex(0xffffffffffffff9c, 0x10, &(0x7f0000000100)) getpid() fcntl$getown(0xffffffffffffff9c, 0x9) gettid() ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) getpgrp(r0) r1 = memfd_create(&(0x7f0000000080)='em1\x00', 0x2) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000200)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) sigaltstack(&(0x7f0000013000/0x1000)=nil, &(0x7f00000000c0)) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000258f88)) msgsnd(0x0, &(0x7f0000284ff8)={0x3}, 0x0, 0x0) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000240)={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000640)={'\x00', 0x0}) ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f0000000680)=r3) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000b40)={&(0x7f0000011000/0x4000)=nil, 0x4000}) io_setup(0x1000, &(0x7f0000000040)) io_submit(0x0, 0x930000000000, &(0x7f0000000000)) ioctl$VHOST_RESET_OWNER(r1, 0xaf02, 0x0) 2018/04/06 11:41:36 executing program 5: capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) msgget(0x2, 0x58) r0 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x6, 0x80200) r1 = accept4$packet(0xffffffffffffff9c, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000080)=0x14, 0x80000) lstat(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$EVIOCGEFFECTS(r0, 0x80044584, &(0x7f00000002c0)=""/2) setsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f00000001c0)={{{@in=@loopback=0x7f000001, @in=@dev={0xac, 0x14, 0x14, 0x11}, 0x4e20, 0x8, 0x4e21, 0x8, 0x2, 0x20, 0xa0, 0xbd, r2, r3}, {0x1, 0x7, 0x2, 0x3, 0xffffffff, 0x5, 0x5, 0x3f}, {0x8000, 0x3, 0x2, 0x8000}, 0x3, 0x6e6bb6, 0x0, 0x1, 0x2}, {{@in6=@dev={0xfe, 0x80, [], 0xc}, 0x4d2, 0x6c}, 0xa, @in6, 0x3506, 0x3, 0x0, 0x2, 0x8, 0x40, 0x101}}, 0xe8) ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000340)={'ip6gre0\x00', &(0x7f0000000300)=@ethtool_sset_info={0x37, 0x7, 0x1ff, [0xffffffffffffff7c, 0x4, 0x15]}}) dup3(r1, r0, 0x80000) 2018/04/06 11:41:36 executing program 1: r0 = socket(0x0, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) r1 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x52, r1, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000000200)={0x0, 0x4c, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30445cc3106098c1375dee48494f9360a6dceec8517e"}, &(0x7f00000000c0)=0x54) close(r1) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$alg(0x26, 0x5, 0x0) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000640)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000140), &(0x7f0000000180)) close(r3) sendmmsg(0xffffffffffffffff, &(0x7f0000002280)=[{{&(0x7f00000006c0)=@pppoe={0x18, 0x0, {0x3, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, 'ip6tnl0\x00'}}, 0x80, &(0x7f0000000ec0)=[{&(0x7f0000000740)="964616d1dafb11d6d905ea33bd4eaea0dd04eb847bc0a1210ca9456143e31b8ce14caf4a0646bc639707d10aba3e652495977a7a6d3fc41ef6364c47c2266aa410a490f920f407161207ec5352e1ce6c3822d3a2ae063583609298790a58b73fccaac3665dd78ab4a15d4c12a996799f41dc79b9f3d57a627a7517cb0b51c0cecf43519f19db25073246fa0d8e29d209ee94372325d56aa5ae8d45", 0x9b}], 0x1, &(0x7f0000000f40)=[{0x30, 0x103, 0x918, "b9b0597d21d227c112b74fbadc29c742bca992f94f18f93f4a69"}], 0x30, 0x4045}, 0x610}], 0x1, 0x4001) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x13860b96, 0xa0000) fcntl$getownex(r2, 0x10, &(0x7f0000000680)) 2018/04/06 11:41:36 executing program 6: socket$inet_udp(0x2, 0x2, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000095bffc)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) sendto$inet(r1, &(0x7f0000762fff), 0xfdc7, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001, [0x4000000]}, 0x10) 2018/04/06 11:41:36 executing program 7: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)="2e65f73fbd65242f6367726f004431895fa88174f952e99c54e09cbb16d785f6eaed4d9a709d1a0bc463f8a06634c2e4c13e7989cb058c58584425161a421bcc811c17a76397b8158faac601881d89a035a6391075bcd2", 0x200002, 0x0) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/autofs\x00', 0x200000, 0x0) ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x8, 0x7ff, 0x0, 0x9, 0x12, 0x3de43e876347e678, "fb68071cb14fa5dd7047d6be507c1fd9e3ab5662760cd39d1587b7eb780b1ce86da5b122b135fd077da1afabb52cd83c0f7bda55040843e3bd66cf0073614c25", "0dd40d73ff29ad3586bc86b9d9b4b517074eb59d782442f6a2eae16be23bdff2fcf97c6442a570d9ead868bff17581751edb91daa40ab33befbff445fa83ce1c", "8ff43cc4bfc150f594eb0cf7d98b5640facd46352ac69b22d146451772c2034e", [0x7fffffff, 0x6]}) r2 = openat$cgroup_int(r0, &(0x7f0000000240)='cgroup.max.descendants\x00', 0x2, 0x0) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000400)={r1, &(0x7f0000000340)="3f88ccf3376a2ac2d865e70fb89f37d8948ffd1b1e571ce5cf47bea4b6731237c015e18698134ce1a57c2c8a0fa659d880211eda67cd4101f4948dcac71642da3e3c45b784ee82f1811e4ab4a83c3dc0d7823b", &(0x7f00000003c0)=""/51}, 0x18) write$cgroup_int(r2, &(0x7f0000000440)=ANY=[@ANYBLOB="10d740efb49ec5b1"], 0x1) getsockname$netrom(r1, &(0x7f00000002c0)=@full, &(0x7f0000000000)=0x48) sendfile(r2, r2, &(0x7f0000000040), 0x1) 2018/04/06 11:41:36 executing program 5: capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) msgget(0x3, 0x5c) r0 = add_key$user(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={0x73, 0x79, 0x7a, 0x3}, &(0x7f0000000140)="58592464e37b99f9edc1f70dbcc4d6f030c6bb7896fe45ce57763c33b9c7533e04c898d0bdf9187bf4fdc5c1353e2f49fd29ed047dc8f3b9e1e474f15153bd75ba0be375c4190c1e8d1850e2245e264aacd84ea669b988d4758918b440ee67f02e64efa1cdc32e4905e3b4e68fb2e6bef5f3283bbba521aadbbb8af51df95b26a2e9ba33ed97ed26de0fd66cec0c10f2db2ff65bfa3119b0d479b24b369a5c1cfe18f0ce48f4e4f97444406b889d7896120894a699c2", 0xb6, 0xffffffffffffffff) socketpair$packet(0x11, 0x2, 0x300, &(0x7f00000003c0)) r1 = add_key(&(0x7f0000000340)='logon\x00', &(0x7f0000000380)={0x73, 0x79, 0x7a, 0x3}, 0x0, 0x0, 0xffffffffffffffff) r2 = syz_open_dev$adsp(&(0x7f0000000400)='/dev/adsp#\x00', 0x4, 0x400) ioctl$VT_GETSTATE(r2, 0x5603, &(0x7f0000000440)={0xd9e, 0x5, 0x10000}) keyctl$instantiate_iov(0x14, r0, &(0x7f0000000300)=[{&(0x7f0000000080)="48d5b92a9008ad2c4969ac38006415e70dcbbd339f6c60d1250a88b192f226d86f778b35595a7bade93ebac0e8f7169188b6dac42d3e2b35a40db10e60b5962f261a7f2e528a45600175a8cf19ebf9f6fec4723f6a478a3f1237e44bfde5df04f86ba43116f4a910e0981fe9ebaeeb4f68c2a4abcc5684ab6a0966c668", 0x7d}, {&(0x7f0000000200)="9d019d470031e1990bf3ac764a5fb57155a877f711cce7554b9cbfc34db1eeba317484770aecd3ce0663476f98e32579c16be27d1c03f39b8e98d28a334058c6ed2383fcb8ba23f65d4ccc981a4fed90f45c58a5c61b178bd5bba10a43220f1cb05d84096f252269158b6f42c817399bf8e05ae1547a4b85ec10797935c1e369f9a7bc74a7be9cd5ae93121b03a98eacbbc29c51659d2a9f8ed980af9d80d4081f2e16411774da0081ea4d83b0bf2e314367bf2c0cb64a3815ecf9c1bd31f974b661e015c2b9a9214ea7d27fa75acbb8", 0xd0}], 0x2, r1) sendmsg$key(r2, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000480)={0x2, 0x4, 0x4, 0xf, 0xa, 0x0, 0x70bd2a, 0x25dfdbfc, [@sadb_ident={0x2, 0xb, 0x200, 0x0, 0x6}, @sadb_x_sa2={0x2, 0x13, 0x401, 0x0, 0x0, 0x70bd2d, 0x3503}, @sadb_sa={0x2, 0x1, 0x4d4, 0x6, 0x1ea1298, 0x81, 0x4, 0x40000000}, @sadb_sa={0x2, 0x1, 0x4d2, 0x6, 0x66f, 0xf3, 0x3, 0x80000000}]}, 0x50}, 0x1}, 0x800) 2018/04/06 11:41:36 executing program 2: open(&(0x7f0000000000)='./bus\x00', 0x100000141842, 0x0) syz_mount_image$ntfs(&(0x7f0000000440)='ntfs\x00', &(0x7f0000000480)='./bus\x00', 0x0, 0x0, &(0x7f00000006c0), 0x1000, &(0x7f0000000740)=ANY=[]) syz_mount_image$hfs(&(0x7f0000001780)='hfs\x00', &(0x7f0000000100)='./bus\x00', 0x0, 0xccf, &(0x7f0000001a40)=[{&(0x7f0000001c00)="c3109cfc6f65b837063b7bbc3d4a7d202d2b9984a215c7b7bd25480c1babe9aadb78e3c53ec529cb288497a5ff7386ab50bc1a8c89", 0x0, 0x401}, {&(0x7f0000001800)="2ddea5d98171285eddea030c82c3ebbbe9ef0086979c4d89f51697a723698cc79f113fca18d8ec8bb4942cb405ffaeeeafc6b09a0aa44324f534c9b7f57352f0c6be30573567dee6adbbdffa5bc32a5b00201e68181092887cf576f0703f060812cd5047561a4c92d2fe195c21c60625c482c212ec431a19596ad1012108999bc75ae3480f0e76a36376ac63a8", 0x0, 0x5}, {&(0x7f00000018c0)="c5530d8833354b18ef6baebf606c24f24d221ae3c07931be7198141ec53fd728927e5f00e021449a33baca2a22cf99667bb62ad1c43215e3f08aaced4246a353f263c0b7595b47c7a50af4436c372f265f8434d31934351c965767c877bce2ca431539e8a01395cb17c6c5e7c94ccf3bafb07d8b5e8c8a7c931e0d769db9d35a00cb5aa0044e6a6a561fd1afe1", 0x0, 0x5}, {&(0x7f0000001ac0)="a6c3452050343eb065584cf53ea65ae330a5f6fabf78091e23a81fecb3775e4b4b863ad23c978b4d06569e6a36869f4d6ab49a561ec1407526f64751bf75483fb2755e3dd399f154e42b71bf2ba4b06f84d08c82013cccce8d83cc8522875560acd751f4f33688881c070e6ef463499ee9e91f792ae72561196b6ba9dc495e6762dbb6f5c913a4aeab57f7ff1fec996193598848aca0c65638fffb8af2141e66a90fe4ae167772c4c599843c560c877e454fdb686a3b7df3bc64de67f0ab300a68bb0beb5a6e2c52ef9e161399bf3a9939b04d804247cd6b3c9682eaf9ba0fdf8721b778b0f8e7905b17a1210b17ce35b1fb4f78497d438165b2019a31462ffaad8347218795323dd876bfaa1f6f7eec0187f0b9e41c54ba73230f635b3f4c2fd658e725afc3135bbb160347c72457a5da34344443b7f7c8ab479f9e63", 0x0, 0x7}], 0x10000, &(0x7f0000000780)=ANY=[]) ioctl$LOOP_SET_CAPACITY(0xffffffffffffffff, 0x4c07) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000040)={[0x0]}, 0x1) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000180), 0x1d2) 2018/04/06 11:41:36 executing program 7: r0 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0xb8, 0x10000) ioctl$KDSKBLED(r0, 0x4b65, 0x80) r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000100)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)=@ipv4_getroute={0x14, 0x1a, 0x0, 0x0, 0x25dfdbfe, {0x2}}, 0x14}, 0x1}, 0x0) write(r1, &(0x7f00000000c0), 0xb0a06d08874af483) 2018/04/06 11:41:36 executing program 5: capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000000)={0x0, 0x0}) ptrace$setregset(0x4205, r0, 0x201, &(0x7f00000000c0)={&(0x7f0000000040)="81570c8e26cb1fa3a36c0b2fb0e61fd73e3f7804e84d7684d3086823aaf4360ee4f5a4a4c5350f95f1c2182d4e6004490c455feda61fe3cedd67a3a286f30939079e3a99c070dc08c9e2ab", 0x4b}) msgget(0x2, 0x58) [ 414.582526] FAULT_FLAG_ALLOW_RETRY missing 30 [ 414.587178] CPU: 0 PID: 25699 Comm: syz-executor3 Not tainted 4.16.0+ #3 [ 414.594010] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 414.603750] Call Trace: [ 414.606331] dump_stack+0x1b9/0x294 [ 414.609942] ? dump_stack_print_info.cold.2+0x52/0x52 [ 414.615114] ? kasan_check_write+0x14/0x20 [ 414.619344] ? do_raw_spin_lock+0xc1/0x200 [ 414.623584] handle_userfault.cold.32+0x44/0x57 [ 414.628235] ? handle_userfault+0x16c6/0x2760 [ 414.632714] ? userfaultfd_ioctl+0x4d10/0x4d10 [ 414.637277] ? debug_check_no_locks_freed+0x310/0x310 [ 414.642453] ? find_held_lock+0x36/0x1c0 [ 414.646512] ? print_usage_bug+0xc0/0xc0 [ 414.650559] ? print_usage_bug+0xc0/0xc0 [ 414.654607] ? check_same_owner+0x320/0x320 [ 414.658914] ? do_raw_spin_unlock+0x9e/0x2e0 [ 414.663311] ? __lock_acquire+0x7f5/0x5130 [ 414.667529] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 414.673050] ? graph_lock+0x170/0x170 [ 414.676836] ? debug_check_no_locks_freed+0x310/0x310 [ 414.682008] ? find_held_lock+0x36/0x1c0 [ 414.686063] ? lock_downgrade+0x8e0/0x8e0 [ 414.690196] ? kasan_check_read+0x11/0x20 [ 414.694326] ? do_raw_spin_unlock+0x9e/0x2e0 [ 414.698726] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 414.703301] ? kasan_check_write+0x14/0x20 [ 414.707517] ? do_raw_spin_lock+0xc1/0x200 [ 414.711747] __handle_mm_fault+0x34be/0x4150 [ 414.716160] ? vm_insert_mixed_mkwrite+0x40/0x40 [ 414.720897] ? graph_lock+0x170/0x170 [ 414.724680] ? find_held_lock+0x36/0x1c0 [ 414.728725] ? lock_downgrade+0x8e0/0x8e0 [ 414.732859] ? handle_mm_fault+0x8c0/0xc70 [ 414.737079] handle_mm_fault+0x53a/0xc70 [ 414.741132] ? __handle_mm_fault+0x4150/0x4150 [ 414.745700] ? find_vma+0x34/0x190 [ 414.749220] __do_page_fault+0x60b/0xe40 [ 414.753264] ? mm_fault_error+0x380/0x380 [ 414.757408] ? graph_lock+0x170/0x170 [ 414.761196] do_page_fault+0xee/0x8a7 [ 414.764980] ? vmalloc_sync_all+0x30/0x30 [ 414.769117] ? find_held_lock+0x36/0x1c0 [ 414.773165] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 414.777990] page_fault+0x25/0x50 [ 414.781427] RIP: 0010:copy_user_generic_unrolled+0x86/0xc0 [ 414.787030] RSP: 0018:ffff88018f14fce8 EFLAGS: 00010206 [ 414.792389] RAX: ffffed0031e29fae RBX: 0000000000000018 RCX: 0000000000000003 [ 414.799638] RDX: 0000000000000000 RSI: 0000000020013000 RDI: ffff88018f14fd58 [ 414.806886] RBP: ffff88018f14fd20 R08: ffffed0031e29fae R09: ffffed0031e29fab [ 414.814135] R10: ffffed0031e29fad R11: ffff88018f14fd6f R12: 0000000020013018 [ 414.821383] R13: 0000000020013000 R14: ffff88018f14fd58 R15: 00007ffffffff000 [ 414.828650] ? _copy_from_user+0x10d/0x150 [ 414.832867] SyS_sigaltstack+0xae/0x320 [ 414.836821] ? do_sigaction+0xa50/0xa50 [ 414.840776] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 414.846295] ? fput+0x130/0x1a0 [ 414.849553] ? ksys_ioctl+0x81/0xd0 [ 414.853160] ? do_syscall_64+0xb7/0x9d0 [ 414.857115] ? do_sigaction+0xa50/0xa50 [ 414.861068] do_syscall_64+0x29e/0x9d0 [ 414.864937] ? vmalloc_sync_all+0x30/0x30 [ 414.869070] ? _raw_spin_unlock_irq+0x27/0x70 [ 414.873544] ? finish_task_switch+0x1ca/0x820 [ 414.878043] ? syscall_return_slowpath+0x5c0/0x5c0 [ 414.882961] ? syscall_return_slowpath+0x30f/0x5c0 [ 414.887873] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 414.893219] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 414.898051] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 414.903219] RIP: 0033:0x4552d9 [ 414.906386] RSP: 002b:00007ff15ecfec68 EFLAGS: 00000246 ORIG_RAX: 0000000000000083 [ 414.914071] RAX: ffffffffffffffda RBX: 00007ff15ecff6d4 RCX: 00000000004552d9 [ 414.921319] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000020013000 [ 414.928564] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 414.935811] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 414.943057] R13: 0000000000000608 R14: 00000000006fc160 R15: 0000000000000000 [ 415.085960] FAULT_FLAG_ALLOW_RETRY missing 30 [ 415.090588] CPU: 0 PID: 25754 Comm: syz-executor3 Not tainted 4.16.0+ #3 [ 415.097418] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 415.106750] Call Trace: [ 415.109326] dump_stack+0x1b9/0x294 [ 415.112936] ? dump_stack_print_info.cold.2+0x52/0x52 [ 415.118106] ? kasan_check_write+0x14/0x20 [ 415.122322] ? do_raw_spin_lock+0xc1/0x200 [ 415.126543] handle_userfault.cold.32+0x44/0x57 [ 415.131191] ? handle_userfault+0x16c6/0x2760 [ 415.135672] ? userfaultfd_ioctl+0x4d10/0x4d10 [ 415.140235] ? debug_check_no_locks_freed+0x310/0x310 [ 415.145408] ? find_held_lock+0x36/0x1c0 [ 415.149453] ? print_usage_bug+0xc0/0xc0 [ 415.153508] ? print_usage_bug+0xc0/0xc0 [ 415.157559] ? kasan_check_read+0x11/0x20 [ 415.161692] ? check_same_owner+0x320/0x320 [ 415.165992] ? do_raw_spin_unlock+0x9e/0x2e0 [ 415.170390] ? __lock_acquire+0x7f5/0x5130 [ 415.174606] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 415.180123] ? graph_lock+0x170/0x170 [ 415.183905] ? debug_check_no_locks_freed+0x310/0x310 [ 415.189076] ? find_held_lock+0x36/0x1c0 [ 415.193122] ? lock_downgrade+0x8e0/0x8e0 [ 415.197273] ? kasan_check_read+0x11/0x20 [ 415.201415] ? do_raw_spin_unlock+0x9e/0x2e0 [ 415.205801] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 415.210365] ? kasan_check_write+0x14/0x20 [ 415.214580] ? do_raw_spin_lock+0xc1/0x200 [ 415.218800] __handle_mm_fault+0x34be/0x4150 [ 415.223194] ? vm_insert_mixed_mkwrite+0x40/0x40 [ 415.227930] ? graph_lock+0x170/0x170 [ 415.231710] ? graph_lock+0x170/0x170 [ 415.235501] ? find_held_lock+0x36/0x1c0 [ 415.239548] ? lock_downgrade+0x8e0/0x8e0 [ 415.243679] ? handle_mm_fault+0x8c0/0xc70 [ 415.247893] handle_mm_fault+0x53a/0xc70 [ 415.251938] ? __handle_mm_fault+0x4150/0x4150 [ 415.256502] ? find_vma+0x34/0x190 [ 415.260033] __do_page_fault+0x60b/0xe40 [ 415.264076] ? mm_fault_error+0x380/0x380 [ 415.268204] ? graph_lock+0x170/0x170 [ 415.271985] do_page_fault+0xee/0x8a7 [ 415.275766] ? vmalloc_sync_all+0x30/0x30 [ 415.279902] ? __fget+0x40c/0x650 [ 415.283347] ? find_held_lock+0x36/0x1c0 [ 415.287394] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 415.292222] page_fault+0x25/0x50 [ 415.295654] RIP: 0010:copy_user_generic_unrolled+0x86/0xc0 [ 415.301257] RSP: 0018:ffff88018ecd7ce8 EFLAGS: 00010206 [ 415.306598] RAX: ffffed0031d9afae RBX: 0000000000000018 RCX: 0000000000000003 [ 415.313847] RDX: 0000000000000000 RSI: 0000000020013000 RDI: ffff88018ecd7d58 [ 415.321094] RBP: ffff88018ecd7d20 R08: ffffed0031d9afae R09: ffffed0031d9afab [ 415.328343] R10: ffffed0031d9afad R11: ffff88018ecd7d6f R12: 0000000020013018 [ 415.335592] R13: 0000000020013000 R14: ffff88018ecd7d58 R15: 00007ffffffff000 [ 415.342859] ? _copy_from_user+0x10d/0x150 [ 415.347081] SyS_sigaltstack+0xae/0x320 [ 415.351042] ? do_sigaction+0xa50/0xa50 [ 415.355001] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 415.360539] ? fput+0x130/0x1a0 [ 415.363800] ? ksys_ioctl+0x81/0xd0 [ 415.367407] ? do_syscall_64+0xb7/0x9d0 [ 415.371363] ? do_sigaction+0xa50/0xa50 [ 415.375320] do_syscall_64+0x29e/0x9d0 [ 415.379191] ? _raw_spin_unlock_irq+0x27/0x70 [ 415.383665] ? finish_task_switch+0x1ca/0x820 [ 415.388139] ? syscall_return_slowpath+0x5c0/0x5c0 [ 415.393051] ? syscall_return_slowpath+0x30f/0x5c0 [ 415.397961] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 415.403307] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 415.408145] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 415.413321] RIP: 0033:0x4552d9 [ 415.416487] RSP: 002b:00007ff15ecbcc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000083 [ 415.424173] RAX: ffffffffffffffda RBX: 00007ff15ecbd6d4 RCX: 00000000004552d9 2018/04/06 11:41:37 executing program 4 (fault-call:5 fault-nth:14): r0 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000200)={r1}, &(0x7f00000000c0)=0x8) close(r0) setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040), 0x4) perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$rdma_cm(0xffffffffffffffff, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080), 0x2}}, 0xfffffe84) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000002c0)={0x0, {{0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, [], 0x19}, 0x6c}}, {{0xa, 0x4e20, 0x0, @remote={0xfe, 0x80, [], 0xbb}}}}, 0x108) 2018/04/06 11:41:37 executing program 3: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) fcntl$getownex(0xffffffffffffff9c, 0x10, &(0x7f0000000100)) getpid() fcntl$getown(0xffffffffffffff9c, 0x9) gettid() ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) getpgrp(r0) r1 = memfd_create(&(0x7f0000000080)='em1\x00', 0x2) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000200)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) sigaltstack(&(0x7f0000013000/0x1000)=nil, &(0x7f00000000c0)) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000258f88)) msgsnd(0x0, &(0x7f0000284ff8)={0x3}, 0x0, 0x0) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000240)={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000640)={'\x00', 0x0}) ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f0000000680)=r3) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000b40)={&(0x7f0000011000/0x4000)=nil, 0x4000}) io_setup(0x1000, &(0x7f0000000040)) io_submit(0x0, 0x204f00, &(0x7f0000000000)) ioctl$VHOST_RESET_OWNER(r1, 0xaf02, 0x0) 2018/04/06 11:41:37 executing program 0: r0 = syz_open_dev$sndmidi(&(0x7f0000000000)='/dev/snd/midiC#D#\x00', 0xfffffffffffffffc, 0x20200) ioctl$EVIOCGKEYCODE(r0, 0x80084504, &(0x7f0000000040)=""/64) r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000c2d000)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$VHOST_SET_LOG_BASE(r1, 0xaf01, &(0x7f0000307000)=&(0x7f0000000100)) 2018/04/06 11:41:37 executing program 1: r0 = socket(0x0, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) r1 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x52, r1, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000000200)={0x0, 0x4c, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30445cc3106098c1375dee48494f9360a6dceec8517e"}, &(0x7f00000000c0)=0x54) close(r1) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$alg(0x26, 0x5, 0x0) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000640)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000140), &(0x7f0000000180)) close(r3) sendmmsg(0xffffffffffffffff, &(0x7f0000002280)=[{{&(0x7f00000006c0)=@pppoe={0x18, 0x0, {0x3, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, 'ip6tnl0\x00'}}, 0x80, &(0x7f0000000ec0)=[{&(0x7f0000000740)="964616d1dafb11d6d905ea33bd4eaea0dd04eb847bc0a1210ca9456143e31b8ce14caf4a0646bc639707d10aba3e652495977a7a6d3fc41ef6364c47c2266aa410a490f920f407161207ec5352e1ce6c3822d3a2ae063583609298790a58b73fccaac3665dd78ab4a15d4c12a996799f41dc79b9f3d57a627a7517cb0b51c0cecf43519f19db25073246fa0d8e29d209ee94372325d56aa5ae8d45", 0x9b}], 0x1, &(0x7f0000000f40)=[{0x30, 0x103, 0x918, "b9b0597d21d227c112b74fbadc29c742bca992f94f18f93f4a69"}], 0x30, 0x4045}, 0x610}], 0x1, 0x4001) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x13860b96, 0xa0000) fcntl$getownex(r2, 0x10, &(0x7f0000000680)) 2018/04/06 11:41:37 executing program 6: socket$inet_udp(0x2, 0x2, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000095bffc)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) sendto$inet(r1, &(0x7f0000762fff), 0xfdc7, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001, [0x400300]}, 0x10) 2018/04/06 11:41:37 executing program 5: capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) msgget(0x2, 0x58) r0 = add_key(&(0x7f00000000c0)='encrypted\x00', &(0x7f0000000140)={0x73, 0x79, 0x7a, 0x3}, &(0x7f0000000180)="56b39c397f1b9e0dda2f2cc99f8ea2656eb2073fcb956bc6510d320095e85ba9e3e098ffdc7864a528e0114f36a9ff4eb21db58dd2ef6b0df8c8f15b8de56cdded8c39e0aab01aa48dbfb5b095969fdd1e6d8bc657a44768583dc41e9209febcaf5a52aca6d4d8864480ce909d1f993a91179477e55fa0de633936ff03452580d838908271a4a6721b2fe967972acfa39fb2ba2c0fd6f666cf7b4032960c9d6e8cd7bbeca33e97c37333ca4e6e75598c99cce68ea8b56d2753", 0xb9, 0xfffffffffffffffc) request_key(&(0x7f0000000000)='rxrpc\x00', &(0x7f0000000040)={0x73, 0x79, 0x7a, 0x1}, &(0x7f0000000080)='\x00', r0) 2018/04/06 11:41:37 executing program 7: r0 = socket(0x0, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) r1 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x52, r1, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000000200)={0x0, 0x4c, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30445cc3106098c1375dee48494f9360a6dceec8517e"}, &(0x7f00000000c0)=0x54) close(r1) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$alg(0x26, 0x5, 0x0) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000640)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000140), &(0x7f0000000180)) close(r3) sendmmsg(0xffffffffffffffff, &(0x7f0000002280)=[{{&(0x7f00000006c0)=@pppoe={0x18, 0x0, {0x3, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, 'ip6tnl0\x00'}}, 0x80, &(0x7f0000000ec0)=[{&(0x7f0000000740)="964616d1dafb11d6d905ea33bd4eaea0dd04eb847bc0a1210ca9456143e31b8ce14caf4a0646bc639707d10aba3e652495977a7a6d3fc41ef6364c47c2266aa410a490f920f407161207ec5352e1ce6c3822d3a2ae063583609298790a58b73fccaac3665dd78ab4a15d4c12a996799f41dc79b9f3d57a627a7517cb0b51c0cecf43519f19db25073246fa0d8e29d209ee94372325d56aa5ae8d45", 0x9b}], 0x1, &(0x7f0000000f40)=[{0x30, 0x103, 0x918, "b9b0597d21d227c112b74fbadc29c742bca992f94f18f93f4a69"}], 0x30, 0x4045}, 0x610}], 0x1, 0x4001) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x13860b96, 0xa0000) fcntl$getownex(r2, 0x10, &(0x7f0000000680)) 2018/04/06 11:41:37 executing program 2: open(&(0x7f0000000000)='./bus\x00', 0x100000141842, 0x0) syz_mount_image$ntfs(&(0x7f0000000440)='ntfs\x00', &(0x7f0000000480)='./bus\x00', 0x0, 0x0, &(0x7f00000006c0), 0x1000, &(0x7f0000000740)=ANY=[]) syz_mount_image$hfs(&(0x7f0000001780)='hfs\x00', &(0x7f0000000100)='./bus\x00', 0x0, 0xccf, &(0x7f0000001a40)=[{&(0x7f0000001c00)="c3109cfc6f65b837063b7bbc3d4a7d202d2b9984a215c7b7bd25480c1babe9aadb78e3c53ec529cb288497a5ff7386ab50bc1a8c89", 0x0, 0x401}, {&(0x7f0000001800)="2ddea5d98171285eddea030c82c3ebbbe9ef0086979c4d89f51697a723698cc79f113fca18d8ec8bb4942cb405ffaeeeafc6b09a0aa44324f534c9b7f57352f0c6be30573567dee6adbbdffa5bc32a5b00201e68181092887cf576f0703f060812cd5047561a4c92d2fe195c21c60625c482c212ec431a19596ad1012108999bc75ae3480f0e76a36376ac63a8", 0x0, 0x5}, {&(0x7f00000018c0)="c5530d8833354b18ef6baebf606c24f24d221ae3c07931be7198141ec53fd728927e5f00e021449a33baca2a22cf99667bb62ad1c43215e3f08aaced4246a353f263c0b7595b47c7a50af4436c372f265f8434d31934351c965767c877bce2ca431539e8a01395cb17c6c5e7c94ccf3bafb07d8b5e8c8a7c931e0d769db9d35a00cb5aa0044e6a6a561fd1afe1", 0x0, 0x5}, {&(0x7f0000001ac0)="a6c3452050343eb065584cf53ea65ae330a5f6fabf78091e23a81fecb3775e4b4b863ad23c978b4d06569e6a36869f4d6ab49a561ec1407526f64751bf75483fb2755e3dd399f154e42b71bf2ba4b06f84d08c82013cccce8d83cc8522875560acd751f4f33688881c070e6ef463499ee9e91f792ae72561196b6ba9dc495e6762dbb6f5c913a4aeab57f7ff1fec996193598848aca0c65638fffb8af2141e66a90fe4ae167772c4c599843c560c877e454fdb686a3b7df3bc64de67f0ab300a68bb0beb5a6e2c52ef9e161399bf3a9939b04d804247cd6b3c9682eaf9ba0fdf8721b778b0f8e7905b17a1210b17ce35b1fb4f78497d438165b2019a31462ffaad8347218795323dd876bfaa1f6f7eec0187f0b9e41c54ba73230f635b3f4c2fd658e725afc3135bbb160347c72457a5da34344443b7f7c8ab479f9e63", 0x0, 0x7}], 0x10000, &(0x7f0000000780)=ANY=[]) ioctl$LOOP_SET_CAPACITY(0xffffffffffffffff, 0x4c07) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000040)={[0x0]}, 0x1) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000180), 0x1d2) [ 415.431428] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000020013000 [ 415.438680] RBP: 000000000072c010 R08: 0000000000000000 R09: 0000000000000000 [ 415.445927] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 415.453173] R13: 0000000000000608 R14: 00000000006fc160 R15: 0000000000000002 [ 415.520208] FAULT_INJECTION: forcing a failure. [ 415.520208] name failslab, interval 1, probability 0, space 0, times 0 [ 415.522378] encrypted_key: insufficient parameters specified [ 415.531536] CPU: 1 PID: 25759 Comm: syz-executor4 Not tainted 4.16.0+ #3 [ 415.531547] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 415.531553] Call Trace: [ 415.531577] dump_stack+0x1b9/0x294 [ 415.531601] ? dump_stack_print_info.cold.2+0x52/0x52 [ 415.565227] should_fail.cold.4+0xa/0x1a [ 415.569311] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 415.574426] ? __lock_acquire+0x7f5/0x5130 [ 415.578677] ? graph_lock+0x170/0x170 [ 415.582497] ? find_held_lock+0x36/0x1c0 [ 415.582509] encrypted_key: insufficient parameters specified [ 415.586560] ? __lock_is_held+0xb5/0x140 [ 415.586591] ? check_same_owner+0x320/0x320 [ 415.586608] ? do_raw_spin_lock+0xc1/0x200 [ 415.586627] ? rcu_note_context_switch+0x710/0x710 [ 415.586643] ? trace_hardirqs_off+0xd/0x10 [ 415.586661] ? _raw_spin_unlock_irqrestore+0x63/0xc0 2018/04/06 11:41:38 executing program 5: capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) msgget(0x1, 0x58) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_HMAC_IDENT(r0, 0x84, 0x16, &(0x7f0000000000)=ANY=[@ANYBLOB="4200000031860100"], 0x8) [ 415.586678] should_failslab+0x124/0x180 [ 415.586696] __kmalloc+0x2c8/0x760 [ 415.626927] ? __lock_acquire+0x7f5/0x5130 [ 415.631203] ? mark_held_locks+0xc9/0x160 [ 415.635355] ? constrain_params_by_rules+0x141/0x1360 [ 415.640556] constrain_params_by_rules+0x141/0x1360 [ 415.645588] ? snd_pcm_mmap_control_fault+0x3e0/0x3e0 [ 415.650790] ? lock_downgrade+0x8e0/0x8e0 [ 415.654945] ? kasan_check_read+0x11/0x20 [ 415.659091] ? rcu_is_watching+0x85/0x140 [ 415.663246] ? rcu_bh_force_quiescent_state+0x20/0x20 2018/04/06 11:41:38 executing program 5: capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)={0x0, 0x0, 0x0, 0x0, 0x40}) msgget(0x2, 0x58) [ 415.668441] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 415.673645] ? is_bpf_text_address+0xd7/0x170 [ 415.678144] ? kernel_text_address+0x79/0xf0 [ 415.682558] ? __unwind_start+0x166/0x330 [ 415.686709] ? __kernel_text_address+0xd/0x40 [ 415.691215] ? unwind_get_return_address+0x61/0xa0 [ 415.696150] ? __save_stack_trace+0x7e/0xd0 [ 415.700479] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 415.706023] ? snd_interval_refine+0x428/0x700 [ 415.710612] snd_pcm_hw_refine+0x8e9/0x1180 [ 415.714944] ? constrain_params_by_rules+0x1360/0x1360 [ 415.720221] ? snd_pcm_oss_change_params+0x80/0xe0 [ 415.725154] ? snd_pcm_oss_make_ready+0xbe/0x170 [ 415.729911] ? snd_pcm_oss_sync.isra.29+0x27f/0x980 [ 415.734929] ? snd_pcm_oss_release+0x214/0x290 [ 415.739517] ? __fput+0x34d/0x890 [ 415.742976] ? ____fput+0x15/0x20 [ 415.746428] ? task_work_run+0x1e4/0x290 [ 415.750496] ? exit_to_usermode_loop+0x2bd/0x310 [ 415.755255] ? do_syscall_64+0x792/0x9d0 [ 415.759315] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 415.764669] ? do_raw_spin_unlock+0x9e/0x2e0 [ 415.769062] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 415.773632] ? print_usage_bug+0xc0/0xc0 [ 415.777680] ? kasan_check_write+0x14/0x20 [ 415.781897] ? do_raw_spin_lock+0xc1/0x200 [ 415.786114] ? trace_hardirqs_off+0xd/0x10 [ 415.790333] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 415.795422] ? debug_check_no_obj_freed+0x2ff/0x584 [ 415.800430] ? mark_held_locks+0xc9/0x160 [ 415.804559] ? quarantine_put+0xeb/0x190 [ 415.808610] snd_pcm_hw_param_first+0x30e/0x680 [ 415.813268] snd_pcm_hw_param_near.constprop.35+0x6e2/0xb10 [ 415.818965] ? _snd_pcm_hw_param_min+0x570/0x570 [ 415.823705] ? snd_pcm_hw_param_max+0x730/0x730 [ 415.828359] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 415.833532] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 415.839049] ? snd_pcm_plug_slave_size+0x1d0/0x350 [ 415.843961] snd_pcm_oss_change_params_locked+0x1b46/0x3ce0 [ 415.849665] ? snd_pcm_hw_param_near.constprop.35+0xb10/0xb10 [ 415.855535] ? debug_check_no_locks_freed+0x310/0x310 [ 415.860716] ? debug_check_no_locks_freed+0x310/0x310 [ 415.865891] ? check_same_owner+0x320/0x320 [ 415.870195] ? find_held_lock+0x36/0x1c0 [ 415.874241] ? graph_lock+0x170/0x170 [ 415.878031] ? lock_downgrade+0x8e0/0x8e0 [ 415.882159] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 415.887685] ? do_lock_file_wait.part.32+0x240/0x240 [ 415.892776] snd_pcm_oss_change_params+0x80/0xe0 [ 415.897517] snd_pcm_oss_make_ready+0xbe/0x170 [ 415.902084] snd_pcm_oss_sync.isra.29+0x27f/0x980 [ 415.906911] ? snd_pcm_oss_sync1+0x5a0/0x5a0 [ 415.911302] ? fsnotify_first_mark+0x330/0x330 [ 415.915868] snd_pcm_oss_release+0x214/0x290 [ 415.920260] ? snd_pcm_oss_sync.isra.29+0x980/0x980 [ 415.925258] __fput+0x34d/0x890 [ 415.928524] ? fput+0x1a0/0x1a0 [ 415.931788] ? _raw_spin_unlock_irq+0x27/0x70 [ 415.936267] ____fput+0x15/0x20 [ 415.939532] task_work_run+0x1e4/0x290 [ 415.943402] ? task_work_cancel+0x240/0x240 [ 415.947710] ? exit_to_usermode_loop+0x87/0x310 [ 415.952365] exit_to_usermode_loop+0x2bd/0x310 [ 415.956929] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 415.961759] do_syscall_64+0x792/0x9d0 [ 415.965626] ? vmalloc_sync_all+0x30/0x30 [ 415.969756] ? _raw_spin_unlock_irq+0x27/0x70 [ 415.974232] ? finish_task_switch+0x1ca/0x820 [ 415.978713] ? syscall_return_slowpath+0x5c0/0x5c0 [ 415.983625] ? syscall_return_slowpath+0x30f/0x5c0 [ 415.988536] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 415.993883] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 415.998715] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 416.003883] RIP: 0033:0x4552d9 [ 416.007051] RSP: 002b:00007ff8a6ac2c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000003 [ 416.014741] RAX: 0000000000000000 RBX: 00007ff8a6ac36d4 RCX: 00000000004552d9 2018/04/06 11:41:38 executing program 5: capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r0, 0xc0605345, &(0x7f0000000040)={0x7851, 0x1, {0x2, 0x1, 0xf61a, 0x3, 0x1}}) msgget(0x2, 0x58) 2018/04/06 11:41:38 executing program 6: socket$inet_udp(0x2, 0x2, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000095bffc)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) sendto$inet(r1, &(0x7f0000762fff), 0xfdc7, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001, [0xd778]}, 0x10) [ 416.021994] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000013 [ 416.029245] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 416.036496] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014 [ 416.043744] R13: 0000000000000052 R14: 00000000006f3850 R15: 000000000000000e 2018/04/06 11:41:38 executing program 7: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000180)='/dev/hwrng\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000080)="baa100b000eef36cba2100ec66b9800000c00f326635001000000f30bad104ecc80080d267d9f8f30f1bb429000f20c06635200000000f22c067f3af", 0x3c}], 0x1, 0x0, &(0x7f0000000100), 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_SET_DEBUGREGS(0xffffffffffffffff, 0x4080aea2, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0x5004], 0x0, 0x62}) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f00000001c0)) ioctl$KVM_SET_SIGNAL_MASK(r2, 0x4004ae8b, &(0x7f0000000040)={0x10, "b82d586835e4c06b45027190fb1656f6"}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_RUN(r3, 0xae80, 0x0) 2018/04/06 11:41:38 executing program 2: open(&(0x7f0000000000)='./bus\x00', 0x100000141842, 0x0) r0 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) syz_mount_image$hfs(&(0x7f0000001780)='hfs\x00', &(0x7f0000000100)='./bus\x00', 0x0, 0xccf, &(0x7f0000001a40)=[{&(0x7f0000001c00)="c3109cfc6f65b837063b7bbc3d4a7d202d2b9984a215c7b7bd25480c1babe9aadb78e3c53ec529cb288497a5ff7386ab50bc1a8c89", 0x0, 0x401}, {&(0x7f0000001800)="2ddea5d98171285eddea030c82c3ebbbe9ef0086979c4d89f51697a723698cc79f113fca18d8ec8bb4942cb405ffaeeeafc6b09a0aa44324f534c9b7f57352f0c6be30573567dee6adbbdffa5bc32a5b00201e68181092887cf576f0703f060812cd5047561a4c92d2fe195c21c60625c482c212ec431a19596ad1012108999bc75ae3480f0e76a36376ac63a8", 0x0, 0x5}, {&(0x7f00000018c0)="c5530d8833354b18ef6baebf606c24f24d221ae3c07931be7198141ec53fd728927e5f00e021449a33baca2a22cf99667bb62ad1c43215e3f08aaced4246a353f263c0b7595b47c7a50af4436c372f265f8434d31934351c965767c877bce2ca431539e8a01395cb17c6c5e7c94ccf3bafb07d8b5e8c8a7c931e0d769db9d35a00cb5aa0044e6a6a561fd1afe1", 0x0, 0x5}, {&(0x7f0000001ac0)="a6c3452050343eb065584cf53ea65ae330a5f6fabf78091e23a81fecb3775e4b4b863ad23c978b4d06569e6a36869f4d6ab49a561ec1407526f64751bf75483fb2755e3dd399f154e42b71bf2ba4b06f84d08c82013cccce8d83cc8522875560acd751f4f33688881c070e6ef463499ee9e91f792ae72561196b6ba9dc495e6762dbb6f5c913a4aeab57f7ff1fec996193598848aca0c65638fffb8af2141e66a90fe4ae167772c4c599843c560c877e454fdb686a3b7df3bc64de67f0ab300a68bb0beb5a6e2c52ef9e161399bf3a9939b04d804247cd6b3c9682eaf9ba0fdf8721b778b0f8e7905b17a1210b17ce35b1fb4f78497d438165b2019a31462ffaad8347218795323dd876bfaa1f6f7eec0187f0b9e41c54ba73230f635b3f4c2fd658e725afc3135bbb160347c72457a5da34344443b7f7c8ab479f9e63", 0x0, 0x7}], 0x10000, &(0x7f0000000780)=ANY=[]) ioctl$LOOP_SET_CAPACITY(r0, 0x4c07) write$cgroup_pid(r0, &(0x7f0000000040)={[0x0]}, 0x1) write$cgroup_pid(r0, &(0x7f0000000180), 0x1d2) 2018/04/06 11:41:38 executing program 0: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) r0 = syz_open_dev$dmmidi(&(0x7f0000000400)='/dev/dmmidi#\x00', 0x9, 0x40000) mount(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='cgroup2\x00', 0x0, 0x0) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000180)='/dev/hwrng\x00', 0x1, 0x0) signalfd(r1, &(0x7f00000002c0)={0x534c}, 0x8) r2 = open$dir(&(0x7f000001bff4)='./file0\x00', 0x0, 0x0) mq_unlink(&(0x7f0000000240)='\x00') getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000600)={0x0, 0x10, &(0x7f00000005c0)=[@in={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0xc}}]}, &(0x7f0000000640)=0x10) setsockopt$inet_sctp6_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f00000016c0)={r3}, 0x8) getdents(r2, &(0x7f0000000100)=""/65, 0x41) openat$ipvs(0xffffffffffffff9c, &(0x7f0000000440)='/proc/sys/net/ipv4/vs/nat_icmp_send\x00', 0x2, 0x0) utimensat(r2, &(0x7f0000000280)='./file0\x00', &(0x7f0000000340)={{0x0, 0x2710}}, 0x0) ioctl$KVM_SET_BOOT_CPU_ID(r1, 0xae78, &(0x7f00000004c0)=0x2) ioctl$TIOCGSID(r0, 0x5429, &(0x7f0000000480)) lookup_dcookie(0x4, &(0x7f0000002740)=""/128, 0x80) sendmsg$kcm(r2, &(0x7f00000000c0)={&(0x7f0000000000)=@nfc_llcp={0x27, 0x1, 0x1, 0x5, 0x1, 0xe87, "9839baf022ef1a5ec47369a7a0f24a6441db9827a60c84dafc9627663de1dc04d515ec0b733352298c5ed35b0a7f69ac6c23985f1a2fde1e148321bf3e42a9", 0xb}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000080)="fbf37132e3b565a320b0a6a5836dfcfe853ecb6da3091af86b39fc7a897e8aacfe2c", 0x22}, {&(0x7f0000000500)="c79dabfde2b5e798b8cf3c38a266082e3a05d9cbd5345c173e585adef8dfd1e5f21200ab408806bf30a5f558f1e33fe3c83503ecc05eedbaf2881d953d7259aac283e5a78fbe6399e957fb79a60b50c19f885865f7b316a8ff5668da41a7a35213a921042cbd186ab96e372e83bfdf43e1d9266a64fc86c4367b4d7ac9d3d34b3460df5a76d08d7b1012050671621a9d8ae134", 0x93}, {&(0x7f0000000680)="63d2b71ba54b8874d278f9e9f35dd418280a2ae925f0bfe15e8c5a8ade2e0bae7171452ddbd2f4b19be6cbc40be45c9f0f8c1023aa82b76916977c51b178025fbeaa86053c212b78558abeab052d49fddcd6067207e2c0e0ab219819781d78118006d57a23aae77f3c9e705d095b40b7b79370cad784d09e32365227cedcb8f6fc91757b185cf5b3237a9c74e4afad882d66a34031fbbecaa01861d69a3f41eff9177d72feda812640f34957a0fb556706503673a9b1afcf0500cbbbecd5de94c7090d762a9d7397a5258f90b570c22841480c34870b677ab8d52ee5ccebd856571e054fba26e92205aa192b8f0c13e5ea7cd9f4a27667b8279ec95d29f5cc42dd5876aa29fb9eea88739596cfb08f5f2adaa9eb67503fbfaf617c0c9de3d868e0c6b627ccdad757992dc8932c45363ae8764a1103102e0bf0f441a9bdebb54191218cbb6432897799bc8cd44295b7e527f4ae72c59a0ee56adda854e97886f3c060bcae02c6455aca021d11bf836d39b0085f3a72d6c18f7f93074b9fb0fe93ca60b474f7959d3b58a06e80ab8ebcfcd7d5b7e0df14e3baea9ec8173db782f8bd8d45fdb601883adab21d6848fd5ade7ada4b851a2560ab06c097ddde6bb0d3597e673901f6b290d1aee4de1c0d6b7cf107b2427b02502023fca38f8b6958795029bdfe9801d7bc7fca23f1fc01da4665e1f39427daa14772cbd3ae83ec37a7f524abcb6004c6612d83d0855f1754968a76743ae2dfc8b68b861cccd90341ef8fe056e1d8f4ec76476dcf5897679fe09f8803545af41773402774b7df0bb8e90166adb0fef252713d0370e35c224b58412edcc0975a199097cc1881dfb90a1bb8df0f54be4e0fe05e63c79bb2be90aefeea4ae19ec1a7a4e6248cfb3fcb31dfaaf6363b0d66885d764a57132ffb4f0e1fda845ef7affeb3d2d4f11ff9aeed7ba75edaf3010b8c3945a94acd4487b45fcfc4004ddf77e2345b72cc9685c10fdbe550546e3001a59d4a771ea0381f226867c9493ebed295e4c724d6b2bbd503680d6782ca9f71b6749ac070873e38f286e0f369eefa57cb77d4e1a1be303ef0d45de253f16ea900e13bbc2373aad8543ef72c98557c0fd4cc62f93fbd5a3dab1c9f98ec9ed755776edc1a17d13c9c2b83379b15dded3f6fa44c76539b4470bdf6fea4d7bd7b43171d1e595204c4f2f1a365db5b4f2766ab7a0f066199d9296529b0b7d906bb3544a2032d63e7316f1835f561ca77a4fe0dbf42da70647f8b267074b51117bc761841d1afb7b94176051a55f4083a4b3c717851b8f414fee53ce02fab96e9908126986f5fa934b4b094156f55d0a08e10f1f717edfd3445ca7b75c08b72021425d1ac3678838b19f3fabfe4448bc645f191243051c3be5037b2ecc81b3e41d45b0eed8535a5814077d2db3ec54761de832ba01363d8ad3ec130af1426f120f08391a52af249eabb8b1c6baea8686e17cf5407a2d29901de5aacadbd5e669a4b2fa0a67a46d75bcac5ba9d2351da67a028769b6a7fa9a23a95157cacf59aaedec4fbee6f6f674f9c1fb623d8f139fe981c8a89e9f107d6f0fc9ae6c711a6bb54edc7d8fee08bc0b12ebff09f25f2bbe684ebcf281ff93dea725fa8154c43a36c9075552c113208cc1e6bc5f878096b0bd4ea5869466797c4fa5f068002a5062d9eaeaf7cc19b50374a3e7e0f0c6b2d44aa11be6588e089edbecb4cf57faa8fee9df14f5ade89b0f2d6797a5f0a6d11c3bbc9b8d0c374c3564ad2a5b61b7f992dce4e086e8764f2b99f45d1c74d7936f0d20fe0c277559f302ef3793918b9496d6bbd714a5e301c35f320ff731573d197d2b7ec18f688cfabca6601bb03179970bc6c9e7ec172d22000c21377069d246ce01468cb51f89231cd2ec804a51c7ad8569c105cda07e8db2c1cf67015e39405aa3cd0d0102d988e8df313062ce3a8a898fec5460c64b1ae453a9113606623ca29b92ad23d9de5fd5d4a5f888cc3c9105df2c8ea40f136d916f696442b2930e2db35c1cb80ad77788a156a6ad03585af23f108b1bc4a2c89b59dc5e1db52cc6dd818beb5dd5b757a9d74ef36e8122762884d14ebc96f12f806f4c1adc0f74e8dfc5c3329cb43093b1947ee2f71222988dcfd9b68887cb6395c65289abe55cad59e46a0c0629c63d8f680757c5e360ab7176b7f406bab0a4fc44462cf0ab947595e62d45f489276e6b068e08be61888f7697eed659b82a2c2a68a4a4546ca5d8a02e19cef417fc30ad2ed8b2eb547717f7acd999e71d3390a03a96c8d4c07fafe04f7b074348845a90bdc311c6135d317965067c319fae924aaf8a2bc6e9afa77fc9fa198e00d430c5af2f7f079fab2526bd03470a99968abb7fa6eb162f464f186f85c4794e22bccef92a28cded908f5ddcaa43133d04a962eaeed5ba4cfcda139acdaf9b9923b28239c65d78896a7ba35b1179e409d0da4398d131428a3f8ab4e587534e5065a8557ae0a0df06363df035189445cd31028a6de406639dd2efe723466e2cf1f40b09862e62b40c58268834dc3625cb3d4ad16759081e78b7ab5c8d5d00721f498c91b1039e27999a7e54badbdb3e9f8854d5f2ac7ebf8f7dc44c0224fb1da5fd9ed954c4166c5dff72bd90a4f24543439634fa3b5d9a8ec38448e5b9010f3100368fe7ce28546967466bb76410ea550bd39c90b4f478f33cda6ce83685e4ce8a5b38aacb3a6d4070bb7e49a1e620bb22e43cf6d69fe8e9d679266d49b86693cca36d980ff13cdddccbb8e9754364f7cbd58e9e502b86f72dfb231ae9ab55fcc5ed78a42b4193e4c7766a0fff3e75e6b408062b5b0c53dab61d1745f83553c269a6aee9815a0d7f2b4559e1642b5251cdf707beef2353721453e15c41d0af1d34b9a3d1049119cbe8c51ef7be6222cfba9f64d5e44c17d0d325b814103a0bed22d712105ab78940eee0302ddc1997633ed9fbdddbef9d9c827a4427ed688f6f2339e954e5a380d227fb8415c8ad82d90983552bde6ffbb8fb596727acbb2c1b70d30e3c420130fb3a34faf0e9cfbbbfd5fc7ac614ced3e8eefd2c98fd58aa11c376da1aa96355f172a3725bce904e0eeab4c3ed5f2fa7031920d98818a60e2cebc01315b9c1f46001de26000720d59a347cedf460d4c1bc8dbd1b23e0c88bf9425c9341b0164ee438a76029971b3af48f008d02cff23b439c473064298d3f4a2789b735aa629bfeffecda1a9cf2ceea4d252655d4978943ce43b4efa5ed69851e9ce031e7ad00f40162308baf651da3c6a7a482b6cede06a60c5feca75a0b56824cd93b235cc5825c7670c98e0443dcb7667ff351ad41c8cba3d5c7812a7a0d0b8454dc7ebaf5c3ca82af6ccc3335c071ad97dd5b493163c20f2eca83e5af86e40319838e826c53ef839e435dc2866956524a57446079f8a696c258015bdf054c67bd7e543c686e6733b7f8642be822669979869958e2d3b5beb5a746dc363badb40987f3bb7d9675c6c18e8a6de941b310ca4e634450b7e45ac3ef010651d5c0b454bc1cb54e28f2e9647f44cb1d87ccdefd584629197bcea59fa6bf7bd9c55fc7ab584d2d42bbff0a90e24a5a38623e64709dd5935c7278265a13d2f3969b9daabd26570165661f773d3a231ad5356aad2b405d6ea43eef348d1a36f551d3813f4bdfd45ab3a58d001c5f1b1d30cf5e9878344777378baf63cc78fee1d6bd83565ff15d6f2c7d1e258549f2e38c47f41343440fc23d0a17bbdef14d6b507a8a258eac6e65052a28d106dd3cb6b56a2658e8fdcfa6633f89a797ae7d59afa9307872a51ecda168e8e6c49e6198bf1ddf3835895de1d8eae8ab6b9560f39b1b5c5fee5f2a2a3b1adf39d47e44c9b53fbef2dfe7f7ff7478ffecfe6e49a6796a24c15d1c5fa44f8afcef4badaeccc637d24b7a697ae09e2d262f7261d7fedcd10ea6f996bbac1a9c2f30f16e370d8ac47a13a50a77e4305bdcd892a99848771422417a3a5fc9f35e509e365144a89dcb088baf1e0b18cde3132aab1df2bf0427820dfeeb56ac52ece65f6e243571e9d0e41e321bc20f9e4fecbd6435dc4a67684905ce12a6e3763778798e697bbddc23d2a9ac2498e6a2eab0c3053b376c68aad4e4452af110b63e7c58378e565b0f17122eb8457b4c7bab3678bdbe27380d37a6ff941c5a9538cfb5fa6125b2c126671fa07bd44250967d1cbeae45c8eb95caa22414b44453b5936d980827c8a6c40cb8f42d49986b8dfd19fe046853f4509942d8866e7a544363fc8e204c30c00fdfcc6f18918cc99cf621bf374cf98dc212af8fb9ce95d35ef560de17e69dc011437a782d82ffae7fc05ad4e8384a7d392878839b98b5f58ab622ae571d07819a3a34fc9fed7ea081e7a9247d4767967e5e7f5d37cbd34941b0dc87a9ffe90036d1068f5645046028119275f61d901f3739989f667f4904bb9d5a8dafae8014ac95ccc9a3a3b5f355ee5dc29d615d025969de8fd003360e4cb251ee0d38561c91d3480024a299a55fa56309627e73b83e80466e0e8c902ee1f8ab42d7d8cb67f76bc01f33db938220d83382735007897eb9bd6fa1c9336ecda49292089139452399ede5682476715dcd4f4c89458329114e3247a09bae9d95a6de10cb311f095e76f22bc64614ed93cd0b843cad95e07940483f04376f2e3275dce65da8e5b89b915ad51917b07ece47a0cc7388ea38db6d9368c757bd3ac94f0a2f533d01ffbcf82b587b83983a6e7a93111ca0c370ebbefb9218ef81be3b7ec6f4c22c043dde40a9f9c6a2bc617677d05ef981eec5e13578002611e12efc475283e43d1b1ad3b15d4d99ee6379609865ed2737f6f738ded736f3f36da951b68c9423d219facd51e57dadeb1bf3f16fecfd0bffe75a4423d146eb8b4eec8235f4c12da7e06d89129e8879d09c3e7edeb61f78b41332c040719e31dabf09c99951b1ebef1de3ad416369843abfd6498e67a7dd3ffda1eff88e230069353cafda1586daefa08230337cea8d1bd81a48cc2f8bcef2691c410576863820eb4dad59c76cb9ef6ecc4788f0b4034687f5ab4f348b3c16848b834dc56f895d6b66023bdfa8f44c3fae459461c0a25fb33b37d34d0e87b7216298ffc0a1b6e5e7db9e5b08b36d4d60d340a81e142395b91ea46d3dfe41cbb9c6407dd053c86c860b66e745f8459741f0195bbd958315c060ef572c3acc2eaa54435c44f8d65fd3fe2f9346ccfa3eb981316ddb672462a3ef810adb09db8b7898594cbf2d3971346da4cdf796fcf5002e2b4aa3378bfffb76fe24bbfaeecdc717a721a20507b2d557dbc95c55ce08c8cfd88d0a1531e7ce14f8176bff2338e1674d7bd1336cca38fc98ab7c64d0235c9f753808b2d5aa0e94e212e388055e97df1286917b772d3aca12e40f07549a5a60781114aa51dbb30c25d0dc3accc178dd75f4f8928d36b5559a3de13d2c655bb81561233d940fcec933517858fe776540fc77ec025c50fd48d205f4183fa6c08fd98b2b96f7cbc38ba899ef3550f32dea1398e7224b92b3eb9481438ba7278455679b52e97b78db444317b3c9813fc02d6dacb474ed304089bff9768f67de1e574c6ea4b07c7e8a4278b2b4536dcdbfa5403cffe456a620ef6e57ffad25dfc946d8f34675dfe5e2aad5852cf128dbbaf163a34ac9496d1ef7ce40a8902809d8aad8f46f4be37b3c45e031a6838db50ff1aeafc3fe08af911fcb74bb8fd13d23bec932f97f2e88be2a6c85a87864c78d90b3567ee43e248690dae6e4013fe5bc20f1b10f1b4c035bb998c90387bb77dd1aa0e9bf567510d57", 0x1000}], 0x3, &(0x7f0000001700), 0x0, 0x4080}, 0x40000) rt_sigsuspend(&(0x7f0000000200)={0x1}, 0x8) 2018/04/06 11:41:38 executing program 5: capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) [ 416.347988] FAULT_FLAG_ALLOW_RETRY missing 30 [ 416.352680] CPU: 0 PID: 25761 Comm: syz-executor3 Not tainted 4.16.0+ #3 [ 416.359517] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 416.368852] Call Trace: [ 416.371428] dump_stack+0x1b9/0x294 [ 416.375046] ? dump_stack_print_info.cold.2+0x52/0x52 [ 416.380226] ? kasan_check_write+0x14/0x20 [ 416.384447] ? do_raw_spin_lock+0xc1/0x200 [ 416.388669] handle_userfault.cold.32+0x44/0x57 [ 416.393321] ? handle_userfault+0x16c6/0x2760 [ 416.397804] ? userfaultfd_ioctl+0x4d10/0x4d10 [ 416.402368] ? debug_check_no_locks_freed+0x310/0x310 [ 416.407543] ? rb_erase+0x3530/0x3530 [ 416.411331] ? print_usage_bug+0xc0/0xc0 [ 416.415375] ? match_held_lock+0x801/0x8b0 [ 416.419591] ? print_usage_bug+0xc0/0xc0 [ 416.423636] ? print_usage_bug+0xc0/0xc0 [ 416.427679] ? lock_downgrade+0x8e0/0x8e0 [ 416.431808] ? lock_downgrade+0x8e0/0x8e0 [ 416.435943] ? __lock_acquire+0x7f5/0x5130 [ 416.440168] ? graph_lock+0x170/0x170 [ 416.443957] ? debug_check_no_locks_freed+0x310/0x310 [ 416.449129] ? find_held_lock+0x36/0x1c0 [ 416.453180] ? lock_downgrade+0x8e0/0x8e0 [ 416.457316] ? kasan_check_read+0x11/0x20 [ 416.461444] ? do_raw_spin_unlock+0x9e/0x2e0 [ 416.465834] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 416.470399] ? kasan_check_write+0x14/0x20 [ 416.474617] ? do_raw_spin_lock+0xc1/0x200 [ 416.478838] __handle_mm_fault+0x34be/0x4150 [ 416.483238] ? vm_insert_mixed_mkwrite+0x40/0x40 [ 416.487974] ? graph_lock+0x170/0x170 [ 416.491759] ? find_held_lock+0x36/0x1c0 [ 416.495806] ? lock_downgrade+0x8e0/0x8e0 [ 416.499941] ? handle_mm_fault+0x8c0/0xc70 [ 416.504164] handle_mm_fault+0x53a/0xc70 [ 416.508208] ? __handle_mm_fault+0x4150/0x4150 [ 416.512776] ? find_vma+0x34/0x190 [ 416.516302] __do_page_fault+0x60b/0xe40 [ 416.520350] ? mm_fault_error+0x380/0x380 [ 416.524481] ? __schedule+0x80f/0x1e40 [ 416.528352] ? graph_lock+0x170/0x170 [ 416.532138] do_page_fault+0xee/0x8a7 [ 416.535922] ? vmalloc_sync_all+0x30/0x30 [ 416.540053] ? find_held_lock+0x36/0x1c0 [ 416.544104] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 416.548933] page_fault+0x25/0x50 [ 416.552369] RIP: 0010:copy_user_generic_unrolled+0x86/0xc0 [ 416.557968] RSP: 0018:ffff88018c217ce8 EFLAGS: 00010206 [ 416.563314] RAX: ffffed0031842fae RBX: 0000000000000018 RCX: 0000000000000003 [ 416.570565] RDX: 0000000000000000 RSI: 0000000020013000 RDI: ffff88018c217d58 [ 416.577812] RBP: ffff88018c217d20 R08: ffffed0031842fae R09: ffffed0031842fab [ 416.585061] R10: ffffed0031842fad R11: ffff88018c217d6f R12: 0000000020013018 [ 416.592312] R13: 0000000020013000 R14: ffff88018c217d58 R15: 00007ffffffff000 [ 416.600028] ? _copy_from_user+0x10d/0x150 [ 416.604251] SyS_sigaltstack+0xae/0x320 [ 416.608208] ? do_sigaction+0xa50/0xa50 [ 416.612168] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 416.617687] ? exit_to_usermode_loop+0x1ef/0x310 [ 416.622426] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 416.627254] ? ksys_ioctl+0x81/0xd0 [ 416.630863] ? do_syscall_64+0xb7/0x9d0 [ 416.634822] ? do_sigaction+0xa50/0xa50 [ 416.638781] do_syscall_64+0x29e/0x9d0 [ 416.642651] ? vmalloc_sync_all+0x30/0x30 [ 416.646786] ? _raw_spin_unlock_irq+0x27/0x70 [ 416.651264] ? finish_task_switch+0x1ca/0x820 [ 416.655743] ? syscall_return_slowpath+0x5c0/0x5c0 [ 416.660654] ? syscall_return_slowpath+0x30f/0x5c0 [ 416.665569] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 416.670916] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 416.675742] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 416.680911] RIP: 0033:0x4552d9 [ 416.684081] RSP: 002b:00007ff15ecfec68 EFLAGS: 00000246 ORIG_RAX: 0000000000000083 [ 416.691772] RAX: ffffffffffffffda RBX: 00007ff15ecff6d4 RCX: 00000000004552d9 [ 416.699027] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000020013000 [ 416.706275] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 416.713524] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 416.720773] R13: 0000000000000608 R14: 00000000006fc160 R15: 0000000000000000 [ 416.866885] FAULT_FLAG_ALLOW_RETRY missing 30 [ 416.871518] CPU: 0 PID: 25823 Comm: syz-executor3 Not tainted 4.16.0+ #3 [ 416.878347] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 416.887679] Call Trace: [ 416.890264] dump_stack+0x1b9/0x294 [ 416.893884] ? dump_stack_print_info.cold.2+0x52/0x52 [ 416.899058] ? kasan_check_write+0x14/0x20 [ 416.903284] ? do_raw_spin_lock+0xc1/0x200 [ 416.907513] handle_userfault.cold.32+0x44/0x57 [ 416.912164] ? handle_userfault+0x16c6/0x2760 [ 416.916642] ? userfaultfd_ioctl+0x4d10/0x4d10 [ 416.921205] ? debug_check_no_locks_freed+0x310/0x310 [ 416.926377] ? find_held_lock+0x36/0x1c0 [ 416.930421] ? print_usage_bug+0xc0/0xc0 [ 416.934463] ? print_usage_bug+0xc0/0xc0 [ 416.938516] ? kasan_check_read+0x11/0x20 [ 416.942653] ? check_same_owner+0x320/0x320 [ 416.946959] ? do_raw_spin_unlock+0x9e/0x2e0 [ 416.951351] ? __lock_acquire+0x7f5/0x5130 [ 416.955571] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 416.961089] ? graph_lock+0x170/0x170 [ 416.964878] ? debug_check_no_locks_freed+0x310/0x310 [ 416.970053] ? find_held_lock+0x36/0x1c0 [ 416.974103] ? lock_downgrade+0x8e0/0x8e0 [ 416.978256] ? kasan_check_read+0x11/0x20 [ 416.982392] ? do_raw_spin_unlock+0x9e/0x2e0 [ 416.986779] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 416.991341] ? kasan_check_write+0x14/0x20 [ 416.995562] ? do_raw_spin_lock+0xc1/0x200 [ 416.999778] __handle_mm_fault+0x34be/0x4150 [ 417.004167] ? vm_insert_mixed_mkwrite+0x40/0x40 [ 417.008903] ? graph_lock+0x170/0x170 [ 417.012682] ? graph_lock+0x170/0x170 [ 417.016474] ? find_held_lock+0x36/0x1c0 [ 417.020518] ? lock_downgrade+0x8e0/0x8e0 [ 417.024650] ? handle_mm_fault+0x8c0/0xc70 [ 417.028866] handle_mm_fault+0x53a/0xc70 [ 417.032912] ? __handle_mm_fault+0x4150/0x4150 [ 417.037478] ? find_vma+0x34/0x190 [ 417.041001] __do_page_fault+0x60b/0xe40 [ 417.045054] ? mm_fault_error+0x380/0x380 [ 417.049186] ? graph_lock+0x170/0x170 [ 417.052971] do_page_fault+0xee/0x8a7 [ 417.056764] ? vmalloc_sync_all+0x30/0x30 [ 417.060899] ? __fget+0x40c/0x650 [ 417.064334] ? find_held_lock+0x36/0x1c0 [ 417.068385] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 417.073212] page_fault+0x25/0x50 [ 417.076645] RIP: 0010:copy_user_generic_unrolled+0x86/0xc0 [ 417.082243] RSP: 0018:ffff88018b5e7ce8 EFLAGS: 00010206 [ 417.087586] RAX: ffffed00316bcfae RBX: 0000000000000018 RCX: 0000000000000003 [ 417.094839] RDX: 0000000000000000 RSI: 0000000020013000 RDI: ffff88018b5e7d58 [ 417.102093] RBP: ffff88018b5e7d20 R08: ffffed00316bcfae R09: ffffed00316bcfab [ 417.109342] R10: ffffed00316bcfad R11: ffff88018b5e7d6f R12: 0000000020013018 [ 417.116594] R13: 0000000020013000 R14: ffff88018b5e7d58 R15: 00007ffffffff000 [ 417.123860] ? _copy_from_user+0x10d/0x150 [ 417.128077] SyS_sigaltstack+0xae/0x320 [ 417.132044] ? do_sigaction+0xa50/0xa50 [ 417.136005] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 417.141530] ? fput+0x130/0x1a0 [ 417.144797] ? ksys_ioctl+0x81/0xd0 [ 417.148413] ? do_syscall_64+0xb7/0x9d0 [ 417.152369] ? do_sigaction+0xa50/0xa50 [ 417.156324] do_syscall_64+0x29e/0x9d0 [ 417.160195] ? _raw_spin_unlock_irq+0x27/0x70 [ 417.164671] ? finish_task_switch+0x1ca/0x820 [ 417.169150] ? syscall_return_slowpath+0x5c0/0x5c0 [ 417.174058] ? syscall_return_slowpath+0x30f/0x5c0 [ 417.178981] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 417.184334] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 417.189180] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 417.194366] RIP: 0033:0x4552d9 [ 417.197544] RSP: 002b:00007ff15ecbcc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000083 [ 417.205234] RAX: ffffffffffffffda RBX: 00007ff15ecbd6d4 RCX: 00000000004552d9 2018/04/06 11:41:39 executing program 4 (fault-call:5 fault-nth:15): r0 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000200)={r1}, &(0x7f00000000c0)=0x8) close(r0) setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040), 0x4) perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$rdma_cm(0xffffffffffffffff, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080), 0x2}}, 0xfffffe84) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000002c0)={0x0, {{0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, [], 0x19}, 0x6c}}, {{0xa, 0x4e20, 0x0, @remote={0xfe, 0x80, [], 0xbb}}}}, 0x108) 2018/04/06 11:41:39 executing program 1: r0 = socket(0x0, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) r1 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x52, r1, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000000200)={0x0, 0x4c, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30445cc3106098c1375dee48494f9360a6dceec8517e"}, &(0x7f00000000c0)=0x54) close(r1) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$alg(0x26, 0x5, 0x0) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000640)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000140), &(0x7f0000000180)) close(r3) sendmmsg(0xffffffffffffffff, &(0x7f0000002280)=[{{&(0x7f00000006c0)=@pppoe={0x18, 0x0, {0x3, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, 'ip6tnl0\x00'}}, 0x80, &(0x7f0000000ec0)=[{&(0x7f0000000740)="964616d1dafb11d6d905ea33bd4eaea0dd04eb847bc0a1210ca9456143e31b8ce14caf4a0646bc639707d10aba3e652495977a7a6d3fc41ef6364c47c2266aa410a490f920f407161207ec5352e1ce6c3822d3a2ae063583609298790a58b73fccaac3665dd78ab4a15d4c12a996799f41dc79b9f3d57a627a7517cb0b51c0cecf43519f19db25073246fa0d8e29d209ee94372325d56aa5ae8d45", 0x9b}], 0x1, &(0x7f0000000f40)=[{0x30, 0x103, 0x918, "b9b0597d21d227c112b74fbadc29c742bca992f94f18f93f4a69"}], 0x30, 0x4045}, 0x610}], 0x1, 0x4001) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x13860b96, 0xa0000) fcntl$getownex(r2, 0x10, &(0x7f0000000680)) 2018/04/06 11:41:39 executing program 6: socket$inet_udp(0x2, 0x2, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000095bffc)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) sendto$inet(r1, &(0x7f0000762fff), 0xfdc7, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001, [0x974a]}, 0x10) 2018/04/06 11:41:39 executing program 5: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc\x00', 0x200, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x0, 0x43, 0xb, &(0x7f0000000040)="b5b3041f02c42d2d86a8aaf5e6e77e030244db126e5aeb2f5188ae07a9d885020b74c7ca1b4fe4209b83bf85aa4505b0896316aec61d54a9ca8bfe25d005d75c837790", &(0x7f00000000c0)=""/11, 0x200, 0x6}, 0x28) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10}, 0xc, &(0x7f0000000080)={&(0x7f0000000200)=@dellink={0x20, 0x11, 0x1}, 0x20}, 0x1}, 0x0) capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) 2018/04/06 11:41:39 executing program 2: open(&(0x7f0000000000)='./bus\x00', 0x100000141842, 0x0) r0 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) syz_mount_image$hfs(&(0x7f0000001780)='hfs\x00', &(0x7f0000000100)='./bus\x00', 0x0, 0xccf, &(0x7f0000001a40)=[{&(0x7f0000001c00)="c3109cfc6f65b837063b7bbc3d4a7d202d2b9984a215c7b7bd25480c1babe9aadb78e3c53ec529cb288497a5ff7386ab50bc1a8c89", 0x0, 0x401}, {&(0x7f0000001800)="2ddea5d98171285eddea030c82c3ebbbe9ef0086979c4d89f51697a723698cc79f113fca18d8ec8bb4942cb405ffaeeeafc6b09a0aa44324f534c9b7f57352f0c6be30573567dee6adbbdffa5bc32a5b00201e68181092887cf576f0703f060812cd5047561a4c92d2fe195c21c60625c482c212ec431a19596ad1012108999bc75ae3480f0e76a36376ac63a8", 0x0, 0x5}, {&(0x7f00000018c0)="c5530d8833354b18ef6baebf606c24f24d221ae3c07931be7198141ec53fd728927e5f00e021449a33baca2a22cf99667bb62ad1c43215e3f08aaced4246a353f263c0b7595b47c7a50af4436c372f265f8434d31934351c965767c877bce2ca431539e8a01395cb17c6c5e7c94ccf3bafb07d8b5e8c8a7c931e0d769db9d35a00cb5aa0044e6a6a561fd1afe1", 0x0, 0x5}, {&(0x7f0000001ac0)="a6c3452050343eb065584cf53ea65ae330a5f6fabf78091e23a81fecb3775e4b4b863ad23c978b4d06569e6a36869f4d6ab49a561ec1407526f64751bf75483fb2755e3dd399f154e42b71bf2ba4b06f84d08c82013cccce8d83cc8522875560acd751f4f33688881c070e6ef463499ee9e91f792ae72561196b6ba9dc495e6762dbb6f5c913a4aeab57f7ff1fec996193598848aca0c65638fffb8af2141e66a90fe4ae167772c4c599843c560c877e454fdb686a3b7df3bc64de67f0ab300a68bb0beb5a6e2c52ef9e161399bf3a9939b04d804247cd6b3c9682eaf9ba0fdf8721b778b0f8e7905b17a1210b17ce35b1fb4f78497d438165b2019a31462ffaad8347218795323dd876bfaa1f6f7eec0187f0b9e41c54ba73230f635b3f4c2fd658e725afc3135bbb160347c72457a5da34344443b7f7c8ab479f9e63", 0x0, 0x7}], 0x10000, &(0x7f0000000780)=ANY=[]) ioctl$LOOP_SET_CAPACITY(r0, 0x4c07) write$cgroup_pid(r0, &(0x7f0000000040)={[0x0]}, 0x1) write$cgroup_pid(r0, &(0x7f0000000180), 0x1d2) 2018/04/06 11:41:39 executing program 7: nanosleep(&(0x7f0000000180)={0x77359400}, &(0x7f00000001c0)) nanosleep(&(0x7f0000000100)={0x0, 0x1c9c380}, &(0x7f00005bfff0)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) mlock(&(0x7f0000066000/0x2000)=nil, 0x2000) shmat(0x0, &(0x7f00008a6000/0x2000)=nil, 0x4000) shmat(0x0, &(0x7f00009e2000/0x3000)=nil, 0x7000) shmat(0x0, &(0x7f0000ffd000/0x2000)=nil, 0x0) shmat(0xffffffffffffffff, &(0x7f0000088000/0x1000)=nil, 0x1000) shmat(0xffffffffffffffff, &(0x7f00009a2000/0x3000)=nil, 0x2000) shmat(0x0, &(0x7f00004cb000/0x1000)=nil, 0x2000) r0 = shmat(0xffffffffffffffff, &(0x7f0000ffa000/0x3000)=nil, 0x7000) shmdt(r0) 2018/04/06 11:41:39 executing program 3: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) fcntl$getownex(0xffffffffffffff9c, 0x10, &(0x7f0000000100)) getpid() fcntl$getown(0xffffffffffffff9c, 0x9) gettid() ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) getpgrp(r0) r1 = memfd_create(&(0x7f0000000080)='em1\x00', 0x2) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000200)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) sigaltstack(&(0x7f0000013000/0x1000)=nil, &(0x7f00000000c0)) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000258f88)) msgsnd(0x0, &(0x7f0000284ff8)={0x3}, 0x0, 0x0) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000240)={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000640)={'\x00', 0x0}) ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f0000000680)=r3) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000b40)={&(0x7f0000011000/0x4000)=nil, 0x4000}) io_setup(0x1000, &(0x7f0000000040)) io_submit(0x0, 0xb0e300, &(0x7f0000000000)) ioctl$VHOST_RESET_OWNER(r1, 0xaf02, 0x0) 2018/04/06 11:41:39 executing program 0: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) r0 = syz_open_dev$dmmidi(&(0x7f0000000400)='/dev/dmmidi#\x00', 0x9, 0x40000) mount(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='cgroup2\x00', 0x0, 0x0) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000180)='/dev/hwrng\x00', 0x1, 0x0) signalfd(r1, &(0x7f00000002c0)={0x534c}, 0x8) r2 = open$dir(&(0x7f000001bff4)='./file0\x00', 0x0, 0x0) mq_unlink(&(0x7f0000000240)='\x00') getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000600)={0x0, 0x10, &(0x7f00000005c0)=[@in={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0xc}}]}, &(0x7f0000000640)=0x10) setsockopt$inet_sctp6_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f00000016c0)={r3}, 0x8) getdents(r2, &(0x7f0000000100)=""/65, 0x41) openat$ipvs(0xffffffffffffff9c, &(0x7f0000000440)='/proc/sys/net/ipv4/vs/nat_icmp_send\x00', 0x2, 0x0) utimensat(r2, &(0x7f0000000280)='./file0\x00', &(0x7f0000000340)={{0x0, 0x2710}}, 0x0) ioctl$KVM_SET_BOOT_CPU_ID(r1, 0xae78, &(0x7f00000004c0)=0x2) ioctl$TIOCGSID(r0, 0x5429, &(0x7f0000000480)) lookup_dcookie(0x4, &(0x7f0000002740)=""/128, 0x80) sendmsg$kcm(r2, &(0x7f00000000c0)={&(0x7f0000000000)=@nfc_llcp={0x27, 0x1, 0x1, 0x5, 0x1, 0xe87, "9839baf022ef1a5ec47369a7a0f24a6441db9827a60c84dafc9627663de1dc04d515ec0b733352298c5ed35b0a7f69ac6c23985f1a2fde1e148321bf3e42a9", 0xb}, 0x80, &(0x7f0000001680)=[{&(0x7f0000000080)="fbf37132e3b565a320b0a6a5836dfcfe853ecb6da3091af86b39fc7a897e8aacfe2c", 0x22}, {&(0x7f0000000500)="c79dabfde2b5e798b8cf3c38a266082e3a05d9cbd5345c173e585adef8dfd1e5f21200ab408806bf30a5f558f1e33fe3c83503ecc05eedbaf2881d953d7259aac283e5a78fbe6399e957fb79a60b50c19f885865f7b316a8ff5668da41a7a35213a921042cbd186ab96e372e83bfdf43e1d9266a64fc86c4367b4d7ac9d3d34b3460df5a76d08d7b1012050671621a9d8ae134", 0x93}, {&(0x7f0000000680)="63d2b71ba54b8874d278f9e9f35dd418280a2ae925f0bfe15e8c5a8ade2e0bae7171452ddbd2f4b19be6cbc40be45c9f0f8c1023aa82b76916977c51b178025fbeaa86053c212b78558abeab052d49fddcd6067207e2c0e0ab219819781d78118006d57a23aae77f3c9e705d095b40b7b79370cad784d09e32365227cedcb8f6fc91757b185cf5b3237a9c74e4afad882d66a34031fbbecaa01861d69a3f41eff9177d72feda812640f34957a0fb556706503673a9b1afcf0500cbbbecd5de94c7090d762a9d7397a5258f90b570c22841480c34870b677ab8d52ee5ccebd856571e054fba26e92205aa192b8f0c13e5ea7cd9f4a27667b8279ec95d29f5cc42dd5876aa29fb9eea88739596cfb08f5f2adaa9eb67503fbfaf617c0c9de3d868e0c6b627ccdad757992dc8932c45363ae8764a1103102e0bf0f441a9bdebb54191218cbb6432897799bc8cd44295b7e527f4ae72c59a0ee56adda854e97886f3c060bcae02c6455aca021d11bf836d39b0085f3a72d6c18f7f93074b9fb0fe93ca60b474f7959d3b58a06e80ab8ebcfcd7d5b7e0df14e3baea9ec8173db782f8bd8d45fdb601883adab21d6848fd5ade7ada4b851a2560ab06c097ddde6bb0d3597e673901f6b290d1aee4de1c0d6b7cf107b2427b02502023fca38f8b6958795029bdfe9801d7bc7fca23f1fc01da4665e1f39427daa14772cbd3ae83ec37a7f524abcb6004c6612d83d0855f1754968a76743ae2dfc8b68b861cccd90341ef8fe056e1d8f4ec76476dcf5897679fe09f8803545af41773402774b7df0bb8e90166adb0fef252713d0370e35c224b58412edcc0975a199097cc1881dfb90a1bb8df0f54be4e0fe05e63c79bb2be90aefeea4ae19ec1a7a4e6248cfb3fcb31dfaaf6363b0d66885d764a57132ffb4f0e1fda845ef7affeb3d2d4f11ff9aeed7ba75edaf3010b8c3945a94acd4487b45fcfc4004ddf77e2345b72cc9685c10fdbe550546e3001a59d4a771ea0381f226867c9493ebed295e4c724d6b2bbd503680d6782ca9f71b6749ac070873e38f286e0f369eefa57cb77d4e1a1be303ef0d45de253f16ea900e13bbc2373aad8543ef72c98557c0fd4cc62f93fbd5a3dab1c9f98ec9ed755776edc1a17d13c9c2b83379b15dded3f6fa44c76539b4470bdf6fea4d7bd7b43171d1e595204c4f2f1a365db5b4f2766ab7a0f066199d9296529b0b7d906bb3544a2032d63e7316f1835f561ca77a4fe0dbf42da70647f8b267074b51117bc761841d1afb7b94176051a55f4083a4b3c717851b8f414fee53ce02fab96e9908126986f5fa934b4b094156f55d0a08e10f1f717edfd3445ca7b75c08b72021425d1ac3678838b19f3fabfe4448bc645f191243051c3be5037b2ecc81b3e41d45b0eed8535a5814077d2db3ec54761de832ba01363d8ad3ec130af1426f120f08391a52af249eabb8b1c6baea8686e17cf5407a2d29901de5aacadbd5e669a4b2fa0a67a46d75bcac5ba9d2351da67a028769b6a7fa9a23a95157cacf59aaedec4fbee6f6f674f9c1fb623d8f139fe981c8a89e9f107d6f0fc9ae6c711a6bb54edc7d8fee08bc0b12ebff09f25f2bbe684ebcf281ff93dea725fa8154c43a36c9075552c113208cc1e6bc5f878096b0bd4ea5869466797c4fa5f068002a5062d9eaeaf7cc19b50374a3e7e0f0c6b2d44aa11be6588e089edbecb4cf57faa8fee9df14f5ade89b0f2d6797a5f0a6d11c3bbc9b8d0c374c3564ad2a5b61b7f992dce4e086e8764f2b99f45d1c74d7936f0d20fe0c277559f302ef3793918b9496d6bbd714a5e301c35f320ff731573d197d2b7ec18f688cfabca6601bb03179970bc6c9e7ec172d22000c21377069d246ce01468cb51f89231cd2ec804a51c7ad8569c105cda07e8db2c1cf67015e39405aa3cd0d0102d988e8df313062ce3a8a898fec5460c64b1ae453a9113606623ca29b92ad23d9de5fd5d4a5f888cc3c9105df2c8ea40f136d916f696442b2930e2db35c1cb80ad77788a156a6ad03585af23f108b1bc4a2c89b59dc5e1db52cc6dd818beb5dd5b757a9d74ef36e8122762884d14ebc96f12f806f4c1adc0f74e8dfc5c3329cb43093b1947ee2f71222988dcfd9b68887cb6395c65289abe55cad59e46a0c0629c63d8f680757c5e360ab7176b7f406bab0a4fc44462cf0ab947595e62d45f489276e6b068e08be61888f7697eed659b82a2c2a68a4a4546ca5d8a02e19cef417fc30ad2ed8b2eb547717f7acd999e71d3390a03a96c8d4c07fafe04f7b074348845a90bdc311c6135d317965067c319fae924aaf8a2bc6e9afa77fc9fa198e00d430c5af2f7f079fab2526bd03470a99968abb7fa6eb162f464f186f85c4794e22bccef92a28cded908f5ddcaa43133d04a962eaeed5ba4cfcda139acdaf9b9923b28239c65d78896a7ba35b1179e409d0da4398d131428a3f8ab4e587534e5065a8557ae0a0df06363df035189445cd31028a6de406639dd2efe723466e2cf1f40b09862e62b40c58268834dc3625cb3d4ad16759081e78b7ab5c8d5d00721f498c91b1039e27999a7e54badbdb3e9f8854d5f2ac7ebf8f7dc44c0224fb1da5fd9ed954c4166c5dff72bd90a4f24543439634fa3b5d9a8ec38448e5b9010f3100368fe7ce28546967466bb76410ea550bd39c90b4f478f33cda6ce83685e4ce8a5b38aacb3a6d4070bb7e49a1e620bb22e43cf6d69fe8e9d679266d49b86693cca36d980ff13cdddccbb8e9754364f7cbd58e9e502b86f72dfb231ae9ab55fcc5ed78a42b4193e4c7766a0fff3e75e6b408062b5b0c53dab61d1745f83553c269a6aee9815a0d7f2b4559e1642b5251cdf707beef2353721453e15c41d0af1d34b9a3d1049119cbe8c51ef7be6222cfba9f64d5e44c17d0d325b814103a0bed22d712105ab78940eee0302ddc1997633ed9fbdddbef9d9c827a4427ed688f6f2339e954e5a380d227fb8415c8ad82d90983552bde6ffbb8fb596727acbb2c1b70d30e3c420130fb3a34faf0e9cfbbbfd5fc7ac614ced3e8eefd2c98fd58aa11c376da1aa96355f172a3725bce904e0eeab4c3ed5f2fa7031920d98818a60e2cebc01315b9c1f46001de26000720d59a347cedf460d4c1bc8dbd1b23e0c88bf9425c9341b0164ee438a76029971b3af48f008d02cff23b439c473064298d3f4a2789b735aa629bfeffecda1a9cf2ceea4d252655d4978943ce43b4efa5ed69851e9ce031e7ad00f40162308baf651da3c6a7a482b6cede06a60c5feca75a0b56824cd93b235cc5825c7670c98e0443dcb7667ff351ad41c8cba3d5c7812a7a0d0b8454dc7ebaf5c3ca82af6ccc3335c071ad97dd5b493163c20f2eca83e5af86e40319838e826c53ef839e435dc2866956524a57446079f8a696c258015bdf054c67bd7e543c686e6733b7f8642be822669979869958e2d3b5beb5a746dc363badb40987f3bb7d9675c6c18e8a6de941b310ca4e634450b7e45ac3ef010651d5c0b454bc1cb54e28f2e9647f44cb1d87ccdefd584629197bcea59fa6bf7bd9c55fc7ab584d2d42bbff0a90e24a5a38623e64709dd5935c7278265a13d2f3969b9daabd26570165661f773d3a231ad5356aad2b405d6ea43eef348d1a36f551d3813f4bdfd45ab3a58d001c5f1b1d30cf5e9878344777378baf63cc78fee1d6bd83565ff15d6f2c7d1e258549f2e38c47f41343440fc23d0a17bbdef14d6b507a8a258eac6e65052a28d106dd3cb6b56a2658e8fdcfa6633f89a797ae7d59afa9307872a51ecda168e8e6c49e6198bf1ddf3835895de1d8eae8ab6b9560f39b1b5c5fee5f2a2a3b1adf39d47e44c9b53fbef2dfe7f7ff7478ffecfe6e49a6796a24c15d1c5fa44f8afcef4badaeccc637d24b7a697ae09e2d262f7261d7fedcd10ea6f996bbac1a9c2f30f16e370d8ac47a13a50a77e4305bdcd892a99848771422417a3a5fc9f35e509e365144a89dcb088baf1e0b18cde3132aab1df2bf0427820dfeeb56ac52ece65f6e243571e9d0e41e321bc20f9e4fecbd6435dc4a67684905ce12a6e3763778798e697bbddc23d2a9ac2498e6a2eab0c3053b376c68aad4e4452af110b63e7c58378e565b0f17122eb8457b4c7bab3678bdbe27380d37a6ff941c5a9538cfb5fa6125b2c126671fa07bd44250967d1cbeae45c8eb95caa22414b44453b5936d980827c8a6c40cb8f42d49986b8dfd19fe046853f4509942d8866e7a544363fc8e204c30c00fdfcc6f18918cc99cf621bf374cf98dc212af8fb9ce95d35ef560de17e69dc011437a782d82ffae7fc05ad4e8384a7d392878839b98b5f58ab622ae571d07819a3a34fc9fed7ea081e7a9247d4767967e5e7f5d37cbd34941b0dc87a9ffe90036d1068f5645046028119275f61d901f3739989f667f4904bb9d5a8dafae8014ac95ccc9a3a3b5f355ee5dc29d615d025969de8fd003360e4cb251ee0d38561c91d3480024a299a55fa56309627e73b83e80466e0e8c902ee1f8ab42d7d8cb67f76bc01f33db938220d83382735007897eb9bd6fa1c9336ecda49292089139452399ede5682476715dcd4f4c89458329114e3247a09bae9d95a6de10cb311f095e76f22bc64614ed93cd0b843cad95e07940483f04376f2e3275dce65da8e5b89b915ad51917b07ece47a0cc7388ea38db6d9368c757bd3ac94f0a2f533d01ffbcf82b587b83983a6e7a93111ca0c370ebbefb9218ef81be3b7ec6f4c22c043dde40a9f9c6a2bc617677d05ef981eec5e13578002611e12efc475283e43d1b1ad3b15d4d99ee6379609865ed2737f6f738ded736f3f36da951b68c9423d219facd51e57dadeb1bf3f16fecfd0bffe75a4423d146eb8b4eec8235f4c12da7e06d89129e8879d09c3e7edeb61f78b41332c040719e31dabf09c99951b1ebef1de3ad416369843abfd6498e67a7dd3ffda1eff88e230069353cafda1586daefa08230337cea8d1bd81a48cc2f8bcef2691c410576863820eb4dad59c76cb9ef6ecc4788f0b4034687f5ab4f348b3c16848b834dc56f895d6b66023bdfa8f44c3fae459461c0a25fb33b37d34d0e87b7216298ffc0a1b6e5e7db9e5b08b36d4d60d340a81e142395b91ea46d3dfe41cbb9c6407dd053c86c860b66e745f8459741f0195bbd958315c060ef572c3acc2eaa54435c44f8d65fd3fe2f9346ccfa3eb981316ddb672462a3ef810adb09db8b7898594cbf2d3971346da4cdf796fcf5002e2b4aa3378bfffb76fe24bbfaeecdc717a721a20507b2d557dbc95c55ce08c8cfd88d0a1531e7ce14f8176bff2338e1674d7bd1336cca38fc98ab7c64d0235c9f753808b2d5aa0e94e212e388055e97df1286917b772d3aca12e40f07549a5a60781114aa51dbb30c25d0dc3accc178dd75f4f8928d36b5559a3de13d2c655bb81561233d940fcec933517858fe776540fc77ec025c50fd48d205f4183fa6c08fd98b2b96f7cbc38ba899ef3550f32dea1398e7224b92b3eb9481438ba7278455679b52e97b78db444317b3c9813fc02d6dacb474ed304089bff9768f67de1e574c6ea4b07c7e8a4278b2b4536dcdbfa5403cffe456a620ef6e57ffad25dfc946d8f34675dfe5e2aad5852cf128dbbaf163a34ac9496d1ef7ce40a8902809d8aad8f46f4be37b3c45e031a6838db50ff1aeafc3fe08af911fcb74bb8fd13d23bec932f97f2e88be2a6c85a87864c78d90b3567ee43e248690dae6e4013fe5bc20f1b10f1b4c035bb998c90387bb77dd1aa0e9bf567510d57", 0x1000}], 0x3, &(0x7f0000001700), 0x0, 0x4080}, 0x40000) rt_sigsuspend(&(0x7f0000000200)={0x1}, 0x8) [ 417.212481] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000020013000 [ 417.219729] RBP: 000000000072c010 R08: 0000000000000000 R09: 0000000000000000 [ 417.226975] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 417.234224] R13: 0000000000000608 R14: 00000000006fc160 R15: 0000000000000002 [ 417.301301] FAULT_INJECTION: forcing a failure. [ 417.301301] name failslab, interval 1, probability 0, space 0, times 0 [ 417.312626] CPU: 0 PID: 25844 Comm: syz-executor4 Not tainted 4.16.0+ #3 [ 417.319471] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 417.328824] Call Trace: [ 417.331427] dump_stack+0x1b9/0x294 [ 417.335072] ? dump_stack_print_info.cold.2+0x52/0x52 [ 417.340276] ? kernel_text_address+0x79/0xf0 [ 417.344695] ? __unwind_start+0x166/0x330 [ 417.348862] should_fail.cold.4+0xa/0x1a [ 417.352936] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 417.358056] ? snd_pcm_hw_refine+0x362/0x1180 [ 417.362574] ? graph_lock+0x170/0x170 [ 417.366387] ? find_held_lock+0x36/0x1c0 [ 417.370461] ? __lock_is_held+0xb5/0x140 [ 417.374538] ? check_same_owner+0x320/0x320 [ 417.378862] ? debug_check_no_obj_freed+0x2ff/0x584 [ 417.383886] ? rcu_note_context_switch+0x710/0x710 [ 417.388829] should_failslab+0x124/0x180 [ 417.392901] kmem_cache_alloc_trace+0x2cb/0x780 2018/04/06 11:41:39 executing program 5: capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x40, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={0x0, 0x1000}, &(0x7f0000000080)=0x8) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f00000000c0)=@sack_info={r1, 0x400, 0x9948}, &(0x7f0000000140)=0xc) msgget(0x0, 0x58) [ 417.397578] ? snd_pcm_hw_param_first+0x2eb/0x680 [ 417.402432] snd_pcm_hw_param_near.constprop.35+0x15c/0xb10 [ 417.408156] ? _snd_pcm_hw_param_min+0x570/0x570 [ 417.412923] ? snd_pcm_hw_param_max+0x730/0x730 [ 417.417600] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 417.422793] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 417.428337] ? snd_pcm_plug_slave_size+0x1d0/0x350 [ 417.433282] snd_pcm_oss_change_params_locked+0x1bb1/0x3ce0 [ 417.439022] ? snd_pcm_hw_param_near.constprop.35+0xb10/0xb10 [ 417.444921] ? debug_check_no_locks_freed+0x310/0x310 2018/04/06 11:41:39 executing program 5: capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) msgget(0x2, 0x104) r0 = socket$bt_rfcomm(0x1f, 0x3, 0x3) ioctl$sock_inet_SIOCGIFNETMASK(r0, 0x891b, &(0x7f0000000240)={'ipddp0\x00', {0x2, 0x4e24}}) r1 = syz_open_dev$amidi(&(0x7f0000000080)='/dev/amidi#\x00', 0x8, 0x80) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000200)) readlinkat(r1, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)=""/138, 0x8a) connect(r0, &(0x7f0000000000)=@rc={0x1f, {0x7fff, 0x1e9, 0x1, 0xbada, 0x3, 0x8001}, 0x7}, 0x80) [ 417.450126] ? debug_check_no_locks_freed+0x310/0x310 [ 417.455329] ? check_same_owner+0x320/0x320 [ 417.459668] ? find_held_lock+0x36/0x1c0 [ 417.463742] ? graph_lock+0x170/0x170 [ 417.467553] ? lock_downgrade+0x8e0/0x8e0 [ 417.471709] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 417.477260] ? do_lock_file_wait.part.32+0x240/0x240 [ 417.482383] snd_pcm_oss_change_params+0x80/0xe0 [ 417.487144] snd_pcm_oss_make_ready+0xbe/0x170 [ 417.491733] snd_pcm_oss_sync.isra.29+0x27f/0x980 [ 417.496583] ? snd_pcm_oss_sync1+0x5a0/0x5a0 2018/04/06 11:41:39 executing program 5: capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) r0 = socket$can_raw(0x1d, 0x3, 0x1) r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x0, 0x0) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000000040)={0x9, 0x7}) setsockopt(r0, 0x65, 0x6, &(0x7f0000000000), 0x0) munlockall() msgget(0x1, 0x206) [ 417.500998] ? fsnotify_first_mark+0x330/0x330 [ 417.505586] snd_pcm_oss_release+0x214/0x290 [ 417.509996] ? snd_pcm_oss_sync.isra.29+0x980/0x980 [ 417.515012] __fput+0x34d/0x890 [ 417.518308] ? fput+0x1a0/0x1a0 [ 417.521595] ? _raw_spin_unlock_irq+0x27/0x70 [ 417.526106] ____fput+0x15/0x20 [ 417.529389] task_work_run+0x1e4/0x290 [ 417.533281] ? task_work_cancel+0x240/0x240 [ 417.537607] ? exit_to_usermode_loop+0x87/0x310 [ 417.542285] exit_to_usermode_loop+0x2bd/0x310 [ 417.546866] ? syscall_slow_exit_work+0x4f0/0x4f0 2018/04/06 11:41:40 executing program 5: capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x40, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={0x0, 0x1000}, &(0x7f0000000080)=0x8) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f00000000c0)=@sack_info={r1, 0x400, 0x9948}, &(0x7f0000000140)=0xc) msgget(0x0, 0x58) [ 417.551718] do_syscall_64+0x792/0x9d0 [ 417.555610] ? vmalloc_sync_all+0x30/0x30 [ 417.559769] ? _raw_spin_unlock_irq+0x27/0x70 [ 417.564270] ? finish_task_switch+0x1ca/0x820 [ 417.568773] ? syscall_return_slowpath+0x5c0/0x5c0 [ 417.573711] ? syscall_return_slowpath+0x30f/0x5c0 [ 417.578650] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 417.584024] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 417.588878] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 417.594067] RIP: 0033:0x4552d9 2018/04/06 11:41:40 executing program 5: capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x40, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={0x0, 0x1000}, &(0x7f0000000080)=0x8) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f00000000c0)=@sack_info={r1, 0x400, 0x9948}, &(0x7f0000000140)=0xc) msgget(0x0, 0x58) 2018/04/06 11:41:40 executing program 5: capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x40, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={0x0, 0x1000}, &(0x7f0000000080)=0x8) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f00000000c0)=@sack_info={r1, 0x400, 0x9948}, &(0x7f0000000140)=0xc) msgget(0x0, 0x58) 2018/04/06 11:41:40 executing program 1: r0 = socket(0x0, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) r1 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x52, r1, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000000200)={0x0, 0x4c, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30445cc3106098c1375dee48494f9360a6dceec8517e"}, &(0x7f00000000c0)=0x54) close(r1) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(r0, 0x1, 0x0, &(0x7f0000000040), 0x4) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$alg(0x26, 0x5, 0x0) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000640)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000140), &(0x7f0000000180)) close(r3) sendmmsg(0xffffffffffffffff, &(0x7f0000002280)=[{{&(0x7f00000006c0)=@pppoe={0x18, 0x0, {0x3, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, 'ip6tnl0\x00'}}, 0x80, &(0x7f0000000ec0)=[{&(0x7f0000000740)="964616d1dafb11d6d905ea33bd4eaea0dd04eb847bc0a1210ca9456143e31b8ce14caf4a0646bc639707d10aba3e652495977a7a6d3fc41ef6364c47c2266aa410a490f920f407161207ec5352e1ce6c3822d3a2ae063583609298790a58b73fccaac3665dd78ab4a15d4c12a996799f41dc79b9f3d57a627a7517cb0b51c0cecf43519f19db25073246fa0d8e29d209ee94372325d56aa5ae8d45", 0x9b}], 0x1, &(0x7f0000000f40)=[{0x30, 0x103, 0x918, "b9b0597d21d227c112b74fbadc29c742bca992f94f18f93f4a69"}], 0x30, 0x4045}, 0x610}], 0x1, 0x4001) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x13860b96, 0xa0000) fcntl$getownex(r2, 0x10, &(0x7f0000000680)) 2018/04/06 11:41:40 executing program 5: capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x40, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={0x0, 0x1000}, &(0x7f0000000080)=0x8) msgget(0x0, 0x58) [ 417.597288] RSP: 002b:00007ff8a6ac2c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000003 [ 417.604997] RAX: 0000000000000000 RBX: 00007ff8a6ac36d4 RCX: 00000000004552d9 [ 417.612264] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000013 [ 417.619536] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 417.626806] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014 [ 417.634080] R13: 0000000000000052 R14: 00000000006f3850 R15: 000000000000000f [ 418.130107] FAULT_FLAG_ALLOW_RETRY missing 30 [ 418.134764] CPU: 1 PID: 25834 Comm: syz-executor3 Not tainted 4.16.0+ #3 [ 418.141607] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 418.150957] Call Trace: [ 418.153556] dump_stack+0x1b9/0x294 [ 418.157191] ? dump_stack_print_info.cold.2+0x52/0x52 [ 418.162387] ? kasan_check_write+0x14/0x20 [ 418.166627] ? do_raw_spin_lock+0xc1/0x200 [ 418.170868] handle_userfault.cold.32+0x44/0x57 [ 418.175542] ? handle_userfault+0x16c6/0x2760 [ 418.180048] ? userfaultfd_ioctl+0x4d10/0x4d10 [ 418.184632] ? debug_check_no_locks_freed+0x310/0x310 [ 418.189828] ? rb_erase+0x3530/0x3530 [ 418.193637] ? print_usage_bug+0xc0/0xc0 [ 418.197698] ? match_held_lock+0x801/0x8b0 [ 418.201933] ? print_usage_bug+0xc0/0xc0 [ 418.205995] ? print_usage_bug+0xc0/0xc0 [ 418.210056] ? lock_downgrade+0x8e0/0x8e0 [ 418.214207] ? lock_downgrade+0x8e0/0x8e0 [ 418.218386] ? __lock_acquire+0x7f5/0x5130 [ 418.222634] ? graph_lock+0x170/0x170 [ 418.226452] ? debug_check_no_locks_freed+0x310/0x310 [ 418.231641] ? find_held_lock+0x36/0x1c0 [ 418.235692] ? lock_downgrade+0x8e0/0x8e0 [ 418.239829] ? kasan_check_read+0x11/0x20 [ 418.243961] ? do_raw_spin_unlock+0x9e/0x2e0 [ 418.248354] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 418.252916] ? kasan_check_write+0x14/0x20 [ 418.257142] ? do_raw_spin_lock+0xc1/0x200 [ 418.261379] __handle_mm_fault+0x34be/0x4150 [ 418.265771] ? vm_insert_mixed_mkwrite+0x40/0x40 [ 418.270507] ? graph_lock+0x170/0x170 [ 418.274295] ? find_held_lock+0x36/0x1c0 [ 418.278341] ? lock_downgrade+0x8e0/0x8e0 [ 418.282479] ? handle_mm_fault+0x8c0/0xc70 [ 418.286699] handle_mm_fault+0x53a/0xc70 [ 418.290741] ? __handle_mm_fault+0x4150/0x4150 [ 418.295306] ? find_vma+0x34/0x190 [ 418.298829] __do_page_fault+0x60b/0xe40 [ 418.302886] ? mm_fault_error+0x380/0x380 [ 418.307035] ? __schedule+0x80f/0x1e40 [ 418.310916] ? graph_lock+0x170/0x170 [ 418.314702] do_page_fault+0xee/0x8a7 [ 418.318483] ? vmalloc_sync_all+0x30/0x30 [ 418.322616] ? find_held_lock+0x36/0x1c0 [ 418.326665] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 418.331489] page_fault+0x25/0x50 [ 418.334922] RIP: 0010:copy_user_generic_unrolled+0x86/0xc0 [ 418.340545] RSP: 0018:ffff88018c217ce8 EFLAGS: 00010206 [ 418.345893] RAX: ffffed0031842fae RBX: 0000000000000018 RCX: 0000000000000003 [ 418.353142] RDX: 0000000000000000 RSI: 0000000020013000 RDI: ffff88018c217d58 [ 418.360392] RBP: ffff88018c217d20 R08: ffffed0031842fae R09: ffffed0031842fab [ 418.367647] R10: ffffed0031842fad R11: ffff88018c217d6f R12: 0000000020013018 [ 418.374908] R13: 0000000020013000 R14: ffff88018c217d58 R15: 00007ffffffff000 [ 418.382201] ? _copy_from_user+0x10d/0x150 [ 418.386444] SyS_sigaltstack+0xae/0x320 [ 418.390423] ? do_sigaction+0xa50/0xa50 [ 418.394400] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 418.399938] ? exit_to_usermode_loop+0x1ef/0x310 [ 418.404697] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 418.409545] ? ksys_ioctl+0x81/0xd0 [ 418.413169] ? do_syscall_64+0xb7/0x9d0 [ 418.417149] ? do_sigaction+0xa50/0xa50 [ 418.421123] do_syscall_64+0x29e/0x9d0 [ 418.425010] ? vmalloc_sync_all+0x30/0x30 [ 418.429159] ? _raw_spin_unlock_irq+0x27/0x70 [ 418.433654] ? finish_task_switch+0x1ca/0x820 [ 418.438152] ? syscall_return_slowpath+0x5c0/0x5c0 [ 418.443082] ? syscall_return_slowpath+0x30f/0x5c0 [ 418.448020] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 418.453388] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 418.458240] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 418.463425] RIP: 0033:0x4552d9 [ 418.466612] RSP: 002b:00007ff15ecfec68 EFLAGS: 00000246 ORIG_RAX: 0000000000000083 [ 418.474322] RAX: ffffffffffffffda RBX: 00007ff15ecff6d4 RCX: 00000000004552d9 [ 418.481594] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000020013000 [ 418.488859] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 418.496131] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 418.503400] R13: 0000000000000608 R14: 00000000006fc160 R15: 0000000000000000 [ 418.643977] FAULT_FLAG_ALLOW_RETRY missing 30 [ 418.648574] CPU: 0 PID: 25889 Comm: syz-executor3 Not tainted 4.16.0+ #3 [ 418.655401] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 418.664756] Call Trace: [ 418.667345] dump_stack+0x1b9/0x294 [ 418.670957] ? dump_stack_print_info.cold.2+0x52/0x52 [ 418.676128] ? kasan_check_write+0x14/0x20 [ 418.680346] ? do_raw_spin_lock+0xc1/0x200 [ 418.684572] handle_userfault.cold.32+0x44/0x57 [ 418.689222] ? handle_userfault+0x16c6/0x2760 [ 418.693700] ? userfaultfd_ioctl+0x4d10/0x4d10 [ 418.698267] ? debug_check_no_locks_freed+0x310/0x310 [ 418.703435] ? find_held_lock+0x36/0x1c0 [ 418.707496] ? print_usage_bug+0xc0/0xc0 [ 418.711547] ? print_usage_bug+0xc0/0xc0 [ 418.715589] ? kasan_check_read+0x11/0x20 [ 418.719722] ? check_same_owner+0x320/0x320 [ 418.724034] ? do_raw_spin_unlock+0x9e/0x2e0 [ 418.728432] ? __lock_acquire+0x7f5/0x5130 [ 418.732648] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 418.738167] ? graph_lock+0x170/0x170 [ 418.741949] ? debug_check_no_locks_freed+0x310/0x310 [ 418.747120] ? find_held_lock+0x36/0x1c0 [ 418.751176] ? lock_downgrade+0x8e0/0x8e0 [ 418.755309] ? kasan_check_read+0x11/0x20 [ 418.759436] ? do_raw_spin_unlock+0x9e/0x2e0 [ 418.763822] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 418.768385] ? kasan_check_write+0x14/0x20 [ 418.772599] ? do_raw_spin_lock+0xc1/0x200 [ 418.776816] __handle_mm_fault+0x34be/0x4150 [ 418.781205] ? vm_insert_mixed_mkwrite+0x40/0x40 [ 418.785938] ? graph_lock+0x170/0x170 [ 418.789718] ? graph_lock+0x170/0x170 [ 418.793501] ? find_held_lock+0x36/0x1c0 [ 418.797544] ? lock_downgrade+0x8e0/0x8e0 [ 418.801675] ? handle_mm_fault+0x8c0/0xc70 [ 418.805896] handle_mm_fault+0x53a/0xc70 [ 418.809948] ? __handle_mm_fault+0x4150/0x4150 [ 418.814507] ? find_vma+0x34/0x190 [ 418.818039] __do_page_fault+0x60b/0xe40 [ 418.822085] ? mm_fault_error+0x380/0x380 [ 418.826216] ? graph_lock+0x170/0x170 [ 418.830004] do_page_fault+0xee/0x8a7 [ 418.833793] ? vmalloc_sync_all+0x30/0x30 [ 418.837919] ? __fget+0x40c/0x650 [ 418.841353] ? find_held_lock+0x36/0x1c0 [ 418.845399] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 418.850224] page_fault+0x25/0x50 [ 418.853657] RIP: 0010:copy_user_generic_unrolled+0x86/0xc0 [ 418.859257] RSP: 0018:ffff88018dd9fce8 EFLAGS: 00010206 [ 418.864598] RAX: ffffed0031bb3fae RBX: 0000000000000018 RCX: 0000000000000003 [ 418.871845] RDX: 0000000000000000 RSI: 0000000020013000 RDI: ffff88018dd9fd58 [ 418.879095] RBP: ffff88018dd9fd20 R08: ffffed0031bb3fae R09: ffffed0031bb3fab [ 418.886342] R10: ffffed0031bb3fad R11: ffff88018dd9fd6f R12: 0000000020013018 [ 418.893589] R13: 0000000020013000 R14: ffff88018dd9fd58 R15: 00007ffffffff000 [ 418.900850] ? _copy_from_user+0x10d/0x150 [ 418.905072] SyS_sigaltstack+0xae/0x320 [ 418.909036] ? do_sigaction+0xa50/0xa50 [ 418.913013] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 418.918536] ? fput+0x130/0x1a0 [ 418.921795] ? ksys_ioctl+0x81/0xd0 [ 418.925400] ? do_syscall_64+0xb7/0x9d0 [ 418.929353] ? do_sigaction+0xa50/0xa50 [ 418.933309] do_syscall_64+0x29e/0x9d0 [ 418.937178] ? _raw_spin_unlock_irq+0x27/0x70 [ 418.941658] ? finish_task_switch+0x1ca/0x820 [ 418.946133] ? syscall_return_slowpath+0x5c0/0x5c0 [ 418.951045] ? syscall_return_slowpath+0x30f/0x5c0 [ 418.955955] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 418.961299] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 418.966120] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 418.971288] RIP: 0033:0x4552d9 [ 418.974454] RSP: 002b:00007ff15ecbcc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000083 [ 418.982140] RAX: ffffffffffffffda RBX: 00007ff15ecbd6d4 RCX: 00000000004552d9 2018/04/06 11:41:41 executing program 4 (fault-call:5 fault-nth:16): r0 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000200)={r1}, &(0x7f00000000c0)=0x8) close(r0) setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040), 0x4) perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$rdma_cm(0xffffffffffffffff, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080), 0x2}}, 0xfffffe84) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000002c0)={0x0, {{0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, [], 0x19}, 0x6c}}, {{0xa, 0x4e20, 0x0, @remote={0xfe, 0x80, [], 0xbb}}}}, 0x108) 2018/04/06 11:41:41 executing program 2: open(&(0x7f0000000000)='./bus\x00', 0x100000141842, 0x0) r0 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) syz_mount_image$hfs(&(0x7f0000001780)='hfs\x00', &(0x7f0000000100)='./bus\x00', 0x0, 0xccf, &(0x7f0000001a40)=[{&(0x7f0000001c00)="c3109cfc6f65b837063b7bbc3d4a7d202d2b9984a215c7b7bd25480c1babe9aadb78e3c53ec529cb288497a5ff7386ab50bc1a8c89", 0x0, 0x401}, {&(0x7f0000001800)="2ddea5d98171285eddea030c82c3ebbbe9ef0086979c4d89f51697a723698cc79f113fca18d8ec8bb4942cb405ffaeeeafc6b09a0aa44324f534c9b7f57352f0c6be30573567dee6adbbdffa5bc32a5b00201e68181092887cf576f0703f060812cd5047561a4c92d2fe195c21c60625c482c212ec431a19596ad1012108999bc75ae3480f0e76a36376ac63a8", 0x0, 0x5}, {&(0x7f00000018c0)="c5530d8833354b18ef6baebf606c24f24d221ae3c07931be7198141ec53fd728927e5f00e021449a33baca2a22cf99667bb62ad1c43215e3f08aaced4246a353f263c0b7595b47c7a50af4436c372f265f8434d31934351c965767c877bce2ca431539e8a01395cb17c6c5e7c94ccf3bafb07d8b5e8c8a7c931e0d769db9d35a00cb5aa0044e6a6a561fd1afe1", 0x0, 0x5}, {&(0x7f0000001ac0)="a6c3452050343eb065584cf53ea65ae330a5f6fabf78091e23a81fecb3775e4b4b863ad23c978b4d06569e6a36869f4d6ab49a561ec1407526f64751bf75483fb2755e3dd399f154e42b71bf2ba4b06f84d08c82013cccce8d83cc8522875560acd751f4f33688881c070e6ef463499ee9e91f792ae72561196b6ba9dc495e6762dbb6f5c913a4aeab57f7ff1fec996193598848aca0c65638fffb8af2141e66a90fe4ae167772c4c599843c560c877e454fdb686a3b7df3bc64de67f0ab300a68bb0beb5a6e2c52ef9e161399bf3a9939b04d804247cd6b3c9682eaf9ba0fdf8721b778b0f8e7905b17a1210b17ce35b1fb4f78497d438165b2019a31462ffaad8347218795323dd876bfaa1f6f7eec0187f0b9e41c54ba73230f635b3f4c2fd658e725afc3135bbb160347c72457a5da34344443b7f7c8ab479f9e63", 0x0, 0x7}], 0x10000, &(0x7f0000000780)=ANY=[]) ioctl$LOOP_SET_CAPACITY(r0, 0x4c07) write$cgroup_pid(r0, &(0x7f0000000040)={[0x0]}, 0x1) write$cgroup_pid(r0, &(0x7f0000000180), 0x1d2) 2018/04/06 11:41:41 executing program 7: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000480)='/dev/dsp\x00', 0x8000, 0x0) getpeername$llc(r2, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @random}, &(0x7f0000000500)=0x10) shutdown(r0, 0x0) clock_gettime(0x0, &(0x7f0000000400)={0x0, 0x0}) recvmmsg(r1, &(0x7f00000003c0)=[{{&(0x7f0000000080)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @local}, 0x80, &(0x7f0000000280)=[{&(0x7f0000000100)=""/112, 0x70}, {&(0x7f0000000000)=""/36, 0x24}, {&(0x7f0000000180)=""/219, 0xdb}], 0x3, &(0x7f00000002c0)=""/229, 0xe5, 0x1}, 0x8001}], 0x1, 0x62, &(0x7f0000000440)={r3, r4+30000000}) recvmmsg(r0, &(0x7f0000000040), 0x948, 0x42, 0x0) 2018/04/06 11:41:41 executing program 6: socket$inet_udp(0x2, 0x2, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000095bffc)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) sendto$inet(r1, &(0x7f0000762fff), 0xfdc7, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001, [0xc3ff]}, 0x10) 2018/04/06 11:41:41 executing program 5: capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x40, 0x0) msgget(0x0, 0x58) 2018/04/06 11:41:41 executing program 3: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) fcntl$getownex(0xffffffffffffff9c, 0x10, &(0x7f0000000100)) getpid() fcntl$getown(0xffffffffffffff9c, 0x9) gettid() ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) getpgrp(r0) r1 = memfd_create(&(0x7f0000000080)='em1\x00', 0x2) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000200)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) sigaltstack(&(0x7f0000013000/0x1000)=nil, &(0x7f00000000c0)) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000258f88)) msgsnd(0x0, &(0x7f0000284ff8)={0x3}, 0x0, 0x0) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000240)={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000640)={'\x00', 0x0}) ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f0000000680)=r3) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000b40)={&(0x7f0000011000/0x4000)=nil, 0x4000}) io_setup(0x1000, &(0x7f0000000040)) io_submit(0x0, 0x6f2000, &(0x7f0000000000)) ioctl$VHOST_RESET_OWNER(r1, 0xaf02, 0x0) 2018/04/06 11:41:41 executing program 1: r0 = socket(0x0, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) r1 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x52, r1, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000000200)={0x0, 0x4c, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30445cc3106098c1375dee48494f9360a6dceec8517e"}, &(0x7f00000000c0)=0x54) close(r1) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(r0, 0x1, 0x0, &(0x7f0000000040), 0x4) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$alg(0x26, 0x5, 0x0) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000640)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000140), &(0x7f0000000180)) close(r3) sendmmsg(0xffffffffffffffff, &(0x7f0000002280)=[{{&(0x7f00000006c0)=@pppoe={0x18, 0x0, {0x3, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, 'ip6tnl0\x00'}}, 0x80, &(0x7f0000000ec0)=[{&(0x7f0000000740)="964616d1dafb11d6d905ea33bd4eaea0dd04eb847bc0a1210ca9456143e31b8ce14caf4a0646bc639707d10aba3e652495977a7a6d3fc41ef6364c47c2266aa410a490f920f407161207ec5352e1ce6c3822d3a2ae063583609298790a58b73fccaac3665dd78ab4a15d4c12a996799f41dc79b9f3d57a627a7517cb0b51c0cecf43519f19db25073246fa0d8e29d209ee94372325d56aa5ae8d45", 0x9b}], 0x1, &(0x7f0000000f40)=[{0x30, 0x103, 0x918, "b9b0597d21d227c112b74fbadc29c742bca992f94f18f93f4a69"}], 0x30, 0x4045}, 0x610}], 0x1, 0x4001) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x13860b96, 0xa0000) fcntl$getownex(r2, 0x10, &(0x7f0000000680)) 2018/04/06 11:41:41 executing program 0: r0 = request_key(&(0x7f0000000180)='dns_resolver\x00', &(0x7f00000001c0)={0x73, 0x79, 0x7a, 0x0}, &(0x7f0000000200)='em1\x00', 0x0) r1 = request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={0x73, 0x79, 0x7a, 0x3}, &(0x7f0000000340)='user\x00', r0) r2 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000140)={0x73, 0x79, 0x7a, 0x3}, 0x0, 0x0, r1) r3 = add_key$keyring(&(0x7f00000002c0)='keyring\x00', &(0x7f0000000300)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffb) keyctl$setperm(0x5, r2, 0xa000c00) add_key$user(&(0x7f0000000080)='user\x00', &(0x7f0000000240)={0x73, 0x79, 0x7a, 0x2}, &(0x7f0000000380)="fcfc451f33b0cc9d612ffb285c8bb804d6d48b497c6ccd6fd2b84dd9ec3fea69ba1dda5aa37b26fd8185f02a224297ebf6cc01a3c9c1e10da2e5056aeb33e96894e6acdcaea4edcff3fbf21b12a148f58c007498e499", 0x56, r2) keyctl$search(0xa, r2, &(0x7f00000000c0)='keyring\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a, 0x2}, r3) [ 418.989387] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000020013000 [ 418.996633] RBP: 000000000072c010 R08: 0000000000000000 R09: 0000000000000000 [ 419.003879] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 419.011126] R13: 0000000000000608 R14: 00000000006fc160 R15: 0000000000000002 [ 419.083601] FAULT_INJECTION: forcing a failure. [ 419.083601] name failslab, interval 1, probability 0, space 0, times 0 [ 419.095298] CPU: 1 PID: 25913 Comm: syz-executor4 Not tainted 4.16.0+ #3 [ 419.102136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 419.111498] Call Trace: [ 419.114095] dump_stack+0x1b9/0x294 [ 419.117730] ? dump_stack_print_info.cold.2+0x52/0x52 [ 419.122926] ? __lock_acquire+0x7f5/0x5130 [ 419.127172] should_fail.cold.4+0xa/0x1a [ 419.131241] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 419.136352] ? debug_check_no_locks_freed+0x310/0x310 [ 419.141542] ? kfree+0xd9/0x260 [ 419.144828] ? constrain_params_by_rules+0xa38/0x1360 [ 419.150024] ? graph_lock+0x170/0x170 [ 419.153830] ? snd_pcm_oss_change_params_locked+0x1b46/0x3ce0 [ 419.159719] ? snd_pcm_oss_change_params+0x80/0xe0 [ 419.164652] ? snd_pcm_oss_make_ready+0xbe/0x170 [ 419.169410] ? snd_pcm_oss_sync.isra.29+0x27f/0x980 [ 419.174429] ? snd_pcm_oss_release+0x214/0x290 [ 419.179021] ? __fput+0x34d/0x890 [ 419.182487] ? find_held_lock+0x36/0x1c0 [ 419.186556] ? __lock_is_held+0xb5/0x140 [ 419.190628] ? check_same_owner+0x320/0x320 [ 419.194953] ? rcu_note_context_switch+0x710/0x710 [ 419.199885] ? graph_lock+0x170/0x170 [ 419.203694] should_failslab+0x124/0x180 [ 419.207767] __kmalloc+0x2c8/0x760 [ 419.211317] ? constrain_params_by_rules+0x141/0x1360 [ 419.216513] ? find_held_lock+0x36/0x1c0 [ 419.220583] constrain_params_by_rules+0x141/0x1360 [ 419.225602] ? lock_downgrade+0x8e0/0x8e0 2018/04/06 11:41:41 executing program 5: capset(&(0x7f0000000100)={0x19980330}, &(0x7f0000292000)) msgget(0x0, 0x58) 2018/04/06 11:41:41 executing program 7: r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f000000cfe4)={0xa}, 0x1c) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1}) ioctl$sock_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000000)) sendmsg(r0, &(0x7f00000000c0)={0x0, 0xffffffffffffff80, &(0x7f0000000200), 0x3cf, &(0x7f0000000080)}, 0x0) [ 419.229764] ? snd_pcm_mmap_control_fault+0x3e0/0x3e0 [ 419.234962] ? rcu_is_watching+0x85/0x140 [ 419.239122] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 419.244317] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 419.249523] ? is_bpf_text_address+0xd7/0x170 [ 419.254023] ? kernel_text_address+0x79/0xf0 [ 419.258439] ? __unwind_start+0x166/0x330 [ 419.262597] ? __kernel_text_address+0xd/0x40 [ 419.267098] ? unwind_get_return_address+0x61/0xa0 [ 419.272038] ? __save_stack_trace+0x7e/0xd0 [ 419.276371] ? save_stack+0xa9/0xd0 [ 419.279999] ? save_stack+0x43/0xd0 2018/04/06 11:41:41 executing program 0: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback={0x0, 0x1}}, 0x1c) sendmsg(r0, &(0x7f000001b000)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000100)="97aa89464f0e2f2b932aee627aea1f84aebe73c4f424656cff31c4cd179af23a0b908e1eeebdb364", 0x28}], 0x1, &(0x7f000001ef08)}, 0x0) r1 = syz_open_dev$admmidi(&(0x7f0000000140)='/dev/admmidi#\x00', 0x5, 0x68004) ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, &(0x7f00000000c0)={0x9, 0xe16}) [ 419.283627] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 419.289166] ? snd_interval_refine+0x428/0x700 [ 419.293752] snd_pcm_hw_refine+0x8e9/0x1180 [ 419.298075] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 419.303450] ? constrain_params_by_rules+0x1360/0x1360 [ 419.308737] ? graph_lock+0x170/0x170 [ 419.312543] ? __lock_is_held+0xb5/0x140 [ 419.316620] ? __lock_is_held+0xb5/0x140 [ 419.320692] ? snd_pcm_hw_param_near.constprop.35+0x15c/0xb10 [ 419.326588] ? rcu_read_lock_sched_held+0x108/0x120 2018/04/06 11:41:41 executing program 5: msgget(0x0, 0x58) 2018/04/06 11:41:41 executing program 0: r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/autofs\x00', 0x0, 0x0) write$binfmt_misc(r0, &(0x7f0000000140)={'syz0', "5d9f45"}, 0x7) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0xe3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$vcsn(&(0x7f0000000040)='/dev/vcs#\x00', 0x1, 0x780) setsockopt$netrom_NETROM_T2(r1, 0x103, 0x2, &(0x7f00000000c0)=0x2, 0x4) r2 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x2, 0x28001) write$evdev(r2, &(0x7f0000037fe8)=[{{0x0, 0x7530}, 0x1, 0x7f, 0x2}, {}], 0x30) ioctl$EVIOCGSND(r2, 0x8040451a, &(0x7f0000000080)=""/55) [ 419.331611] ? kmem_cache_alloc_trace+0x616/0x780 [ 419.336465] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 419.342006] ? _snd_pcm_hw_param_min+0x330/0x570 [ 419.346773] snd_pcm_hw_param_near.constprop.35+0x2cf/0xb10 [ 419.352493] ? _snd_pcm_hw_param_min+0x570/0x570 [ 419.357258] ? snd_pcm_hw_param_max+0x730/0x730 [ 419.361932] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 419.367126] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 419.372669] ? snd_pcm_plug_slave_size+0x1d0/0x350 [ 419.377610] snd_pcm_oss_change_params_locked+0x1bb1/0x3ce0 [ 419.383340] ? snd_pcm_hw_param_near.constprop.35+0xb10/0xb10 [ 419.389229] ? debug_check_no_locks_freed+0x310/0x310 [ 419.394422] ? debug_check_no_locks_freed+0x310/0x310 [ 419.399617] ? check_same_owner+0x320/0x320 [ 419.403940] ? find_held_lock+0x36/0x1c0 [ 419.407996] ? graph_lock+0x170/0x170 [ 419.411795] ? lock_downgrade+0x8e0/0x8e0 [ 419.415934] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 419.421471] ? do_lock_file_wait.part.32+0x240/0x240 [ 419.426978] snd_pcm_oss_change_params+0x80/0xe0 [ 419.431724] snd_pcm_oss_make_ready+0xbe/0x170 [ 419.436295] snd_pcm_oss_sync.isra.29+0x27f/0x980 [ 419.441123] ? snd_pcm_oss_sync1+0x5a0/0x5a0 [ 419.445523] ? fsnotify_first_mark+0x330/0x330 [ 419.450093] snd_pcm_oss_release+0x214/0x290 [ 419.454486] ? snd_pcm_oss_sync.isra.29+0x980/0x980 [ 419.459491] __fput+0x34d/0x890 [ 419.462762] ? fput+0x1a0/0x1a0 [ 419.466039] ? _raw_spin_unlock_irq+0x27/0x70 [ 419.470527] ____fput+0x15/0x20 [ 419.473793] task_work_run+0x1e4/0x290 [ 419.477668] ? task_work_cancel+0x240/0x240 [ 419.481980] ? exit_to_usermode_loop+0x87/0x310 [ 419.486640] exit_to_usermode_loop+0x2bd/0x310 [ 419.491209] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 419.496053] do_syscall_64+0x792/0x9d0 [ 419.499926] ? vmalloc_sync_all+0x30/0x30 [ 419.504062] ? _raw_spin_unlock_irq+0x27/0x70 [ 419.508542] ? finish_task_switch+0x1ca/0x820 [ 419.513029] ? syscall_return_slowpath+0x5c0/0x5c0 [ 419.517949] ? syscall_return_slowpath+0x30f/0x5c0 [ 419.522868] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 419.528220] ? trace_hardirqs_off_thunk+0x1a/0x1c 2018/04/06 11:41:42 executing program 5: msgget(0xffffffffffffffff, 0x58) 2018/04/06 11:41:42 executing program 1: r0 = socket(0x0, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) r1 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x52, r1, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000000200)={0x0, 0x4c, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30445cc3106098c1375dee48494f9360a6dceec8517e"}, &(0x7f00000000c0)=0x54) close(r1) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(r0, 0x1, 0x0, &(0x7f0000000040), 0x4) r2 = perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$alg(0x26, 0x5, 0x0) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000640)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000140), &(0x7f0000000180)) close(r3) sendmmsg(0xffffffffffffffff, &(0x7f0000002280)=[{{&(0x7f00000006c0)=@pppoe={0x18, 0x0, {0x3, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, 'ip6tnl0\x00'}}, 0x80, &(0x7f0000000ec0)=[{&(0x7f0000000740)="964616d1dafb11d6d905ea33bd4eaea0dd04eb847bc0a1210ca9456143e31b8ce14caf4a0646bc639707d10aba3e652495977a7a6d3fc41ef6364c47c2266aa410a490f920f407161207ec5352e1ce6c3822d3a2ae063583609298790a58b73fccaac3665dd78ab4a15d4c12a996799f41dc79b9f3d57a627a7517cb0b51c0cecf43519f19db25073246fa0d8e29d209ee94372325d56aa5ae8d45", 0x9b}], 0x1, &(0x7f0000000f40)=[{0x30, 0x103, 0x918, "b9b0597d21d227c112b74fbadc29c742bca992f94f18f93f4a69"}], 0x30, 0x4045}, 0x610}], 0x1, 0x4001) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x13860b96, 0xa0000) fcntl$getownex(r2, 0x10, &(0x7f0000000680)) 2018/04/06 11:41:42 executing program 6: socket$inet_udp(0x2, 0x2, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000095bffc)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) sendto$inet(r1, &(0x7f0000762fff), 0xfdc7, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001, [0x300000000000000]}, 0x10) [ 419.533053] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 419.538226] RIP: 0033:0x4552d9 [ 419.541399] RSP: 002b:00007ff8a6ac2c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000003 [ 419.549095] RAX: 0000000000000000 RBX: 00007ff8a6ac36d4 RCX: 00000000004552d9 [ 419.556349] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000013 [ 419.563603] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 419.570857] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014 [ 419.578109] R13: 0000000000000052 R14: 00000000006f3850 R15: 0000000000000010 [ 419.972543] FAULT_FLAG_ALLOW_RETRY missing 30 [ 419.977136] CPU: 0 PID: 25920 Comm: syz-executor3 Not tainted 4.16.0+ #3 [ 419.983965] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 419.993297] Call Trace: [ 419.995872] dump_stack+0x1b9/0x294 [ 419.999481] ? dump_stack_print_info.cold.2+0x52/0x52 [ 420.004656] ? kasan_check_write+0x14/0x20 [ 420.008874] ? do_raw_spin_lock+0xc1/0x200 [ 420.013108] handle_userfault.cold.32+0x44/0x57 [ 420.017762] ? handle_userfault+0x16c6/0x2760 [ 420.022238] ? userfaultfd_ioctl+0x4d10/0x4d10 [ 420.026802] ? debug_check_no_locks_freed+0x310/0x310 [ 420.031974] ? find_held_lock+0x36/0x1c0 [ 420.036018] ? print_usage_bug+0xc0/0xc0 [ 420.040061] ? print_usage_bug+0xc0/0xc0 [ 420.044109] ? check_same_owner+0x320/0x320 [ 420.048417] ? do_raw_spin_unlock+0x9e/0x2e0 [ 420.052820] ? __lock_acquire+0x7f5/0x5130 [ 420.057039] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 420.062558] ? graph_lock+0x170/0x170 [ 420.066342] ? debug_check_no_locks_freed+0x310/0x310 [ 420.071522] ? find_held_lock+0x36/0x1c0 [ 420.075572] ? lock_downgrade+0x8e0/0x8e0 [ 420.079702] ? kasan_check_read+0x11/0x20 [ 420.083828] ? do_raw_spin_unlock+0x9e/0x2e0 [ 420.088216] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 420.092777] ? kasan_check_write+0x14/0x20 [ 420.096989] ? do_raw_spin_lock+0xc1/0x200 [ 420.101208] __handle_mm_fault+0x34be/0x4150 [ 420.105599] ? vm_insert_mixed_mkwrite+0x40/0x40 [ 420.110334] ? graph_lock+0x170/0x170 [ 420.114116] ? find_held_lock+0x36/0x1c0 [ 420.118159] ? lock_downgrade+0x8e0/0x8e0 [ 420.122292] ? handle_mm_fault+0x8c0/0xc70 [ 420.126507] handle_mm_fault+0x53a/0xc70 [ 420.130551] ? __handle_mm_fault+0x4150/0x4150 [ 420.135115] ? find_vma+0x34/0x190 [ 420.138638] __do_page_fault+0x60b/0xe40 [ 420.142680] ? mm_fault_error+0x380/0x380 [ 420.146807] ? graph_lock+0x170/0x170 [ 420.150586] do_page_fault+0xee/0x8a7 [ 420.154368] ? vmalloc_sync_all+0x30/0x30 [ 420.158496] ? find_held_lock+0x36/0x1c0 [ 420.162556] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 420.167380] page_fault+0x25/0x50 [ 420.170814] RIP: 0010:copy_user_generic_unrolled+0x86/0xc0 [ 420.176411] RSP: 0018:ffff88018b5e7ce8 EFLAGS: 00010206 [ 420.181757] RAX: ffffed00316bcfae RBX: 0000000000000018 RCX: 0000000000000003 [ 420.189018] RDX: 0000000000000000 RSI: 0000000020013000 RDI: ffff88018b5e7d58 [ 420.196265] RBP: ffff88018b5e7d20 R08: ffffed00316bcfae R09: ffffed00316bcfab [ 420.203514] R10: ffffed00316bcfad R11: ffff88018b5e7d6f R12: 0000000020013018 [ 420.210768] R13: 0000000020013000 R14: ffff88018b5e7d58 R15: 00007ffffffff000 [ 420.218033] ? _copy_from_user+0x10d/0x150 [ 420.222254] SyS_sigaltstack+0xae/0x320 [ 420.226211] ? do_sigaction+0xa50/0xa50 [ 420.230168] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 420.235688] ? fput+0x130/0x1a0 [ 420.238947] ? ksys_ioctl+0x81/0xd0 [ 420.242554] ? do_syscall_64+0xb7/0x9d0 [ 420.246510] ? do_sigaction+0xa50/0xa50 [ 420.250463] do_syscall_64+0x29e/0x9d0 [ 420.254329] ? vmalloc_sync_all+0x30/0x30 [ 420.258456] ? _raw_spin_unlock_irq+0x27/0x70 [ 420.262934] ? finish_task_switch+0x1ca/0x820 [ 420.267409] ? syscall_return_slowpath+0x5c0/0x5c0 [ 420.272317] ? syscall_return_slowpath+0x30f/0x5c0 [ 420.277227] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 420.282571] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 420.287397] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 420.292563] RIP: 0033:0x4552d9 [ 420.295729] RSP: 002b:00007ff15ecfec68 EFLAGS: 00000246 ORIG_RAX: 0000000000000083 [ 420.303417] RAX: ffffffffffffffda RBX: 00007ff15ecff6d4 RCX: 00000000004552d9 [ 420.310671] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000020013000 [ 420.317922] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 420.325170] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 420.332416] R13: 0000000000000608 R14: 00000000006fc160 R15: 0000000000000000 [ 420.473983] FAULT_FLAG_ALLOW_RETRY missing 30 [ 420.478610] CPU: 1 PID: 25963 Comm: syz-executor3 Not tainted 4.16.0+ #3 [ 420.485439] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 420.494771] Call Trace: [ 420.497350] dump_stack+0x1b9/0x294 [ 420.500965] ? dump_stack_print_info.cold.2+0x52/0x52 [ 420.506138] ? kasan_check_write+0x14/0x20 [ 420.510361] ? do_raw_spin_lock+0xc1/0x200 [ 420.514597] handle_userfault.cold.32+0x44/0x57 [ 420.519262] ? handle_userfault+0x16c6/0x2760 [ 420.523741] ? userfaultfd_ioctl+0x4d10/0x4d10 [ 420.528304] ? debug_check_no_locks_freed+0x310/0x310 [ 420.533473] ? find_held_lock+0x36/0x1c0 [ 420.537517] ? print_usage_bug+0xc0/0xc0 [ 420.541570] ? print_usage_bug+0xc0/0xc0 [ 420.545613] ? kasan_check_read+0x11/0x20 [ 420.549743] ? check_same_owner+0x320/0x320 [ 420.554048] ? do_raw_spin_unlock+0x9e/0x2e0 [ 420.558442] ? __lock_acquire+0x7f5/0x5130 [ 420.562662] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 420.568181] ? graph_lock+0x170/0x170 [ 420.571965] ? debug_check_no_locks_freed+0x310/0x310 [ 420.577149] ? find_held_lock+0x36/0x1c0 [ 420.581207] ? lock_downgrade+0x8e0/0x8e0 [ 420.585347] ? kasan_check_read+0x11/0x20 [ 420.589485] ? do_raw_spin_unlock+0x9e/0x2e0 [ 420.593875] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 420.598442] ? kasan_check_write+0x14/0x20 [ 420.602664] ? do_raw_spin_lock+0xc1/0x200 [ 420.606881] __handle_mm_fault+0x34be/0x4150 [ 420.611270] ? vm_insert_mixed_mkwrite+0x40/0x40 [ 420.616005] ? graph_lock+0x170/0x170 [ 420.619793] ? graph_lock+0x170/0x170 [ 420.623573] ? find_held_lock+0x36/0x1c0 [ 420.627616] ? lock_downgrade+0x8e0/0x8e0 [ 420.631763] ? handle_mm_fault+0x8c0/0xc70 [ 420.635979] handle_mm_fault+0x53a/0xc70 [ 420.640030] ? __handle_mm_fault+0x4150/0x4150 [ 420.644593] ? find_vma+0x34/0x190 [ 420.648117] __do_page_fault+0x60b/0xe40 [ 420.652161] ? mm_fault_error+0x380/0x380 [ 420.656291] ? graph_lock+0x170/0x170 [ 420.660073] do_page_fault+0xee/0x8a7 [ 420.663855] ? vmalloc_sync_all+0x30/0x30 [ 420.667993] ? __fget+0x40c/0x650 [ 420.671439] ? find_held_lock+0x36/0x1c0 [ 420.675490] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 420.680315] page_fault+0x25/0x50 [ 420.683750] RIP: 0010:copy_user_generic_unrolled+0x86/0xc0 [ 420.689346] RSP: 0018:ffff88017d1f7ce8 EFLAGS: 00010206 [ 420.694690] RAX: ffffed002fa3efae RBX: 0000000000000018 RCX: 0000000000000003 [ 420.701937] RDX: 0000000000000000 RSI: 0000000020013000 RDI: ffff88017d1f7d58 [ 420.709184] RBP: ffff88017d1f7d20 R08: ffffed002fa3efae R09: ffffed002fa3efab [ 420.716433] R10: ffffed002fa3efad R11: ffff88017d1f7d6f R12: 0000000020013018 [ 420.723679] R13: 0000000020013000 R14: ffff88017d1f7d58 R15: 00007ffffffff000 [ 420.730948] ? _copy_from_user+0x10d/0x150 [ 420.735169] SyS_sigaltstack+0xae/0x320 [ 420.739123] ? do_sigaction+0xa50/0xa50 [ 420.743079] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 420.748594] ? fput+0x130/0x1a0 [ 420.751856] ? ksys_ioctl+0x81/0xd0 [ 420.755464] ? do_syscall_64+0xb7/0x9d0 [ 420.759418] ? do_sigaction+0xa50/0xa50 [ 420.763372] do_syscall_64+0x29e/0x9d0 [ 420.767242] ? _raw_spin_unlock_irq+0x27/0x70 [ 420.771715] ? finish_task_switch+0x1ca/0x820 [ 420.776189] ? syscall_return_slowpath+0x5c0/0x5c0 [ 420.781097] ? syscall_return_slowpath+0x30f/0x5c0 [ 420.786012] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 420.791386] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 420.796233] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 420.801404] RIP: 0033:0x4552d9 [ 420.804570] RSP: 002b:00007ff15ecbcc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000083 [ 420.812256] RAX: ffffffffffffffda RBX: 00007ff15ecbd6d4 RCX: 00000000004552d9 2018/04/06 11:41:43 executing program 4 (fault-call:5 fault-nth:17): r0 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000200)={r1}, &(0x7f00000000c0)=0x8) close(r0) setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040), 0x4) perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$rdma_cm(0xffffffffffffffff, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080), 0x2}}, 0xfffffe84) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000002c0)={0x0, {{0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, [], 0x19}, 0x6c}}, {{0xa, 0x4e20, 0x0, @remote={0xfe, 0x80, [], 0xbb}}}}, 0x108) 2018/04/06 11:41:43 executing program 6: socket$inet_udp(0x2, 0x2, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000095bffc)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) sendto$inet(r1, &(0x7f0000762fff), 0xfdc7, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001, [0x9f7e000000000000]}, 0x10) 2018/04/06 11:41:43 executing program 3: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) fcntl$getownex(0xffffffffffffff9c, 0x10, &(0x7f0000000100)) getpid() fcntl$getown(0xffffffffffffff9c, 0x9) gettid() ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) getpgrp(r0) r1 = memfd_create(&(0x7f0000000080)='em1\x00', 0x2) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000200)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) sigaltstack(&(0x7f0000013000/0x1000)=nil, &(0x7f00000000c0)) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000258f88)) msgsnd(0x0, &(0x7f0000284ff8)={0x3}, 0x0, 0x0) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000240)={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000640)={'\x00', 0x0}) ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f0000000680)=r3) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000b40)={&(0x7f0000011000/0x4000)=nil, 0x4000}) io_setup(0x1000, &(0x7f0000000040)) io_submit(0x0, 0x4f2000, &(0x7f0000000000)) ioctl$VHOST_RESET_OWNER(r1, 0xaf02, 0x0) 2018/04/06 11:41:43 executing program 0: r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x0, 0x0) recvfrom$ipx(r0, &(0x7f0000000040)=""/59, 0x3b, 0x1, &(0x7f0000000080)={0x4, 0x6, 0x10001, "f142f9890416", 0x3f}, 0x10) r1 = socket$inet_sctp(0x2, 0x5, 0x84) r2 = socket$inet6_dccp(0xa, 0x6, 0x0) r3 = shmget$private(0x0, 0x2000, 0x8, &(0x7f0000ffe000/0x2000)=nil) shmctl$IPC_STAT(r3, 0x2, &(0x7f00000000c0)=""/213) ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f00000001c0)={0x0}) ioctl$DRM_IOCTL_NEW_CTX(r0, 0x40086425, &(0x7f0000000200)={r4, 0x2}) fcntl$F_SET_RW_HINT(r0, 0x40c, &(0x7f0000000240)=0x1) r5 = accept4$bt_l2cap(r0, &(0x7f0000000280), &(0x7f00000002c0)=0xe, 0x800) r6 = syz_open_dev$sndpcmp(&(0x7f0000000300)='/dev/snd/pcmC#D#p\x00', 0x0, 0x2) setsockopt$IP_VS_SO_SET_ZERO(r6, 0x0, 0x48f, &(0x7f0000000340)={0x0, @local={0xac, 0x14, 0x14, 0xaa}, 0x4e21, 0x1, 'wrr\x00', 0x8bcb1c3b2ae746c3, 0x8001, 0x77}, 0x2c) setsockopt$inet6_mtu(r2, 0x29, 0x17, &(0x7f0000000380)=0x5, 0x4) r7 = openat$vcs(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/vcs\x00', 0x280100, 0x0) r8 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000400)='/dev/vhost-net\x00', 0x2, 0x0) r9 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) fcntl$getownex(r5, 0x10, &(0x7f0000000440)={0x0, 0x0}) process_vm_writev(r10, &(0x7f0000000a40)=[{&(0x7f0000000480)}, {&(0x7f00000004c0)=""/29, 0x1d}, {&(0x7f0000000500)=""/170, 0xaa}, {&(0x7f00000005c0)=""/24, 0x18}, {&(0x7f0000000600)=""/177, 0xb1}, {&(0x7f00000006c0)=""/94, 0x5e}, {&(0x7f0000000740)=""/211, 0xd3}, {&(0x7f0000000840)=""/151, 0x97}, {&(0x7f0000000900)=""/234, 0xea}, {&(0x7f0000000a00)=""/38, 0x26}], 0xa, &(0x7f0000001ec0)=[{&(0x7f0000000b00)=""/247, 0xf7}, {&(0x7f0000000c00)=""/31, 0x1f}, {&(0x7f0000000c40)=""/179, 0xb3}, {&(0x7f0000000d00)=""/4096, 0x1000}, {&(0x7f0000001d00)=""/3, 0x3}, {&(0x7f0000001d40)=""/23, 0x17}, {&(0x7f0000001d80)=""/208, 0xd0}, {&(0x7f0000001e80)=""/64, 0x40}], 0x8, 0x0) ioctl$VHOST_NET_SET_BACKEND(r8, 0x4008af30, &(0x7f0000001f40)={0x3, r6}) arch_prctl(0x1003, &(0x7f0000001f80)="a7aa22a6afc97752f110bc732d4d267043dd33c9cb9d2f7028b6232f4dc0c454ae4f7fcd84605ff76faf8a2e28d11a6bf4bd6b76927c3bd6aba87d18e21a9aff51331c49e3525da751d629cf26767bd02309f1364ad7348939186d7fc9d0a185882bd48826cad08b95c26db8691d69e60b36469f86cb8edcce1f98f118f5") recvfrom$ipx(r7, &(0x7f0000002000)=""/77, 0x4d, 0x2002, &(0x7f0000002080)={0x4, 0x4, 0x8, "7a5acee6fa32", 0x5}, 0x10) getsockopt$inet6_mreq(r0, 0x29, 0x1f, &(0x7f0000002100)={@loopback, 0x0}, &(0x7f0000002140)=0x14) sendmsg$nl_route(r7, &(0x7f0000002200)={&(0x7f00000020c0)={0x10, 0x0, 0x0, 0x80000800}, 0xc, &(0x7f00000021c0)={&(0x7f0000002180)=@newlink={0x28, 0x10, 0x800, 0x70bd2a, 0x25dfdbfb, {0x0, 0x0, 0x0, r11, 0x4000}, [@IFLA_WEIGHT={0x8, 0xf, 0x9}]}, 0x28}, 0x1, 0x0, 0x0, 0x4008094}, 0x80) shmctl$SHM_INFO(r3, 0xe, &(0x7f0000002240)=""/59) r12 = getuid() r13 = getegid() r14 = socket$packet(0x11, 0x2, 0x300) getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000002600)={0x0, 0x0}, &(0x7f0000002640)=0xc) getgroups(0x7, &(0x7f0000002680)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffff, 0x0]) getresuid(&(0x7f0000002c40), &(0x7f0000002c80)=0x0, &(0x7f0000002cc0)) r18 = getegid() sendmmsg$unix(r0, &(0x7f0000002d80)=[{&(0x7f0000002280)=@abs={0x1, 0x0, 0x4e24}, 0x6e, &(0x7f0000002580)=[{&(0x7f0000002300)="8edf03ca6f066a07fbcc4ecfc9d28b8241900efd5eca6577072730c0a02b6425cebc28982a061929ef6e3f1b1120ff7fe78a6d5e59bbd6890d776f11f06814d77eff1d535ab8e00a0f51d8413108a83f88", 0x51}, {&(0x7f0000002380)="576e1c1c62516774fd0568a5fd0c3d1ed8f7112b8d81461bd7fa1f722ae26359bf8a7bfed108571dd7658b6fe94d631269035c319d6d1ca6d12adc9f3424d99c877907bc6d2e5f0a4402", 0x4a}, {&(0x7f0000002400)="4ddaf7c62acbae45617271229947465ba3d71a692388dc750764c4b7f3995e5b216b4273487ec7d4e2142db624391046d1dcb9036ec82bbb62efc9679afdd8fd4ebd89d05f62e9b590b211bbb73eaea4dd70b1", 0x53}, {&(0x7f0000002480)="99803a3a1c264153ad5c8ca54cbbad7789140ea132667b5570a7146e2d0d90f60a32933ee17febd52b6c6b225d968ed5f9225aa54ef79b9d5e58a90ccff063d861a2580a39abe26d693890435c1a5338fc882bfe4031a7bdd2b4bdc327fecca2b4bab04fba998000124c749dfcf469dcd4a9f3c70bce7f5618", 0x79}, {&(0x7f0000002500)="f6312986012a54b87d63ab15414d75f09534d499a396bf0438e975d6e6a70610f71522eb3933d4e8c660dad50fee94c2ab6b6a79225207e48b8dc651223994a0d0ae4d0d1db457e0fe1927beb62d8440c2451c0b22c46b8f2bd58cf9726df42d421c9d0442eb76fc", 0x68}], 0x5, &(0x7f00000026c0)=[@rights={0x30, 0x1, 0x1, [r9, r8, r1, r6, r5, r6, r0]}, @rights={0x30, 0x1, 0x1, [r1, r8, r8, r0, r6, r1, r8]}, @rights={0x38, 0x1, 0x1, [r8, r5, r6, r6, r6, r9, r8, r5, r6]}, @rights={0x38, 0x1, 0x1, [r5, r5, r9, r0, r1, r6, r8, r9, r1]}, @cred={0x20, 0x1, 0x2, r10, r12, r13}, @rights={0x30, 0x1, 0x1, [r5, r5, r5, r14, r7, r2, r0, r0]}, @cred={0x20, 0x1, 0x2, r10, r15, r16}], 0x140}, {&(0x7f0000002800)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000002bc0)=[{&(0x7f0000002880)="2c89942716322453604eb754ce10305ff29051f273d92f7b8a6b88445617597c0c7f058cc3d52900a364999198392e548c34d13f06929691333675037358dcf6f4d6c4d694cd5058e75d480d5b764c2ec536e3f7be427154a2fb270d5ad90a640dd4f39c90683add87e374431adfe4285399a7a28bfe6d22", 0x78}, {&(0x7f0000002900)="4666a71f1e0194bc42f39ba612c0667905aed766509fdba31575de8394687a35522aaf5f76784d9135e1eaea1d040598fc1379d042f8b293cf7028df0d4ebe06e0a6df44a47268e92845518909bfbe8f8ed35af60d7c5d6c67d4685fa4813fa03920fa8aeb3e4deaa5c261c0f66affe475b9386bfc03ae736c569356765f85e7551459cb32ac0a68a2a01e7e115c8276c63f04b8e87e2e6fd02c989ba6ec4148d65aede7cbfbeb896134e385cd9d33a3ce19165da8ef8258223055ff7e48c14e80a1fae1", 0xc4}, {&(0x7f0000002a00)="234162dc31ce39d0b22e25b09293db59bb2a891e9845d593d68f4aebd482d89a239d56842ab2a1de9db5aa81942228c6439ccb2712d65b4fbc7ffbad5f21f77bfc9e375d65733edb8d95b7472bfeabfd9441ca0e189fd5f2a5c8be3aad903cf04ffec8b450742157a512b9458e0e5d5357c83664e8f3893a186eddcc080d613034eaa4ab8c425a46075e5ddd8b4c378f070f78b0a3b90f83aa45a83ef57590ee4bb63fc8a4644baeffdd5726297eab3a5791d04df4eeca673ceef492ad290a57948bfbd9e896a4864d8b5bb620", 0xcd}, {&(0x7f0000002b00)}, {&(0x7f0000002b40)="1c1c54745329f95dccfc68c754949bee5663", 0x12}, {&(0x7f0000002b80)="a4a155f04c57a052345c126bc4dce08e5eaad0ac1d24ab00590b4df2b5b15752296fbaa56479887f8f974a8e508d1fbc1cb93bb02221b1897f0b07e250", 0x3d}], 0x6, &(0x7f0000002d00)=[@cred={0x20, 0x1, 0x2, r10, r17, r18}, @rights={0x28, 0x1, 0x1, [r7, r7, r7, r5, r8, r8]}, @rights={0x20, 0x1, 0x1, [r2, r0, r0]}], 0x68, 0x4004}], 0x2, 0x0) 2018/04/06 11:41:43 executing program 2: syz_mount_image$ntfs(&(0x7f0000000440)='ntfs\x00', &(0x7f0000000480)='./bus\x00', 0x0, 0x0, &(0x7f00000006c0), 0x1000, &(0x7f0000000740)=ANY=[]) r0 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) syz_mount_image$hfs(&(0x7f0000001780)='hfs\x00', &(0x7f0000000100)='./bus\x00', 0x0, 0xccf, &(0x7f0000001a40)=[{&(0x7f0000001c00)="c3109cfc6f65b837063b7bbc3d4a7d202d2b9984a215c7b7bd25480c1babe9aadb78e3c53ec529cb288497a5ff7386ab50bc1a8c89", 0x0, 0x401}, {&(0x7f0000001800)="2ddea5d98171285eddea030c82c3ebbbe9ef0086979c4d89f51697a723698cc79f113fca18d8ec8bb4942cb405ffaeeeafc6b09a0aa44324f534c9b7f57352f0c6be30573567dee6adbbdffa5bc32a5b00201e68181092887cf576f0703f060812cd5047561a4c92d2fe195c21c60625c482c212ec431a19596ad1012108999bc75ae3480f0e76a36376ac63a8", 0x0, 0x5}, {&(0x7f00000018c0)="c5530d8833354b18ef6baebf606c24f24d221ae3c07931be7198141ec53fd728927e5f00e021449a33baca2a22cf99667bb62ad1c43215e3f08aaced4246a353f263c0b7595b47c7a50af4436c372f265f8434d31934351c965767c877bce2ca431539e8a01395cb17c6c5e7c94ccf3bafb07d8b5e8c8a7c931e0d769db9d35a00cb5aa0044e6a6a561fd1afe1", 0x0, 0x5}, {&(0x7f0000001ac0)="a6c3452050343eb065584cf53ea65ae330a5f6fabf78091e23a81fecb3775e4b4b863ad23c978b4d06569e6a36869f4d6ab49a561ec1407526f64751bf75483fb2755e3dd399f154e42b71bf2ba4b06f84d08c82013cccce8d83cc8522875560acd751f4f33688881c070e6ef463499ee9e91f792ae72561196b6ba9dc495e6762dbb6f5c913a4aeab57f7ff1fec996193598848aca0c65638fffb8af2141e66a90fe4ae167772c4c599843c560c877e454fdb686a3b7df3bc64de67f0ab300a68bb0beb5a6e2c52ef9e161399bf3a9939b04d804247cd6b3c9682eaf9ba0fdf8721b778b0f8e7905b17a1210b17ce35b1fb4f78497d438165b2019a31462ffaad8347218795323dd876bfaa1f6f7eec0187f0b9e41c54ba73230f635b3f4c2fd658e725afc3135bbb160347c72457a5da34344443b7f7c8ab479f9e63", 0x0, 0x7}], 0x10000, &(0x7f0000000780)=ANY=[]) ioctl$LOOP_SET_CAPACITY(r0, 0x4c07) write$cgroup_pid(r0, &(0x7f0000000040)={[0x0]}, 0x1) write$cgroup_pid(r0, &(0x7f0000000180), 0x1d2) 2018/04/06 11:41:43 executing program 7: msgget(0x0, 0x58) 2018/04/06 11:41:43 executing program 5: msgget(0xffffffffffffffff, 0x58) 2018/04/06 11:41:43 executing program 1: r0 = socket(0x0, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) r1 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x52, r1, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000000200)={0x0, 0x4c, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30445cc3106098c1375dee48494f9360a6dceec8517e"}, &(0x7f00000000c0)=0x54) close(r1) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(r0, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) r2 = perf_event_open(&(0x7f000025c000)={0x0, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$alg(0x26, 0x5, 0x0) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000640)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000140), &(0x7f0000000180)) close(r3) sendmmsg(0xffffffffffffffff, &(0x7f0000002280)=[{{&(0x7f00000006c0)=@pppoe={0x18, 0x0, {0x3, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, 'ip6tnl0\x00'}}, 0x80, &(0x7f0000000ec0)=[{&(0x7f0000000740)="964616d1dafb11d6d905ea33bd4eaea0dd04eb847bc0a1210ca9456143e31b8ce14caf4a0646bc639707d10aba3e652495977a7a6d3fc41ef6364c47c2266aa410a490f920f407161207ec5352e1ce6c3822d3a2ae063583609298790a58b73fccaac3665dd78ab4a15d4c12a996799f41dc79b9f3d57a627a7517cb0b51c0cecf43519f19db25073246fa0d8e29d209ee94372325d56aa5ae8d45", 0x9b}], 0x1, &(0x7f0000000f40)=[{0x30, 0x103, 0x918, "b9b0597d21d227c112b74fbadc29c742bca992f94f18f93f4a69"}], 0x30, 0x4045}, 0x610}], 0x1, 0x4001) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x13860b96, 0xa0000) fcntl$getownex(r2, 0x10, &(0x7f0000000680)) [ 420.819504] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000020013000 [ 420.826752] RBP: 000000000072c010 R08: 0000000000000000 R09: 0000000000000000 [ 420.833998] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 420.841251] R13: 0000000000000608 R14: 00000000006fc160 R15: 0000000000000002 [ 420.912420] FAULT_INJECTION: forcing a failure. [ 420.912420] name failslab, interval 1, probability 0, space 0, times 0 [ 420.923811] CPU: 1 PID: 25984 Comm: syz-executor4 Not tainted 4.16.0+ #3 [ 420.930658] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 420.940017] Call Trace: [ 420.942624] dump_stack+0x1b9/0x294 [ 420.946269] ? dump_stack_print_info.cold.2+0x52/0x52 [ 420.951480] should_fail.cold.4+0xa/0x1a [ 420.955552] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 420.960670] ? print_usage_bug+0xc0/0xc0 [ 420.964740] ? graph_lock+0x170/0x170 [ 420.968553] ? find_held_lock+0x36/0x1c0 [ 420.972621] ? __lock_is_held+0xb5/0x140 [ 420.976705] ? check_same_owner+0x320/0x320 [ 420.981038] ? rcu_note_context_switch+0x710/0x710 [ 420.985972] ? debug_check_no_locks_freed+0x310/0x310 [ 420.991173] should_failslab+0x124/0x180 [ 420.995243] __kmalloc+0x2c8/0x760 [ 420.998790] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 421.003376] ? print_usage_bug+0xc0/0xc0 [ 421.007439] ? print_usage_bug+0xc0/0xc0 2018/04/06 11:41:43 executing program 5: msgget(0xffffffffffffffff, 0x58) 2018/04/06 11:41:43 executing program 7: msgget(0x0, 0x58) [ 421.011498] ? constrain_params_by_rules+0x141/0x1360 [ 421.016691] ? kasan_check_write+0x14/0x20 [ 421.020942] constrain_params_by_rules+0x141/0x1360 [ 421.025965] ? __lock_acquire+0x7f5/0x5130 [ 421.030206] ? __lock_is_held+0xb5/0x140 [ 421.034281] ? snd_pcm_mmap_control_fault+0x3e0/0x3e0 [ 421.039485] ? debug_check_no_locks_freed+0x310/0x310 [ 421.044683] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 421.049723] ? find_held_lock+0x36/0x1c0 [ 421.053798] ? lock_downgrade+0x8e0/0x8e0 [ 421.057956] ? kasan_check_read+0x11/0x20 2018/04/06 11:41:43 executing program 5: msgget(0x0, 0x0) [ 421.062111] ? rcu_is_watching+0x85/0x140 [ 421.066267] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 421.071289] ? snd_interval_refine+0x428/0x700 [ 421.075882] snd_pcm_hw_refine+0x8e9/0x1180 [ 421.080223] ? constrain_params_by_rules+0x1360/0x1360 [ 421.085508] ? find_held_lock+0x36/0x1c0 [ 421.089579] ? print_usage_bug+0xc0/0xc0 [ 421.093645] ? lock_downgrade+0x8e0/0x8e0 [ 421.097796] ? lock_release+0xa10/0xa10 [ 421.101772] ? kasan_check_read+0x11/0x20 [ 421.105911] ? do_raw_spin_unlock+0x9e/0x2e0 [ 421.110317] ? mark_held_locks+0xc9/0x160 [ 421.114465] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 421.119476] snd_pcm_hw_params+0x2a9/0x1e20 [ 421.123787] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 421.128876] ? debug_check_no_obj_freed+0x2ff/0x584 [ 421.133875] ? snd_pcm_hw_refine+0x1180/0x1180 [ 421.138456] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 421.143472] ? snd_pcm_hw_param_value+0x112/0x550 [ 421.148319] ? snd_pcm_hw_param_first+0x2eb/0x680 [ 421.153156] ? snd_pcm_hw_param_near.constprop.35+0x6e9/0xb10 [ 421.159033] ? _snd_pcm_hw_param_min+0x570/0x570 [ 421.163786] ? snd_pcm_hw_param_max+0x730/0x730 [ 421.168448] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 421.173630] snd_pcm_kernel_ioctl+0x6c/0x240 [ 421.178040] snd_pcm_oss_change_params_locked+0x1be8/0x3ce0 [ 421.183766] ? snd_pcm_hw_param_near.constprop.35+0xb10/0xb10 [ 421.189641] ? debug_check_no_locks_freed+0x310/0x310 [ 421.194820] ? debug_check_no_locks_freed+0x310/0x310 [ 421.199998] ? check_same_owner+0x320/0x320 [ 421.204308] ? find_held_lock+0x36/0x1c0 [ 421.208351] ? graph_lock+0x170/0x170 [ 421.212146] ? lock_downgrade+0x8e0/0x8e0 [ 421.216274] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 421.221797] ? do_lock_file_wait.part.32+0x240/0x240 [ 421.226892] snd_pcm_oss_change_params+0x80/0xe0 [ 421.231628] snd_pcm_oss_make_ready+0xbe/0x170 [ 421.236190] snd_pcm_oss_sync.isra.29+0x27f/0x980 [ 421.241021] ? snd_pcm_oss_sync1+0x5a0/0x5a0 [ 421.245433] ? fsnotify_first_mark+0x330/0x330 [ 421.250009] snd_pcm_oss_release+0x214/0x290 [ 421.254405] ? snd_pcm_oss_sync.isra.29+0x980/0x980 [ 421.259402] __fput+0x34d/0x890 [ 421.262665] ? fput+0x1a0/0x1a0 [ 421.265929] ? _raw_spin_unlock_irq+0x27/0x70 [ 421.270406] ____fput+0x15/0x20 [ 421.273665] task_work_run+0x1e4/0x290 [ 421.277541] ? task_work_cancel+0x240/0x240 [ 421.281861] ? exit_to_usermode_loop+0x87/0x310 [ 421.286524] exit_to_usermode_loop+0x2bd/0x310 [ 421.291086] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 421.295925] do_syscall_64+0x792/0x9d0 [ 421.299802] ? vmalloc_sync_all+0x30/0x30 [ 421.303937] ? _raw_spin_unlock_irq+0x27/0x70 [ 421.308416] ? finish_task_switch+0x1ca/0x820 [ 421.312892] ? syscall_return_slowpath+0x5c0/0x5c0 [ 421.317801] ? syscall_return_slowpath+0x30f/0x5c0 [ 421.322713] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 421.328075] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 421.332907] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 421.338075] RIP: 0033:0x4552d9 [ 421.341251] RSP: 002b:00007ff8a6ac2c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000003 [ 421.348959] RAX: 0000000000000000 RBX: 00007ff8a6ac36d4 RCX: 00000000004552d9 [ 421.356221] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000013 2018/04/06 11:41:43 executing program 5 (fault-call:0 fault-nth:0): msgget(0x0, 0x0) 2018/04/06 11:41:43 executing program 1: r0 = socket(0x0, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) r1 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x52, r1, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000000200)={0x0, 0x4c, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30445cc3106098c1375dee48494f9360a6dceec8517e"}, &(0x7f00000000c0)=0x54) close(r1) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(r0, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) r2 = perf_event_open(&(0x7f000025c000)={0x0, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$alg(0x26, 0x5, 0x0) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000640)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000140), &(0x7f0000000180)) close(r3) sendmmsg(0xffffffffffffffff, &(0x7f0000002280)=[{{&(0x7f00000006c0)=@pppoe={0x18, 0x0, {0x3, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, 'ip6tnl0\x00'}}, 0x80, &(0x7f0000000ec0)=[{&(0x7f0000000740)="964616d1dafb11d6d905ea33bd4eaea0dd04eb847bc0a1210ca9456143e31b8ce14caf4a0646bc639707d10aba3e652495977a7a6d3fc41ef6364c47c2266aa410a490f920f407161207ec5352e1ce6c3822d3a2ae063583609298790a58b73fccaac3665dd78ab4a15d4c12a996799f41dc79b9f3d57a627a7517cb0b51c0cecf43519f19db25073246fa0d8e29d209ee94372325d56aa5ae8d45", 0x9b}], 0x1, &(0x7f0000000f40)=[{0x30, 0x103, 0x918, "b9b0597d21d227c112b74fbadc29c742bca992f94f18f93f4a69"}], 0x30, 0x4045}, 0x610}], 0x1, 0x4001) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x13860b96, 0xa0000) fcntl$getownex(r2, 0x10, &(0x7f0000000680)) 2018/04/06 11:41:43 executing program 6: socket$inet_udp(0x2, 0x2, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000095bffc)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) sendto$inet(r1, &(0x7f0000762fff), 0xfdc7, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001, [0x5f50000000000000]}, 0x10) 2018/04/06 11:41:43 executing program 0: r0 = syz_open_dev$loop(&(0x7f0000000000)='/dev/loop#\x00', 0x0, 0x3) rt_sigsuspend(&(0x7f0000000040)={0x5}, 0x8) ioctl$LOOP_SET_DIRECT_IO(r0, 0xc0481273, 0x0) [ 421.363474] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 421.370724] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014 [ 421.377983] R13: 0000000000000052 R14: 00000000006f3850 R15: 0000000000000011 2018/04/06 11:41:43 executing program 7: msgget(0x0, 0x58) [ 421.730833] FAULT_FLAG_ALLOW_RETRY missing 30 [ 421.735427] CPU: 1 PID: 25970 Comm: syz-executor3 Not tainted 4.16.0+ #3 [ 421.742264] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 421.751608] Call Trace: [ 421.754197] dump_stack+0x1b9/0x294 [ 421.757810] ? dump_stack_print_info.cold.2+0x52/0x52 [ 421.762985] ? kasan_check_write+0x14/0x20 [ 421.767206] ? do_raw_spin_lock+0xc1/0x200 [ 421.771436] handle_userfault.cold.32+0x44/0x57 [ 421.776091] ? handle_userfault+0x16c6/0x2760 [ 421.780570] ? userfaultfd_ioctl+0x4d10/0x4d10 [ 421.785131] ? debug_check_no_locks_freed+0x310/0x310 [ 421.790304] ? rb_erase+0x3530/0x3530 [ 421.794093] ? print_usage_bug+0xc0/0xc0 [ 421.798142] ? match_held_lock+0x801/0x8b0 [ 421.802355] ? print_usage_bug+0xc0/0xc0 [ 421.806397] ? print_usage_bug+0xc0/0xc0 [ 421.810447] ? lock_downgrade+0x8e0/0x8e0 [ 421.814575] ? lock_downgrade+0x8e0/0x8e0 [ 421.818708] ? __lock_acquire+0x7f5/0x5130 [ 421.822924] ? graph_lock+0x170/0x170 [ 421.826710] ? debug_check_no_locks_freed+0x310/0x310 [ 421.831903] ? find_held_lock+0x36/0x1c0 [ 421.835951] ? lock_downgrade+0x8e0/0x8e0 [ 421.840081] ? kasan_check_read+0x11/0x20 [ 421.844212] ? do_raw_spin_unlock+0x9e/0x2e0 [ 421.848599] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 421.853164] ? kasan_check_write+0x14/0x20 [ 421.857380] ? do_raw_spin_lock+0xc1/0x200 [ 421.861597] __handle_mm_fault+0x34be/0x4150 [ 421.865988] ? vm_insert_mixed_mkwrite+0x40/0x40 [ 421.870727] ? graph_lock+0x170/0x170 [ 421.874512] ? find_held_lock+0x36/0x1c0 [ 421.878570] ? lock_downgrade+0x8e0/0x8e0 [ 421.882712] ? handle_mm_fault+0x8c0/0xc70 [ 421.886929] handle_mm_fault+0x53a/0xc70 [ 421.890969] ? __handle_mm_fault+0x4150/0x4150 [ 421.895530] ? find_vma+0x34/0x190 [ 421.899064] __do_page_fault+0x60b/0xe40 [ 421.903110] ? mm_fault_error+0x380/0x380 [ 421.907238] ? __schedule+0x80f/0x1e40 [ 421.911110] ? graph_lock+0x170/0x170 [ 421.914892] do_page_fault+0xee/0x8a7 [ 421.918678] ? vmalloc_sync_all+0x30/0x30 [ 421.922811] ? find_held_lock+0x36/0x1c0 [ 421.926858] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 421.931687] page_fault+0x25/0x50 [ 421.935134] RIP: 0010:copy_user_generic_unrolled+0x86/0xc0 [ 421.940740] RSP: 0018:ffff8801d4f37ce8 EFLAGS: 00010206 [ 421.946082] RAX: ffffed003a9e6fae RBX: 0000000000000018 RCX: 0000000000000003 [ 421.953337] RDX: 0000000000000000 RSI: 0000000020013000 RDI: ffff8801d4f37d58 [ 421.960586] RBP: ffff8801d4f37d20 R08: ffffed003a9e6fae R09: ffffed003a9e6fab [ 421.967834] R10: ffffed003a9e6fad R11: ffff8801d4f37d6f R12: 0000000020013018 [ 421.975081] R13: 0000000020013000 R14: ffff8801d4f37d58 R15: 00007ffffffff000 [ 421.982351] ? _copy_from_user+0x10d/0x150 [ 421.986571] SyS_sigaltstack+0xae/0x320 [ 421.990534] ? do_sigaction+0xa50/0xa50 [ 421.994508] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 422.000038] ? exit_to_usermode_loop+0x1ef/0x310 [ 422.004779] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 422.009602] ? ksys_ioctl+0x81/0xd0 [ 422.013210] ? do_syscall_64+0xb7/0x9d0 [ 422.017166] ? do_sigaction+0xa50/0xa50 [ 422.021123] do_syscall_64+0x29e/0x9d0 [ 422.024989] ? vmalloc_sync_all+0x30/0x30 [ 422.029130] ? _raw_spin_unlock_irq+0x27/0x70 [ 422.033614] ? finish_task_switch+0x1ca/0x820 [ 422.038089] ? syscall_return_slowpath+0x5c0/0x5c0 [ 422.043001] ? syscall_return_slowpath+0x30f/0x5c0 [ 422.047921] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 422.053280] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 422.058108] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 422.063278] RIP: 0033:0x4552d9 [ 422.066447] RSP: 002b:00007ff15ecfec68 EFLAGS: 00000246 ORIG_RAX: 0000000000000083 [ 422.074136] RAX: ffffffffffffffda RBX: 00007ff15ecff6d4 RCX: 00000000004552d9 [ 422.081382] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000020013000 [ 422.088636] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 422.095889] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 422.103140] R13: 0000000000000608 R14: 00000000006fc160 R15: 0000000000000000 [ 422.246973] FAULT_FLAG_ALLOW_RETRY missing 30 [ 422.251611] CPU: 0 PID: 26025 Comm: syz-executor3 Not tainted 4.16.0+ #3 [ 422.258438] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 422.267774] Call Trace: [ 422.270351] dump_stack+0x1b9/0x294 [ 422.273965] ? dump_stack_print_info.cold.2+0x52/0x52 [ 422.279146] ? kasan_check_write+0x14/0x20 [ 422.283365] ? do_raw_spin_lock+0xc1/0x200 [ 422.287585] handle_userfault.cold.32+0x44/0x57 [ 422.292236] ? handle_userfault+0x16c6/0x2760 [ 422.296724] ? userfaultfd_ioctl+0x4d10/0x4d10 [ 422.301295] ? debug_check_no_locks_freed+0x310/0x310 [ 422.306466] ? find_held_lock+0x36/0x1c0 [ 422.310510] ? print_usage_bug+0xc0/0xc0 [ 422.314554] ? print_usage_bug+0xc0/0xc0 [ 422.318596] ? kasan_check_read+0x11/0x20 [ 422.322725] ? check_same_owner+0x320/0x320 [ 422.327042] ? do_raw_spin_unlock+0x9e/0x2e0 [ 422.331457] ? __lock_acquire+0x7f5/0x5130 [ 422.335684] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 422.341200] ? graph_lock+0x170/0x170 [ 422.344985] ? debug_check_no_locks_freed+0x310/0x310 [ 422.350163] ? find_held_lock+0x36/0x1c0 [ 422.354216] ? lock_downgrade+0x8e0/0x8e0 [ 422.358356] ? kasan_check_read+0x11/0x20 [ 422.362484] ? do_raw_spin_unlock+0x9e/0x2e0 [ 422.366872] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 422.371436] ? kasan_check_write+0x14/0x20 [ 422.375655] ? do_raw_spin_lock+0xc1/0x200 [ 422.379877] __handle_mm_fault+0x34be/0x4150 [ 422.384267] ? vm_insert_mixed_mkwrite+0x40/0x40 [ 422.389003] ? graph_lock+0x170/0x170 [ 422.392803] ? graph_lock+0x170/0x170 [ 422.396593] ? find_held_lock+0x36/0x1c0 [ 422.400639] ? lock_downgrade+0x8e0/0x8e0 [ 422.404772] ? handle_mm_fault+0x8c0/0xc70 [ 422.408989] handle_mm_fault+0x53a/0xc70 [ 422.413042] ? __handle_mm_fault+0x4150/0x4150 [ 422.417611] ? find_vma+0x34/0x190 [ 422.421131] __do_page_fault+0x60b/0xe40 [ 422.425176] ? mm_fault_error+0x380/0x380 [ 422.429305] ? graph_lock+0x170/0x170 [ 422.433086] do_page_fault+0xee/0x8a7 [ 422.436866] ? vmalloc_sync_all+0x30/0x30 [ 422.440994] ? __fget+0x40c/0x650 [ 422.444444] ? find_held_lock+0x36/0x1c0 [ 422.448499] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 422.453342] page_fault+0x25/0x50 [ 422.456798] RIP: 0010:copy_user_generic_unrolled+0x86/0xc0 [ 422.462413] RSP: 0018:ffff88018ecd7ce8 EFLAGS: 00010206 [ 422.467779] RAX: ffffed0031d9afae RBX: 0000000000000018 RCX: 0000000000000003 [ 422.475050] RDX: 0000000000000000 RSI: 0000000020013000 RDI: ffff88018ecd7d58 [ 422.482318] RBP: ffff88018ecd7d20 R08: ffffed0031d9afae R09: ffffed0031d9afab [ 422.489580] R10: ffffed0031d9afad R11: ffff88018ecd7d6f R12: 0000000020013018 [ 422.496829] R13: 0000000020013000 R14: ffff88018ecd7d58 R15: 00007ffffffff000 [ 422.504100] ? _copy_from_user+0x10d/0x150 [ 422.508330] SyS_sigaltstack+0xae/0x320 [ 422.512291] ? do_sigaction+0xa50/0xa50 [ 422.516247] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 422.521765] ? fput+0x130/0x1a0 [ 422.525031] ? ksys_ioctl+0x81/0xd0 [ 422.528648] ? do_syscall_64+0xb7/0x9d0 [ 422.532602] ? do_sigaction+0xa50/0xa50 [ 422.536564] do_syscall_64+0x29e/0x9d0 [ 422.540440] ? kasan_check_write+0x14/0x20 [ 422.544656] ? syscall_return_slowpath+0x5c0/0x5c0 [ 422.549566] ? syscall_return_slowpath+0x30f/0x5c0 [ 422.554477] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 422.559823] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 422.564645] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 422.569816] RIP: 0033:0x4552d9 [ 422.572983] RSP: 002b:00007ff15ecbcc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000083 [ 422.580671] RAX: ffffffffffffffda RBX: 00007ff15ecbd6d4 RCX: 00000000004552d9 [ 422.587920] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000020013000 2018/04/06 11:41:45 executing program 4 (fault-call:5 fault-nth:18): r0 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000200)={r1}, &(0x7f00000000c0)=0x8) close(r0) setsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040), 0x4) perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) write$rdma_cm(0xffffffffffffffff, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080), 0x2}}, 0xfffffe84) setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x0, &(0x7f00000002c0)={0x0, {{0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, [], 0x19}, 0x6c}}, {{0xa, 0x4e20, 0x0, @remote={0xfe, 0x80, [], 0xbb}}}}, 0x108) 2018/04/06 11:41:45 executing program 3: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) fcntl$getownex(0xffffffffffffff9c, 0x10, &(0x7f0000000100)) getpid() fcntl$getown(0xffffffffffffff9c, 0x9) gettid() ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) getpgrp(r0) r1 = memfd_create(&(0x7f0000000080)='em1\x00', 0x2) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000200)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) sigaltstack(&(0x7f0000013000/0x1000)=nil, &(0x7f00000000c0)) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000258f88)) msgsnd(0x0, &(0x7f0000284ff8)={0x3}, 0x0, 0x0) msgctl$IPC_SET(0x0, 0x1, &(0x7f0000000240)={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000640)={'\x00', 0x0}) ioctl$TUNSETIFINDEX(r1, 0x400454da, &(0x7f0000000680)=r3) ioctl$UFFDIO_WAKE(r2, 0x8010aa02, &(0x7f0000000b40)={&(0x7f0000011000/0x4000)=nil, 0x4000}) io_setup(0x1000, &(0x7f0000000040)) io_submit(0x0, 0x2000000000, &(0x7f0000000000)) ioctl$VHOST_RESET_OWNER(r1, 0xaf02, 0x0) 2018/04/06 11:41:45 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000e15000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ctr(blowfish)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000001c0)="71077a51080786060000003712f2d00038016d62ef21bdeb64fc23b9f5e4638d2e313bfac4f7d06e3a626ddd7d12e789eca0575ed4d1f208552acb80e126e1f6296c512b3d72a9fd10863da385c8a90c28cdb7a037b32bbd7b60b422d65c17fc5cbac15f0b44aec888f4a1fb78d253b23ba2b330f0ab9dce783bb27762256a71fe3a76b27cea3af8a9da7eb9e9d1ffc800cd548ca9724f2bf661cf1840105e", 0xfee0) r1 = accept4$alg(r0, 0x0, 0x0, 0x0) sendto(r1, &(0x7f00005c8f58), 0xfffffffffffffeee, 0x0, &(0x7f0000351ff0)=@ipx={0x4, 0x0, 0x0, "a074edebb7e1"}, 0x10) poll(&(0x7f0000000000)=[{r1}], 0x1, 0x0) 2018/04/06 11:41:45 executing program 5: msgget(0x0, 0x0) 2018/04/06 11:41:45 executing program 7: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = memfd_create(&(0x7f0000000100)="6465ef8a", 0x2) ftruncate(r2, 0x0) sendfile(r1, r2, &(0x7f0000001000), 0x400000000fee) ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r2, 0xc0505405, &(0x7f0000000040)={{0x0, 0x3, 0x3, 0x1, 0x3}, 0x80, 0x3fc000, 0x5}) ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f00000000c0)) recvmmsg(r0, &(0x7f0000000800)=[{{&(0x7f0000000140)=@nfc, 0x2cc, &(0x7f0000000940)=[{&(0x7f0000000880)=""/123}], 0x0, &(0x7f0000000680)=""/108, 0xfce4}}, {{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000700)=""/164, 0x109}], 0x3c3}, 0x3}], 0x1b1, 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r2, 0x54a2) 2018/04/06 11:41:45 executing program 2: syz_mount_image$ntfs(&(0x7f0000000440)='ntfs\x00', &(0x7f0000000480)='./bus\x00', 0x0, 0x0, &(0x7f00000006c0), 0x1000, &(0x7f0000000740)=ANY=[]) r0 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) syz_mount_image$hfs(&(0x7f0000001780)='hfs\x00', &(0x7f0000000100)='./bus\x00', 0x0, 0xccf, &(0x7f0000001a40)=[{&(0x7f0000001c00)="c3109cfc6f65b837063b7bbc3d4a7d202d2b9984a215c7b7bd25480c1babe9aadb78e3c53ec529cb288497a5ff7386ab50bc1a8c89", 0x0, 0x401}, {&(0x7f0000001800)="2ddea5d98171285eddea030c82c3ebbbe9ef0086979c4d89f51697a723698cc79f113fca18d8ec8bb4942cb405ffaeeeafc6b09a0aa44324f534c9b7f57352f0c6be30573567dee6adbbdffa5bc32a5b00201e68181092887cf576f0703f060812cd5047561a4c92d2fe195c21c60625c482c212ec431a19596ad1012108999bc75ae3480f0e76a36376ac63a8", 0x0, 0x5}, {&(0x7f00000018c0)="c5530d8833354b18ef6baebf606c24f24d221ae3c07931be7198141ec53fd728927e5f00e021449a33baca2a22cf99667bb62ad1c43215e3f08aaced4246a353f263c0b7595b47c7a50af4436c372f265f8434d31934351c965767c877bce2ca431539e8a01395cb17c6c5e7c94ccf3bafb07d8b5e8c8a7c931e0d769db9d35a00cb5aa0044e6a6a561fd1afe1", 0x0, 0x5}, {&(0x7f0000001ac0)="a6c3452050343eb065584cf53ea65ae330a5f6fabf78091e23a81fecb3775e4b4b863ad23c978b4d06569e6a36869f4d6ab49a561ec1407526f64751bf75483fb2755e3dd399f154e42b71bf2ba4b06f84d08c82013cccce8d83cc8522875560acd751f4f33688881c070e6ef463499ee9e91f792ae72561196b6ba9dc495e6762dbb6f5c913a4aeab57f7ff1fec996193598848aca0c65638fffb8af2141e66a90fe4ae167772c4c599843c560c877e454fdb686a3b7df3bc64de67f0ab300a68bb0beb5a6e2c52ef9e161399bf3a9939b04d804247cd6b3c9682eaf9ba0fdf8721b778b0f8e7905b17a1210b17ce35b1fb4f78497d438165b2019a31462ffaad8347218795323dd876bfaa1f6f7eec0187f0b9e41c54ba73230f635b3f4c2fd658e725afc3135bbb160347c72457a5da34344443b7f7c8ab479f9e63", 0x0, 0x7}], 0x10000, &(0x7f0000000780)=ANY=[]) ioctl$LOOP_SET_CAPACITY(r0, 0x4c07) write$cgroup_pid(r0, &(0x7f0000000040)={[0x0]}, 0x1) write$cgroup_pid(r0, &(0x7f0000000180), 0x1d2) 2018/04/06 11:41:45 executing program 6: socket$inet_udp(0x2, 0x2, 0x0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f000095bffc)={0x0, 0x0, 0xfffffffffffffffc}, 0x4) r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) sendto$inet(r1, &(0x7f0000762fff), 0xfdc7, 0x0, &(0x7f000057bff0)={0x2, 0x4e20, @multicast1=0xe0000001, [0x67840000]}, 0x10) 2018/04/06 11:41:45 executing program 1: r0 = socket(0x0, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) r1 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x0) ioctl$int_in(0xffffffffffffffff, 0x0, &(0x7f0000595ff8)) mmap$binder(&(0x7f00004be000/0x1000)=nil, 0x1000, 0x0, 0x52, r1, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000002c0)={0x0, 0x6}, &(0x7f0000000300)=0xc) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000000200)={0x0, 0x4c, "c064db6291f1f496d726e93ddc1095f0031b41995443ced02175ae246bc36205bde5740604b14eddd97568120d43abb549b3292c11af30445cc3106098c1375dee48494f9360a6dceec8517e"}, &(0x7f00000000c0)=0x54) close(r1) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(r0, 0x1, 0x0, &(0x7f0000000040)=0x54, 0x4) r2 = perf_event_open(&(0x7f000025c000)={0x0, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$alg(0x26, 0x5, 0x0) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000640)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x484, &(0x7f0000000140), &(0x7f0000000180)) close(r3) sendmmsg(0xffffffffffffffff, &(0x7f0000002280)=[{{&(0x7f00000006c0)=@pppoe={0x18, 0x0, {0x3, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, 'ip6tnl0\x00'}}, 0x80, &(0x7f0000000ec0)=[{&(0x7f0000000740)="964616d1dafb11d6d905ea33bd4eaea0dd04eb847bc0a1210ca9456143e31b8ce14caf4a0646bc639707d10aba3e652495977a7a6d3fc41ef6364c47c2266aa410a490f920f407161207ec5352e1ce6c3822d3a2ae063583609298790a58b73fccaac3665dd78ab4a15d4c12a996799f41dc79b9f3d57a627a7517cb0b51c0cecf43519f19db25073246fa0d8e29d209ee94372325d56aa5ae8d45", 0x9b}], 0x1, &(0x7f0000000f40)=[{0x30, 0x103, 0x918, "b9b0597d21d227c112b74fbadc29c742bca992f94f18f93f4a69"}], 0x30, 0x4045}, 0x610}], 0x1, 0x4001) syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x13860b96, 0xa0000) fcntl$getownex(r2, 0x10, &(0x7f0000000680)) [ 422.595548] RBP: 000000000072c010 R08: 0000000000000000 R09: 0000000000000000 [ 422.602798] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 422.610049] R13: 0000000000000608 R14: 00000000006fc160 R15: 0000000000000002 [ 422.672204] FAULT_INJECTION: forcing a failure. [ 422.672204] name failslab, interval 1, probability 0, space 0, times 0 [ 422.683491] CPU: 0 PID: 26047 Comm: syz-executor4 Not tainted 4.16.0+ #3 [ 422.690333] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 422.699684] Call Trace: [ 422.702286] dump_stack+0x1b9/0x294 [ 422.705929] ? dump_stack_print_info.cold.2+0x52/0x52 [ 422.711174] should_fail.cold.4+0xa/0x1a [ 422.715248] ? fault_create_debugfs_attr+0x1f0/0x1f0 2018/04/06 11:41:45 executing program 5: msgget(0x0, 0x600) [ 422.720358] ? __save_stack_trace+0x7e/0xd0 [ 422.724698] ? graph_lock+0x170/0x170 [ 422.728520] ? find_held_lock+0x36/0x1c0 [ 422.732592] ? __lock_is_held+0xb5/0x140 [ 422.736669] ? check_same_owner+0x320/0x320 [ 422.740999] ? do_raw_spin_lock+0xc1/0x200 [ 422.745244] ? rcu_note_context_switch+0x710/0x710 [ 422.750178] ? trace_hardirqs_off+0xd/0x10 [ 422.754426] ? _raw_spin_unlock_irqrestore+0x63/0xc0 [ 422.759539] should_failslab+0x124/0x180 [ 422.763613] __kmalloc+0x2c8/0x760 [ 422.767163] ? mark_held_locks+0xc9/0x160 2018/04/06 11:41:45 executing program 0: r0 = accept4$vsock_stream(0xffffffffffffffff, &(0x7f0000000200)={0x28, 0x0, 0x2711, @my=0x0}, 0x10, 0x80000) ioctl$sock_SIOCINQ(r0, 0x541b, &(0x7f0000000240)) r1 = socket$inet_smc(0x2b, 0x1, 0x0) socketpair(0x10, 0x3, 0x7, &(0x7f0000000040)={0xffffffffffffffff}) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffff9c, 0x84, 0x10, &(0x7f0000000340)=@assoc_value={0x0}, &(0x7f0000000380)=0x8) r4 = socket(0x40000000015, 0x5, 0x0) setsockopt$sock_int(r4, 0x1, 0x8, &(0x7f00006dbffc), 0x4) bind$inet(r4, &(0x7f00008a5ff0)={0x2, 0x4e20, @loopback=0x7f000001}, 0x10) ioctl$int_in(r4, 0x5421, &(0x7f00004cfff8)=0x6) sendto$inet(r4, &(0x7f0000f7db7f)="ba671368d1010000004900000001000000018be49e9301442865319997d0efdb2f54b6a10c7327757482bfce945c2a91fb8dfafc1d3f56bc543ab87321e12cca08a744a2d128b00634bc882151d36809229a96bc3437ef159489384ade077ba295eac2882dbfd3781dd4d4e609c42628dbb709b3eb1fa030009045dd98b9e6d77b6cec9ceb685595d43995e0f04c32260943add79831e661c6a351dedc8b9d220fbf9fb6e44fb6a629ce9a82025124fec9f3ee751f7da0cd7e799be88ddbdac20b48e890ff81d7fa28c2d017d7932f2569038740461accd4582f576e4fdb6150a3399f8266bc19eb943648ad1ad81420ed6c382436e474390c8995e829e4f9df43eed85a60b9ee254e31eb62900857fa134e76cc64880334adbff069a2e5e647d2ed36a96b23834b6f6ca6b8113baf4cf30347fbb7ffc30aea99872cc0dba03b07d3347b2d257edbe2733c26b7337a79962d8ce85469e3bcbe0e4a48a6ae69d13f2d4b5155b390ef67aa714b82b6313ee277cb8986eca5db2e97cb1ae2243bba80274f614ece521baef443394b4c161cb9ae926e21892578b49cfd6efe1cb1572148c10d92218ed73ec116a18de80ac42d2726a4523a764fc6dc356c5fbbf9d2c947ae3bc9a3dc76099f3257c8d5952876151b0326d8cb1d5683ee4ad5ded9a34c00ac1b03f34627ec18a7c2e92c87b7896549cfab5eb55fa85a970994bd4b22b5f0d045e241256d06f485a47b4a55ed389bc1734541232cd41908b5cfa4b8fcfcafce500a0c7ae99767713a98e7927aa69f6ccd7daea62f19ceb82559f41899c9a9aee99113e7e64b5f8b9824be9fdbfa4dd4995673d882bb4daeb64413b334e114965d2ba3cea8051e692508701b9400cb12eae457f8b8549944091b729160939918d8fcae611a5ded665f770db637487a236da1a58ba7566668651a77171fc4fe506496d19059343dbe4f426625d3f2b705f54581372361770bf5a9098a9fafefaf546426b294239ac33e3186e4d58ad2fa995a6ad4dc074e7cca11aead109563b2076c7c6e9f57ec63df960804e2e7f9d8444de9550cca3df7834d864e9777291c2e1f6205de2e43dc995ab8bb1515a365efc2830fa3e7a1dd137f550d6035212bc1f51c3b4ceea430df49ffc9210084ef156ad7e0d219efd6c116693735b44521d389969a3a65617cd2fd6e14060601cee4cd054cf36fe048b57d1d9ee3cad2a73552449926b4a6b03fbe9c0ec68357e1fbe52ed77b67f5870c0aefb7ee8236747e0d67a26725fb515544cbbe8464da94cfd8c0b94bb4e51a263b1749bd0a7cf651931f806d1b928d1f9994f1ad4d50e6a5cd7a8e4e687f8564fdacc864013d095ba9d5709eced3c28eabda476d177a7836400a01e02beeb5a6636d4064fdda344967ad8682d14b87c71727cb66be27d1d39191f4223c545b62fb4860262ba8076a65dbc194cee1df846c584b7bbe9dce6e6895b2cbbb64b03b55548b845cc3de2f939ef918421af9a5e9157e837651245299c03992d0ddee06bd22a31522aca0f309b1feccebc0b1c0ed9d21c19bfd15cd313ff64394fd6a10904890c9f6d646b026f27253e8f584c3ffd20ad67e8b62ed7676706d40bc5c80e376980b", 0x480, 0x0, &(0x7f000069affb)={0x2, 0x4e20, @loopback=0x7f000001}, 0x10) sendto$inet(r4, &(0x7f00004b3fff), 0x0, 0x0, &(0x7f00002b4000)={0x2, 0x4e20, @loopback=0x7f000001}, 0x10) r5 = epoll_create1(0x13ffffffffffff) epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r4, &(0x7f0000f24000)) setsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r2, 0x84, 0xa, &(0x7f0000000280)={0x7fffffff, 0x9b, 0x3, 0x40, 0xfffffffffffffffd, 0x6, 0x90, 0x1, r3}, 0x20) close(r4) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r2, 0x84, 0x72, &(0x7f00000003c0)={r3, 0x6, 0x30}, &(0x7f0000000400)=0xc) listen(r1, 0xff) r6 = accept4(0xffffffffffffffff, &(0x7f0000000080)=@pppol2tpv3in6={0x0, 0x0, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, @remote}}}, &(0x7f0000000180)=0x80, 0x800) accept4$packet(r4, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, &(0x7f0000000140)=0x14, 0x80800) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r6, 0x84, 0x66, &(0x7f00000002c0)={0x0, 0x2}, &(0x7f0000000300)=0x8) setsockopt$inet_tcp_int(r1, 0x6, 0x19, &(0x7f0000000000), 0x4) ioctl$sock_inet_SIOCGIFBRDADDR(r2, 0x8919, &(0x7f00000001c0)={'bridge0\x00', {0x2, 0x4e23, @loopback=0x7f000001}}) [ 422.771314] ? quarantine_put+0xeb/0x190 [ 422.775383] ? constrain_params_by_rules+0x141/0x1360 [ 422.780587] constrain_params_by_rules+0x141/0x1360 [ 422.785608] ? trace_hardirqs_on+0xd/0x10 [ 422.789772] ? snd_pcm_mmap_control_fault+0x3e0/0x3e0 [ 422.794974] ? snd_pcm_mmap_control_fault+0x3e0/0x3e0 [ 422.800176] ? debug_check_no_locks_freed+0x310/0x310 [ 422.805374] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 422.810407] ? find_held_lock+0x36/0x1c0 [ 422.814479] ? lock_downgrade+0x8e0/0x8e0 2018/04/06 11:41:45 executing program 5: msgget(0x0, 0x6000000000000) [ 422.818637] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 422.824181] ? snd_interval_refine+0x428/0x700 [ 422.828773] snd_pcm_hw_refine+0x8e9/0x1180 [ 422.833100] ? snd_interval_refine+0x428/0x700 [ 422.837698] ? constrain_params_by_rules+0x1360/0x1360 [ 422.842978] ? constrain_params_by_rules+0x1360/0x1360 [ 422.848266] ? find_held_lock+0x36/0x1c0 [ 422.852335] ? print_usage_bug+0xc0/0xc0 [ 422.856403] ? graph_lock+0x170/0x170 [ 422.860205] ? lock_downgrade+0x8e0/0x8e0 [ 422.864360] ? lock_release+0xa10/0xa10 [ 422.868347] ? kasan_check_read+0x11/0x20 [ 422.872506] ? __lock_is_held+0xb5/0x140 [ 422.876568] snd_pcm_hw_param_first+0x30e/0x680 [ 422.881240] snd_pcm_hw_params+0x340/0x1e20 [ 422.885571] ? snd_pcm_hw_refine+0x1180/0x1180 [ 422.890164] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 422.895184] ? snd_pcm_hw_param_value+0x112/0x550 [ 422.900036] ? snd_pcm_hw_param_first+0x2eb/0x680 [ 422.904886] ? snd_pcm_hw_param_near.constprop.35+0x6e9/0xb10 [ 422.910780] ? _snd_pcm_hw_param_min+0x570/0x570 [ 422.915543] ? snd_pcm_hw_param_max+0x730/0x730 [ 422.920218] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 422.925415] snd_pcm_kernel_ioctl+0x6c/0x240 [ 422.929831] snd_pcm_oss_change_params_locked+0x1be8/0x3ce0 [ 422.935556] ? snd_pcm_hw_param_near.constprop.35+0xb10/0xb10 [ 422.941449] ? debug_check_no_locks_freed+0x310/0x310 [ 422.946645] ? debug_check_no_locks_freed+0x310/0x310 [ 422.951844] ? check_same_owner+0x320/0x320 [ 422.956174] ? find_held_lock+0x36/0x1c0 [ 422.960244] ? graph_lock+0x170/0x170 [ 422.964054] ? lock_downgrade+0x8e0/0x8e0 [ 422.968211] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 422.973764] ? do_lock_file_wait.part.32+0x240/0x240 [ 422.978884] snd_pcm_oss_change_params+0x80/0xe0 [ 422.983649] snd_pcm_oss_make_ready+0xbe/0x170 [ 422.988249] snd_pcm_oss_sync.isra.29+0x27f/0x980 [ 422.993105] ? snd_pcm_oss_sync1+0x5a0/0x5a0 [ 422.997521] ? fsnotify_first_mark+0x330/0x330 [ 423.002116] snd_pcm_oss_release+0x214/0x290 [ 423.006533] ? snd_pcm_oss_sync.isra.29+0x980/0x980 [ 423.011550] __fput+0x34d/0x890 [ 423.014838] ? fput+0x1a0/0x1a0 [ 423.018126] ? _raw_spin_unlock_irq+0x27/0x70 [ 423.022633] ____fput+0x15/0x20 [ 423.025913] task_work_run+0x1e4/0x290 [ 423.029803] ? task_work_cancel+0x240/0x240 [ 423.034128] ? exit_to_usermode_loop+0x87/0x310 [ 423.038806] exit_to_usermode_loop+0x2bd/0x310 [ 423.043389] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 423.048243] do_syscall_64+0x792/0x9d0 [ 423.052134] ? vmalloc_sync_all+0x30/0x30 [ 423.056287] ? _raw_spin_unlock_irq+0x27/0x70 [ 423.060787] ? finish_task_switch+0x1ca/0x820 [ 423.065292] ? syscall_return_slowpath+0x5c0/0x5c0 [ 423.070224] ? syscall_return_slowpath+0x30f/0x5c0 [ 423.075158] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 423.080526] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 423.085373] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 423.090559] RIP: 0033:0x4552d9 [ 423.093745] RSP: 002b:00007ff8a6ac2c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000003 [ 423.101456] RAX: 0000000000000000 RBX: 00007ff8a6ac36d4 RCX: 00000000004552d9 [ 423.108727] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000013 [ 423.115993] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 423.123257] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014 [ 423.130526] R13: 0000000000000052 R14: 00000000006f3850 R15: 0000000000000012 [ 423.138361] WARNING: CPU: 0 PID: 26047 at sound/core/pcm_native.c:620 snd_pcm_hw_params+0x65a/0x1e20 [ 423.147636] Kernel panic - not syncing: panic_on_warn set ... [ 423.147636] [ 423.155005] CPU: 0 PID: 26047 Comm: syz-executor4 Not tainted 4.16.0+ #3 [ 423.161839] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 423.171188] Call Trace: [ 423.173782] dump_stack+0x1b9/0x294 [ 423.177422] ? dump_stack_print_info.cold.2+0x52/0x52 [ 423.182622] ? snd_pcm_hw_params+0x640/0x1e20 [ 423.187125] panic+0x22f/0x4de [ 423.190312] ? add_taint.cold.5+0x16/0x16 [ 423.194456] ? __warn.cold.8+0x148/0x1a3 [ 423.198521] ? snd_pcm_hw_params+0x65a/0x1e20 [ 423.203021] __warn.cold.8+0x163/0x1a3 [ 423.206914] ? snd_pcm_hw_params+0x65a/0x1e20 [ 423.211413] report_bug+0x252/0x2d0 [ 423.215049] do_error_trap+0x1de/0x490 [ 423.218945] ? math_error+0x420/0x420 [ 423.222757] ? print_usage_bug+0xc0/0xc0 [ 423.226831] ? graph_lock+0x170/0x170 [ 423.230631] ? lock_downgrade+0x8e0/0x8e0 [ 423.234794] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 423.239642] do_invalid_op+0x1b/0x20 [ 423.243351] invalid_op+0x1b/0x40 [ 423.246789] RIP: 0010:snd_pcm_hw_params+0x65a/0x1e20 [ 423.251873] RSP: 0018:ffff8801b76874e0 EFLAGS: 00010246 [ 423.257233] RAX: 0000000000040000 RBX: 00000000fffffff4 RCX: ffffc900032aa000 [ 423.264491] RDX: 0000000000040000 RSI: ffffffff859dfe1a RDI: 0000000000000005 [ 423.271747] RBP: ffff8801b7687730 R08: ffff8801ce2820c0 R09: ffffed003b6046c2 [ 423.279014] R10: ffffed003b6046c2 R11: ffff8801db023613 R12: ffffffff8826349c [ 423.286269] R13: ffff8801cebdfb00 R14: ffff8801b682adc0 R15: dffffc0000000000 [ 423.293532] ? snd_pcm_hw_params+0x65a/0x1e20 [ 423.298034] ? snd_pcm_hw_refine+0x1180/0x1180 [ 423.302621] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 423.307628] ? snd_pcm_hw_param_value+0x112/0x550 [ 423.312481] ? snd_pcm_hw_param_first+0x2eb/0x680 [ 423.317321] ? snd_pcm_hw_param_near.constprop.35+0x6e9/0xb10 [ 423.323189] ? _snd_pcm_hw_param_min+0x570/0x570 [ 423.327932] ? snd_pcm_hw_param_max+0x730/0x730 [ 423.332583] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 423.337759] snd_pcm_kernel_ioctl+0x6c/0x240 [ 423.342160] snd_pcm_oss_change_params_locked+0x1be8/0x3ce0 [ 423.347878] ? snd_pcm_hw_param_near.constprop.35+0xb10/0xb10 [ 423.353755] ? debug_check_no_locks_freed+0x310/0x310 [ 423.358931] ? debug_check_no_locks_freed+0x310/0x310 [ 423.364107] ? check_same_owner+0x320/0x320 [ 423.368422] ? find_held_lock+0x36/0x1c0 [ 423.372482] ? graph_lock+0x170/0x170 [ 423.376274] ? lock_downgrade+0x8e0/0x8e0 [ 423.380402] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 423.385929] ? do_lock_file_wait.part.32+0x240/0x240 [ 423.391027] snd_pcm_oss_change_params+0x80/0xe0 [ 423.395770] snd_pcm_oss_make_ready+0xbe/0x170 [ 423.400346] snd_pcm_oss_sync.isra.29+0x27f/0x980 [ 423.405181] ? snd_pcm_oss_sync1+0x5a0/0x5a0 [ 423.409573] ? fsnotify_first_mark+0x330/0x330 [ 423.414145] snd_pcm_oss_release+0x214/0x290 [ 423.418541] ? snd_pcm_oss_sync.isra.29+0x980/0x980 [ 423.423542] __fput+0x34d/0x890 [ 423.426815] ? fput+0x1a0/0x1a0 [ 423.430095] ? _raw_spin_unlock_irq+0x27/0x70 [ 423.434593] ____fput+0x15/0x20 [ 423.437873] task_work_run+0x1e4/0x290 [ 423.441753] ? task_work_cancel+0x240/0x240 [ 423.446066] ? exit_to_usermode_loop+0x87/0x310 [ 423.450736] exit_to_usermode_loop+0x2bd/0x310 [ 423.455312] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 423.460159] do_syscall_64+0x792/0x9d0 [ 423.464046] ? vmalloc_sync_all+0x30/0x30 [ 423.468197] ? _raw_spin_unlock_irq+0x27/0x70 [ 423.472691] ? finish_task_switch+0x1ca/0x820 [ 423.477175] ? syscall_return_slowpath+0x5c0/0x5c0 [ 423.482092] ? syscall_return_slowpath+0x30f/0x5c0 [ 423.487009] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 423.492364] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 423.497194] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 423.502366] RIP: 0033:0x4552d9 [ 423.505535] RSP: 002b:00007ff8a6ac2c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000003 [ 423.513226] RAX: 0000000000000000 RBX: 00007ff8a6ac36d4 RCX: 00000000004552d9 [ 423.520475] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000013 [ 423.527723] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 423.534972] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014 [ 423.542225] R13: 0000000000000052 R14: 00000000006f3850 R15: 0000000000000012 [ 423.550391] Dumping ftrace buffer: [ 423.554193] (ftrace buffer empty) [ 423.557883] Kernel Offset: disabled [ 423.561489] Rebooting in 86400 seconds..